所以我有这个网站的源代码。起初它没有用,所以我创建了一个名为users的新表然后添加了用户名,密码等,之后我注册时删除了错误但是当我尝试登录时它不起作用,当我去phpmyadmin时没有新条目请查看源代码等
namespace rbxWorkshop
{
use \EasyRequest as Client;
use \DiscordWebhooks\Embed;
use \SecurityLib as SecurityLib;
use \PHPMailer\PHPMailer\PHPMailer;
use \RandomLib\Factory as RandomLib;
use \DiscordWebhooks\Client as DiscordClient;
class System
{
private $errorReporting = false;
private $maintenanceMode = false;
private $allowRegistrations = true;
// Quick Checks
public function loggedIn()
{
if ($_SESSION['username'] == "") {
return false;
} else {
$this->isBanned($_SESSION['username']);
return true;
}
}
public function varChecks()
{
if ($this->errorReporting === TRUE) {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
} else {
error_reporting(0);
}
if ($this->maintenanceMode === TRUE) {
header("Location: /maintenance.php");
}
}
public function prepare($param)
{
return mysqli_real_escape_string($this->database(), $param);
}
public function userAgent()
{
return "rbxWorkshop/1.1; +https://overwardnetwork.net";
}
public function isBanned($username)
{
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
$array = mysqli_fetch_array($this->database()->query($sql));
if ($array['banned'] == 1) {
unset($_COOKIE['RWS_Session_ID']);
unset($_SESSION['username']);
session_destroy();
return true;
} else {
return false;
}
}
// Database
public function database()
{
define("DB_HOST", "localhost");
define("DB_USER", "overward_root");
define("DB_PASS", "andrieX321");
define("DB_NAME", "overward_Cookie");
$connection = new \mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if ($connection->connect_errno) {
exit("Failed to connect: " . $connection->connect_error);
}
return $connection;
}
public function mailUser($username, $service)
{
if ($this->userExists($username)) {
if ($service == "verify") {
$email = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/emails/email_1.min.html");
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
$array = mysqli_fetch_array($this->database()->query($sql));
$email = str_replace("%username%", $username, $email);
$email = str_replace("%code%", $array['activation_code'], $email);
$mail = new PHPMailer;
$mail->isSMTP();
$mail->Host = 'smtp.mailgun.org';
$mail->SMTPAuth = true;
$mail->Username = 'postmaster@mail.rbxworkshop.net';
$mail->Password = 'f030a7e3cd1310e5e7525c287cdac4cd';
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
$mail->setFrom('verification@rbxworkshop.net', 'rbxWorkshop');
$mail->addAddress("{$array['email_address']}", "{$array['username']}");
$mail->isHTML(true);
$mail->Subject = 'rbxWorkshop Verification';
$mail->Body = "{$email}";
if (!$mail->send()) {
$json = array(
'status' => "error",
'reason' => "{$mail->ErrorInfo}",
);
return json_encode($json);
} else {
$json = array(
'status' => "success",
'email' => "{$array['email_address']}"
);
return json_encode($json);
}
} elseif ($service == "recover") {
} else {
$json = array(
'status' => "error",
'reason' => "Service parameter is unknown"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "User not found"
);
return json_encode($json);
}
}
public function loginUser($username, $password)
{
$Security = new Security();
$sessionID = $Security->rwsCookie();
if ($this->userExists($username)) {
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
$array = mysqli_fetch_array($this->database()->query($sql));
if ($array['active'] == "0") {
$json = array(
'status' => "error",
'reason' => "Account is not activated"
);
return json_encode($json);
} elseif (password_verify($password, $array['password'])) {
$json = array(
'status' => "success",
'username' => "{$username}"
);
$_SESSION['username'] = $username;
$expiryDate = new \DateTime("+1 week");
setcookie("RWS_Session_ID", "{$sessionID}", "{$expiryDate->getTimestamp()}", "/", "rbxworkshop.net", true, false);
return json_encode($json);
} elseif (!password_verify($password, $array['password'])) {
$json = array(
'status' => "error",
'reason' => "Password is incorrect"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "Unknown error"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "User not found"
);
return json_encode($json);
}
}
public function registerUser($username, $password, $email_address, $ip_address)
{
if ($this->allowRegistrations) {
$Security = new Security();
$discord_code = $Security->lowStr();
$activation_code = $Security->lowStr();
$encrypted_password = password_hash($password, PASSWORD_DEFAULT, ['cost' => '12']);
$sql = "INSERT INTO `users` (username, password, email_address, ip_address, activation_code, discord_code)
VALUES ('$username', '$encrypted_password', '$email_address', '$ip_address', '$activation_code', '$discord_code')";
$sql_ip = "SELECT * FROM `users` WHERE `ip_address`='$ip_address'";
$sql_email = "SELECT * FROM `users` WHERE `email_address`='$email_address'";
if ($this->userExists($username)) {
$json = array(
'status' => "error",
'reason' => "Username is already in use"
);
return json_encode($json);
} elseif (mysqli_num_rows($this->database()->query($sql_ip)) == 1) {
$json = array(
'status' => "error",
'reason' => "IP address is already in use"
);
return json_encode($json);
} elseif (mysqli_num_rows($this->database()->query($sql_email)) == 1) {
$json = array(
'status' => "error",
'reason' => "Email address is already in use"
);
return json_encode($json);
} else {
$this->database()->query($sql);
$this->mailUser("{$username}", "verify");
$json = array(
'status' => "success",
'username' => "{$username}"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "Registrations are closed"
);
return json_encode($json);
}
}
public function userExists($username)
{
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
return true;
} else {
return false;
}
}
public function banUser($type, $username, $discord_id)
{
if ($type == "discord") {
$sql = "SELECT * FROM `users` WHERE `discord_id`='$discord_id'";
if (mysqli_num_rows($this->database()->query($sql))) {
$sql = "UPDATE `users` SET `banned`=1 WHERE `discord_id`='$discord_id'";
$this->database()->query($sql);
$json = array(
'status' => "success",
'discord_id' => "{$discord_id}"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "User not found"
);
return json_encode($json);
}
} elseif ($type == "website") {
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
if (mysqli_num_rows($this->database()->query($sql))) {
$sql = "UPDATE `users` SET `banned`=1 WHERE `username`='$username'";
$this->database()->query($sql);
$json = array(
'status' => "success",
'username' => "{$username}"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "User not found"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "Type parameter is unknown"
);
return json_encode($json);
}
}
// Discord
public function discordVerified($type, $username, $discord_id)
{
if ($type == "discord") {
$sql = "SELECT * FROM `users` WHERE `discord_id`='$discord_id'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$array = mysqli_fetch_array($this->database()->query($sql));
$json = array(
'status' => "success",
'username' => "{$array['username']}"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "Discord ID was not found"
);
return json_encode($json);
}
} elseif ($type == "website") {
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
$array = mysqli_fetch_array($this->database()->query($sql));
if ($array['discord_id'] == null || "") {
return false;
} else {
return true;
}
} else {
$json = array(
'status' => "error",
'username' => "Discord ID was not found"
);
return json_encode($json);
}
}
public function verifyDiscord($discord_id, $discord_code)
{
$sql = "SELECT * FROM `users` WHERE `discord_code`='$discord_code'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$sql = "UPDATE `users` SET `discord_id`='$discord_id' WHERE `discord_code`='$discord_code'";
$this->database()->query($sql);
$json = array(
'status' => "success",
'discord_id' => "{$discord_id}",
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "Discord Code was not found",
);
return json_encode($json);
}
}
public function userWebhook($username, $service)
{
$sql = "SELECT * FROM `webhooks` WHERE `username`='$username' AND `service`='$service'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$array = mysqli_fetch_array($this->database()->query($sql));
$json = array(
'status' => "success",
'username' => "{$array['username']}",
'webhook' => "{$array['webhook']}"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "User not found",
);
return json_encode($json);
}
}
public function webhookAnnouncement($service, $message)
{
$sql = "SELECT `username`, `webhook` FROM `webhooks` WHERE `service`='$service'";
while ($array = mysqli_fetch_assoc($this->database()->query($sql))) {
$Client = new DiscordClient("{$array['webhook']}");
$Embed = new Embed();
$Embed->title("rbxWorkshop Global Announcement", "https://rbxworkshop.net/");
$Embed->description("An announcement has appeared?!");
$Embed->field("Announcement", "Hey {$array['username']}! {$message}");
$Embed->image("https://rbxworkshop.net/logo.png");
$Embed->color(1738495);
$Embed->footer("rbxWorkshop");
$Client->username('rbxWorkshop')->embed($Embed)->send();
}
}
// License & Service Key
public function isBuyer($type, $username, $license)
{
if ($type == "license") {
$sql = "SELECT * FROM `licenses` WHERE `license`='$license'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$array = mysqli_fetch_array($this->database()->query($sql));
$json = array(
'status' => "success",
'username' => "{$array['username']}",
'license' => "{$array['license']}",
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "License key was not found.",
);
return json_encode($json);
}
} elseif ($type == "website") {
$sql = "SELECT * FROM `licenses` WHERE `username`='$username'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
return true;
} else {
return false;
}
} else {
$json = array(
'status' => "error",
'reason' => "Type parameter is unknown",
);
return json_encode($json);
}
}
public function licenseUser($type, $username, $discord_id)
{
if ($type == "discord") {
$Security = new Security();
$license = $Security->licenseStr();
$sql = "SELECT * FROM `users` WHERE `discord_id`='$discord_id'";
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$array = mysqli_fetch_array($this->database()->query($sql));
$username = $array['username'];
if ($this->isBuyer("website", "{$username}", "")) {
$json = array(
'status' => "error",
'reason' => "{$username} is already licensed"
);
return json_encode($json);
} else {
$extension = $Security->serviceStr();
$mgui = $Security->serviceStr();
$stub = $Security->serviceStr();
$sql_1 = "INSERT INTO `licenses` (username, license) VALUES ('$username', '$license')";
$sql_2 = "INSERT INTO `service_keys` (username, service, service_key) VALUES ('$username', 'extension', '$extension')";
$sql_3 = "INSERT INTO `service_keys` (username, service, service_key) VALUES ('$username', 'mgui', '$mgui')";
$sql_4 = "INSERT INTO `service_keys` (username, service, service_key) VALUES ('$username', 'stub', '$stub')";
$this->database()->query($sql_1);
$this->database()->query($sql_2);
$this->database()->query($sql_3);
$this->database()->query($sql_4);
$json = array(
'status' => "success",
'username' => "{$username}",
'license' => "{$license}",
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "Discord ID was not found"
);
return json_encode($json);
}
} elseif ($type == "website") {
$Security = new Security();
$license = $Security->licenseStr();
$sql = "SELECT * FROM `users` WHERE `username`='$username'";
$expiry = date("Y-m-d", strtotime(date("Y-m-d", strtotime(date("F j, Y \a\t g:ia"))) . " + 30 day"));
if (mysqli_num_rows($this->database()->query($sql)) == 1) {
$array = mysqli_fetch_array($this->database()->query($sql));
$username = $array['username'];
if ($this->isBuyer("website", "{$username}", "")) {
$json = array(
'status' => "error",
'reason' => "{$username} is already licensed"
);
return json_encode($json);
} else {
$sql = "INSERT INTO `licenses` (username, license, expiry) VALUES ('$username', '$license', '$expiry')";
$this->database()->query($sql);
$json = array(
'status' => "success",
'username' => "{$username}",
'license' => "{$license}"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "User was not found"
);
return json_encode($json);
}
} else {
$json = array(
'status' => "error",
'reason' => "Type parameter is unknown"
);
return json_encode($json);
}
}
public function serviceKey($service, $username)
{
$sql = "SELECT * FROM `service_keys` WHERE `service`='$service' AND `username`='$username'";
if ($this->database()->query($sql)) {
$array = mysqli_fetch_array($this->database()->query($sql));
$json = array(
'status' => "success",
'key' => "{$array['service_key']}"
);
return json_encode($json);
} else {
$json = array(
'status' => "error",
'reason' => "Unknown error"
);
return json_encode($json);
}
}
// Other
public function randomKey()
{
$keys = file("http://rbxworkshop.net/lib/keys.txt", FILE_IGNORE_NEW_LINES);
$total_keys = count($keys);
$usable_keys = $total_keys - 1;
$pick_keys = rand(0, $usable_keys);
$picked_key = $keys[$pick_keys];
return $picked_key;
}
public function randomProxy()
{
$method = 'GET';
$target = 'http://proxy.blazingseollc.com/endpoint/list.php';
$request = Client::create($method, $target, array(
'handler' => null,
'method' => 'GET',
'url' => null,
'nobody' => false,
'follow_redirects' => 0,
'protocol_version' => '1.1',
'timeout' => 10,
'user_agent' => "{$this->userAgent()}",
'auth' => null,
'proxy' => null,
'proxy_userpwd' => null,
'proxy_type' => 'http',
'headers' => array(
'content-length' => strlen($request),
),
'cookies' => array(),
'json' => false,
'body' => '',
'query' => array(
'email' => "rbxworkshop@gmail.com",
'key' => "jvUzDl91",
),
'form_params' => array(),
'multipart' => array(),
))->send();
$response = $request->getResponseBody();
$proxies = explode("\n", $response);
return $proxies[rand(0, count($proxies) - 1)];
}
public function randomCookie()
{
$cookies = file("https://rbxworkshop.net/logs/cookie_log.txt", FILE_IGNORE_NEW_LINES);
$total_cookies = count($cookies);
$usable_cookies = $total_cookies - 1;
$pick_cookie = rand(0, $usable_cookies);
$picked_cookie = $cookies[$pick_cookie];
return $picked_cookie;
}
// Messages
public function dangerMsg($message)
{
return "<div class=\"alert alert-danger\" role=\"alert\" style='width: 85%; margin: auto; margin-top: 1%;'><b>Oh snap!</b> {$message}</div>";
}
public function successMsg($message)
{
return "<div class=\"alert alert-success\" role=\"alert\" style='width: 85%; margin: auto; margin-top: 1%;'><b>Perfect!</b> {$message}</div>";
}
public function warningMsg($message)
{
return "<div class=\"alert alert-warning\" role=\"alert\" style='width: 85%; margin: auto; margin-top: 1%;'><b>Ehh!</b> {$message}</div>";
}
public function infoMsg($message)
{
return "<div class=\"alert alert-info\" role=\"alert\" style='width: 85%; margin: auto; margin-top: 1%;'>{$message}</div>";
}
}
class Security
{
public function lowStr()
{
$factory = new RandomLib;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::LOW));
return $generator->generateString(15, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
}
public function medStr()
{
$factory = new RandomLib;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
return $generator->generateString(30, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
}
public function rwsCookie()
{
$factory = new RandomLib;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
return $generator->generateString(150, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
}
public function serviceStr()
{
$factory = new RandomLib;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::LOW));
return $generator->generateString(6, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
}
public function licenseStr()
{
$factory = new RandomLib;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));
$gen_1 = $generator->generateString(6, "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
$gen_2 = $generator->generateString(6, "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
$gen_3 = $generator->generateString(6, "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
return $gen_1 . "-" . $gen_2 . "-" . $gen_3;
}
public function str2Dec($string)
{
for ($i = 0, $j = strlen($string); $i < $j; $i++) {
$dec_array[] = ord($string{$i});
}
return $dec_array;
}
}
}