A lot of changes (that shouldn't, hopefully be breaking)

2026-01-02 20:56:24 -07:00
parent b2c28e229d
commit 8e6a9ef156
30 changed files with 248 additions and 287 deletions
--- a/database/backported/1.5/loginAccount.php
+++ b/database/backported/1.5/loginAccount.php
@@ -8,59 +8,53 @@ $password = $post['password'];
 $currentHighScore = $post['currentHighScore'] ?? 0;
 $loginType = $post['loginType'] ?? '0';

-$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
+$stmt = $conn0->prepare("SELECT id, username, password FROM users WHERE username = ?");
 $stmt->bind_param("s", $username);
 $stmt->execute();
 $result = $stmt->get_result();
+$stmt->close();
+if ($result->num_rows != 1) exitWithMessage("-1");
+$row = $result->fetch_assoc();

-if ($result->num_rows != 1) {
-    exitWithMessage("-1");
-}
+if (!password_verify($password, $row["password"])) exitWithMessage("-1");

-$user = $result->fetch_assoc();
+$id = $row['id'];
+$stmt = $conn1->prepare("SELECT token, legacy_high_score FROM userdata WHERE id = ?");
+$stmt->bind_param("i", $id);
+$stmt->execute();
+$result2 = $stmt->get_result();
+$stmt->close();
+if ($result2->num_rows != 1) exitWithMessage("-1");
+$row2 = $result2->fetch_assoc();

-if (!password_verify($password, $user["password"])) {
-    exitWithMessage("-1");
-}
-
-$id = $user['id'];
-$stmt2 = $conn1->prepare("SELECT * FROM userdata WHERE id = ?");
-$stmt2->bind_param("i", $id);
-$stmt2->execute();
-$result2 = $stmt2->get_result();
-
-if ($result2->num_rows != 1) {
-    exitWithMessage("-1");
-}
-
-$user2 = $result2->fetch_assoc();
-
-$token = $user2['token'];
+$token = $row2['token'];
 $ip = getIPAddress();

 $stmt = $conn0->prepare("UPDATE users SET latest_ip = ? WHERE id = ?");
 $stmt->bind_param("si", $ip, $id);
 $stmt->execute();
-$stmt2 = $conn1->prepare("UPDATE userdata SET token = ? WHERE id = ?");
-$stmt2->bind_param("si", $token, $id);
-$stmt2->execute();
+$stmt->close();
+$stmt = $conn1->prepare("UPDATE userdata SET token = ? WHERE id = ?");
+$stmt->bind_param("si", $token, $id);
+$stmt->execute();
+$stmt->close();

-if ($currentHighScore > $user['legacy_high_score']) {
+if ($currentHighScore > $row2['legacy_high_score']) {
    $stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ? WHERE id = ?");
    $stmt->bind_param("ii", $currentHighScore, $id);
    $stmt->execute();
-    $user['legacy_high_score'] = $currentHighScore;
+    $stmt->close();
+    $row2['legacy_high_score'] = $currentHighScore;
 }

-$savedata = json_decode($user['save_data'], true);
+$savedata = json_decode($row['save_data'], true);
 $birdColor = $savedata['settings']['colors']['icon'] ?? [255,255,255];
 $overlayColor = $savedata['settings']['colors']['overlay'] ?? [255,255,255];

 if ($loginType === "0") {
-    echo encrypt("1" . ":" . $token . ":" . $user['username'] . ":" . $id . ":" . $user['legacy_high_score'] . ":" . ($savedata['bird']['icon'] ?? 1) . ":" . ($savedata['bird']['overlay'] ?? 0) . ":0:0:0:0:0:" . ":" . $birdColor[0] . ":" . $birdColor[1] . ":" . $birdColor[2] . ":" . $overlayColor[0] . ":" . $overlayColor[1] . ":" . $overlayColor[2]);
+    echo encrypt("1" . ":" . $token . ":" . $row['username'] . ":" . $id . ":" . $row2['legacy_high_score'] . ":" . ($savedata['bird']['icon'] ?? 1) . ":" . ($savedata['bird']['overlay'] ?? 0) . ":0:0:0:0:0:" . ":" . $birdColor[0] . ":" . $birdColor[1] . ":" . $birdColor[2] . ":" . $overlayColor[0] . ":" . $overlayColor[1] . ":" . $overlayColor[2]);
 } elseif ($loginType === "1") {
-    echo encrypt("1" . ":" . $token . ":" . $user['username'] . ":" . $id);
+    echo encrypt("1" . ":" . $token . ":" . $row['username'] . ":" . $id);
 }
-$stmt->close();
 $conn0->close();
 $conn1->close();
--- a/database/backported/1.5/saveAccount.php
+++ b/database/backported/1.5/saveAccount.php
@@ -19,10 +19,11 @@ $overlayColor = [$overlayR, $overlayG, $overlayB];
 $conn0 = newConnection(0);
 $conn1 = newConnection(1);

-$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
+$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ?");
 $stmt->bind_param("s", $username);
 $stmt->execute();
 $result = $stmt->get_result();
+$stmt->close();

 if ($result->num_rows != 1) {
    echo encrypt("-1");
@@ -34,10 +35,11 @@ if ($result->num_rows != 1) {
 $row = $result->fetch_assoc();
 $id = $row["id"];

-$stmt2 = $conn1->prepare("SELECT * FROM userdata WHERE id = ? AND token = ?");
-$stmt2->bind_param("is", $id, $token);
-$stmt2->execute();
-$result2 = $stmt2->get_result();
+$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE id = ? AND token = ?");
+$stmt->bind_param("is", $id, $token);
+$stmt->execute();
+$result2 = $stmt->get_result();
+$stmt->close();

 if ($result2->num_rows != 1) {
    echo encrypt("-1");
@@ -53,15 +55,15 @@ $savedata['bird']['overlay'] = $overlay;
 $savedata['settings']['colors']['icon'] = $birdColor;
 if (getClientVersion() == "1.5.2") $savedata['settings']['colors']['overlay'] = $overlayColor;
 $savedata = json_encode($savedata);
-$updateStmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE id = ? AND token = ?");
-$updateStmt->bind_param("isis", 
+$stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE id = ? AND token = ?");
+$stmt->bind_param("isis", 
    $highScore, 
    $savedata, 
    $id, 
    $token
 );
-$updateStmt->execute();
-$updateStmt->close();
+$stmt->execute();
+$stmt->close();
 echo encrypt("1");

 $conn0->close();