Guest User

model.account.php

a guest
May 12th, 2021
48
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.     in_file();
  3.  
  4.     class Maccount extends model
  5.     {
  6.         private $activation = 0;
  7.         private $activation_code;
  8.         private $password;
  9.         public $error = false, $vars = [];
  10.         private $logs = [];
  11.  
  12.         public function __contruct()
  13.         {
  14.             parent::__construct();
  15.         }
  16.  
  17.         public function __set($key, $val)
  18.         {
  19.             $this->vars[$key] = $val;
  20.         }
  21.  
  22.         public function __isset($name)
  23.         {
  24.             return isset($this->vars[$name]);
  25.         }
  26.  
  27.         public function valid_username($name, $symbols = 'a-zA-Z0-9_-', $len = [3, 10])
  28.         {  
  29.             return preg_match('/^[' . $symbols . ']{' . $len[0] . ',' . $len[1] . '}+$/', $name);
  30.         }
  31.  
  32.         public function valid_id($name, $symbols = '0-9', $len = [1, 5])
  33.         {
  34.             return preg_match('/^[' . $symbols . ']{' . $len[0] . ',' . $len[1] . '}+$/', $name);
  35.         }                                                              
  36.         public function valid_password($password, $symbols = '\w\W', $len = [3, 32])
  37.         {
  38.             return preg_match('/^[' . $symbols . ']{' . $len[0] . ',' . $len[1] . '}+$/', $password);
  39.         }
  40.  
  41.         public function test_password_strength($password, $len = [3, 10], $requirements = false)
  42.         {
  43.             if(strlen($password) < $len[0]){
  44.                 $this->vars['errors'][] = sprintf(__('The password you entered is too short. Minimum length %d'), $len[0]);
  45.             }
  46.             if(strlen($password) > $len[1]){
  47.                 $this->vars['errors'][] = sprintf(__('The password you entered is too long. Maximum length %d'), $len[1]);
  48.             }
  49.             if($requirements['atleast_one_lowercase'] == 1){
  50.                 if(!preg_match("/[a-z]+/", $password)){
  51.                     $this->vars['errors'][] = __('Password should contain atleast one lowercase letter.');
  52.                 }
  53.             }
  54.             if($requirements['atleast_one_uppercase'] == 1){
  55.                 if(!preg_match("/[A-Z]+/", $password)){
  56.                     $this->vars['errors'][] = __('Password should contain atleast one uppercase letter.');
  57.                 }
  58.             }
  59.             if($requirements['atleast_one_number'] == 1){
  60.                 if(!preg_match("/[0-9]+/", $password)){
  61.                     $this->vars['errors'][] = __('Password should contain atleast one number.');
  62.                 }
  63.             }
  64.             if($requirements['atleast_one_symbol'] == 1){
  65.                 if(!preg_match("/\W+/", $password)){
  66.                     $this->vars['errors'][] = __('Password should contain atleast one symbol.');
  67.                 }
  68.             }
  69.         }
  70.  
  71.         public function generate_password($min_length = 4, $max_length = 10, $requirements = false)
  72.         {
  73.             $chars = '';
  74.             if($requirements['atleast_one_lowercase'] == 1){
  75.                 $chars .= 'abcdefghijklmnopqrstuvwxyz';
  76.             }
  77.             if($requirements['atleast_one_uppercase'] == 1){
  78.                 $chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
  79.             }
  80.             if($requirements['atleast_one_number'] == 1){
  81.                 $chars .= '0123456789';
  82.             }
  83.             if($requirements['atleast_one_symbol'] == 1){
  84.                 $chars .= '-=~@#$%^&*()_+,./<>?;:[]{}\|';
  85.             }
  86.             if($requirements['atleast_one_lowercase'] == 0 && $requirements['atleast_one_uppercase'] == 0 && $requirements['atleast_one_number'] == 0 && $requirements['atleast_one_symbol'] == 0){
  87.                 $chars .= 'abcdefghijklmnopqrstuvwxyz';
  88.             }
  89.             $password = '';
  90.             $alphabet_len = strlen($chars);
  91.             $password_len = mt_rand($min_length + 1, $max_length);
  92.             $random = openssl_random_pseudo_bytes($password_len);
  93.             for($i = 0; $i < $password_len; $i++){
  94.                 $password .= $chars[ord($random[$i]) % $alphabet_len];
  95.             }
  96.             return $password;
  97.         }
  98.  
  99.         public static function valid_email($email)
  100.         {
  101.             return filter_var($email, FILTER_VALIDATE_EMAIL);
  102.         }
  103.  
  104.         public function check_if_validated($email)
  105.         {
  106.             $stmt = $this->account_db->prepare('SELECT memb___id, memb__pwd, activated, activation_id FROM MEMB_INFO WHERE mail_addr = :email');
  107.             $stmt->execute([':email' => $email]);
  108.             return $stmt->fetch();
  109.         }
  110.  
  111.         public function check_duplicate_account($name)
  112.         {
  113.             $stmt = $this->account_db->prepare('SELECT memb___id FROM MEMB_INFO WHERE (memb___id Collate Database_Default = :username Collate Database_Default)');
  114.             $stmt->execute([':username' => $name]);
  115.             return ($stmt->fetch()) ? true : false;
  116.         }
  117.  
  118.         public function check_duplicate_email($email)
  119.         {
  120.             $stmt = $this->account_db->prepare('SELECT memb___id FROM MEMB_INFO WHERE mail_addr = :email');
  121.             $stmt->execute([':email' => $email]);
  122.             return ($stmt->fetch()) ? true : false;
  123.         }
  124.  
  125.         public function check_acc_by_guid($id)
  126.         {
  127.             $stmt = $this->website->db('account')->prepare('SELECT memb___id, mail_addr FROM MEMB_INFO WHERE memb_guid = :id');
  128.             $stmt->execute([':id' => $id]);
  129.             return $stmt->fetch();
  130.         }
  131.  
  132.  
  133.         public function set_activation($status)
  134.         {
  135.             $this->activation = $status;
  136.         }
  137.  
  138.         public function prepare_account($req_email = 1, $req_secret = 0)
  139.         {
  140.             $this->activation_code = strtoupper(sha1(microtime()));
  141.             if($this->activation == 1){
  142.                 if($this->send_activation_email()){
  143.                     return $this->create_account($req_email, $req_secret);
  144.                 }
  145.             } else{
  146.                 if($this->create_account($req_email, $req_secret)){
  147.                     if($this->config->values('email_config', 'welcome_email') == 1 && $req_email == 1){
  148.                         $this->send_welcome_email($this->vars['user'], $this->vars['email']);
  149.                     }
  150.                     return true;
  151.                 }
  152.             }
  153.             return false;
  154.         }
  155.  
  156.         public function create_account($req_email = 1, $req_secret = 0)
  157.         {
  158.             if(MD5 == 1){
  159.                 $prepare = $this->account_db->prepare('SET NOCOUNT ON;EXEC DmN_Check_Acc_MD5 :user, :pass');
  160.                 $prepare->execute([':user' => $this->vars['user'], ':pass' => $this->vars['pass']]);
  161.                 $pw = $prepare->fetch();
  162.                 if($pw == false){
  163.                     $prepare = $this->account_db->prepare('EXEC DmN_Check_Acc_MD5 :user, :pass');
  164.                     $prepare->execute([':user' => $this->vars['user'], ':pass' => $this->vars['pass']]);
  165.                     $pw = $prepare->fetch();
  166.                 }
  167.                 $pw = (!$this->is_hex($pw['result'])) ? '0x' . strtoupper(bin2hex($pw['result'])) : '0x' . $pw['result'];
  168.             } else if(MD5 == 2){
  169.                 $pw = md5($this->vars['pass']);
  170.             } else{
  171.                 $pw = $this->vars['pass'];
  172.             }
  173.             $data = [];
  174.             $data[] = ['field' => 'memb___id', 'value' => $this->vars['user'], 'type' => 's'];
  175.             $data[] = ['field' => 'memb__pwd', 'value' => $pw, 'type' => (MD5 == 1) ? 'v' : 's'];
  176.             $data[] = ['field' => 'memb_name', 'value' => $this->vars['user'], 'type' => 's'];
  177.             $data[] = ['field' => 'sno__numb', 'value' => str_repeat(1, 13), 'type' => 's'];
  178.             $data[] = ['field' => 'post_code', 'value' => '1234', 'type' => 's'];
  179.             $data[] = ['field' => 'addr_info', 'value' => '11111', 'type' => 's'];
  180.             $data[] = ['field' => 'addr_deta', 'value' => '12343', 'type' => 's'];
  181.             if($req_email){
  182.                 $data[] = ['field' => 'mail_addr', 'value' => $this->vars['email'], 'type' => 's'];
  183.             }
  184.             if($req_secret){
  185.                 $data[] = ['field' => 'fpas_ques', 'value' => $this->vars['fpas_ques'], 'type' => 's'];
  186.                 $data[] = ['field' => 'fpas_answ', 'value' => $this->vars['fpas_answ'], 'type' => 's'];
  187.             }
  188.             $data[] = ['field' => 'phon_numb', 'value' => '12345', 'type' => 's'];
  189.             $data[] = ['field' => 'job__code', 'value' => '1', 'type' => 's'];
  190.             $data[] = ['field' => 'appl_days', 'value' => time(), 'type' => 'd'];
  191.             $data[] = ['field' => 'modi_days', 'value' => time(), 'type' => 'ds'];
  192.             $data[] = ['field' => 'out__days', 'value' => time(), 'type' => 'ds'];
  193.             $data[] = ['field' => 'true_days', 'value' => time(), 'type' => 'ds'];
  194.             $data[] = ['field' => 'mail_chek', 'value' => '1', 'type' => 's'];
  195.             $data[] = ['field' => 'bloc_code', 'value' => '0', 'type' => 's'];
  196.             $data[] = ['field' => 'ctl1_code', 'value' => '0', 'type' => 's'];
  197.             $data[] = ['field' => 'activated', 'value' => ($this->activation == 1) ? 0 : 1, 'type' => 'i'];
  198.             $data[] = ['field' => 'activation_id', 'value' => $this->activation_code, 'type' => 's'];
  199.             $data[] = ['field' => 'country', 'value' => get_country_code(ip()), 'type' => 's'];
  200.             $prepare = $this->account_db->prepare($this->account_db->get_insert('MEMB_INFO', $data));
  201.             return $prepare->execute();
  202.         }
  203.  
  204.         public function insert_referrer($referrer)
  205.         {
  206.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Refferals (refferer, refferal, date_reffered, refferal_ip) VALUES (:referrer, :referral, GETDATE(), :ip)');
  207.             $stmt->execute([':referrer' => $referrer, ':referral' => $this->vars['user'], ':ip' => $this->website->ip()]);
  208.         }
  209.  
  210.         public function check_referral_ip()
  211.         {
  212.             $stmt = $this->account_db->prepare('SELECT memb_guid FROM MEMB_INFO WHERE last_login_ip = :ip');
  213.             $stmt->execute([':ip' => $this->website->ip()]);
  214.             if($stmt->fetch()){
  215.                 return true;
  216.             }
  217.             return false;
  218.         }
  219.  
  220.         public function add_ref_reward_after_reg($referrer)
  221.         {
  222.             $this->website->add_credits($referrer, $this->vars['ref_server'], $this->config->values('referral_config', 'reward_on_registration'), $this->config->values('referral_config', 'reward_type'));
  223.             $this->add_account_log('Reward for referring player ' . $this->website->translate_credits($this->config->values('referral_config', 'reward_type')), $this->config->values('referral_config', 'reward_on_registration'), $referrer, $this->vars['ref_server']);
  224.         }
  225.  
  226.         protected function send_activation_email()
  227.         {
  228.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'reg_email_pattern.html');
  229.             $body = str_replace('###USERNAME###', $this->vars['user'], $body);
  230.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  231.             $body = str_replace('###PASSWORD###', $this->vars['pass'], $body);
  232.             if($this->website->is_multiple_accounts() == true){
  233.                 $body = str_replace('###ACTIVATIONURL###', $this->config->base_url . 'registration/activation/' . $this->activation_code . '/' . $this->vars['server'], $body);
  234.             } else{
  235.                 $body = str_replace('###ACTIVATIONURL###', $this->config->base_url . 'registration/activation/' . $this->activation_code, $body);
  236.             }
  237.             $this->sendmail($this->vars['email'], 'Confirm Your Registration', $body);
  238.             if($this->error == false){
  239.                 return true;
  240.             } else{
  241.                 return false;
  242.             }
  243.         }
  244.  
  245.         public function resend_activation_email($email, $user, $pwd, $server = '', $code)
  246.         {
  247.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'reg_email_pattern_resend_activation.html');
  248.             $body = str_replace('###USERNAME###', $user, $body);
  249.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  250.             $body = (MD5 == 0) ? str_replace('###PASSWORD###', 'Password: ' . $pwd, $body) : str_replace('###PASSWORD###', '<br />', $body);
  251.             if($this->website->is_multiple_accounts() == true){
  252.                 $body = str_replace('###ACTIVATIONURL###', $this->config->base_url . 'registration/activation/' . $code . '/' . $server, $body);
  253.             } else{
  254.                 $body = str_replace('###ACTIVATIONURL###', $this->config->base_url . 'registration/activation/' . $code, $body);
  255.             }
  256.             $this->sendmail($email, 'Confirm Your Registration', $body);
  257.             if($this->error == false){
  258.                 return true;
  259.             } else{
  260.                 return false;
  261.             }
  262.         }
  263.  
  264.         public function send_welcome_email($user, $email)
  265.         {
  266.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'welcome_email_pattern.html');
  267.             $body = str_replace('###USERNAME###', $user, $body);
  268.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  269.             $body = str_replace('###LINK###', $this->config->base_url, $body);
  270.             $this->sendmail($email, 'Welcome to ' . $this->config->config_entry('main|servername'), $body);
  271.             if($this->error == false){
  272.                 return true;
  273.             } else{
  274.                 return false;
  275.             }
  276.         }
  277.  
  278.         public function sent_vip_purchase_email($user, $server, $email, $package_title, $time)
  279.         {
  280.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'vip_purchase_email_pattern.html');
  281.             $body = str_replace('###USERNAME###', $user, $body);
  282.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  283.             $body = str_replace('###LINK###', $this->config->base_url, $body);
  284.             $body = str_replace('###TIME###', date('d/m/Y H:i', $time), $body);
  285.             $body = str_replace('###PACKAGE_TITLE###', $package_title, $body);
  286.             $this->sendmail($email, 'You have successfully purchased vip!', $body);
  287.             if($this->error == false){
  288.                 return true;
  289.             } else{
  290.                 return false;
  291.             }
  292.         }
  293.  
  294.         public function sent_vip_extend_email($user, $server, $email, $package_title, $time)
  295.         {
  296.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'vip_extend_email_pattern.html');
  297.             $body = str_replace('###USERNAME###', $user, $body);
  298.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  299.             $body = str_replace('###LINK###', $this->config->base_url, $body);
  300.             $body = str_replace('###TIME###', date('d/m/Y H:i', $time), $body);
  301.             $body = str_replace('###PACKAGE_TITLE###', $package_title, $body);
  302.             $this->sendmail($email, 'You have successfully extended your vip!', $body);
  303.             if($this->error == false){
  304.                 return true;
  305.             } else{
  306.                 return false;
  307.             }
  308.         }
  309.  
  310.         public function send_email_confirmation()
  311.         {
  312.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'email_confirmation_pattern.html');
  313.             $body = str_replace('###USERNAME###', $this->session->userdata(['user' => 'username']), $body);
  314.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  315.             $body = str_replace('###IP###', $this->website->ip(), $body);
  316.             $body = str_replace('###URL###', $this->config->base_url . 'account-panel/email-confirm/' . $this->activation_code, $body);
  317.             $this->sendmail($this->vars['email'], 'Email Confirmation', $body);
  318.             if($this->error == false){
  319.                 return true;
  320.             } else{
  321.                 return false;
  322.             }
  323.         }
  324.  
  325.         protected function send_master_key_recovery_email()
  326.         {
  327.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'master_key_recovery_pattern.html');
  328.             $body = str_replace('###USERNAME###', $this->session->userdata(['user' => 'username']), $body);
  329.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  330.             $body = str_replace('###MASTERKEY###', $this->vars['master_key']['MasterKey'], $body);
  331.             $this->sendmail($this->vars['master_key']['mail_addr'], 'Master Key Recovery', $body);
  332.             if($this->error == false){
  333.                 return true;
  334.             } else{
  335.                 return false;
  336.             }
  337.         }
  338.  
  339.         public function recover_master_key_process()
  340.         {
  341.             $stmt = $this->account_db->prepare('SELECT mail_addr, MasterKey FROM MEMB_INFO WHERE memb___id = :account');
  342.             $stmt->execute([':account' => $this->session->userdata(['user' => 'username'])]);
  343.             if($this->vars['master_key'] = $stmt->fetch()){
  344.                 if($this->send_master_key_recovery_email()){
  345.                     return true;
  346.                 }
  347.                 return false;
  348.             }
  349.             return false;
  350.         }
  351.  
  352.         public function check_activation_code($code)
  353.         {
  354.             $stmt = $this->account_db->prepare('SELECT memb___id, mail_addr, activated FROM MEMB_INFO WHERE activation_id = :code');
  355.             $stmt->execute([':code' => $code]);
  356.             return $stmt->fetch();
  357.         }
  358.  
  359.         public function activate_account($acc, $code)
  360.         {
  361.             $stmt = $this->account_db->prepare('UPDATE MEMB_INFO SET activated = 1 WHERE memb___id = :account AND activation_id = :code AND activated != 1');
  362.             return $stmt->execute([':account' => $acc, ':code' => $code]);
  363.         }
  364.  
  365.         public function load_account_by_name($name)
  366.         {
  367.             $stmt = $this->account_db->prepare('SELECT memb___id, mail_addr FROM MEMB_INFO WHERE memb___id = :name or mail_addr = :email');
  368.             $stmt->execute([':name' => $name, ':email' => $name]);
  369.             return $stmt->fetch();
  370.         }
  371.  
  372.         public function load_reminder_by_name($name)
  373.         {
  374.             $stmt = $this->website->db('web')->prepare('SELECT TOP 1 used FROM DmN_Account_Invt WHERE assignto = :name ORDER BY used DESC');
  375.             $stmt->execute([':name' => $name]);
  376.             return $stmt->fetch();
  377.         }
  378.  
  379.         public function load_reminder_by_code($code)
  380.         {
  381.             $stmt = $this->website->db('web')->prepare('SELECT inv_id, invt_code, assignto, used FROM DmN_Account_Invt WHERE UPPER(invt_code) = UPPER(:code)');
  382.             $stmt->execute([':code' => $code]);
  383.             return $stmt->fetch();
  384.         }
  385.  
  386.         public function delete_reminder_entries_for_name($name)
  387.         {
  388.             $stmt = $this->website->db('web')->prepare('DELETE FROM DmN_Account_Invt WHERE assignto = :name');
  389.             return $stmt->execute([':name' => $name]);
  390.         }
  391.  
  392.         public function create_reminder_entry_for_name($name)
  393.         {
  394.             $code = strtoupper(sha1(microtime()));
  395.             $data = [];
  396.             $data[] = ['field' => 'invt_code', 'value' => $code, 'type' => 's'];
  397.             $data[] = ['field' => 'assignto', 'value' => $name, 'type' => 's'];
  398.             $data[] = ['field' => 'used', 'value' => time(), 'type' => 'i'];
  399.             $prepare = $this->website->db('web')->prepare($this->website->db('web')->get_insert('DmN_Account_Invt', $data));
  400.             $prepare->execute();
  401.             return $code;
  402.         }
  403.  
  404.         public function send_lostpassword_email_for_name($user, $email, $code)
  405.         {
  406.             $body = @file_get_contents(APP_PATH . DS . 'data' . DS . 'email_patterns' . DS . 'lostpassword_email_pattern.html');
  407.             $body = str_replace('###USERNAME###', $user, $body);
  408.             $body = str_replace('###SERVERNAME###', $this->config->config_entry('main|servername'), $body);
  409.             $body = str_replace('###IP###', ip(), $body);
  410.             if($this->website->is_multiple_accounts() == true){
  411.                 $body = str_replace('###URL###', $this->config->base_url . 'lost-password/activation/' . $code . '/' . $this->vars['server'], $body);
  412.             } else{
  413.                 $body = str_replace('###URL###', $this->config->base_url . 'lost-password/activation/' . $code, $body);
  414.             }
  415.             $this->sendmail($email, 'Password Reminder', $body);
  416.             if($this->error == false){
  417.                 return true;
  418.             } else{
  419.                 return false;
  420.             }
  421.         }
  422.  
  423.         public function update_password($user = '')
  424.         {        
  425.             $user = ($user != '') ? $user : $this->session->userdata(['user' => 'username']);
  426.             if(MD5 == 1){
  427.                 $query = $this->account_db->query('SET NOCOUNT ON;EXEC DmN_Check_Acc_MD5 \'' . $this->account_db->sanitize_var($user) . '\', \'' . $this->account_db->sanitize_var($this->vars['new_password']) . '\'');
  428.                 $fetch = $query->fetch();
  429.                 $query->close_cursor();
  430.                 if($fetch  == false){
  431.                     $query = $this->account_db->query('EXEC DmN_Check_Acc_MD5 \'' . $this->account_db->sanitize_var($user) . '\', \'' . $this->account_db->sanitize_var($this->vars['new_password']) . '\'');
  432.                     $fetch = $query->fetch();
  433.                     $query->close_cursor();
  434.                 }
  435.                
  436.                 if($fetch['result'] == 'found'){
  437.                     return true;
  438.                 } else{
  439.                     $pw = (!$this->is_hex($fetch['result'])) ? '0x' . strtoupper(bin2hex($fetch['result'])) : '0x' . $fetch['result'];
  440.                 }
  441.             } else if(MD5 == 2){
  442.                 $pw = '\'' . md5($this->vars['new_password']) . '\'';
  443.             } else{
  444.                 $pw = '\'' . $this->vars['new_password'] . '\'';
  445.             }
  446.                        
  447.             return $this->account_db->query('UPDATE MEMB_INFO SET memb__pwd = ' . $pw . ' WHERE (memb___id COLLATE Database_Default = \'' . $this->account_db->sanitize_var($user) . '\' COLLATE Database_Default)');              
  448.         }
  449.  
  450.         public function check_login_attemts()
  451.         {
  452.             $file = APP_PATH . DS . 'logs' . DS . 'login_attempts.txt';
  453.             if(file_exists($file)){
  454.                 $data = file_get_contents($file);
  455.                 if($data != false && $data != ''){
  456.                     $ips = unserialize($data);
  457.                     if(isset($ips[ip()]) && $ips[ip()]['time'] >= time() - 900){
  458.                         return $ips[ip()]['attempts'] >= 5;
  459.                     }
  460.                 }
  461.             }
  462.             return false;
  463.         }
  464.  
  465.         public function add_login_attemt()
  466.         {
  467.             $file = APP_PATH . DS . 'logs' . DS . 'login_attempts.txt';
  468.             if(!file_exists($file)){
  469.                 file_put_contents($file, '');
  470.             }
  471.             $data = file_get_contents($file);
  472.             if($data != false && $data != ''){
  473.                 $ips = unserialize($data);
  474.                 if(isset($ips[ip()])){
  475.                     $ips[ip()]['attempts'] = $ips[ip()]['attempts'] + 1;
  476.                     $ips[ip()]['time'] = time();
  477.                 } else{
  478.                     $ips[ip()]['attempts'] = 1;
  479.                     $ips[ip()]['time'] = time();
  480.                 }
  481.             } else{
  482.                 $ips = [ip() => ['attempts' => 1, 'time' => time()]];
  483.             }
  484.             file_put_contents($file, serialize($ips));
  485.             return true;
  486.         }
  487.  
  488.         public function clear_login_attemts()
  489.         {
  490.             $file = APP_PATH . DS . 'logs' . DS . 'login_attempts.txt';
  491.             if(file_exists($file)){
  492.                 $data = file_get_contents($file);
  493.                 if($data != false && $data != ''){
  494.                     $ips = unserialize($data);
  495.                     if(isset($ips[ip()])){
  496.                         unset($ips[ip()]);
  497.                         file_put_contents($file, serialize($ips));
  498.                     }
  499.                 }
  500.             }
  501.             return true;
  502.         }
  503.  
  504.         public function log_user_ip($user = '')
  505.         {
  506.             if($user != '')
  507.                 $this->vars['username'] = $user;
  508.             if(!$this->ip_log_exists()){
  509.                 $this->insert_ip_log();
  510.             } //else {
  511.             //   $this->update_ip_log();
  512.             //}
  513.         }
  514.  
  515.         public function count_accounts()
  516.         {
  517.             return $this->account_db->snumrows('SELECT COUNT(memb___id) AS count FROM MEMB_INFO WHERE activated = 1');
  518.         }
  519.  
  520.         private function ip_log_exists()
  521.         {
  522.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_IP_Log WHERE account = :account AND ip = :ip AND login_type = 1');
  523.             $stmt->execute([':account' => $this->vars['username'], ':ip' => ip()]);
  524.             return $stmt->fetch();
  525.         }
  526.  
  527.         private function insert_ip_log()
  528.         {
  529.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_IP_Log (account, ip, last_connected, login_type) VALUES (:account, :ip, GETDATE(), 1)');
  530.             return $stmt->execute([':account' => $this->vars['username'], ':ip' => ip()]);
  531.         }
  532.  
  533.         public function login_user()
  534.         {
  535.             usleep(mt_rand(1000000, 5000000));
  536.             if(MD5 == 1){
  537.                 $stmt = $this->account_db->prepare('SET NOCOUNT ON;EXEC DmN_Check_Acc_MD5 :user, :pass');
  538.                 $stmt->execute([':user' => $this->vars['username'], ':pass' => $this->vars['password']]);
  539.                 $check = $stmt->fetch();
  540.                 $stmt->close_cursor();
  541.                
  542.                 if($check == false){
  543.                     $stmt = $this->account_db->prepare('EXEC DmN_Check_Acc_MD5 :user, :pass');
  544.                     $stmt->execute([':user' => $this->vars['username'], ':pass' => $this->vars['password']]);
  545.                     $check = $stmt->fetch();
  546.                     //var_dump($check);die();
  547.                     $stmt->close_cursor();
  548.                 }
  549.                 if($check['result'] == 'found'){
  550.                     $stmt = $this->account_db->prepare('SELECT memb_guid, memb___id, memb__pwd, mail_addr, appl_days, modi_days, bloc_code, last_login, last_login_ip, activated, Admin, country FROM MEMB_INFO WITH (NOLOCK) WHERE (memb___id Collate Database_Default = :user Collate Database_Default)');
  551.                     $stmt->execute([':user' => $this->vars['username']]);
  552.                     $info = $stmt->fetch();
  553.                 } else{
  554.                     $info = false;
  555.                 }
  556.             } else{
  557.                 $stmt = $this->account_db->prepare('SELECT memb_guid, memb___id, memb__pwd, mail_addr, appl_days, modi_days, bloc_code, last_login, last_login_ip, activated, Admin, country FROM MEMB_INFO WITH (NOLOCK) WHERE (memb___id Collate Database_Default = :user Collate Database_Default) AND memb__pwd = :pass');
  558.                 $stmt->execute([':user' => $this->vars['username'], ':pass' => (MD5 == 2) ? md5($this->vars['password']) : $this->vars['password']]);
  559.                 $info = $stmt->fetch();
  560.             }
  561.             if($info != false){
  562.                 if($this->vars['username'] !== $info['memb___id']){
  563.                     return false;
  564.                 } else{
  565.                     $this->update_last_login($info['memb___id']);
  566.                     if($info['appl_days'] instanceof \DateTime) {
  567.                         $joined = $info['appl_days']->format('Y-m-d');
  568.                         $last_login = $info['last_login']->format('Y-m-d H:i');
  569.                     }
  570.                     else{
  571.                         $joined = date('Y-m-d', strtotime($info['appl_days']));
  572.                         $last_login = date('Y-m-d H:i', strtotime($info['last_login']));
  573.                     }
  574.                    
  575.                     if(defined('CUSTOM_SESSION') && CUSTOM_SESSION == true){
  576.                         $salt = $this->session->getCookie();
  577.                         $dbSalt = $this->check_user_salt($info['memb___id']);
  578.  
  579.                         if($dbSalt != false){
  580.                             if($salt != $dbSalt['session_salt']){
  581.                                 $sess_path = session_save_path();
  582.                                 $file = $sess_path.'/dmncmssession'.$dbSalt['session_salt'];
  583.                                 //$file = APP_PATH . DS . 'data' . DS . 'sessions'.DS.'dmncmssession'.$dbSalt['session_salt'];
  584.                                 if(file_exists($file)){
  585.                                     unlink($file);
  586.                                 }
  587.                                 $this->update_user_salt($info['memb___id'], $salt);
  588.                             }
  589.                         }
  590.                         else{
  591.                             $this->insert_user_salt($info['memb___id'], $salt);
  592.                         }
  593.                     }
  594.                    
  595.                     $this->session->register('user', [
  596.                         'id' => $info['memb_guid'],
  597.                         'username' => $info['memb___id'],
  598.                         'pass' => sha1($this->vars['password']),
  599.                         'email' => $info['mail_addr'],
  600.                         'last_login' => $last_login,
  601.                         'last_ip' => $info['last_login_ip'],
  602.                         'admin' => $info['Admin'],
  603.                         'joined' => $joined,
  604.                         'country' => $info['country'],
  605.                         'server' => (isset($this->vars['server'])) ? $this->vars['server'] : null,
  606.                         'server_t' => (isset($this->vars['servers'])) ? $this->vars['servers'][$this->vars['server']]['title'] : null,
  607.                         'logged_in' => true]
  608.                     );
  609.                    
  610.                    
  611.                     return $info;
  612.                 }
  613.             }
  614.             return false;
  615.         }
  616.        
  617.         private function check_user_salt($user)
  618.         {
  619.             $stmt = $this->website->db('web')->prepare('SELECT session_salt FROM DmN_User_Salts WHERE memb___id = :user');
  620.             $stmt->execute(array(':user' => $user));
  621.             return $stmt->fetch();
  622.         }
  623.  
  624.         private function update_user_salt($user, $salt)
  625.         {
  626.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_User_Salts SET session_salt = :salt WHERE memb___id = :user');
  627.             $stmt->execute(array(':salt' => $salt, ':user' => $user));
  628.         }
  629.        
  630.         private function insert_user_salt($user, $salt)
  631.         {
  632.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_User_Salts (memb___id, session_salt) VALUES (:user, :salt)');
  633.             $stmt->execute(array(':user' => $user, ':salt' => $salt));
  634.         }
  635.  
  636.         private function update_last_login($user)
  637.         {
  638.                                      
  639.             $ip = ip();
  640.             $country_code = get_country_code($ip);
  641.             $stmt = $this->account_db->prepare('UPDATE MEMB_INFO SET last_login = GETDATE(), last_login_ip = :ip, country = :country WHERE memb___id = :user');
  642.             $stmt->execute([':ip' => $ip, ':country' => $country_code, ':user' => $user]);
  643.         }
  644.  
  645.         public function check_user_on_server($user, $server)
  646.         {
  647.             $stmt = $this->website->db('account', $server)->prepare('SELECT memb___id FROM MEMB_INFO WHERE memb___id = :user');
  648.             $stmt->execute([':user' => $user]);
  649.             return $stmt->fetch();
  650.         }
  651.  
  652.         public function check_fb_user($email, $server)
  653.         {
  654.             $stmt = $this->account_db->prepare('SELECT memb_guid, memb___id, mail_addr, appl_days, modi_days, bloc_code, last_login, last_login_ip, activated, Admin, country FROM MEMB_INFO WHERE mail_addr = :email');
  655.             $stmt->execute([':email' => $email]);
  656.             $info = $stmt->fetch();
  657.             if($info){
  658.                 $this->update_last_login($info['memb___id']);
  659.                 $this->session->register('user', ['id' => $info['memb_guid'], 'username' => $info['memb___id'], 'email' => $email, 'last_login' => $info['last_login'], 'last_ip' => $info['last_login_ip'], 'admin' => $info['Admin'], 'joined' => $info['appl_days'], 'country' => $info['country'], 'server' => (isset($server)) ? $server : null, 'server_t' => (isset($server)) ? $this->website->get_title_from_server($server) : null, 'logged_in' => true]);
  660.                 return $info;
  661.             }
  662.         }
  663.  
  664.         public function sendmail($recipients, $subject, $message)
  665.         {
  666.             $this->vars['email_config'] = $this->config->values('email_config');
  667.             $failures = [];            
  668.             if(!$this->vars['email_config'])
  669.                 throw new Exception('Email settings not configured.');
  670.             if(!isset($this->vars['email_config']['server_email']) || $this->vars['email_config']['server_email'] == '')
  671.                 throw new Exception('Server email is not set.');
  672.             switch($this->vars['email_config']['mail_mode']){
  673.                 case 0:
  674.                     try{
  675.                         if(!isset($this->vars['email_config']['smtp_server']) || $this->vars['email_config']['smtp_server'] == '')
  676.                             throw new Exception('SMTP Server is not set.');
  677.                         if(!isset($this->vars['email_config']['smtp_port']) || $this->vars['email_config']['smtp_port'] == '' || !is_numeric($this->vars['email_config']['smtp_port']))
  678.                             throw new Exception('SMTP Port is not set.');
  679.                         $transport = Swift_SmtpTransport::newInstance($this->vars['email_config']['smtp_server'], (int)$this->vars['email_config']['smtp_port']);
  680.                         if($this->vars['email_config']['smtp_use_ssl'] == 1){
  681.                             $transport->setEncryption('ssl');
  682.                         }
  683.                         if($this->vars['email_config']['smtp_use_ssl'] == 2){
  684.                             $transport->setEncryption('tls');
  685.                         }
  686.                         if($this->vars['email_config']['smtp_username'] != ''){
  687.                             $transport->setUsername($this->vars['email_config']['smtp_username']);
  688.                         }
  689.                         if($this->vars['email_config']['smtp_password'] != ''){
  690.                             $transport->setPassword($this->vars['email_config']['smtp_password']);
  691.                         }
  692.                         $mailer = Swift_Mailer::newInstance($transport);
  693.                         $message = Swift_Message::newInstance()->setSubject($subject)->setFrom([$this->vars['email_config']['server_email'] => $this->config->config_entry('main|servername')])->setTo([$recipients])->setBody($message)->setContentType('text/html');
  694.                         if(!$mailer->send($message, $failures)){
  695.                             $this->error = 'Failed sending email to ' . print_r($failures, 1);
  696.                             return false;
  697.                         }
  698.                         return true;
  699.                     } catch(Exception $e){
  700.                         $this->error = $e->getMessage();
  701.                     } catch(Swift_ConnectionException $e){
  702.                         $this->error = 'There was a problem communicating with the SMTP-Server. Error-Text: ' . $e->getMessage();
  703.                     } catch(Swift_Message_MimeException $e){
  704.                         $this->error = 'There was an unexpected problem building the email. Error-Text: ' . $e->getMessage();
  705.                     } catch(Swift_TransportException $e){
  706.                         $this->error = $e->getMessage();
  707.                     }
  708.                     break;
  709.                 case 1:
  710.                     try{
  711.                         $transport = Swift_MailTransport::newInstance();
  712.                         $mailer = Swift_Mailer::newInstance($transport);
  713.                         $message = Swift_Message::newInstance()->setSubject($subject)->setFrom([$this->vars['email_config']['server_email'] => $this->config->config_entry('main|servername')])->setTo([$recipients])->setBody($message)->setContentType('text/html');
  714.                         if(!$mailer->send($message, $failures)){
  715.                             $this->error = 'Failed sending email to ' . print_r($failures, 1);
  716.                             return false;
  717.                         }
  718.                         return true;
  719.                     } catch(Swift_ConnectionException $e){
  720.                         $this->error = 'There was a problem communicating with the SMTP-Server. Error-Text: ' . $e->getMessage();
  721.                     } catch(Swift_Message_MimeException $e){
  722.                         $this->error = 'There was an unexpected problem building the email. Error-Text: ' . $e->getMessage();
  723.                     } catch(Swift_TransportException $e){
  724.                         $this->error = $e->getMessage();
  725.                     }
  726.                     break;
  727.                 case 2:
  728.                     try{
  729.                         $transport = Swift_SendmailTransport::newInstance('/usr/sbin/sendmail -bs');
  730.                         $mailer = Swift_Mailer::newInstance($transport);
  731.                         $message = Swift_Message::newInstance()->setSubject($subject)->setFrom([$this->vars['email_config']['server_email'] => $this->config->config_entry('main|servername')])->setTo([$recipients])->setBody($message)->setContentType('text/html');
  732.                         if(!$mailer->send($message, $failures)){
  733.                             $this->error = 'Failed sending email to ' . print_r($failures, 1);
  734.                             return false;
  735.                         }
  736.                         return true;
  737.                     } catch(Swift_ConnectionException $e){
  738.                         $this->error = 'There was a problem communicating with the SMTP-Server. Error-Text: ' . $e->getMessage();
  739.                     } catch(Swift_Message_MimeException $e){
  740.                         $this->error = 'There was an unexpected problem building the email. Error-Text: ' . $e->getMessage();
  741.                     } catch(Swift_TransportException $e){
  742.                         $this->error = $e->getMessage();
  743.                     }
  744.                     break;
  745.                 case 3:
  746.                     try{
  747.                         $transport = SwiftSparkPost\Transport::newInstance($this->vars['email_config']['smtp_password']);
  748.                         $mailer = Swift_Mailer::newInstance($transport);
  749.                         $message = Swift_Message::newInstance()->setSubject($subject)->setFrom([$this->vars['email_config']['server_email'] => $this->config->config_entry('main|servername')])->setTo([$recipients])->setBody($message)->setContentType('text/html');
  750.                         if(!$mailer->send($message, $failures)){
  751.                             $this->error = 'Failed sending email to ' . print_r($failures, 1);
  752.                             return false;
  753.                         }
  754.                         return true;
  755.                     } catch(Swift_ConnectionException $e){
  756.                         $this->error = 'There was a problem communicating with the SMTP-Server. Error-Text: ' . $e->getMessage();
  757.                     } catch(Swift_Message_MimeException $e){
  758.                         $this->error = 'There was an unexpected problem building the email. Error-Text: ' . $e->getMessage();
  759.                     } catch(Swift_TransportException $e){
  760.                         $this->error = $e->getMessage();
  761.                     }
  762.                     break;
  763.             }
  764.         }
  765.  
  766.         public function compare_passwords()
  767.         {
  768.             return ($this->session->userdata(['user' => 'pass']) == sha1($this->vars['old_password']));
  769.         }
  770.  
  771.         public function get_amount_of_credits($name, $payment_method = 1, $server, $id = false)
  772.         {
  773.             $status = $this->website->get_user_credits_balance($name, $server, $payment_method, $id);
  774.             return $status['credits'];
  775.         }
  776.  
  777.         public function load_vote_links()
  778.         {
  779.             return $this->website->db('web')->query('SELECT id, votelink, name, img_url, hours, reward, reward_type, mmotop_stats_url, mmotop_reward_sms, api, server FROM DmN_Votereward WHERE server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\' ORDER BY id')->fetch_all();
  780.         }
  781.  
  782.         public function check_vote_link($link)
  783.         {
  784.             return $this->website->db('web')->query('SELECT hours, reward, reward_type, api  FROM DmN_Votereward WHERE id = ' . $this->website->db('web')->sanitize_var($link) . ' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\'')->fetch();
  785.         }
  786.  
  787.         public function get_last_vote($link, $interval = 12, $api = 0, $xtremetop_same_acc_vote = 0, $links = '')
  788.         {
  789.             if($api != 2)
  790.             {
  791.                 $vote_time = time() - (3600 * $interval);
  792.                 $log1 = $this->website->db('web')->query('SELECT TOP 1 account, ip, time FROM DmN_Votereward_Log WHERE number = ' . $this->website->db('web')->sanitize_var($link) . '  AND account = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND time > ' . $this->website->db('web')->sanitize_var($vote_time) . ' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\' ORDER BY time DESC');//->fetch_all();
  793.                
  794.                 if($xtremetop_same_acc_vote == 1)
  795.                 {
  796.                     $ids = (strpos(trim($links), ',') !== false) ? explode(',', trim($links)) : [0 => $links];
  797.                    
  798.                     if(in_array($link, $ids))
  799.                     {
  800.                         $log1 = $log1->fetch_all();
  801.                     }
  802.                     else
  803.                     {
  804.                         $log1 = $log1->fetch();
  805.                     }
  806.                 }
  807.                 else
  808.                 {
  809.                     $log1 = $log1->fetch();
  810.                 }
  811.                
  812.                 $log2 = $this->website->db('web')->query('SELECT TOP 1 account, ip, time FROM DmN_Votereward_Log WHERE number = ' . $this->website->db('web')->sanitize_var($link) . '  AND ip = \'' . $this->website->db('web')->sanitize_var(ip()) . '\' AND time > ' . $this->website->db('web')->sanitize_var($vote_time) . ' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\' ORDER BY time DESC')->fetch();
  813.                
  814.                 if((isset($log1['account']) || isset($log2['ip'])) || (isset($log1['account']) && isset($log2['ip']))){
  815.                     return isset($log1['time']) ? $log1['time'] : $log2['time'];
  816.                 }
  817.             }
  818.            
  819.             return false;
  820.         }
  821.  
  822.         public function log_vote($link)
  823.         {
  824.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Log (number, ip, account, time, server) VALUES (:number, :ip, :account, :time, :server)');
  825.             return $stmt->execute([':number' => $link, ':ip' => ip(), ':account' => $this->session->userdata(['user' => 'username']), ':time' => time(), ':server' => $this->session->userdata(['user' => 'server'])]);
  826.         }
  827.  
  828.         public function check_xtremetop_vote()
  829.         {
  830.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Xtremetop_Log WHERE memb_guid = :memb_guid AND validated = 0');
  831.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  832.             return $stmt->fetch_all();
  833.         }
  834.  
  835.         public function check_ultratop_vote()
  836.         {
  837.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Ultratop_Log WHERE memb_guid = :memb_guid AND validated = 0');
  838.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  839.             return $stmt->fetch_all();
  840.         }
  841.  
  842.         public function check_gametop100_vote()
  843.         {
  844.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Gametop100_Log WHERE memb_guid = :memb_guid AND validated = 0');
  845.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  846.             return $stmt->fetch_all();
  847.         }
  848.  
  849.         public function check_mmoserver_vote()
  850.         {
  851.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Mmoserver_Log WHERE memb_guid = :memb_guid AND validated = 0');
  852.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  853.             return $stmt->fetch();
  854.         }
  855.  
  856.         public function check_top100arena_vote()
  857.         {
  858.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Top100arena_Log WHERE memb_guid = :memb_guid AND validated = 0');
  859.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  860.             return $stmt->fetch();
  861.         }
  862.  
  863.         public function check_gtop100_vote()
  864.         {
  865.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Gtop_Log WHERE memb_guid = :memb_guid AND validated = 0');
  866.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  867.             return $stmt->fetch_all();
  868.         }
  869.  
  870.         public function check_topg_vote()
  871.         {
  872.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Topg_Log WHERE memb_guid = :memb_guid AND validated = 0');
  873.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  874.             return $stmt->fetch_all();
  875.         }
  876.  
  877.         /** SUPREMETOP100 **/
  878.         public function check_supremetop_vote()
  879.         {
  880.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_SupremeTop100_Log WHERE memb_guid = :memb_guid AND validated = 0');
  881.             $stmt->execute([':memb_guid' => $this->session->userdata(['user' => 'id'])]);
  882.             return $stmt->fetch_all();
  883.         }
  884.        
  885.         public function add_xtremetop_vote($memb_guid, $ip)
  886.         {
  887.             if(is_numeric($memb_guid)){
  888.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Xtremetop_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  889.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  890.             } else{
  891.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  892.             }
  893.         }
  894.  
  895.         public function add_ultratop_vote($memb_guid, $ip)
  896.         {
  897.             if(is_numeric($memb_guid)){
  898.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Ultratop_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  899.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  900.             } else{
  901.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  902.             }
  903.         }
  904.  
  905.         public function add_gametop100_vote($memb_guid, $ip)
  906.         {
  907.             if(is_numeric($memb_guid)){
  908.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Gametop100_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  909.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  910.             } else{
  911.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  912.             }
  913.         }
  914.  
  915.         public function add_mmoserver_vote($memb_guid)
  916.         {
  917.             if(is_numeric($memb_guid)){
  918.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Mmoserver_Log (memb_guid, time) VALUES (:memb_guid, :time)');
  919.                 return $stmt->execute([':memb_guid' => $memb_guid, ':time' => time()]);
  920.             } else{
  921.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  922.             }
  923.         }
  924.  
  925.         public function add_top100arena_vote($memb_guid)
  926.         {
  927.             if(is_numeric($memb_guid)){
  928.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Top100arena_Log (memb_guid, time) VALUES (:memb_guid, :time)');
  929.                 return $stmt->execute([':memb_guid' => $memb_guid, ':time' => time()]);
  930.             } else{
  931.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  932.             }
  933.         }
  934.  
  935.         public function add_gtop100_vote($memb_guid, $ip)
  936.         {
  937.             if(is_numeric($memb_guid)){
  938.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Gtop_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  939.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  940.             } else{
  941.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  942.             }
  943.         }
  944.  
  945.         public function add_topg_vote($memb_guid, $ip)
  946.         {
  947.             if(is_numeric($memb_guid)){
  948.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Topg_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  949.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  950.             } else{
  951.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  952.             }
  953.         }
  954.        
  955.         /** SUPREMETOP100 **/
  956.         public function add_supremetop_vote($memb_guid, $ip)
  957.         {
  958.             if(is_numeric($memb_guid)){
  959.                 $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_SupremeTop100_Log (memb_guid, ip, time) VALUES (:memb_guid, :ip, :time)');
  960.                 return $stmt->execute([':memb_guid' => $memb_guid, ':ip' => $ip, ':time' => time()]);
  961.             } else{
  962.                 writelog('Invalid user id ' . htmlspecialchars($memb_guid), 'vote-api');
  963.             }
  964.         }
  965.        
  966.         public function set_valid_vote_xtremetop($id)
  967.         {
  968.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Xtremetop_Log SET validated = 1 WHERE id = :id');
  969.             return $stmt->execute([':id' => $id]);
  970.         }
  971.  
  972.         public function set_valid_vote_ultratop($id)
  973.         {
  974.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Ultratop_Log SET validated = 1 WHERE id = :id');
  975.             return $stmt->execute([':id' => $id]);
  976.         }
  977.  
  978.         public function set_valid_vote_gametop100($id)
  979.         {
  980.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Gametop100_Log SET validated = 1 WHERE id = :id');
  981.             return $stmt->execute([':id' => $id]);
  982.         }
  983.  
  984.         public function set_valid_vote_mmoserver($id)
  985.         {
  986.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Mmoserver_Log SET validated = 1 WHERE id = :id');
  987.             return $stmt->execute([':id' => $id]);
  988.         }
  989.  
  990.         public function set_valid_vote_top100arena($id)
  991.         {
  992.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Top100arena_Log SET validated = 1 WHERE id = :id');
  993.             return $stmt->execute([':id' => $id]);
  994.         }
  995.  
  996.         public function set_valid_vote_gtop100($id)
  997.         {
  998.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Gtop_Log SET validated = 1 WHERE id = :id');
  999.             return $stmt->execute([':id' => $id]);
  1000.         }
  1001.  
  1002.         public function set_valid_vote_topg($id)
  1003.         {
  1004.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Topg_Log SET validated = 1 WHERE id = :id');
  1005.             return $stmt->execute([':id' => $id]);
  1006.         }
  1007.        
  1008.         /** SUPREMETOP100 **/
  1009.         public function set_valid_vote_supremetop($id)
  1010.         {
  1011.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_SupremeTop100_Log SET validated = 1 WHERE id = :id');
  1012.             return $stmt->execute([':id' => $id]);
  1013.         }
  1014.        
  1015.         public function check_vote_rankings($account, $server)
  1016.         {
  1017.             if($gameid = $this->check_game_idc($account, $server)){
  1018.                 if($gameid['GameIDC'] != null){
  1019.                     if($this->check_vote_rankings_entry($account, $server)){
  1020.                         $this->update_vote_rankings($account, $server, $gameid['GameIDC']);
  1021.                     } else{
  1022.                         $this->insert_vote_rankings($account, $server, $gameid['GameIDC']);
  1023.                     }
  1024.                 }
  1025.             }
  1026.             return false;
  1027.         }
  1028.  
  1029.         private function check_game_idc($account, $server)
  1030.         {
  1031.             $stmt = $this->website->db('game', $server)->prepare('SELECT GameIDC FROM AccountCharacter WHERE Id = :user');
  1032.             $stmt->execute([':user' => $account]);
  1033.             return $stmt->fetch();
  1034.         }
  1035.  
  1036.         private function check_vote_rankings_entry($account, $server)
  1037.         {
  1038.             $stmt = $this->website->db('web')->prepare('SELECT id FROM DmN_Votereward_Ranking WHERE account = :user AND server = :server AND year = :year AND month = :month');
  1039.             $stmt->execute([':user' => $account, ':server' => $server, ':year' => date('Y', time()), ':month' => date('F', time())]);
  1040.             if($stmt->fetch()){
  1041.                 return true;
  1042.             }
  1043.             return false;
  1044.         }
  1045.  
  1046.         private function update_vote_rankings($account, $server, $char)
  1047.         {
  1048.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Votereward_Ranking SET lastvote = :lastvote, totalvotes = totalvotes + 1 WHERE account = :user AND character = :char AND server = :server AND year = :year AND month = :month');
  1049.             $stmt->execute([':lastvote' => time(), ':user' => $account, ':char' => $char, ':server' => $server, ':year' => date('Y', time()), ':month' => date('F', time())]);
  1050.             $stmt->close_cursor();
  1051.             return true;
  1052.         }
  1053.  
  1054.         private function insert_vote_rankings($account, $server, $char)
  1055.         {
  1056.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Votereward_Ranking (account, character, server, lastvote, totalvotes, year, month) VALUES (:user, :char, :server, :lastvote, 1, :year, :month)');
  1057.             $stmt->execute([':user' => $account, ':char' => $char, ':server' => $server, ':lastvote' => time(), ':year' => date('Y', time()), ':month' => date('F', time())]);
  1058.             $stmt->close_cursor();
  1059.             return true;
  1060.         }
  1061.  
  1062.         public function calculate_next_vote($time, $interval = 12)
  1063.         {
  1064.             $hours = floor((((3600 * $interval) - (time() - $time)) / 3600));
  1065.             $minutes = floor(((((3600 * $interval) - (time() - $time)) % 3600) / 60));
  1066.             $h = isset($hours) ? $hours . ' h' : '';
  1067.             $m = isset($minutes) ? $minutes . ' min' : '';
  1068.             return $h . ' ' . $m;
  1069.         }
  1070.  
  1071.         public function check_mmotop_stats($link, $server)
  1072.         {
  1073.             if(trim($link) != ''){
  1074.                 $stats = file($link, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
  1075.                 $logs = [];
  1076.                 if($stats){
  1077.                     foreach($stats as $log){
  1078.                         $logs[] = explode(" ", $log);
  1079.                     }
  1080.                     return $logs;
  1081.                 }
  1082.             }
  1083.             return false;
  1084.         }
  1085.  
  1086.         public function insert_mmotop_stats($stats, $server)
  1087.         {
  1088.             $reward = false;
  1089.             foreach($stats as $key => $log){
  1090.                 $stmt = $this->website->db('web')->prepare('SELECT unid FROM DmN_Mmotop_Stats WHERE unid = :unid AND server = :server');
  1091.                 $stmt->execute([':unid' => $log[0], ':server' => $server]);
  1092.                 if(!$stmt->fetch()){
  1093.                     $reward = true;
  1094.                     $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Mmotop_Stats (unid, character, vote_type, server) VALUES (:unid, :char, :vote_type, :server)');
  1095.                     $stmt->execute([':unid' => $log[0], ':char' => $this->website->c($log[3]), ':vote_type' => $log[4], ':server' => $server]);
  1096.                 }
  1097.             }
  1098.             return $reward;
  1099.         }
  1100.  
  1101.         public function check_mmotop_voters($rewards = [0, 0], $type, $server)
  1102.         {
  1103.             $query = $this->website->db('web')->query('SELECT unid, character, vote_type FROM DmN_Mmotop_Stats WHERE status = 0 AND server = \'' . $this->website->db('web')->sanitize_var($this->website->c($server)) . '\'')->fetch_all();
  1104.             foreach($query as $value){
  1105.                 $stmt = $this->website->db('game', $server)->prepare('SELECT TOP 1 AccountId FROM Character WHERE Name = :char OR AccountId = :acc');
  1106.                 $stmt->execute([':char' => $this->website->c($value['character']), ':acc' => $this->website->c($value['character'])]);
  1107.                 if($info = $stmt->fetch()){
  1108.                     $this->check_vote_rankings($info['AccountId'], $server);
  1109.                     $this->log_rewarded_mmotop_vote($value['unid']);
  1110.                     if($value['vote_type'] == 1){
  1111.                         $this->reward_voter($rewards[0], $type, $server, $info['AccountId']);
  1112.                                                                                                                      
  1113.                     } else{
  1114.                         $this->reward_voter($rewards[1], $type, $server, $info['AccountId']);
  1115.                                                                                                                      
  1116.                     }
  1117.                 }
  1118.             }
  1119.         }
  1120.  
  1121.         private function log_rewarded_mmotop_vote($mmotop_unid)
  1122.         {
  1123.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Mmotop_Stats SET status = 1 WHERE unid = :unid');
  1124.             $stmt->execute([':unid' => $mmotop_unid]);
  1125.             $stmt->close_cursor();
  1126.         }
  1127.  
  1128.         public function add_account_log($log, $credits, $acc, $server)
  1129.         {
  1130.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Account_Logs (text, amount, date, account, server, ip) VALUES (:text, :amount, GETDATE(), :acc, :server, :ip)');
  1131.             $stmt->execute([':text' => $log, ':amount' => round($credits), ':acc' => $acc, ':server' => $server, ':ip' => $this->website->ip()]);
  1132.             $stmt->close_cursor();
  1133.         }
  1134.  
  1135.         public function reward_voter($reward, $type, $server, $account = '')
  1136.         {
  1137.             $acc = ($account != '') ? $account : $this->session->userdata(['user' => 'username']);
  1138.             $this->website->add_credits($acc, $server, $reward, $type);
  1139.             $this->add_account_log('Reward ' . $this->website->translate_credits($type, $server) . ' votereward', $reward, $acc, $server);
  1140.         }
  1141.  
  1142.         public function check_connect_stat()
  1143.         {
  1144.             if($this->config->config_entry('main|con_check') != 0){
  1145.                 $stmt = $this->website->db('account', $this->session->userdata(['user' => 'server']))->prepare('SELECT ConnectStat FROM MEMB_STAT WHERE memb___id = :user');
  1146.                 $stmt->execute([':user' => $this->session->userdata(['user' => 'username'])]);
  1147.                 if($status = $stmt->fetch()){
  1148.                     return ($status['ConnectStat'] == 0);
  1149.                 }
  1150.             }
  1151.             return true;
  1152.         }
  1153.  
  1154.         public function check_hide_time()
  1155.         {
  1156.             $stmt = $this->website->db('web')->prepare('SELECT until_date FROM DmN_Hidden_Chars WHERE account = :name AND server = :server');
  1157.             $stmt->execute([':name' => $this->session->userdata(['user' => 'username']), ':server' => $this->session->userdata(['user' => 'server'])]);
  1158.             if($info = $stmt->fetch()){
  1159.                 if($info['until_date'] > time()){
  1160.                     return date('d F Y, H:i', $info['until_date']);
  1161.                 } else{
  1162.                     $this->delete_expired_hide();
  1163.                     return 'None';
  1164.                 }
  1165.             } else{
  1166.                 return 'None';
  1167.             }
  1168.         }
  1169.  
  1170.         public function delete_expired_hide()
  1171.         {
  1172.             $stmt = $this->website->db('web')->prepare('DELETE FROM DmN_Hidden_Chars WHERE account = :name AND server = :server');
  1173.             $stmt->execute([':name' => $this->session->userdata(['user' => 'username']), ':server' => $this->session->userdata(['user' => 'server'])]);
  1174.         }
  1175.  
  1176.         public function add_hide($price)
  1177.         {
  1178.             $this->add_account_log('Bought character hide', -$price, $this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']));
  1179.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Hidden_chars (account, until_date, server) VALUES (:account, :until_date, :server)');
  1180.             $stmt->execute([':account' => $this->session->userdata(['user' => 'username']), ':until_date' => time() + (3600 * 24) * $this->config->config_entry('account|hide_char_days'), ':server' => $this->session->userdata(['user' => 'server'])]);
  1181.         }
  1182.  
  1183.         public function extend_hide($date, $price)
  1184.         {
  1185.             $this->add_account_log('Extended character hide', -$price, $this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']));
  1186.             $stmt = $this->website->db('web')->prepare('UPDATE DmN_Hidden_Chars SET until_date = :until_date WHERE account = :account AND server = :server');
  1187.             $stmt->execute([':until_date' => strtotime($date) + (3600 * 24) * $this->config->config_entry('account|hide_char_days'), ':account' => $this->session->userdata(['user' => 'username']), ':server' => $this->session->userdata(['user' => 'server'])]);
  1188.         }
  1189.  
  1190.         public function load_logs($page = 1, $per_page = 30)
  1191.         {
  1192.             $next_page = ($page <= 1) ? 0 : (int)$per_page * ((int)$page - 1);
  1193.             $logs = $this->website->db('web')->query('SELECT Top ' . $this->website->db('web')->sanitize_var((int)$per_page) . ' id, text, amount, date, ip FROM DmN_Account_Logs WHERE account = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\' AND id Not IN (SELECT Top ' . $this->website->db('web')->sanitize_var($next_page) . ' id FROM DmN_Account_Logs WHERE account = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\' ORDER BY id DESC) ORDER BY id DESC');
  1194.             $pos = ($page == 1) ? 1 : (int)(($page - 1) * $per_page) + 1;
  1195.             foreach($logs->fetch_all() as $key => $value){
  1196.                 $this->logs[] = ['id' => $value['id'], 'text' => $value['text'], 'amount' => $value['amount'], 'date' => strtotime($value['date']), 'ip' => $value['ip'], 'pos' => $pos];
  1197.                 $pos++;
  1198.             }
  1199.             return $this->logs;
  1200.         }
  1201.  
  1202.         public function count_total_logs()
  1203.         {
  1204.             return $this->website->db('web')->snumrows('SELECT COUNT(id) AS count FROM DmN_Account_Logs WHERE account = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\'');
  1205.         }
  1206.  
  1207.         public function load_wallet_zen()
  1208.         {
  1209.             return $this->website->db('web')->query('SELECT credits3 FROM DmN_Shop_Credits WHERE memb___id = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND server = \'' . $this->website->db('web')->sanitize_var($this->session->userdata(['user' => 'server'])) . '\'')->fetch();
  1210.         }
  1211.  
  1212.         public function check_acc_ban()
  1213.         {
  1214.             $stmt = $this->website->db('web')->prepare('SELECT time, is_permanent FROM DmN_Ban_List WHERE name = :name AND type = 1');
  1215.             $stmt->execute([':name' => $this->vars['username']]);
  1216.             return $stmt->fetch();
  1217.         }
  1218.  
  1219.         public function check_secret_q_a($account, $question, $answer)
  1220.         {
  1221.             $stmt = $this->account_db->prepare('SELECT TOP 1 memb_guid FROM MEMB_INFO WHERE memb___id = :account AND fpas_ques = :question AND fpas_answ = :answer');
  1222.             $stmt->execute([':account' => $account, ':question' => $question, ':answer' => $answer]);
  1223.             return $stmt->fetch();
  1224.         }
  1225.  
  1226.         public function check_vip($account, $server)
  1227.         {
  1228.             $stmt = $this->website->db('web')->prepare('SELECT viptype, viptime FROM DmN_Vip_Users WHERE memb___id = :account AND server = :server');
  1229.             $stmt->execute([':account' => $account, ':server' => $server]);
  1230.             return $stmt->fetch();
  1231.         }
  1232.  
  1233.         public function remove_vip($id, $account, $server)
  1234.         {
  1235.             $stmt = $this->website->db('web')->prepare('DELETE FROM DmN_Vip_Users WHERE viptype = :id AND memb___id = :account AND server = :server');
  1236.             return $stmt->execute([':id' => $id, ':account' => $account, ':server' => $server]);
  1237.         }
  1238.  
  1239.         public function check_connect_member_file($connect_member_load, $account)
  1240.         {
  1241.             if($connect_member_load != null){
  1242.                 $info = pathinfo($connect_member_load);
  1243.                 if(isset($info['extension']) && $info['extension'] == 'txt'){
  1244.                     $this->remove_from_txt_file($connect_member_load, $account);
  1245.                 }
  1246.                 if(isset($info['extension']) && $info['extension'] == 'xml'){
  1247.                     $this->remove_from_xml_file($connect_member_load, $account);
  1248.                 }
  1249.             }
  1250.         }
  1251.  
  1252.         private function remove_from_txt_file($connect_member_load, $account)
  1253.         {
  1254.             if(is_writable($connect_member_load)){
  1255.                 $acc = '"' . $account . '"';
  1256.                 $file = file($connect_member_load);
  1257.                 $file = array_filter($file, function($item) use ($acc){
  1258.                     return trim($item) != $acc;
  1259.                 });
  1260.                 file_put_contents($connect_member_load, preg_replace('/^\h*\v+/m', '', implode(PHP_EOL, $file)));
  1261.             }
  1262.         }
  1263.  
  1264.         private function remove_from_xml_file($connect_member_load, $account)
  1265.         {
  1266.             if(is_writable($connect_member_load)){
  1267.                 $data = file_get_contents($connect_member_load);
  1268.                 $xml = new SimpleXMLElement($data);
  1269.                 unset($xml->xpath('Account[@Name="' . $account . '"]')[0]->{0});
  1270.                 $dom = new DOMDocument("1.0");
  1271.                 $dom->preserveWhiteSpace = false;
  1272.                 $dom->formatOutput = true;
  1273.                 $dom->loadXML($xml->asXml());
  1274.                 $dom->save($connect_member_load);
  1275.             }
  1276.         }
  1277.  
  1278.         public function load_vip_package_info($id, $server)
  1279.         {
  1280.             $stmt = $this->website->db('web')->prepare('SELECT TOP 1
  1281.                                              [package_title]
  1282.                                              ,[price]
  1283.                                              ,[payment_type]
  1284.                                              ,[server]
  1285.                                              ,[status]
  1286.                                              ,[vip_time]
  1287.                                              ,[reset_price_decrease]
  1288.                                              ,[reset_level_decrease]
  1289.                                               ,[reset_bonus_points]
  1290.                                              ,[grand_reset_bonus_credits]
  1291.                                              ,[hide_info_discount]
  1292.                                              ,[pk_clear_discount]
  1293.                                              ,[clear_skilltree_discount]
  1294.                                              ,[online_hour_exchange_bonus]
  1295.                                              ,[change_name_discount]
  1296.                                               ,[change_class_discount]
  1297.                                              ,[bonus_credits_for_donate]
  1298.                                              ,[shop_discount]
  1299.                                               ,[wcoins]
  1300.                                              ,[connect_member_load]
  1301.                                              ,[server_vip_package]
  1302.                                              ,[server_bonus_info] FROM DmN_Vip_Packages WHERE id = :id AND server = :server  AND status = 1 ORDER BY id ASC');
  1303.             $stmt->execute([':id' => $id, ':server' => $server]);
  1304.             return $stmt->fetch();
  1305.         }
  1306.  
  1307.         public function set_vip_session($viptime, $data)
  1308.         {
  1309.             $this->session->register('vip', ['time' => $viptime, 'title' => $data['package_title'], 'reset_price_decrease' => $data['reset_price_decrease'], 'reset_level_decrease' => $data['reset_level_decrease'], 'reset_bonus_points' => $data['reset_bonus_points'], 'grand_reset_bonus_credits' => $data['grand_reset_bonus_credits'], 'hide_info_discount' => $data['hide_info_discount'], 'pk_clear_discount' => $data['pk_clear_discount'], 'clear_skilltree_discount' => $data['clear_skilltree_discount'], 'online_hour_exchange_bonus' => $data['online_hour_exchange_bonus'], 'change_name_discount' => $data['change_name_discount'], 'change_class_discount' => $data['change_class_discount'], 'bonus_credits_for_donate' => $data['bonus_credits_for_donate'], 'shop_discount' => $data['shop_discount']]);
  1310.         }
  1311.  
  1312.         public function load_my_referrals()
  1313.         {
  1314.             $stmt = $this->website->db('web')->prepare('SELECT refferal, date_reffered FROM DmN_Refferals WHERE refferer = :account ORDER BY date_reffered DESC');
  1315.             $stmt->execute([':account' => $this->session->userdata(['user' => 'username'])]);
  1316.             return $stmt->fetch_all();
  1317.         }
  1318.  
  1319.         public function load_referral_rewards()
  1320.         {
  1321.             $stmt = $this->website->db('web')->prepare('SELECT id, required_lvl, required_res, required_gres, reward, reward_type, server FROM DmN_Refferal_Reward_List WHERE server = :server AND status = 1');
  1322.             $stmt->execute([':server' => $this->session->userdata(['user' => 'server'])]);
  1323.             return $stmt->fetch_all();
  1324.         }
  1325.  
  1326.         public function check_referral_reward($id, $server)
  1327.         {
  1328.             $stmt = $this->website->db('web')->prepare('SELECT TOP 1 id, required_lvl, required_res, required_gres, reward, reward_type, server FROM DmN_Refferal_Reward_List WHERE id = :id AND server = :server AND status = 1');
  1329.             $stmt->execute([':id' => $id, ':server' => $server]);
  1330.             return $stmt->fetch();
  1331.         }
  1332.  
  1333.         public function check_claimed_referral_rewards($id, $chars, $server)
  1334.         {
  1335.             if(is_array($chars)){
  1336.                 $chars = array_map(function($a){
  1337.                     return sprintf("'%s'", $a);
  1338.                 }, $chars);
  1339.                 $search = implode(',', $chars);
  1340.             } else{
  1341.                 $search = '\'' . $chars . '\'';
  1342.             }
  1343.             $stmt = $this->website->db('web')->prepare('SELECT TOP 1 id FROM DmN_Refferal_Claimed_Rewards WHERE reward_id = :id AND account = :account AND character IN(' . $search . ') AND server = :server');
  1344.             $stmt->execute([':id' => $id, ':account' => $this->session->userdata(['user' => 'username']), ':server' => $server]);
  1345.             return $stmt->fetch();
  1346.         }
  1347.  
  1348.         public function check_name_in_history($name, $server)
  1349.         {
  1350.             $stmt = $this->website->db('web')->prepare('SELECT old_name, new_name FROM DmN_ChangeName_History WHERE new_name = :name OR old_name = :namee AND server = :server ORDER BY change_date DESC');
  1351.             $stmt->execute([':name' => $name, ':namee' => $name, ':server' => $server]);
  1352.             return $stmt->fetch_all();
  1353.         }
  1354.  
  1355.         public function check_if_reward_was_claimed($id, $server, $account)
  1356.         {
  1357.             $stmt = $this->website->db('web')->prepare('SELECT TOP 1 id FROM DmN_Refferal_Claimed_Rewards WHERE reward_id = :id AND account = :account AND server = :server AND ref_account = :ref_account');
  1358.             $stmt->execute([':id' => $id, ':account' => $this->session->userdata(['user' => 'username']), ':server' => $server, ':ref_account' => $account]);
  1359.             return $stmt->fetch();
  1360.         }
  1361.  
  1362.         public function add_referral_reward($reward, $reward_type, $char)
  1363.         {
  1364.             $this->website->add_credits($this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']), $reward, $reward_type);
  1365.             $this->add_account_log('Claimed referral reward from character ' . $char . ' for ' . $this->website->translate_credits($reward_type), $reward, $this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']));
  1366.         }
  1367.  
  1368.         public function log_reward($id, $char, $server, $account)
  1369.         {
  1370.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_Refferal_Claimed_Rewards (reward_id, account, character, server, ref_account) VALUES (:id, :account, :char, :server, :ref)');
  1371.             return $stmt->execute([':id' => $id, ':account' => $this->session->userdata(['user' => 'username']), ':char' => $char, ':server' => $server, ':ref' => $account,]);
  1372.         }
  1373.  
  1374.         public function check_referral_ips($acc)
  1375.         {
  1376.             $stmt = $this->website->db('web')->prepare('SELECT ip FROM DmN_IP_Log WHERE account = :account');
  1377.             $stmt->execute([':account' => $acc]);
  1378.             $data = $stmt->fetch_all();
  1379.             $ip_data = [];
  1380.             if(!empty($data)){
  1381.                 foreach($data AS $value){
  1382.                     $stmt2 = $this->website->db('web')->prepare('SELECT account FROM DmN_IP_Log WHERE ip = :ip');
  1383.                     $stmt2->execute([':ip' => $value['ip']]);
  1384.                     $ip_data = $stmt2->fetch_all();
  1385.                 }
  1386.                 if(!empty($ip_data)){
  1387.                     foreach($ip_data AS $key => $accounts){
  1388.                         foreach($accounts AS $acc){
  1389.                             if($this->session->userdata(['user' => 'username']) == $acc){
  1390.                                 return true;
  1391.                             }
  1392.                         }
  1393.                     }
  1394.                 }
  1395.             }
  1396.             return false;
  1397.         }
  1398.  
  1399.         public function get_guid($user = '')
  1400.         {
  1401.             $stmt = $this->account_db->prepare('SELECT memb_guid FROM MEMB_INFO WHERE memb___id = :user');
  1402.             $stmt->execute([':user' => $user]);
  1403.             $info = $stmt->fetch();
  1404.             return $info['memb_guid'];
  1405.         }
  1406.                
  1407.         public function get_memb___id($user = '')
  1408.         {
  1409.             $stmt = $this->account_db->prepare('SELECT memb___id FROM MEMB_INFO WHERE memb_guid = :user');
  1410.             $stmt->execute([':user' => $user]);
  1411.             $info = $stmt->fetch();
  1412.             return $info['memb___id'];
  1413.         }
  1414.  
  1415.         public function load_online_hours()
  1416.         {
  1417.             $stmt = $this->website->db('web')->prepare('SELECT SUM(OnlineMinutes) AS OnlineMinutes FROM DmN_OnlineCheck WHERE memb___id = :acc ' . $this->website->server_code($this->website->get_servercode($this->session->userdata(['user' => 'server']))) . '');
  1418.             $stmt->execute([':acc' => $this->session->userdata(['user' => 'username'])]);
  1419.             return $stmt->fetch();
  1420.         }
  1421.  
  1422.         public function exchange_online_hours($hours_to_exchange = 0, $minutes_left = 0)
  1423.         {
  1424.             if($hours_to_exchange > 0){
  1425.                 $reward = $this->config->config_entry('account|online_trade_reward');
  1426.                 if($this->session->userdata('vip')){
  1427.                     $reward += $this->session->userdata(['vip' => 'online_hour_exchange_bonus']);
  1428.                 }
  1429.                 $reward = (int)($hours_to_exchange * $reward);
  1430.                 $this->website->add_credits($this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']), $reward, $this->config->config_entry('account|online_trade_reward_type'));
  1431.                 $this->add_account_log('Exchange ' . $hours_to_exchange . ' online hours for ' . $this->website->translate_credits($this->config->config_entry('account|online_trade_reward_type'), $this->session->userdata(['user' => 'server'])) . '', $reward, $this->session->userdata(['user' => 'username']), $this->session->userdata(['user' => 'server']));
  1432.                 $stmt = $this->website->db('web')->prepare('UPDATE DmN_OnlineCheck SET OnlineMinutes = 0 WHERE  memb___id = :acc ' . $this->website->server_code($this->website->get_servercode($this->session->userdata(['user' => 'server']))) . '');
  1433.                 $stmt->execute([':acc' => $this->session->userdata(['user' => 'username'])]);
  1434.                 if($minutes_left > 0){
  1435.                     $stmt = $this->website->db('web')->prepare('UPDATE DmN_OnlineCheck SET OnlineMinutes = :minutes WHERE memb___id = :acc AND ServerName = :server_name');
  1436.                     $stmt->execute([':minutes' => $minutes_left, ':acc' => $this->session->userdata(['user' => 'username']), ':server_name' => $this->website->get_first_server_code($this->session->userdata(['user' => 'server']))]);
  1437.                 }
  1438.                 return true;
  1439.             }
  1440.             return false;
  1441.         }
  1442.  
  1443.         public function check_existing_email()
  1444.         {
  1445.             $stm = $this->account_db->prepare('SELECT mail_addr FROM MEMB_INFO WHERE (memb___id Collate Database_Default = :username) AND mail_addr = :email');
  1446.             $stm->execute([':username' => $this->website->c($this->session->userdata(['user' => 'username'])), ':email' => $this->website->c($this->vars['email'])]);
  1447.             return ($stm->fetch()) ? true : false;
  1448.         }
  1449.  
  1450.         public function create_email_confirmation_entry($old = 1)
  1451.         {
  1452.             $old = ($old == 1) ? 1 : 0;
  1453.             $this->activation_code = strtoupper(sha1(microtime()));
  1454.             $prepare = $this->website->db('web')->prepare('INSERT INTO DmN_Email_Confirmation (account, email, code, old_email) VALUES (:account, :email, :code, :old_email)');
  1455.             return $prepare->execute([':account' => $this->website->c($this->session->userdata(['user' => 'username'])), ':email' => $this->website->c($this->vars['email']), ':code' => $this->activation_code, ':old_email' => $old]);
  1456.         }
  1457.  
  1458.         public function delete_old_confirmation_entries($user, $old = 0)
  1459.         {
  1460.             $old = ($old == 1) ? 1 : 0;
  1461.             $stmt = $this->website->db('web')->prepare('DELETE FROM DmN_Email_Confirmation WHERE account = :acc AND old_email = ' . $old . '');
  1462.             return $stmt->execute([':acc' => $this->website->c($user)]);
  1463.         }
  1464.  
  1465.         public function load_email_confirmation_by_code($code)
  1466.         {
  1467.             $stmt = $this->website->db('web')->prepare('SELECT account, email, old_email FROM DmN_Email_Confirmation WHERE UPPER(code) = UPPER(:code)');
  1468.             $stmt->execute([':code' => $this->website->c($code)]);
  1469.             return $stmt->fetch();
  1470.         }
  1471.  
  1472.         public function update_email($acc, $email)
  1473.         {
  1474.             $stmt = $this->account_db->prepare('UPDATE MEMB_INFO SET mail_addr = :email WHERE memb___id = :account');
  1475.             return $stmt->execute([':email' => $this->website->c($email), ':account' => $this->website->c($acc)]);
  1476.         }
  1477.  
  1478.         public function get_last_ads_vote($interval = 12)
  1479.         {
  1480.             $vote_time = time() - (3600 * $interval);
  1481.             $log1 = $this->website->db('web')->query('SELECT TOP 1 account, ip, time FROM DmN_GoogleAds_Click WHERE account = \'' . $this->web_db->sanitize_var($this->session->userdata(['user' => 'username'])) . '\' AND time > ' . $this->web_db->sanitize_var($vote_time) . ' ORDER BY time DESC')->fetch();
  1482.             $log2 = $this->website->db('web')->query('SELECT TOP 1 account, ip, time FROM DmN_GoogleAds_Click WHERE ip = \'' . $this->web_db->sanitize_var(ip()) . '\' AND time > ' . $this->web_db->sanitize_var($vote_time) . ' ORDER BY time DESC')->fetch();
  1483.             if((isset($log1['account']) || isset($log2['ip'])) || (isset($log1['account']) && isset($log2['ip']))){
  1484.                 return isset($log1['time']) ? $log1['time'] : $log2['time'];
  1485.             }
  1486.             return false;
  1487.         }
  1488.  
  1489.         public function log_ads_vote()
  1490.         {
  1491.             $stmt = $this->website->db('web')->prepare('INSERT INTO DmN_GoogleAds_Click (ip, account, time) VALUES (:ip, :account, :time)');
  1492.             return $stmt->execute([':ip' => ip(), ':account' => $this->session->userdata(['user' => 'username']), ':time' => time()]);
  1493.         }
  1494.        
  1495.         private function is_hex($hex_code) {
  1496.             return @preg_match("/^[a-f0-9]{2,}$/i", $hex_code) && !(strlen($hex_code) & 1);
  1497.         }
  1498.     }
  1499.    
RAW Paste Data