Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $licence = substr(base64_decode($_POST["licence"]), 0, -8);
- $hwid = substr(base64_decode($_POST["hwid"]), 0, -8);
- $db_user = "u155468569_admin";
- $db_name = "u155468569_kappa";
- $db_host = "mysql.hostinger.co.uk";
- $db_pass = "11233240";
- if (isset($licence) == false) {
- echo("bad");
- return;
- }
- if (isBadInput($licence) or isBadInput($hwid)) {
- echo("bad");
- return;
- }
- if (checkAuth()) {
- echo("ok");
- } else {
- echo("bad");
- }
- return;
- function checkAuth() {
- if (checkLic()) {
- if (needNewHWID()) {
- setHwid();
- return true;
- }
- if (checkHwid()) {
- return true;
- }
- }
- return false;
- }
- function checkLic() {
- // Create connection
- $conn = new mysqli($db_name, $db_user, $db_pass, $db_name);
- // Check connection
- if ($conn->connect_error) {
- die("Connection failed: " . $conn->connect_error);
- }
- if ($verify = $conn->prepare("SELECT * FROM users WHERE licence=?")) {
- $verify->bind_param('s', $licence);
- $verify->execute();
- $result = $verify->get_result();
- if ($result->num_rows > 0) {
- while ($row = $result->fetch_assoc()) {
- if ($row["licence"] == $licence) {
- return true;
- }
- }
- }
- }
- $conn->close();
- return false;
- }
- function checkHwid() {
- // Create connection
- $conn = new mysqli($db_name, $db_user, $db_pass, $db_name);
- // Check connection
- if ($conn->connect_error) {
- die("Connection failed: " . $conn->connect_error);
- }
- if ($verify = $conn->prepare("SELECT hwid FROM users WHERE hwid=?")) {
- $verify->bind_param('s', $hwid);
- $verify->execute();
- $result = $verify->get_result();
- if ($result->num_rows > 0) {
- while ($row = $result->fetch_assoc()) {
- if ($row["hwid"] == $hwid) {
- return true;
- }
- }
- }
- }
- $conn->close();
- return false;
- }
- function setHWID() {
- // Create connection
- $conn = new mysqli($db_name, $db_user, $db_pass, $db_name);
- // Check connection
- if ($conn->connect_error) {
- die("Connection failed: " . $conn->connect_error);
- }
- if ($verify = $conn->prepare("UPDATE users SET hwid = ? WHERE licence=?")) {
- if (isset($verify) == false) {
- $conn->close();
- return false;
- }
- $verify->bind_param('ss', $hwid, $licence);
- $verify->execute();
- }
- $conn->close();
- }
- function needNewHWID() {
- // Create connection
- $conn = new mysqli($db_name, $db_user, $db_pass, $db_name);
- // Check connection
- if ($conn->connect_error) {
- die("Connection failed: " . $conn->connect_error);
- }
- if ($verify = $conn->prepare("SELECT hwid FROM users WHERE licence=?")) {
- $verify->bind_param('s', $licence);
- $verify->execute();
- $result = $verify->get_result();
- if ($result->num_rows > 0) {
- while ($row = $result->fetch_assoc()) {
- if ($row["hwid"] == "notset") {
- return true;
- }
- }
- }
- }
- $conn->close();
- return false;
- }
- function isBadInput() {
- if (strlen($input) > 30) {
- return true;
- }
- if (strpos(strtolower($input), 'where') !== false or
- strpos(strtolower($input), 'insert into') !== false or
- strpos(strtolower($input), 'from') !== false or
- strpos(strtolower($input), 'update') !== false or
- strpos(strtolower($input), 'set') !== false) {
- return true;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement