SHARE
TWEET

Untitled

a guest Sep 25th, 2016 66 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*=======================================================================
  3. | UberCMS - Advanced Website and Content Management System for uberEmu
  4. | #######################################################################
  5. | Copyright (c) 2010, Roy 'Meth0d' and updates by Matthew 'MDK'
  6. | http://www.meth0d.org & http://www.sulake.biz
  7. | #######################################################################
  8. | This program is free software: you can redistribute it and/or modify
  9. | it under the terms of the GNU General Public License as published by
  10. | the Free Software Foundation, either version 3 of the License, or
  11. | (at your option) any later version.
  12. | #######################################################################
  13. | This program is distributed in the hope that it will be useful,
  14. | but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. | GNU General Public License for more details.
  17. \======================================================================*/
  18.  
  19. class uberUsers
  20. {  
  21.     private $userCache = Array();
  22.     public function IsValidEmail($email = '')
  23.     {
  24.         if (mysql_num_rows(dbquery("SELECT null FROM users WHERE mail = '".$email."' LIMIT 1")))
  25.             return true;
  26.        
  27.         return preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);
  28.     }
  29.    
  30.     public function IsEmailTaken($email = '')
  31.     {
  32.         if (mysql_num_rows(dbquery("SELECT null FROM users WHERE mail = '".$email."' LIMIT 1")))
  33.             return false;
  34.        
  35.         return true;
  36.     }
  37.    
  38.     public function IsValidName($name)
  39.     {
  40.         if(!preg_match('/^[a-z0-9-]+$/i', $name)){
  41.             return false;
  42.         }
  43.         elseif(mysql_num_rows(dbquery("SELECT word FROM wordfilter WHERE type='name' AND word = '".$name."' LIMIT 1")) > 0){
  44.             return false;
  45.         }
  46.         elseif(strlen($name) > 32){
  47.             return false;
  48.         }
  49.         elseif(strlen($name) < 3){
  50.             return false;
  51.         }
  52.         else {
  53.             return true;
  54.         }
  55.     }
  56.    
  57.     public function IsNameTaken($nm = '')
  58.     {
  59.         return ((mysql_num_rows(dbquery("SELECT null FROM users WHERE username = '".$nm."' LIMIT 1")) > 0) ? true : false);
  60.     }
  61.    
  62.     public function IdExists($id = 0)
  63.     {
  64.         return ((mysql_num_rows(dbquery("SELECT null FROM users WHERE id = '".$id."' LIMIT 1")) > 0) ? true : false);
  65.     }
  66.    
  67.     public function IsNameBlocked($nm = '')
  68.     {  
  69.         foreach ($this->blockedNames as $bl)
  70.         {
  71.             if (strtolower($nm) == strtolower($bl))
  72.             {
  73.                 return true;
  74.             }
  75.         }
  76.        
  77.         foreach ($this->blockedNameParts as $bl)
  78.         {
  79.             if (strpos(strtolower($nm), strtolower($bl)) !== false)
  80.             {
  81.                 return true;
  82.             }
  83.         }
  84.        
  85.         return false;
  86.     }  
  87.    
  88.     /**************************************************************************************************/
  89.    
  90.     function Add($username = '', $realname = '', $passwordHash = '',$email = 'default@localhost',$figure = 'hd-180-1.ch-210-66.lg-270-82.sh-290-91.hr-100-',$sex = 'M',$referrer = '', $dob = '')
  91.     {
  92.         if($sex != "m" && $sex != "f")
  93.         {
  94.             $sex = "m";
  95.         }
  96.         global $core;
  97.         dbquery("INSERT INTO users (username,real_name,password,mail,auth_ticket,look,gender,last_online,account_created,home_room,ip_last,ip_reg,date_of_birth,credits,activity_points,vip_points)
  98.         VALUES ('".$username."','".$realname."','".$passwordHash."','".$email."','','".$figure."','".$sex."','".time()."',unix_timestamp(),'0','".getIP()."','".getIP()."','".$dob."','25000','0','10')");
  99.         $id = intval(mysql_result(dbquery("SELECT id FROM users WHERE username = '".$username."' ORDER BY id DESC LIMIT 1"), 0));
  100.         dbquery("INSERT INTO user_info (user_id,bans,cautions,reg_timestamp,login_timestamp,cfhs,cfhs_abusive) VALUES ('".$id."','0','0','".time(). "','".time()."','0','0')");
  101.         $grabrefer = mysql_fetch_assoc(dbquery("SELECT id,username FROM users WHERE username = '".$referrer."' LIMIT 1"));
  102.         if(strlen($referrer) > 0){
  103.             dbquery("INSERT INTO user_referral (userid,referrer,timestamp) VALUES ('".$id."','".$grabrefer['id']."',current_timestamp())");
  104.             dbquery("UPDATE users SET referrals = referrals + 1 WHERE id = '".$grabrefer['id']."'");
  105.         }
  106.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','594','54','48','','2','1','defaultskin','-1','0','1')");
  107.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','594','310','50','','2','3','defaultskin','-1','0','1')");
  108.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','49','50','42','[color=red][b]Welcome to your Shock! Home[/b][/color]. You have the ability to decorate this page how ever you like! You never know, you may be the winner of a &quot;[i]Best Design[/i]&quot; award!','3','0','speechbubbleskin','-1','0','1')");
  109.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','162','42','71','july408_boom_2','1','0','','-1','0','1')");
  110.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','570','30','61','july408_boom_3','1','0','','-1','0','1')");
  111.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','226','30','73','hw_hairspray','1','0','','-1','0','1')");
  112.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','779','262','81','fwrk_blue','1','0','','-1','0','1')");
  113.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','774','260','77','fwrk_pink','1','0','','-1','0','1')");
  114.         dbquery("INSERT INTO site_homes_stickers (userid,x,y,z,data,type,subtype,skin,groupid,var,enabled) VALUES ('".$id."','786','260','79','fwrk_yellow','1','0','','-1','0','1')");
  115.         dbquery("INSERT INTO permissions_users (userid) VALUES ('".$id."')");
  116.         $core->Mus("update_permissions");
  117.         return $id;
  118.     }
  119.    
  120.     function Delete($id)
  121.     {
  122.         dbquery("DELETE FROM messenger_friendships WHERE user_one_id = '".$id."' OR user_two_id = '".$id."'");
  123.         dbquery("DELETE FROM messenger_requests WHERE to_id = '".$id."' OR from_id = '".$id."'");
  124.         dbquery("DELETE FROM users WHERE id = '".$id."' LIMIT 1");
  125.         dbquery("DELETE FROM user_subscriptions WHERE user_id = '".$id."'");
  126.         dbquery("DELETE FROM user_info WHERE user_id = '".$id."' LIMIT 1");
  127.         dbquery("DELETE FROM user_items WHERE user_id = '".$id."'");
  128.     }
  129.    
  130.     /**************************************************************************************************/
  131.    
  132.     function ValidateUser($username, $password)
  133.     {
  134.         return mysql_num_rows(dbquery("SELECT null FROM users WHERE username='".$username."' AND password='".$password."' LIMIT 1"));
  135.     }
  136.     function ValidateUserByEmail($email, $password)
  137.     {
  138.         if ($rows = mysql_num_rows(dbquery("SELECT null FROM users WHERE mail='".$email."' AND password='".$password."' LIMIT 1")))
  139.             return mysql_num_rows(dbquery("SELECT null FROM users WHERE mail='".$email."'"));
  140.         else
  141.             return $rows;
  142.     }
  143.     function ValidateLogin($user_mail, $password)
  144.     {
  145.         if ($user = $this->ValidateUser($user_mail, $password))
  146.             return array(1, 0, 1);
  147.         else if ($emails = $this->ValidateUserByEmail($user_mail, $password))
  148.             return array(1, 1, $emails);
  149.         else
  150.             return array(0, null, null);
  151.     }
  152.    
  153.     /**************************************************************************************************/
  154.    
  155.     function Name2id($username = '')
  156.     {
  157.         return @intval(mysql_result(dbquery("SELECT id FROM users WHERE username = '".$username."' LIMIT 1"), 0));
  158.     }
  159.    
  160.     function Id2name($id = -1)
  161.     {
  162.         if (isset($this->userCache[$id]['username']))
  163.         {
  164.             return $this->userCache[$id]['username'];
  165.         }  
  166.    
  167.         $name = mysql_result(dbquery("SELECT username FROM users WHERE id = '".$id."' LIMIT 1"), 0);
  168.         $this->userCache[$id]['username'] = $name;
  169.         return $name;
  170.     }  
  171.    
  172.     function Email2id($email = '')
  173.     {
  174.         return @intval(mysql_result(dbquery("SELECT id FROM users WHERE mail = '".$email."' LIMIT 1"), 0));
  175.     }
  176.    
  177.     /**************************************************************************************************/
  178.    
  179.     function CacheUser($id)
  180.     {
  181.         $data = mysql_fetch_assoc(dbquery("SELECT * FROM users WHERE id = '".$id."' LIMIT 1"));
  182.        
  183.         foreach ($data as $key => $value)
  184.         {
  185.             $this->userCache[$id][$key] = $value;
  186.         }
  187.     }
  188.    
  189.     function GetUserVar($id, $var, $allowCache = true)
  190.     {
  191.         if ($allowCache && isset($this->userCache[$id][$var]))
  192.         {
  193.             return $this->userCache[$id][$var];
  194.         }  
  195.    
  196.         $val = @mysql_result(dbquery("SELECT " . $var . " FROM users WHERE id = '".$id."' LIMIT 1"), 0);
  197.         $this->userCache[$id][$var] = $val;
  198.         return $val;
  199.     }
  200.    
  201.     // do not remove - still used in hk
  202.     function formatUsername($id, $link = true, $styles = true)
  203.     {
  204.         $datas = dbquery("SELECT id,rank,username FROM users WHERE id = '".$id."' LIMIT 1");
  205.        
  206.         if (mysql_num_rows($datas) == 0)
  207.         {
  208.             return '<s>Unknown User</s>';
  209.         }
  210.        
  211.         $data = mysql_fetch_assoc($datas);
  212.        
  213.         $prefix = '';
  214.         $name = $data['username'];
  215.         $suffix = '';
  216.        
  217.         if ($link)
  218.         {
  219.             $prefix .= '<a href="/user/' . filter($data['username']) . '">';
  220.             $suffix .= '</a>';
  221.         }
  222.        
  223.         if ($styles)
  224.         {
  225.             $rank = $this->getRank($id);
  226.            
  227.             $rankData = dbquery("SELECT prefix,suffix FROM ranks WHERE id = '".$rank."' LIMIT 1");
  228.            
  229.             if (mysql_num_rows($rankData) == 1)
  230.             {
  231.                 $rankData = mysql_fetch_assoc($rankData);
  232.                
  233.                 $prefix .= $rankData['prefix'];
  234.                 $suffix .= $rankData['suffix'];
  235.             }
  236.         }
  237.        
  238.         return filter($prefix . $name . $suffix, true);
  239.     }
  240.     // do not remove - still used in hk
  241.    
  242.     /**************************************************************************************************/
  243.  
  244.     function getRank($id)
  245.     {
  246.         if (isset($this->userCache[$id]['rank']))
  247.         {
  248.             return $this->userCache[$id]['rank'];
  249.         }
  250.    
  251.         $rankId = @intval(mysql_result(dbquery("SELECT rank FROM users WHERE id = '".intval($id)."' LIMIT 1"), 0));
  252.         $this->userCache[$id]['rank'] = $rankId;
  253.         return $rankId;
  254.     }
  255.    
  256.     function getRankVar($rankId, $var)
  257.     {
  258.         return mysql_result(dbquery("SELECT " . $var . " FROM ranks WHERE id = '".intval($rankId)."' LIMIT 1"), 0);
  259.     }
  260.    
  261.     function getRankName($rankId)
  262.     {
  263.         return $this->getRankVar($rankId, 'name');
  264.     }
  265.    
  266.     function hasFuse($id, $permission)
  267.     {
  268.         $has_power = mysql_fetch_assoc(dbquery("SELECT $permission FROM permissions_hk WHERE userid='".$id."' LIMIT 1"));
  269.         if($has_power[$permission] == 1)
  270.         {
  271.             return true;
  272.         }else
  273.         {
  274.             return false;
  275.         }
  276.     }
  277.    
  278.     function hasPerm($id, $permission, $value='0')
  279.     {
  280.         $has_power = mysql_fetch_assoc(dbquery("SELECT $permission FROM permissions_users WHERE userid='".$id."' LIMIT 1"));
  281.         if($value == '0' && $permission != "max_bots" && $permission != "idle_time" && $permission != "flood_time")
  282.         {
  283.             if($has_power[$permission] == 1)
  284.             {
  285.                 return true;
  286.             }else
  287.             {
  288.                 return false;
  289.             }  
  290.         }elseif($permission == "max_bots" || $permission == "idle_time" || $permission == "flood_time")
  291.         {
  292.             if($value == '0')
  293.             {
  294.                 return "Oops, an error has occured!";
  295.             }elseif($value == '1')
  296.             {
  297.                 return $has_power[$permission];
  298.             }
  299.         }else
  300.         {
  301.             return false;
  302.         }
  303.     }
  304.    
  305.     /**************************************************************************************************/
  306.  
  307.     function CheckSSO($id)
  308.     {
  309.         global $core;
  310.        
  311.         if (strlen($this->getUserVar($id, 'auth_ticket')) <= 3)
  312.         {
  313.             dbquery("UPDATE users SET auth_ticket = '".$core->generateTicket($this->getUserVar($id, 'username'))."' WHERE id = '".$id."' LIMIT 1");
  314.         }
  315.     }
  316.    
  317.     /**************************************************************************************************/
  318.    
  319.     function getCredits($id)
  320.     {
  321.         return $this->getUserVar($id, 'credits');
  322.     }
  323.    
  324.     function setCredits($id, $newAmount)
  325.     {
  326.         global $core;
  327.    
  328.         dbquery("UPDATE users SET credits = '".$newAmount. "' WHERE id = '".$id."' LIMIT 1");
  329.         $core->Mus('updateCredits:' . $id);
  330.     }
  331.    
  332.     function giveCredits($id, $amount)
  333.     {
  334.         global $core;
  335.    
  336.         return $this->setCredits($id, ($this->getCredits($id) + $amount));
  337.         $core->Mus("currency $amount 0 0 $id 0 0");
  338.     }
  339.    
  340.     function takeCredits($id, $amount)
  341.     {
  342.         global $core;
  343.    
  344.         return $this->setCredits($id, ($this->getCredits($id) - $amount));
  345.         $core->Mus("currency $amount 0 0 $id 1 0");
  346.     }  
  347.    
  348.     function renderHabboImage($id, $size = 'b', $dir = 2, $head_dir = 3, $action = 'wlk', $gesture = 'sml')
  349.     {
  350.         $look = $this->getUserVar($id, 'look');
  351.        
  352.         return 'http://habbo.co.uk/habbo-imaging/avatarimage?figure=' . $look . '&size=' . $size . '&action=' . $action . ',&gesture=' . $gesture . '&direction=' . $dir . '&head_direction=' . $head_dir;
  353.     }
  354.    
  355.     function getClubDays($id)
  356.     {
  357.         $sql = dbquery("SELECT timestamp_activated, timestamp_expire FROM user_subscriptions WHERE subscription_id = 'habbo_club' AND user_id = '".$id."' LIMIT 1");
  358.        
  359.         if (mysql_num_rows($sql) == 0)
  360.         {
  361.             return 0;
  362.         }
  363.        
  364.         $data = mysql_fetch_assoc($sql);
  365.         $diff = $data['timestamp_expire'] - time();
  366.        
  367.         if ($diff <= 0)
  368.         {
  369.             return 0;
  370.         }
  371.        
  372.         return ceil($diff / 86400);
  373.     }
  374.    
  375.     function hasClub($id)
  376.     {
  377.         return ($this->getClubDays($id) > 0) ? true : false;
  378.     }
  379.    
  380.     /**************************************************************************************************/
  381.    
  382.     public static function IsUserBanned($name)
  383.     {
  384.         if (uberUsers::GetBan('user', $name, true) != null)
  385.         {
  386.             return true;
  387.         }
  388.        
  389.         return false;
  390.     }
  391.    
  392.     public static function IsIpBanned($ip)
  393.     {
  394.         if (uberUsers::GetBan('ip', $ip, true) != null)
  395.         {
  396.             return true;
  397.         }
  398.        
  399.         return false;
  400.     }
  401.    
  402.     public static function GetBan($type, $value, $mustNotBeExpired = false)
  403.     {
  404.         $q = "SELECT * FROM bans WHERE bantype = '".$type."' AND value = '".$value."' ";
  405.        
  406.         if ($mustNotBeExpired)
  407.         {
  408.             $q .= "AND expire > " . time() . " ";
  409.         }
  410.        
  411.         $q .= " ORDER BY id LIMIT 1";
  412.    
  413.         $get = dbquery($q);
  414.        
  415.         if (mysql_num_rows($get) > 0)
  416.         {
  417.             return mysql_fetch_assoc($get);
  418.         }
  419.    
  420.         return null;
  421.     }  
  422.    
  423.     /**************************************************************************************************/
  424.    
  425.     public static function GetUserTags($userId)
  426.     {
  427.         $tagsArray = Array();
  428.         $data = dbquery("SELECT id,tag FROM user_tags WHERE user_id = '".$userId."'");
  429.        
  430.         while ($tag = mysql_fetch_assoc($data))
  431.         {
  432.             $tagsArray[$tag['id']] = $tag['tag'];
  433.         }
  434.        
  435.         return $tagsArray;
  436.     }
  437.    
  438.     /**************************************************************************************************/
  439.    
  440.     public static function Is_Online($userId)
  441.     {
  442.         $result = dbquery("SELECT `online` FROM `users` WHERE `id` = '".$userId."' LIMIT 1");
  443.         $row = mysql_fetch_assoc($result);
  444.         return $row['online'];
  445.     }
  446.    
  447.     public function EatCredits($id, $credits, $restar = true)
  448.     {
  449.         if($restar)
  450.         {
  451.             dbquery("UPDATE users SET credits = credits - ".$credits." WHERE id = '".$id."' LIMIT 1"); 
  452.         }
  453.         else
  454.         {
  455.             dbquery("UPDATE users SET credits = ".$credits." WHERE id = '".$id."' LIMIT 1");
  456.         }
  457.         return true;   
  458.     }
  459.  
  460. }
  461.  
  462. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top