Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- clean($string) //sanitizes a specified string (result is only char/num)
- loggedIn() //checks if $_SESSION['id'] exists
- cleanIP($string) //cleans user ipv4, keeps periods
- isntBlank($string) //verifies that a string isn't blank
- metaRedirect($url) //simple print meta redirect function
- errorLog($string) //logs error to /logging/errors.log
- requestLog($string) //logs request to /logging/requests.log
- pageLog($string) //logs request to /logging/pages.log
- safeInclude($path) //argument is full path, safely includes file (doesnt check permissions)
- permissionCheck($page) //checks permissions for a specific page (e.x. "login")
- verifyUsernameLength($username) //verifies that a username fits criteria
- generateIP() //generate an IP for user registration
- verifyIP($ip) //verify generated IP isn't taken
- login($username, $password) //login user
- register($username, $password) //register user
- registerServers($id, $username) //register a users servers
- purchaseServer($itemID, $userID) //purchase servers
- wipeServers($id) //wipe a users servers back to default
- wipeBalance($id) //resets a players balance
- powerCheck($id) //returns a users total power level
- getBalance($id) //pulls a users total balance
- freeR1...R4($id) //gives a user a R1/R2/R3/R4 variant on function
- payUser($id, $amount) //server will pay a user a specific amount
- crackHash($hash) //begin cracking a hash
- checkHashing($id) //checks if a user is currently cracking a hash
- checkHashComplete($id) //checks if a user has finished his old task
- checkTimeLeft($id) //returns time left to break hash
- checkHashName($id) //pulls the hash string and returns itemID
- <?php
- require("settings.php");
- //standard cleaning function for full string entries
- function clean($string){
- return preg_quote(htmlentities(mysql_real_escape_string($string)));
- }
- //determine whether or not a user is logged in
- function loggedIn(){
- return isset($_SESSION['id']);
- }
- //secondary clean function specifically for ip addresses
- function cleanIP($string){
- return mysql_escape_string($string);
- }
- //function to verify string length is greater than 1
- function isntBlank($string){
- if((strlen($string) > 0) && (trim($string) != '')){
- return True;
- } else {
- return False;
- }
- }
- //meta redirect function for easy of user
- function metaRedirect($url){
- print "<META http-equiv='refresh' content='0;URL=".$url."'>";
- }
- //function to log errors to error.log located in the /inc/ folder
- function errorLog($string){
- $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
- $timestamp = $date->getTimestamp();
- $myfile = fopen("./logging/error.log", "a") or die("Directory misconfigured or improper permissions!");
- fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
- fclose($myfile);
- return True;
- }
- //function to log requests that were successful
- function requestLog($string){
- $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
- $timestamp = $date->getTimestamp();
- $myfile = fopen("./logging/requests.log", "a") or die("Directory misconfigured or improper permissions!");
- fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
- fclose($myfile);
- return True;
- }
- //function to log page requests
- function pageLog($string){
- $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
- $timestamp = $date->getTimestamp();
- $myfile = fopen("./logging/pages.log", "a") or die("Directory misconfigured or improper permissions!");
- fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
- fclose($myfile);
- return True;
- }
- //safely include a page
- function safeInclude($path){
- if(file_exists($path)){
- include_once($path);
- $pageLog = "User successfully included the file located at '".$path."'.";
- pageLog($pageLog);
- return True;
- } else {
- if(file_exists("./pages/404.php")){
- include_once("./pages/404.php");
- $pageLog = "The backend was unable to locate the '".$path."' file. Please verify this file existsion and the request is legitimate.";
- pageLog($pageLog);
- return False;
- } else {
- $pageLog = "The backend was unable to locate the '/pages/404.php' file in excess to the '".$path."' file. Please verify this file extension and the request is legitimate.";
- pageLog($pageLog);
- return False;
- }
- }
- }
- //check users permission for including files
- function permissionCheck($includePage){
- $includePage = clean($includePage);
- #=== CONFIGURABLE ===
- $guestPages = array("login", "register", "landing");
- $memberPages = array("home", "panel", "hack", "logout");
- #=== CONFIGURABLE ===
- $realPages = array_merge($guestPages, $memberPages);
- if(in_array($includePage, $realPages)){
- if(in_array($includePage, $guestPages) && loggedin()){ #check if member is trying to view guest only page
- metaRedirect("?page=home");
- $devError = "User attempted to include guest-only page while logged in.";
- errorLog($devError);
- return False;
- } elseif(in_array($includePage, $memberPages) && !loggedin()) { #check if guest is trying to view member only page
- metaRedirect("?page=login");
- $devError = "Guest attempted to include member-only page while logged out.";
- errorLog($devError);
- return False;
- } else {
- if(in_array($includePage, $guestPages) && !loggedin() or in_array($includePage, $memberPages) && loggedin()){ #validate request
- return True;
- }
- }
- } else {
- metaRedirect("?page=login");
- $devError = "Guest attempted to view a custom page that doesn't exist.";
- errorLog($devError);
- return False;
- }
- }
- //verify username length for registration or other use
- function verifyUsernameLength($dirtyUsername){
- $username = clean($dirtyUsername);
- #=== CONFIGURABLE ===
- $minUsernameLength = 1;
- $maxUsernameLength = 10;
- #=== CONFIGURABLE ===
- if(isntBlank($username)){
- if($dirtyUsername == $username){
- if(strlen($username) < $maxUsernameLength && strlen($username) > $minUsernameLength){
- return True;
- } else {
- return False;
- }
- }
- }
- }
- //function to generate IP
- function generateIP(){
- #=== CONFIGURABLE ===
- $firstBlock = rand(100,300);
- $secondBlock = rand(10,100);
- $thirdBlock = rand(10, 100);
- $fourthBlock = rand(1,100);
- #=== CONFIGURABLE ===
- $fullIP = $firstBlock.".".$secondBlock.".".$thirdBlock.".".$fourthBlock;
- if(verifyIP($fullIP)){ #call function verify ip to make sure it doesn't already exist in the database
- return $fullIP;
- } else {
- generateIP();
- }
- }
- //function to verify ip address
- function verifyIP($dirtyIP){
- $ip = cleanIP($dirtyIP);
- if($dirtyIP == $ip && isntBlank($ip)){
- $query = mysql_query("SELECT * FROM `users` WHERE ipv4='$ip'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- return True;
- break;
- case 1:
- return False;
- break;
- }
- }
- }
- //login function through login.php
- function login($dirtyUsername, $dirtyPassword){
- $username = clean($dirtyUsername);
- $password = hash('sha256', $dirtyPassword);
- if($username == $dirtyUsername){
- if(isntBlank($username) && (isntBlank($password))){
- if(verifyUsernameLength($username)){
- $query = mysql_query("SELECT * FROM `users` WHERE username='$username' AND password='$password'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #zero results found - unsuccessful login
- $devError = "'".$username."' entered an incorrect username or password.";
- errorLog($devError);
- return False;
- break;
- case 1: #only one result found - successful login
- $fetch = mysql_fetch_array($query);
- $_SESSION['id'] = $fetch['id']; $_SESSION['username'] = $fetch['username']; $_SESSION['ipv4'] = $fetch['ipv4']; $_SESSION['ip'] = $fetch['ip']; $_SESSION['level'] = $fetch['level'];
- metaRedirect("?page=home");
- $requestLog = "'".$username."' has logged in successfully.";
- requestLog($requestLog);
- return True;
- break;
- case True: #more than one user exists
- if($numResults > 1){
- $query = mysql_query("DELETE FROM `users` WHERE username='$username' AND password='$password'");
- $devError = "'".$username."' logged in successfully but the selection query returned more than one result: deleting all profiles.";
- errorLog($devError);
- return False;
- }
- break;
- }
- } else {
- $devError = "Guest attempted to submit an username outside the length range.";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "'".$username."' attempted to login without supplying long enough input.";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "'".$username."' [probably] supplied illegal characters for their username.";
- errorLog($devError);
- return False;
- }
- }
- //register function through register.php
- function register($dirtyUsername, $dirtyPassword){
- $username = clean($dirtyUsername);
- $password = hash('sha256', $dirtyPassword);
- $ip = $_SERVER['REMOTE_ADDR'];
- if($username == $dirtyUsername){
- if(isntBlank($username) && isntBlank($password)){
- $query = mysql_query("SELECT * FROM `users` WHERE username='$username'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #username has not been taken
- $ipv4 = generateIP();
- $query = mysql_query("INSERT INTO `users`(`username`, `password`, `ip`, `ipv4`) VALUES ('$username', '$password', '$ip', '$ipv4')"); #entry into DB
- $query = mysql_query("SELECT `id` FROM `users` WHERE username='$username' AND password='$password'"); #pull ID from entry
- $fetch = mysql_fetch_array($query); $id = $fetch['id'];
- registerServers($id, $username);
- login($dirtyUsername, $dirtyPassword);
- $requestLog = "'".$username."' has registered successfully.";
- requestLog($requestLog);
- return True;
- break;
- case 1: #username has been taken
- $devError = "User attempted to register with the username '".$username."' while that username has already been taken. Request denied.";
- errorLog($devError);
- return False;
- break;
- }
- } else {
- $devError = "'".$username."' attempted to register while supplying empty fields. ";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "'".$username."' attempted to register while supplying dangerous input.";
- errorLog($devError);
- return False;
- }
- }
- function registerServers($id, $username){
- $query = mysql_query("SELECT * FROM `servers` WHERE `uid`='$id'");
- $numResults = mysql_fetch_array($query);
- switch($numResults){
- case 0:
- $query = mysql_query("INSERT INTO servers(`uid`, `username`) VALUES ('$id', '$username')");
- $requestLog = "'".$id."' has registered their servers successfully.";
- requestLog($requestLog);
- return True;
- break;
- case 1:
- $devError = "'".$id."' has attempted to register servers even though an entry in the database already exists!";
- errorLog($devError);
- return False;
- break;
- }
- }
- //function to purchase items from the shop
- function purchaseServer($dirtyItemID, $dirtyUserID){
- if(loggedIn()){
- #=== CONFIGURABLE ===
- $r1Price = 10;
- $r2Price = 100;
- $r3PRice = 1000;
- $r4Price = 10000;
- #=== CONFIGURABLE ===
- $itemID = clean($dirtyItemID);
- $userID = clean($dirtyUserID);
- if(isntBlank($itemID) && isntBlank($userID)){
- $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$userID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #if user doesn't exist in the database
- $devError = "A request has been made to purchase '".$itemID."' by '".$userID."' when he doesn't exist in the database!";
- errorLog($devError);
- break;
- case 1: #if user exists in the database
- $fetch = mysql_fetch_array($query);
- $balance = $fetch['balance'];
- switch($itemID){
- case 1: #r1
- if($balance == $r1Price or $balance > $r1Price){
- $newBalance = $balance - $r1Price;
- $query = mysql_query("SELECT `r1` FROM `servers` WHERE uid='$userID'");
- $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r1']; $newAmountOfServers = $currentAmountOfServers + 1;
- $query = mysql_query("UPDATE `servers` SET r1='$newAmountOfServers' WHERE uid='$userID'");
- $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
- $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
- requestLog($requestLog);
- return True;
- } else {
- $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
- errorLog($devError);
- return False;
- }
- break;
- case 2: #r2
- if($balance == $r2Price or $balance > $r2Price){
- $newBalance = $balance - $r1Price;
- $query = mysql_query("SELECT `r2` FROM `servers` WHERE uid='$userID'");
- $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r2']; $newAmountOfServers = $currentAmountOfServers + 1;
- $query = mysql_query("UPDATE `servers` SET r2='$newAmountOfServers' WHERE uid='$userID'");
- $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
- $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
- requestLog($requestLog);
- return True;
- } else {
- $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
- errorLog($devError);
- return False;
- }
- break;
- case 3: #r3
- if($balance == $r3Price or $balance > $r3Price){
- $newBalance = $balance - $r1Price;
- $query = mysql_query("SELECT `r3` FROM `servers` WHERE uid='$userID'");
- $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r3']; $newAmountOfServers = $currentAmountOfServers + 1;
- $query = mysql_query("UPDATE `servers` SET r3='$newAmountOfServers' WHERE uid='$userID'");
- $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
- $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
- requestLog($requestLog);
- return True;
- } else {
- $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
- errorLog($devError);
- return False;
- }
- break;
- case 4: #r4
- if($balance == $r4Price or $balance > $r4Price){
- $newBalance = $balance - $r1Price;
- $query = mysql_query("SELECT `r4` FROM `servers` WHERE uid='$userID'");
- $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r4']; $newAmountOfServers = $currentAmountOfServers + 1;
- $query = mysql_query("UPDATE `servers` SET r4='$newAmountOfServers' WHERE uid='$userID'");
- $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
- $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
- requestLog($requestLog);
- return True;
- } else {
- $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
- errorLog($devError);
- return False;
- }
- break;
- }
- break;
- }
- } else {
- $devError = "Server is attempting to proccess a server purchase with blank or non-numeric data!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "User by the IP of '".$_SERVER['REMOTE_ADDR']."' has somehow initiated a server purchase while being logged out.";
- errorLog($devError);
- return False;
- }
- }
- //function to reset user back to starting amount of servers -TODO- errors
- function wipeServers($dirtyID){
- if(loggedin()){
- $userID = clean($dirtyID);
- if($dirtyID == $userID && isntBlank($userID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$userID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "An administration attempt to wipe UID '".$userID."' has failed as they do not exist.";
- errorLog($devError);
- return False;
- break;
- case 1:
- $query = mysql_query("UPDATE `servers` SET r1=1, r2=0, r3=0, r4=0 WHERE uid='$userID'");
- $requestLog = "'".$userID." has just had his servers reset! pwn3d!";
- requestLog($requestLog);
- return True;
- break;
- }
- }
- }
- }
- //function to wipe balance -TODO- all
- function wipeBalance($dirtyID){
- if(loggedin()){
- $userID = clean($dirtyID);
- if($dirtyID == $userID && isntBlank($userID)){
- $query = mysql_query("SELECT * FROM `users` WHERE id='$userID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "An administration attempt to delete balance from UID '".$userID."' has failed as they do not exist.";
- errorLog($devError);
- return False;
- break;
- case 1:
- $query = mysql_query("UPDATE `users` SET balance=0 WHERE id='$userID'");
- $requestLog = "'".$userID." has just had his balance reset! pwn3d!";
- requestLog($requestLog);
- return True;
- break;
- }
- }
- }
- }
- //check how much power a user has
- function powerCheck($dirtyID){
- #=== CONFIGURABLE ===
- $r1PL = 10;
- $r2PL = 100;
- $r3PL = 1000;
- $r4PL = 10000;
- $edgeRate = 1.2;
- #=== CONFIGURABLE ===
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #cannot locate user in servers...
- $devError = "Attempt to power-check UID '".$cleanID."' has failed per they are not located in the database.";
- errorLog($devError);
- return False;
- break;
- case 1: #successfully located user in servers
- $fetch = mysql_fetch_array($query);
- $r1Amount = $fetch['r1']; $r2Amount = $fetch['r2']; $r3Amount = $fetch['r3']; $r4Amount = $fetch['r4'];
- $r1TotalPower = intval($r1Amount * ($r1PL * $edgeRate)); $r2TotalPower = intval($r2Amount * ($r2PL * $edgeRate)); $r3TotalPower = intval($r3Amount * ($r3PL * $edgeRate)); $r4TotalPower = intval($r4Amount * ($r4PL * $edgeRate));
- $totalPower = $r1TotalPower + $r2TotalPower + $r3TotalPower + $r4TotalPower;
- $requestLog = "'".$cleanID."' has been successfully examined with a '".$totalPower."' botnets/second.";
- requestLog($requestLog);
- return $totalPower;
- break;
- }
- } else {
- $devError = "The data supplied to the function 'powerCheck' was invalid and/or blank.";
- errorLog($devError);
- return False;
- }
- }
- //pull specific users balnace
- function getBalance($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $balance = $fetch['balance'];
- $requestLog = "'".$cleanID."' has a balance of '".$balance."'.";
- requestLog($requestLog);
- return $balance;
- break;
- }
- }
- }
- }
- //give UID a free r1
- function freeR1($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $r1Amount = $fetch['r1'];
- $newR1Amount = $r1Amount + 1;
- $query = mysql_query("UPDATE `servers` SET r1='$newR1Amount' WHERE uid='$cleanID'");
- $requestLog = "'".$cleanID."' has a new amount of R1's, '".$newR1Amount."'.";
- requestLog($requestLog);
- return True;
- break;
- }
- } else {
- $devError = "User attempted to 'freeR1' using an incorrectly formatted user ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "Guest attempted to execute function 'freeR1' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //give UID a free r2
- function freeR2($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $r2Amount = $fetch['r2'];
- $newR2Amount = $r2Amount + 1;
- $query = mysql_query("UPDATE `servers` SET r2='$newR2Amount' WHERE uid='$cleanID'");
- $requestLog = "'".$cleanID."' has a new amount of R2's, '".$newR2Amount."'.";
- requestLog($requestLog);
- return True;
- break;
- }
- } else {
- $devError = "User attempted to 'freeR2' using an incorrectly formatted user ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "Guest attempted to execute function 'freeR2' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //give UID a free r3
- function freeR3($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $r3Amount = $fetch['r3'];
- $newR3Amount = $r3Amount + 1;
- $query = mysql_query("UPDATE `servers` SET r3='$newR3Amount' WHERE uid='$cleanID'");
- $requestLog = "'".$cleanID."' has a new amount of R3's, '".$newR3Amount."'.";
- requestLog($requestLog);
- return True;
- break;
- }
- } else {
- $devError = "User attempted to 'freeR3' using an incorrectly formatted user ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "Guest attempted to execute function 'freeR3' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //give UID a free r4
- function freeR4($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $r4Amount = $fetch['r4'];
- $newR4Amount = $r4Amount + 1;
- $query = mysql_query("UPDATE `servers` SET r4='$newR4Amount' WHERE uid='$cleanID'");
- $requestLog = "'".$cleanID."' has a new amount of R4's, '".$newR4Amount."'.";
- requestLog($requestLog);
- return True;
- break;
- }
- } else {
- $devError = "User attempted to 'freeR4' using an incorrectly formatted user ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "Guest attempted to execute function 'freeR4' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //function to pay user set amount
- function payUser($dirtyID, $dirtyAmount){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- $cleanAmount = clean($dirtyAmount);
- if($cleanID == $dirtyID && isntBlank($cleanID) && $cleanAmount == $dirtyAmount && isntBlank($cleanAmount)){
- $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
- errorLog($devError);
- return False;
- break;
- case 1:
- $fetch = mysql_fetch_array($query); $balance = $fetch['balance'];
- $newBalance = $balance + $cleanAmount;
- $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$cleanID'");
- $requestLog = "'".$cleanID."' has a new balance of '".$newBalance."'.";
- requestLog($requestLog);
- return $balance;
- break;
- }
- } else {
- $devError = "User attempted to 'setBalance' using an incorrectly formatted user ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "Guest attempted to execute function 'setBalance' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //function to crack hash
- function crackHash($dirtyHash){
- if(loggedin()){
- $id = $_SESSION['id'];
- $username = $_SESSION['username'];
- $hash = clean($dirtyHash);
- if($hash == $dirtyHash){
- $powerLevel = powerCheck($id);
- $startTime = time(); #current time
- $endTime = time() + (10000 / $powerLevel); #time that needs to occur in order for hash to be cracked
- $query = mysql_query("SELECT * FROM `hashes` WHERE active='1' AND uid='$id'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #user is not currently running an attack...
- $query = mysql_query("INSERT INTO `hashes`(`uid`, `startTimestamp`, `endTimestamp`, `hash`, `active`, `payout`) VALUES ('$id', '$startTime', '$endTime', '$hash', '1', '5')");
- $requestLog = "'".$id."' has just started a new attack!";
- requestLog($requestLog);
- break;
- case 1: #user is currently running an attack
- $devError = "User '".$username."' attempted to start attacking a hash when he is already running an attack!";
- errorLog($devError);
- return False;
- break;
- }
- } else {
- $devError = "User '".$username."' attempted to submit an unsanitary hash!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "A guest attempted to use the function 'crackHash' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //check if any attack is going on whatsoever
- function checkHashing($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($cleanID == $dirtyID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `hashes` WHERE active=1 AND uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0:
- return False;
- break;
- case 1:
- return True;
- break;
- }
- } else {
- $devError = "There was an attempt to submit an unsanitary ID.";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "A guest attempted to use the function 'checkHashing' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //function to check how far user is cracking a hash (and if done pay them)
- function checkHashComplete($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($dirtyID == $cleanID && isntBlank($cleanID)){
- $query = mysql_query("SELECT * FROM `hashes` WHERE active=1 AND uid='$cleanID'");
- $numResults = mysql_num_rows($query);
- switch($numResults){
- case 0: #user has no active hash entries
- $devError = "User ID '".$cleanID."' has no active entries!";
- errorLog($devError);
- return False;
- break;
- case 1: #user has one active hash entry
- $fetch = mysql_fetch_array($query); $currentTime = time(); $endTime = $fetch['endTimestamp']; $payout = $fetch['payout'];
- if($currentTime > $endTime){ #the time has passed! user is granted moola!
- payUser($cleanID, $payout);
- $query = mysql_query("UPDATE `hashes` SET active=0 WHERE uid='$cleanID' AND active='1'");
- $requestLog = "A user by the ID of '".$cleanID."' has just finished attacking a hash.";
- requestLog($requestLog);
- return True;
- } else { #the time hasn't passed... the user has to wait...
- return False;
- }
- break;
- }
- } else {
- $devError = "User '".$username."' attempted to submit an unsanitary ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "A guest attempted to use the function 'checkHashComplete' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //return how much time is left on a hash
- function checkTimeLeft($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($dirtyID == $cleanID && isntBlank($cleanID)){
- if(checkHashing($cleanID)){
- $query = mysql_query("SELECT * FROM `hashes` WHERE uid='$cleanID' AND active='1'");
- $fetch = mysql_fetch_array($query); $endTimestamp = $fetch['endTimestamp'];
- $timeLeft = $endTimestamp - time();
- return $timeLeft;
- } else {
- return False;
- }
- } else {
- $devError = "User '".$username."' attempted to submit an unsanitary ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "A guest attempted to use the function 'checkTimeLeft' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- //return the hash
- function checkHashName($dirtyID){
- if(loggedin()){
- $cleanID = clean($dirtyID);
- if($dirtyID == $cleanID && isntBlank($cleanID)){
- if(checkHashing($cleanID)){
- $query = mysql_query("SELECT * FROM `hashes` WHERE uid='$cleanID' AND active='1'");
- $fetch = mysql_fetch_array($query); $hash = $fetch['hash'];
- return $hash;
- } else {
- return False;
- }
- } else {
- $devError = "User '".$username."' attempted to submit an unsanitary ID!";
- errorLog($devError);
- return False;
- }
- } else {
- $devError = "A guest attempted to use the function 'checkHashName' while logged out!";
- errorLog($devError);
- return False;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement