<?php $sessionID = $_GET["sessionID"]; $actionget = $_GET["action"]; $user = $_G

1. <?php $sessionID = $_GET["sessionID"]; $actionget = $_GET["action"]; $user = $_GET["user"]; $password = $_GET["password"]; $registerkey = $_GET["registerkey"]; if (empty($sessionID)) die ("ERROR:INVALID_SESSION_ID"); $action = new action; if ($actionget == "connect") $response = $action->connect($user, $password); elseif ($actionget == "register") $response = $action->register($user, $password, $registerkey); else $response = "ERROR:NO_ACTION"; echo rc4($sessionID, $response); class action { public $bdd; public function action() { try { $this->bdd = new PDO('mysql:host=localhost;dbname=NOM DE TA BASE', 'USER DE TA BASE', 'MDP DE TA BASE DE DONNÉ'); } catch (Exception $ex) { die('ERROR:ERROR_BDD_CONNECTION'); } } public function connect($user, $pass) { if (!$this->userExist($user)) return ("ERROR:USER_NOT_FOUND"); $data = $this->executeQuery("SELECT * FROM Users WHERE User = ?;", array($user)); if ($data['Password'] != $pass) return ("ERROR:INCORRECT_PASSWORD"); elseif ($data['Banned'] == 1) return ("ERROR:USER_BANNED"); Else Return ("OK:") . $data['Premium']; } public function register($user, $pass, $registerkey) { $data = $this->executeQuery("SELECT * FROM RegisterKeys WHERE RegisterKey = ?;", array($registerkey)); if (empty($data['RegisterKey'])) return ("ERROR:INVALID_KEY"); if (!empty($data['User'])) return ("ERROR:KEY_ALREADY_USED"); if ($this->userExist($user)) return ("ERROR:USER_ALREADY_EXIST"); $this->executeQuery("INSERT INTO Users VALUES ('', ?, ?, '0', '0', ?);", array($user, $pass, getTime())); $this->executeQuery("UPDATE RegisterKeys SET User = ? WHERE RegisterKey = ?;", array($user, $registerkey)); return ("OK:REGISTERED"); } private function userExist($user) { $data = $this->executeQuery("SELECT * FROM Users WHERE User = ?;", array($user)); if (empty($data['User'])) return (false); Else return (true); } private function executeQuery($query, $args, $fetch = true) { $response = $this->bdd->prepare($query); $response->execute($args); if ($fetch) { $data = $response->fetch(); $response->closeCursor(); return ($data); } else Return ($response); } } function rc4($key, $str) { $s = array(); for ($i = 0; $i < 256; $i++) { $s[$i] = $i; } $j = 0; for ($i = 0; $i < 256; $i++) { $j = ($j + $s[$i] + ord($key[$i % strlen($key)])) % 256; $x = $s[$i]; $s[$i] = $s[$j]; $s[$j] = $x; } $i = 0; $j = 0; $res = ''; for ($y = 0; $y < strlen($str); $y++) { $i = ($i + 1) % 256; $j = ($j + $s[$i]) % 256; $x = $s[$i]; $s[$i] = $s[$j]; $s[$j] = $x; $res .= $str[$y] ^ chr($s[($s[$i] + $s[$j]) % 256]); } return $res; } function getTime() { date_default_timezone_get('Europe/Paris'); return date("Y-m-d h:i:s"); } ?>