API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 13th, 2016
142
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.41 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*===============================================================
  3. | UberCMS - Content Management System
  4. | ###############################################################
  5. | Heavily edited UberCMS - All rights reserved 'iRetroCMS'
  6. | Copyright (c) 2010 - 2014, Meth0d 'http://www.meth0d.org'
  7. \==============================================================*/
  8. class uberUsers
  9. {
  10. /**************************************************************************************************/
  11.  
  12. private $userCache = Array();
  13.  
  14. /**************************************************************************************************/
  15.  
  16. private $blockedNames = Array('admin', 'administrator',
  17. 'mod', 'moderator', 'guest', 'undefined', 'dick', 'cock', 'twat', 'milf', 'sex', 'shag', 'slag', 'whore', 'bitch', 'adm', 'fuck', 'slut');
  18.  
  19. private $blockedNameParts = Array('moderate', 'fuck', 'hotel', 'admin', 'bitch', 'penis', 'whore', 'yabbo', 'hacker', 'advertiser');
  20.  
  21. /**************************************************************************************************/
  22.  
  23. public function IsValidEmail($email = '')
  24. {
  25. return preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);
  26. }
  27.  
  28. public function IsValidName($nm = '')
  29. {
  30. if (preg_match('/^[a-z0-9]+$/i', $nm) && strlen($nm) >= 1 && strlen($nm) <= 32)
  31. {
  32. return true;
  33. }
  34.  
  35. return false;
  36. }
  37.  
  38. public function IsValidGroupName($nm = '')
  39. {
  40. if (preg_match('/^[a-z0-9 #!$%^&*()+=\-\[\];,.\/{}()|":?~\\\\]+$/i', $nm) && strlen($nm) >= 2 && strlen($nm) <= 30)
  41. {
  42. return true;
  43. }
  44.  
  45. return false;
  46. }
  47.  
  48. public function IsValidGroupDesc($nm = '')
  49. {
  50. if (preg_match('/^[a-z0-9 #!$%^&*()+=\-\[\];,.\/{}()|":?~\\\\]+$/i', $nm) && strlen($nm) >= 2 && strlen($nm) <= 255)
  51. {
  52. return true;
  53. }
  54.  
  55. return false;
  56. }
  57.  
  58. public function restoreWaitingItems($userId = '')
  59. {
  60. dbquery("UPDATE site_inventory_items SET isWaiting = '1' WHERE userId = '" . $userId . "'");
  61. }
  62.  
  63. public function restoreWaitingItemss($userId = '')
  64. {
  65. dbquery("UPDATE site_inventory_items SET isWaiting = '0' WHERE userId = '" . $userId . "' AND ");
  66. }
  67.  
  68. public function IsNameTaken($nm = '')
  69. {
  70. return ((mysql_num_rows(dbquery("SELECT null FROM users WHERE username = '" . $nm . "' LIMIT 1")) > 0) ? true : false);
  71. }
  72.  
  73. public function IdExists($id = 0)
  74. {
  75. return ((mysql_num_rows(dbquery("SELECT null FROM users WHERE id = '" . $id . "' LIMIT 1")) > 0) ? true : false);
  76. }
  77.  
  78. public function IsNameBlocked($nm = '')
  79. {
  80. foreach ($this->blockedNames as $bl)
  81. {
  82. if (strtolower($nm) == strtolower($bl))
  83. {
  84. return true;
  85. }
  86. }
  87.  
  88. foreach ($this->blockedNameParts as $bl)
  89. {
  90. if (strpos(strtolower($nm), strtolower($bl)) !== false)
  91. {
  92. return true;
  93. }
  94. }
  95.  
  96. return false;
  97. }
  98.  
  99. /**************************************************************************************************/
  100.  
  101. function Add($username = '', $passwordHash = '', $email = '', $rank = 1, $look = '', $gen = '')
  102. {
  103. // LetsGoWild!
  104. $credits = '15000';
  105. $pixels_duckets = '8500';
  106.  
  107. @dbquery("INSERT INTO users (username,password,mail,auth_ticket,rank,look,gender,motto,credits,activity_points,last_online,account_created,ip_last,ip_reg,newbie_status) VALUES ('" . $username . "','" . $passwordHash . "','" . $email . "','','" . $rank . "','" . $look . "','" . $gen . "','','". $credits ."','". $pixels_duckets ."',UNIX_TIMESTAMP(),'0','".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['REMOTE_ADDR']."', '0')");
  108.  
  109. $id = intval(mysql_result(dbquery("SELECT id FROM users WHERE username = '" . $username . "' ORDER BY id DESC LIMIT 1"), 0));
  110.  
  111. @dbquery("INSERT INTO user_info (user_id,bans,cautions,reg_timestamp,login_timestamp,cfhs,cfhs_abusive) VALUES ('" . $id . "','0','0','" . time(). "','" . time() . "','0','0')");
  112. return $id;
  113. }
  114.  
  115. function Delete($id)
  116. {
  117. $Username = Id2name($id);
  118.  
  119. dbquery("DELETE FROM rooms WHERE owner = '" . $Username . "'");
  120. dbquery("DELETE FROM messenger_friendships WHERE user_one_id = '" . $id . "' OR user_two_id = '" . $id . "'");
  121. dbquery("DELETE FROM messenger_requests WHERE to_id = '" . $id . "' OR from_id = '" . $id . "'");
  122. dbquery("DELETE FROM users WHERE id = '" . $id . "' LIMIT 1");
  123. dbquery("DELETE FROM users WHERE id = '" . $id . "' LIMIT 1");
  124. dbquery("DELETE FROM user_subscriptions WHERE user_id = '" . $id . "'");
  125. dbquery("DELETE FROM user_info WHERE user_id = '" . $id . "' LIMIT 1");
  126. dbquery("DELETE FROM user_tags WHERE user_id = '" . $id . "'");
  127. dbquery("DELETE FROM user_stats WHERE id = '" . $id . "' LIMIT 1");
  128. dbquery("DELETE FROM user_wardrobe WHERE user_id = '" . $id . "'");
  129. dbquery("DELETE FROM user_roomvisits WHERE user_id = '" . $id . "'");
  130. dbquery("DELETE FROM user_ignores WHERE user_id = '" . $id . "' OR ignore_id = '". $id ."'");
  131. dbquery("DELETE FROM user_favorites WHERE user_id = '" . $id . "'");
  132. dbquery("DELETE FROM user_effects WHERE user_id = '" . $id . "'");
  133. dbquery("DELETE FROM user_badges WHERE user_id = '" . $id . "'");
  134. dbquery("DELETE FROM user_achievements WHERE user_id = '" . $id . "'");
  135. dbquery("DELETE FROM site_news_comments WHERE userid = '" . $id . "'");
  136. dbquery("DELETE FROM items WHERE user_id = '" . $id . "'");
  137. dbquery("DELETE FROM homes_items WHERE owner_id = '" . $id . "'");
  138. dbquery("DELETE FROM homes WHERE link_type = 'user' AND link_id = '" . $id . "' LIMIT 1");
  139. dbquery("DELETE FROM group_memberships WHERE userid = '" . $id . "'");
  140. dbquery("DELETE FROM groups_items WHERE owner_id = '" . $id . "'");
  141. dbquery("DELETE FROM groups WHERE ownerid = '" . $id . "'");
  142. dbquery("DELETE FROM bans WHERE bantype = 'user' AND value = '" . $Username . "'");
  143. dbquery("DELETE FROM chatlogs WHERE user_id = '" . $id . "'");
  144. }
  145.  
  146. /**************************************************************************************************/
  147.  
  148. function ValidateUser($username, $password)
  149. {
  150. return mysql_num_rows(dbquery("SELECT null FROM users WHERE username = '" . $username . "' AND password = '" . $password. "' LIMIT 1"));
  151. }
  152.  
  153. function UserHash($password, $username)
  154. {
  155. return sha1(md5($password) . strtolower($username));
  156. }
  157.  
  158. function HasNewCrypto($username)
  159. {
  160. if(mysql_result(mysql_query("SELECT newcrypto FROM users WHERE username = '" . $username . "'"), 0) == "0")
  161. {
  162. return true;
  163. }
  164. return false;
  165. }
  166.  
  167. function CryptoValidate($username, $password)
  168. {
  169. return mysql_num_rows(dbquery("SELECT null FROM users WHERE username = '" . $username . "' AND password = '" . $password. "' LIMIT 1"));
  170. }
  171.  
  172. /**************************************************************************************************/
  173.  
  174. function Name2id($username = '')
  175. {
  176. return @intval(mysql_result(dbquery("SELECT id FROM users WHERE username = '" . $username . "' LIMIT 1"), 0));
  177. }
  178.  
  179. function Id2name($id = -1)
  180. {
  181. if (isset($this->userCache[$id]['username']))
  182. {
  183. return $this->userCache[$id]['username'];
  184. }
  185.  
  186. $name = @mysql_result(dbquery("SELECT username FROM users WHERE id = '" . $id . "' LIMIT 1"), 0);
  187. $this->userCache[$id]['username'] = $name;
  188. return $name;
  189. }
  190.  
  191. /**************************************************************************************************/
  192.  
  193. function CacheUser($id)
  194. {
  195. $data = mysql_fetch_assoc(dbquery("SELECT * FROM users WHERE id = '" . $id . "' LIMIT 1"));
  196.  
  197. foreach ($data as $key => $value)
  198. {
  199. $this->userCache[$id][$key] = $value;
  200. }
  201. }
  202.  
  203. function GetUserVar($id, $var, $allowCache = true)
  204. {
  205. if ($allowCache && isset($this->userCache[$id][$var]))
  206. {
  207. return $this->userCache[$id][$var];
  208. }
  209.  
  210. $val = @mysql_result(dbquery("SELECT " . $var . " FROM users WHERE id = '" . $id . "' LIMIT 1"), 0);
  211. $this->userCache[$id][$var] = $val;
  212. return $val;
  213. }
  214.  
  215. // do not remove - still used in hk
  216. function formatUsername($id, $link = true, $styles = true)
  217. {
  218. $datas = dbquery("SELECT id,rank,username FROM users WHERE id = '" . $id . "' LIMIT 1");
  219.  
  220. if (mysql_num_rows($datas) == 0)
  221. {
  222. return '<s>Unknown User</s>';
  223. }
  224.  
  225. $data = mysql_fetch_assoc($datas);
  226.  
  227. $prefix = '';
  228. $name = $data['username'];
  229. $suffix = '';
  230.  
  231. if ($link)
  232. {
  233. $prefix .= '<a href="/home/' . clean($data['username']) . '" target="_blank">';
  234. $suffix .= '</a>';
  235. }
  236.  
  237. if ($styles)
  238. {
  239. $rank = $this->getRank($id);
  240.  
  241. }
  242.  
  243. return clean($prefix . $name . $suffix, true);
  244. }
  245. // do not remove - still used in hk
  246.  
  247. /**************************************************************************************************/
  248.  
  249. function getRank($id)
  250. {
  251. if (isset($this->userCache[$id]['rank']))
  252. {
  253. return $this->userCache[$id]['rank'];
  254. }
  255.  
  256. $rankId = @intval(mysql_result(dbquery("SELECT rank FROM users WHERE id = '" . intval($id) . "' LIMIT 1"), 0));
  257. $this->userCache[$id]['rank'] = $rankId;
  258. return $rankId;
  259. }
  260.  
  261. function getRankVar($rankId, $var)
  262. {
  263. return mysql_result(dbquery("SELECT " . $var . " FROM ranks WHERE id = '" . intval($rankId) . "' LIMIT 1"), 0);
  264. }
  265.  
  266. function getRankName($rankId)
  267. {
  268. return $this->getRankVar($rankId, 'name');
  269. }
  270.  
  271. function hasFuse($id, $fuse)
  272. {
  273. if (mysql_num_rows(dbquery("SELECT null FROM fuserights WHERE rank <= '" . $this->getRank($id) . "' AND fuse = '" . $fuse . "' LIMIT 1")) == 1)
  274. {
  275. return true;
  276. }
  277.  
  278. return false;
  279. }
  280.  
  281. /**************************************************************************************************/
  282.  
  283. function GetFriendCount($id, $onlineOnly = false)
  284. {
  285. $i = 0;
  286. $q = dbquery("SELECT user_two_id FROM messenger_friendships WHERE user_one_id = '" . $id . "'");
  287.  
  288. while ($friend = mysql_fetch_assoc($q))
  289. {
  290. if (!$onlineOnly)
  291. {
  292. $i++;
  293. }
  294. else
  295. {
  296. $isOnline = mysql_result(dbquery("SELECT online FROM users WHERE id = '" . $friend['user_two'] . "' LIMIT 1"), 0);
  297.  
  298. if ($isOnline == "1")
  299. {
  300. $i++;
  301. }
  302. }
  303. }
  304.  
  305. return $i;
  306. }
  307.  
  308. /**************************************************************************************************/
  309.  
  310. function CheckSSO($id)
  311. {
  312. global $core;
  313.  
  314. if (strlen($this->getUserVar($id, 'auth_ticket')) <= 3)
  315. {
  316. dbquery("UPDATE users SET auth_ticket = '" . $core->generateTicket($this->getUserVar($id, 'username')) . "' WHERE id = '" . $id . "' LIMIT 1");
  317. }
  318. }
  319.  
  320. /**************************************************************************************************/
  321.  
  322. function getCredits($id)
  323. {
  324. return $this->getUserVar($id, 'credits');
  325. }
  326.  
  327. function setCredits($id, $newAmount)
  328. {
  329. global $core;
  330.  
  331. dbquery("UPDATE users SET credits = '" . $newAmount. "' WHERE id = '" . $id . "' LIMIT 1");
  332. $core->Mus('updateCredits:' . $id);
  333. }
  334.  
  335. function giveCredits($id, $amount)
  336. {
  337. global $core;
  338.  
  339. return $this->setCredits($id, ($this->getCredits($id) + $amount));
  340. $core->Mus('updateCredits:' . $id);
  341. }
  342.  
  343. function takeCredits($id, $amount)
  344. {
  345. global $core;
  346.  
  347. return $this->setCredits($id, ($this->getCredits($id) - $amount));
  348. $core->Mus('updateCredits:' . $id);
  349. }
  350.  
  351. function renderHabboImage($id, $size = 'b', $dir = 2, $head_dir = 3, $action = 'wlk', $gesture = 'sml')
  352. {
  353. $look = $this->getUserVar($id, 'look');
  354.  
  355. return 'http://www.habbo.nl/habbo-imaging/avatarimage?figure=' . $look . '&size=' . $size . '&action=' . $action . ',&gesture=' . $gesture . '&direction=' . $dir . '&head_direction=' . $head_dir;
  356. }
  357.  
  358. function getClubDays($id)
  359. {
  360. $sql = dbquery("SELECT timestamp_activated, timestamp_expire FROM user_subscriptions WHERE subscription_id = 'habbo_club' AND user_id = '" . $id . "' LIMIT 1");
  361.  
  362. if (mysql_num_rows($sql) == 0)
  363. {
  364. return 0;
  365. }
  366.  
  367. $data = mysql_fetch_assoc($sql);
  368. $diff = $data['timestamp_expire'] - time();
  369.  
  370. if ($diff <= 0)
  371. {
  372. return 0;
  373. }
  374.  
  375. return ceil($diff / 86400);
  376. }
  377.  
  378. function hasClub($id)
  379. {
  380. return ($this->getClubDays($id) > 0) ? true : false;
  381. }
  382.  
  383. /**************************************************************************************************/
  384.  
  385. public static function IsUserBanned($name)
  386. {
  387. if (uberUsers::GetBan('user', $name, true) != null)
  388. {
  389. return true;
  390. }
  391.  
  392. return false;
  393. }
  394.  
  395. public static function IsIpBanned($ip)
  396. {
  397. if (uberUsers::GetBan('ip', $ip, true) != null)
  398. {
  399. return true;
  400. }
  401.  
  402. return false;
  403. }
  404.  
  405. public static function GetBan($type, $value, $mustNotBeExpired = false)
  406. {
  407. $q = "SELECT * FROM bans WHERE bantype = '" . $type . "' AND value = '" . $value . "' ";
  408.  
  409. if ($mustNotBeExpired)
  410. {
  411. $q .= "AND expire > " . time() . " ";
  412. }
  413.  
  414. $q .= "LIMIT 1";
  415.  
  416. $get = dbquery($q);
  417.  
  418. if (mysql_num_rows($get) > 0)
  419. {
  420. return mysql_fetch_assoc($get);
  421. }
  422.  
  423. return null;
  424. }
  425.  
  426.  
  427. /**************************************************************************************************/
  428.  
  429. public static function GetUserTags($userId)
  430. {
  431. $tagsArray = Array();
  432. $data = dbquery("SELECT id,tag FROM user_tags WHERE user_id = '" . $userId . "'");
  433.  
  434. while ($tag = mysql_fetch_assoc($data))
  435. {
  436. $tagsArray[$tag['id']] = $tag['tag'];
  437. }
  438.  
  439. return $tagsArray;
  440. }
  441.  
  442. public static function Is_Online($userId)
  443. {
  444. $result = dbquery("SELECT `online` FROM `users` WHERE `id` = '".$userId."' LIMIT 1");
  445. $row = mysql_fetch_assoc($result);
  446. return $row['online'];
  447. }
  448.  
  449. public static function uon($userId)
  450. {
  451. return (mysql_num_rows(mysql_query("SELECT `userid` FROM `user_online` WHERE `userid` = '" . $userId . "'")) ? true : false);
  452. }
  453.  
  454. public function EatCredits($id, $credits, $restar = true)
  455. {
  456. if($restar)
  457. {
  458. dbquery("UPDATE users SET credits = credits - ".$credits." WHERE id = '".$id."' LIMIT 1");
  459. }
  460. else
  461. {
  462. dbquery("UPDATE users SET credits = ".$credits." WHERE id = '".$id."' LIMIT 1");
  463. }
  464. return true;
  465. }
  466.  
  467. public static function haveGroupWidget($Id = USER_ID, $GroupId, $var)
  468. {
  469. $check = mysql_num_rows(dbquery("SELECT id FROM groups_items WHERE data = '" . $var . "' AND group_id = '" . $GroupId . "' AND owner_id = '" . $Id . "' LIMIT 1"));
  470.  
  471. if($check > 0)
  472. {
  473. return true;
  474. }
  475. else
  476. {
  477. return false;
  478. }
  479. }
  480.  
  481. public static function haveWidget($Id, $var)
  482. {
  483. $check = mysql_num_rows(dbquery("SELECT id FROM homes_items WHERE data = '" . $var . "' AND owner_id = '" . $Id . "' LIMIT 1"));
  484.  
  485. if($check > 0)
  486. {
  487. return true;
  488. }
  489. else
  490. {
  491. return false;
  492. }
  493. }
  494.  
  495. public static function newItem($userId, $groupId, $x, $y, $z, $data, $skin, $content, $type, $link = '0')
  496. {
  497. dbquery("INSERT INTO groups_items (group_id, type, x, y, z, data, skin, owner_id, link) VALUES ('".$groupId."', '".$type."', '".$x."', '".$y."', '".$z."', '".(!empty($data) ? $data : $content)."', '".$skin."', '".$userId."', '".$link."')");
  498. return true;
  499. }
  500.  
  501. public static function link2group($link)
  502. {
  503. $data = mysql_fetch_array(dbquery("SELECT id FROM groups WHERE id = '".$link."';"));
  504. return $data['id'];
  505. }
  506.  
  507. public static function GroupExists($id)
  508. {
  509. $data = mysql_fetch_array(dbquery("SELECT COUNT(id) AS count FROM groups WHERE id = '".$id."';"));
  510. if($data['count'] > 0)
  511. {
  512. return true;
  513. }
  514. }
  515.  
  516. public function IsUserOnline($id = USER_ID, $numbers = false)
  517. {
  518. $CheckOnline = mysql_result(dbquery("SELECT online FROM users WHERE id = '".$id."' LIMIT 1"), 0);
  519. if($CheckOnline == '1') {
  520. return true;
  521. } else {
  522. return false;
  523. }
  524. }
  525. }
  526.  
  527. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!