Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*Game must pass data like this: https://domain/thisscript.php?data="encodedstring".
- The game should generate 'mobileNo + magic sequence + encrypted password' this string and encode it.
- This is the 'encodedstring' on url's data parameter. The output from this php script will be echo-ed.
- So look up the corresponding echos. If login is succeed, then we will echo 'success' along with a bunch of data, which game must perse through regex.
- */
- require_once 'Secure.php';
- $magicSeq = "__RPL__2016__LALY__MAGICNUM__";
- $entrySeperator = "__RPL__2016__LALY__ENTRYSEP__";
- $elementSeperator = "__RPL__ELEM__SEP__";
- $max = 3;
- //echo "bara";
- if (isset($_GET['data']))
- {
- $dataSet = "";
- if($secure == "yes")
- {
- $dataSet = explode($magicSeq, Decrypt($_GET["data"]));
- }
- else
- {
- $dataSet = explode($magicSeq, $_GET["data"]);
- }
- if(count($dataSet) == 2)
- {
- $mobileNo = $dataSet[0];
- $password = $dataSet[1];
- $DBhost = "localhost";
- $DBuser = "tahmidhc_laly";
- $DBpass = "^rcf;(N2W8Nm";
- $DBname = "tahmidhc_lalyapp";
- $DBcon = new MySQLi($DBhost,$DBuser,$DBpass,$DBname);
- if ($DBcon->connect_errno)
- {
- die("ERROR : -> ".$DBcon->connect_error);
- }
- $queryThisUser = $DBcon->query("SELECT mobileNumber, name, lalyName, score, password FROM userlist WHERE mobileNumber='$mobileNo'");
- $rowThisUserDetails=$queryThisUser->fetch_array();
- $countResultThisUser = $queryThisUser->num_rows; // if email/password are correct returns must be 1 row
- $check_mobileNo_Blist = $DBcon->query("SELECT mobileNumber FROM blacklist WHERE mobileNumber='$mobileNo'");
- $countBlist=$check_mobileNo_Blist->num_rows;
- if($countBlist == 0)
- {
- if ($password == $rowThisUserDetails['password'] && $countResultThisUser==1)
- {
- $queryLeader = $DBcon->query("SELECT name, lalyName, score FROM userlist ORDER BY score DESC");//("SELECT name, lalyName, score FROM userlist ORDER BY score DESC");
- //$rowLD = $queryLeader->fetch_array();
- //$countLDentry = $queryLeader->num_rows;
- $json = mysqli_fetch_all($queryLeader, MYSQLI_BOTH);
- //print_r($json[0]);
- $rt = "";
- $num2 = 0;
- //if(count($json) < )
- for($i = 0;$i < count($json);$i++)
- {
- if($i >= $max){break;}
- $rt .= $json[$i]['name'].$elementSeperator.$json[$i]['lalyName'].$elementSeperator.$json[$i]['score'];
- if($i < count($json) - 1)
- {
- $rt .= $entrySeperator;
- }
- }
- echo "success".$entrySeperator.$rt;
- //print_r($queryLeader->num_rows);
- //echo json_encode($json );
- //$uname = $rowLD['name'];
- //$uLalyname = $rowLD['lalyName'];
- //$score = $rowLD['score'];
- //print_r($rowLD);
- //echo $rowLD[1];
- // echo "success##"."$mobNo"."##"."$uname"."##"."$uLalyname"."##"."$upass"."##"."$score"."##"."$lastActIdx"."##"."$lastPhaseIdx"."##"."$lastDayIdx"."##"."$lastWeekIdx"
- // ."##"."$lalyTag"."##"."$malaTag"."##"."$secureTag"."##"."$missScre";
- }
- else
- {
- echo "error##invalidUsrDetails";
- }
- }
- else
- {
- echo "error##banned";
- }
- $DBcon->close();
- }
- else
- {
- echo "error##corruptData";
- }
- }
- else
- {
- echo "error##improperFormat";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement