API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 22nd, 2019
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JSON 20.35 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class Controller_User extends Controller { function __construct() { global $view, $nav, $db;
  3.  $this->model = new Model_User();
  4.  $this->view = $view;
  5.  $this->db = $db;
  6.  $nav[] = array('url' => '/user', 'name' => 'Личный кабинет');
  7.  $this->view->changeTitle('Личный кабинет');
  8.  $ghdrs = getallheaders();
  9.  $ghst = $ghdrs['Host'];
  10.  } function action_index() { global $user;
  11.  $DATA = array();
  12.  $this->view->changeTitle('Личный кабинет');
  13.  if ( !$user['id'] ) { return $this->view->msg('2', 'Вы не авторизованы', '2');
  14.  } $DATA['user'] = $user;
  15.  $DATA['servers'] = $this->model->getMyServers();
  16.  return $this->view->parse_template_path($DATA, 'modules/user/user.tpl');
  17.  } function action_registration() { global $nav, $user;
  18.  $this->view->changeTitle('Регистрация &raquo;
  19. Личный кабинет');
  20.  $nav[] = array('url' => '/user/registration', 'name' => 'Регистрация');
  21.  $DATA = array();
  22.  if ( $user['id'] ) { return $this->view->msg('2', 'Вы уже авторизованы', '2');
  23.  } return $this->view->content .= $this->view->parse_template_path($DATA, 'modules/user/registration.tpl');
  24.  } function action_activation() { global $nav, $user;
  25.  $DATA = array();
  26.  $this->view->changeTitle('Активация аккаунта &raquo;
  27. Личный кабинет');
  28.  $nav[] = array('url' => '/user/activation', 'name' => 'Активация аккаунта');
  29.  if ( !$user['id'] ) { return $this->view->msg('2', 'Вы не авторизованы', '2');
  30.  } if ( $user['gid'] >= "3" ) { return $this->view->msg('2', 'Аккаунт уже активирован', '2');
  31.  } if ( !empty($_GET['code']) ) { $DATA['code'] = filter_var($_GET['code'], 515);
  32.  } if ( !empty( $_POST ) ) { $this->view->content .= $this->model->activation();
  33.  } $DATA['user'] = $user;
  34.  return $this->view->content .= $this->view->parse_template_path($DATA, 'modules/user/activation.tpl');
  35.  } function action_auth() { global $nav, $user;
  36.  $DATA = array();
  37.  $nav[] = array('url' => '/user/auth', 'name' => 'Авторизация');
  38.  $this->view->changeTitle('Авторизация &raquo;
  39. Личный кабинет');
  40.  if ( $user['id'] ) { return $this->view->msg('2', 'Вы уже авторизованы', '2');
  41.  } return $this->view->content .= $this->view->parse_template_path($DATA, 'modules/user/auth.tpl');
  42.  } function action_voucher() { global $nav, $user;
  43.  $DATA = array();
  44.  $this->view->changeTitle('Активировать ваучер &raquo;
  45. Личный кабинет');
  46.  $nav[] = array('url' => '/user/voucher/', 'name' => 'Активировать ваучер');
  47.  if ( !$user['id'] ) { return $this->view->msg('2', 'Вы не авторизованы', '2');
  48.  } $DATA['games'] = $this->model->getGameList();
  49.  $DATA['user'] = $user;
  50.  return $this->view->content .= $this->view->parse_template_path($DATA, 'modules/user/voucher.tpl');
  51.  } function action_add() { global $nav, $user;
  52.  $DATA = array();
  53.  $this->view->changeTitle('Добавить сервер &raquo;
  54. Личный кабинет');
  55.  $nav[] = array('url' => '/user/add/', 'name' => 'Добавить сервер');
  56.  if ( !$user['id'] ) { return $this->view->msg('2', 'Вы не авторизованы', '2');
  57.  } $DATA['games'] = $this->model->getGameList();
  58.  $DATA['user'] = $user;
  59.  return $this->view->content .= $this->view->parse_template_path($DATA, 'modules/user/add.tpl');
  60.  } function action_ajax_vaucher() { global $user;
  61.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  62.  if ( !$user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы не авторизированы!')));
  63.  $address = $this->view->safevar($_POST['address']);
  64.  $game = $this->view->safevar($_POST['game']);
  65.  $key = $this->view->safevar($_POST['key']);
  66.  $site = isset( $_POST['site'] ) ? $this->view->safevar($_POST['site']) : '';
  67.  $captcha = $this->view->safevar($_POST['captcha']);
  68.  if ( $user['id'] ) $email = $user['email'];
  69.  else $email = $this->view->safevar($_POST['email']);
  70.  if ( empty( $address ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите IP:PORT сервера')));
  71.  else if ( empty( $game ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Выберите игру')));
  72.  else if ( empty( $key ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите ваучер')));
  73.  else if ( empty( $email ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите Эл. почту')));
  74.  else if ( !filter_var($email, FILTER_VALIDATE_EMAIL) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'E-mail ('.$email.') указан не верно')));
  75.  else if ( empty( $captcha ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча не введена')));
  76.  $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . $this->view->sconfigs()['recaptcha_secretkey'] . '&response=' . $captcha);
  77.  $responseData = json_decode($verifyResponse);
  78.  if ( $responseData->success == false ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча введена не верно')));
  79.  $this->db->query("SELECT * FROM `vaucher` WHERE `key` = '{$key}' AND `status` = '0'");
  80.  if ( $this->db->rowCount() > 0 ) { foreach ( $this->db->resultSet() as $row ) { $vaucher_id = $row['id'];
  81.  $service = explode('-', $row['service_id']);
  82.  $user_id = $user['id'];
  83.  $this->db->query( "SELECT * FROM `service` WHERE `id` = {$service[0]}" );
  84.  $row_service = $this->db->single();
  85.  $name = $row_service['name'];
  86.  $limit = $row_service['limit'];
  87.  $type_service = $row_service['type'];
  88.  $row_service['service'] = json_decode($row_service['service'], true);
  89.  if ( empty ( $row_service['service'][$service[1]] ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Услуга не найдена')));
  90.  if ( $service[0] == 3 ) $cnt = $row_service['service'][$service[1]]['rounds'];
  91.  else $cnt = $row_service['service'][$service[1]]['days'];
  92.  if ( $service[0] == 1 ) $types = 'top';
  93.  else if ( $service[0] == 2 ) $types = 'vip';
  94.  else if ( $service[0] == 3 ) $types = 'boost';
  95.  else if ( $service[0] == 4 ) $types = 'gamemenu';
  96.  else $types = 'top';
  97.  $this->db->query( "SELECT `id` FROM `servers` WHERE `{$types}` = '1' AND `type` = '{$game}'" );
  98.  $count_service = $this->db->rowCount();
  99.  $this->db->query( "SELECT * FROM `servers` WHERE `address` = '{$address}'" );
  100.  if ( $this->db->rowCount() > 0 ) { $row_s = $this->db->single();
  101.  if ( $user_id > 0 ) { $this->db->query( "SELECT * FROM `user_servers` WHERE `sid` = '{$row_s['id']}'" );
  102.  if ( !$this->db->rowCount() ) { $this->db->query("INSERT INTO `user_servers` (`sid`, `uid`) VALUES (:sid, :uid)");
  103.  $this->db->bind(':sid', $sid);
  104.  $this->db->bind(':uid', $user_id);
  105.  $this->db->execute();
  106.  } } } else { $ip = explode(':', $address)[0];
  107.  $ip = gethostbyname($ip);
  108.  $json = file_get_contents('https://ipapi.co/' . $ip . '/json/');
  109.  $country = json_decode($json, TRUE);
  110.  $country = $country['country'];
  111.  $this->db->query("INSERT INTO `servers` (`hostname`, `address`, `map`, `players`, `maxplayers`, `type`, `country`, `date_created`, `modded`) VALUES (:hostname, :address, :map, :players, :maxplayers, :type, :country, UNIX_TIMESTAMP(), '1')");
  112.  $this->db->bind(':hostname', 'Сервер отключен');
  113.  $this->db->bind(':address', $address);
  114.  $this->db->bind(':map', 'no_map');
  115.  $this->db->bind(':players', '0');
  116.  $this->db->bind(':maxplayers', '0');
  117.  $this->db->bind(':type', $game);
  118.  $this->db->bind(':country', $country);
  119.  $this->db->execute();
  120.  $sid = $this->db->lastInsertId();
  121.  if ( $user_id > 0 ) { $this->db->query("INSERT INTO `user_servers` (`sid`, `uid`) VALUES (:sid, :uid)");
  122.  $this->db->bind(':sid', $sid);
  123.  $this->db->bind(':uid', $user_id);
  124.  $this->db->execute();
  125.  } } if ( $type_service == '2' ) { if($count_service >= $limit) { $this->db->query( "SELECT * FROM `servers` WHERE `boost` = '1' AND `type` = '{$game}' ORDER BY `boost_created`" );
  126.  foreach ( $this->db->resultSet() as $val ) { if($val['boost_rounds'] == 1) { $this->db->query("UPDATE `servers` SET `boost` = '0', `boost_created` = '0', `boost_rounds` = '0' WHERE `id` = '{$val['id']}'");
  127.  $this->db->execute();
  128.  break;
  129.  } else { $this->db->query("UPDATE `servers` SET `boost` = '1', `boost_created` = '".(time()+1)."', `boost_rounds` = `boost_rounds` - '1' WHERE `id` = '{$val['id']}'");
  130.  $this->db->execute();
  131.  } } } $this->db->query( "UPDATE `servers` SET `boost` =  '1', `boost_created` =  '".(time()+1)."', `boost_rounds` = `boost_rounds` + '{$cnt}' WHERE `address` = '{$address}'" );
  132.  $this->db->execute();
  133.  } else { $created = $types.'_created';
  134.  $end = $types.'_end';
  135.  $time = time();
  136.  $this->db->query( "SELECT * FROM `servers` WHERE `address` = '{$address}'" );
  137.  $row = $this->db->single();
  138.  if ( $row[$types] == 1 ) $date_end = $row[$end] + ($cnt * 24 * 60 * 60);
  139.  else $date_end = $time + ($cnt * 24 * 60 * 60);
  140.  $this->db->query( "UPDATE `servers` SET `{$types}` = '1', `{$created}` = '{$time}', `{$end}` = '{$date_end}' WHERE `address` = '{$address}'" );
  141.  $this->db->execute();
  142.  } $this->db->query( "UPDATE `vaucher` SET `address` = '{$address}', `user_id` = '{$user['id']}', `status` = '1' WHERE `id` = '{$vaucher_id}'" );
  143.  $this->db->execute();
  144.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => 'Ваучер успешно активирован')));
  145.  } } else exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ваучер не найден')));
  146.  } function action_ajax_registration() { global $user;
  147.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  148.  if ( $user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы уже зарегестрированы!')));
  149.  $email = $this->view->safevar($_POST['email']);
  150.  $login = $this->view->safevar($_POST['login']);
  151.  $password1 = $this->view->safevar($_POST['password1']);
  152.  $password2 = $this->view->safevar($_POST['password2']);
  153.  $captcha = $this->view->safevar($_POST['captcha']);
  154.  if ( empty( $login ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите логин')));
  155.  else if ( empty( $email ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите Эл. почту')));
  156.  else if ( !filter_var($email, FILTER_VALIDATE_EMAIL) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'E-mail ('.$email.') указан не верно')));
  157.  else if ( empty( $password1 ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите пароль')));
  158.  else if ( empty( $password2 ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Подтвердите пароль')));
  159.  else if( $password1 != $password2 ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Пароли не совпадают')));
  160.  else if ( empty( $captcha ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча не введена')));
  161.  $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . $this->view->sconfigs()['recaptcha_secretkey'] . '&response=' . $captcha);
  162.  $responseData = json_decode($verifyResponse);
  163.  if ( $responseData->success == false ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча введена не верно')));
  164.  $this->db->query("SELECT `email` FROM `users` WHERE `email` = :email");
  165.  $this->db->bind(':email', $email);
  166.  if( $this->db->rowCount() >= 1 ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Эл. почта [ ' . $email . ' ] уже зарегистрирована')));
  167.  $this->db->query("SELECT `login` FROM `users` WHERE `login` = :login");
  168.  $this->db->bind(':login', $login);
  169.  if( $this->db->rowCount() >= 1 ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Пользователь с логином [ ' . $login . ' ] уже зарегистрирован')));
  170.  $code = $this->view->GenerateKey(10);
  171.  $time = time();
  172.  $ip = $this->view->getVisitorIp();
  173.  $password = md5($password1);
  174.  $this->db->query("INSERT INTO `users` (`email`, `password`, `login`, `gid`, `reg_ip`, `date_reg`, `code`) VALUES (:email, :password, :login, :gid, :reg_ip, :date_reg, :code)");
  175.  $this->db->bind(':email', $email);
  176.  $this->db->bind(':password', $password);
  177.  $this->db->bind(':login', $login);
  178.  $this->db->bind(':gid', '2');
  179.  $this->db->bind(':reg_ip', $ip);
  180.  $this->db->bind(':date_reg', $time);
  181.  $this->db->bind(':code', $code);
  182.  if ( $this->db->execute() ) { $lastID = $this->db->lastInsertId();
  183.  $to = $email;
  184.  $subject = 'Добро пожаловать на сайт '.$_SERVER['SERVER_NAME'].'';
  185.  $headers = "From: Support <support@".$_SERVER['SERVER_NAME'].">\r\n";
  186.  $headers .= "Reply-To: ". strip_tags($email) . "\r\n";
  187.  $headers .= "MIME-Version: 1.0\r\n";
  188.  $headers .= "Content-Type: text/html;
  189. charset=UTF-8\r\n";
  190.  $message = '<html><body>';
  191.  $message .= '
  192.                Добро пожаловать на сайт <a href="https://'.$_SERVER['SERVER_NAME'].'">'.$_SERVER['SERVER_NAME'].'</a>
  193.                <br /><br />
  194.                Пожалуйста сохраните это сообщение. Параметры вашей учётной записи таковы:
  195.                <br /><br />
  196.                ---------------------------- <br />
  197.                Имя пользователя: '.$login.' <br />
  198.                Пароль пользователя: '.$password1.' <br />
  199.                ----------------------------
  200.                <br /><br />
  201.                
  202.                ~~~~~~~~<br />
  203.                
  204.  
  205.                Спасибо за то, что зарегистрировались на нашем сайте.
  206.            ';
  207.  $message .= '</body></html>';
  208.  mail($to, $subject, $message, $headers);
  209.  $hash = md5($this->view->GenerateKey(10));
  210.  setcookie("hash", $hash, time()+2592000, "/");
  211.  setcookie("id", $lastID, time()+2592000, "/");
  212.  $this->db->query("UPDATE `users` SET `hash` = :hash WHERE `id` = :id");
  213.  $this->db->bind(':hash', $hash);
  214.  $this->db->bind(':id', $lastID);
  215.  $this->db->execute();
  216.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => 'Аккаунт успешно зарегистрирован!')));
  217.  } } function action_ajax_auth() { global $user;
  218.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  219.  if ( $user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы уже авторизированы!')));
  220.  $login = $this->view->safevar($_POST['login']);
  221.  $password = $this->view->safevar($_POST['password']);
  222.  $captcha = $this->view->safevar($_POST['captcha']);
  223.  if ( empty( $login ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите логин')));
  224.  else if ( empty( $password ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Введите пароль')));
  225.  else if ( empty( $captcha ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча не введена')));
  226.  $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . $this->view->sconfigs()['recaptcha_secretkey'] . '&response=' . $captcha);
  227.  $responseData = json_decode($verifyResponse);
  228.  if ( $responseData->success == false ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Каптча введена не верно')));
  229.  $password = md5($password);
  230.  $this->db->query("SELECT * FROM `users` WHERE `login` = '{$login}' AND `password` = '{$password}'");
  231.  if ( $this->db->rowCount() == 1 ) { foreach ( $this->db->resultSet() as $row ) { $hash = md5($this->view->GenerateKey(10));
  232.  setcookie("hash", $hash, time()+2592000, "/");
  233.  setcookie("id", $row['id'], time()+2592000, "/");
  234.  $this->db->query("UPDATE `users` SET `hash` = :hash WHERE `id` = :id");
  235.  $this->db->bind(':hash', $hash);
  236.  $this->db->bind(':id', $row['id']);
  237.  $this->db->execute();
  238.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => 'Выполняется авторизация!')));
  239.  } } else { exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Логин или пароль не совпадают!')));
  240.  } } function action_ajax_logout() { global $user;
  241.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  242.  if ( !$user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы не авторизированы')));
  243.  if ( !isset($_SESSION) ) session_start();
  244.  $id = $this->view->safevar($user['id']);
  245.  $hash = $this->view->safevar($_COOKIE['hash']);
  246.  session_unset();
  247.  session_destroy();
  248.  setcookie('id', '', 0, "/");
  249.  setcookie('hash', '', 0, "/");
  250.  $this->db->query("SELECT * FROM `users` WHERE `id` = '{$id}' AND FIND_IN_SET('{$hash}', `hash`)");
  251.  if ( $this->db->rowCount() >= 1 ) { foreach ( $this->db->resultSet() as $row ) { $check = explode(",", $row['hash']);
  252.  if($key = array_search($hash, $check) AND isset($check[$key])) unset($check[$key]);
  253.  $newhash = implode(',',$check);
  254.  $this->db->query("UPDATE `users` SET `hash` = '{$newhash}' WHERE `id` = '{$id}'");
  255.  $this->db->execute();
  256.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => 'Вы успешно вышлии из аккаунта!')));
  257.  } } } function action_ajax_rm_srv() { global $user;
  258.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  259.  if ( !$user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы не авторизированы')));
  260.  $id = $this->view->safevar($_POST['id']);
  261.  if ( empty( $id ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Сервер не найден!')));
  262.  $this->db->query("SELECT * FROM `user_servers` WHERE `uid` = '{$user['id']}' AND `sid` = '{$id}'");
  263.  if ( $this->db->rowCount() == 1 ) { $this->db->query("DELETE FROM `user_servers` WHERE `uid` = '{$user['id']}' AND `sid` = '{$id}'");
  264.  $this->db->execute();
  265.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => 'Сервер был удален из аккаунта!')));
  266.  } else { exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Сервер не найден!')));
  267.  } } function action_ajax_validate_owner() { global $user, $servers;
  268.  if ( !$this->view->is_ajax() ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Ошибка')));
  269.  if ( !$user['id'] ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Вы не авторизированы!')));
  270.  $id = $this->view->safevar($_POST['sid']);
  271.  if ( empty( $id ) ) exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => 'Сервер не найден!')));
  272.  $this->db->query("SELECT `id` FROM `servers` WHERE `owner` = '{$user['id']}' AND `id` = '{$id}'");
  273.  if ( $this->db->rowCount() == 1 ) { exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => '<span class=\"moderation\">Вы уже подтвердили права на этот сервер.</span><hr />')));
  274.  } else { $this->db->query("SELECT `address`, `type`, `hostname` FROM `servers` WHERE `id` = '{$id}'");
  275.  $row = $this->db->single();
  276.  $address = explode(':', $row['address']);
  277.  $data = $servers->getinfoserver($row['type'], $address[0], $address[1]);
  278.  $hostname = filter_var($data['s']['name'], 515);
  279.  if ( $hostname == "Monitoring-Steam.ru | Validate" ) { $this->db->query("UPDATE `servers` SET `owner` = '{$user['id']}' WHERE `id` = '{$id}'");
  280.  $this->db->execute();
  281.  exit(json_encode(array('success' => true, 'status' => 'success', 'msg' => "<span class=\"accept\">Права успешно подтверждены: ".$row['hostname']."</span><hr />")));
  282.  } else { exit(json_encode(array('success' => true, 'status' => 'error', 'msg' => "<span class=\"reject\">Ошибка, текущее название: ".$hostname."</span><hr />")));
  283.  } } } }
  284. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!