Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- Class Users {
- public function habbocTicket() {
- global $db;
- $str= '0123456789abcdefghijklmnopqrstuvwxyz';
- $shuffled = str_shuffle($str);
- $ticket = SNAME . 'Auth--' . $shuffled . '--Ticket';
- $db->save('UPDATE users SET auth_ticket =:auth_ticket WHERE username=:username LIMIT 1',
- array(
- 'auth_ticket' => $ticket,
- 'username' => $this->userData()->username
- ));
- return $ticket;
- }
- public function passHash($var) {
- $str = 'abcdefghijklmnopqrstuvwxyz'
- . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
- . '0123456789!@#$%^&*()';
- $shuffled = str_shuffle($str);
- return sha1($var . md5($var . $str)) . sha1($var . $str);
- }
- public function checkUsername($user) {
- global $db;
- $req = $db->row('SELECT * FROM users WHERE username=:username LIMIT 1', array('username' => $user));
- return $req;
- }
- public function checkEmail($email) {
- global $db;
- $req = $db->row('SELECT * FROM users WHERE mail=:mail LIMIT 1', array('mail' => $email));
- return $req;
- }
- public function findAccount($user, $pass) {
- global $db;
- $result = $db->row('SELECT * FROM users WHERE username=:username AND password=:password LIMIT 1',
- array(
- 'username' => $user,
- 'password' => $this->passHash($pass)
- ));
- return $result;
- }
- public function Login() {
- global $db, $core;
- if(isset($_POST['username']) && $_GET['action'] == "login") {
- if(!empty($_POST['username']) && !empty($_POST['password'])) {
- $userdata = $db->query('SELECT id, username, password FROM users WHERE username=:username AND password =:password',
- array(
- 'username' => $_POST['username'],
- 'password' => $this->passHash($_POST['password'])
- ));
- $key = sha1($userdata[0]->username . $userdata[0]->password . USER_IP);
- if(isset($_POST['remember'])) {
- setcookie('auth', $userdata[0]->id . '------' . $key, time() + 3600 * 24 * 10, '/', '127.0.0.1', false, true);
- }
- if($userdata) {
- $db->save('UPDATE users SET last_online=:last_online WHERE id=:id',
- array(
- 'last_online' => time(),
- 'id' => $userdata[0]->id
- ));
- $_SESSION['Auth'] = (array)$userdata[0];
- $core->go('home');
- //$core::setMessage('Correct login', 'notification');
- } else {
- $core::setMessage('Incorrect login details', 'notification-modal');
- }
- } else {
- $core::setMessage($core->Write('errors.empty_fields'), 'notification-modal');
- }
- }
- }
- public function addUser() {
- global $db, $core;
- if(isset($_POST['signup']) && $_GET['action'] == "register") {
- if(!empty($_POST['username']) && !empty($_POST['newpass']) && !empty($_POST['password_confirm']) && !empty($_POST['captcha']) && !empty($_POST['email'])) {
- if($core->verifyCaptcha()) {
- if($this->checkUsername($_POST['username']) > 0) {
- $core::setMessage('Username taken','notification mauto');
- }
- //elseif(!preg_match('/^$[aZ-09]*/', subject))
- elseif($this->checkEmail($_POST['email']) > 0) {
- $core::setMessage('Email already in use.','notification-modal');
- }
- elseif(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
- $core::setMessage('Please enter a validate email', 'notification-modal');
- }
- elseif(strlen($_POST['newpass']) < 6) {
- $core::setMessage('Your password should be at least 6 characters', 'notification-modal');
- }
- elseif($_POST['newpass'] !== $_POST['password_confirm']) {
- $core::setMessage('Your passwords doesn\'t match. Please try again.', 'notification-modal');
- }
- else {
- // Let's fucking add our user to DB.
- $db->save('INSERT INTO users (username, mail, password, activity_points, credits, motto, account_created, vip_points, look, ip_reg) VALUES(:username, :mail, :password, :activity_points, :credits, :motto, :account_created, :vip_points, :look, :ip_reg) ', array(
- 'username' => $_POST['username'],
- 'mail' => $_POST['email'],
- 'password' => $this->passHash($_POST['newpass']),
- 'activity_points' => '1500',
- 'credits' => '100000',
- 'motto' => 'Welcome to ' . SNAME,
- 'account_created' => time(),
- 'vip_points' => '5',
- 'look' => 'hr-115-42.hd-190-1.ch-215-62.lg-285-91.sh-290-62',
- 'ip_reg' => USER_IP
- ));
- //mail("localhost", "Welcome to '".SNAME."' ", "Welcome to our website, fag!");
- $core->go('home');
- $_SESSION['logged'] = true;
- $_SESSION['Auth'] = array();
- $_SESSION['Auth']['username'] = $_POST['username'];
- $_SESSION['Auth']['password'] = $this->passHash($_POST['newpass']);
- // Email sending here:
- $to = $_POST['email'];
- $subject = 'Welcome to ' . SNAME;
- $message = 'Hello <b>'.$_POST['username'].'</b>';
- $headers = 'From: no-replay@habboc.fr' . "\r\n" .
- 'Reply-To: no-replay@habboc.fr' . "\r\n";
- mail($to, $subject, $message, $headers);
- exit();
- }
- } else {
- $core::setMessage('Wrong captcha.','notification-modal');
- }
- } else {
- $core::setMessage('Please fill all in fucking fields.','notification-modal');
- }
- }
- }
- public function loggedIn() {
- if(isset($_SESSION['Auth'])) {
- return true;
- } else {
- return false;
- }
- }
- public function checkLogged() {
- global $core;
- if(!$this->loggedIn()) {
- $core->go('?auth=false');
- }
- }
- public function checkAuth() {
- global $core;
- if(!$this->loggedIn()) {
- $core->go('?auth=false');
- } /*elseif(isset($_COOKIE['remember_me']) && $this->loggedIn()) {
- $core->go('home');
- }**/
- }
- public function checkCookie() {
- global $core;
- if(isset($_COOKIE['auth'])) {
- $core->go('home');
- }
- }
- public function checkToken() {
- if(isset($_SESSION['token'])) {
- if(isset($_GET['t']) && $_GET['t'] != $_SESSION['token']) {
- die('Looks like we got a badass over here');
- }
- }
- }
- public function userData() {
- global $db, $core;
- if(isset($_SESSION['Auth'])) {
- $req = $db->query('SELECT * FROM users WHERE username=:username AND password=:password',
- array(
- 'username' => $_SESSION['Auth']['username'],
- 'password' => $_SESSION['Auth']['password']
- ));
- return $req[0];
- } else {
- echo "{unknown_user}";
- }
- }
- public function resetPass($length = 8) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
- public function passwordReset(){
- global $core, $db;
- if(isset($_GET['action']) && $_GET['action'] == "resetpw") {
- if(isset($_POST['email'])) {
- $core::setMessage('Password reset sucessfully, check your email. <br> If you don\'t see the email, you might check other places like Junk, spam, or other folders. ', 'notification mauto mbottom success');
- $passreset = $this->resetPass();
- if(!empty($_POST['email'])) {
- if($this->checkEmail($_POST['email']) == 0) {
- $core::setMessage('D\'oh! We could not find anything. Please try using another email.', 'notification-modal');
- } else {
- $db->save('UPDATE users SET password=:password WHERE mail=:mail LIMIT 1',
- array(
- 'password' => $this->passHash($passreset),
- 'mail' => $_POST['email']
- ));
- $to = $_POST['email'];
- $subject = 'Your ' . SNAME . ' password has been reset.';
- $message = 'Dear user, <br>
- Your password has been reset, this is your new <b>'.SNAME.'</b> password:<br>
- <strong>'.$passreset.'</strong><hr>
- <a href="'.WWW.'/">CLICK HERE</a> to login back to your account.
- ';
- $headers = 'From: no-replay@habboc.nl' . "\r\n" .
- 'Reply-To: no-replay@habboc.nl' . "\r\n";
- mail($to, $subject, $message, $headers);
- }
- } else {
- $core::setMessage('Please enter an email address!', 'notification-modal');
- }
- }
- }
- }
- public function updateProfile() {
- global $core, $db, $users;
- if(isset($_POST['amigos']) && isset($_POST['motto']) && isset($_GET['t']) && $_GET['action'] == 'updateprofile') {
- $amigos = $_POST['amigos'];
- $motto = $_POST['motto'];
- $trade_lock = $_POST['trade_lock'];
- if(!empty($motto)) {
- $db->save('UPDATE users SET motto = :motto, block_newfriends=:block_newfriends, trade_lock =:trade_lock WHERE id=:id LIMIT 1',
- array(
- 'motto' => $motto,
- 'block_newfriends' => $amigos,
- 'trade_lock' => $trade_lock,
- 'id' => $users->userData()->id
- ));
- $core::setMessage('Profile updated successfully!', 'notification-modal success');
- $core->debug($_POST);
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement