Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- class Funzioni
- {
- protected $config;
- function __construct()
- {
- $config = new Config();
- $this->config = $config;
- }
- public function mysql_connection()
- {
- $connessione = null;
- try
- {
- $connessione = new PDO('mysql:host=' . $this->config->config('host') . ';port=3306;dbname=' . $this->config->config('db'), $this->config->config('user'), $this->config->config('pass'));
- $connessione->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- }
- catch(PDOException $exception)
- {
- die('Errore MySQL: '.$exception->getMessage().'');
- }
- return $connessione;
- }
- public function RunSql($sql)
- {
- $stmt = $this->mysql_connection()->prepare($sql);
- return $stmt;
- }
- public function hash($password)
- {
- $password1 = sha1($password . "xCg532%@%gdvf^5DGaa6&*rFTfg^FD4\$OIFThrR_gh(ugf*/");
- return $password1;
- //$password = md5(sha1(sha1(md5($password))));
- //return $password;
- }
- public function mus($header, $data=''){
- $musData = $header . chr(1) . $data;
- $sock = @socket_create(AF_INET, SOCK_STREAM, getprotobyname('tcp'));
- @socket_connect($sock, '158.69.112.236', '30001');
- @socket_send($sock, $musData, strlen($musData), MSG_DONTROUTE);
- @socket_close($sock);
- }
- public function data($a)
- {
- $H = date('H');
- $i = date('i');
- $s = date('s');
- $m = date('m');
- $d = date('d');
- $Y = date('Y');
- $j = date('j');
- $n = date('n');
- $today = $d;
- $month = $m;
- $year = $Y;
- $getmoney_date = date('d/m/Y',mktime($m,$d,$Y));
- $birthday_date = date('d/m', mktime($m,$d));
- $date_normal = date('d/m/Y',mktime($m,$d,$Y));
- $date_full = date('d/m/Y - H:i:s',mktime($H,$i,$s,$m,$d,$Y));
- $data = array('normal' => $date_normal, 'completa' => $date_full);
- return $data[$a];
- }
- public function getlast($a)
- {
- if(!empty($a) || !$a == ''){
- if(is_numeric($a)){
- $date = $a;
- $date_now = time();
- $difference = $date_now - $date;
- if($difference <= '59'){ $echo = ''. $difference .' secondi fa'; }
- elseif($difference <= '3599' && $difference >= '60'){
- $minutos = date('i', $difference);
- if($minutos[0] == 0) { $minutos = $minutos[1]; }
- if($minutos == 1) { $minutos_str = 'minuto'; }
- else { $minutos_str = 'minuti'; }
- $echo = 'Ultima connessione: '.$minutos.' '.$minutos_str;//Minutos
- }elseif($difference <= '86399' && $difference >= '3600') {
- $horas = floor(date('H', $difference));
- if($horas == 1) { $horas_str = 'ora fa'; }
- else { $horas_str = 'ore fa'; }
- $echo = 'Ultima connessione: '.$horas.' '.$horas_str;//Minutos
- }elseif($difference <= '518399' && $difference >= '86400'){
- $dias = floor(date('d', $difference));
- if($dias == 1) { $dias_str = 'giorno'; }
- else { $dias_str = 'giorni'; }
- $echo = 'Ultima connessione: '.$dias.' '.$dias_str;//Minutos
- }elseif($difference <= '2678399' && $difference >= '518400'){
- $semana = floor(date('d', $difference) / 7).'<!-- WTF -->';
- if($semana == 1) { $semana_str = 'settimana'; }
- else { $semana_str = 'settimane'; }
- $echo = 'Ultima connessione: '.floor($semana).' '.$semana_str;//Minutos
- }else { $echo = 'Ultima connessione: '.floor(date('m', $difference)).' mese'; }
- return $echo;
- }else{ return $a; }
- }else{ return 'Non si è ancora connesso!'; }
- }
- public function datenews($date)
- {
- $tiempo = time();
- $diferencia = $tiempo - $date;
- if($diferencia >= '0' && $diferencia <= '86400')
- {
- $cuando = 'Adesso';
- }
- elseif($diferencia > '86400' && $diferencia <= '172800')
- {
- $cuando = 'Ieri';
- }
- elseif($diferencia > '172800' && $diferencia <= '604800')
- {
- $cuando = 'Questa settimana';
- }
- elseif($diferencia > '604800' && $diferencia <= '1209600')
- {
- $cuando = 'Settimana scorsa';
- }
- elseif($diferencia > '1209600' && $diferencia <= '2592000')
- {
- $cuando = 'Questo mese';
- }
- elseif($diferencia > '2592000')
- {
- $cuando = 'Più di un mese fa';
- }
- return $cuando;
- }
- public function count($tbl)
- {
- $asd = $this->RunSql('SELECT * FROM '.$tbl.'');
- $asd->execute();
- $count = $asd->rowCount();
- return $count;
- }
- public function ip()
- {
- if($_SERVER) {
- if($_SERVER["HTTP_X_FORWARDED_FOR"]) {
- $realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
- } elseif ($_SERVER["HTTP_CLIENT_IP"]) {
- $realip = $_SERVER["HTTP_CLIENT_IP"];
- } else {
- $realip = $_SERVER["REMOTE_ADDR"];
- }
- } else {
- if(getenv("HTTP_X_FORWARDED_FOR")) {
- $realip = getenv("HTTP_X_FORWARDED_FOR");
- } elseif(getenv("HTTP_CLIENT_IP")) {
- $realip = getenv("HTTP_CLIENT_IP");
- } else {
- $realip = getenv("REMOTE_ADDR");
- }
- }
- return $realip;
- }
- public function connessi() {
- $sql_onlines = $this->RunSql("SELECT * FROM users WHERE online = '1'");
- $sql_onlines->execute();
- $ons = $sql_onlines->rowCount();
- $onlines = '<img src="'.$this->config->sito('www').'/app/images/online.gif" /> Ci sono <b>'.$ons.'</b> Habs in Hotel!';
- return $onlines;
- }
- public function adduser()
- {
- if(isset($_POST['reg_username']) && isset($_POST['reg_mail']) && isset($_POST['reg_pass']) && isset($_POST['reg_rippass']))
- {
- $checkUsername = $this->RunSql("SELECT * FROM users WHERE username = :uname");
- $checkUsername->execute(array(':uname' => $_POST['reg_username']));
- $checkMail = $this->RunSql("SELECT * FROM users WHERE mail = :mail");
- $checkMail->execute(array(':mail' => $_POST['reg_mail']));
- //CHECK CLONI
- $query = $this->RunSql('SELECT * FROM users WHERE ip_reg = :ip');
- $query->execute(array('ip' => $this->ip()));
- $query->fetch(PDO::FETCH_ASSOC);
- if(isset($_POST['g-recaptcha-response'])){
- $captcha = $_POST['g-recaptcha-response'];
- }
- $look = substr($_POST['habbo-avatar'], 0, -9);
- $gender = substr($_POST['habbo-avatar'], -1);
- if(empty($_POST['reg_username']) || empty($_POST['reg_mail']) || empty($_POST['reg_pass']) || empty($_POST['reg_rippass']))
- {
- $_SESSION['reg_error'] = 'Riempi tutti i campi!';
- return false;
- }
- elseif($checkUsername->rowCount())
- {
- $_SESSION['reg_error'] = 'Username occupato!';
- return false;
- }
- elseif($checkMail->rowCount())
- {
- $_SESSION['reg_error'] = 'E-mail occupata!';
- return false;
- }
- elseif($_POST['reg_pass'] !== $_POST['reg_rippass'])
- {
- $_SESSION['reg_error'] = 'Le password non coincidono!';
- return false;
- }
- elseif(strlen($_POST['reg_username']) > 12 || strlen($_POST['reg_username']) < 3)
- {
- $_SESSION['reg_error'] = 'L<sup></sup>username deve contenere dai 3 ai 12 catattersi!';
- return false;
- }
- elseif(strrpos($_POST['reg_username'], "MOD-") !== false)
- {
- $_SESSION['reg_error'] = 'Non puoi registrarti col prefisso MOD-';
- return false;
- }
- elseif(strrpos($_POST['reg_username'], " ") || strrpos($_POST['reg_username'], " ") !== false)
- {
- $_SESSION['reg_error'] = 'Non puoi contenere spazi nel nome!';
- return false;
- }
- elseif(strrpos($_POST['reg_username'], ".") || strrpos($_POST['reg_username'], ".") !== false)
- {
- $_SESSION['reg_error'] = 'Non puoi contenere punti nel nome!';
- return false;
- }
- elseif($query->rowCount() >= 2){
- $_SESSION['reg_error'] = 'Oops massimo 2 account per IP';
- }
- elseif (!$captcha)
- {
- $_SESSION['reg_error'] = 'Verifica di non essere un robot!';
- return false;
- }
- else
- {
- $inserisci = $this->RunSql("INSERT INTO users (username, password, mail, look, gender, motto, ip_reg, account_created,home_room) VALUES (:username, :psw, :mail, :look, :gender, :motto, :ip, :tempo, '24469')");
- $inserisci->execute(array(':username' => $_POST['reg_username'], ':psw' => $this->hash($_POST['reg_pass']), ':mail' => $_POST['reg_mail'], ':look' => $look, ':gender' => $gender, ':motto' => $this->config->sito('motto'), ':ip' => $this->ip(), ':tempo' => time()));
- $_SESSION['username'] = $_POST['reg_username'];
- $_SESSION['password'] = $_POST['reg_pass'];
- $_SESSION['user_id'] = $this->user('id');
- return true;
- }
- }
- }
- public function checkinfo()
- {
- $sql_user = $this->RunSql("SELECT * FROM users WHERE username = :uname AND password = :psw LIMIT 1");
- $sql_user->execute(array(':uname' => $_POST['username'], ':psw' => $this->hash($_POST['password'])));
- if(isset($_POST['username']) && isset($_POST['password']))
- {
- if(empty($_POST['username']) || empty($_POST['password']))
- {
- $loginerror = 'Non lasciare spazi bianchi!';
- $_SESSION['login_error'] = $loginerror;
- return false;
- }
- elseif(!$sql_user->rowCount())
- {
- $loginerror = 'Dati incorretti!';
- $_SESSION['login_error'] = $loginerror;
- return false;
- }
- elseif($sql_user->rowCount())
- {
- $_SESSION['username'] = $_POST['username'];
- $_SESSION['password'] = $_POST['password'];
- $_SESSION['user_id'] = $this->user('id');
- return true;
- }
- }
- }
- public function checklogged($a) {
- if($a == 'yes')
- {
- if(isset($_SESSION['username']) && isset($_SESSION['password']))
- {
- header("Location: /me");
- }
- }
- elseif($a == 'no')
- {
- if(empty($_SESSION['username']) && empty($_SESSION['password']))
- {
- header("Location: /");
- }
- }
- }
- public function stats($fields)
- {
- $stmt = $this->RunSql("SELECT ".$fields." FROM user_stats WHERE id = :id LIMIT 1");
- $stmt->execute(array(':id' => $this->user('id')));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- return $row[$fields];
- }
- public function user($a) {
- $user = $this->RunSql("SELECT * FROM users WHERE username = :uname AND password = :pass LIMIT 1");
- $user->execute(array(':uname' => $_SESSION['username'], ':pass' => $this->hash($_SESSION['password'])));
- if($user->rowCount())
- {
- $usr = $user->fetch(PDO::FETCH_ASSOC);
- return $usr[$a];
- }
- }
- public function checkrank($a) {
- if($a == 'senza-accesso')
- {
- if($this->user('rank') < $this->config->sito('hkmin'))
- {
- header("Location: /");
- }
- }
- elseif($a == 'maxrank')
- {
- if($this->user('rank') < $this->config->sito('hkmax'))
- {
- header("Location: ".$this->config->sito('www').$this->config->sito('AdminCP')."");
- }
- }
- }
- public function banned() {
- $checkban = $this->RunSql("SELECT * FROM bans WHERE value = :a OR value = :b LIMIT 1");
- $checkban->execute(array(':a' => $this->user('username'), ':b' => $this->ip()));
- if($checkban->rowCount())
- {
- header("Location: /logout");
- }
- }
- public function salva_modello($code)
- {
- $random = "model_".rand(555,999999);
- try{
- $stmt = $this->RunSql("INSERT INTO room_models(id,door_x,door_y,door_dir,heightmap)
- VALUES(:id, '0', '10', '2', :code)");
- $stmt->bindparam(":code", $code);
- $stmt->bindparam(":id", $random);
- $stmt->execute();
- $room = $this->RunSql("INSERT INTO rooms(caption,owner,owner_id,model_name)
- VALUES('Stanza Creata con il Floor!', :owner, :usrid, :roomid)");
- $room->execute(array(':owner' => $this->user('username'),':usrid' => $_SESSION['user_id'], ':roomid' => $random));
- $this->mus("update_model");
- return $stmt;
- }
- catch(PDOException $e)
- {
- echo $e->getMessage();
- }
- }
- public function GeneraTicket()
- {
- $data = "";
- for ($i=1; $i<=6; $i++){
- $data = $data . rand(0,10000000);
- }
- $data = $data . "";
- for ($i=1; $i<=20; $i++){
- $data = $data . rand(0,1000000);
- }
- $data = $data . "";
- $data = $data . rand(0,100000);
- return $data;
- }
- public function SSO()
- {
- $stmt = $this->RunSql("UPDATE users SET auth_ticket = :ticket, ip_last = :ip , last_online = UNIX_TIMESTAMP() WHERE id = :sessione");
- $stmt->execute(array(':ticket' => md5(sha1(md5($this->GeneraTicket()))), ':ip' => $this->ip(), ':sessione' => $this->user('id')));
- }
- public function hk_login() {
- if(isset($_POST['hk_submit']))
- {
- if(empty($_POST['hk_username']) || empty($_POST['hk_password']) || empty($_POST['hk_pin']))
- {
- $_SESSION['hk_error'] = 'Non lasciare spazi bianchi!';
- return false;
- }
- elseif($_POST['hk_username'] != $_SESSION['username'])
- {
- $_SESSION['hk_error'] = 'Username inesistente';
- return false;
- }
- elseif($_POST['hk_password'] != $_SESSION['password'])
- {
- $_SESSION['hk_error'] = 'Password incorretta';
- return false;
- }
- elseif($_POST['hk_pin'] != $this->config->sito('hk_pin'))
- {
- $_SESSION['hk_error'] = 'Il codice di sicurezza è errato!';
- return false;
- }
- elseif($this->user('rank') < $this->config->sito('hkmin'))
- {
- $_SESSION['hk_error'] = 'Non hai i permessi per entrare :(';
- return false;
- }
- else
- {
- $asd = $this->RunSql("INSERT INTO stafflogs (action, message, note, userid, timestamp) VALUES ('Login',:uname,:rank, :id, :tempo)");
- $asd->execute(array(':uname' => $this->user('username'), ':rank' => $this->user('rank'), ':id' => $this->user('id'), ':tempo' => time()));
- $_SESSION['hk_loged'] = 'loggato';
- return true;
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement