<?php$sessionID = $_GET["sessionID"];$actionget = $_GET["action"];$user

1. <?php
2.  
3. $sessionID = $_GET["sessionID"];
4. $actionget = $_GET["action"];
5. $user = $_GET["user"];
6. $password = $_GET["password"];
7.  
8. if (empty($sessionID)) die ("ERROR:INVALID_SESSION_ID");
9.  
10. $action = new action;
11. if ($actionget == "connect")
12. $response = $action->connect($user, $password);
13. elseif ($actionget == "register")
14. $response = $action->register($user, $password);
15. else
16. $response = "ERROR:NO_ACTION";
17.  
18. echo rc4($sessionID, $response);
19.  
20. class action
21. {
22. public $bdd;
23.  
24. public function action()
25. {
26. try { $this->bdd = new PDO('mysql:host=localhost;dbname=u518864478_admin', 'u518864478_etaix', 'BddB0cc9'); }
27. catch (Exception $ex) { die('ERROR:ERROR_BDD_CONNECTION'); }
28. }
29.  
30. public function connect($user, $pass)
31. {
32. if (!$this->userExist($user)) return ("ERROR:USER_NOT_FOUND");
33.  
34. $data = $this->executeQuery("SELECT * FROM Users WHERE User = ?;", array($user));
35. if ($data['Password'] != $pass)
36. return ("ERROR:INCORRECT_PASSWORD");
37. elseif ($data['Banned'] == 1)
38. return ("ERROR:USER_BANNED");
39. Else
40. Return ("OK:") . $data['Premium'];
41. }
42.  
43. public function register($user, $pass)
44. {
45. if (!empty($data['User'])) return ("ERROR:KEY_ALREADY_USED");
46. if ($this->userExist($user)) return ("ERROR:USER_ALREADY_EXIST");
47.  
48. $this->executeQuery("INSERT INTO Users VALUES ('', ?, ?, '0', '0', ?);", array($user, $pass, getTime()));
49.  
50. return ("OK:REGISTERED");
51. }
52.  
53. private function userExist($user)
54. {
55. $data = $this->executeQuery("SELECT * FROM Users WHERE User = ?;", array($user));
56. if (empty($data['User']))
57. return (false);
58. Else
59. return (true);
60. }
61.  
62. private function executeQuery($query, $args, $fetch = true)
63. {
64. $response = $this->bdd->prepare($query);
65. $response->execute($args);
66. if ($fetch)
67. {
68. $data = $response->fetch();
69. $response->closeCursor();
70. return ($data);
71. }
72. else
73. Return ($response);
74. }
75. }
76.  
77. function rc4($key, $str) {
78. $s = array();
79. for ($i = 0; $i < 256; $i++) {
80. $s[$i] = $i;
81. }
82.  
83. $j = 0;
84.  
85. for ($i = 0; $i < 256; $i++) {
86. $j = ($j + $s[$i] + ord($key[$i % strlen($key)])) % 256;
87. $x = $s[$i];
88. $s[$i] = $s[$j];
89. $s[$j] = $x;
90. }
91.  
92. $i = 0;
93. $j = 0;
94. $res = '';
95.  
96. for ($y = 0; $y < strlen($str); $y++) {
97. $i = ($i + 1) % 256;
98. $j = ($j + $s[$i]) % 256;
99. $x = $s[$i];
100. $s[$i] = $s[$j];
101. $s[$j] = $x;
102. $res .= $str[$y] ^ chr($s[($s[$i] + $s[$j]) % 256]);
103. }
104.  
105. return $res;
106. }
107.  
108. function getTime()
109. {
110. date_default_timezone_get('Europe/Paris');
111. return date("Y-m-d h:i:s");
112. }
113.  
114. ?>