commit 3c7930ed3e1eba866e8ab35875138248e89ccb98
parent 3cba3349da9f90f9cf89cb4fbc54553a6e8b63fa
Author: kocotian <kocotian@kocotian.pl>
Date: Sat, 5 Dec 2020 16:37:31 +0100
better authorization, neofetch, paying, etc.
Diffstat:
8 files changed, 78 insertions(+), 18 deletions(-)
diff --git a/auth.php b/auth.php
@@ -1,16 +1,20 @@
<?php
+ $unauthorized = 1;
require_once "require/nmps.php";
$user = db::query("SELECT * FROM users WHERE username=:username", ['username' => $argv[0]])[0];
if ($user)
if (password_verify($argv[1], $user['password'])) {
- $cstrong = true;
- $token = bin2hex(openssl_random_pseudo_bytes(64, $cstrong));
- db::query("INSERT INTO authTokens (userId, token) VALUES (:userId, :token)", [':userId' => $user['id'], ':token' => sha1($token)]);
- echo "Authorized\n" . $token;
- }
- else
+ if (!count(db::query("SELECT * FROM authTokens WHERE userId=:userId", [':userId' => $user['id']]))) {
+ $cstrong = true;
+ $token = bin2hex(openssl_random_pseudo_bytes(64, $cstrong));
+ db::query("INSERT INTO authTokens (userId, token, addressBefore, addressAfter) VALUES (:userId, :token, :addressBefore, :addressAfter)", [':userId' => $user['id'], ':token' => sha1($token), ':addressBefore' => $user['lastAddress'], ':addressAfter' => $_SERVER['REMOTE_ADDR']]);
+ db::query("UPDATE users SET lastAddress=:ip WHERE id=:userId", [':ip' => $_SERVER['REMOTE_ADDR'], ':userId' => $user['id']]);
+ echo "Authorized\n" . $token;
+ } else
+ echo "You can log in on one account in the same time only";
+ } else
echo "Wrong password";
else
echo "Unexisting account";
diff --git a/exit.php b/exit.php
@@ -1,5 +1,5 @@
<?php
require_once "require/nmps.php";
- db::query("DELETE FROM authTokens WHERE token=:token", [':token' => sha1($authToken)]);
+ db::query("DELETE FROM authTokens WHERE userId=:userId", [':userId' => $userinfo['id']]);
echo "\004\001";
diff --git a/motd.php b/motd.php
@@ -1,10 +1,15 @@
<?php
+
+require_once "require/nmps.php";
+
$eq = "\033[1;33m=======================";
for ($i = 0; $i < strlen($_SERVER['SERVER_NAME']); ++$i)
$eq .= "=";
echo $eq . "
-\033[1;97mWelcome to the \033[1;33m{$_SERVER['SERVER_NAME']} \033[1;97mserver!
+\033[1;97mWelcome to the \033[1;33m{$_SERVER['SERVER_NAME']} \033[1;97mserver!" .
+($userinfo['addressBefore'] != "0.0.0.0" ?
+ "\n\033[1;97mLast logged from \033[1;33m{$userinfo['addressBefore']}" : "") . "
\033[1;97mToday is \033[1;33m" . date("Y/m/d") . "
\033[1;97mWrite \033[1;33mhelp \033[1;97mfor help.
diff --git a/neofetch.php b/neofetch.php
@@ -0,0 +1,28 @@
+<?php
+require_once "require/nmps.php";
+
+echo "\033[?25l\033[?7l\033[0m\033[36m\033[1m
+\033[0;33m _ __ \033[1;33m _ __ ___ _ __ \033[0;33m ___
+\033[0;93m| '_ \\\033[1;93m| '_ ` _ \| '_ \\\033[0;93m/ __|
+\033[0;97m| | | \033[1;97m| | | | | | |_) \033[0;97m\__ \
+\033[0;93m|_| |_\033[1;93m|_| |_| |_| .__/\033[0;93m|___/
+\033[0;33m \033[1;33m |_| \033[0;33m
+\033[0m
+" .
+/* =================================================================== */
+ "
+\033[8A\033[9999999D\033[30C\033[0m\033[1m\033[33m\033[1m{$userinfo['username']}\033[0m@\033[33m\033[1m{$_SERVER['HTTP_HOST']}\033[0m
+\033[30C\033[0m-------------\033[0m
+\033[30C\033[0m\033[33m\033[1mOS\033[0m\033[0m:\033[0m Nevada Multiplayer Shell\033[0m
+\033[30C\033[0m\033[33m\033[1mIP\033[0m\033[0m:\033[0m {$userinfo['lastAddress']}\033[0m
+\033[30C\033[0m\033[33m\033[1mShell\033[0m\033[0m:\033[0m nmps\033[0m
+\033[30C\033[0m\033[33m\033[1mLast online\033[0m\033[0m:\033[0m {$userinfo['lastOnline']}\033[0m
+\033[30C\033[0m\033[33m\033[1mMoney\033[0m\033[0m:\033[0m \${$userinfo['money']}\033[0m
+\033[30C\033[0m\033[33m\033[1mLevel\033[0m\033[0m:\033[0m {$userinfo['level']}\033[0m
+\033[30C\033[0m\033[33m\033[1mXP\033[0m\033[0m:\033[0m {$userinfo['xp']}\033[0m
+
+\033[30C\033[30m\033[40m \033[31m\033[41m \033[32m\033[42m \033[33m\033[43m \033[34m\033[44m \033[35m\033[45m \033[36m\033[46m \033[37m\033[47m \033[m
+\033[30C\033[38;5;8m\033[48;5;8m \033[38;5;9m\033[48;5;9m \033[38;5;10m\033[48;5;10m \033[38;5;11m\033[48;5;11m \033[38;5;12m\033[48;5;12m \033[38;5;13m\033[48;5;13m \033[38;5;14m\033[48;5;14m \033[38;5;15m\033[48;5;15m \033[m
+
+
+\033[?25h\033[?7h";
diff --git a/pay.php b/pay.php
@@ -3,11 +3,17 @@
require_once "require/nmps.php";
$user = db::query("SELECT * FROM users WHERE username=:username", ['username' => $argv[0]])[0];
- if ($user) {
- echo "\033[1;33musername: \033[0;33m" . $user['username'] . "\n";
- echo "\033[1;33mlast online: \033[0;33m" . $user['lastOnline'] . "\n";
- echo "\033[1;33mmoney: \033[0;33m" . $user['money'] . "\n";
- echo "\033[1;33mlevel: \033[0;33m" . $user['level'] . "\n";
- echo "\033[1;33mxp: \033[0;33m" . $user['xp'] . "\n";
+ if (count($user)) {
+ if (is_numeric($argv[1])) {
+ if ($argv[1] > 0) {
+ if ($userinfo['money'] >= $argv[1]) {
+ db::query("UPDATE users SET money = money - :amount WHERE id=:id", [':amount' => $argv[1], ':id' => $userinfo['id']]);
+ db::query("UPDATE users SET money = money + :amount WHERE id=:id", [':amount' => $argv[1], ':id' => $user['id']]);
+ } else
+ echo "\033[1;31mYou don't have enough money";
+ } else
+ echo "\033[1;31mYou can pay money that's greater than 0 only 😳";
+ } else
+ echo "\033[1;31mArgument is not a number";
} else
echo "\033[1;31mUser doesn't exists";
diff --git a/require/nmps.php b/require/nmps.php
@@ -1,15 +1,23 @@
<?php
$argv = explode("\1", $_SERVER['HTTP_ARGV']);
+db::query("DELETE FROM authTokens WHERE UNIX_TIMESTAMP(CURRENT_TIMESTAMP) - UNIX_TIMESTAMP(lastUsage) >= 300");
if (!isset($unauthorized)) {
$authToken = $_SERVER['HTTP_AUTH_TOKEN'];
- $userinfo = db::query("SELECT users.* FROM users, authTokens WHERE
- authTokens.token=:token AND
- authTokens.userId=users.id", [':token' => sha1($authToken)])[0];
- if (count($userinfo))
+ $userinfo = db::query("SELECT users.*, authTokens.addressBefore, authTokens.addressAfter
+ FROM users, authTokens
+ WHERE authTokens.token=:token
+ AND authTokens.userId=users.id", [':token' => sha1($authToken)])[0];
+ if (count($userinfo)) {
db::query("UPDATE users SET lastOnline=CURRENT_TIMESTAMP WHERE id=:userId",
[':userId' => $userinfo['id']]);
+ db::query("UPDATE authTokens SET lastUsage=CURRENT_TIMESTAMP WHERE token=:token",
+ [':token' => sha1($authToken)]);
+ } else {
+ echo "\004\001\033[1;31mDisconnected from server";
+ exit(0);
+ }
}
class db
diff --git a/userinfo.php b/userinfo.php
@@ -2,6 +2,7 @@
require_once "require/nmps.php";
+ if (!strlen($argv[0])) $argv[0] = $userinfo['username'];
$user = db::query("SELECT * FROM users WHERE username=:username", ['username' => $argv[0]])[0];
if ($user) {
echo "\033[1;33musername: \033[0;33m" . $user['username'] . "\n";
diff --git a/who.php b/who.php
@@ -0,0 +1,8 @@
+<?php
+require_once "require/nmps.php";
+
+$onlineUsers = db::query("SELECT *, UNIX_TIMESTAMP(CURRENT_TIMESTAMP) - UNIX_TIMESTAMP(users.lastOnline) AS timeDifference FROM users WHERE UNIX_TIMESTAMP(CURRENT_TIMESTAMP) - UNIX_TIMESTAMP(users.lastOnline) < 300");
+echo "\033[1;97mNow online:";
+foreach ($onlineUsers as $onlineUser) {
+ echo "\n\033[0;97m" . $onlineUser['username'] . str_repeat(" ", 16 - strlen($onlineUser['username'])) . "\033[0;33m" . $onlineUser['lastAddress'] . str_repeat(" ", 16 - strlen($onlineUser['lastAddress'])) . "\033[0;97m" . ($onlineUser['timeDifference'] > 60 ? (" \033[0;33m(\033[1;33m" . $onlineUser['timeDifference'] . " \033[0;33mseconds ago)") : "");
+}
