API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 13th, 2014
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 18.48 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once 'Flux/BaseServer.php';
  3. require_once 'Flux/RegisterError.php';
  4.  
  5. /**
  6.  * Represents an rAthena Login Server.
  7.  */
  8. class Flux_LoginServer extends Flux_BaseServer {
  9.     /**
  10.      * Connection to the MySQL server.
  11.      *
  12.      * @access public
  13.      * @var Flux_Connection
  14.      */
  15.     public $connection;
  16.    
  17.     /**
  18.      * Login server database.
  19.      *
  20.      * @access public
  21.      * @var string
  22.      */
  23.     public $loginDatabase;
  24.    
  25.     /**
  26.      * Logs database. (is not set until setConnection() is called.)
  27.      *
  28.      * @access public
  29.      * @var string
  30.      */
  31.     public $logsDatabase;
  32.    
  33.     /**
  34.      * Overridden to add custom properties.
  35.      *
  36.      * @access public
  37.      */
  38.     public function __construct(Flux_Config $config)
  39.     {
  40.         parent::__construct($config);
  41.         $this->loginDatabase = $config->getDatabase();
  42.     }
  43.    
  44.     /**
  45.      * Set the connection object to be used for this LoginServer instance.
  46.      *
  47.      * @param Flux_Connection $connection
  48.      * @return Flux_Connection
  49.      * @access public
  50.      */
  51.     public function setConnection(Flux_Connection $connection)
  52.     {
  53.         $this->connection   = $connection;
  54.         $this->logsDatabase = $connection->logsDbConfig->getDatabase();
  55.        
  56.         return $connection;
  57.     }
  58.    
  59.     /**
  60.      * Validate credentials against the login server's database information.
  61.      *
  62.      * @param string $username Ragnarok account username.
  63.      * @param string $password Ragnarok account password.
  64.      * @return bool True/false if valid or invalid.
  65.      * @access public
  66.      */
  67.     public function isAuth($username, $password)
  68.     {
  69.         if ($this->config->get('UseMD5')) {
  70.             $password = Flux::hashPassword($password);
  71.         }
  72.        
  73.         if (trim($username) == '' || trim($password) == '') {
  74.             return false;
  75.         }
  76.        
  77.         $sql  = "SELECT userid FROM {$this->loginDatabase}.login WHERE sex != 'S' AND group_id >= 0 ";
  78.         if ($this->config->getNoCase()) {
  79.             $sql .= 'AND LOWER(userid) = LOWER(?) ';
  80.         }
  81.         else {
  82.             $sql .= 'AND CAST(userid AS BINARY) = ? ';
  83.         }
  84.         $sql .= "AND user_pass = ? LIMIT 1";
  85.         $sth  = $this->connection->getStatement($sql);
  86.         $sth->execute(array($username, $password));
  87.        
  88.         $res = $sth->fetch();
  89.         if ($res) {
  90.             return true;
  91.         }
  92.         else {
  93.             return false;
  94.         }
  95.     }
  96.    
  97.     /**
  98.      *
  99.      */
  100.     public function register($username, $password, $confirmPassword, $email,$email2, $gender, $birthdate, $securityCode, $new_field)
  101.     {
  102.         if (preg_match('/^[^' . Flux::config('UsernameAllowedChars') . ']$/', $username)) {
  103.             throw new Flux_RegisterError('Invalid character(s) used in username', Flux_RegisterError::INVALID_USERNAME);
  104.         }
  105.         elseif (strlen($username) < Flux::config('MinUsernameLength')) {
  106.             throw new Flux_RegisterError('Username is too short', Flux_RegisterError::USERNAME_TOO_SHORT);
  107.         }
  108.         elseif (strlen($username) > Flux::config('MaxUsernameLength')) {
  109.             throw new Flux_RegisterError('Username is too long', Flux_RegisterError::USERNAME_TOO_LONG);
  110.         }
  111.         elseif (!Flux::config('AllowUserInPassword') && stripos($password, $username) !== false) {
  112.             throw new Flux_RegisterError('Password contains username', Flux_RegisterError::USERNAME_IN_PASSWORD);
  113.         }
  114.         elseif (!ctype_graph($password)) {
  115.             throw new Flux_RegisterError('Invalid character(s) used in password', Flux_RegisterError::INVALID_PASSWORD);
  116.         }
  117.         elseif (strlen($password) < Flux::config('MinPasswordLength')) {
  118.             throw new Flux_RegisterError('Password is too short', Flux_RegisterError::PASSWORD_TOO_SHORT);
  119.         }
  120.         elseif (strlen($password) > Flux::config('MaxPasswordLength')) {
  121.             throw new Flux_RegisterError('Password is too long', Flux_RegisterError::PASSWORD_TOO_LONG);
  122.         }
  123.         elseif ($password !== $confirmPassword) {
  124.             throw new Flux_RegisterError('Passwords do not match', Flux_RegisterError::PASSWORD_MISMATCH);
  125.         }
  126.         elseif (Flux::config('PasswordMinUpper') > 0 && preg_match_all('/[A-Z]/', $password, $matches) < Flux::config('PasswordMinUpper')) {
  127.             throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinUpper')) + ' uppercase letter(s)', Flux_RegisterError::PASSWORD_NEED_UPPER);
  128.         }
  129.         elseif (Flux::config('PasswordMinLower') > 0 && preg_match_all('/[a-z]/', $password, $matches) < Flux::config('PasswordMinLower')) {
  130.             throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinLower')) + ' lowercase letter(s)', Flux_RegisterError::PASSWORD_NEED_LOWER);
  131.         }
  132.         elseif (Flux::config('PasswordMinNumber') > 0 && preg_match_all('/[0-9]/', $password, $matches) < Flux::config('PasswordMinNumber')) {
  133.             throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinNumber')) + ' number(s)', Flux_RegisterError::PASSWORD_NEED_NUMBER);
  134.         }
  135.         elseif (Flux::config('PasswordMinSymbol') > 0 && preg_match_all('/[^A-Za-z0-9]/', $password, $matches) < Flux::config('PasswordMinSymbol')) {
  136.             throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinSymbol')) + ' symbol(s)', Flux_RegisterError::PASSWORD_NEED_SYMBOL);
  137.         }
  138.         elseif (!preg_match('/^(.+?)@(.+?)$/', $email)) {
  139.             throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS);
  140.         }
  141.         elseif ($email!==$email2) {
  142.             throw new Flux_RegisterError('Email do not match', Flux_RegisterError::INVALID_EMAIL_CONF);
  143.         }      
  144.         elseif (!in_array(strtoupper($gender), array('M', 'F'))) {
  145.             throw new Flux_RegisterError('Invalid gender', Flux_RegisterError::INVALID_GENDER);
  146.         }
  147.         elseif (($birthdatestamp = strtotime($birthdate)) === false || date('Y-m-d', $birthdatestamp) != $birthdate) {
  148.             throw new Flux_RegisterError('Invalid birthdate', Flux_RegisterError::INVALID_BIRTHDATE);
  149.         }
  150.         elseif (Flux::config('UseCaptcha')) {
  151.             if (Flux::config('EnableReCaptcha')) {
  152.                 require_once 'recaptcha/recaptchalib.php';
  153.                 $resp = recaptcha_check_answer(
  154.                     Flux::config('ReCaptchaPrivateKey'),
  155.                     $_SERVER['REMOTE_ADDR'],
  156.                     // Checks POST fields.
  157.                     $_POST['recaptcha_challenge_field'],
  158.                     $_POST['recaptcha_response_field']);
  159.                
  160.                 if (!$resp->is_valid) {
  161.                     throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
  162.                 }
  163.             }
  164.             elseif (strtolower($securityCode) !== strtolower(Flux::$sessionData->securityCode)) {
  165.                 throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
  166.             }
  167.         }
  168.        
  169.         $sql  = "SELECT userid FROM {$this->loginDatabase}.login WHERE ";
  170.         if ($this->config->getNoCase()) {
  171.             $sql .= 'LOWER(userid) = LOWER(?) ';
  172.         }
  173.         else {
  174.             $sql .= 'BINARY userid = ? ';
  175.         }
  176.         $sql .= 'LIMIT 1';
  177.         $sth  = $this->connection->getStatement($sql);
  178.         $sth->execute(array($username));
  179.        
  180.         $res = $sth->fetch();
  181.         if ($res) {
  182.             throw new Flux_RegisterError('Username is already taken', Flux_RegisterError::USERNAME_ALREADY_TAKEN);
  183.         }
  184.        
  185.         if (!Flux::config('AllowDuplicateEmails')) {
  186.             $sql = "SELECT email FROM {$this->loginDatabase}.login WHERE email = ? LIMIT 1";
  187.             $sth = $this->connection->getStatement($sql);
  188.             $sth->execute(array($email));
  189.  
  190.             $res = $sth->fetch();
  191.             if ($res) {
  192.                 throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE);
  193.             }
  194.         }
  195.        
  196.         if ($this->config->getUseMD5()) {
  197.             $password = Flux::hashPassword($password);
  198.         }
  199.        
  200.         $sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate, new_field) VALUES (?, ?, ?, ?, ?, ?, ?)";
  201.         $sth = $this->connection->getStatement($sql);
  202.         $res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp), $new_field));
  203.        
  204.         if ($res) {
  205.             $idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id");
  206.             $idsth->execute();
  207.            
  208.             $idres = $idsth->fetch();
  209.             $createTable = Flux::config('FluxTables.AccountCreateTable');
  210.            
  211.             $sql  = "INSERT INTO {$this->loginDatabase}.{$createTable} (account_id, userid, user_pass, sex, email, reg_date, reg_ip, confirmed) ";
  212.             $sql .= "VALUES (?, ?, ?, ?, ?, NOW(), ?, 1)";
  213.             $sth  = $this->connection->getStatement($sql);
  214.            
  215.             $sth->execute(array($idres->account_id, $username, $password, $gender, $email, $_SERVER['REMOTE_ADDR']));
  216.             return $idres->account_id;
  217.         }
  218.         else {
  219.             return false;
  220.         }
  221.     }
  222.    
  223.     /**
  224.      *
  225.      */
  226.     public function temporarilyBan($bannedBy, $banReason, $accountID, $until)
  227.     {
  228.         $table = Flux::config('FluxTables.AccountBanTable');
  229.        
  230.         $sql  = "INSERT INTO {$this->loginDatabase}.$table (account_id, banned_by, ban_type, ban_until, ban_date, ban_reason) ";
  231.         $sql .= "VALUES (?, ?, 1, ?, NOW(), ?)";
  232.         $sth  = $this->connection->getStatement($sql);
  233.        
  234.         if ($sth->execute(array($accountID, $bannedBy, $until, $banReason))) {
  235.             $ts   = strtotime($until);
  236.             $sql  = "UPDATE {$this->loginDatabase}.login SET state = 0, unban_time = '$ts' WHERE account_id = ?";
  237.             $sth  = $this->connection->getStatement($sql);
  238.             return $sth->execute(array($accountID));
  239.         }
  240.         else {
  241.             return false;
  242.         }
  243.     }
  244.    
  245.     /**
  246.      *
  247.      */
  248.     public function permanentlyBan($bannedBy, $banReason, $accountID)
  249.     {
  250.         $table = Flux::config('FluxTables.AccountBanTable');
  251.        
  252.         $sql  = "INSERT INTO {$this->loginDatabase}.$table (account_id, banned_by, ban_type, ban_until, ban_date, ban_reason) ";
  253.         $sql .= "VALUES (?, ?, 2, '0000-00-00 00:00:00', NOW(), ?)";
  254.         $sth  = $this->connection->getStatement($sql);
  255.        
  256.         if ($sth->execute(array($accountID, $bannedBy, $banReason))) {
  257.             $sql  = "UPDATE {$this->loginDatabase}.login SET state = 5, unban_time = 0 WHERE account_id = ?";
  258.             $sth  = $this->connection->getStatement($sql);
  259.             return $sth->execute(array($accountID));
  260.         }
  261.         else {
  262.             return false;
  263.         }
  264.     }
  265.    
  266.     /**
  267.      *
  268.      */
  269.     public function unban($unbannedBy, $unbanReason, $accountID)
  270.     {
  271.         $table = Flux::config('FluxTables.AccountBanTable');
  272.         $createTable = Flux::config('FluxTables.AccountCreateTable');
  273.        
  274.         $sql  = "INSERT INTO {$this->loginDatabase}.$table (account_id, banned_by, ban_type, ban_until, ban_date, ban_reason) ";
  275.         $sql .= "VALUES (?, ?, 0, '0000-00-00 00:00:00', NOW(), ?)";
  276.         $sth  = $this->connection->getStatement($sql);
  277.        
  278.         if ($sth->execute(array($accountID, $unbannedBy, $unbanReason))) {
  279.             $sql  = "UPDATE {$this->loginDatabase}.$createTable SET confirmed = 1, confirm_expire = NULL WHERE account_id = ?";
  280.             $sth  = $this->connection->getStatement($sql);
  281.             $sth->execute(array($accountID));
  282.            
  283.             $sql  = "UPDATE {$this->loginDatabase}.login SET state = 0, unban_time = 0 WHERE account_id = ?";
  284.             $sth  = $this->connection->getStatement($sql);
  285.             return $sth->execute(array($accountID));
  286.         }
  287.         else {
  288.             return false;
  289.         }
  290.     }
  291.    
  292.     /**
  293.      *
  294.      */
  295.     public function getBanInfo($accountID)
  296.     {
  297.         $table = Flux::config('FluxTables.AccountBanTable');
  298.         $col   = "$table.id, $table.account_id, $table.banned_by, $table.ban_type, ";
  299.         $col  .= "$table.ban_until, $table.ban_date, $table.ban_reason, login.userid";
  300.         $sql   = "SELECT $col FROM {$this->loginDatabase}.$table ";
  301.         $sql  .= "LEFT OUTER JOIN {$this->loginDatabase}.login ON login.account_id = $table.banned_by ";
  302.         $sql  .= "WHERE $table.account_id = ? ORDER BY $table.ban_date DESC ";
  303.         $sth   = $this->connection->getStatement($sql);
  304.         $res   = $sth->execute(array($accountID));
  305.        
  306.         if ($res) {
  307.             $ban = $sth->fetchAll();
  308.             return $ban;
  309.         }
  310.         else {
  311.             return false;
  312.         }
  313.     }
  314.    
  315.     /**
  316.      *
  317.      */
  318.     public function addIpBan($bannedBy, $banReason, $unbanTime, $ipAddress)
  319.     {
  320.         $table = Flux::config('FluxTables.IpBanTable');
  321.        
  322.         $sql  = "INSERT INTO {$this->loginDatabase}.$table (ip_address, banned_by, ban_type, ban_until, ban_date, ban_reason) ";
  323.         $sql .= "VALUES (?, ?, 1, ?, NOW(), ?)";
  324.         $sth  = $this->connection->getStatement($sql);
  325.        
  326.         if ($sth->execute(array($ipAddress, $bannedBy, $unbanTime, $banReason))) {
  327.             $sql  = "INSERT INTO {$this->loginDatabase}.ipbanlist (list, reason, rtime, btime) ";
  328.             $sql .= "VALUES (?, ?, ?, NOW())";
  329.             $sth  = $this->connection->getStatement($sql);
  330.             return $sth->execute(array($ipAddress, $banReason, $unbanTime));
  331.         }
  332.         else {
  333.             return false;
  334.         }
  335.     }
  336.    
  337.     /**
  338.      *
  339.      */
  340.     public function removeIpBan($unbannedBy, $unbanReason, $ipAddress)
  341.     {
  342.         $table = Flux::config('FluxTables.IpBanTable');
  343.        
  344.         $sql  = "INSERT INTO {$this->loginDatabase}.$table (ip_address, banned_by, ban_type, ban_until, ban_date, ban_reason) ";
  345.         $sql .= "VALUES (?, ?, 0, '0000-00-00 00:00:00', NOW(), ?)";
  346.         $sth  = $this->connection->getStatement($sql);
  347.        
  348.         if ($sth->execute(array($ipAddress, $unbannedBy, $unbanReason))) {
  349.             $sql  = "DELETE FROM {$this->loginDatabase}.ipbanlist WHERE list = ?";
  350.             $sth  = $this->connection->getStatement($sql);
  351.             return $sth->execute(array($ipAddress));
  352.         }
  353.         else {
  354.             return false;
  355.         }
  356.     }
  357.    
  358.     /**
  359.      *
  360.      */
  361.     public function hasCreditsRecord($accountID)
  362.     {
  363.         $creditsTable = Flux::config('FluxTables.CreditsTable');
  364.        
  365.         $sql = "SELECT COUNT(account_id) AS hasRecord FROM {$this->loginDatabase}.$creditsTable WHERE account_id = ?";
  366.         $sth = $this->connection->getStatement($sql);
  367.        
  368.         $sth->execute(array($accountID));
  369.        
  370.         if ($sth->fetch()->hasRecord) {
  371.             return true;
  372.         }
  373.         else {
  374.             return false;
  375.         }
  376.     }
  377.    
  378.     /**
  379.      *
  380.      */
  381.     public function depositCredits($targetAccountID, $credits, $donationAmount = null)
  382.     {
  383.         $sql = "SELECT COUNT(account_id) AS accountExists FROM {$this->loginDatabase}.login WHERE account_id = ?";
  384.         $sth = $this->connection->getStatement($sql);
  385.        
  386.         if (!$sth->execute(array($targetAccountID)) || !$sth->fetch()->accountExists) {
  387.             return false; // Account doesn't exist.
  388.         }
  389.        
  390.         $creditsTable = Flux::config('FluxTables.CreditsTable');
  391.        
  392.         if (!$this->hasCreditsRecord($targetAccountID)) {
  393.             $fields = 'account_id, balance';
  394.             $values = '?, ?';
  395.            
  396.             if (!is_null($donationAmount)) {
  397.                 $fields .= ', last_donation_date, last_donation_amount';
  398.                 $values .= ', NOW(), ?';
  399.             }
  400.            
  401.             $sql  = "INSERT INTO {$this->loginDatabase}.$creditsTable ($fields) VALUES ($values)";
  402.             $sth  = $this->connection->getStatement($sql);
  403.             $vals = array($targetAccountID, $credits);
  404.            
  405.             if (!is_null($donationAmount)) {
  406.                 $vals[] = $donationAmount;
  407.             }
  408.            
  409.             return $sth->execute($vals);
  410.         }
  411.         else {
  412.             $vals = array();
  413.             $sql  = "UPDATE {$this->loginDatabase}.$creditsTable SET balance = balance + ? ";
  414.  
  415.             if (!is_null($donationAmount)) {
  416.                 $sql .= ", last_donation_date = NOW(), last_donation_amount = ? ";
  417.             }
  418.            
  419.             $vals[] = $credits;
  420.             if (!is_null($donationAmount)) {
  421.                 $vals[] = $donationAmount;
  422.             }
  423.             $vals[] = $targetAccountID;
  424.            
  425.             $sql .= "WHERE account_id = ?";
  426.             $sth  = $this->connection->getStatement($sql);
  427.            
  428.             return $sth->execute($vals);
  429.         }
  430.     }
  431.    
  432.     /**
  433.      *
  434.      */
  435.     public function getPrefs($accountID, array $prefs = array())
  436.     {
  437.         $sql = "SELECT account_id FROM {$this->loginDatabase}.`login` WHERE account_id = ? LIMIT 1";
  438.         $sth = $this->connection->getStatement($sql);
  439.        
  440.         if ($sth->execute(array($accountID)) && ($char=$sth->fetch())) {
  441.             $accountPrefsTable = Flux::config('FluxTables.AccountPrefsTable');
  442.            
  443.             $pref = array();
  444.             $bind = array($accountID);
  445.             $sql  = "SELECT name, value FROM {$this->loginDatabase}.$accountPrefsTable ";
  446.             $sql .= "WHERE account_id = ?";
  447.            
  448.             if ($prefs) {
  449.                 foreach ($prefs as $p) {
  450.                     $pref[] = "name = ?";
  451.                     $bind[] = $p;
  452.                 }
  453.                 $sql .= sprintf(' AND (%s)', implode(' OR ', $pref));
  454.             }
  455.            
  456.             $sth = $this->connection->getStatement($sql);
  457.            
  458.             if ($sth->execute($bind)) {
  459.                 $prefsArray = array();
  460.                 foreach ($sth->fetchAll() as $p) {
  461.                     $prefsArray[$p->name] = $p->value;
  462.                 }
  463.                
  464.                 return new Flux_Config($prefsArray);
  465.             }
  466.             else {
  467.                 return false;
  468.             }
  469.         }
  470.         else {
  471.             return false;
  472.         }
  473.     }
  474.    
  475.     /**
  476.      *
  477.      */
  478.     public function setPrefs($accountID, array $prefsArray)
  479.     {
  480.         $sql = "SELECT account_id FROM {$this->loginDatabase}.`login` WHERE account_id = ? LIMIT 1";
  481.         $sth = $this->connection->getStatement($sql);
  482.        
  483.         if ($sth->execute(array($accountID)) && ($char=$sth->fetch())) {
  484.             $accountPrefsTable = Flux::config('FluxTables.AccountPrefsTable');
  485.            
  486.             $pref = array();
  487.             $bind = array($accountID);
  488.             $sql  = "SELECT id, name, value FROM {$this->loginDatabase}.$accountPrefsTable ";
  489.             $sql .= "WHERE account_id = ?";
  490.            
  491.             if ($prefsArray) {
  492.                 foreach ($prefsArray as $prefName => $prefValue) {
  493.                     $pref[] = "name = ?";
  494.                     $bind[] = $prefName;
  495.                 }
  496.                 $sql .= sprintf(' AND (%s)', implode(' OR ', $pref));
  497.             }
  498.            
  499.             $sth = $this->connection->getStatement($sql);
  500.            
  501.             if ($sth->execute($bind)) {
  502.                 $prefs  = $sth->fetchAll();
  503.                 $update = array();
  504.                
  505.                 $usql   = "UPDATE {$this->loginDatabase}.$accountPrefsTable ";
  506.                 $usql  .= "SET value = ? WHERE id = ?";
  507.                 $usth   = $this->connection->getStatement($usql);
  508.                        
  509.                 $isql   = "INSERT INTO {$this->loginDatabase}.$accountPrefsTable ";
  510.                 $isql  .= "(account_id, name, value, create_date) ";
  511.                 $isql  .= "VALUES (?, ?, ?, NOW())";
  512.                 $isth   = $this->connection->getStatement($isql);
  513.                
  514.                 foreach ($prefs as $p) {
  515.                     $update[$p->name] = $p->id;
  516.                 }
  517.                
  518.                 foreach ($prefsArray as $pref => $value) {
  519.                     if (array_key_exists($pref, $update)) {
  520.                         $id = $update[$pref];
  521.                         $usth->execute(array($value, $id));
  522.                     }
  523.                     else {
  524.                         $isth->execute(array($accountID, $pref, $value));
  525.                     }
  526.                 }
  527.                
  528.                 return true;
  529.             }
  530.             else {
  531.                 return false;
  532.             }
  533.         }
  534.         else {
  535.             return false;
  536.         }
  537.     }
  538.    
  539.     /**
  540.      *
  541.      */
  542.     public function getPref($accountID, $pref)
  543.     {
  544.         $prefs = $this->getPrefs($accountID, array($pref));
  545.         if ($prefs instanceOf Flux_Config) {
  546.             return $prefs->get($pref);
  547.         }
  548.         else {
  549.             return false;
  550.         }
  551.     }
  552.    
  553.     /**
  554.      *
  555.      */
  556.     public function setPref($accountID, $pref, $value)
  557.     {
  558.         return $this->setPrefs($accountID, array($pref => $value));
  559.     }
  560.    
  561.     /**
  562.      *
  563.      */
  564.     public function isIpBanned($ip = null)
  565.     {
  566.         if (is_null($ip)) {
  567.             $ip = $_SERVER['REMOTE_ADDR'];
  568.         }
  569.        
  570.         $ip = trim($ip);
  571.         if (!preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $ip, $m)) {
  572.             // Invalid IP.
  573.             return false;
  574.         }
  575.        
  576.         $sql  = "SELECT list FROM {$this->loginDatabase}.ipbanlist WHERE ";
  577.         $sql .= "rtime > NOW() AND (list = ? OR list = ? OR list = ? OR list = ?) LIMIT 1";
  578.         $sth  = $this->connection->getStatement($sql);
  579.        
  580.         $list = array(
  581.             sprintf('%u.*.*.*', $m[1]),
  582.             sprintf('%u.%u.*.*', $m[1], $m[2]),
  583.             sprintf('%u.%u.%u.*', $m[1], $m[2], $m[3]),
  584.             sprintf('%u.%u.%u.%u', $m[1], $m[2], $m[3], $m[4])
  585.         );
  586.        
  587.         $sth->execute($list);
  588.         $ipban = $sth->fetch();
  589.        
  590.         if ($ipban) {
  591.             return true;
  592.         }
  593.         else {
  594.             return false;
  595.         }
  596.     }
  597. }
  598. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!