Cyberbyte-Studios /
CyberWorks
@@ -15,20 +15,20 @@ discard block |
||
| 15 | 15 | if (formtoken::validateToken($_POST)) { |
| 16 | 16 | $to = $_POST['emailed']; |
| 17 | 17 | $token = tokenGen(32); |
| 18 | - $sql = "SELECT `user_id` FROM `users` WHERE `user_email` = '" . $to . "';"; |
|
| 18 | + $sql = "SELECT `user_id` FROM `users` WHERE `user_email` = '".$to."';"; |
|
| 19 | 19 | $result = $db_connection->query($sql); |
| 20 | 20 | if ($result->num_rows > 0) { |
| 21 | 21 | $row = $result->fetch_assoc(); |
| 22 | - $sql = "UPDATE `users` SET `token` = '" . $token . "' WHERE `user_id` = '" . $row['user_id'] . "';"; |
|
| 22 | + $sql = "UPDATE `users` SET `token` = '".$token."' WHERE `user_id` = '".$row['user_id']."';"; |
|
| 23 | 23 | $result_of_query = $db_connection->query($sql); |
| 24 | 24 | |
| 25 | 25 | //Send the reset Email |
| 26 | 26 | $subject = "Password Reset"; |
| 27 | - $headers = "MIME-Version: 1.0" . "\r\n"; |
|
| 28 | - $headers .= "Content-type:text/html;charset=iso-8859-1" . "\r\n"; |
|
| 27 | + $headers = "MIME-Version: 1.0"."\r\n"; |
|
| 28 | + $headers .= "Content-type:text/html;charset=iso-8859-1"."\r\n"; |
|
| 29 | 29 | //$headers .= "From: Password Reset <[email protected]>\r\n"; |
| 30 | - $headers .= "From: " . $settings['community'] . " Panel <" . $email . ">\r\n" . "Reply-To: " . $email . "\r\n"; |
|
| 31 | - $msg = "Password reset<br/> token: " . $token . " <br/> url: <a href='" . $settings['url'] . "?token=" . $token . "&uID=" . $row['user_id'] . "'>" . $settings['url'] . "?token=" . $token . "&uID=" . $row['user_id'] . "</a>"; |
|
| 30 | + $headers .= "From: ".$settings['community']." Panel <".$email.">\r\n"."Reply-To: ".$email."\r\n"; |
|
| 31 | + $msg = "Password reset<br/> token: ".$token." <br/> url: <a href='".$settings['url']."?token=".$token."&uID=".$row['user_id']."'>".$settings['url']."?token=".$token."&uID=".$row['user_id']."</a>"; |
|
| 32 | 32 | $mail = mail($to, $subject, $msg, $headers); |
| 33 | 33 | |
| 34 | 34 | $message = "Your password has been reset please check your email"; |
@@ -42,11 +42,11 @@ discard block |
||
| 42 | 42 | if ($_POST['user_password_new'] !== $_POST['user_password_repeat']) { |
| 43 | 43 | $error = 'Password and password repeat are not the same'; |
| 44 | 44 | } else { |
| 45 | - $sql = "SELECT `user_id` FROM `users` WHERE `user_id` = '" . $_GET['uID'] . "' AND `token` = '" . $_GET['token'] . "';"; |
|
| 45 | + $sql = "SELECT `user_id` FROM `users` WHERE `user_id` = '".$_GET['uID']."' AND `token` = '".$_GET['token']."';"; |
|
| 46 | 46 | $result_of_query = $db_connection->query($sql); |
| 47 | 47 | if ($result_of_query->num_rows == 1) { |
| 48 | 48 | $user_password_hash = password_hash($_POST['user_password_new'], PASSWORD_DEFAULT); |
| 49 | - $sql = "UPDATE `users` SET `user_password_hash` = '" . $user_password_hash . "', `token` = '' WHERE `user_id` = '" . $_GET['uID'] . "' AND `token` = '" . $_GET['token'] . "';"; |
|
| 49 | + $sql = "UPDATE `users` SET `user_password_hash` = '".$user_password_hash."', `token` = '' WHERE `user_id` = '".$_GET['uID']."' AND `token` = '".$_GET['token']."';"; |
|
| 50 | 50 | $result_of_query = $db_connection->query($sql); |
| 51 | 51 | $message = 'Your password been updated'; |
| 52 | 52 | } else { |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | } |
| 55 | 55 | } |
| 56 | 56 | } else { |
| 57 | - $sql = "SELECT `user_id` FROM `users` WHERE `user_id` = '" . $_GET['uID'] . "' AND `token` = '" . $_GET['token'] . "';"; |
|
| 57 | + $sql = "SELECT `user_id` FROM `users` WHERE `user_id` = '".$_GET['uID']."' AND `token` = '".$_GET['token']."';"; |
|
| 58 | 58 | $result_of_query = $db_connection->query($sql); |
| 59 | 59 | if ($result_of_query->num_rows == 1) { |
| 60 | 60 | ?> |
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | <?php |
| 92 | 92 | } else { |
| 93 | 93 | $error = 'User not found or token invalid'; |
| 94 | - logAction($_POST['email'], ' ' . $lang['passreset'], 3); |
|
| 94 | + logAction($_POST['email'], ' '.$lang['passreset'], 3); |
|
| 95 | 95 | } |
| 96 | 96 | } |
| 97 | 97 | } |
@@ -106,16 +106,16 @@ discard block |
||
| 106 | 106 | <?php |
| 107 | 107 | if ($login->messages) { |
| 108 | 108 | foreach ($login->messages as $message) { |
| 109 | - echo '<div style="margin-top: 120px;" class="alert alert-info animated infinite bounce" role="alert">' . $message . '</div>'; |
|
| 109 | + echo '<div style="margin-top: 120px;" class="alert alert-info animated infinite bounce" role="alert">'.$message.'</div>'; |
|
| 110 | 110 | } |
| 111 | 111 | } elseif ($login->errors) { |
| 112 | 112 | foreach ($login->errors as $error) { |
| 113 | - echo '<div style="margin-top: 120px;" class="alert alert-danger animated infinite bounce" role="alert">' . $error . '</div>'; |
|
| 113 | + echo '<div style="margin-top: 120px;" class="alert alert-danger animated infinite bounce" role="alert">'.$error.'</div>'; |
|
| 114 | 114 | } |
| 115 | 115 | } elseif (isset($message)) { |
| 116 | - echo '<div style="margin-top: 120px;" class="alert alert-info animated infinite bounce" role="alert">' . $message . '</div>'; |
|
| 116 | + echo '<div style="margin-top: 120px;" class="alert alert-info animated infinite bounce" role="alert">'.$message.'</div>'; |
|
| 117 | 117 | } elseif (isset($error)) { |
| 118 | - echo '<div style="margin-top: 120px;" class="alert alert-danger animated infinite bounce" role="alert">' . $error . '</div>'; |
|
| 118 | + echo '<div style="margin-top: 120px;" class="alert alert-danger animated infinite bounce" role="alert">'.$error.'</div>'; |
|
| 119 | 119 | } else { |
| 120 | 120 | echo '<div style="margin-top: 190px;"></div>'; |
| 121 | 121 | } ?> |
@@ -161,11 +161,11 @@ discard block |
||
| 161 | 161 | echo '<select id = "lang" name = "lang" class="form-control login_input" >'; |
| 162 | 162 | |
| 163 | 163 | foreach ($settings['installedLanguage'] as $language) { |
| 164 | - echo '<option value = "' . $language[1] . '" '; |
|
| 164 | + echo '<option value = "'.$language[1].'" '; |
|
| 165 | 165 | if ($tempLang == $language[1]) { |
| 166 | 166 | echo 'selected'; |
| 167 | 167 | } |
| 168 | - echo '> ' . $language[0] . '</option>'; |
|
| 168 | + echo '> '.$language[0].'</option>'; |
|
| 169 | 169 | } |
| 170 | 170 | echo '</select><br>'; |
| 171 | 171 | } |
@@ -3,7 +3,7 @@ discard block |
||
| 3 | 3 | if (formtoken::validateToken($_POST)) { |
| 4 | 4 | $db_type = $_POST['db_type']; |
| 5 | 5 | |
| 6 | - $sql = "INSERT INTO `db` (`type`, `sql_host`, `sql_user`, `sql_pass`, `sql_name`) VALUES ('" . $db_type . "', '" . encrypt($_POST['SQL_host']) . "', '" . encrypt($_POST['SQL_user']) . "', '" . encrypt($_POST['SQL_pass']) . "', '" . encrypt($_POST['SQL_name']) . "');"; |
|
| 6 | + $sql = "INSERT INTO `db` (`type`, `sql_host`, `sql_user`, `sql_pass`, `sql_name`) VALUES ('".$db_type."', '".encrypt($_POST['SQL_host'])."', '".encrypt($_POST['SQL_user'])."', '".encrypt($_POST['SQL_pass'])."', '".encrypt($_POST['SQL_name'])."');"; |
|
| 7 | 7 | $result_of_query = $db_connection->query($sql); |
| 8 | 8 | |
| 9 | 9 | message($lang['newdb']); |
@@ -17,7 +17,7 @@ discard block |
||
| 17 | 17 | <form method="post" action="newDB" name="newDB" id="newDB"> |
| 18 | 18 | <?php echo formtoken::getField() ?> |
| 19 | 19 | <h2 class="form-login-heading"> |
| 20 | - <?php echo $lang['new'] . ' ' . $lang['database'] ?> |
|
| 20 | + <?php echo $lang['new'].' '.$lang['database'] ?> |
|
| 21 | 21 | </h2> |
| 22 | 22 | <div class="form-group"> |
| 23 | 23 | <label for="db_type">Server type: </label> |
@@ -32,7 +32,7 @@ discard block |
||
| 32 | 32 | class=" form-control login_input" type="text" |
| 33 | 33 | name="SQL_host" |
| 34 | 34 | |
| 35 | - <?php if (isset($_POST['SQL_host'])) echo 'value="' . htmlspecialchars($_POST['SQL_host']) . '"' ?> |
|
| 35 | + <?php if (isset($_POST['SQL_host'])) echo 'value="'.htmlspecialchars($_POST['SQL_host']).'"' ?> |
|
| 36 | 36 | required> |
| 37 | 37 | </div> |
| 38 | 38 | <div class="form-group"> |
@@ -40,7 +40,7 @@ discard block |
||
| 40 | 40 | <input placeholder="SQL User" id="SQL_user" |
| 41 | 41 | class=" form-control login_input" type="text" |
| 42 | 42 | name="SQL_user" |
| 43 | - <?php if (isset($_POST['SQL_user'])) echo 'value="' . htmlspecialchars($_POST['SQL_user']) . '"' ?> |
|
| 43 | + <?php if (isset($_POST['SQL_user'])) echo 'value="'.htmlspecialchars($_POST['SQL_user']).'"' ?> |
|
| 44 | 44 | required autocapitalize="off"> |
| 45 | 45 | </div> |
| 46 | 46 | <div class="form-group"> |
@@ -49,7 +49,7 @@ discard block |
||
| 49 | 49 | class=" form-control login_input" type="password" |
| 50 | 50 | name="SQL_pass" |
| 51 | 51 | |
| 52 | - <?php if (isset($_POST['SQL_pass'])) echo 'value="' . htmlspecialchars($_POST['SQL_pass']) . '"' ?> |
|
| 52 | + <?php if (isset($_POST['SQL_pass'])) echo 'value="'.htmlspecialchars($_POST['SQL_pass']).'"' ?> |
|
| 53 | 53 | required autocapitalize="off" autocomplete="off"> |
| 54 | 54 | </div> |
| 55 | 55 | <div class="form-group"> |
@@ -58,7 +58,7 @@ discard block |
||
| 58 | 58 | class=" form-control login_input" type="text" |
| 59 | 59 | name="SQL_name" |
| 60 | 60 | |
| 61 | - <?php if (isset($_POST['SQL_name'])) echo 'value="' . htmlspecialchars($_POST['SQL_name']) . '"' ?> |
|
| 61 | + <?php if (isset($_POST['SQL_name'])) echo 'value="'.htmlspecialchars($_POST['SQL_name']).'"' ?> |
|
| 62 | 62 | required> |
| 63 | 63 | </div> |
| 64 | 64 | <input class="btn btn-lg btn-primary" style="float:right;" type="submit" name="setup" |
@@ -1,16 +1,16 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | $db_link = serverConnect(); |
| 3 | 3 | |
| 4 | -$max = 'LIMIT ' . ($pageNum - 1) * $_SESSION['items'] . ',' . $_SESSION['items']; |
|
| 4 | +$max = 'LIMIT '.($pageNum - 1) * $_SESSION['items'].','.$_SESSION['items']; |
|
| 5 | 5 | |
| 6 | 6 | if (isset($search)) { |
| 7 | - $sql = "SELECT count(`logid`) FROM `logs` WHERE `logid` LIKE '" . $search . "' OR `user` LIKE '%" . $search . "%' OR `action` LIKE '%" . $search . "%' OR `level` LIKE '" . $search . "';"; |
|
| 7 | + $sql = "SELECT count(`logid`) FROM `logs` WHERE `logid` LIKE '".$search."' OR `user` LIKE '%".$search."%' OR `action` LIKE '%".$search."%' OR `level` LIKE '".$search."';"; |
|
| 8 | 8 | $total_records = $db_link->query($sql); |
| 9 | 9 | if ($pageNum > $total_records) { |
| 10 | 10 | $pageNum = $total_records; |
| 11 | 11 | } |
| 12 | - $sql = "SELECT `logid`,`date_time`,`user`,`action`,`level` FROM `logs` WHERE `logid` LIKE '" . $search . "' OR `user` LIKE '%" . $search . "%' OR `action` LIKE '%" . $search . "%' OR `level` LIKE '" . $search . "' ORDER BY `logid` DESC " . $max . " ;"; |
|
| 13 | - logAction($_SESSION['user_name'], $lang['searched'] . ' (' . $search . ') ' . $lang['in'] . ' ' . $lang['logs'], 2); |
|
| 12 | + $sql = "SELECT `logid`,`date_time`,`user`,`action`,`level` FROM `logs` WHERE `logid` LIKE '".$search."' OR `user` LIKE '%".$search."%' OR `action` LIKE '%".$search."%' OR `level` LIKE '".$search."' ORDER BY `logid` DESC ".$max." ;"; |
|
| 13 | + logAction($_SESSION['user_name'], $lang['searched'].' ('.$search.') '.$lang['in'].' '.$lang['logs'], 2); |
|
| 14 | 14 | } else { |
| 15 | 15 | $sql = "SELECT `logid` FROM `logs`;"; |
| 16 | 16 | $result_of_query = $db_link->query($sql); |
@@ -18,7 +18,7 @@ discard block |
||
| 18 | 18 | if ($pageNum > $total_records) { |
| 19 | 19 | $pageNum = $total_records; |
| 20 | 20 | } |
| 21 | - $sql = "SELECT `logid`,`date_time`,`user`,`action`,`level` FROM `logs` ORDER BY `logid` DESC " . $max . " ;"; |
|
| 21 | + $sql = "SELECT `logid`,`date_time`,`user`,`action`,`level` FROM `logs` ORDER BY `logid` DESC ".$max." ;"; |
|
| 22 | 22 | } |
| 23 | 23 | $result_of_query = $db_connection->query($sql); |
| 24 | 24 | if ($result_of_query->num_rows > 0) { |
@@ -28,7 +28,7 @@ discard block |
||
| 28 | 28 | <div class="col-lg-12"> |
| 29 | 29 | <h1 class="page-header"> |
| 30 | 30 | <?php echo $lang['logs']; ?> |
| 31 | - <small><?php echo " " . $lang['overview']; ?></small> |
|
| 31 | + <small><?php echo " ".$lang['overview']; ?></small> |
|
| 32 | 32 | </h1> |
| 33 | 33 | </div> |
| 34 | 34 | </div> |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | <div class="content-panel"> |
| 38 | 38 | <h4> |
| 39 | 39 | <i class="fa fa-edit"></i> |
| 40 | - <?php echo " " . $lang['logs']; |
|
| 40 | + <?php echo " ".$lang['logs']; |
|
| 41 | 41 | include("views/templates/search.php"); ?> |
| 42 | 42 | </h4> |
| 43 | 43 | <hr class="hidden-xs"> |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | <thead> |
| 46 | 46 | <tr> |
| 47 | 47 | <th class="hidden-xs"><i |
| 48 | - class="fa fa-pencil-square-o"></i> <?php echo $lang['log'] . ' ' . $lang['id'] ?> |
|
| 48 | + class="fa fa-pencil-square-o"></i> <?php echo $lang['log'].' '.$lang['id'] ?> |
|
| 49 | 49 | </th> |
| 50 | 50 | <th class="hidden-xs"><i class="fa fa-calendar"></i> <?php echo $lang['time']; ?></th> |
| 51 | 51 | <th class="hidden-xs"><i class="fa fa-user"></i> <?php echo $lang['user']; ?></th> |
@@ -57,11 +57,11 @@ discard block |
||
| 57 | 57 | <?php |
| 58 | 58 | while ($row = mysqli_fetch_assoc($result_of_query)) { |
| 59 | 59 | echo "<tr>"; |
| 60 | - echo "<td class='hidden-xs'>" . $row["logid"] . "</td>"; |
|
| 61 | - echo "<td class='hidden-xs'>" . $row["date_time"] . "</td>"; |
|
| 62 | - echo "<td class='hidden-xs'>" . $row["user"] . "</td>"; |
|
| 63 | - echo "<td>" . $row["action"] . "</td>"; |
|
| 64 | - echo "<td class='hidden-xs'>" . $row["level"] . "</td>"; |
|
| 60 | + echo "<td class='hidden-xs'>".$row["logid"]."</td>"; |
|
| 61 | + echo "<td class='hidden-xs'>".$row["date_time"]."</td>"; |
|
| 62 | + echo "<td class='hidden-xs'>".$row["user"]."</td>"; |
|
| 63 | + echo "<td>".$row["action"]."</td>"; |
|
| 64 | + echo "<td class='hidden-xs'>".$row["level"]."</td>"; |
|
| 65 | 65 | echo "</tr>"; |
| 66 | 66 | }; |
| 67 | 67 | echo "</tbody></table>"; |
@@ -16,7 +16,7 @@ |
||
| 16 | 16 | */ |
| 17 | 17 | public static function getField() |
| 18 | 18 | { |
| 19 | - return "<input name='token' value='" . $_SESSION['formtoken'][0] . "' type='hidden' />"; |
|
| 19 | + return "<input name='token' value='".$_SESSION['formtoken'][0]."' type='hidden' />"; |
|
| 20 | 20 | } |
| 21 | 21 | |
| 22 | 22 | /** |
@@ -6,7 +6,7 @@ discard block |
||
| 6 | 6 | $lang = array('English', 'en'); |
| 7 | 7 | array_push($settings['installedLanguage'], $lang); |
| 8 | 8 | $settings['version'] = 0.3; |
| 9 | - file_put_contents('config/settings.php', '<?php return ' . var_export($settings, true) . ';'); |
|
| 9 | + file_put_contents('config/settings.php', '<?php return '.var_export($settings, true).';'); |
|
| 10 | 10 | $updated = true; |
| 11 | 11 | } |
| 12 | 12 | if ($settings['version'] < 0.4) { |
@@ -17,8 +17,8 @@ discard block |
||
| 17 | 17 | $settings['2factor'] = true; |
| 18 | 18 | $settings['force2factor'] = 'none'; |
| 19 | 19 | $settings['version'] = 0.4; |
| 20 | - $settings['item'] = array(5,10,15,25,50); |
|
| 21 | - file_put_contents('config/settings.php', '<?php return ' . var_export($settings, true) . ';'); |
|
| 20 | + $settings['item'] = array(5, 10, 15, 25, 50); |
|
| 21 | + file_put_contents('config/settings.php', '<?php return '.var_export($settings, true).';'); |
|
| 22 | 22 | $updated = true; |
| 23 | 23 | } |
| 24 | 24 | if (isset($updated)) { |
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | $user_password_hash = password_hash($user_password, PASSWORD_DEFAULT); |
| 96 | 96 | |
| 97 | 97 | // check if user or email address already exists |
| 98 | - $sql = "SELECT * FROM `users` WHERE `user_name` = '" . $user_name . "' OR `user_email = '" . $user_email . "';"; |
|
| 98 | + $sql = "SELECT * FROM `users` WHERE `user_name` = '".$user_name."' OR `user_email = '".$user_email."';"; |
|
| 99 | 99 | $query_check_user_name = $this->db_connection->query($sql); |
| 100 | 100 | |
| 101 | 101 | if ($query_check_user_name->num_rows == 1) { |
@@ -108,7 +108,7 @@ discard block |
||
| 108 | 108 | |
| 109 | 109 | // write new user's data into database |
| 110 | 110 | $sql = "INSERT INTO `users` (`user_name`, `user_password_hash`, `user_email`, `playerid`, `user_level`, `permissions`, `user_profile`) VALUES |
| 111 | - ('" . $user_name . "', '" . $user_password_hash . "', '" . $user_email . "', '" . $_SESSION['playerid'] . "', '1', '" . $userPerms . "', '1');"; |
|
| 111 | + ('" . $user_name."', '".$user_password_hash."', '".$user_email."', '".$_SESSION['playerid']."', '1', '".$userPerms."', '1');"; |
|
| 112 | 112 | |
| 113 | 113 | $query_new_user_insert = $this->db_connection->query($sql); |
| 114 | 114 | |
@@ -13,7 +13,7 @@ discard block |
||
| 13 | 13 | case 'email': |
| 14 | 14 | if (isset($_POST['user_email'])) { |
| 15 | 15 | $email = $_POST['user_email']; |
| 16 | - $sql = "SELECT `user_id` FROM `users` WHERE `user_email` = '" . $email . "';"; |
|
| 16 | + $sql = "SELECT `user_id` FROM `users` WHERE `user_email` = '".$email."';"; |
|
| 17 | 17 | $result_of_query = $db_connection->query($sql); |
| 18 | 18 | if (mysqli_num_rows($result_of_query) == 1) { |
| 19 | 19 | $isAvailable = false; |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | case 'username': |
| 28 | 28 | if (isset($_POST['user_name'])) { |
| 29 | 29 | $username = $_POST['user_name']; |
| 30 | - $sql = "SELECT `user_id` FROM `users` WHERE `user_name` = '" . $username . "';"; |
|
| 30 | + $sql = "SELECT `user_id` FROM `users` WHERE `user_name` = '".$username."';"; |
|
| 31 | 31 | $result_of_query = $db_connection->query($sql); |
| 32 | 32 | if (mysqli_num_rows($result_of_query) == 1) { |
| 33 | 33 | $isAvailable = false; |
@@ -12,7 +12,7 @@ |
||
| 12 | 12 | switch ($_POST['type']) { |
| 13 | 13 | case 'username': |
| 14 | 14 | $username = clean($_POST['server_name'], 'string'); |
| 15 | - $sql = "SELECT `name` FROM `servers` WHERE `name` = '" . $username . "'"; |
|
| 15 | + $sql = "SELECT `name` FROM `servers` WHERE `name` = '".$username."'"; |
|
| 16 | 16 | $result_of_query = $db_connection->query($sql); |
| 17 | 17 | if (mysqli_num_rows($result_of_query) == 1) { |
| 18 | 18 | $isAvailable = false; |
@@ -8,7 +8,7 @@ |
||
| 8 | 8 | if (isset($_POST['current_password'])) { |
| 9 | 9 | $db_connection = masterConnect(); |
| 10 | 10 | $isAvailable = false; |
| 11 | - $sql = "SELECT `user_password_hash` FROM `users` WHERE `user_name` = '" . $_SESSION['user_name'] . "' "; |
|
| 11 | + $sql = "SELECT `user_password_hash` FROM `users` WHERE `user_name` = '".$_SESSION['user_name']."' "; |
|
| 12 | 12 | $user = $db_connection->query($sql)->fetch_object(); |
| 13 | 13 | if (password_verify($_POST['current_password'], $user->user_password_hash)) { |
| 14 | 14 | $isAvailable = true; |
