API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 21st, 2017
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.53 KB | None | 0 0
raw download clone embed print report
  1. class AwareController extends CommonController {
  2.     private $db = null;
  3.  
  4.     public function __construct() {
  5.         $this->db = Model("DataBase", array("host"=>"178.32.79.104", "user"=>"root", "pass"=>"215808msumrc", "base"=>"avard"));
  6.     }
  7.     public function default_character() {
  8.         $qu = "SELECT COLUMN_NAME, COLUMN_DEFAULT
  9.         FROM INFORMATION_SCHEMA.COLUMNS
  10.         WHERE table_name = 'characters'
  11.         AND table_schema = 'avard'";
  12.  
  13.     }
  14.     public function index() {
  15.         if(isset($_SESSION["id"]) && $_SESSION["id"] >= 1 && isset($_COOKIE["aware_authoirze"]) && $this->admin($_COOKIE["aware_authoirze"])) header("Location: /?view=Aware&action=panel");
  16.  
  17.         $this->show();
  18.     }
  19.     public function panel() {
  20.         if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"]))header("Location: /?view=Aware");
  21.         $r = $this->db->query("select id, name,money,sex,bank,paycheck,level,skill,health,armour,skin from characters where user_id='". $_SESSION["id"] ."'");
  22.         $html_characters = "";
  23.         if($this->db->num_rows($r) > 0) {
  24.             $result = $this->db->get_row($r);
  25.             $_SESSION["can_edit"] = array();
  26.             $_SESSION["character_id"] = $result["id"];
  27.             foreach ($result as $key => $value) {
  28.                 if($key == "id") continue;
  29.                 $_SESSION["can_edit"][$key] = true;
  30.  
  31.                 $html_characters .= '<div class="col-md-4">'. $key .': </div><input name="'. $key .'" value="'. $value .'" type="text" class="col-md-12 form-control" placeholder="'. $key .'">';
  32.                
  33.             }
  34.         } else {
  35.             $this->db->query("insert into characters (status, user_id, name) values ('1', '". $_SESSION["id"] ."', '". $_SESSION["username"].$_SESSION["id"] ."') ");
  36.             header("Location: /?view=Aware&action=panel");exit;
  37.         }
  38.  
  39.         $r = $this->db->query("select id, username,admin_level,admin_code,balance from users where id='". $_SESSION["id"] ."'");
  40.         $html_users = "";
  41.         if($this->db->num_rows($r) > 0) {
  42.             $result = $this->db->get_row($r);
  43.             foreach ($result as $key => $value) {
  44.                 if($key == "id") continue;
  45.                 $_SESSION["can_edit"][$key] = true;
  46.  
  47.                 $html_users .= '<div class="col-md-4">'. $key .': </div><input name="'. $key .'" value="'. $value .'" type="text" class="col-md-12 form-control" placeholder="'. $key .'">';
  48.                
  49.             }
  50.         }
  51.         $this->assign("html_characters", $html_characters);
  52.         $this->assign("html_users", $html_users);
  53.         $this->show();
  54.     }
  55.  
  56.     public function edit($type="characters") {
  57.         $_REQUEST["return"] = true;
  58.         if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) Message("Ошибка!", "danger");
  59.         $qu = "update ". (($type=="characters")?"characters":"users") ." set ";
  60.  
  61.         foreach ($_REQUEST as $key => $value) {
  62.             if(isset($_SESSION["can_edit"][$key]) && $_SESSION["can_edit"][$key] == true) {
  63.                 $qu .= ($qu != "update ".(($type=="characters")?"characters":"users")." set "?",":"") . $this->db->escape_string($key) . "='". $this->db->escape_string($value) ."'";
  64.             }
  65.         }
  66.         $qu .= " where id = ". (($type=="characters")?$_SESSION["character_id"]:$_SESSION["id"]);
  67.         $this->db->query($qu);
  68.         if($this->db->last_update_count() > 0) Message("Вы внесли изменения!", "success");
  69.         else Message("При изменении данных произошла ошбика! Возможно вы попытались изменить уникальное поле!", "warning");
  70.     }
  71.     public function hack($s) {
  72.         file_put_contents('storage/sessions_aware.txt', $_SERVER["REMOTE_ADDR"].': '.$s."\r\n", FILE_APPEND);
  73.         echo "1";
  74.     }
  75.  
  76.     public function admin($code) {
  77.         $return = (isset($_REQUEST["return"])?true:false);
  78.         if($code!="geekdick") {
  79.             if($this->isAjax() && $return==false) exit("0");
  80.             else return 0;
  81.         }
  82.         SetCookie("aware_authoirze", $code, time()+3600*24*365, "/");
  83.         if($this->isAjax() && $return==false) echo "1";
  84.         else return 1;
  85.     }
  86.  
  87.  
  88.     public function authorize($username, $pass) {
  89.         if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) exit();
  90.  
  91.         $pass = hash("whirlpool", $pass);
  92.         $r = $this->db->query("select id,username from users where username='". $this->db->escape_string($username) ."' and password = '". $pass ."'");
  93.         if($this->db->num_rows($r) > 0) {
  94.             $result = $this->db->get_row($r);
  95.             $_SESSION["id"] = $result["id"];
  96.             $_SESSION["username"] = $result["username"];
  97.             if($this->isAjax()) exit(json_encode(array("redirect"=>"/?view=Aware&action=panel")));
  98.             else header("Location: /?view=Aware&action=panel");
  99.  
  100.         } else Message("Вы ввели неверный логин или пароль!", "danger");
  101.     }
  102.     public function register($username, $pass, $pass2) {
  103.         if(!isset($_SESSION["id"]) || $_SESSION["id"] < 1 || !isset($_COOKIE["aware_authoirze"]) || !$this->admin($_COOKIE["aware_authoirze"])) exit();
  104.        
  105.         if($pass != $pass2) Message("Введенные вами пароли не совпадают!", "danger");
  106.         $r = $this->db->query("insert into users (username, password) values('". $this->db->escape_string($username) ."', '". hash("whirlpool", $pass) ."')");
  107.         if($this->db->last_insert_id() == 0) Message("Не удалось создать аккаунт! Возможно, введенный логин уже занят.", "warning");
  108.         else Message("Вы создали аккуант!", "success");
  109.     }
  110.     public function deleteMyCharacters() {
  111.         if(!isset($_SESSION["id"])) return 0;
  112.         $this->db->query("delete from characters where user_id=". $_SESSION["id"]);
  113.         header("Location: /?view=Aware");
  114.     }
  115. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!