示例#1
1
 static function send_reset_password($email = null)
 {
     if (Adapter::row_count(Adapter::secure_query('SELECT mail FROM users WHERE mail = :mail', [':mail' => $email])) == 1) {
         $mail = new PHPMailer();
         $mail->IsSMTP();
         $system_settings = unserialize(SYSTEM_SETTINGS);
         $mail->Host = $system_settings['smtp_server'];
         $mail->From = '*****@*****.**';
         $mail->FromName = $system_settings['hotel_name'];
         $mail->AddAddress($email);
         $mail->IsHTML(true);
         $mail->Subject = 'Reset-Password Confirmation';
         $mail->Body = Page::include_content('reset_password', 'others/mail');
         $get_details = Adapter::fetch_object(Adapter::secure_query('SELECT id,username,mail FROM users WHERE mail = :mail', [':mail' => $email]));
         $mail->Body = str_replace('{{mail_username}}', $get_details->username, $mail->Body);
         $mail->Body = str_replace('{{mail_email}}', $get_details->mail, $mail->Body);
         $hash = md5($get_details->mail . '_' . $get_details->username . '_' . rand(0, 9));
         Adapter::secure_query('INSERT INTO cms_restore_password (user_id,user_hash) VALUES (:userid,:userhash)', [':userid' => $get_details->id, ':userhash' => $hash]);
         $mail->Body = str_replace('{{confirm_url}}', $system_settings['global_url'] . '/reset-password/' . $hash, $mail->Body);
         $mail->Body = str_replace('{{hotel_name}}', $system_settings['hotel_name'], $mail->Body);
         $mail->Send();
         $mail->ClearAllRecipients();
         $mail->ClearAttachments();
     }
 }
示例#2
0
 /**
  * function do_validate
  * check if user has permissions
  * @param int $rank
  * @return bool
  */
 static function do_validate($rank = 0)
 {
     @session_start();
     if (isset($_SESSION['hobbanet'])) {
         $arr = unserialize($_SESSION['hobbanet']);
         if (Adapter::row_count(Adapter::secure_query("SELECT * FROM cms_hk_users WHERE username = MD5(:username) AND hash = :hash", [':username' => $arr['username'], ':hash' => $arr['hash']])) == 1) {
             $hash = md5(rand(10, 30 . '-ase-' . rand(40, 60) . '-ase-' . rand(80, 90)));
             Adapter::secure_query("UPDATE cms_hk_users SET hash = :hash WHERE username = MD5(:username)", [':hash' => $hash, ':username' => $arr['username']]);
             $arr = ['username' => $arr['username'], 'hash' => $hash, 'rank' => $arr['rank']];
             $_SESSION['hobbanet'] = serialize($arr);
             if ($arr['rank'] >= $rank) {
                 return true;
             } else {
                 return false;
             }
         } else {
             header("Location: /theallseeingeye/web/login");
             return false;
         }
     } else {
         session_destroy();
         header("Location: /");
         return false;
     }
 }
示例#3
0
 /**
  * function show
  * render and return content
  * @return string
  */
 function show()
 {
     $count = 0;
     $inventory_subscribe = [];
     $region_id = Misc::escape_text($_GET['inventory']);
     foreach (Adapter::secure_query("SELECT * FROM cms_shop_subscriptions WHERE region = :id", [':id' => $region_id]) as $row_a) {
         $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']]));
         $payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'subscription');
         $inventory_subscribe[$count] = new JsonSubscription($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], $row_a['type'], $row_a['icon'], $payment_json);
         $count++;
     }
     $count = 0;
     $countries = [];
     foreach (Adapter::query("SELECT * FROM cms_shop_countries") as $row_a) {
         $countries[$count++] = new JsonCountry($row_a['country_id'], $row_a['country_name'], $row_a['country_locale'], $row_a['country_code']);
     }
     $row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id]));
     $country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']);
     $subscriptions_object = new stdClass();
     $subscriptions_object->selectedCountry = $country_json;
     $subscriptions_object->countries = $countries;
     $subscriptions_object->items = $inventory_subscribe;
     header('Content-type: application/json');
     return json_encode($subscriptions_object);
 }
示例#4
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     header('Content-type: application/json');
     if (!isset($_SESSION['is_newbie'])) {
         return null;
     }
     $code = 'NAME_IN_USE';
     $validation_object = new stdClass();
     $validation_object->validationResult = null;
     $validation_object->suggestions = [];
     if (isset($_GET['aname'])) {
         $name = Misc::escape_text($_GET['aname']);
         $user_id = Data::$user_instance->user_id;
         if (strlen($name) >= 3 && strlen($name) <= 30 && preg_match('`[a-z]`', $name) && substr_count($name, ' ') == 0 && stripos($name, 'MOD_') === false) {
             if (Adapter::row_count(Adapter::secure_query("SELECT username FROM users WHERE username = :username LIMIT 1", [':username' => $name])) == 0 || $name == Data::$user_instance->user_name) {
                 if (Data::$user_instance->is_newbie == 1) {
                     Adapter::secure_query("UPDATE users SET username = :username WHERE id = :userid", [':username' => $name, ':userid' => $user_id]);
                     Adapter::secure_query("UPDATE users SET novato = '2' WHERE id = :userid", [':userid' => $user_id]);
                     Data::user_create_instance($user_id);
                     $code = 'OK';
                 }
             }
         } else {
             $validation_object->validationResult = new stdClass();
             $validation_object->validationResult->resultType = 'VALIDATION_ERROR_ILLEGAL_WORDS';
             $validation_object->validationResult->additionalInfo = 'MOD_';
             $validation_object->validationResult->valid = false;
         }
     }
     $validation_object->code = $code;
     return json_encode($validation_object);
 }
示例#5
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     header('Content-type: application/json');
     $data = json_decode(file_get_contents("php://input"), true);
     Adapter::secure_query('UPDATE users SET hide_online = :hideonline, hide_inroom = :hideinroom, block_newfriends = :blocknewfriends WHERE id = :userid', [':hideonline' => (int) (!$data['onlineStatusVisible']), ':hideinroom' => (int) (!$data['friendCanFollow']), ':blocknewfriends' => (int) (!$data['friendRequestEnabled']), ':userid' => Data::$user_instance->user_id]);
     Data::user_create_instance(Data::$user_instance->user_name);
 }
示例#6
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $photo_id = $_GET['photo_id'];
     $row_a = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE id = :uid LIMIT 1", [':uid' => $photo_id]));
     $photo = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['room_id'], $row_a['date'], $row_a['tags']);
     header('Content-type: application/json');
     return str_replace("\\/", "/", json_encode($photo));
 }
示例#7
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     if (!isset($_SESSION['is_newbie'])) {
         return null;
     }
     Adapter::secure_query("UPDATE users SET look = :look, gender = :gender WHERE id = :userid", [':look' => Misc::escape_text($_GET['afigure']), ':gender' => Misc::escape_text($_GET['agender']), ':userid' => Data::$user_instance->user_id]);
     header('Content-type: application/json');
     return '[' . Data::$user_instance->get_user_data(4) . ']';
 }
示例#8
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $channels = [];
     foreach (Adapter::query("SELECT * FROM cms_stories_channels") as $row_a) {
         $channels[$count++] = new JsonChannels($row_a['id'], $row_a['title'], $row_a['description'], $row_a['tag'], $row_a['title_key'], $row_a['image'], $row_a['url']);
     }
     header('Content-type: application/json');
     return json_encode($channels);
 }
示例#9
0
 /**
  * function show
  * render and return content
  * @return string
  */
 function show()
 {
     $count = 0;
     $countries = [];
     foreach (Adapter::query("SELECT * FROM cms_shop_countries") as $row_a) {
         $countries[$count++] = new JsonCountries($row_a['country_id'], $row_a['country_name'], $row_a['country_locale'], $row_a['country_code']);
     }
     header('Content-type: application/json');
     return json_encode($countries);
 }
示例#10
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $photos = [];
     foreach (Adapter::query("SELECT * FROM cms_stories_photos WHERE type = 'SELFIE'") as $row_a) {
         $photos[$count++] = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['date'], $row_a['tags']);
     }
     header('Content-type: application/json');
     return str_replace("\\/", "/", json_encode($photos));
 }
示例#11
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     if (!INSTALLED) {
         Adapter::secure_query("INSERT INTO cms_hk_users (username,password,rank) VALUES (MD5(:user),MD5(:pass),6);", [':user' => Misc::escape_text($_POST['admin_user']), ':pass' => Misc::escape_text($_POST['admin_pass'])]);
         header("Location: /finish");
         return;
     }
     header("Location: /");
     return;
 }
示例#12
0
 /**
  * function construct
  * get the request controller
  */
 function __construct()
 {
     // set name-types to utf-8 without bom.
     Adapter::query("SET NAMES 'utf8'");
     // route the params
     $this->router_params();
     $this->handle();
     // echo the show of controller
     echo $this->send();
 }
示例#13
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $photos = [];
     $user_id = Misc::escape_text($_GET['user']);
     foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'PHOTO' AND user_id = :uid", [':uid' => $user_id]) as $row_a) {
         $photos[$count++] = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['room_id'], $row_a['date'], $row_a['tags']);
     }
     header('Content-type: application/json');
     return str_replace("\\/", "/", json_encode($photos));
 }
示例#14
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $channels_photos = [];
     $channel = Misc::escape_text($_GET['channel']);
     $channel_id = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE url = :url", [':url' => $channel]));
     foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE channel_id = :id", [':id' => $channel_id['id']]) as $row_a) {
         $channels_photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title']);
     }
     header('Content-type: application/json');
     $channels = new JsonChannels($channel_id['id'], $channel_id['title'], $channel_id['description'], $channel_id['tag'], $channel_id['title_key'], $channel_id['image'], $channel_id['url'], $channels_photos);
     return json_encode($channels);
 }
示例#15
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $data = json_decode(file_get_contents("php://input"), true);
     if (Adapter::row_count(Adapter::secure_query('SELECT * FROM cms_restore_password WHERE user_hash = :userhash LIMIT 1', [':userhash' => $data['token']])) == 1) {
         $get = Adapter::fetch_object(Adapter::secure_query('SELECT * FROM cms_restore_password WHERE user_hash = :userhash LIMIT 1', [':userhash' => $data['token']]));
         $row = Adapter::fetch_object(Adapter::secure_query('SELECT * FROM users WHERE id = :userid LIMIT 1', [':userid' => $get->user_id]));
         $check_object = new stdClass();
         $check_object->email = $row->mail;
         $check_object->name = $row->username;
         return json_encode($check_object);
     }
     header('HTTP/1.1 404 Not Found');
     return null;
 }
示例#16
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $data = json_decode(file_get_contents("php://input"), true);
     if (isset($data['name'])) {
         User::register_user($data, true);
         return null;
     }
     $user_mail = Data::$user_instance->user_email;
     $master = [];
     foreach (Adapter::secure_query("SELECT username FROM users WHERE mail = :usermail", [':usermail' => $user_mail]) as $row) {
         $master[] = json_decode(Data::$user_instance->get_user_data(4, $row['username']), true);
     }
     return json_encode($master);
 }
示例#17
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $data = json_decode(file_get_contents("php://input"), true);
     if (Adapter::row_count(Adapter::secure_query('SELECT * FROM cms_restore_password WHERE user_hash = :userhash LIMIT 1', [':userhash' => $data['token']])) == 1) {
         $get = Adapter::fetch_object(Adapter::secure_query('SELECT * FROM cms_restore_password WHERE user_hash = :userhash LIMIT 1', [':userhash' => $data['token']]));
         $row = Adapter::fetch_object(Adapter::secure_query('SELECT * FROM users WHERE id = :userid LIMIT 1', [':userid' => $get->user_id]));
         $data['currentPassword'] = '';
         User::change_password($data, $row->id, false);
         Adapter::secure_query('DELETE FROM cms_restore_password WHERE user_hash = :userhash', [':userhash' => $data['token']]);
         return null;
     }
     header('HTTP/1.1 404 Not Found');
     return null;
 }
示例#18
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $photos = [];
     $user_id = Misc::escape_text($_GET['user']);
     foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'SELFIE' AND user_id = :uid", [':uid' => $user_id]) as $row_a) {
         $photos[$count++] = new JsonSelfies($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['date'], $row_a['tags']);
     }
     foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE user_id = :uid", [':uid' => $user_id]) as $row_a) {
         $row_b = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE id = :cid", [':cid' => $row_a['channel_id']]));
         $photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title'], $row_b['url'], $row_b['title']);
     }
     header('Content-type: application/json');
     return str_replace("\\/", "/", json_encode($photos));
 }
示例#19
0
 /**
  * function show
  * render and return content
  * @param string $user_name
  * @return mixed|void
  */
 function show($user_name = '')
 {
     header('Content-type: application/json');
     $is_available = false;
     if (isset($user_name)) {
         $name = Misc::escape_text($user_name);
         if (strlen($name) >= 3 && strlen($name) <= 30 && preg_match('`[a-z]`', $name) && substr_count($name, ' ') == 0 && stripos($name, 'MOD_') === false) {
             if (Adapter::row_count(Adapter::secure_query("SELECT username FROM users WHERE username = :username LIMIT 1", [':username' => $name])) == 0 || $name == Data::$user_instance->user_name) {
                 $is_available = true;
             }
         }
     }
     $available_object = new stdClass();
     $available_object->isAvailable = $is_available;
     return json_encode($available_object);
 }
示例#20
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     header('Content-type: application/json');
     header('HTTP/1.1 200 OK');
     if (!isset($_SESSION['is_newbie'])) {
         return;
     }
     if (Data::$user_instance->is_newbie == 0) {
         return;
     }
     if (Data::$user_instance->is_newbie == 1) {
         return;
     }
     $room_index = Misc::escape_text($_GET['aroomIndex']);
     $user_id = Data::$user_instance->user_id;
     $username = Data::$user_instance->user_name;
     if ($room_index == 1) {
         $floor = '610';
         $wallpaper = '2403';
         $landscape = '0.0';
     } elseif ($room_index == 2) {
         $floor = '307';
         $wallpaper = '3104';
         $landscape = '1.10';
     } elseif ($room_index == 3) {
         $floor = '409';
         $wallpaper = '1902';
         $landscape = '0.0';
     }
     if (Data::$user_instance->is_newbie == 2) {
         Adapter::secure_query("INSERT INTO rooms_data\n                                    (roomtype, caption, owner, description, category, state, users_max, model_name, wallpaper, floor, landscape) VALUES\n                                    ('private', :caption, :username, :owner, '2', 'open', '25', 'model_h', :wallpaper, :floor, :landscape)", [':caption' => "Central {$username}", ':username' => $username, ':owner' => "Quarto de {$username}", ':wallpaper' => $wallpaper, ':floor' => $floor, ':landscape' => $landscape]);
         $instance = Adapter::get_instance();
         $room_id = $instance->lastInsertId();
         Adapter::secure_query("UPDATE users SET home_room = :room WHERE id = :user", [':room' => $room_id, ':user' => $user_id]);
         if ($room_index == 3) {
             Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '8', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2946', '', '10', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2666', '3', '6', '7', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2681', '3', '9', '7', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '7', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2675', '0', '5', '10', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '6', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '9', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '6', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3867', '', '7', '2', '1.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '8', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2677', '1', '4', '10', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '8', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '6', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2675', '0', '5', '9', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2672', '1', '4', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2677', '1', '4', '9', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3901', '', '9', '3', '1.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3901', '', '6', '3', '1.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14066', '2', '0', '0', '0.000', '0', ':w=4,8 l=0,27 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14386', '0', '0', '0', '0.000', '0', ':w=4,7 l=5,29 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14071', '0', '0', '0', '0.000', '0', ':w=2,10 l=4,43 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14072', '1', '0', '0', '0.000', '0', ':w=8,1 l=14,27 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14383', '1', '0', '0', '0.000', '0', ':w=6,1 l=5,31 r', '0', '', '0', '0');");
         } elseif ($room_index == 2) {
             Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '2', '3', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '9', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2853', '', '3', '9', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3889', '1', '8', '2', '1.470', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3898', '1', '9', '8', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2487', '', '5', '11', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '0', '8', '8', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4182', '2', '3', '9', '0.800', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '4', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2952', '0', '3', '10', '0.400', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3900', '0', '5', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3302', '', '7', '3', '1.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2502', '0', '3', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2952', '0', '3', '12', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '9', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2955', '', '3', '11', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '8', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '1', '10', '8', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3806', '', '5', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '2', '3', '9', '0.400', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '8', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '1', '8', '9', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3900', '0', '5', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '9', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2955', '', '4', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3312', '0', '8', '3', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '9', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '0', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '8', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '3', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '3', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '8', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8029', '', '0', '0', '0.000', '0', ':w=4,8 l=7,31 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8262', '1', '0', '0', '0.000', '0', ':w=4,5 l=11,33 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '1', '0', '0', '0.000', '0', ':w=7,1 l=9,31 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '1', '0', '0', '0.000', '0', ':w=10,1 l=0,26 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8262', '1', '0', '0', '0.000', '0', ':w=4,3 l=5,37 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8096', '0', '0', '0', '0.000', '0', ':w=2,11 l=5,58 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8029', '', '0', '0', '0.000', '0', ':w=4,8 l=8,31 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8096', '0', '0', '0', '0.000', '0', ':w=2,10 l=10,56 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '3', '0', '0', '0.000', '0', ':w=5,1 l=15,34 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '3', '0', '0', '0.000', '0', ':w=9,1 l=0,26 r', '0', '', '0', '0');");
         } elseif ($room_index == 1) {
             Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3893', '1', '8', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '10', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4636', '', '3', '10', '0.010', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2169', '', '9', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2188', '', '7', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '10', '12', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '5', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3712', '', '9', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3642', '1', '7', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '9', '12', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3632', '4', '9', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '9', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '5', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2228', '', '8', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3632', '4', '6', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '3', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8364', '', '0', '0', '0.000', '0', ':w=2,10 l=1,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8021', '0', '0', '0', '0.000', '0', ':w=4,3 l=12,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8294', '0', '0', '0', '0.000', '0', ':w=2,10 l=2,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8199', '1', '0', '0', '0.000', '0', ':w=4,8 l=0,45 r', '0', '', '0', '0');");
         }
     }
     Adapter::secure_query("UPDATE users SET novato = '0' WHERE username = :username OR id = :userid", [':username' => $username, ':userid' => $user_id]);
     Data::user_create_instance($user_id);
     $_SESSION['is_newbie'] = false;
     return null;
 }
示例#21
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     if (!INSTALLED) {
         if (file_exists(ROOT_PATH . '/api/Gogo.php')) {
             unlink(ROOT_PATH . '/api/Init.php');
             rename(ROOT_PATH . '/api/Gogo.php', ROOT_PATH . '/api/Init.php');
             return '<p>Installation 60% Done.. Please Click to Continue.<input class="confirm-button" onclick="document.location.href=\'/installation\'" type="submit" value="Next"></p>';
         } else {
             Adapter::set_instance(unserialize(DATABASE_SETTINGS));
             $i = Adapter::get_instance();
             $i->exec(file_get_contents(ROOT_PATH . '/etc/cms_sql/sql.sql'));
             return '<p>Installation Successfully! <input class="confirm-button" onclick="document.location.href=\'/administration\'" type="submit" value="Next"></p>';
         }
     }
     header("Location: /");
     return;
 }
示例#22
0
 /**
  * function construct
  * create a controller for notifications
  */
 function __construct()
 {
     $this->input_figure = strtolower($_GET["figure"]);
     $this->input_action = isset($_GET["action"]) ? strtolower($_GET["action"]) : 'std';
     $this->input_direction = isset($_GET["direction"]) ? $_GET["direction"] : 4;
     $this->input_head_direction = isset($_GET["head_direction"]) ? $_GET["head_direction"] : $this->input_direction;
     $this->input_gesture = isset($_GET["gesture"]) ? strtolower($_GET["gesture"]) : 'std';
     $this->input_size = isset($_GET["size"]) ? strtolower($_GET["size"]) : 'n';
     $this->input_format = isset($_GET["img_format"]) ? strtolower($_GET["img_format"]) : 'png';
     $this->input_frame = isset($_GET["frame"]) ? strtolower($_GET["frame"]) : '0';
     $this->input_head_only = isset($_GET["headonly"]) ? $_GET["headonly"] : false;
     if (isset($_GET['user'])) {
         $figure = Adapter::fetch_array(Adapter::secure_query("SELECT look FROM users WHERE username = :username ", ['username' => Misc::escape_text($_GET['user'])]));
         $this->input_figure = $figure['look'];
     }
     $this->input_action = explode(",", $this->input_action);
     $this->input_format = $this->input_format == "gif" ? "gif" : "png";
     $this->input_frame = explode(",", $this->input_frame);
 }
示例#23
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     @session_start();
     $username = Misc::escape_text($_POST['username']);
     $password = Misc::escape_text($_POST['password']);
     if (Adapter::row_count(Adapter::secure_query("SELECT * FROM cms_hk_users WHERE username = MD5(:username) AND password = MD5(:password)", [':username' => $username, ':password' => $password])) == 1) {
         $hash = md5(rand(10, 30 . '-ase-' . rand(40, 60) . '-ase-' . rand(80, 90)));
         Adapter::secure_query("UPDATE cms_hk_users SET hash = :hash WHERE username = MD5(:username)", [':hash' => $hash, ':username' => $username]);
         $row = Adapter::fetch_array(Adapter::secure_query("SELECT rank FROM cms_hk_users WHERE username = MD5(:username)", [':username' => $username]));
         $arr = ['username' => $username, 'hash' => $hash, 'rank' => $row['rank']];
         $_SESSION['hobbanet'] = serialize($arr);
         header("Location: /theallseeingeye/web/index");
         return;
     } else {
         session_destroy();
         header("Location: /theallseeingeye/web/?fail");
         return;
     }
 }
示例#24
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $data = json_decode(file_get_contents("php://input"), true);
     $query = Adapter::secure_query('SELECT * FROM cms_users_verification WHERE user_hash = :userhash', [':userhash' => $data['token']]);
     if (Adapter::row_count($query) == 1) {
         $fetch = Adapter::fetch_object($query);
         Adapter::secure_query('UPDATE cms_users_verification SET verified = :verified WHERE user_hash = :userhash', [':verified' => 'true', ':userhash' => $data['token']]);
         Data::user_create_instance($fetch->user_id);
         $row = Adapter::fetch_object(Adapter::secure_query('SELECT mail FROM users WHERE id = :userid', [':userid' => $fetch->user_id]));
         $activate_object = new stdClass();
         $activate_object->email = $row->mail;
         $activate_object->emailVerified = true;
         $activate_object->identityVerified = true;
         return json_encode($activate_object);
     }
     header('HTTP/1.1 404 Not Found');
     $error_object = new stdClass();
     $error_object->error = 'activation.invalid_token';
     return json_encode($error_object);
 }
示例#25
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $count = 0;
     $inventory_purse = [];
     $region_id = $_GET['inventory'];
     foreach (Adapter::secure_query("SELECT * FROM cms_shop_inventory WHERE region = :id", [':id' => $region_id]) as $row_a) {
         $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']]));
         $payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'online');
         $inventory_purse[$count] = new JsonPurse($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], [0 => $row_a['categories']], $row_a['icon'], $row_a['region'], $payment_json);
         $count++;
     }
     $row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id]));
     $country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']);
     $inventory_object = new stdClass();
     $inventory_object->country = $country_json;
     $inventory_object->paymentCategories = ['online'];
     $inventory_object->pricePoints = $inventory_purse;
     $inventory_object->doubleCredits = true;
     header('Content-type: application/json');
     return json_encode($inventory_object);
 }
示例#26
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $data = json_decode(file_get_contents("php://input"), true);
     $data['currentPassword'] = $data['password'];
     header('Content-type: application/json');
     if (User::change_password($data, Data::$user_instance->user_id, true, false) == true) {
         $query = Adapter::fetch_object(Adapter::secure_query('SELECT trade_lock FROM users WHERE id = :userid', [':userid' => Data::$user_instance->user_id]));
         if ($query->trade_lock == 0) {
             Adapter::secure_query('UPDATE users SET trade_lock = :statusl WHERE id = :userid', [':statusl' => '1', ':userid' => Data::$user_instance->user_id]);
         }
         if (Adapter::row_count(Adapter::secure_query('SELECT * FROM cms_security_questions WHERE user_id = :userid', [':userid' => Data::$user_instance->user_id])) == 0) {
             Adapter::secure_query('INSERT INTO cms_security_questions (user_id,question_one,question_two) VALUES (:userid,:questionone,:questiontwo)', [':questionone' => $data['answer1'], ':questiontwo' => $data['answer2'], ':userid' => Data::$user_instance->user_id]);
         }
         Adapter::secure_query('UPDATE cms_security_questions SET question_one = :questionone, question_two = :questiontwo WHERE user_id = :userid', [':questionone' => $data['answer1'], ':questiontwo' => $data['answer2'], ':userid' => Data::$user_instance->user_id]);
         return null;
     }
     header('HTTP/1.1 400 Bad Request');
     $error_object = new stdClass();
     $error_object->error = 'invalid_password';
     return json_encode($error_object);
 }
示例#27
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     if (!INSTALLED) {
         $database_settings = ['host' => Misc::escape_text($_POST['host_name']), 'user' => Misc::escape_text($_POST['host_user']), 'pass' => Misc::escape_text($_POST['host_pass']), 'name' => Misc::escape_text($_POST['host_db']), 'port' => Misc::escape_text($_POST['host_port']), 'type' => 'mysql'];
         @Adapter::set_instance($database_settings);
         if (array_key_exists('server_ver', Adapter::fetch_array(Adapter::query("SELECT * FROM server_status")))) {
             if (strpos(file_get_contents(ROOT_PATH . "/api/Gogo.php"), '$database_settings = array') == false) {
                 file_put_contents(ROOT_PATH . "/api/Gogo.php", "\n//database settings \n" . '$database_settings = ' . var_export($database_settings, true) . ';', FILE_APPEND);
                 header("Location: /settings");
                 return;
             }
         } else {
             header("Location: /error?db");
             return;
         }
         header("Location: /error?db");
         return;
     }
     header("Location: /");
     return;
 }
示例#28
0
 /**
  * function change mail
  * chgange the email
  * @param array $data
  * @param int $user_id
  * @return bool
  */
 static function change_email($data = [], $user_id = 0)
 {
     if (self::change_password($data, $user_id, true, false) == true) {
         $query_two = Adapter::secure_query("SELECT * FROM users WHERE `mail` = :mail LIMIT 1", [':mail' => Misc::escape_text($data['newEmail'])]);
         if (Adapter::row_count($query_two) == 0) {
             $row_two = Adapter::fetch_array(Adapter::secure_query('SELECT * FROM users WHERE id = :userid', [':userid' => $user_id]));
             Mailer::send_change_email($row_two['mail'], $data['newEmail']);
             Adapter::secure_query("UPDATE cms_azure_id SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
             Adapter::secure_query("UPDATE users SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
             header('HTTP/1.1 204 No Content');
             echo '{"email":"' . Misc::escape_text($data['newEmail']) . '"}';
             return true;
         }
     }
     header('HTTP/1.1 400 Bad Request');
     echo '{"error":"registration_email"}';
     return false;
 }
示例#29
0
 /**
  * function database_is_available
  * check if database is turned on yea modafucka
  * @param int $is_set
  * @return bool
  */
 static function database_is_available($is_set = 0)
 {
     return $is_set == 1 ? Adapter::get_instance() != null ? true : (self::$need_database == true ? true : false) : false;
 }
示例#30
0
 /**
  * function show
  * render and return content
  */
 function show()
 {
     $query = Adapter::fetch_object(Adapter::secure_query('SELECT trade_lock FROM users WHERE id = :userid', [':userid' => Data::$user_instance->user_id]));
     header('Content-type: application/json');
     return $query->trade_lock == 0 ? false : true;
 }