Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- define('BASE_PATH', realpath('../../') . '/');
- set_include_path(realpath('../../'));
- require_once(BASE_PATH . "app/inc.php");
- require_once(CONFIG_PATH."connect.php");
- header("Content-Type: application/json");
- // Include FirePHP Libraries and output "hue"
- //require_once('../lib/FirePHPCore/FirePHP.class.php');
- //require_once('../lib/FirePHPCore/fb.php');
- //fb('Hue');
- //fb('hue", 'Hue?:');
- //ob_start();
- error_reporting(E_ERROR);
- // @CONFIG:
- //$adminEmail = "schwindy1234@gmail.com";
- $adminEmail = "robert@thewashplant.com";
- // Check connection
- $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
- if (empty($_REQUEST['run'])){$_REQUEST['run'] = 'kek';}
- else if(empty($_REQUEST['systemCall'])){$_REQUEST['systemCall'] = 'kek';}
- else if (empty($_REQUEST['pwrD'])){$_REQUEST['pwrD'] = 'kek';}
- else if (empty($_REQUEST['guest'])){$_REQUEST['guest'] = 'kek';}
- else if (empty($_REQUEST['invCode'])){$_REQUEST['invCode'] = 'kek';}
- if (empty($_POST['run'])){$_POST['run'] = 'kek';}
- else if(empty($_POST['systemCall'])){$_POST['systemCall'] = 'kek';}
- else if (empty($_POST['pwrD'])){$_POST['pwrD'] = 'kek';}
- else if (empty($_POST['guest'])){$_POST['guest'] = 'kek';}
- else if (empty($_POST['invCode'])){$_POST['invCode'] = 'kek';}
- if ($_REQUEST['systemCall'] === 'sandbox')
- {
- echo sha1(PJSalt.$_REQUEST['pass']);
- }
- else if ($_REQUEST['systemCall'] === 'dealerRegister')
- {
- // Receive Data
- $emailAddress = urldecode($_REQUEST['emailAddress']);
- $password = sha1(PJSalt.urldecode($_REQUEST['password']));
- $fullName = urldecode($_REQUEST['fullName']);
- $dateCreated = get_date();
- $verified = "verified";
- // Check to make sure this email address is not already in use
- $query = "SELECT * FROM dealers WHERE email='$emailAddress';";
- $result = $mysqli->query($query);
- $counter = $mysqli->affected_rows;
- // Insert new user into users table
- if ($counter < 1)
- {
- // Add to dealers table
- $query = "INSERT INTO dealers (email, password, fullName, dateCreated, verified)
- VALUES ('$emailAddress', '$password', '$fullName', '$dateCreated', '$verified');";
- $result = $mysqli->query($query);
- // Add to authGrid table
- $query = "INSERT INTO authGrid (email, crypto)
- VALUES ('$emailAddress', '$crypto');";
- $result = $mysqli->query($query);
- // Respond to client
- $msg = "success";
- $i = 0;
- $inv[$i] = new Response();
- $inv[$i]->message = $msg;
- echo json_encode($inv);
- }
- else
- {
- // Respond to client
- $msg = "fail";
- $i = 0;
- $inv[$i] = new Response();
- $inv[$i]->message = $msg;
- echo json_encode($inv);
- }
- }
- else if ($_REQUEST['systemCall'] === 'passReset')
- {
- $email = $_REQUEST['email'];
- $crypto = generateCryptoCode(8);
- // Update dealer instance
- $query =
- "UPDATE dealers SET
- cryptoPass='$crypto'
- WHERE email='$email';";
- $resultTwo = $mysqli->query($query);
- // Respond to client
- $msg = "success";
- $i = 0;
- $inv[$i] = new Response();
- $inv[$i]->message = $msg;
- $inv[$i]->crypto = $crypto;
- echo json_encode($inv);
- }
- else if ($_REQUEST['systemCall'] === 'loginCall')
- {
- $username = urldecode($_REQUEST['user']);
- $password = sha1(PJSalt. urldecode($_REQUEST['pass']));
- $result = $mysqli->query("SELECT * FROM dealers WHERE email='$username'");
- $counter = $mysqli->affected_rows;
- $i = 0;$msg = "fail";
- if ($counter > 0)
- {
- while($row = mysqli_fetch_assoc($result))
- {
- $u = $row['email'];
- $p = $row['password'];
- $cP = $row['cryptoPass'];
- $v = $row['verified'];
- $timestamp = get_date();
- if ($username === $u && $password === $p)
- {
- $msg = "success";
- $query =
- "UPDATE dealers SET
- last_login='$timestamp'
- WHERE email='$username';";
- $result = $mysqli->query($query);
- }
- else if ($username === $u && $password === $cP)
- {
- $msg = "success";
- $query =
- "UPDATE dealers SET
- password='$password',
- last_login='$timestamp'
- WHERE email='$username';";
- $result = $mysqli->query($query);
- }
- else{$msg = "fail";}
- }
- }
- else{$msg = "fail"; }
- if ($msg == "success")
- {
- $crypto = generateCryptoCode(20);
- $result = $mysqli->query("INSERT INTO authGrid (email, crypto) VALUES ('$username', '$crypto');");
- }
- else{$crypto = "1337h4(k5";}
- $i = 0;
- $inv[$i] = new Response();
- $inv[$i]->message = $msg;
- $inv[$i]->loginCrypto = $crypto;
- echo json_encode($inv);
- }
- else if ($_REQUEST['systemCall'] === 'systemAuth')
- {
- $crypto = urldecode(['crypto']);
- $query = "SELECT * FROM authGrid WHERE crypto='$crypto';";
- $result = $mysqli->query($query);
- $counter = $mysqli->affected_rows;
- $msg = "fail";
- // Get crypto info
- if ($counter === 1)
- {
- // Read User Data
- while($row = mysqli_fetch_assoc($result))
- {
- $uid = $row['email'];
- $op = $row['op'];
- }
- // Update dealer instance
- $used = "used";
- $usable = "usable";
- $query =
- "UPDATE authGrid SET
- status='$used'
- WHERE crypto='$crypto' AND status='$usable';";
- $result = $mysqli->query($query);
- if ($result !== false)
- {
- $msg = "success";
- }
- }
- $i = 0;
- $inv[$i] = new Response();
- $inv[$i]->message = $msg;
- echo json_encode($inv);
- }
- else
- {
- echo "Invalid systemCall passed";
- }
- $thread = $mysqli->thread_id;$mysqli->kill($thread);$mysqli->close(); // mySQL Garbage Collection
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement