Use new token location
This commit is contained in:
@@ -5,7 +5,7 @@ $conn1 = newConnection(1);
|
|||||||
$request_username = $_POST['username'];
|
$request_username = $_POST['username'];
|
||||||
$request_password = $_POST['password'];
|
$request_password = $_POST['password'];
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id, username, password FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id, username, password, token FROM users WHERE username = ?");
|
||||||
$stmt->bind_param("s", $request_username);
|
$stmt->bind_param("s", $request_username);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
@@ -18,7 +18,7 @@ if ($result->num_rows > 0) {
|
|||||||
$login_time = time();
|
$login_time = time();
|
||||||
$uid = $row['id'];
|
$uid = $row['id'];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT token, legacy_high_score, save_data FROM userdata WHERE id = ? LIMIT 1");
|
$stmt = $conn1->prepare("SELECT legacy_high_score, save_data FROM userdata WHERE id = ? LIMIT 1");
|
||||||
$stmt->bind_param("i", $uid);
|
$stmt->bind_param("i", $uid);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
@@ -28,7 +28,7 @@ if ($result->num_rows > 0) {
|
|||||||
|
|
||||||
$username = $row['username'];
|
$username = $row['username'];
|
||||||
$highscore = $row2['legacy_high_score'];
|
$highscore = $row2['legacy_high_score'];
|
||||||
$token = $row2['token'];
|
$token = $row['token'];
|
||||||
$savedata = json_decode($row2['save_data'], true);
|
$savedata = json_decode($row2['save_data'], true);
|
||||||
$icon = $savedata['bird']['icon'] ?? 1;
|
$icon = $savedata['bird']['icon'] ?? 1;
|
||||||
$overlay = $savedata['bird']['overlay'] ?? 0;
|
$overlay = $savedata['bird']['overlay'] ?? 0;
|
||||||
|
|||||||
@@ -6,8 +6,8 @@ $user_id = $_POST['userID'] ?? 0;
|
|||||||
$token = $_POST['gameSession'] ?? '';
|
$token = $_POST['gameSession'] ?? '';
|
||||||
$high_score = $_POST['highScore'] ?? 0;
|
$high_score = $_POST['highScore'] ?? 0;
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE id = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE id = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $user_id);
|
$stmt->bind_param("ss", $user_id, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
if ($result->num_rows != 1) {
|
if ($result->num_rows != 1) {
|
||||||
@@ -19,8 +19,8 @@ if ($result->num_rows != 1) {
|
|||||||
$stmt->close();
|
$stmt->close();
|
||||||
$user_id = $result->fetch_assoc()["id"];
|
$user_id = $result->fetch_assoc()["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("si", $token, $user_id);
|
$stmt->bind_param("i", $user_id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -31,8 +31,8 @@ if ($result2->num_rows != 1) {
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$updateStmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ? WHERE token = ? AND id = ?");
|
$updateStmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ? WHERE id = ?");
|
||||||
$updateStmt->bind_param("isi", $high_score, $token, $user_id);
|
$updateStmt->bind_param("ii", $high_score, $user_id);
|
||||||
$updateStmt->execute();
|
$updateStmt->execute();
|
||||||
$updateStmt->close();
|
$updateStmt->close();
|
||||||
|
|
||||||
|
|||||||
@@ -11,8 +11,8 @@ if (getClientVersion() == "1.5.0" || getClientVersion() == "1.5.1" || getClientV
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -27,8 +27,8 @@ if ($result->num_rows != 1) {
|
|||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT save_data, legacy_high_score FROM userdata WHERE id = ? AND token = ? LIMIT 1");
|
$stmt = $conn1->prepare("SELECT save_data, legacy_high_score FROM userdata WHERE id = ? LIMIT 1");
|
||||||
$stmt->bind_param("is", $id, $token);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -8,8 +8,8 @@ $request_highScore = $_POST['highScore'] ?? 0;
|
|||||||
$request_icon = $_POST['icon'] ?? 0;
|
$request_icon = $_POST['icon'] ?? 0;
|
||||||
$request_overlay = $_POST['overlay'] ?? 0;
|
$request_overlay = $_POST['overlay'] ?? 0;
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $request_userName);
|
$stmt->bind_param("ss", $request_userName, $request_gameSession);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -23,8 +23,8 @@ if ($result->num_rows != 1) {
|
|||||||
|
|
||||||
$request_uid = $result->fetch_assoc()["id"];
|
$request_uid = $result->fetch_assoc()["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("si", $request_gameSession, $request_uid);
|
$stmt->bind_param("i", $request_uid);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -43,8 +43,8 @@ $savedata['bird']['icon'] = $request_icon;
|
|||||||
$savedata['bird']['overlay'] = $request_overlay;
|
$savedata['bird']['overlay'] = $request_overlay;
|
||||||
$savedata = json_encode($savedata);
|
$savedata = json_encode($savedata);
|
||||||
|
|
||||||
$stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE id = ?");
|
||||||
$stmt->bind_param("issi", $request_highScore, $savedata, $request_gameSession, $request_uid);
|
$stmt->bind_param("isi", $request_highScore, $savedata, $request_uid);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|
||||||
|
|||||||
@@ -7,9 +7,10 @@ if (!preg_match('/^[ a-zA-Z0-9!@#\$%\^&\*\(\)_\+\-=\[\]\{\};\':",\.<>\/\?\\\\|`~
|
|||||||
exitWithMessage("-1");
|
exitWithMessage("-1");
|
||||||
}
|
}
|
||||||
|
|
||||||
$conn = newConnection(1);
|
$conn0 = newConnection(0);
|
||||||
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn->prepare("SELECT id FROM userdata WHERE token = ?");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE token = ?");
|
||||||
$stmt->bind_param("s", $token);
|
$stmt->bind_param("s", $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
@@ -21,11 +22,12 @@ $id = $row["id"];
|
|||||||
$content = base64_encode($request_content);
|
$content = base64_encode($request_content);
|
||||||
$time = time();
|
$time = time();
|
||||||
|
|
||||||
$stmt = $conn->prepare("INSERT INTO chats (userId, content, timestamp) VALUES (?, ?, ?)");
|
$stmt = $conn1->prepare("INSERT INTO chats (userId, content, timestamp) VALUES (?, ?, ?)");
|
||||||
$stmt->bind_param("isi", $id, $content, $time);
|
$stmt->bind_param("isi", $id, $content, $time);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|
||||||
echo encrypt("1");
|
echo encrypt("1");
|
||||||
|
|
||||||
$conn->close();
|
$conn0->close();
|
||||||
|
$conn1->close();
|
||||||
@@ -8,7 +8,7 @@ $password = $post['password'];
|
|||||||
$currentHighScore = $post['currentHighScore'] ?? 0;
|
$currentHighScore = $post['currentHighScore'] ?? 0;
|
||||||
$loginType = $post['loginType'] ?? '0';
|
$loginType = $post['loginType'] ?? '0';
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id, username, password FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id, username, password, token FROM users WHERE username = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("s", $username);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
@@ -19,7 +19,7 @@ $row = $result->fetch_assoc();
|
|||||||
if (!password_verify($password, $row["password"])) exitWithMessage("-1");
|
if (!password_verify($password, $row["password"])) exitWithMessage("-1");
|
||||||
|
|
||||||
$id = $row['id'];
|
$id = $row['id'];
|
||||||
$stmt = $conn1->prepare("SELECT token, legacy_high_score FROM userdata WHERE id = ?");
|
$stmt = $conn1->prepare("SELECT legacy_high_score FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("i", $id);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
@@ -27,15 +27,11 @@ $stmt->close();
|
|||||||
if ($result2->num_rows != 1) exitWithMessage("-1");
|
if ($result2->num_rows != 1) exitWithMessage("-1");
|
||||||
$row2 = $result2->fetch_assoc();
|
$row2 = $result2->fetch_assoc();
|
||||||
|
|
||||||
$token = $row2['token'];
|
$token = $row['token'];
|
||||||
$ip = getIPAddress();
|
$ip = getIPAddress();
|
||||||
|
|
||||||
$stmt = $conn0->prepare("UPDATE users SET latest_ip = ? WHERE id = ?");
|
$stmt = $conn0->prepare("UPDATE users SET latest_ip = ?, token = ? WHERE id = ?");
|
||||||
$stmt->bind_param("si", $ip, $id);
|
$stmt->bind_param("ssi", $ip, $token, $id);
|
||||||
$stmt->execute();
|
|
||||||
$stmt->close();
|
|
||||||
$stmt = $conn1->prepare("UPDATE userdata SET token = ? WHERE id = ?");
|
|
||||||
$stmt->bind_param("si", $token, $id);
|
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|
||||||
|
|||||||
@@ -19,8 +19,8 @@ $overlayColor = [$overlayR, $overlayG, $overlayB];
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -35,8 +35,8 @@ if ($result->num_rows != 1) {
|
|||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE id = ? AND token = ?");
|
$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("is", $id, $token);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -55,12 +55,11 @@ $savedata['bird']['overlay'] = $overlay;
|
|||||||
$savedata['settings']['colors']['icon'] = $birdColor;
|
$savedata['settings']['colors']['icon'] = $birdColor;
|
||||||
if (getClientVersion() == "1.5.2") $savedata['settings']['colors']['overlay'] = $overlayColor;
|
if (getClientVersion() == "1.5.2") $savedata['settings']['colors']['overlay'] = $overlayColor;
|
||||||
$savedata = json_encode($savedata);
|
$savedata = json_encode($savedata);
|
||||||
$stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE id = ? AND token = ?");
|
$stmt = $conn1->prepare("UPDATE userdata SET legacy_high_score = ?, save_data = ? WHERE id = ?");
|
||||||
$stmt->bind_param("isis",
|
$stmt->bind_param("isis",
|
||||||
$highScore,
|
$highScore,
|
||||||
$savedata,
|
$savedata,
|
||||||
$id,
|
$id
|
||||||
$token
|
|
||||||
);
|
);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -9,16 +9,16 @@ $targetId = (int)$post['targetId'] ?? 0;
|
|||||||
$token = $post['token'] ?? '';
|
$token = $post['token'] ?? '';
|
||||||
$username = $post['username'] ?? '';
|
$username = $post['username'] ?? '';
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
if ($result->num_rows != 1) exitWithMessage(json_encode(["success" => false, "message" => 'User info not found']));
|
if ($result->num_rows != 1) exitWithMessage(json_encode(["success" => false, "message" => 'User info not found']));
|
||||||
$user_id = $result->fetch_assoc()["id"];
|
$user_id = $result->fetch_assoc()["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT 1 FROM userdata WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("SELECT 1 FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("si", $token, $user_id);
|
$stmt->bind_param("i", $user_id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -10,8 +10,8 @@ $username = $post['username'] ?? '';
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? LIMIT 1");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? AND token = ? LIMIT 1");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -20,8 +20,8 @@ if ($result->num_rows != 1) exit;
|
|||||||
|
|
||||||
$user_id = $row["id"];
|
$user_id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT 1 FROM userdata WHERE token = ? AND id = ? LIMIT 1");
|
$stmt = $conn1->prepare("SELECT 1 FROM userdata WHERE id = ? LIMIT 1");
|
||||||
$stmt->bind_param("si", $token, $user_id);
|
$stmt->bind_param("i", $user_id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -13,8 +13,8 @@ if (!preg_match('/^[ a-zA-Z0-9!@#\$%\^&\*\(\)_\+\-=\[\]\{\};\':",\.<>\/\?\\\\|`~
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -23,8 +23,8 @@ if (!$row) exit;
|
|||||||
|
|
||||||
$user_id = $row["id"];
|
$user_id = $row["id"];
|
||||||
|
|
||||||
$stmt2 = $conn1->prepare("SELECT 1 FROM userdata WHERE token = ? AND id = ?");
|
$stmt2 = $conn1->prepare("SELECT 1 FROM userdata WHERE id = ?");
|
||||||
$stmt2->bind_param("si", $token, $user_id);
|
$stmt2->bind_param("i", $user_id);
|
||||||
$stmt2->execute();
|
$stmt2->execute();
|
||||||
$result2 = $stmt2->get_result();
|
$result2 = $stmt2->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -20,8 +20,8 @@ $username = $post['username'] ?? '';
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id, username FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id, username FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -36,8 +36,8 @@ if ($result->num_rows != 1) {
|
|||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT save_data, token FROM userdata WHERE id = ? AND token = ?");
|
$stmt = $conn1->prepare("SELECT save_data FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("is", $id, $token);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -54,7 +54,7 @@ $row2 = $result2->fetch_assoc();
|
|||||||
$savedata = json_decode($row2['save_data'], true);
|
$savedata = json_decode($row2['save_data'], true);
|
||||||
$savedata['account']['id'] = $id;
|
$savedata['account']['id'] = $id;
|
||||||
$savedata['account']['name'] = $row['username'];
|
$savedata['account']['name'] = $row['username'];
|
||||||
$savedata['account']['session'] = $row2['token'];
|
$savedata['account']['session'] = $token;
|
||||||
echo encrypt(json_encode([
|
echo encrypt(json_encode([
|
||||||
"success" => true,
|
"success" => true,
|
||||||
"data" => $savedata
|
"data" => $savedata
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ $post = getPostData();
|
|||||||
$username = $post['username'];
|
$username = $post['username'];
|
||||||
$password = $post['password'];
|
$password = $post['password'];
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT id, username, password FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT id, username, password, token FROM users WHERE username = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("s", $username);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
@@ -38,25 +38,13 @@ $row = $result->fetch_assoc();
|
|||||||
if (!password_verify($password, $row["password"])) exitWithMessage(json_encode(["success" => false, "message" => "Invalid username or password"]));
|
if (!password_verify($password, $row["password"])) exitWithMessage(json_encode(["success" => false, "message" => "Invalid username or password"]));
|
||||||
|
|
||||||
$id = $row['id'];
|
$id = $row['id'];
|
||||||
|
$token = $row['token'];
|
||||||
$stmt = $conn1->prepare("SELECT token FROM userdata WHERE id = ?");
|
|
||||||
$stmt->bind_param("i", $id);
|
|
||||||
$stmt->execute();
|
|
||||||
$result2 = $stmt->get_result();
|
|
||||||
$stmt->close();
|
|
||||||
if ($result2->num_rows != 1) exitWithMessage(json_encode(["success" => false, "message" => "Invalid username or password"]));
|
|
||||||
|
|
||||||
$token = $result2->fetch_assoc()['token'];
|
|
||||||
$ip = getIPAddress();
|
$ip = getIPAddress();
|
||||||
|
|
||||||
$stmt = $conn0->prepare("UPDATE users SET latest_ip = ? WHERE id = ?");
|
$stmt = $conn0->prepare("UPDATE users SET latest_ip = ? WHERE id = ?");
|
||||||
$stmt->bind_param("si", $ip, $id);
|
$stmt->bind_param("si", $ip, $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
$stmt = $conn1->prepare("UPDATE userdata SET token = ? WHERE id = ?");
|
|
||||||
$stmt->bind_param("si", $token, $id);
|
|
||||||
$stmt->execute();
|
|
||||||
$stmt->close();
|
|
||||||
|
|
||||||
$data = ["session" => $token, "username" => $row['username'], "userid" => $id];
|
$data = ["session" => $token, "username" => $row['username'], "userid" => $id];
|
||||||
|
|
||||||
|
|||||||
@@ -13,8 +13,8 @@ if (!preg_match('/^[ a-zA-Z0-9!@#\$%\^&\*\(\)_\+\-=\[\]\{\};\':",\.<>\/\?\\\\|`~
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? LIMIT 1");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ? LIMIT 1");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
@@ -23,8 +23,8 @@ $stmt->close();
|
|||||||
|
|
||||||
$user_id = $row["id"];
|
$user_id = $row["id"];
|
||||||
|
|
||||||
$stmt2 = $conn1->prepare("SELECT * FROM userdata WHERE id = ? AND token = ? LIMIT 1");
|
$stmt2 = $conn1->prepare("SELECT * FROM userdata WHERE id = ? LIMIT 1");
|
||||||
$stmt2->bind_param("is", $user_id, $token);
|
$stmt2->bind_param("i", $user_id);
|
||||||
$stmt2->execute();
|
$stmt2->execute();
|
||||||
$result2 = $stmt2->get_result();
|
$result2 = $stmt2->get_result();
|
||||||
$row2 = $result2->fetch_assoc();
|
$row2 = $result2->fetch_assoc();
|
||||||
|
|||||||
@@ -40,8 +40,8 @@ try {
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -56,8 +56,8 @@ if ($result->num_rows != 1) {
|
|||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT id FROM userdata WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("SELECT id FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("si", $token, $id);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -69,8 +69,8 @@ if ($result->num_rows != 1) {
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$stmt = $conn1->prepare("UPDATE userdata SET save_data = ? WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("UPDATE userdata SET save_data = ? WHERE id = ?");
|
||||||
$stmt->bind_param("ssi", $savedata, $token, $id);
|
$stmt->bind_param("si", $savedata, $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
echo encrypt(json_encode(["success" => true]));
|
echo encrypt(json_encode(["success" => true]));
|
||||||
|
|||||||
@@ -18,8 +18,8 @@ if (!preg_match('/^[ a-zA-Z0-9!@#\$%\^&\*\(\)_\+\-=\[\]\{\};\':",\.<>\/\?\\\\|`~
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -28,8 +28,8 @@ if (!$row) exitWithMessage(json_encode(["success" => false, "message" => "Invali
|
|||||||
|
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE id = ? AND token = ?");
|
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("is", $id, $token);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -14,8 +14,8 @@ if (!preg_match('/^[ a-zA-Z0-9!@#\$%\^&\*\(\)_\+\-=\[\]\{\};\':",\.<>\/\?\\\\|`~
|
|||||||
$conn0 = newConnection(0);
|
$conn0 = newConnection(0);
|
||||||
$conn1 = newConnection(1);
|
$conn1 = newConnection(1);
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
@@ -23,8 +23,8 @@ if ($result->num_rows != 1) exitWithMessage(json_encode(["success" => false]));
|
|||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
|
|
||||||
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE token = ? AND id = ?");
|
$stmt = $conn1->prepare("SELECT * FROM userdata WHERE id = ?");
|
||||||
$stmt->bind_param("si", $token, $id);
|
$stmt->bind_param("i", $id);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result2 = $stmt->get_result();
|
$result2 = $stmt->get_result();
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
|
|||||||
@@ -14,8 +14,8 @@ if ($liked !== 0 && $liked !== 1) {
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ?");
|
$stmt = $conn0->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
|
||||||
$stmt->bind_param("s", $username);
|
$stmt->bind_param("ss", $username, $token);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$row = $result->fetch_assoc();
|
$row = $result->fetch_assoc();
|
||||||
|
|||||||
Reference in New Issue
Block a user