Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //TODO: Request LIMIT
- /*if($_SERVER['HTTP_USER_AGENT'] != "Mozilla/5.0"){
- exit("");
- return;
- }*/
- error_reporting(E_ALL);
- ini_set("display_errors", 1);
- date_default_timezone_set( 'America/Los_Angeles' );
- define('SALT_LENGTH', 15);
- $VOTE_TOKEN= 35;
- $REMOTE= isset($_SERVER['HTTP_CF_CONNECTING_IP']) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : $_SERVER['REMOTE_ADDR'];
- $obj = array();
- if (isset($_POST['type']) AND !empty($_POST['type'])){
- switch($_POST['type']){
- case 'login':
- $username = $_POST['username'];
- $password = $_POST['p'];
- $fake = $_POST['p2'];
- //file_put_contents('logs.txt', 'Attempt to login:'.$username.' :'.$password . PHP_EOL, FILE_APPEND | LOCK_EX);
- $db = new PDO('mysql:host=localhost;dbname=oropo;', 'root', '');
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $req = $db->prepare("SELECT guid,pass,pseudo,points FROM accounts WHERE LOWER(account)= LOWER(:acc)");
- $req->bindParam(':acc', $username, PDO::PARAM_STR);
- $req->execute();
- $result = $req->fetch();
- $obj['idRpg'] = 111179;
- if (empty($result)){
- $obj['type'] = 'error';
- $obj['errorMessage'] = 'Nom de compte incorrect';
- break;
- }
- else if($password != $result['pass']){
- $obj['type'] = 'error';
- $obj['errorMessage'] = 'Mot de passe incorrect';
- break;
- }
- else{
- $obj['type'] = 'succes';
- $obj['nickname'] = $result['pseudo'];
- $obj['tokens'] = $result['points'];
- /*$db2 = new PDO('mysql:host=127.0.0.1;dbname=koh_vote;', 'root', 'youmna06');
- $db2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- */
- $req = $db->prepare("SELECT time FROM vote WHERE ip = :ip OR account = :acc");
- $req->bindParam(':ip', $REMOTE, PDO::PARAM_STR);
- $req->bindParam(':acc', $result['guid'], PDO::PARAM_STR);
- $req->execute();
- $result = $req->fetch();
- if (empty($result))
- $obj['nextVoteMin'] = 0;
- else
- {
- if (((time() - intval($result['time'])) / 60) > 180)
- {
- $obj['nextVoteMin'] = 0;
- }
- else
- {
- $obj['nextVoteMin'] = round(180 - ((time() - $result['time']) / 60), 0);
- }
- }
- }
- break;
- case 'herewego':
- $username = $_POST['p'];
- $db = new PDO('mysql:host=localhost;dbname=oropo;', 'root', '');
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $req0 = $db->prepare("SELECT guid,pseudo,points FROM accounts WHERE LOWER(account)= LOWER(:acc)");
- $req0->bindParam(':acc', $username, PDO::PARAM_STR);
- $req0->execute();
- $result0 = $req0->fetch();
- $id = $result0['guid'];
- $req = $db->prepare("select * from vote WHERE account = :id OR vote.ip = :ip ORDER by account = :id DESC");
- $req->bindParam(':ip', $REMOTE, PDO::PARAM_STR);
- $req->bindParam(':id', $id, PDO::PARAM_INT);
- $req->execute();
- $result = $req->fetchAll();
- $time = 0;
- foreach ($result as $t){
- if($t['time'] > $time)
- $time = $t['time'];
- }
- $obj['type'] = 'next';
- //$obj['bleh'] = count($result['time']);
- if ($time == 0)
- $obj['nextVoteMin'] = 0;
- else
- {
- if (((time() - $time) / 60) > 180)
- {
- $obj['nextVoteMin'] = 0;
- }
- else
- {
- $obj['nextVoteMin'] = round(180 - ((time() - $time) / 60), 0);
- }
- }
- break;
- case 'hasVoted':
- $username = $_POST['p'];
- $db = new PDO('mysql:host=localhost;dbname=oropo;', 'root', '');
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $req0 = $db->prepare("SELECT guid,pseudo,points FROM accounts WHERE LOWER(account)= LOWER(:acc)");
- $req0->bindParam(':acc', $username, PDO::PARAM_STR);
- $req0->execute();
- $id = -1;
- if($result0 = $req0->fetch()){
- $id = $result0['guid'];
- $req = $db->prepare("select * from vote WHERE account = :id OR ip = :ip ORDER by account = :id DESC");
- $req->bindParam(':ip', $REMOTE, PDO::PARAM_STR);
- $req->bindParam(':id', $id, PDO::PARAM_INT);
- }
- else{
- $req = $db->prepare("select * from vote WHERE vote.ip = :ip");
- $req->bindParam(':ip', $REMOTE, PDO::PARAM_STR);
- }
- $req->execute();
- $result = $req->fetchAll();
- $time = 0;
- foreach ($result as $t){
- if($t['time'] > $time)
- $time = $t['time'];
- }
- $obj['tokens'] = $result0['points'];
- $obj['type'] = 'update';
- $canUpdate = false;
- if ($time == 0){
- $canUpdate = true;
- //file_put_contents("people.txt", "2".$username);
- //$obj['tokens'] = $VOTE_TOKEN;
- //$obj['nextVoteMi'] = "empty";
- }
- else
- {
- if (((time() - $time) / 60) > 180)
- {
- $canUpdate = true;
- //$obj['nextVoteMi'] = "empty".$result['time'];
- }
- else
- {
- $canUpdate = false;
- //$obj['nextVoteMi'] = "emp2y".$result['time'];
- }
- }
- $obj['nextVoteMin'] = 180;
- if($canUpdate){
- $r = 3;
- $time = time();
- if($r == 3){
- $req2 = $db->prepare("DELETE from vote where time + 14800 < :acc ");
- $req2->execute(array('acc' => $time));
- }
- //$db->beginTransaction();
- $req3 = $db->prepare('INSERT INTO vote VALUES (:i, :h, :acc)');
- $req3->bindParam(':i', $REMOTE, PDO::PARAM_STR);
- $req3->bindParam(':acc', $id, PDO::PARAM_STR);
- $req3->bindParam(':h', $time, PDO::PARAM_INT);
- $req3->execute();
- $obj['tokens'] = $obj['tokens'] + $VOTE_TOKEN;
- if($id != -1){
- $req4 = $db->prepare("update accounts set points = points + ".$VOTE_TOKEN." WHERE guid = :id");
- $req4->bindParam(':id', $id, PDO::PARAM_INT);
- $req4->execute();
- $VOTE_TOKEN2 = 1;
- $req5 = $db->prepare("update accounts set nvote = nvote + ".$VOTE_TOKEN2." WHERE guid = :id");
- $req5->bindParam(':id', $id, PDO::PARAM_INT);
- $req5->execute();
- }
- //$db->commit();
- }else{
- $obj['nextVoteMin'] = round(180 - ((time() - $time) / 60), 0);
- }
- break; }
- }
- echo json_encode($obj);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement