1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
<?php
/* InstaDisc Server - A Four Island Project */
include_once('db.php');
function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
{
$getverid = "SELECT * FROM oldVerID WHERE name = \"" . mysql_escape_string($username) . "\" AND verID = " . $verificationID;
$getverid2 = mysql_query($getverid);
$getverid3 = mysql_fetch_array($getverid2);
if ($getverid3['id'] != $verificationID)
{
$getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_escape_string($username) . "\"";
$getitem2 = mysql_query($getitem);
$getitem3 = mysql_fetch_array($getitem2);
if ($getitem3[$nameField] == $username)
{
$test = $username . ':' . $getitem3[$passField] . ':' . $verificationID;
if (md5($test) == $verification)
{
$cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\"";
$cntverid2 = mysql_query($cntverid);
$cntverid3 = mysql_fetch_array($cntverid2);
if ($cntverid3[0] >= intval(getConfig('verIDBufferSize')))
{
$delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\"";
$delverid2 = mysql_query($delverid);
}
$insverid = "INSERT INTO oldVerID (name, verID) VALUES (\"" . mysql_escape_string($username) . "\", " . $verificationID . ")";
$insverid2 = mysql_query($insverid);
return true;
}
}
}
return false;
}
function instaDisc_sendItem($username, $id)
{
$getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id;
$getitem2 = mysql_query($getitem);
$getitem3 = mysql_fetch_array($getitem2);
if ($getitem3['username'] == $username)
{
$getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\"";
$getuser2 = mysql_query($getuser);
$getuser3 = mysql_fetch_array($getuser2);
$fp = fsockopen($getuser3['ip'], 4444, $errno, $errstr);
if ($fp)
{
$verID = rand(1,65536);
$out = 'ID: ' . $id . '\r\n';
$out .= 'Verification: ' . md5($username . ':' . $getuser3['password'] . ':' . $verID) . '\r\n';
$out .= 'Verification-ID: ' . $verID . '\r\n';
$out .= 'Subscription: ' . $getitem3['subscription'] . '\r\n';
$out .= 'Title: ' . $getitem3['title'] . '\r\n';
$out .= 'Author: ' . $getitem3['author'] . '\r\n';
$out .= 'URL: ' . $getitem3['url'] . '\r\n';
$out .= '\r\n\r\n';
fwrite($fp, $out);
fclose($fp);
}
}
}
function instaDisc_sendUpdateNotice($softwareVersion)
{
$username = getConfig('owner');
$subscription = 'http://' . $_SERVER['HTTP_HOST'];
$title = 'Update your software to ' . $software;
$author = 'Hatkirby';
$url = 'http://fourisland.com/projects/instadisc/wiki/CentralSoftwareUpdate';
$semantics = array();
instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics);
}
function instaDisc_sendDatabase($cserver)
{
$getdb = "SELECT * FROM centralServers";
$getdb2 = mysql_query($getdb);
$i=0;
while ($getdb3[$i] = mysql_fetch_array($getdb2))
{
$db[$getdb3[$i]['url']] = $getdb3[$i]['key'];
$i++;
}
$cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\"";
$getuk2 = mysql_query($getuk);
$getuk3 = mysql_fetch_array($getuk2);
$verID = rand(1,65536);
$client = new xmlrpc_client($cserver);
$msg = new xmlrpcmsg("InstaDisc.sendDatabase", array( new xmlrpcval($cserver2, 'string'),
new xmlrpcval(md5($cserver2 + ":" + $getuk3['key'] + ":" + $verID), 'string'),
new xmlrpcval($verID, 'int'),
new xmlrpcval($db, 'array')));
$client->send($msg);
}
function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics)
{
$getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\"";
$getuser2 = mysql_query($getuser);
$getuser3 = mysql_fetch_array($getuser2);
if ($getuser3['username'] == $username)
{
$itemID = $getuser3['nextItemID'];
$setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_escape_string($username) . "\"";
$setuser2 = mysql_query($setuser);
$insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics) VALUES (\"" . mysql_escape_string($username) . "\", " . $itemID . ", \"" . mysql_escape_string($subscription) . "\", \"" . mysql_escape_string($title) . "\", \"" . mysql_escape_string($author) . "\", \"" . mysql_escape_string($url) . "\", \"" . mysql_escape_string(serialize($semantics)) . "\")";
$insitem2 = mysql_query($insitem);
instaDisc_sendItem($username, $itemID);
}
}
?>
|
