Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- Class User {
- public $exists = false;
- public $id = 0;
- public $banned = false;
- public $ban = null;
- public $username = null;
- public $password = null;
- public $mail = null;
- public $online = false;
- public $credits = 0;
- public $pixels = 0;
- public $respect = 0;
- public $motto = null;
- public $look = null;
- public $rank = 0;
- public $ticket = null;
- public $ip = null;
- public $geheim_pass = null;
- public $vip;
- public $vipStatus;
- public $data = Array();
- private $allUsersData = Array();
- private $permissions = Array();
- private $userStats = Array();
- private $friendList = Array();
- public function __construct($data = null, $type = "id", $checkban = true, $secure = false) {
- global $_SERVER;
- if($data == null) {
- $this->make_fatal_error("De opgegeven data is <i>NULL</i>, daar kan geen gebruiker voor gevonden worden. Om fouten te voorkomen word de rest van de website niet weergeven.");
- }
- $q = Array();
- $q['query'] = DB::Query("SELECT * FROM `users` ORDER BY `id`");
- while($q['fetch'] = DB::Fetch($q['query'])) {
- $this->allUsersData[$q['fetch']['id']] = $q['fetch'];
- }
- $q['query'] = DB::Query("SELECT * FROM `users` WHERE `" . $type . "` = '" . htmlentities(addslashes(DB::Escape($data))) . "' LIMIT 1");
- if(DB::NumRows($q['query']) === 0) {
- $this->exists = false;
- return false;
- }
- $q['fetch'] = DB::Fetch($q['query']);
- $this->exists = true;
- $this->id = $q['fetch']['id'];
- $this->username = $q['fetch']['username'];
- $this->password = $q['fetch']['password'];
- $this->mail = $q['fetch']['mail'];
- $this->online = ($q['fetch']['online'] == "1");
- $this->credits = $q['fetch']['credits'];
- $this->pixels = $q['fetch']['activity_points'];
- $this->Vip_points = $q['fetch']['vip_points'];
- $this->motto = htmlspecialchars($q['fetch']['motto']);
- $this->look = $q['fetch']['look'];
- $this->rank = $q['fetch']['rank'];
- $this->ticket = $q['fetch']['auth_ticket'];
- $this->acceptnew_friends = $q['fetch']['block_newfriends'];
- $this->hide_room = $q['fetch']['hide_inroom'];
- $this->hide_online = $q['fetch']['hide_online'];
- $this->geheim_pass = $q['fetch']['geheim_pass'];
- $this->home_text = $q['fetch']['home_text'];
- $this->ip = $_SERVER['REMOTE_ADDR'];
- $this->data = $q['fetch'];
- $this->vip = ($q['fetch']['vip'] == "1");
- $this->vipStatus = DB::Fetch(DB::Query("SELECT * FROM `user_vip` WHERE `user_id` = '" . $this->id . "' ORDER BY `id` DESC LIMIT 1"));
- while($q['fetch'] = DB::Fetch($q['query'])) {
- $friendID = (($q['fetch']['user_two_id'] == $this->id) ? $q['fetch']['user_one_id'] : $q['fetch']['user_two_id']);
- if(isset($this->friendList[$friendID])) continue;
- $this->friendList[$friendID] = $this->allUsersData[$friendID];
- }
- if($this->vip) {
- if($this->vipStatus['vip_expire_timestamp'] < time()) {
- $this->vip = false;
- DB::Query("UPDATE `users` SET `rank` = '" . (($this->rank < 3) ? '1': $this->rank) . "', `vip` = '0' WHERE `id` = '" . $this->id . "'");
- } else {
- $this->vip = true;
- DB::Query("UPDATE `users` SET `rank` = '" . (($this->rank < 3) ? '2': $this->rank) . "', `vip` = '1' WHERE `id` = '" . $this->id . "'");
- }
- }
- $this->CheckBan($checkban);
- $this->LoadPermissions();
- $this->UpdateTicket();
- return true;
- }
- public function HasPermission($str = "") {
- if(isset($this->permissions[$str])) {
- return true;
- }
- return false;
- }
- public function GetFriends() {
- return $this->friendList;
- }
- public function Prepare($sessionid) {
- setcookie("pixel_user_hash", $_COOKIE['pixel_user_hash'], (time() + ((3600 * 24) * 7)), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
- DB::Query("UPDATE `cms_sessions` SET `session_end` = (UNIX_TIMESTAMP() + ((3600 * 24) * 7)) WHERE `id` = '" . $sessionid . "'");
- }
- public function SetCookie($name, $value, $length = 3600) {
- global $_SERVER;
- setcookie($name, $value, (time() + $length), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
- return true;
- }
- public function CreateSession($length = null, $staff_session = false) {
- global $_SERVER;
- $token = $this->create_token();
- if(is_numeric(str_replace(".", "", $_SERVER['HTTP_HOST']))) {
- setcookie("pixel_user_hash", $token, (time() * 6), "/", "" . str_replace("www.", "", $_SERVER['HTTP_HOST']));
- } else {
- setcookie("pixel_user_hash", $token, (($length != null) ? (time() + $length) : (time() + ((3600 * 24) * 7))), "/", "." . str_replace("www.", "", $_SERVER['HTTP_HOST']));
- }
- DB::Query("
- INSERT INTO
- `cms_sessions`
- (
- user_id,
- ip,
- user_agent,
- session_hash,
- session_start,
- session_end,
- staff_session
- )
- VALUES
- (
- '" . $this->id . "',
- '" . $_SERVER['REMOTE_ADDR'] . "',
- '" . $_SERVER['HTTP_USER_AGENT'] . "',
- '" . $token . "',
- UNIX_TIMESTAMP(),
- (UNIX_TIMESTAMP() + ((3600 * 24) * 7)),
- '" . (($staff_session) ? 'true' : 'false') . "'
- )
- ");
- return true;
- }
- public function KillSession($session = "") {
- DB::Query("UPDATE `cms_sessions` SET `session_end` = '0' WHERE `session_hash` = '" . $session . "'");
- return true;
- }
- private function LoadPermissions() {
- $data = Array();
- $data['query'] = DB::Query("SELECT * FROM `permissions_ranks` WHERE `rank` = '" . $this->rank . "'");
- while($data['fetch'] = DB::Fetch($data['query'])) {
- foreach($data['fetch'] as $key => $value) {
- if($key == "rank") continue;
- if($value == '0') continue;
- $this->permissions[$key] = true;
- }
- }
- }
- private function create_token() {
- $token = "";
- $token .= substr(sha1($this->username), 4, 5) . "-";
- $token .= substr(sha1($this->id), 4, 5) . "-";
- $token .= substr($this->password, 4, 5) . "-";
- $token .= substr(sha1(rand(10000, 99999)), 4, 5) . "-";
- $token .= substr(sha1(rand(10000, 99999)), 4, 5);
- $token .= substr(sha1(time()), 4, 5);
- return $token;
- }
- private function CheckBan($checkban) {
- $data = Array();
- $data['query'] = DB::Query("SELECT * FROM `bans` WHERE `value` = '" . $this->username . "' AND `expire` >= UNIX_TIMESTAMP() OR `value` = '" . $this->ip . "' AND `expire` >= UNIX_TIMESTAMP() ORDER BY id DESC LIMIT 1");
- $data['num'] = DB::NumRows($data['query']);
- $data['fetch'] = DB::Fetch($data['query']);
- if($data['num'] > 0) {
- $this->banned = true;
- $this->ban = $data['fetch'];
- $this->KillSession();
- if($checkban) {
- header("location: /verbannen.php");
- }
- }
- }
- private function UpdateTicket() {
- global $_SERVER;
- global $server;
- $token = $this->create_token();
- $this->ticket = $token;
- if(stristr($_SERVER["REQUEST_URI"], "client")) {
- DB::Query("UPDATE `users` SET `auth_ticket` = '" . $token . "' WHERE `id` = '" . $this->id . "'");
- DB::Query("UPDATE `users` SET `ip_last` = '" . $this->ip . "' WHERE `id` = '" . $this->id . "'");
- }
- }
- private function make_fatal_error($str) {
- die('<div style="border: 5px solid #FF0000; background: #FFFFFF; color: #000000; padding: 20px 40px; margin: 10px; font-family: Verdana; font-size: 12px; text-align: center;">' . $str . '</div>');
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement