Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class AwareController extends CommonController {
- private $db = null;
- public function __construct() {
- $this->db = Model("DataBase", array("host"=>"178.32.79.104", "user"=>"root", "pass"=>"215808msumrc", "base"=>"avard"));
- }
- public function default_character() {
- $qu = "SELECT COLUMN_NAME, COLUMN_DEFAULT
- FROM INFORMATION_SCHEMA.COLUMNS
- WHERE table_name = 'characters'
- AND table_schema = 'avard'";
- }
- public function index() {
- if(isset($_SESSION["id"]) && $_SESSION["id"] >= 1 && isset($_COOKIE["aware_authoirze"]) && $this->admin($_COOKIE["aware_authoirze"])) header("Location: /?view=Aware&action=panel");
- $this->show();
- }
- public function panel() {
- if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"]))header("Location: /?view=Aware");
- $r = $this->db->query("select id, name,money,sex,bank,paycheck,level,skill,health,armour,skin from characters where user_id='". $_SESSION["id"] ."'");
- $html_characters = "";
- if($this->db->num_rows($r) > 0) {
- $result = $this->db->get_row($r);
- $_SESSION["can_edit"] = array();
- $_SESSION["character_id"] = $result["id"];
- foreach ($result as $key => $value) {
- if($key == "id") continue;
- $_SESSION["can_edit"][$key] = true;
- $html_characters .= '<div class="col-md-4">'. $key .': </div><input name="'. $key .'" value="'. $value .'" type="text" class="col-md-12 form-control" placeholder="'. $key .'">';
- }
- } else {
- $this->db->query("insert into characters (status, user_id, name) values ('1', '". $_SESSION["id"] ."', '". $_SESSION["username"].$_SESSION["id"] ."') ");
- header("Location: /?view=Aware&action=panel");exit;
- }
- $r = $this->db->query("select id, username,admin_level,admin_code,balance from users where id='". $_SESSION["id"] ."'");
- $html_users = "";
- if($this->db->num_rows($r) > 0) {
- $result = $this->db->get_row($r);
- foreach ($result as $key => $value) {
- if($key == "id") continue;
- $_SESSION["can_edit"][$key] = true;
- $html_users .= '<div class="col-md-4">'. $key .': </div><input name="'. $key .'" value="'. $value .'" type="text" class="col-md-12 form-control" placeholder="'. $key .'">';
- }
- }
- $this->assign("html_characters", $html_characters);
- $this->assign("html_users", $html_users);
- $this->show();
- }
- public function edit($type="characters") {
- $_REQUEST["return"] = true;
- if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) Message("Ошибка!", "danger");
- $qu = "update ". (($type=="characters")?"characters":"users") ." set ";
- foreach ($_REQUEST as $key => $value) {
- if(isset($_SESSION["can_edit"][$key]) && $_SESSION["can_edit"][$key] == true) {
- $qu .= ($qu != "update ".(($type=="characters")?"characters":"users")." set "?",":"") . $this->db->escape_string($key) . "='". $this->db->escape_string($value) ."'";
- }
- }
- $qu .= " where id = ". (($type=="characters")?$_SESSION["character_id"]:$_SESSION["id"]);
- $this->db->query($qu);
- if($this->db->last_update_count() > 0) Message("Вы внесли изменения!", "success");
- else Message("При изменении данных произошла ошбика! Возможно вы попытались изменить уникальное поле!", "warning");
- }
- public function hack($s) {
- file_put_contents('storage/sessions_aware.txt', $_SERVER["REMOTE_ADDR"].': '.$s."\r\n", FILE_APPEND);
- echo "1";
- }
- public function admin($code) {
- $return = (isset($_REQUEST["return"])?true:false);
- if($code!="geekdick") {
- if($this->isAjax() && $return==false) exit("0");
- else return 0;
- }
- SetCookie("aware_authoirze", $code, time()+3600*24*365, "/");
- if($this->isAjax() && $return==false) echo "1";
- else return 1;
- }
- public function authorize($username, $pass) {
- if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) exit();
- $pass = hash("whirlpool", $pass);
- $r = $this->db->query("select id,username from users where username='". $this->db->escape_string($username) ."' and password = '". $pass ."'");
- if($this->db->num_rows($r) > 0) {
- $result = $this->db->get_row($r);
- $_SESSION["id"] = $result["id"];
- $_SESSION["username"] = $result["username"];
- if($this->isAjax()) exit(json_encode(array("redirect"=>"/?view=Aware&action=panel")));
- else header("Location: /?view=Aware&action=panel");
- } else Message("Вы ввели неверный логин или пароль!", "danger");
- }
- public function register($username, $pass, $pass2) {
- if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) exit();
- if($pass != $pass2) Message("Введенные вами пароли не совпадают!", "danger");
- $r = $this->db->query("insert into users (username, password) values('". $this->db->escape_string($username) ."', '". hash("whirlpool", $pass) ."')");
- if($this->db->last_insert_id() == 0) Message("Не удалось создать аккаунт! Возможно, введенный логин уже занят.", "warning");
- else Message("Вы создали аккуант!", "success");
- }
- public function deleteMyCharacters() {
- if(!isset($_SESSION["id"])) return 0;
- $this->db->query("delete from characters where user_id=". $_SESSION["id"]);
- header("Location: /?view=Aware");
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement