-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcontroller.php
More file actions
154 lines (154 loc) · 7.29 KB
/
controller.php
File metadata and controls
154 lines (154 loc) · 7.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
<?php
use ReCaptcha\ReCaptcha;
use Waavi\Sanitizer\Sanitizer;
include("function.php");
$action = htmlentities(strip_tags($_REQUEST["action"]), ENT_QUOTES);
switch($action) {
case "API":
$type = htmlentities(strip_tags($_REQUEST["type"]), ENT_QUOTES);
if($API == true) {
if (strlen($API_secret) > 24) {
switch ($type) {
case "register":
//todo
break;
case "login":
//todo
break;
case "check_username":
$filter = [
"user_name" => "trim|escape|strip_tags",
"user_sign" => "trim|escape|strip_tags"
];
$sani = new Sanitizer($_REQUEST, $filter);
$sani = (object) $sani->sanitize();
try {
if($core->sign_check($sani->user_sign)) {
if($core->check_username_exist($sani->user_name))
echo json_encode(["username"=>$sani->user_name, "available"=>True]);
else
echo json_encode(["username"=>$sani->user_name, "available"=>False]);
}
} catch (Exception $e) {
echo json_encode($e->getMessage());
}
break;
case "check_email":
$filter = [
"user_email" => "trim|escape|strip_tags",
"user_sign" => "trim|escape|strip_tags"
];
$sani = new Sanitizer($_REQUEST, $filter);
$sani = (object) $sani->sanitize();
try {
if($core->sign_check($sani->user_sign)) {
if($core->check_mail_exist($sani->user_email))
echo json_encode(["username"=>$sani->user_email, "available"=>True]);
else
echo json_encode(["username"=>$sani->user_email, "available"=>False]);
}
} catch (Exception $e) {
echo json_encode($e->getMessage());
}
break;
default:
echo json_encode("No types found. :(");
break;
}
} else
echo json_encode("API Key isn't secure, please use at last 25 characters!");
} else
echo json_encode("API are disabled for this server. If you are system operator please enablie it in config");
break;
case "user_check":
$filter = [
"user_name" => "trim|escape|strip_tags",
"user_sign" => "escape|strip_tags",
];
$sani = new Sanitizer($_POST, $filter);
$sani = (object) $sani->sanitize();
if(@$core->sign_check($sani->user_sign)){
if($core->check_username_exist($sani->user_name))
echo $core->anwser("Username (<strong>{$sani->user_name}</strong>) is available!", "green darken-4 white-text rounded center");
else
echo $core->anwser("Username already exist in our system.<br/> Please try again!", "red darken-4 rounded center white-text");
}
else
echo $core->anwser("We can't verify integrity of request.", "red darken-4 rounded center white-text");
break;
case "user_checkm":
$filter = [
"user_email" => "trim|escape|lowercase",
"user_sign" => "escape|strip_tags",
];
$sani = new Sanitizer($_POST, $filter);
$sani = (object) $sani->sanitize();
if(@$core->sign_check($sani->user_sign)){
if(filter_var($sani->user_email, FILTER_VALIDATE_EMAIL)) {
if ($core->check_mail_exist($sani->user_email))
echo $core->anwser("Email is available", "green darken-4 white-text rounded center");
else
echo $core->anwser("Email already exist in our system.<br/> Did you forgot password/username?", "red darken-4 rounded center white-text");
}
else
echo $core->anwser("Your email its invalid.");
}
else
echo $core->anwser("We can't verify integrity of request.", "red darken-4 rounded center white-text");
break;
case "user_new":
$recaptcha = new ReCaptcha($gprivate);
$resp = $recaptcha->setExpectedHostname($_SERVER['SERVER_NAME'])->verify($_POST['g-recaptcha-response'], $core->ip);
if ($resp->isSuccess()) {
$filter = [
"user_name" => "trim|escape|strip_tags",
"user_password" => "trim|escape|strip_tags",
"user_password_confirm" => "trim|escape|strip_tags",
"user_sign" => "escape|strip_tags",
"user_email" => "trim|escape|lowercase"
];
$sani = new Sanitizer($_POST, $filter);
$sani = $sani->sanitize();
$sani = (object)$sani;
if ($core->sign_check($sani->user_sign)) {
if ($core->check_username_len($sani->user_name)) {
if (ctype_alnum($sani->user_name)) {
if ($core->check_password_len($sani->user_password)) {
if ($core->check_password_similarity($sani->user_password, $sani->user_password_confirm)) {
if (filter_var($sani->user_email, FILTER_VALIDATE_EMAIL)) {
if ($core->check_username_exist($sani->user_name)) {
if ($core->check_mail_exist($sani->user_email)) {
if ($core->makeaccount($sani->user_name, $sani->user_password, $sani->user_email))
echo $core->anwser("You'r account {$sani->user_name} was created! <br/> You can login now!", "green darken-4 white-text rounded");
else
echo $core->anwser("Something wen't wrong, you'r account hasn't be created.<br>Please contact system operator.", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Email already exist in our database,<br/> do you forgot password?", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Username already exist in our database!<br/>Please try again with differit username", "red darken-4 white-text center rounded");
} else
echo $core->anwser("You'r email looks ugly!<br>Please use valid email", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Passwords do not match", "red darken-4 white-text center rounded");
} else
echo $core->anwser("You'r password its too weak!</br> Password should be atleast 6 character longer", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Only alphanumeric characters (english) are allowed.<br/>Please try again.", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Username isn't valid, should be between 6 and 25, only alphanumeric (english).<br/>Please try again.", "red darken-4 white-text center rounded");
} else
echo $core->anwser("Security pass failed :( did you try to hack us?", "red darken-4 white-text center rounded");
} else
echo $core->anwser("You must pass google captcha.<br/> Please try again!", "red darken-4 white-text center rounded");
break;
case "install":
$install = new installer();
if(!file_exists("config.php"))
die(($install->handle((object)$_POST) ? "Insall success fully!" : "Look like you already have config.php"));
else
die("Look like you already have config.php");
break;
default:
die("unknown error occoruct");
break;
}