<?php

/* InstaDisc Server - A Four Island Project */

include_once('includes/db.php');

function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
{
	$getverid = "SELECT * FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" AND verID = " . $verificationID;
	$getverid2 = mysql_query($getverid);
	$getverid3 = mysql_fetch_array($getverid2);
	if ($getverid3['id'] != $verificationID)
	{
		$getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_real_escape_string($username) . "\"";
		$getitem2 = mysql_query($getitem);
		$getitem3 = mysql_fetch_array($getitem2);
		if ($getitem3[$nameField] == $username)
		{
			$test = $username . ':' . $getitem3[$passField] . ':' . $verificationID;

			if (md5($test) == $verification)
			{
				$cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\"";
				$cntverid2 = mysql_query($cntverid);
				$cntverid3 = mysql_fetch_array($cntverid2);
				if ($cntverid3[0] >= intval(instaDisc_getConfig('verIDBufferSize')))
				{
					$delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" LIMIT 0,1";
					$delverid2 = mysql_query($delverid);
				}

				$insverid = "INSERT INTO oldVerID (username, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")";
				$insverid2 = mysql_query($insverid);

				if (($table == 'users') && ($getitem3['ip'] != $_SERVER['REMOTE_ADDR']))
				{
					$setuser = "UPDATE users SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\" WHERE id = " . $getitem3['id'];
					$setuser2 = mysql_query($setuser);
				}

				return true;
			}
		}
	}

	return false;
}

function instaDisc_sendItem($username, $id)
{
	$getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id;
	$getitem2 = mysql_query($getitem);
	$getitem3 = mysql_fetch_array($getitem2);
	if ($getitem3['username'] == $username)
	{
		$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\"";
		$getuser2 = mysql_query($getuser);
		$getuser3 = mysql_fetch_array($getuser2);

		if (($getuser3['downloadItemMode'] == 'Push') && ($getuser3['port'] != 0))
		{
			$fp = @fsockopen($getuser3['ip'], $getuser3['port'], $errno, $errstr);
			if ($fp)
			{
				$title = str_replace(': ', '__INSTADISC__', $getitem3['title']);

				$out = instaDisc_formItem($username, $id, "\r\n") . "\r\n\r\n";

				fwrite($fp, $out);
				fclose($fp);

				return true;
			} else {
				return false;
			}
		}
	}
}

function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics, $encryptionID = 0)
{
	$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\"";
	$getuser2 = mysql_query($getuser);
	$getuser3 = mysql_fetch_array($getuser2);
	if ($getuser3['username'] == $username)
	{
		$itemID = $getuser3['nextItemID'];
		$setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_real_escape_string($username) . "\"";
		$setuser2 = mysql_query($setuser);

		$insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics, encryptionID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $itemID . ", \"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($title) . "\", \"" . mysql_real_escape_string($author) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($semantics) . "\"," . $encryptionID . ")";
		$insitem2 = mysql_query($insitem);

		if ($getuser3['downloadItemMode'] == 'Push')
		{
			instaDisc_sendItem($username, $itemID);
		}
	}
}

function instaDisc_createUser($username, $password)
{
	$insuser = "INSERT INTO users (username, password) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($password) . "\")";
	$insuser2 = mysql_query($insuser);
}

function instaDisc_getConfig($key)
{
	$getconfig = "SELECT * FROM config WHERE name = \"" . mysql_real_escape_string($key) . "\"";
	$getconfig2 = mysql_query($getconfig);
	$getconfig3 = mysql_fetch_array($getconfig2);

	return $getconfig3['value'];
}

function instaDisc_changePassword($username, $password)
{
	$setpass = "UPDATE users WHERE username = \"" . mysql_real_escape_string($username) . "\" SET password = \"" . mysql_real_escape_string(md5($password)) . "\"";
	$setpass2 = mysql_query($setpass);
}

function instaDisc_initalizePort($username)
{
	$getports = "SELECT * FROM users WHERE ip = \"" . mysql_real_escape_string($username) . "\" AND port <> 0 ORDER BY port ASC";
	$getports2 = mysql_query($getports);
	$i=0;
	while ($getports3[$i] = mysql_fetch_array($getports2))
	{
		$i++;
	}

	if ($i==0)
	{
		$port = 1204;
	} else if ($i>=4331)
	{
		return 0;
	} else {
		$port = (61204 + ($i-1));
	}

	$setuser = "UPDATE users SET port = " . $port . " WHERE username = \"" . mysql_real_escape_string($username) . "\"";
	$setuser2 = mysql_query($setuser);

	return $port;
}

function instaDisc_formItem($username, $id, $ln = "\n")
{
	$getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id;
	$getitem2 = mysql_query($getitem);
	$getitem3 = mysql_fetch_array($getitem2);
	if ($getitem3['username'] == $username)
	{
		$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\"";
		$getuser2 = mysql_query($getuser);
		$getuser3 = mysql_fetch_array($getuser2);

		$verID = rand(1,2147483647);

		$out = 'ID: ' . $id . $ln;
		$out .= 'Verification: ' . md5($username . ':' . $getuser3['password'] . ':' . $verID) . $ln;
		$out .= 'Verification-ID: ' . $verID . $ln;
		$out .= 'Subscription: ' . $getitem3['subscription'] . $ln;
		$out .= 'Title: ' . $title . $ln;
		$out .= 'Author: ' . $getitem3['author'] . $ln;
		$out .= 'URL: ' . $getitem3['url'] . $ln;

		$semantics = unserialize($getitem3['semantics']);
		foreach ($semantics as $name => $value)
		{
			$value = str_replace(': ', '__INSTADISC__', $value);
			$out .= $name . ': ' . $value . $ln;
		}
		if ($getitem3['encryptionID'] != 0)
		{
			$out .= 'Encryption-ID: ' . $getitem3['encryptionID'] . $ln;
		}
	}
}

?>