Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ////GET IP
- function getUserIP()
- {
- if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
- $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
- $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
- }
- $client = @$_SERVER['HTTP_CLIENT_IP'];
- $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
- $remote = $_SERVER['REMOTE_ADDR'];
- if(filter_var($client, FILTER_VALIDATE_IP))
- {
- $ip = $client;
- }
- elseif(filter_var($forward, FILTER_VALIDATE_IP))
- {
- $ip = $forward;
- }
- else
- {
- $ip = $remote;
- }
- return $ip;
- }
- $user_ip = getUserIP();
- $ip = $_SERVER['REMOTE_ADDR'];
- $details = json_decode(file_get_contents("http://ipinfo.io/{$ip}"));
- $usercountry = $details->country; //
- ////ab hier schreiben
- date_default_timezone_set('Europe/Berlin');
- $date = date('d.m.y');
- $time = date('H:i:s');
- $servername = "localhost";
- $user = "root";
- $pw =
- $db = "unrealengine";
- $con = new mysqli($servername, $user, $pw, $db);
- if($con->connect_error) {
- die("keine connection lmao".$con->connect_error);
- }
- $clientauthkey = mysqli_real_escape_string($con, $_GET["authkey"]);
- $clientusername = mysqli_real_escape_string($con, $_GET["username"]);
- $isregisterevent = mysqli_real_escape_string($con, $_GET["reg"]);
- $clientpassword = mysqli_real_escape_string($con, $_GET["password"]);
- $email = mysqli_real_escape_string($con, $_GET["email"]);
- //für richtig krasse noobs
- if ($_GET["key"] === "lmao"){
- }
- else {
- die("connection refused.");
- }
- //prüft ob die Anfrage für ein Reg konzepiert ist
- if($isregisterevent === "yes"){
- $sql = "SELECT * FROM `users` WHERE `username` LIKE '$clientusername'";
- $result = $con->query($sql);
- //prüft ob spieler schon regestriert ist
- if($result->num_rows === 0){
- $sql = $con->prepare("INSERT INTO `users` (`id`, `username`, `password`, `authkey`, `role`, `email`, `lastallowedip`) VALUES (NULL, ?, ?, ?, 'player', ?, '$user_ip am $date um $time in $usercountry')");
- $sql->bind_param("ssss", $clientusername, $clientpassword, $clientauthkey, $email);
- $sql->execute();
- //wird noch gemacht wird aber genau so aufgebaut werden (wird geshashed und salted mit sha512/bcrypt und veri. mit password verify :9)
- echo "You have been registered! Check your Emails to enter your password";
- $sql->close();
- }
- else{
- echo "already registered";
- }
- }
- else {
- $sql = "SELECT * FROM `users` WHERE `username` LIKE '$clientusername'";
- $result = $con->query($sql);
- if ($result->num_rows > 0) {
- while($row = $result->fetch_assoc()){
- $serverpassword = $row["password"];
- $serverauthkey = $row["authkey"];
- }
- }
- else {
- echo "account not found";
- }
- echo $sql->error;
- if ($serverpassword === $clientpassword){
- echo "authkey: " . $serverauthkey;
- $sql = "UPDATE `users` SET `lastallowedip` = '$user_ip am $date um $time in $usercountry' WHERE `username` = '$clientusername'";
- $con->query($sql);
- }
- else{
- echo "wrong password $usercountry";
- $sql = "UPDATE `users` SET `lastrefusedip` = '$user_ip am $date um $time in $usercountry' WHERE `username` = '$clientusername'";
- $con->query($sql);
- }
- }
- $con->close();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement