API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 26th, 2017
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.21 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. Class User {
  3. public $exists = false;
  4. public $id = 0;
  5. public $banned = false;
  6. public $ban = null;
  7. public $username = null;
  8. public $password = null;
  9. public $mail = null;
  10. public $online = false;
  11. public $credits = 0;
  12. public $pixels = 0;
  13. public $respect = 0;
  14. public $motto = null;
  15. public $look = null;
  16. public $rank = 0;
  17. public $ticket = null;
  18. public $ip = null;
  19. public $geheim_pass = null;
  20. public $vip;
  21. public $vipStatus;
  22. public $data = Array();
  23.  
  24. private $allUsersData = Array();
  25. private $permissions = Array();
  26. private $userStats = Array();
  27. private $friendList = Array();
  28.  
  29. public function __construct($data = null, $type = "id", $checkban = true, $secure = false) {
  30. global $_SERVER;
  31. if($data == null) {
  32. $this->make_fatal_error("De opgegeven data is <i>NULL</i>, daar kan geen gebruiker voor gevonden worden. Om fouten te voorkomen word de rest van de website niet weergeven.");
  33. }
  34.  
  35. $q = Array();
  36.  
  37. $q['query'] = DB::Query("SELECT * FROM `users` ORDER BY `id`");
  38. while($q['fetch'] = DB::Fetch($q['query'])) {
  39. $this->allUsersData[$q['fetch']['id']] = $q['fetch'];
  40. }
  41.  
  42. $q['query'] = DB::Query("SELECT * FROM `users` WHERE `" . $type . "` = '" . htmlentities(addslashes(DB::Escape($data))) . "' LIMIT 1");
  43. if(DB::NumRows($q['query']) === 0) {
  44. $this->exists = false;
  45. return false;
  46. }
  47. $q['fetch'] = DB::Fetch($q['query']);
  48.  
  49. $this->exists = true;
  50. $this->id = $q['fetch']['id'];
  51. $this->username = $q['fetch']['username'];
  52. $this->password = $q['fetch']['password'];
  53. $this->mail = $q['fetch']['mail'];
  54. $this->online = ($q['fetch']['online'] == "1");
  55. $this->credits = $q['fetch']['credits'];
  56. $this->pixels = $q['fetch']['activity_points'];
  57. $this->Vip_points = $q['fetch']['vip_points'];
  58. $this->motto = htmlspecialchars($q['fetch']['motto']);
  59. $this->look = $q['fetch']['look'];
  60. $this->rank = $q['fetch']['rank'];
  61. $this->ticket = $q['fetch']['auth_ticket'];
  62.  
  63. $this->acceptnew_friends = $q['fetch']['block_newfriends'];
  64. $this->hide_room = $q['fetch']['hide_inroom'];
  65. $this->hide_online = $q['fetch']['hide_online'];
  66. $this->geheim_pass = $q['fetch']['geheim_pass'];
  67. $this->home_text = $q['fetch']['home_text'];
  68. $this->ip = $_SERVER['REMOTE_ADDR'];
  69. $this->data = $q['fetch'];
  70. $this->vip = ($q['fetch']['vip'] == "1");
  71. $this->vipStatus = DB::Fetch(DB::Query("SELECT * FROM `user_vip` WHERE `user_id` = '" . $this->id . "' ORDER BY `id` DESC LIMIT 1"));
  72.  
  73.  
  74. while($q['fetch'] = DB::Fetch($q['query'])) {
  75. $friendID = (($q['fetch']['user_two_id'] == $this->id) ? $q['fetch']['user_one_id'] : $q['fetch']['user_two_id']);
  76. if(isset($this->friendList[$friendID])) continue;
  77. $this->friendList[$friendID] = $this->allUsersData[$friendID];
  78. }
  79.  
  80. if($this->vip) {
  81. if($this->vipStatus['vip_expire_timestamp'] < time()) {
  82. $this->vip = false;
  83. DB::Query("UPDATE `users` SET `rank` = '" . (($this->rank < 3) ? '1': $this->rank) . "', `vip` = '0' WHERE `id` = '" . $this->id . "'");
  84. } else {
  85. $this->vip = true;
  86. DB::Query("UPDATE `users` SET `rank` = '" . (($this->rank < 3) ? '2': $this->rank) . "', `vip` = '1' WHERE `id` = '" . $this->id . "'");
  87. }
  88. }
  89.  
  90. $this->CheckBan($checkban);
  91. $this->LoadPermissions();
  92. $this->UpdateTicket();
  93.  
  94. return true;
  95. }
  96.  
  97. public function HasPermission($str = "") {
  98. if(isset($this->permissions[$str])) {
  99. return true;
  100. }
  101. return false;
  102. }
  103.  
  104. public function GetFriends() {
  105. return $this->friendList;
  106. }
  107.  
  108. public function Prepare($sessionid) {
  109. setcookie("pixel_user_hash", $_COOKIE['pixel_user_hash'], (time() + ((3600 * 24) * 7)), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
  110. DB::Query("UPDATE `cms_sessions` SET `session_end` = (UNIX_TIMESTAMP() + ((3600 * 24) * 7)) WHERE `id` = '" . $sessionid . "'");
  111. }
  112.  
  113. public function SetCookie($name, $value, $length = 3600) {
  114. global $_SERVER;
  115. setcookie($name, $value, (time() + $length), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
  116. return true;
  117. }
  118.  
  119. public function CreateSession($length = null, $staff_session = false) {
  120. global $_SERVER;
  121.  
  122. $token = $this->create_token();
  123. if(is_numeric(str_replace(".", "", $_SERVER['HTTP_HOST']))) {
  124. setcookie("pixel_user_hash", $token, (time() * 6), "/", "" . str_replace("www.", "", $_SERVER['HTTP_HOST']));
  125. } else {
  126. setcookie("pixel_user_hash", $token, (($length != null) ? (time() + $length) : (time() + ((3600 * 24) * 7))), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
  127. }
  128.  
  129. DB::Query("
  130. INSERT INTO
  131. `cms_sessions`
  132. (
  133. user_id,
  134. ip,
  135. user_agent,
  136. session_hash,
  137. session_start,
  138. session_end,
  139. staff_session
  140. )
  141. VALUES
  142. (
  143. '" . $this->id . "',
  144. '" . $_SERVER['REMOTE_ADDR'] . "',
  145. '" . $_SERVER['HTTP_USER_AGENT'] . "',
  146. '" . $token . "',
  147. UNIX_TIMESTAMP(),
  148. (UNIX_TIMESTAMP() + ((3600 * 24) * 7)),
  149. '" . (($staff_session) ? 'true' : 'false') . "'
  150. )
  151. ");
  152.  
  153. return true;
  154. }
  155.  
  156. public function KillSession($session = "") {
  157. DB::Query("UPDATE `cms_sessions` SET `session_end` = '0' WHERE `session_hash` = '" . $session . "'");
  158.  
  159. return true;
  160. }
  161.  
  162. private function LoadPermissions() {
  163. $data = Array();
  164. $data['query'] = DB::Query("SELECT * FROM `permissions_ranks` WHERE `rank` = '" . $this->rank . "'");
  165. while($data['fetch'] = DB::Fetch($data['query'])) {
  166. foreach($data['fetch'] as $key => $value) {
  167. if($key == "rank") continue;
  168. if($value == '0') continue;
  169. $this->permissions[$key] = true;
  170. }
  171. }
  172. }
  173.  
  174. private function create_token() {
  175. $token = "";
  176.  
  177. $token .= substr(sha1($this->username), 4, 5) . "-";
  178. $token .= substr(sha1($this->id), 4, 5) . "-";
  179. $token .= substr($this->password, 4, 5) . "-";
  180. $token .= substr(sha1(rand(10000, 99999)), 4, 5) . "-";
  181. $token .= substr(sha1(rand(10000, 99999)), 4, 5);
  182. $token .= substr(sha1(time()), 4, 5);
  183.  
  184. return $token;
  185. }
  186.  
  187. private function CheckBan($checkban) {
  188. $data = Array();
  189. $data['query'] = DB::Query("SELECT * FROM `bans` WHERE `value` = '" . $this->username . "' AND `expire` >= UNIX_TIMESTAMP() OR `value` = '" . $this->ip . "' AND `expire` >= UNIX_TIMESTAMP() ORDER BY id DESC LIMIT 1");
  190. $data['num'] = DB::NumRows($data['query']);
  191. $data['fetch'] = DB::Fetch($data['query']);
  192.  
  193. if($data['num'] > 0) {
  194. $this->banned = true;
  195. $this->ban = $data['fetch'];
  196. $this->KillSession();
  197. if($checkban) {
  198. header("location: /verbannen.php");
  199. }
  200. }
  201. }
  202.  
  203. private function UpdateTicket() {
  204. global $_SERVER;
  205. global $server;
  206.  
  207. $token = $this->create_token();
  208. $this->ticket = $token;
  209. if(stristr($_SERVER["REQUEST_URI"], "client")) {
  210. DB::Query("UPDATE `users` SET `auth_ticket` = '" . $token . "' WHERE `id` = '" . $this->id . "'");
  211. DB::Query("UPDATE `users` SET `ip_last` = '" . $this->ip . "' WHERE `id` = '" . $this->id . "'");
  212. }
  213. }
  214.  
  215.  
  216. private function make_fatal_error($str) {
  217. die('<div style="border: 5px solid #FF0000; background: #FFFFFF; color: #000000; padding: 20px 40px; margin: 10px; font-family: Verdana; font-size: 12px; text-align: center;">' . $str . '</div>');
  218. }
  219. }
  220. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!