diff --git a/admin/cheat.php b/admin/cheat.php index 5bc8277..e37d934 100644 --- a/admin/cheat.php +++ b/admin/cheat.php @@ -6,9 +6,9 @@ include '../includes/db.php'; -$user = new UserController; -$cheat = new CheatController; -$admin = new AdminController; +$user = new UserController(); +$cheat = new CheatController(); +$admin = new AdminController(); Session::init(); @@ -18,124 +18,121 @@ Util::head('Admin Panel'); Util::navbar(); -// if post request +// if post request if ($_SERVER['REQUEST_METHOD'] === 'POST') { - - - if (isset($_POST["cheatStatus"])) { - $admin->setCheatStatus(); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat status to " . $_POST['cheatStatus'] . "', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Cheat Status", - "description" => "$username has set the cheat status to " . $_POST['cheatStatus'], - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - if (isset($_POST["cheatMaint"])) { - $admin->setCheatMaint(); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat maintenance to " . $_POST['cheatMaint'] . "', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Cheat Maintenance", - "description" => "$username has set the cheat maintenance to " . $_POST['cheatMaint'], - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - $result = $mysqli->query($sql); - } - - if (isset($_POST["cheatVersion"])) { - $ver = floatval($_POST['version']); - $admin->setCheatVersion($ver); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat version to " . $_POST['version'] . "', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Cheat Version", - "description" => "$username has set the cheat version to " . $_POST['version'], - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - header("location: cheat"); - + if (isset($_POST["cheatStatus"])) { + $admin->setCheatStatus(); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat status to " . $_POST['cheatStatus'] . "', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Cheat Status", + "description" => "$username has set the cheat status to " . $_POST['cheatStatus'], + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + if (isset($_POST["cheatMaint"])) { + $admin->setCheatMaint(); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat maintenance to " . $_POST['cheatMaint'] . "', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Cheat Maintenance", + "description" => "$username has set the cheat maintenance to " . $_POST['cheatMaint'], + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + $result = $mysqli->query($sql); + } + + if (isset($_POST["cheatVersion"])) { + $ver = floatval($_POST['version']); + $admin->setCheatVersion($ver); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set cheat version to " . $_POST['version'] . "', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Cheat Version", + "description" => "$username has set the cheat version to " . $_POST['version'], + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + header("location: cheat"); } -if(isset($_POST['set_motd'])) { - // update motd in cheat table - $motd = $_POST['motd']; - $sql = "UPDATE cheat SET motd = '$motd'"; - $result = mysqli_query($mysqli, $sql); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set MOTD to " . $_POST['motd'] . "', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "MOTD", - "description" => "$username has set the MOTD to " . $_POST['motd'], - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - Util::redirect('/admin/cheat'); +if (isset($_POST['set_motd'])) { + // update motd in cheat table + $motd = $_POST['motd']; + $sql = "UPDATE cheat SET motd = '$motd'"; + $result = mysqli_query($mysqli, $sql); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set MOTD to " . $_POST['motd'] . "', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "MOTD", + "description" => "$username has set the MOTD to " . $_POST['motd'], + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + Util::redirect('/admin/cheat'); } ?> diff --git a/admin/index.php b/admin/index.php index 7496742..b782dd1 100644 --- a/admin/index.php +++ b/admin/index.php @@ -5,8 +5,8 @@ include '../includes/db.php'; -$user = new UserController; -$admin = new AdminController; +$user = new UserController(); +$admin = new AdminController(); Session::init(); diff --git a/admin/invites.php b/admin/invites.php index be04794..c036510 100644 --- a/admin/invites.php +++ b/admin/invites.php @@ -3,8 +3,8 @@ require_once '../app/require.php'; require_once '../app/controllers/AdminController.php'; -$user = new UserController; -$admin = new AdminController; +$user = new UserController(); +$admin = new AdminController(); Session::init(); @@ -18,41 +18,36 @@ Util::head('Admin Panel'); Util::navbar(); -// if post request +// if post request if ($_SERVER['REQUEST_METHOD'] === 'POST') { - - - if (isset($_POST["genInv"])) { - $admin->getInvCodeGen($username); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Generated Invite Code', NOW())"; - $result = $mysqli->query($sql); - - // - $webhook = INVITE_WEBHOOK; - $embed = array( - "title" => "New Invite Code", - "description" => "A new invite code has been generated by $username", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - } - - header("location: invites"); - - + if (isset($_POST["genInv"])) { + $admin->getInvCodeGen($username); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Generated Invite Code', NOW())"; + $result = $mysqli->query($sql); + + // + $webhook = INVITE_WEBHOOK; + $embed = array( + "title" => "New Invite Code", + "description" => "A new invite code has been generated by $username", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + } + + header("location: invites"); } ?> diff --git a/admin/logs.php b/admin/logs.php index a6afb49..0d2f6c2 100644 --- a/admin/logs.php +++ b/admin/logs.php @@ -3,8 +3,8 @@ require_once '../app/require.php'; require_once '../app/controllers/AdminController.php'; -$user = new UserController; -$admin = new AdminController; +$user = new UserController(); +$admin = new AdminController(); Session::init(); @@ -24,25 +24,25 @@ if ($result) { $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Deleted all logs', NOW())"; - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Logs Deleted", - "description" => "$username has deleted all logs", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Logs Deleted", + "description" => "$username has deleted all logs", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); $result = $mysqli->query($sql); Util::redirect('/admin/logs'); diff --git a/admin/sub.php b/admin/sub.php index 4273a5a..4b7e0ff 100644 --- a/admin/sub.php +++ b/admin/sub.php @@ -3,8 +3,8 @@ require_once '../app/require.php'; require_once '../app/controllers/AdminController.php'; -$user = new UserController; -$admin = new AdminController; +$user = new UserController(); +$admin = new AdminController(); include '../includes/db.php'; @@ -18,39 +18,36 @@ Util::head('Admin Panel'); Util::navbar(); -// if post request +// if post request if ($_SERVER['REQUEST_METHOD'] === 'POST') { - - - if (isset($_POST["genSub"])) { - $admin->getSubCodeGen($username); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Generated new sub code', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "New Sub Code", - "description" => "A new sub code has been generated by $username", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - header("location: sub"); - + if (isset($_POST["genSub"])) { + $admin->getSubCodeGen($username); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Generated new sub code', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "New Sub Code", + "description" => "A new sub code has been generated by $username", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + header("location: sub"); } ?> diff --git a/admin/users.php b/admin/users.php index 24cf2ac..30e36aa 100644 --- a/admin/users.php +++ b/admin/users.php @@ -3,8 +3,8 @@ require_once '../app/require.php'; require_once '../app/controllers/AdminController.php'; -$user = new UserController; -$admin = new AdminController; +$user = new UserController(); +$admin = new AdminController(); include '../includes/db.php'; @@ -18,95 +18,93 @@ Util::head('Admin Panel'); Util::navbar(); -// if post request +// if post request if ($_SERVER['REQUEST_METHOD'] === 'POST') { - - if (isset($_POST["resetHWID"])) { - $rowUID = $_POST['resetHWID']; - $admin->resetHWID($rowUID); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Reset HWID from user with id $rowUID', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "HWID Reset", - "description" => "$username has reset the HWID for user with id $rowUID", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - if (isset($_POST["setBanned"])) { - $rowUID = $_POST['setBanned']; - $admin->setBanned($rowUID); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Ban/unban user with id $rowUID', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Ban/Unban", - "description" => "$username has banned/unbanned user with id $rowUID", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - if (isset($_POST["setAdmin"])) { - $rowUID = $_POST['setAdmin']; - $admin->setAdmin($rowUID); - $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set admin / nonadmin user with id $rowUID', NOW())"; - - $webhook = ADMIN_WEBHOOK; - $embed = array( - "title" => "Admin/Non-Admin", - "description" => "$username has set user with id $rowUID as admin", - "color" => 0x00ff00 - ); - $data = array( - "embeds" => array($embed) - ); - $options = array( - 'http' => array( - 'header' => "Content-type: application/json\r\n", - 'method' => 'POST', - 'content' => json_encode($data) - ) - ); - // send webhook - $context = stream_context_create($options); - $result = file_get_contents($webhook, false, $context); - - $result = $mysqli->query($sql); - } - - header("location: users"); - + if (isset($_POST["resetHWID"])) { + $rowUID = $_POST['resetHWID']; + $admin->resetHWID($rowUID); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Reset HWID from user with id $rowUID', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "HWID Reset", + "description" => "$username has reset the HWID for user with id $rowUID", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + if (isset($_POST["setBanned"])) { + $rowUID = $_POST['setBanned']; + $admin->setBanned($rowUID); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Ban/unban user with id $rowUID', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Ban/Unban", + "description" => "$username has banned/unbanned user with id $rowUID", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + if (isset($_POST["setAdmin"])) { + $rowUID = $_POST['setAdmin']; + $admin->setAdmin($rowUID); + $sql = "INSERT INTO `logs` (`log_user`, `log_action`, `log_time`) VALUES ('$username', 'Set admin / nonadmin user with id $rowUID', NOW())"; + + $webhook = ADMIN_WEBHOOK; + $embed = array( + "title" => "Admin/Non-Admin", + "description" => "$username has set user with id $rowUID as admin", + "color" => 0x00ff00 + ); + $data = array( + "embeds" => array($embed) + ); + $options = array( + 'http' => array( + 'header' => "Content-type: application/json\r\n", + 'method' => 'POST', + 'content' => json_encode($data) + ) + ); + // send webhook + $context = stream_context_create($options); + $result = file_get_contents($webhook, false, $context); + + $result = $mysqli->query($sql); + } + + header("location: users"); } ?> diff --git a/admin/vSocket/app.php b/admin/vSocket/app.php index 5e8b90a..be024a1 100644 --- a/admin/vSocket/app.php +++ b/admin/vSocket/app.php @@ -5,7 +5,7 @@ use Ratchet\WebSocket\WsServer; use vSocket\Socket; -require dirname( __FILE__ ) . '/vendor/autoload.php'; +require dirname(__FILE__) . '/vendor/autoload.php'; $server = IoServer::factory( new HttpServer( diff --git a/admin/vSocket/app/socket.php b/admin/vSocket/app/socket.php index 035ffed..085e686 100644 --- a/admin/vSocket/app/socket.php +++ b/admin/vSocket/app/socket.php @@ -5,14 +5,15 @@ use Ratchet\MessageComponentInterface; use Ratchet\ConnectionInterface; -class Socket implements MessageComponentInterface { - +class Socket implements MessageComponentInterface +{ public function __construct() { - $this->clients = new \SplObjectStorage; + $this->clients = new \SplObjectStorage(); } - public function onOpen(ConnectionInterface $conn) { + public function onOpen(ConnectionInterface $conn) + { // Store the new connection in $this->clients $this->clients->attach($conn); @@ -20,21 +21,22 @@ public function onOpen(ConnectionInterface $conn) { echo "New connection! ({$conn->resourceId})\n"; } - public function onMessage(ConnectionInterface $from, $msg) { - - foreach ( $this->clients as $client ) { - - if ( $from->resourceId == $client->resourceId ) { + public function onMessage(ConnectionInterface $from, $msg) + { + foreach ($this->clients as $client) { + if ($from->resourceId == $client->resourceId) { continue; } - $client->send( "Client $from->resourceId said $msg" ); + $client->send("Client $from->resourceId said $msg"); } } - public function onClose(ConnectionInterface $conn) { + public function onClose(ConnectionInterface $conn) + { } - public function onError(ConnectionInterface $conn, \Exception $e) { + public function onError(ConnectionInterface $conn, \Exception $e) + { } } diff --git a/api/auth.php b/api/auth.php index ef16011..690f969 100644 --- a/api/auth.php +++ b/api/auth.php @@ -1,37 +1,31 @@ 'failed', 'error' => 'Missing arguments'); - + $response = array('status' => 'failed', 'error' => 'Missing arguments'); } else { + $username = $_GET['user']; + $passwordHash = $_GET['pass']; + $hwidHash = $_GET['hwid']; + $key = $_GET['key']; - $username = $_GET['user']; - $passwordHash = $_GET['pass']; - $hwidHash = $_GET['hwid']; - $key = $_GET['key']; - - if (API_KEY === $key) { - - // decode - $password = base64_decode($passwordHash); - $hwid = base64_decode($hwidHash); - - $response = $API->getUserAPI($username, $password, $hwid); - - } else { + if (API_KEY === $key) { - $response = array('status' => 'failed', 'error' => 'Invalid API key'); - - } + // decode + $password = base64_decode($passwordHash); + $hwid = base64_decode($hwidHash); + $response = $API->getUserAPI($username, $password, $hwid); + } else { + $response = array('status' => 'failed', 'error' => 'Invalid API key'); + } } -echo (json_encode($response)); +echo(json_encode($response)); diff --git a/api/discord.php b/api/discord.php index 1afce4b..97aea9e 100644 --- a/api/discord.php +++ b/api/discord.php @@ -18,7 +18,7 @@ $tokenURL = 'https://discord.com/api/oauth2/token'; $apiURLBase = 'https://discord.com/api/users/@me'; -$user = new UserController; +$user = new UserController(); Session::init(); @@ -30,80 +30,76 @@ die("You are not logged in. Please login."); } -if(get('code')) { - - $token = apiRequest($tokenURL, array( +if (get('code')) { + $token = apiRequest($tokenURL, array( "grant_type" => "authorization_code", 'client_id' => OAUTH2_CLIENT_ID, 'client_secret' => OAUTH2_CLIENT_SECRET, 'redirect_uri' => 'https://domain/panel/api/discord.php', 'code' => get('code') )); - $logout_token = $token->access_token; - $_SESSION['access_token'] = $token->access_token; + $logout_token = $token->access_token; + $_SESSION['access_token'] = $token->access_token; - header('Location: ' . $_SERVER['PHP_SELF']); + header('Location: ' . $_SERVER['PHP_SELF']); } -if(session('access_token')) { - $user = apiRequest($apiURLBase); - - $headers = array( +if (session('access_token')) { + $user = apiRequest($apiURLBase); + + $headers = array( 'Content-Type: application/json', 'Authorization: Bot OTMxNTU1MDU0MzkyMDc4MzU3.YeGIQA.rh6DpWF9hladlFpccrl59Zj-N4E' // add your bot token here ); - $data = array("access_token" => session('access_token')); + $data = array("access_token" => session('access_token')); $data_string = json_encode($data); - - $url = "https://discord.com/api/guilds/919531932054872065/members/". $user->id; // replace 919531932054872065 with your guild id - $ch = curl_init($url); - curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT"); - curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string); - curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); - curl_exec($ch); - curl_close($ch); - - if ($_SESSION["login"]) { - $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); - $stmt->bind_param("is", $user->id, $username); - $stmt->execute(); - $stmt->close(); - - $role = "919533220641513483"; - } - else if ($_SESSION["admin"]) { - $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); - $stmt->bind_param("is", $user->id, $username); - $stmt->execute(); - $stmt->close(); - - $role = "919533212030623774"; - } - // else if ($_SESSION["reseller"]) { - // $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); - // $stmt->bind_param("is", $user->id, $username); - // $stmt->execute(); - // $stmt->close(); - - // $role = "919533220570210354"; - // } + + $url = "https://discord.com/api/guilds/919531932054872065/members/". $user->id; // replace 919531932054872065 with your guild id + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT"); + curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string); + curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); + curl_exec($ch); + curl_close($ch); + + if ($_SESSION["login"]) { + $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); + $stmt->bind_param("is", $user->id, $username); + $stmt->execute(); + $stmt->close(); + + $role = "919533220641513483"; + } elseif ($_SESSION["admin"]) { + $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); + $stmt->bind_param("is", $user->id, $username); + $stmt->execute(); + $stmt->close(); + + $role = "919533212030623774"; + } + // else if ($_SESSION["reseller"]) { + // $stmt = $mysqli->prepare("UPDATE users SET dcid = ? WHERE username = ?"); + // $stmt->bind_param("is", $user->id, $username); + // $stmt->execute(); + // $stmt->close(); + + // $role = "919533220570210354"; + // } $url = "https://discord.com/api/guilds/919531932054872065/members/". $user->id. "/roles/{$role}"; // replace 919531932054872065 with your guild id $ch = curl_init($url); - curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT"); - curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT"); + curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); - curl_exec($ch); + curl_exec($ch); curl_close($ch); - - } else { - die("Not logged into Discord!"); + die("Not logged into Discord!"); } @@ -122,63 +118,69 @@ // die(); // } -if(get('action') == 'logout') { - $url = "https://discord.com/api/guilds/919531932054872065/members/". $user->id; - $ch = curl_init($url); - curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE"); - curl_setopt($ch, CURLOPT_HTTPHEADER, array( +if (get('action') == 'logout') { + $url = "https://discord.com/api/guilds/919531932054872065/members/". $user->id; + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE"); + curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', 'Authorization: Bot OTMxNTU1MDU0MzkyMDc4MzU3.YeGIQA.rh6DpWF9hladlFpccrl59Zj-N4E' // add your bot token here )); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); - curl_exec($ch); - curl_close($ch); - unset($_SESSION['access_token']); - header('Location: ' . $_SERVER['PHP_SELF']); - die(); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); + curl_exec($ch); + curl_close($ch); + unset($_SESSION['access_token']); + header('Location: ' . $_SERVER['PHP_SELF']); + die(); } -function apiRequest($url, $post=FALSE, $headers=array()) { - $ch = curl_init($url); - curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); +function apiRequest($url, $post=false, $headers=array()) +{ + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - $response = curl_exec($ch); + $response = curl_exec($ch); - if($post) - curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post)); + if ($post) { + curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post)); + } - $headers[] = 'Accept: application/json'; + $headers[] = 'Accept: application/json'; - if(session('access_token')) - $headers[] = 'Authorization: Bearer ' . session('access_token'); + if (session('access_token')) { + $headers[] = 'Authorization: Bearer ' . session('access_token'); + } - curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); + curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); - $response = curl_exec($ch); - return json_decode($response); + $response = curl_exec($ch); + return json_decode($response); } -function logout($url, $data=array()) { - $ch = curl_init($url); - curl_setopt_array($ch, array( - CURLOPT_POST => TRUE, - CURLOPT_RETURNTRANSFER => TRUE, +function logout($url, $data=array()) +{ + $ch = curl_init($url); + curl_setopt_array($ch, array( + CURLOPT_POST => true, + CURLOPT_RETURNTRANSFER => true, CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4, CURLOPT_HTTPHEADER => array('Content-Type: application/x-www-form-urlencoded'), CURLOPT_POSTFIELDS => http_build_query($data), )); - $response = curl_exec($ch); - return json_decode($response); + $response = curl_exec($ch); + return json_decode($response); } -function get($key, $default=NULL) { - return array_key_exists($key, $_GET) ? $_GET[$key] : $default; +function get($key, $default=null) +{ + return array_key_exists($key, $_GET) ? $_GET[$key] : $default; } -function session($key, $default=NULL) { - return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default; +function session($key, $default=null) +{ + return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default; } @@ -247,4 +249,4 @@ function session($key, $default=NULL) {

-'; \ No newline at end of file +'; diff --git a/api/login.php b/api/login.php index f5d4df4..e8c184c 100644 --- a/api/login.php +++ b/api/login.php @@ -17,39 +17,28 @@ $key = base64_decode($_GET['key']); if (empty($username) || empty($password) || empty($hwid) || empty($key)) { - $response = array('status' => 'failed', 'error' => 'Missing arguments'); - } else { - if ($apikey === $key) { - $sql = "SELECT * FROM users WHERE username = '$username'"; $result = $conn->query($sql); $row = $result->fetch_assoc(); if (!$row) { $response = array('status' => 'failed', 'error' => 'Invalid username'); - } else { - $hashedPassword = $row["password"]; if (password_verify($password, $hashedPassword)) { - $result = $mysqli->query("SELECT * FROM users WHERE username = '$auser'"); $row = $result->fetch_assoc(); $sub = $row["sub"]; if ($sub < date("Y-m-d")) { $response = array('status' => 'failed', 'error' => 'Your subscription has expired'); - } else { - - if ($row["hwid"] === NULL) { - + if ($row["hwid"] === null) { $sql = "UPDATE users SET hwid = '$hwid' WHERE username = '$username'"; $result = $conn->query($sql); - } $response = array( @@ -63,15 +52,9 @@ 'createdAt' => $row["createdAt"] ); } - } else { - $response = array('status' => 'failed', 'error' => 'Invalid password'); - } - } - } - -} \ No newline at end of file +} diff --git a/api/stats.php b/api/stats.php index 63b9e01..0358727 100644 --- a/api/stats.php +++ b/api/stats.php @@ -7,4 +7,4 @@ $users = $users->fetch_assoc(); $users = $users['COUNT(*)']; -echo $users; \ No newline at end of file +echo $users; diff --git a/app/classes/DiscordEmbed.php b/app/classes/DiscordEmbed.php index a440022..f84e249 100644 --- a/app/classes/DiscordEmbed.php +++ b/app/classes/DiscordEmbed.php @@ -1,201 +1,233 @@ toJSON(); - } - - public function toArray() { - return (array) $this; - } - - public function toJSON() { - return json_encode($this, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); - } - - private function getBaseURL() { - $scheme = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on") ? "https" : "http"; - $host = $_SERVER["HTTP_HOST"]; - $url = $scheme."://".$host; - return $url; - } - - private function resolveColor($color) { - if ($color) { - if (is_string($color)) { - if ($color == "RANDOM") $color = sprintf('#%06X', mt_rand(0, 0xFFFFFF)); - if (preg_match("/,/", $color)) $color = sprintf("#%02x%02x%02x", ...explode(",", $color)); - $color = hexdec($color); - } - } - return $color; - } - - private function resolveURL($url) { - if (!preg_match("/(http|https)\:\/\//", $url)) { - $self = $_SERVER["PHP_SELF"]; - $selfDir = dirname($self); - $selfDirArr = explode("/", $selfDir); - $filePath = realpath($url); - $fpArr = explode("/", $filePath); - $fpArrLength = count($fpArr); - foreach ($fpArr as $indx => $val) { - if (!$val) continue; - if (in_array($val, $selfDirArr)) { - array_splice($fpArr, 0, $indx); - $url = implode("/", $fpArr); - break; - } else { - if ($fpArrLength - 1 == $indx) $url = $val; +class DiscordEmbed +{ + # DiscordEmbed-PHP + # github.com/renzbobz + # 3/18/21 + + + public function __toString() + { + return $this->toJSON(); + } + + public function toArray() + { + return (array) $this; + } + + public function toJSON() + { + return json_encode($this, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + } + + private function getBaseURL() + { + $scheme = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on") ? "https" : "http"; + $host = $_SERVER["HTTP_HOST"]; + $url = $scheme."://".$host; + return $url; + } + + private function resolveColor($color) + { + if ($color) { + if (is_string($color)) { + if ($color == "RANDOM") { + $color = sprintf('#%06X', mt_rand(0, 0xFFFFFF)); + } + if (preg_match("/,/", $color)) { + $color = sprintf("#%02x%02x%02x", ...explode(",", $color)); + } + $color = hexdec($color); + } + } + return $color; + } + + private function resolveURL($url) + { + if (!preg_match("/(http|https)\:\/\//", $url)) { + $self = $_SERVER["PHP_SELF"]; + $selfDir = dirname($self); + $selfDirArr = explode("/", $selfDir); + $filePath = realpath($url); + $fpArr = explode("/", $filePath); + $fpArrLength = count($fpArr); + foreach ($fpArr as $indx => $val) { + if (!$val) { + continue; + } + if (in_array($val, $selfDirArr)) { + array_splice($fpArr, 0, $indx); + $url = implode("/", $fpArr); + break; + } else { + if ($fpArrLength - 1 == $indx) { + $url = $val; + } + } + } + $url = $this->getBaseURL()."/".$url; + } + return $url; + } + + # TITLE + + public function setTitle($title, $url='') + { + $this->title = $title; + if ($url) { + $this->setURL($url); } - } - $url = $this->getBaseURL()."/".$url; - } - return $url; - } - - # TITLE - - public function setTitle($title, $url='') { - $this->title = $title; - if ($url) $this->setURL($url); - return $this; - } - public function appendTitle($title) { - $this->title = $this->title.$title; - return $this; - } - public function prependTitle($title) { - $this->title = $title.$this->title; - return $this; - } - - # URL - - public function setURL($url='') { - $this->url = $url ? $this->resolveURL($url) : $this->getBaseURL(); - return $this; - } - - # DESCRIPTION - - public function setDescription($desc) { - $this->description = $desc; - return $this; - } - public function appendDescription($desc) { - $this->description = $this->description.$desc; - return $this; - } - public function prependDescription($desc) { - $this->description = $desc.$this->description; - return $this; - } - - # COLOR - - public function setColor($color=0) { - $this->color = $this->resolveColor($color); - return $this; - } - - # TIMESTAMP - - public function setTimestamp($timestamp=0) { - if (!$timestamp) $timestamp = date('c'); - $this->timestamp = $timestamp; - return $this; - } - - # AUTHOR - - public function setAuthor($name, $url='', $icon='') { - $this->author = [ + return $this; + } + public function appendTitle($title) + { + $this->title = $this->title.$title; + return $this; + } + public function prependTitle($title) + { + $this->title = $title.$this->title; + return $this; + } + + # URL + + public function setURL($url='') + { + $this->url = $url ? $this->resolveURL($url) : $this->getBaseURL(); + return $this; + } + + # DESCRIPTION + + public function setDescription($desc) + { + $this->description = $desc; + return $this; + } + public function appendDescription($desc) + { + $this->description = $this->description.$desc; + return $this; + } + public function prependDescription($desc) + { + $this->description = $desc.$this->description; + return $this; + } + + # COLOR + + public function setColor($color=0) + { + $this->color = $this->resolveColor($color); + return $this; + } + + # TIMESTAMP + + public function setTimestamp($timestamp=0) + { + if (!$timestamp) { + $timestamp = date('c'); + } + $this->timestamp = $timestamp; + return $this; + } + + # AUTHOR + + public function setAuthor($name, $url='', $icon='') + { + $this->author = [ 'name' => $name, 'url' => isset($url) && empty($url) ? $this->getBaseURL() : $this->resolveURL($url), 'icon_url' => $icon ? $this->resolveURL($icon) : $icon ]; - return $this; - } - - # THUMBNAIL + return $this; + } + + # THUMBNAIL - public function setThumbnail($url, $height=0, $width=0) { - $this->thumbnail = [ + public function setThumbnail($url, $height=0, $width=0) + { + $this->thumbnail = [ 'url' => $this->resolveURL($url), 'height' => $height, 'width' => $width ]; - return $this; - } - - # IMAGE - - public function setImage($url, $height=0, $width=0) { - $this->image = [ + return $this; + } + + # IMAGE + + public function setImage($url, $height=0, $width=0) + { + $this->image = [ 'url' => $this->resolveURL($url), 'height' => $height, 'width' => $width ]; - return $this; - } - - # FOOTER + return $this; + } + + # FOOTER - public function setFooter($text, $icon='') { - $this->footer = [ + public function setFooter($text, $icon='') + { + $this->footer = [ 'text' => $text, 'icon_url' => $icon ? $this->resolveURL($icon) : $icon ]; - return $this; - } - - # FIELDS - - public function addField($name, $val, $inline=false, $index=null) { - $field = [$name, $val, $inline]; - if (isset($index)) { - $this->spliceFields($index, 0, $field); - } else { - $this->fields[] = $this->formatField(...$field); - } - return $this; - } - - private function formatField($name, $val, $inline=false) { - return [ + return $this; + } + + # FIELDS + + public function addField($name, $val, $inline=false, $index=null) + { + $field = [$name, $val, $inline]; + if (isset($index)) { + $this->spliceFields($index, 0, $field); + } else { + $this->fields[] = $this->formatField(...$field); + } + return $this; + } + + private function formatField($name, $val, $inline=false) + { + return [ 'name' => $name, 'value' => $val, 'inline' => $inline ]; - } - - public function addFields(...$fields) { - foreach ($fields as $field) { - if (empty($field)) continue; - $this->addField(...$field); - } - return $this; - } - - public function spliceFields($index, $deleteCount=0, ...$fields) { - if (!empty($fields)) { - $fields = array_map(function($field) { - return $this->formatField(...$field); - }, $fields); - } - array_splice($this->fields, $index, $deleteCount, $fields); - return $this; - } - -} + } + public function addFields(...$fields) + { + foreach ($fields as $field) { + if (empty($field)) { + continue; + } + $this->addField(...$field); + } + return $this; + } -?> \ No newline at end of file + public function spliceFields($index, $deleteCount=0, ...$fields) + { + if (!empty($fields)) { + $fields = array_map(function ($field) { + return $this->formatField(...$field); + }, $fields); + } + array_splice($this->fields, $index, $deleteCount, $fields); + return $this; + } +} diff --git a/app/controllers/AdminController.php b/app/controllers/AdminController.php index 7c300ac..69548ca 100644 --- a/app/controllers/AdminController.php +++ b/app/controllers/AdminController.php @@ -5,119 +5,103 @@ require_once SITE_ROOT . '/app/models/AdminModel.php'; -class AdminController extends Admin { - - - // - public function getUserArray() { - - return $this->UserArray(); - - } - - - // - public function getInvCodeArray() { - - return $this->invCodeArray(); - - } - - // - public function getLogsArray() { - - return $this->logsArray(); - - } - - // - public function purgeAllLogs() { - - return $this->logsPurge(); - } - - // - public function getSubCodeArray() { +class AdminController extends Admin +{ + // + public function getUserArray() + { + return $this->UserArray(); + } - return $this->subCodeArray(); - } + // + public function getInvCodeArray() + { + return $this->invCodeArray(); + } + // + public function getLogsArray() + { + return $this->logsArray(); + } - // - public function getInvCodeGen($username) { + // + public function purgeAllLogs() + { + return $this->logsPurge(); + } - $code = Util::randomCode(20); - return $this->invCodeGen($code, $username); + // + public function getSubCodeArray() + { + return $this->subCodeArray(); + } - } // - public function getInvWave($username) { + public function getInvCodeGen($username) + { + $code = Util::randomCode(20); + return $this->invCodeGen($code, $username); + } + // + public function getInvWave($username) + { return $this->invWave($username); - } - // - public function getSubCodeGen($username) { - - $code = Util::randomCode(20); - return $this->subCodeGen($code, $username); - - } - - - // - public function resetHWID($uid) { - - return $this->HWID($uid); - - } - - // - public function setBanned($uid) { - - return $this->banned($uid); - - } - - - // - public function setAdmin($uid) { - - return $this->administrator($uid); - - } - - - // - public function setCheatStatus() { + // + public function getSubCodeGen($username) + { + $code = Util::randomCode(20); + return $this->subCodeGen($code, $username); + } - return $this->cheatStatus(); - - } - // - public function setMotd($motd) { - - return $this->motd($motd); + // + public function resetHWID($uid) + { + return $this->HWID($uid); + } - } + // + public function setBanned($uid) + { + return $this->banned($uid); + } - // - public function setCheatMaint() { - return $this->cheatMaint(); + // + public function setAdmin($uid) + { + return $this->administrator($uid); + } - } + // + public function setCheatStatus() + { + return $this->cheatStatus(); + } - // - public function setCheatVersion($data) { + // + public function setMotd($motd) + { + return $this->motd($motd); + } - return $this->cheatVersion($data); + // + public function setCheatMaint() + { + return $this->cheatMaint(); + } - } + // + public function setCheatVersion($data) + { + return $this->cheatVersion($data); + } } diff --git a/app/controllers/ApiController.php b/app/controllers/ApiController.php index 693a848..7a8d290 100644 --- a/app/controllers/ApiController.php +++ b/app/controllers/ApiController.php @@ -5,12 +5,10 @@ require_once SITE_ROOT . '/app/models/ApiModel.php'; -class ApiController extends API { - - public function getUserAPI($username, $password, $hwid) { - - return $this->userAPI($username, $password, $hwid); - - } - -} \ No newline at end of file +class ApiController extends API +{ + public function getUserAPI($username, $password, $hwid) + { + return $this->userAPI($username, $password, $hwid); + } +} diff --git a/app/controllers/CheatController.php b/app/controllers/CheatController.php index dc44e1a..01ed525 100644 --- a/app/controllers/CheatController.php +++ b/app/controllers/CheatController.php @@ -5,11 +5,11 @@ require_once SITE_ROOT . '/app/models/CheatModel.php'; -class CheatController extends Cheat { - - // Get number of users - public function getCheatData() { - return $this->cheatData(); - } - +class CheatController extends Cheat +{ + // Get number of users + public function getCheatData() + { + return $this->cheatData(); + } } diff --git a/app/controllers/ResellerController.php b/app/controllers/ResellerController.php index 06ed5c8..b5b7fdb 100644 --- a/app/controllers/ResellerController.php +++ b/app/controllers/ResellerController.php @@ -5,31 +5,26 @@ require_once SITE_ROOT . '/app/models/ResellerModel.php'; -class ResellerController extends Reseller { - - - // - public function getUserArray() { - - return $this->UserArray(); - - } - - - // - public function getInvCodeArray() { - - return $this->invCodeArray(); - - } - - - // - public function getInvCodeGen($username) { - - $code = Util::randomCode(20); - return $this->invCodeGen($code, $username); - - } - +class ResellerController extends Reseller +{ + // + public function getUserArray() + { + return $this->UserArray(); + } + + + // + public function getInvCodeArray() + { + return $this->invCodeArray(); + } + + + // + public function getInvCodeGen($username) + { + $code = Util::randomCode(20); + return $this->invCodeGen($code, $username); + } } diff --git a/app/controllers/SessionController.php b/app/controllers/SessionController.php index 60f2121..68e5d05 100644 --- a/app/controllers/SessionController.php +++ b/app/controllers/SessionController.php @@ -1,45 +1,38 @@ uid); + Session::set("username", $user->username); + //Session::set("hwid", $user->hwid); + Session::set("admin", (int) $user->admin); + Session::set("banned", (int) $user->banned); + //Session::set("invitedBy", $user->invitedBy); + //Session::set("createdBy", $user->createdBy); + } + + + public function logoutUser() + { + session_unset(); + $_SESSION = array(); + session_destroy(); + } + + + public function registerUser($data) + { + + // Bind login data + $username = trim($data['username']); + $password = $data['password']; + $confirmPassword = $data['confirmPassword']; + $invCode = trim($data['invCode']); + + // Empty error vars + $userError = $passError = ""; + $usernameValidation = "/^[a-zA-Z0-9]*$/"; + + // Validate username on length and letters/numbers + if (empty($username)) { + return $userError = "Please enter a username."; + } elseif (strlen($username) < 3) { + return $userError = "Username is too short."; + } elseif (strlen($username) > 14) { + return $userError = "Username is too long."; + } elseif (!preg_match($usernameValidation, $username)) { + return $userError = "Username must only contain alphanumericals!"; + } else { + + // Check if username exists + $userExists = $this->usernameCheck($username); + if ($userExists) { + return $userError = "Username already exists, try another."; + } + } + + + // Validate password on length + if (empty($password)) { + return $passError = "Please enter a password."; + } elseif (strlen($password) < 4) { + return $passError = "Password is too short."; + } + + + // Validate confirmPassword on length + if (empty($confirmPassword)) { + return $passError = "Please enter a password."; + } elseif ($password != $confirmPassword) { + return $passError = "Passwords do not match, please try again."; + } + + + // Validate invCode + if (empty($invCode)) { + return $invCodeError = "Please enter an invite code."; + } else { + + // Check if invite code is valid + $invCodeExists = $this->invCodeCheck($invCode); + + if (!$invCodeExists) { + return $invCodeError = "Invite code is invalid or already used."; + } + } + + + // Check if all errors are empty + if (empty($userError) && empty($passError) && empty($invCodeError) && empty($userExistsError) && empty($invCodeError)) { + + // Hashing the password + $hashedPassword = password_hash($password, PASSWORD_DEFAULT); + + $result = $this->register($username, $hashedPassword, $invCode); + + // Session start + if ($result) { + Util::redirect('/login.php'); + } else { + return 'Something went wrong.'; + } + } + } + + + public function loginUser($data) + { + + // Bind login data + $username = trim($data['username']); + $password = $data['password']; + + // Empty error vars + $userError = $passError = ""; + + // Validate username + if (empty($username)) { + return $userError = "Please enter a username."; + } + + // Validate password + if (empty($password)) { + return $passError = "Please enter a password."; + } + + // Check if all errors are empty + if (empty($userError) && empty($passError)) { + $result = $this->login($username, $password); + + if ($result) { + + // Session start + $this->createUserSession($result); + Util::redirect('/'); + } else { + return 'Username/Password is wrong.'; + } + } + } + + // resetUserHWID + public function resetuHWID($username) + { + return $this->resetUserHWID($username); + } - public function createUserSession($user) { + public function activateSub($data) + { - //Session::init(); - Session::set("login", true); - Session::set("uid", (int) $user->uid); - Session::set("username", $user->username); - //Session::set("hwid", $user->hwid); - Session::set("admin", (int) $user->admin); - Session::set("banned", (int) $user->banned); - //Session::set("invitedBy", $user->invitedBy); - //Session::set("createdBy", $user->createdBy); + // Bind data + $username = Session::get("username"); + $subCode = $data['subCode']; - } + if (empty($subCode)) { + return 'Please enter a code.'; + } else { + $subCodeExists = $this->subCodeCheck($subCode); + if ($subCodeExists) { + return $this->subscription($subCode, $username); + } else { + return 'Subscription code is invalid.'; + } + } + } - public function logoutUser() { + public function updateUserPass($data) + { - session_unset(); - $_SESSION = array(); - session_destroy(); + // Bind data + $username = Session::get("username"); + $currentPassword = $data['currentPassword']; + $newPassword = $data['newPassword']; + $confirmPassword = $data['confirmPassword']; - } + // Empty error vars + $passError = ""; - public function registerUser($data) { + // Validate password + if (empty($currentPassword)) { + return $passError = "Please enter a password."; + } - // Bind login data - $username = trim($data['username']); - $password = $data['password']; - $confirmPassword = $data['confirmPassword']; - $invCode = trim($data['invCode']); - // Empty error vars - $userError = $passError = ""; - $usernameValidation = "/^[a-zA-Z0-9]*$/"; + if (empty($newPassword)) { + return $passError = "Please enter a password."; + } elseif (strlen($newPassword) < 4) { + return $passError = "Password is too short."; + } - // Validate username on length and letters/numbers - if (empty($username)) { - return $userError = "Please enter a username."; + if (empty($confirmPassword)) { + return $passError = "Please enter a password."; + } elseif ($confirmPassword != $newPassword) { + return $passError = "Passwords do not match, please try again."; + } - } elseif (strlen($username) < 3) { - return $userError = "Username is too short."; + // Check if all errors are empty + if (empty($passError)) { - } elseif (strlen($username) > 14) { + // Hashing the password + $hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT); + $result = $this->updatePass($currentPassword, $hashedPassword, $username); - return $userError = "Username is too long."; + if ($result) { + Util::redirect('/logout.php'); + } else { + return 'Your current does not match.'; + } + } + } - } elseif (!preg_match($usernameValidation, $username)) { + public function getUserDCID() + { + return $this->getDCID(); + } - return $userError = "Username must only contain alphanumericals!"; + public function getUserHWID() + { + return $this->getHWID(); + } - } else { + public function getUserCount() + { + return $this->userCount(); + } - // Check if username exists - $userExists = $this->usernameCheck($username); - if ($userExists) { - return $userError = "Username already exists, try another."; - - } + public function getBannedUserCount() + { + return $this->bannedUserCount(); + } - } - - // Validate password on length - if (empty($password)) { + public function getActiveUserCount() + { + return $this->activeUserCount(); + } - return $passError = "Please enter a password."; - } elseif (strlen($password) < 4) { + public function getNewUser() + { + return $this->newUser(); + } - return $passError = "Password is too short."; - } - - - // Validate confirmPassword on length - if (empty($confirmPassword)) { - - return $passError = "Please enter a password."; - - } elseif ($password != $confirmPassword) { - - return $passError = "Passwords do not match, please try again."; - - } - - - // Validate invCode - if (empty($invCode)) { - - return $invCodeError = "Please enter an invite code."; - - } else { - - // Check if invite code is valid - $invCodeExists = $this->invCodeCheck($invCode); - - if (!$invCodeExists) { - - return $invCodeError = "Invite code is invalid or already used."; - - } - - } - - - // Check if all errors are empty - if (empty($userError) && empty($passError) && empty($invCodeError) && empty($userExistsError) && empty($invCodeError)) { - - // Hashing the password - $hashedPassword = password_hash($password, PASSWORD_DEFAULT); - - $result = $this->register($username, $hashedPassword, $invCode); - - // Session start - if ($result) { - - Util::redirect('/login.php'); - - - - } else { - - return 'Something went wrong.'; - - } - - } - - } - - - public function loginUser($data) { - - // Bind login data - $username = trim($data['username']); - $password = $data['password']; - - // Empty error vars - $userError = $passError = ""; - - // Validate username - if (empty($username)) { - - return $userError = "Please enter a username."; - - } - - // Validate password - if (empty($password)) { - - return $passError = "Please enter a password."; - - } - - // Check if all errors are empty - if (empty($userError) && empty($passError)) { - - $result = $this->login($username, $password); - - if ($result) { - - // Session start - $this->createUserSession($result); - Util::redirect('/'); - - } else { - - return 'Username/Password is wrong.'; - - } - - } - - } - - // resetUserHWID - public function resetuHWID($username) { - - return $this->resetUserHWID($username); - - } - - public function activateSub($data) { - - // Bind data - $username = Session::get("username"); - $subCode = $data['subCode']; - - if (empty($subCode)) { - - return 'Please enter a code.'; - - } else { - - $subCodeExists = $this->subCodeCheck($subCode); - - if ($subCodeExists) { - - return $this->subscription($subCode, $username); - - } else { - - return 'Subscription code is invalid.'; - - } - - } - - } - - public function updateUserPass($data) { - - // Bind data - $username = Session::get("username"); - $currentPassword = $data['currentPassword']; - $newPassword = $data['newPassword']; - $confirmPassword = $data['confirmPassword']; - - // Empty error vars - $passError = ""; - - - // Validate password - if (empty($currentPassword)) { - - return $passError = "Please enter a password."; - - } - - - if (empty($newPassword)) { - - return $passError = "Please enter a password."; - - } elseif (strlen($newPassword) < 4) { - - return $passError = "Password is too short."; - - } - - - if (empty($confirmPassword)) { - - return $passError = "Please enter a password."; - - } elseif ($confirmPassword != $newPassword) { - - return $passError = "Passwords do not match, please try again."; - - } - - - // Check if all errors are empty - if (empty($passError)) { - - // Hashing the password - $hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT); - $result = $this->updatePass($currentPassword, $hashedPassword, $username); - - if ($result) { - - Util::redirect('/logout.php'); - - } else { - - return 'Your current does not match.'; - - } - - } - - } - - public function getUserDCID() { - return $this->getDCID(); - } - - public function getUserHWID() { - return $this->getHWID(); - } - - public function getUserCount() { - return $this->userCount(); - } - - - public function getBannedUserCount() { - return $this->bannedUserCount(); - } - - - public function getActiveUserCount() { - return $this->activeUserCount(); - } - - - public function getNewUser() { - return $this->newUser(); - } - - - public function getSubStatus() { - - // Bind data - $username = Session::get("username"); - return $this->subActiveCheck($username); - - } + public function getSubStatus() + { + // Bind data + $username = Session::get("username"); + return $this->subActiveCheck($username); + } } diff --git a/app/controllers/UtilController.php b/app/controllers/UtilController.php index 2ef2b36..22c9533 100644 --- a/app/controllers/UtilController.php +++ b/app/controllers/UtilController.php @@ -3,95 +3,79 @@ // Extends to NO classes // Only Public methods -class Util { +class Util +{ + public static function redirect($location) + { + header("location:". SUB_DIR.$location); + exit; + } - public static function redirect($location) { - header("location:". SUB_DIR.$location); - exit; + public static function head($title) + { + include(SITE_ROOT . '/includes/head.inc.php'); + } - } + public static function navbar() + { + include(SITE_ROOT . '/includes/navbar.inc.php'); + } - public static function head($title) { - include(SITE_ROOT . '/includes/head.inc.php'); + public static function adminNavbar() + { + include(SITE_ROOT . '/admin/includes/adminNavbar.inc.php'); + } - } + public static function footer() + { + include(SITE_ROOT . '/includes/footer.inc.php'); + } - public static function navbar() { - include(SITE_ROOT . '/includes/navbar.inc.php'); + public static function display($string) + { + echo htmlspecialchars($string); + } - } + // Returns random string + public static function randomCode($int) + { + $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; + $randomString = 'Virty-'; - public static function adminNavbar() { - - include(SITE_ROOT . '/admin/includes/adminNavbar.inc.php'); - - } - - - public static function footer() { - - include(SITE_ROOT . '/includes/footer.inc.php'); - - } - - - public static function display($string) { - - echo htmlspecialchars($string); - - } - - - // Returns random string - public static function randomCode($int) { - - $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; - $randomString = 'Virty-'; - for ($i = 0; $i < $int; $i++) { - $index = rand(0, strlen($characters) - 1); - $randomString .= $characters[$index]; - - } - - return $randomString; + $randomString .= $characters[$index]; + } - } - - // ban check - public static function banCheck() { - - // If user is banned - if (Session::isBanned()) { - - // Prevents infinite redirect loop - if (basename($_SERVER['PHP_SELF']) != 'banned.php') { - - Util::redirect('/banned.php'); - - } - - } - - } - - - // admin check - public static function adminCheck() { - - if (!Session::isAdmin()) { - - Util::redirect('/index.php'); - - } - - } - -} \ No newline at end of file + return $randomString; + } + + // ban check + public static function banCheck() + { + + // If user is banned + if (Session::isBanned()) { + + // Prevents infinite redirect loop + if (basename($_SERVER['PHP_SELF']) != 'banned.php') { + Util::redirect('/banned.php'); + } + } + } + + + // admin check + public static function adminCheck() + { + if (!Session::isAdmin()) { + Util::redirect('/index.php'); + } + } +} diff --git a/app/core/Config.php b/app/core/Config.php index 335943c..a8c8749 100644 --- a/app/core/Config.php +++ b/app/core/Config.php @@ -12,7 +12,7 @@ /** * Folder name should be defined starting with the "/" (slash) - * + * * If you do not plan on having it in a subdomain, * keep '' empty without a "/" (slash) * example: define('SUB_DIR', ''); diff --git a/app/core/Database.php b/app/core/Database.php index 90dcdd8..dc48db3 100644 --- a/app/core/Database.php +++ b/app/core/Database.php @@ -1,43 +1,35 @@ dbHost . ';dbname=' . $this->dbName; - $pdo = new PDO($dsn, $this->dbUser, $this->dbPass); - $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ); - return $pdo; - - } catch(PDOException $e) { - - print "Error!: " . $e->getMessage() . "
"; - die(); - - } - - } - - protected function query($sql) { - - $this->statement = $this->connect()->query($sql); - - } - - protected function prepare($sql) { - - $this->statement = $this->connect()->prepare($sql); - - } - +class Database +{ + private $dbHost = "HOST"; + private $dbUser = "DATABASE USER"; + private $dbPass = "DATABASE PASSWORD"; + private $dbName = "DATABASE NAME"; + + protected $statement; + protected $error; + + protected function connect() + { + try { + $dsn = 'mysql:host=' . $this->dbHost . ';dbname=' . $this->dbName; + $pdo = new PDO($dsn, $this->dbUser, $this->dbPass); + $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ); + return $pdo; + } catch (PDOException $e) { + print "Error!: " . $e->getMessage() . "
"; + die(); + } + } + + protected function query($sql) + { + $this->statement = $this->connect()->query($sql); + } + + protected function prepare($sql) + { + $this->statement = $this->connect()->prepare($sql); + } } diff --git a/app/models/AdminModel.php b/app/models/AdminModel.php index 7767c67..c53379e 100644 --- a/app/models/AdminModel.php +++ b/app/models/AdminModel.php @@ -8,267 +8,205 @@ require_once SITE_ROOT . '/app/core/Database.php'; -class Admin extends Database { - - // Get array of all users - // - includes hashed passwords too. - protected function UserArray() { - - if (Session::isAdmin()) { - - $this->prepare('SELECT * FROM `users` ORDER BY uid ASC'); - $this->statement->execute(); - - $result = $this->statement->fetchAll(); - return $result; - - } - - } - - - // Get array of all invite codes - protected function invCodeArray() { - - if (Session::isAdmin()) { - - $this->prepare('SELECT * FROM `license`'); - $this->statement->execute(); +class Admin extends Database +{ + // Get array of all users + // - includes hashed passwords too. + protected function UserArray() + { + if (Session::isAdmin()) { + $this->prepare('SELECT * FROM `users` ORDER BY uid ASC'); + $this->statement->execute(); - $result = $this->statement->fetchAll(); - return $result; + $result = $this->statement->fetchAll(); + return $result; + } + } - } - } - + // Get array of all invite codes + protected function invCodeArray() + { + if (Session::isAdmin()) { + $this->prepare('SELECT * FROM `license`'); + $this->statement->execute(); - // Create invite code - protected function invCodeGen($code, $createdBy) { + $result = $this->statement->fetchAll(); + return $result; + } + } - if (Session::isAdmin()) { - - $this->prepare('INSERT INTO `license` (`code`, `createdBy`) VALUES (?, ?)'); - $this->statement->execute([$code, $createdBy]); - - } - } + // Create invite code + protected function invCodeGen($code, $createdBy) + { + if (Session::isAdmin()) { + $this->prepare('INSERT INTO `license` (`code`, `createdBy`) VALUES (?, ?)'); + $this->statement->execute([$code, $createdBy]); + } + } // Invite wave - create invite codes and send them to users - protected function invWave($wave) { - + protected function invWave($wave) + { if (Session::isAdmin()) { - $this->prepare('SELECT * FROM `users` WHERE `wave` = ?'); $this->statement->execute([$wave]); $result = $this->statement->fetchAll(); foreach ($result as $row) { - $code = $this->invCodeGen($row['uid'], $row['uid']); $this->prepare('INSERT INTO `invites` (`uid`, `code`, `wave`) VALUES (?, ?, ?)'); $this->statement->execute([$row['uid'], $code, $wave]); - } - } - } - // Get array of all subscription codes - protected function subCodeArray() { - - if (Session::isAdmin()) { - - $this->prepare('SELECT * FROM `subscription`'); - $this->statement->execute(); - - $result = $this->statement->fetchAll(); - return $result; - - } - - } - - - // Create subscription code - protected function subCodeGen($code, $createdBy) { - - if (Session::isAdmin()) { - - $this->prepare('INSERT INTO `subscription` (`code`, `createdBy`) VALUES (?, ?)'); - $this->statement->execute([$code, $createdBy]); - - } - - } - - // Resets HWID - protected function HWID($uid) { - - if (Session::isAdmin()) { - - $this->prepare('UPDATE `users` SET `hwid` = NULL WHERE `uid` = ?'); - $this->statement->execute([$uid]); - - } - - } - - - // Set user ban / unban - protected function banned($uid) { - - if (Session::isAdmin()) { - - $this->prepare('SELECT `banned` FROM `users` WHERE `uid` = ?'); - $this->statement->execute([$uid]); - $result = $this->statement->fetch(); - - if ((int)$result->banned === 0) { - - $this->prepare('UPDATE `users` SET `banned` = 1 WHERE `uid` = ?'); - $this->statement->execute([$uid]); - - } else { - - $this->prepare('UPDATE `users` SET `banned` = 0 WHERE `uid` = ?'); - $this->statement->execute([$uid]); - - } - - } - - } - - - // Set user admin / non admin - protected function administrator($uid) { - - if (Session::isAdmin()) { - - $this->prepare('SELECT `admin` FROM `users` WHERE `uid` = ?'); - $this->statement->execute([$uid]); - $result = $this->statement->fetch(); - - if ((int)$result->admin === 0) { - - $this->prepare('UPDATE `users` SET `admin` = 1 WHERE `uid` = ?'); - $this->statement->execute([$uid]); - - } else { - - $this->prepare('UPDATE `users` SET `admin` = 0 WHERE `uid` = ?'); - $this->statement->execute([$uid]); - - } - - } - - } - - // Logs - protected function logsArray() { - - if (Session::isAdmin()) { - - $this->prepare('SELECT * FROM `logs` ORDER BY id DESC'); - $this->statement->execute(); - $result = $this->statement->fetchAll(); - - return $result; - } - } - - // Purge logs - protected function logsPurge() { - - if (Session::isAdmin()) { - - $this->prepare('DELETE FROM `logs`'); - $this->statement->execute(); - - } - - } - - - // - protected function cheatStatus() { - - if (Session::isAdmin()) { - - $this->prepare('SELECT `status` FROM `cheat`'); - $this->statement->execute(); - $result = $this->statement->fetch(); - - if ((int)$result->status === 0) { - - $this->prepare('UPDATE `cheat` SET `status` = 1'); - $this->statement->execute(); - - } else { - - $this->prepare('UPDATE `cheat` SET `status` = 0'); - $this->statement->execute(); - - } - - } - - } - - - // - protected function cheatMaint() { + // Get array of all subscription codes + protected function subCodeArray() + { + if (Session::isAdmin()) { + $this->prepare('SELECT * FROM `subscription`'); + $this->statement->execute(); - if (Session::isAdmin()) { - - $this->prepare('SELECT `maintenance` FROM `cheat`'); - $this->statement->execute(); - $result = $this->statement->fetch(); + $result = $this->statement->fetchAll(); + return $result; + } + } - if ((int)$result->maintenance === 0) { - $this->prepare('UPDATE `cheat` SET `maintenance` = 1'); - $this->statement->execute(); + // Create subscription code + protected function subCodeGen($code, $createdBy) + { + if (Session::isAdmin()) { + $this->prepare('INSERT INTO `subscription` (`code`, `createdBy`) VALUES (?, ?)'); + $this->statement->execute([$code, $createdBy]); + } + } - } else { + // Resets HWID + protected function HWID($uid) + { + if (Session::isAdmin()) { + $this->prepare('UPDATE `users` SET `hwid` = NULL WHERE `uid` = ?'); + $this->statement->execute([$uid]); + } + } - $this->prepare('UPDATE `cheat` SET `maintenance` = 0'); - $this->statement->execute(); - } - - } + // Set user ban / unban + protected function banned($uid) + { + if (Session::isAdmin()) { + $this->prepare('SELECT `banned` FROM `users` WHERE `uid` = ?'); + $this->statement->execute([$uid]); + $result = $this->statement->fetch(); + + if ((int)$result->banned === 0) { + $this->prepare('UPDATE `users` SET `banned` = 1 WHERE `uid` = ?'); + $this->statement->execute([$uid]); + } else { + $this->prepare('UPDATE `users` SET `banned` = 0 WHERE `uid` = ?'); + $this->statement->execute([$uid]); + } + } + } - } - // - protected function cheatMotd($motd) { - if (Session::isAdmin()) { + // Set user admin / non admin + protected function administrator($uid) + { + if (Session::isAdmin()) { + $this->prepare('SELECT `admin` FROM `users` WHERE `uid` = ?'); + $this->statement->execute([$uid]); + $result = $this->statement->fetch(); + + if ((int)$result->admin === 0) { + $this->prepare('UPDATE `users` SET `admin` = 1 WHERE `uid` = ?'); + $this->statement->execute([$uid]); + } else { + $this->prepare('UPDATE `users` SET `admin` = 0 WHERE `uid` = ?'); + $this->statement->execute([$uid]); + } + } + } - $this->prepare('UPDATE `cheat` SET `motd` = ?'); - $this->statement->execute([$motd]); + // Logs + protected function logsArray() + { + if (Session::isAdmin()) { + $this->prepare('SELECT * FROM `logs` ORDER BY id DESC'); + $this->statement->execute(); + $result = $this->statement->fetchAll(); - } + return $result; + } + } - } + // Purge logs + protected function logsPurge() + { + if (Session::isAdmin()) { + $this->prepare('DELETE FROM `logs`'); + $this->statement->execute(); + } + } - // - protected function cheatVersion($ver) { + // + protected function cheatStatus() + { + if (Session::isAdmin()) { + $this->prepare('SELECT `status` FROM `cheat`'); + $this->statement->execute(); + $result = $this->statement->fetch(); + + if ((int)$result->status === 0) { + $this->prepare('UPDATE `cheat` SET `status` = 1'); + $this->statement->execute(); + } else { + $this->prepare('UPDATE `cheat` SET `status` = 0'); + $this->statement->execute(); + } + } + } - if (Session::isAdmin()) { - $this->prepare('UPDATE `cheat` SET `version` = ?'); - $this->statement->execute([$ver]); - - } + // + protected function cheatMaint() + { + if (Session::isAdmin()) { + $this->prepare('SELECT `maintenance` FROM `cheat`'); + $this->statement->execute(); + $result = $this->statement->fetch(); + + if ((int)$result->maintenance === 0) { + $this->prepare('UPDATE `cheat` SET `maintenance` = 1'); + $this->statement->execute(); + } else { + $this->prepare('UPDATE `cheat` SET `maintenance` = 0'); + $this->statement->execute(); + } + } + } + // + protected function cheatMotd($motd) + { + if (Session::isAdmin()) { + $this->prepare('UPDATE `cheat` SET `motd` = ?'); + $this->statement->execute([$motd]); + } + } - } + // + protected function cheatVersion($ver) + { + if (Session::isAdmin()) { + $this->prepare('UPDATE `cheat` SET `version` = ?'); + $this->statement->execute([$ver]); + } + } } diff --git a/app/models/ApiModel.php b/app/models/ApiModel.php index 7bc8888..44d7d31 100644 --- a/app/models/ApiModel.php +++ b/app/models/ApiModel.php @@ -6,58 +6,49 @@ require_once SITE_ROOT . '/app/core/Database.php'; -class API extends Database { - - protected function userAPI($username, $password, $hwid) { - - // fetch username - $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - $row = $this->statement->fetch(); - - // If username is correct - if ($row) { - - $hashedPassword = $row->password; - - // If password is correct - if (password_verify($password, $hashedPassword)) { - - if ($row->hwid === NULL) { - - $this->prepare('UPDATE `users` SET `hwid` = ? WHERE `username` = ?'); - $this->statement->execute([$hwid, $username]); - - } - - $response = array( - 'status' => 'success', - 'uid' => $row->uid, - 'username' => $row->username, - 'hwid' => $row->hwid, - 'admin' => $row->admin, - 'sub' => $row->sub, - 'banned' => $row->banned, - 'invitedBy' => $row->invitedBy, - 'createdAt' => $row->createdAt - ); - - } else { - - // Wrong pass, user exists - $response = array('status' => 'failed', 'error' => 'Invalid password'); - - } - - } else { - - // Wrong username, user doesnt exists - $response = array('status' => 'failed', 'error' => 'Invalid username'); - - } - - return $response; - - } - -} \ No newline at end of file +class API extends Database +{ + protected function userAPI($username, $password, $hwid) + { + + // fetch username + $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); + $this->statement->execute([$username]); + $row = $this->statement->fetch(); + + // If username is correct + if ($row) { + $hashedPassword = $row->password; + + // If password is correct + if (password_verify($password, $hashedPassword)) { + if ($row->hwid === null) { + $this->prepare('UPDATE `users` SET `hwid` = ? WHERE `username` = ?'); + $this->statement->execute([$hwid, $username]); + } + + $response = array( + 'status' => 'success', + 'uid' => $row->uid, + 'username' => $row->username, + 'hwid' => $row->hwid, + 'admin' => $row->admin, + 'sub' => $row->sub, + 'banned' => $row->banned, + 'invitedBy' => $row->invitedBy, + 'createdAt' => $row->createdAt + ); + } else { + + // Wrong pass, user exists + $response = array('status' => 'failed', 'error' => 'Invalid password'); + } + } else { + + // Wrong username, user doesnt exists + $response = array('status' => 'failed', 'error' => 'Invalid username'); + } + + return $response; + } +} diff --git a/app/models/CheatModel.php b/app/models/CheatModel.php index dded5c7..f79bfbe 100644 --- a/app/models/CheatModel.php +++ b/app/models/CheatModel.php @@ -6,26 +6,24 @@ require_once SITE_ROOT . '/app/core/Database.php'; -class Cheat extends Database { +class Cheat extends Database +{ + // Get Cheat Data + protected function cheatData() + { + $this->prepare('SELECT * FROM `cheat`'); + $this->statement->execute(); + $result = $this->statement->fetch(); - // Get Cheat Data - protected function cheatData() { - $this->prepare('SELECT * FROM `cheat`'); - $this->statement->execute(); - $result = $this->statement->fetch(); + // Status + $result->status = ((int)$result->status === 0) ? 'Online' : 'Offline'; - // Status - $result->status = ((int)$result->status === 0) ? 'Online' : 'Offline'; + // Maintenance + $result->maintenance = ((int)$result->maintenance === 0) ? '-' : 'UNDER'; - - // Maintenance - $result->maintenance = ((int)$result->maintenance === 0) ? '-' : 'UNDER'; - - - return $result; - - } + return $result; + } } diff --git a/app/models/UsersModel.php b/app/models/UsersModel.php index b983c58..9097e5f 100644 --- a/app/models/UsersModel.php +++ b/app/models/UsersModel.php @@ -6,290 +6,243 @@ require_once SITE_ROOT . '/app/core/Database.php'; -class Users extends Database { - - // Check if username exists - protected function usernameCheck($username) { - - $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - - if ($this->statement->rowCount() > 0) { - - return true; - - } else { - - return false; - - } - - } - - - // Check if invite code is valid - protected function invCodeCheck($invCode) { - - $this->prepare('SELECT * FROM `license` WHERE `code` = ?'); - $this->statement->execute([$invCode]); - - if ($this->statement->rowCount() > 0) { - - return true; - - } else { - - return false; - - } - - } - - - // Check if sub code is valid - protected function subCodeCheck($subCode) { - - $this->prepare('SELECT * FROM `subscription` WHERE `code` = ?'); - $this->statement->execute([$subCode]); - - if ($this->statement->rowCount() > 0) { - - return true; - - } else { - - return false; - - } - - } - - // Check if sub is active - protected function subActiveCheck($username) { - - $date = new DateTime(); // Get current date - $currentDate = $date->format('Y-m-d'); // Format Year-Month-Day - - $this->prepare('SELECT `sub` FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - $subTime = $this->statement->fetch(); - - // Pasted from https://www.w3schools.com/php/phptryit.asp?filename=tryphp_func_date_diff - $date1 = date_create($currentDate); // Convert String to date format - $date2 = date_create($subTime->sub); // Convert String to date format - $diff = date_diff($date1, $date2); - return intval($diff->format("%R%a")); - - } - - - // Login - Sends data to DB - protected function login($username, $password) { - - // fetch username - $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - $row = $this->statement->fetch(); - - // If username is correct - if ($row) { - - $hashedPassword = $row->password; - - // If password is correct - if (password_verify($password, $hashedPassword)) { - - return $row; - - } else { - - return false; - - } - - } - - } - - - // Register - Sends data to DB - protected function register($username, $hashedPassword, $invCode) { - - // Get inviter's username - $this->prepare('SELECT `createdBy` FROM `license` WHERE `code` = ?'); - $this->statement->execute([$invCode]); - $row = $this->statement->fetch(); - $inviter = $row->createdBy; - - // Sending the query - Register user - $this->prepare('INSERT INTO `users` (`username`, `password`, `invitedBy`) VALUES (?, ?, ?)'); - - // If user registered - if ($this->statement->execute([$username, $hashedPassword, $inviter])) { - - // Delete invite code // used - $this->prepare('DELETE FROM `license` WHERE `code` = ?'); - $this->statement->execute([$invCode]); - return true; - - } else { - - return false; - - } - - } - - // Upddate user password - protected function updatePass($currentPassword, $hashedPassword, $username) { - - - - $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - $row = $this->statement->fetch(); - - // Fetch current password from database - $currentHashedPassword = $row->password; - - if (password_verify($currentPassword, $currentHashedPassword)) { - - $this->prepare('UPDATE `users` SET `password` = ? WHERE `username` = ?'); - $this->statement->execute([$hashedPassword, $username]); - return true; - - } else { - - return false; - - } - - } - - // Reset HWID - protected function resetUserHWID($username) { - - $time = time(); - $this->prepare('SELECT * FROM `users` WHERE `username` = ?'); - $this->statement->execute([$username]); - $row = $this->statement->fetch(); - $last_reset = $row->last_reset; - if($time - $last_reset < 172800) { - echo '