API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 24th, 2016
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.89 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. include_once("../../includes/db.php");
  4. include_once("settings.php");
  5.  
  6. $db = new database($db_name, $db_server, $db_user, $db_password, '');
  7.  
  8.  
  9. if(isset($_REQUEST['u'])) {
  10. $userCheckResult = new usernameChecker($_REQUEST['u']);
  11. if(count($userCheckResult->errorList)>0) {
  12. echo "<error>";
  13. for($i = 0; $i < count($userCheckResult->errorList); $i++) {
  14. echo $userCheckResult->errorList[$i] . "n";
  15. }
  16. echo "</error>";
  17. } else {
  18. echo '<success>true</success>';
  19. }
  20. } else {
  21. echo '<error>Missing data</error>';
  22. }
  23. // ERR1 Username can't contain swear words.
  24.  
  25.  
  26. class usernameChecker {
  27. var $username = "";
  28. var $errorList = array();
  29.  
  30.  
  31. public function __construct($username) {
  32. $this->username = $username;
  33. $this->check_swears();
  34. $this->check_exists();
  35. $this->check_size();
  36. $this->check_characters();
  37. if(count($this->errorList)>0) {
  38. //Errors detected.
  39. print_r($this->errorList);
  40. }
  41. }
  42. public function check_characters() {
  43. $pattern= "~^[a-z0-9_p{Arabic}]+$~iu";
  44. if(preg_match($pattern, $this->username)==false) {
  45. $this->add_Error("Invalid characters in username. Please use only standard characters, no spaces are permitted");
  46. }
  47. }
  48. public function check_size() {
  49. $min_length = 2;
  50. $max_length = 24;
  51. if(strlen($this->username)<=$min_length) $this->add_Error("Username is too short. Minimum of " . $min_length . " is required.");
  52. if(strlen($this->username)>$max_length) $this->add_Error("Username is too long. Maximum of " . $max_length . " is required.");
  53. }
  54. public function check_swears() {
  55. global $db;
  56. $db->setQuery("SELECT name FROM `cc_swear_words`");
  57. $swearwordList = $db->loadResults();
  58.  
  59. for($i=0; $i<count($swearwordList); $i++) {
  60. if(strpos($this->username, $swearwordList[$i]->name)!==false) {
  61. //echo 'Username contains cuss word ' . $swearwordList[$i]->name.'</br>';
  62. $this->add_Error("Username can't contain swear words. (".$swearwordList[$i]->name.")");
  63. return;
  64. }
  65. }
  66. }
  67. public function check_exists() {
  68. global $db;
  69. $preparedReq = $db->setQuery("SELECT count(*) as counter FROM `cc_user` WHERE username='" . mysqli_real_escape_string($db->_connection,$this->username) . "'");
  70. $res = $db->loadResult();
  71. if($res->counter>0) {
  72. $this->add_Error("Username already exists. Please choose another username.");
  73. }
  74. }
  75. public function add_Error($error) {
  76. array_push($this->errorList, $error);
  77. }
  78. }
  79.  
  80.  
  81.  
  82. //$db = new database($obj->get("db_name"), $obj->get("db_server"), $obj->get("db_user"), $obj->get("db_password"), $obj->get("url_root"));
  83.  
  84.  
  85.  
  86.  
  87. ?>
  88. </data>
  89.  
  90. <?php
  91.  
  92. $db_server = "localhost";
  93. $db_user = "root";
  94. $db_password = "pass1234";
  95. $db_name = "cocolani_battle";
  96. $db_urlroot = 'localhost/cocolani'
  97.  
  98.  
  99.  
  100. ?>
  101.  
  102. <?php
  103.  
  104. /*
  105. Usage
  106. $db = new database($dbname);
  107.  
  108. for selects:
  109. $db->setQuery("SELECT * FROM `table`")
  110. $resultArray = $db->loadResults();
  111.  
  112. $db->setQuery("SELECT * FROM `table` WHERE `primary_id` = '1'");
  113. $resultObject = $db->loadResult();
  114.  
  115. for inserts:
  116. $db->setQuery("INSERT INTO `table` (`id`, `example`) VALUES ('1', 'abc')");
  117. if (!$db->runQuery()) {
  118. echo $db->getError();
  119. }
  120. */
  121.  
  122.  
  123. class database {
  124. var $_debug = 0;
  125. var $_sql = '';
  126. var $_error = '';
  127. var $_prefix = '';
  128.  
  129. var $_numrows = 0;
  130.  
  131. var $_DBhost = 'localhost';
  132. var $_DBuser = "root";
  133. var $_DBpass = "pass1234";
  134. var $_DBname = "cocolani_battle";
  135. var $url_root = "localhost/cocolani";
  136.  
  137. public function __construct($dbname = 'cocolani_battle', $dbhost = 'localhost', $dbuser = 'root', $dbpsw = 'pass1234', $urlroot = 'localhost/cocolani') {
  138.  
  139. $this->_DBname = "cocolani_battle";
  140.  
  141. if ($_SERVER["SERVER_ADDR"] == "127.0.0.1") {
  142. $this->_DBuser = "root";
  143. $this->_DBpass = "pass1234";
  144. $this->url_root = "http://cocolani.localhost";
  145. } else {
  146. $this->_DBuser = "root";
  147. $this->_DBpass = "pass1234";
  148. $this->url_root = "localhost/cocolani";
  149. $this->_DBhost = "localhost";
  150. }
  151. $this->_connection = @mysql_connect($this->_DBhost, $this->_DBuser, $this->_DBpass) or die("Couldn't connect to MySQL");
  152. mysql_select_db($this->_DBname) or die("Select DB Error: ".mysql_error());
  153.  
  154. }
  155.  
  156. public function __destruct() {
  157. mysql_close($this->_connection);
  158. }
  159.  
  160. function debug($debug_level) {
  161. $this->_debug = intval($debug_level);
  162. }
  163.  
  164. function setQuery($sql) {
  165. /* queries are given in the form of #__table need to replace that with the prefix */
  166. $this->_sql = str_replace('#__', $this->_prefix.'_', $sql);
  167. }
  168.  
  169. function getQuery() {
  170. return "<pre>" . htmlspecialchars( $this->_sql) . "</pre>";
  171. }
  172.  
  173. function runQuery($num_rows=0) {
  174. mysql_select_db($this->_DBname) or die("Select DB Error: ".mysql_error());
  175.  
  176. $this->_numrows = 0;
  177. $result = mysql_query($this->_sql, $this->_connection);
  178. if ($this->_debug > 1) echo "<pre>" . htmlspecialchars( $this->_sql) . "</pre>";
  179.  
  180. if (!$result) {
  181. $this->_error = mysql_error($this->_connection);
  182. if ($this->_debug) {
  183. echo 'Error: ' . $this->getQuery() . $this->_error;
  184. }
  185. return false;
  186. }
  187. if ($num_rows) {
  188. $this->_numrows = mysql_num_rows($result);
  189. }
  190. return $result;
  191. }
  192.  
  193. /* Retrieve Mysql insert id */
  194. function mysqlInsertID() {
  195. $insert_id = mysql_insert_id();
  196. return $insert_id;
  197. }
  198.  
  199. /* Escapes special characters while inserting to db */
  200. function db_input($string) {
  201. if (is_array($string)) {
  202. $retArray = array();
  203. foreach($string as $key => $value) {
  204. $value = (get_magic_quotes_gpc() ? stripslashes($value) : $value);
  205. $retArray[$key] = mysql_real_escape_string($value);
  206. }
  207. return $retArray;
  208. } else {
  209. $string = (get_magic_quotes_gpc() ? stripslashes($string) : $string);
  210. return mysql_real_escape_string($string);
  211.  
  212. }
  213. }
  214.  
  215.  
  216. function getError() {
  217. return $this->_error;
  218. }
  219. /* Load results into csv formatted string */
  220. function loadCsv() {
  221. if (!($res = $this->runQuery())) {
  222. return null;
  223. }
  224.  
  225. $csv_string = '';
  226. while ($row = mysql_fetch_row($res)) {
  227. $line = '';
  228. foreach( $row as $value ) {
  229. if ( ( !isset( $value ) ) || ( $value == "" ) ) {
  230. $value = ",";
  231. } else {
  232. $value = $value. ",";
  233. $value = str_replace( '"' , '""' , $value );
  234. }
  235. $line .= $value;
  236. }
  237. $line = substr($line, 0, -1);
  238. $csv_string .= trim( $line ) . "n";
  239. }
  240. $csv_string = str_replace( "r" , "" , $csv_string );
  241. //$csv_string .= implode(",", $row) . "n";
  242. mysql_free_result($res);
  243. return $csv_string;
  244. }
  245.  
  246. /* Load multiple results */
  247. function loadResults($key='' ) {
  248. if (!($res = $this->runQuery())) {
  249. return null;
  250. }
  251. $array = array();
  252. while ($row = mysql_fetch_object($res)) {
  253. if ($key) {
  254. $array[strtolower($row->$key)] = $row;
  255. } else {
  256. $array[] = $row;
  257. }
  258. }
  259. mysql_free_result($res);
  260. return $array;
  261. }
  262.  
  263. function loadResult() {
  264. if (!($res = $this->runQuery())) {
  265. if ($this->_debug) echo 'Error: ' . $this->_error;
  266. return null;
  267. }
  268. $row = mysql_fetch_object($res);
  269. mysql_free_result($res);
  270. return $row;
  271. }
  272.  
  273. /* Load a result field into an array */
  274. function loadArray() {
  275. if (!($res = $this->runQuery())) {
  276. return null;
  277. }
  278. $array = array();
  279. while ($row = mysql_fetch_row($res)) {
  280. $array[] = $row[0];
  281. }
  282. mysql_free_result($res);
  283. return $array;
  284. }
  285.  
  286. /* Load a row into an associative an array */
  287. function loadAssoc() {
  288. if (!($res = $this->runQuery())) {
  289. return null;
  290. }
  291. $row = mysql_fetch_assoc($res);
  292. mysql_free_result($res);
  293. return $row;
  294. }
  295.  
  296. /* Return one field */
  297. function loadField() {
  298. if (!($res = $this->runQuery())) {
  299. return null;
  300. }
  301. while ($row = mysql_fetch_row($res)) {
  302. $field = $row[0];
  303. }
  304. mysql_free_result($res);
  305. return $field;
  306. }
  307.  
  308. }
  309.  
  310. /*if ($_SERVER["SERVER_ADDR"] == '127.0.0.1') {
  311. $url_root = "http://cocolani.localhost";
  312. } else {
  313. $url_root = "http://dev.cocolani.com";
  314. }*/
  315.  
  316.  
  317. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!