public function remove($accountId, $accessToken)
{
$accountId = helper::clearInt($accountId);
$accessToken = helper::clearText($accessToken);
$accessToken = helper::escapeText($accessToken);
$currentTime = time();
//current time
$stmt = $this->db->prepare("UPDATE access_data SET removeAt = (:removeAt) WHERE accountId = (:accountId) AND accessToken = (:accessToken)");
$stmt->bindParam(":accountId", $accountId, PDO::PARAM_INT);
$stmt->bindParam(":accessToken", $accessToken, PDO::PARAM_STR);
$stmt->bindParam(":removeAt", $currentTime, PDO::PARAM_INT);
if ($stmt->execute()) {
return true;
}
return false;
}
public function signin($username, $password)
{
$access_data = array('error' => true);
$username = helper::clearText($username);
$password = helper::clearText($password);
$stmt = $this->db->prepare("SELECT salt FROM users WHERE login = (:username) LIMIT 1");
$stmt->bindParam(":username", $username, PDO::PARAM_STR);
$stmt->execute();
if ($stmt->rowCount() > 0) {
$row = $stmt->fetch();
$passw_hash = md5(md5($password) . $row['salt']);
$stmt2 = $this->db->prepare("SELECT id, state FROM users WHERE login = (:username) AND passw = (:password) LIMIT 1");
$stmt2->bindParam(":username", $username, PDO::PARAM_STR);
$stmt2->bindParam(":password", $passw_hash, PDO::PARAM_STR);
$stmt2->execute();
if ($stmt2->rowCount() > 0) {
$row2 = $stmt2->fetch();
$access_data = array("error" => false, "error_code" => ERROR_SUCCESS, "accountId" => $row2['id']);
}
}
return $access_data;
}
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$lat = isset($_POST['lat']) ? $_POST['lat'] : '';
$lng = isset($_POST['lng']) ? $_POST['lng'] : '';
$lat = helper::clearText($lat);
$lat = helper::escapeText($lat);
$lng = helper::clearText($lng);
$lng = helper::escapeText($lng);
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$result = array("error" => false, "error_code" => ERROR_SUCCESS);
$geo = new geo($dbo);
$info = $geo->info(helper::ip_addr());
$account = new account($dbo, $accountId);
if (strlen($lat) > 0 && strlen($lng) > 0) {
$result = $account->setGeoLocation($lat, $lng);
} else {
if ($info['geoplugin_status'] == 206) {
$result = $account->setGeoLocation($info['geoplugin_latitude'], $info['geoplugin_longitude']);
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
if (!empty($_POST)) {
$authToken = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$current_passw = isset($_POST['current_passw']) ? $_POST['current_passw'] : '';
$new_passw = isset($_POST['new_passw']) ? $_POST['new_passw'] : '';
$current_passw = helper::clearText($current_passw);
$current_passw = helper::escapeText($current_passw);
$new_passw = helper::clearText($new_passw);
$new_passw = helper::escapeText($new_passw);
if ($authToken === helper::getAuthenticityToken() && !APP_DEMO) {
$admin = new admin($dbo);
$admin->setId(admin::getCurrentAdminId());
$result = $admin->setPassword($current_passw, $new_passw);
if ($result['error'] === false) {
header("Location: /admin/settings.php/?result=success");
exit;
} else {
header("Location: /admin/settings.php/?result=error");
exit;
}
}
header("Location: /admin/settings.php");
exit;
public function isLoginExists($username)
{
if (file_exists("../html/page." . $username . ".inc.php")) {
return true;
}
$username = helper::clearText($username);
$username = helper::escapeText($username);
$stmt = $this->db->prepare("SELECT id FROM users WHERE login = (:username) LIMIT 1");
$stmt->bindParam(":username", $username, PDO::PARAM_STR);
if ($stmt->execute()) {
if ($stmt->rowCount() > 0) {
return true;
}
}
return false;
}
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
$gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$clientId = helper::clearInt($clientId);
$gcm_regId = helper::clearText($gcm_regId);
$username = helper::clearText($username);
$password = helper::clearText($password);
$gcm_regId = helper::escapeText($gcm_regId);
$username = helper::escapeText($username);
$password = helper::escapeText($password);
if ($clientId != CLIENT_ID) {
api::printError(ERROR_UNKNOWN, "Error client Id.");
}
$access_data = array();
$account = new account($dbo);
$access_data = $account->signin($username, $password);
unset($account);
if ($access_data["error"] === false) {
$auth = new auth($dbo);
$access_data = $auth->create($access_data['accountId'], $clientId);
if ($access_data['error'] === false) {
$account = new account($dbo, $access_data['accountId']);
$user_password_repeat = '';
$error_token = false;
$error_username = false;
$error_fullname = false;
$error_password = false;
$error_password_repeat = false;
if (!empty($_POST)) {
$error = false;
$user_username = isset($_POST['user_username']) ? $_POST['user_username'] : '';
$user_password = isset($_POST['user_password']) ? $_POST['user_password'] : '';
$user_fullname = isset($_POST['user_fullname']) ? $_POST['user_fullname'] : '';
$token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$user_username = helper::clearText($user_username);
$user_fullname = helper::clearText($user_fullname);
$user_password = helper::clearText($user_password);
$user_password_repeat = helper::clearText($user_password_repeat);
$user_username = helper::escapeText($user_username);
$user_fullname = helper::escapeText($user_fullname);
$user_password = helper::escapeText($user_password);
$user_password_repeat = helper::escapeText($user_password_repeat);
if (auth::getAuthenticityToken() !== $token) {
$error = true;
$error_token = true;
$error_message[] = 'Error!';
}
if (!helper::isCorrectLogin($user_username)) {
$error = true;
$error_username = true;
$error_message[] = 'Incorrect username.';
}
if (!helper::isCorrectPassword($user_password)) {
$user_year = isset($_POST['year']) ? $_POST['year'] : 0;
$user_month = isset($_POST['month']) ? $_POST['month'] : 0;
$user_day = isset($_POST['day']) ? $_POST['day'] : 0;
$language = isset($_POST['language']) ? $_POST['language'] : '';
$clientId = helper::clearInt($clientId);
$user_sex = helper::clearInt($user_sex);
$user_year = helper::clearInt($user_year);
$user_month = helper::clearInt($user_month);
$user_day = helper::clearInt($user_day);
$facebookId = helper::clearText($facebookId);
$gcm_regId = helper::clearText($gcm_regId);
$username = helper::clearText($username);
$fullname = helper::clearText($fullname);
$password = helper::clearText($password);
$email = helper::clearText($email);
$language = helper::clearText($language);
$facebookId = helper::escapeText($facebookId);
$gcm_regId = helper::escapeText($gcm_regId);
$username = helper::escapeText($username);
$fullname = helper::escapeText($fullname);
$password = helper::escapeText($password);
$email = helper::escapeText($email);
$language = helper::escapeText($language);
if ($clientId != CLIENT_ID) {
api::printError(ERROR_UNKNOWN, "Error client Id.");
}
$result = array("error" => true);
$account = new account($dbo);
$result = $account->signup($username, $fullname, $password, $email, $user_sex, $user_year, $user_month, $user_day);
unset($account);
if ($result['error'] === false) {
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$clientId = helper::clearInt($clientId);
$accountId = helper::clearInt($accountId);
$accessToken = helper::clearText($accessToken);
$accessToken = helper::escapeText($accessToken);
if ($clientId != CLIENT_ID) {
api::printError(ERROR_UNKNOWN, "Error client Id.");
}
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$account = new account($dbo, $accountId);
$account->setFacebookId("");
$result = array("error" => false, "error_code" => ERROR_SUCCESS);
echo json_encode($result);
exit;
}
$personalPriority = helper::clearInt($personalPriority);
$importantInOthers = helper::clearInt($importantInOthers);
$smokingViews = helper::clearInt($smokingViews);
$alcoholViews = helper::clearInt($alcoholViews);
$lookingViews = helper::clearInt($lookingViews);
$interestedViews = helper::clearInt($interestedViews);
$accountId = helper::clearInt($accountId);
$fullname = helper::clearText($fullname);
$fullname = helper::escapeText($fullname);
$location = helper::clearText($location);
$location = helper::escapeText($location);
$facebookPage = helper::clearText($facebookPage);
$facebookPage = helper::escapeText($facebookPage);
$instagramPage = helper::clearText($instagramPage);
$instagramPage = helper::escapeText($instagramPage);
$bio = helper::clearText($bio);
$bio = preg_replace("/[\r\n]+/", " ", $bio);
//replace all new lines to one new line
$bio = preg_replace('/\\s+/', ' ', $bio);
//replace all white spaces to one space
$bio = helper::escapeText($bio);
$sex = helper::clearInt($sex);
$year = helper::clearInt($year);
$month = helper::clearInt($month);
$day = helper::clearInt($day);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$account = new account($dbo, $accountId);
<?php
/*!
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$username = helper::clearText($username);
$username = helper::escapeText($username);
$result = array("error" => true);
if (!$helper->isLoginExists($username)) {
$result = array("error" => false);
}
echo json_encode($result);
exit;
}
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
$stats = new stats($dbo);
$gift = new gift($dbo);
$page_id = "gifts";
$error = false;
$error_message = '';
if (isset($_GET['action'])) {
$action = isset($_GET['action']) ? $_GET['action'] : '';
$id = isset($_GET['id']) ? $_GET['id'] : 0;
$action = helper::clearText($action);
$action = helper::escapeText($action);
$id = helper::clearInt($id);
if (!APP_DEMO) {
switch ($action) {
case 'remove':
$gift->db_remove($id);
header("Location: /admin/gifts.php");
break;
default:
header("Location: /admin/gifts.php");
break;
}
}
}
if (!empty($_POST)) {
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
if (!empty($_POST)) {
$authToken = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$message = isset($_POST['message']) ? $_POST['message'] : '';
$type = isset($_POST['type']) ? $_POST['type'] : 1;
$message = helper::clearText($message);
$message = helper::escapeText($message);
$type = helper::clearInt($type);
if ($authToken === helper::getAuthenticityToken() && !APP_DEMO) {
if (strlen($message) != 0) {
$gcm = new gcm($dbo, 0);
$gcm->setData($type, $message, 0);
$gcm->forAll();
$gcm->send();
}
}
header("Location: /admin/gcm.php");
}
$stats = new stats($dbo);
$page_id = "gcm";
$error = false;
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$profileId = isset($_POST['profileId']) ? $_POST['profileId'] : 0;
$chatId = isset($_POST['chatId']) ? $_POST['chatId'] : 0;
$messageText = isset($_POST['messageText']) ? $_POST['messageText'] : "";
$messageImg = isset($_POST['messageImg']) ? $_POST['messageImg'] : "";
$clientId = helper::clearInt($clientId);
$accountId = helper::clearInt($accountId);
$profileId = helper::clearInt($profileId);
$chatId = helper::clearInt($chatId);
$messageText = helper::clearText($messageText);
$messageText = preg_replace("/[\r\n]+/", "<br>", $messageText);
//replace all new lines to one new line
$messageText = preg_replace('/\\s+/', ' ', $messageText);
//replace all white spaces to one space
$messageText = helper::escapeText($messageText);
$messageImg = helper::clearText($messageImg);
$messageImg = helper::escapeText($messageImg);
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$profile = new profile($dbo, $profileId);
$profile->setRequestFrom($accountId);
$profileInfo = $profile->get();
if ($profileInfo['state'] != ACCOUNT_STATE_ENABLED) {
echo json_encode($result);
exit;
}
if ($profileInfo['allowMessages'] == 0 && $profileInfo['follower'] === false) {
echo json_encode($result);
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
$page_id = "support";
$error = false;
$error_message = '';
$query = '';
$result = array();
$result['id'] = 0;
$result['tickets'] = array();
$support = new support($dbo);
if (isset($_GET['act'])) {
$act = isset($_GET['act']) ? $_GET['act'] : '';
$ticketId = isset($_GET['ticketId']) ? $_GET['ticketId'] : 0;
$token = isset($_GET['access_token']) ? $_GET['access_token'] : '';
$ticketId = helper::clearText($ticketId);
if (admin::getAccessToken() === $token && !APP_DEMO) {
switch ($act) {
case "delete":
$support->removeTicket($ticketId);
header("Location: /admin/support.php");
break;
default:
header("Location: /admin/support.php");
}
}
header("Location: /admin/support.php");
}
$result = $support->getTickets();
$css_files = array("admin.css");
$page_title = "Support";
$accessMode = isset($_POST['accessMode']) ? $_POST['accessMode'] : 0;
$comment = isset($_POST['comment']) ? $_POST['comment'] : "";
$originImgUrl = isset($_POST['originImgUrl']) ? $_POST['originImgUrl'] : "";
$previewImgUrl = isset($_POST['previewImgUrl']) ? $_POST['previewImgUrl'] : "";
$imgUrl = isset($_POST['imgUrl']) ? $_POST['imgUrl'] : "";
$clientId = helper::clearInt($clientId);
$accountId = helper::clearInt($accountId);
$accessMode = helper::clearInt($accessMode);
$comment = helper::clearText($comment);
$comment = preg_replace("/[\r\n]+/", "<br>", $comment);
//replace all new lines to one new line
$comment = preg_replace('/\\s+/', ' ', $comment);
//replace all white spaces to one space
$comment = helper::escapeText($comment);
$originImgUrl = helper::clearText($originImgUrl);
$originImgUrl = helper::escapeText($originImgUrl);
$previewImgUrl = helper::clearText($previewImgUrl);
$previewImgUrl = helper::escapeText($previewImgUrl);
$imgUrl = helper::clearText($imgUrl);
$imgUrl = helper::escapeText($imgUrl);
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$photos = new photos($dbo);
$photos->setRequestFrom($accountId);
$result = $photos->add($accessMode, $comment, $originImgUrl, $previewImgUrl, $imgUrl);
echo json_encode($result);
exit;
}
<?php
/*!
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$currentPassword = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
$currentPassword = helper::clearText($currentPassword);
$currentPassword = helper::escapeText($currentPassword);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$account = new account($dbo, $accountId);
$result = $account->deactivation($currentPassword);
echo json_encode($result);
exit;
}
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : "";
$subject = isset($_POST['subject']) ? $_POST['subject'] : "";
$detail = isset($_POST['detail']) ? $_POST['detail'] : "";
$clientId = helper::clearInt($clientId);
$accountId = helper::clearInt($accountId);
$email = helper::clearText($email);
$email = helper::escapeText($email);
$subject = helper::clearText($subject);
$subject = helper::escapeText($subject);
$detail = helper::clearText($detail);
$detail = helper::escapeText($detail);
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$support = new support($dbo);
$support->setRequestFrom($accountId);
$result = $support->createTicket($accountId, $email, $subject, $detail, $clientId);
echo json_encode($result);
exit;
}
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
header("Location: /admin/login.php");
}
$page_id = "search";
$error = false;
$error_message = '';
$query = '';
$result = array();
$result['users'] = array();
$stats = new stats($dbo);
$settings = new settings($dbo);
$admin = new admin($dbo);
if (isset($_GET['query'])) {
$query = isset($_GET['query']) ? $_GET['query'] : '';
$query = helper::clearText($query);
$query = helper::escapeText($query);
if (strlen($query) > 2) {
$result = $stats->searchAccounts(0, $query);
}
}
helper::newAuthenticityToken();
$css_files = array("admin.css");
$page_title = "Users";
include_once $_SERVER['DOCUMENT_ROOT'] . "/common/header.inc.php";
?>
<body class="bg_gray">
<div id="page_wrap">
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
$gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
$facebookId = isset($_POST['facebookId']) ? $_POST['facebookId'] : '';
$clientId = helper::clearInt($clientId);
$gcm_regId = helper::clearText($gcm_regId);
$gcm_regId = helper::escapeText($gcm_regId);
$facebookId = helper::clearText($facebookId);
$facebookId = helper::escapeText($facebookId);
$access_data = array("error" => true, "error_code" => ERROR_UNKNOWN);
$helper = new helper($dbo);
$accountId = $helper->getUserIdByFacebook($facebookId);
if ($accountId != 0) {
$auth = new auth($dbo);
$access_data = $auth->create($accountId, $clientId);
if ($access_data['error'] === false) {
$account = new account($dbo, $accountId);
$account->setState(ACCOUNT_STATE_ENABLED);
$account->setLastActive();
$access_data['account'] = array();
array_push($access_data['account'], $account->get());
if (strlen($gcm_regId) != 0) {
$account->setGCM_regId($gcm_regId);
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (admin::isSession()) {
header("Location: /admin/main.php");
}
$page_id = "login";
$user_username = '';
$error = false;
$error_message = '';
if (!empty($_POST)) {
$user_username = isset($_POST['user_username']) ? $_POST['user_username'] : '';
$user_password = isset($_POST['user_password']) ? $_POST['user_password'] : '';
$token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$user_username = helper::clearText($user_username);
$user_password = helper::clearText($user_password);
$user_username = helper::escapeText($user_username);
$user_password = helper::escapeText($user_password);
if (helper::getAuthenticityToken() !== $token) {
$error = true;
$error_message = 'Error!';
}
if (!$error) {
$access_data = array();
$admin = new admin($dbo);
$access_data = $admin->signin($user_username, $user_password);
if ($access_data['error'] === false) {
$clientId = 0;
// Desktop version
admin::createAccessToken();
admin::setSession($access_data['accountId'], admin::getAccessToken());
$balance = isset($_POST['balance']) ? $_POST['balance'] : 0;
$fb_page = isset($_POST['fb_page']) ? $_POST['fb_page'] : '';
$instagram_page = isset($_POST['instagram_page']) ? $_POST['instagram_page'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$username = helper::clearText($username);
$username = helper::escapeText($username);
$fullname = helper::clearText($fullname);
$fullname = helper::escapeText($fullname);
$location = helper::clearText($location);
$location = helper::escapeText($location);
$balance = helper::clearInt($balance);
$fb_page = helper::clearText($fb_page);
$fb_page = helper::escapeText($fb_page);
$instagram_page = helper::clearText($instagram_page);
$instagram_page = helper::escapeText($instagram_page);
$email = helper::clearText($email);
$email = helper::escapeText($email);
if ($authToken === helper::getAuthenticityToken()) {
$account->setUsername($username);
$account->setFullname($fullname);
$account->setLocation($location);
$account->setBalance($balance);
$account->setFacebookPage($fb_page);
$account->setInstagramPage($instagram_page);
$account->setEmail($email);
}
}
header("Location: /admin/profile.php/?id=" . $accountInfo['id']);
exit;
}
}
<?php
/*!
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
$gcm_regId = helper::clearText($gcm_regId);
$gcm_regId = helper::escapeText($gcm_regId);
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$account = new account($dbo, $accountId);
$result = $account->setGCM_regId($gcm_regId);
echo json_encode($result);
exit;
}
<?php
/*!
* ifsoft.co.uk engine v1.0
*
* http://ifsoft.com.ua, http://ifsoft.co.uk
* qascript@ifsoft.co.uk
*
* Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
*/
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
$accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
$accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
$currentPassword = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
$newPassword = isset($_POST['newPassword']) ? $_POST['newPassword'] : '';
$currentPassword = helper::clearText($currentPassword);
$currentPassword = helper::escapeText($currentPassword);
$newPassword = helper::clearText($newPassword);
$newPassword = helper::escapeText($newPassword);
$auth = new auth($dbo);
if (!$auth->authorize($accountId, $accessToken)) {
api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
}
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$account = new account($dbo, $accountId);
$result = $account->setPassword($currentPassword, $newPassword);
echo json_encode($result);
exit;
}