Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // settings.php not loaded, maybe because functions.php
- // was called elsewhere? forum, paypal, etc.
- if (!isset($GLOBALS['SITE_URL']))
- {
- //include "/var/www/scripts/settings.php";
- include __DIR__."/settings.php";
- }
- // we're also storing global variables here
- function get_mail_admin() { return "admin@trinityrsps.com"; }
- function get_server_url() { return get_server_url_https(); }
- function get_server_url_https() { return $GLOBALS['SITE_URL']; }
- function get_server_name() { return "TrintiyRSPS"; }
- function is_logged_in()
- {
- return isset($_SESSION['user']);
- }
- // calculate numeric emps date in database
- /*function emps_date($d, $m, $y) {
- $days = array(31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
- $date = $y*365+$d;
- for($i = 0; $i < $m-1; $i++) {
- $date += $days[$i];
- }
- //$date += 1; // we just need +1 for it to work... Idk why... I suppose it has to do with lapyears
- //echo 'date: ' . $date;
- return $date;
- }*/
- function format_timezone($date)
- {
- return $date;
- }
- function format_email($email)
- {
- $formatted_email = "";
- $c = 0;
- $ending = false;
- $array = str_split($email);
- foreach($array as $char)
- {
- if ($char === "@")
- $ending = true;
- // always show the ending of the e-mail address
- if ($ending)
- {
- $formatted_email .= $char;
- continue;
- }
- // always show first 2 letters
- if ($c++ < 2)
- {
- $formatted_email .= $char;
- }
- else
- {
- // show special symbols
- if ($char === "." || $char === "-" || $char === "_")
- {
- $formatted_email .= $char;
- }
- // else just place a star
- else
- {
- $formatted_email .= "*";
- }
- }
- }
- return $formatted_email;
- }
- function emps_date_now()
- {
- $doy = date("z");
- $year = date("Y");
- return ($year*365) + $doy;
- }
- function emps_date_to_date($e_date)
- {
- $doy = $e_date % 365;
- $year = ($e_date-$doy) / 365;
- $date = date_from_day($doy, $year);
- //echo $e_date.", ".$doy.", ".$year."<br>";
- return $date->format('d.m.Y');
- }
- function date_from_day($dayOfYear, $year) {
- $date = DateTime::createFromFormat('z Y', strval($dayOfYear) . ' ' . strval($year));
- return $date;
- }
- function format_name($user)
- {
- $user = strtolower($user);
- $user = str_replace("_", " ", $user);
- return ucwords($user);
- }
- function format_db_name($user)
- {
- $user = trim(strtolower($user));
- $user = str_replace("-", "_", $user);
- $user = str_replace(" ", "_", $user);
- return $user;
- }
- function quantity($n) {
- if ($n == 1) {
- return "";
- } elseif ($n < 1000) {
- return $n;
- } elseif (($n > 999) && ($n < 1000000)) {
- return floor($n/1000) . "K";
- } else {
- return floor($n/1000000) . "M";
- }
- }
- function quantity2($n) {
- if ($n < 1000) {
- return $n;
- } elseif (($n > 999) && ($n < 1000000)) {
- return floor($n/1000) . "K";
- } else {
- return floor($n/1000000) . "M";
- }
- }
- function val2date( $tDay, $tFormat = 'j-F-Y' ) {
- $day = intval( $tDay );
- $day = ( $day == 0 ) ? $day : $day - 1;
- $offset = intval( intval( $tDay ) * 86400 );
- $str = date( $tFormat, strtotime( 'Jan 1, ' . date( 'Y' ) ) + $offset );
- return( $str );
- }
- function clear_everything()
- {
- // unset cookies
- if (isset($_SERVER['HTTP_COOKIE']))
- {
- $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
- foreach($cookies as $cookie)
- {
- $parts = explode('=', $cookie);
- $name = trim($parts[0]);
- setcookie($name, '', time()-1000);
- setcookie($name, '', time()-1000, '/');
- }
- }
- // unset all session variables
- $_SESSION = array();
- // end session
- session_destroy();
- }
- function verify_password($user, $n_pass)
- {
- $row = mysql_fetch_assoc(mysql_query("SELECT * FROM `players` WHERE username='".$user."' LIMIT 1;"));
- $password = $row['password'];
- $salt = $row['password_salt'];
- $hash_func = $row['hash_func'];
- // verify password
- if (password_correct($user, $n_pass, $salt, $hash_func, $password, true))
- return true;
- else
- return false;
- }
- function password_correct($user, $pass, $salt, $hash_func, $db_password, $update)
- {
- $h_pass = NULL;
- $verified = false;
- switch($hash_func)
- {
- case "sha512":
- $h_pass = hash('sha512', $user.$salt.$pass);
- if ($db_password == $h_pass)
- $verified = true;
- break;
- case "bcrypt":
- if (password_verify($pass, str_replace("$2a$", "$2y$", $db_password)))
- {
- $verified = true;
- $h_pass = "D";
- }
- //echo "bcrypt";
- //$verified = true;
- break;
- default:
- $h_pass = sha1($user.$pass);
- if ($db_password == $h_pass)
- $verified = true;
- break;
- }
- if ($h_pass != NULL && $verified)
- {
- // automatically transforms password to latest hashing function
- if ($update)
- transform_password($user, $pass, $salt, $hash_func, $db_password, false);
- return true;
- }
- /*$options = [
- 'cost' => 11,
- 'salt' => $salt,
- ];*/
- //$h_pass = password_hash($pass, PASSWORD_DEFAULT, $options);
- //echo "".$db_password." ".phpversion()." ".$h_pass." ".$hash_func." ";
- return false;
- }
- // this can only be called AFTER the password was already validated
- // at this point we know that the password IS CORRECT
- function transform_password($user, $pass, $salt, $hash_func, $db_password, $force_update)
- {
- // rehash needed? new security requirements!
- $needs_rehash = password_needs_rehash($db_password, PASSWORD_DEFAULT, ['cost' => 11]);
- //$needs_rehash = true;
- // no hash function set or not bcrypt --> upgrade
- if ($hash_func == NULL || $hash_func == "" || $hash_func != 'bcrypt' || $needs_rehash || $force_update)
- {
- $salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
- $options = [
- 'cost' => 11,
- 'salt' => $salt,
- ];
- $h_pass = password_hash($pass, PASSWORD_DEFAULT, $options);
- // salt not needed here, it's in the $h_pass field
- $salt = "";
- mysql_query("UPDATE `players` SET password='".$h_pass."', password_salt='".$salt."', hash_func='bcrypt' WHERE username='".$user."' LIMIT 1;");
- }
- //echo "rehash: ".$needs_rehash;
- // no hash function set yet --> upgrade to sha512
- /*if ($hash_func == NULL)
- {
- // no rael user input, we escape it nonetheless
- $salt = mysql_real_escape_string(random_string(64));
- $h_pass = mysql_real_escape_string(hash('sha512', $user.$salt.$pass));
- mysql_query("UPDATE `players` SET password='".$h_pass."', password_salt='".$salt."', hash_func='sha512' WHERE username='".$user."' LIMIT 1;");
- }*/
- }
- // generate mails for different types
- // 1: register e-mail
- // 2: delete e-mail
- // 3: account recovery
- // 4-10: advertisements
- function generate_mail($type, $name, $to, $code)
- {
- // proper headers
- /*$headers = "From: ".get_server_name()." < ".get_mail_admin()." >\n";
- $headers .= "Cc: ".get_server_name()." < ".get_mail_admin()." >\n";
- $headers .= "X-Sender: ".get_server_name()." < ".get_mail_admin()." >\n";
- $headers .= 'X-Mailer: PHP/' . phpversion();
- $headers .= "X-Priority: 1\n"; // Urgent message!
- $headers .= "Return-Path: ".get_mail_admin()."\n"; // Return path for errors
- $headers .= "MIME-Version: 1.0\r\n";
- $headers .= "Content-Type: text/html; charset=utf-8\n";*/
- $from_add = "no-reply@trinityrsps.com";
- $headers = "From: $from_add \r\n";
- $headers .= "Reply-To: $from_add \r\n";
- $headers .= "Return-Path: $from_add\r\n";
- $headers .= "X-Mailer: PHP \r\n";
- $headers .= "Content-Type: text/html; charset=utf-8\n";
- $msg = "";
- // some beautiful mail formatting
- // to show a logo and make a content box
- $msg .= '
- <style type="text/css" title="Style Sheet" media="all">
- html
- {
- font-family: verdana, serif;
- font-size: 14px;
- color: #000;
- }
- #content
- {
- margin-left: 55px;
- margin-right: 55px;
- width: 650px;
- }
- #logo
- {
- width: 650px;
- height: 230px;
- }
- </style>
- ';
- $subject = get_server_name()." Notification";
- $msg .= "<html>";
- $msg .= "<head>";
- $msg .= "<meta charset='UTF-8' />";
- $msg .= "</head>";
- $msg .= "<body>";
- $msg .= "<div id='logo'><center><img src='http://trinityrsps.com/img/logo2_winter.png'/></center></div>";
- $msg .= "<div id='content'>";
- $msg .= "<p>Hello ".format_name($name)."!</p>";
- switch($type)
- {
- // e-mail registration confirmation text
- case 1:
- $subject = "E-Mail Registration";
- $url = get_server_url()."/account?script=mail&email=".$to."&type=".$type."&code=".$code."";
- $msg .= "<p>You are about to register this E-Mail address to your account. ";
- $msg .= "The last step is to validate yourself. You do this by visiting:<br>";
- $msg .= "<a href='".$url."'>".$url."</a></p>";
- $msg .= "<p>If you've not requested the registration, please just ignore that E-Mail!</p>";
- $msg .= "<p>All the best,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- // e-mail deletion confirmation text
- case 2:
- $subject = "E-Mail Removal";
- $url = get_server_url()."/account?script=mail&email=".$to."&type=".$type."&code=".$code."";
- $msg .= "<p>You are about to remove this E-Mail address from your account. ";
- $msg .= "The last step is to validate yourself. You do this by visiting:<br>";
- $msg .= "<a href='".$url."'>".$url."</a></p>";
- $msg .= "<p>If you've not requested the removal, please just ignore that E-Mail!</p>";
- $msg .= "<p>All the best,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- // e-mail recovery confirmation text
- case 3:
- $subject = "Account Recovery";
- $url = get_server_url()."/action?script=recover&email=".$to."&type=".$type."&code=".$code."";
- $msg .= "<p>You are about to reset this account's password. ";
- $msg .= "The last step is to validate yourself. You do this by visiting:<br>";
- $msg .= "<a href='".$url."'>".$url."</a></p>";
- $msg .= "<p>If you've not requested the recovery, please just ignore that E-Mail!</p>";
- $msg .= "<p>All the best,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- // advertisement e-mail, we only send that once every few months!
- // and only for accs that haven't logged in for a while
- case 4:
- $subject = "TrinityRSPS";
- $url = "https://trinityrsps.coom/play.php";
- $url2 = "https://emps-world.net/recover";
- $url3 = "https://emps-world.net/forum/index.php?topic=14762.0";
- $msg .= "<p>It's been a while since we heard from you last time. Are you having relaxed holidays?";
- $msg .= "<br>Our Christmas event has been released today. Why not head over to the game and check it out? There's plenty of tradeable rewards to collect!";
- $msg .= "</p>";
- $msg .= "<p>Want to try your luck on getting a rare Christmas item? Visit <a href='".$url."'>".$url."</a></p>";
- $msg .= "<p>Merry Christmas,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- // advertisement e-mail, we only send that once every few months!
- // and only for accs that haven't logged in for a while
- case 5:
- $subject = "TrinityRSPS";
- $url = "https://emps-world.net/vote";
- $url2 = "https://emps-world.net/recover";
- $msg .= "<p>How are you doing? We haven't heard anything from you in a while and thought you might be interested in our latest updates? ";
- $msg .= "<br>Want the details? <a href='".$url."'>".$url."</a>";
- $msg .= "</p>";
- $msg .= "<p>We hope to welcome you back soon!<br>";
- $msg .= "Forgotten your password? No problem: <a href='".$url2."'>".$url2."</a></p>";
- $msg .= "<p>All the best,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- case 6:
- $subject = "TrinityRSPS";
- $url = "https://emps-world.net/";
- $msg .= "<p>Your password on TrinityRSPS has been changed to: ".$code;
- $msg .= "</p>";
- $msg .= "<p>All the best,<br>";
- $msg .= get_server_name()." Team</p><br>";
- break;
- default:
- $msg .= "Type: ".$type;
- break;
- }
- $msg .= "</div>";
- $msg .= "</body>";
- $msg .= "</html>";
- //echo $to;
- // Technidev changes: added PHP mailer library so we can send email to mailgun.com's server.
- /*require_once("class.smtp.php");
- require_once("class.phpmailer.php");
- $mail = new PHPMailer;
- $mail->isSMTP();
- $mail->SMTPAuth = true;
- $mail->Host = '209.61.151.224';
- $mail->Username = 'postmaster@trinityrsps.com';
- $mail->Password = 'cccb8b58eb12b1923949f554203d5599';
- $mail->SMTPSecure = 'tls';
- $mail->Port = 465;
- $mail->setFrom($from_add, $from_add);
- $mail->addAddress($to);
- $mail->Subject = $subject;
- $mail->isHTML(true);
- $mail->Body = $msg;
- if(!$mail->send()){
- die("Failed to send mail: " . $mail->ErrorInfo);
- }else{
- return true;
- }
- return $mail->send();*/
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
- curl_setopt($ch, CURLOPT_USERPWD, 'api:key-d3512bee5280a9670b0e6623b6dfec86');
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
- curl_setopt($ch, CURLOPT_URL,
- 'https://api.mailgun.net/v3/trinityrsps.com/messages');
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('from' => $from_add,
- 'to' => $to,
- 'subject' => $subject,
- 'text' => $msg,
- 'html' => $msg));
- $result = curl_exec($ch);
- curl_close($ch);
- return true;
- /*$ch = curl_init();
- curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
- curl_setopt($ch, CURLOPT_USERPWD, 'api:'.MAILGUN_API);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $plain = strip_tags(br2nl($msg));
- curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
- curl_setopt($ch, CURLOPT_URL, 'https://api.mailgun.net/v3/trinityrsps.com/messages');
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('from' => $from_add,
- 'to' => $to,
- 'subject' => $subject,
- 'html' => $msg,
- 'text' => $plain));
- $j = json_decode(curl_exec($ch));
- $info = curl_getinfo($ch);
- curl_close($ch);
- return $j;*/
- return mail($to, $subject, $msg, $headers);
- }
- function random_string($length) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPYRSTUVWXYZ';
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, strlen($characters) - 1)];
- }
- return $randomString;
- }
- ?>
Add Comment
Please, Sign In to add comment