<?phpfunction isValidIp($ip){ if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{

1. <?php
2. function isValidIp($ip)
3. {
4. if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(/[0-9]{1,2}){0,1}$", $ip))
5. $return = false;
6. else
7. $return = true;
8.  
9. if($return == true)
10. {
11. $parts = explode("/", $cidr);
12. $ip = $parts[0];
13. $netmask = $parts[1];
14. $octets = explode(".", $ip);
15.  
16. foreach($octets AS $octet)
17. if($octet > 255)
18. $return = false;
19.  
20. if(($netmask != "") && ($netmask > 32))
21. $return = false;
22. }
23.  
24. return $return;
25.  
26. }
27.  
28. function isValidEmail($value)
29. {
30. $pattern = "/^([a-zA-Z0-9])+([\.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)+/";
31. return preg_match($pattern, $value);
32. }
33.  
34. class conndb
35. {
36. private $mysql;
37.  
38. public function __construct($db_host="localhost", $db_port="3306", $db_user="root", $db_pass="fr6truspak", $db_name="blah")
39. {
40. $this->mysql = @mysql_connect($db_host.":".$db_port, $db_user, $db_pass, true) or die('Unable to connect to database');
41. mysql_select_db($db_name,$this->mysql) or die(mysql_error());
42. }
43.  
44. public function __destruct()
45. {
46. @mysql_close($this->mysql) or die(mysql_error());
47. }
48.  
49. public function send($query)
50. {
51. @mysql_query($query,$this->mysql) or die(mysql_error());
52. }
53.  
54. public function retrieve($query)
55. {
56. $sql = @mysql_query($query,$this->mysql) or die(mysql_error());
57. return $sql;
58. }
59. }
60.  
61. class account
62. {
63. private $mysql;
64.  
65. public function __construct($account_db_conn)
66. {
67. $this->mysql = $account_db_conn;
68. }
69.  
70. public function isLoggedIn($ip)
71. {
72. $ip = mysql_real_escape_string($ip);
73. if(!isValidIp($ip))
74. return false;
75.  
76. $sql = $this->mysql->retrieve("SELECT `date` FROM `logins` WHERE `ip` = INET_ATON('".$ip."') LIMIT 1");
77. $row = mysql_fetch_array($sql);
78. $one_min_ago = time() - 300;
79. if(($row['date']) && ($row['date'] > $one_min_ago) && ($row['date'] < time()))
80. return true;
81. else
82. return false;
83. }
84.  
85. public function validate($ip)
86. {
87. $ip = mysql_real_escape_string($ip);
88. if(!isValidIp($ip))
89. return false;
90.  
91. $this->mysql->send("INSERT INTO `logins` (ip, date) VALUES (INET_ATON('".$ip."'),'".time()."')");
92. }
93.  
94. public function devalidate($ip)
95. {
96. $ip = mysql_real_escape_string($ip);
97. if(!isValidIp($ip))
98. return false;
99.  
100. $this->mysql->send("DELETE FROM `logins` WHERE ip=INET_ATON('".$ip."') LIMIT 1");
101. }
102.  
103. public function register($username, $password, $user_email)
104. {
105. define('IN_PHPBB', true);
106. $phpbb_root_path = '../';
107.  
108. $phpEx = substr(strrchr(__FILE__, '.'), 1);
109. include($phpbb_root_path . 'includes/functions_user.php');
110. include($phpbb_root_path . 'includes/ucp/ucp_register.php');
111. $username_clean=strtolower($username);
112.  
113. $sql_ary = array(
114. 'username' => $username,
115. 'username_clean' => $username_clean,
116. 'user_password' => phpbb_hash($password),
117. 'user_pass_convert' => 0,
118. 'user_email' => $user_email,
119. 'user_email_hash' => crc32(strtolower($user_email)) . strlen($user_email),
120. 'group_id' => 2,
121. 'user_type' => 0,
122. );
123. return user_add($sql_ary);
124. }
125. }
126.  
127. class regcode
128. {
129. private $mysql;
130.  
131. public function __construct($db_conn)
132. {
133. $this->mysql = $db_conn;
134. }
135.  
136. public function isValidRegCode($reg_code)
137. {
138. $sql = $this->mysql->retrieve("SELECT * FROM `regcodes` WHERE `regcode` = '".$reg_code."' LIMIT 1");
139. $row = mysql_fetch_array($sql);
140. if(empty($row['regcode']))
141. return false;
142.  
143. if($this->is_banned($row['creator']))
144. return false;
145.  
146. if(is_numeric($row['owner']))
147. return false;
148.  
149. return true;
150. }
151.  
152. public function is_banned($account_id)
153. {
154. $sql = $this->mysql->retrieve("SELECT * FROM `phpbb_banlist` WHERE `ban_userid` = '".$account_id."'");
155. while($row = mysql_fetch_array($sql))
156. {
157. if(($row['ban_start'] < time() && $row['ban_end'] > time()) || $row['ban_end']==0)
158. return true;
159. }
160. return false;
161. }
162.  
163. public function generateRegCode($account_id)
164. {
165. $code = md5(uniqid());
166. $this->mysql->send("INSERT INTO `regcodes` (regcode, creator, date_created) VALUES ('".$code."','".$account_id."','".time()."')");
167. return $code;
168. }
169.  
170. public function calculateK($account_id)
171. {
172. $k = 0;
173. $sql = $this->mysql->retrieve("SELECT * FROM `regcodes` WHERE `creator` = '".$account_id."' AND `owner`='0'");
174. while($row = mysql_fetch_array($sql))
175. {
176. $k++;
177. }
178. return k;
179. }
180.  
181. public function viewRegCodes($account_id)
182. {
183. $sql = $this->mysql->retrieve("SELECT * FROM `regcodes` WHERE `creator` = '".$account_id."'");
184. $i = 1; // IDENTIFIER
185. $j = 0; // COUNTER: how many codes generated this function, updated
186. $k = 0; // COUNTER: how many unused codes account has when calculated, not updated
187. $g = 0; // COUNTER: how many codes POSSIBLY left to generate, updated
188. while($row = mysql_fetch_array($sql))
189. {
190. $reg_codes[$i]['reg_code'] = $this->getRegCodeAsArray($row['regcode']);
191. $reg_codes[$i]['status'] = $this->getRegCodeStatus($row['regcode']);
192. $reg_codes[$i]['date_created'] = $row['date_created'];
193. $reg_codes[$i]['owner'] = $row['owner'];
194. $reg_codes[$i]['date_owned'] = $row['date_owned'];
195. $i++;
196. }
197. $k = $this->calculateK($account_id);
198. if($k > 1) // Reg codes must be used before you get more
199. return $reg_codes;
200.  
201. if(!is_array($reg_codes)) // New user: set up new reg codes
202. {
203. while($j < 2)
204. {
205. $this->generateRegCode($account_id);
206. $j++;
207. }
208. }
209.  
210. while($i > 1)
211. {
212. $diff = time() - $reg_codes[$i]['date_created'];
213. $g = $k - $j;
214. if(($diff > 1209600 || $diff < 0) && $g > 0)
215. {
216. $this->generateRegCode($account_id);
217. $j++;
218. }
219. $i--;
220. }
221. if($j > 0)
222. return $this->viewRegCodes($account_id);
223. else
224. return $reg_codes;
225. }
226.  
227. public function getRegCodeStatus($reg_code)
228. {
229. $sql = $this->mysql->retrieve("SELECT * FROM `regcodes` WHERE `regcode` = '".$reg_code."' LIMIT 1");
230. $row = mysql_fetch_array($sql);
231. if($row['owner'] > 0)
232. return 0;
233.  
234. if($row['owner'] > 0 && $this->is_banned($row['owner']))
235. return 3;
236.  
237. if(is_numeric($row['creator']) && !is_numeric($this->getRegCodeOwner($reg_code)))
238. if($this->is_banned($row['creator']))
239. return 2;
240.  
241. return 1;
242. }
243.  
244. public function getRegCodeCreator($reg_code)
245. {
246. $sql = $this->mysql->retrieve("SELECT creator FROM `regcodes` WHERE `regcode` = '".$reg_code."' LIMIT 1");
247. $row = mysql_fetch_array($sql);
248. return $row['creator'];
249. }
250.  
251. public function getRegCodeOwner($reg_code)
252. {
253. $sql = $this->mysql->retrieve("SELECT owner FROM `regcodes` WHERE `regcode` = '".$reg_code."' LIMIT 1");
254. $row = mysql_fetch_array($sql);
255. return $row['owner'];
256. }
257.  
258. public function setRegCodeOwner($reg_code, $owner)
259. {
260. $this->mysql->send("UPDATE `regcodes` SET owner='".$owner."' WHERE regcode='".$reg_code."' LIMIT 1");
261. }
262.  
263. public function getRegCodeAsArray($reg_code)
264. {
265. $code[1] = substr($reg_code, 0, 4);
266. $code[2] = substr($reg_code, 4, 3);
267. $code[3] = substr($reg_code, 7, 5);
268. $code[4] = substr($reg_code, 12, 20);
269. return $code;
270. }
271. }
272. ?>