diff --git a/admin/adduser.php b/admin/adduser.php index da08217a..5efcac71 100644 --- a/admin/adduser.php +++ b/admin/adduser.php @@ -3,12 +3,12 @@ * @Author: printempw * @Date: 2016-03-19 21:00:58 * @Last Modified by: printempw - * @Last Modified time: 2016-03-26 21:44:04 + * @Last Modified time: 2016-04-02 18:33:01 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); View::show('admin/header', array('page_title' => "添加用户")); -$db = new Database\Database(); +$db = new Database\Database('users'); ?>
diff --git a/admin/customize.php b/admin/customize.php index b8fc6bdb..183a3c72 100644 --- a/admin/customize.php +++ b/admin/customize.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-19 14:34:21 * @Last Modified by: printempw - * @Last Modified time: 2016-03-26 22:28:23 + * @Last Modified time: 2016-04-02 18:33:01 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); @@ -17,7 +17,7 @@ $data['style'] = <<< 'EOT' EOT; $data['page_title'] = "个性化"; View::show('admin/header', $data); -$db = new Database\Database(); +$db = new Database\Database('users'); ?>
diff --git a/admin/index.php b/admin/index.php index 5c07feb8..b623c5e5 100644 --- a/admin/index.php +++ b/admin/index.php @@ -3,12 +3,12 @@ * @Author: printempw * @Date: 2016-02-03 14:39:50 * @Last Modified by: printempw - * @Last Modified time: 2016-03-26 20:06:00 + * @Last Modified time: 2016-04-02 18:33:02 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); View::show('admin/header', array('page_title' => "仪表盘")); -$db = new Database\Database(); +$db = new Database\Database('users'); ?>
diff --git a/admin/manage.php b/admin/manage.php index 781c79a2..3dc42942 100644 --- a/admin/manage.php +++ b/admin/manage.php @@ -3,12 +3,12 @@ * @Author: printempw * @Date: 2016-03-06 14:19:20 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 10:53:06 + * @Last Modified time: 2016-04-02 18:33:02 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); View::show('admin/header', array('page_title' => "用户管理")); -$db = new Database\Database(); +$db = new Database\Database('users'); if (isset($_GET['show'])) { View::show('admin/show', ['uid' => (int)$_GET['show']]); diff --git a/admin/options.php b/admin/options.php index b55d59d5..b696be81 100644 --- a/admin/options.php +++ b/admin/options.php @@ -3,12 +3,12 @@ * @Author: printempw * @Date: 2016-03-18 22:50:25 * @Last Modified by: printempw - * @Last Modified time: 2016-03-26 22:28:23 + * @Last Modified time: 2016-04-02 18:33:02 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); View::show('admin/header', array('page_title' => "站点配置")); -$db = new Database\Database(); +$db = new Database\Database('users'); ?>
diff --git a/admin/update.php b/admin/update.php index 399dd06c..43854db2 100644 --- a/admin/update.php +++ b/admin/update.php @@ -3,12 +3,12 @@ * @Author: printempw * @Date: 2016-03-27 15:03:40 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 16:15:17 + * @Last Modified time: 2016-04-02 18:33:02 */ require "../libraries/session.inc.php"; if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员'); View::show('admin/header', array('page_title' => "检查更新")); -$db = new Database\Database(); +$db = new Database\Database('users'); ?>
diff --git a/libraries/Database/AdaptedDatabase.class.php b/libraries/Database/AdaptedDatabase.class.php index 33fa0651..4e650891 100644 --- a/libraries/Database/AdaptedDatabase.class.php +++ b/libraries/Database/AdaptedDatabase.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-18 16:53:55 * @Last Modified by: printempw - * @Last Modified time: 2016-04-02 18:13:50 + * @Last Modified time: 2016-04-02 22:14:12 */ namespace Database; @@ -15,59 +15,66 @@ use Option; class AdaptedDatabase extends Database implements EncryptInterface, SyncInterface { - protected $table_name; + protected $data_table; protected $column_uname; protected $column_passwd; protected $column_ip; - function __construct() { - parent::__construct(); - $this->table_name = Option::get('data_table_name'); + function __construct($table_name = '') { + parent::__construct($table_name); + $this->data_table = Option::get('data_table_name'); $this->column_uname = Option::get('data_column_uname'); $this->column_passwd = Option::get('data_column_passwd'); $this->column_ip = Option::get('data_column_ip'); } - public function createRecord($username, $password, $ip) { - $sql = "INSERT INTO ".$this->table_name." (".$this->column_uname.", ".$this->column_passwd.", ".$this->column_ip.") - VALUES ('$username', '$password', '$ip')"; - return $this->query($sql); - } - - public function sync($username) { - $exist_in_bs_table = $this->checkRecordExist('username', $username); - $exist_in_data_table = ($this->query("SELECT * FROM ".$this->table_name." - WHERE ".$this->column_uname."='$username'")->num_rows) ? true : false; + public function sync($username, $reverse = false) { + $exist_in_bs_table = $this->has('username', $username); + $exist_in_data_table = $this->has($this->column_uname, $username, $this->data_table); if ($exist_in_bs_table && !$exist_in_data_table) { $result = $this->select('username', $username); - $this->createRecord($username, $result['password'], $result['ip']); + + $this->insert(array( + $this->column_uname => $username, + $this->column_passwd => $result['password'], + $this->column_ip => $result['ip'] + ), $this->data_table); + + // recursion return $this->sync($username); } if (!$exist_in_bs_table && $exist_in_data_table) { - $result = $this->query("SELECT * FROM ".$this->table_name." - WHERE ".$this->column_uname."='$username'")->fetch_array(); + $result = $this->select($this->column_uname, $username, null, $this->data_table); + $this->insert(array( - "uname" => $username, - "passwd" => $result[$this->column_passwd], - "ip" => $result[$this->column_ip] - )); + "username" => $username, + "password" => $result[$this->column_passwd], + "ip" => $result[$this->column_ip] + )); + + // recursion return $this->sync($username); } if (!($exist_in_bs_table || $exist_in_data_table)) + // user not exists return false; if ($exist_in_bs_table && $exist_in_data_table) { $passwd1 = $this->select('username', $username)['password']; - $passwd2 = $this->query("SELECT * FROM ".$this->table_name." - WHERE ".$this->column_uname."='$username'")->fetch_array()[$this->column_passwd]; + $passwd2 = $this->select($this->column_uname, $username, null, $this->data_table)[$this->column_passwd]; + if ($passwd1 == $passwd2) { return true; } else { // sync password - $this->update($username, 'password', $passwd2); + if ($reverse) { + $this->update($this->column_passwd, $passwd1, ['where' => "$this->column_uname='$username'"], $this->data_table); + } else { + $this->update('password', $passwd2, ['where' => "username='$username'"]); + } return $this->sync($username); } } diff --git a/libraries/Database/AuthmeDatabase.class.php b/libraries/Database/AuthmeDatabase.class.php index 728f8001..a2911b9b 100644 --- a/libraries/Database/AuthmeDatabase.class.php +++ b/libraries/Database/AuthmeDatabase.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-13 11:59:32 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 12:32:25 + * @Last Modified time: 2016-04-02 22:03:39 */ namespace Database; @@ -12,13 +12,19 @@ use Database\AdaptedDatabase; class AuthmeDatabase extends AdaptedDatabase { + /** * Default SHA256 encryption method for Authme * * @see http://pastebin.com/1wy9g2HT */ public function encryptPassword($raw_passwd, $username="") { - $salt = $this->getPwdInfo($username)['salt']; + if ($this->has('username', $username)) { + $salt = $this->getPwdInfo($username)['salt']; + } else { + // generate random salt + $salt = \Utils::generateRndString(16); + } $hash = hash('sha256', hash('sha256', $raw_passwd).$salt); $encrypt = '$SHA$'.$salt.'$'. $hash; return $encrypt; @@ -32,8 +38,7 @@ class AuthmeDatabase extends AdaptedDatabase * @return array */ private function getPwdInfo($username) { - $hashed = $this->query("SELECT * FROM ".$this->table_name." - WHERE ".$this->column_uname."='$username'")->fetch_array()['password']; + $hashed = $this->select($this->column_uname, $username)['password']; $parts = explode('$', $hashed); $pwd_info['password'] = $parts[3]; $pwd_info['salt'] = $parts[2]; diff --git a/libraries/Database/Database.class.php b/libraries/Database/Database.class.php index 831b6970..0b386a7d 100644 --- a/libraries/Database/Database.class.php +++ b/libraries/Database/Database.class.php @@ -3,39 +3,36 @@ * @Author: printempw * @Date: 2016-02-02 21:59:06 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 14:50:39 + * @Last Modified time: 2016-04-02 22:50:41 */ namespace Database; -use Database\EncryptInterface; -use Database\SyncInterface; use Utils; -use Mysqli; use E; class Database implements EncryptInterface, SyncInterface { private $connection = null; - function __construct() { - $this->connection = self::checkConfig(); - } + private $table_name = ""; - function __destruct() { - $this->connection->close(); + function __construct($table_name = '') { + $this->connection = self::checkConfig(); + $this->table_name = DB_PREFIX.$table_name; } public static function checkConfig() { // use error control to hide shitty connect warnings - error_reporting(0); - $conn = new mysqli(DB_HOST, DB_USER, DB_PASSWD, DB_NAME, DB_PORT); - error_reporting(E_ALL ^ E_NOTICE); + @$conn = new \mysqli(DB_HOST, DB_USER, DB_PASSWD, DB_NAME, DB_PORT); if ($conn->connect_error) throw new E("无法连接至 MySQL 服务器。请确认 config.php 中的配置是否正确:".$conn->connect_error, $conn->connect_errno, true); - if (!self::checkTableExist($conn)) + + $sql = "SELECT table_name FROM `INFORMATION_SCHEMA`.`TABLES` WHERE (table_name ='".DB_PREFIX."users'OR table_name ='".DB_PREFIX."options') AND TABLE_SCHEMA='".DB_NAME."'"; + if ($conn->query($sql)->num_rows != 2) throw new E("数据库中不存在 ".DB_PREFIX."users 或 ".DB_PREFIX."options 表。请先访问 /setup 进行安装。", -1, true); + if (!is_dir(BASE_DIR."/textures/")) throw new E("textures 文件夹不存在。请先访问 /setup 进行安装,或者手动放置一个。", -1, true); @@ -43,70 +40,120 @@ class Database implements EncryptInterface, SyncInterface return $conn; } - public static function checkTableExist($conn) { - $sql = "SELECT table_name FROM - `INFORMATION_SCHEMA`.`TABLES` WHERE (table_name ='".DB_PREFIX."users' - OR table_name ='".DB_PREFIX."options') AND TABLE_SCHEMA='".DB_NAME."'"; - - if ($conn->query($sql)->num_rows != 2) - return false; - return true; - } - public function query($sql) { $result = $this->connection->query($sql); - if (!$this->connection->error) { - return $result; - } - throw new E("Database query error: ".$this->connection->error, -1); + if ($this->connection->error) + throw new E("Database query error: ".$this->connection->error.", Statement: ".$sql, -1); + return $result; } public function fetchArray($sql) { return $this->query($sql)->fetch_array(); } - public function select($key, $value) { - return $this->fetchArray("SELECT * FROM ".DB_PREFIX."users WHERE $key='$value'"); + /** + * Select records from table + * + * @param string $key + * @param string $value + * @param array $condition, see function `where` + * @param string $table, which table to operate + * @param boolean $dont_fetch_array, return resources if true + * @return array|resources + */ + public function select($key, $value, $condition = null, $table = null, $dont_fetch_array = false) { + $table = is_null($table) ? $this->table_name : $table; + + if (isset($condition['where'])) { + $sql = "SELECT * FROM $table".$this->where($condition); + } else { + $sql = "SELECT * FROM $table WHERE $key='$value'"; + } + + if ($dont_fetch_array) { + return $this->query($sql); + } else { + return $this->fetchArray($sql); + } + } - public function getNumRows($key, $value) { - $sql = "SELECT * FROM ".DB_PREFIX."users WHERE $key='$value'"; - return $this->query($sql)->num_rows; + public function has($key, $value, $table = null) { + return ($this->getNumRows($key, $value, $table) != 0) ? true : false; } - public function getRecordNum() { - $sql = "SELECT * FROM ".DB_PREFIX."users WHERE 1"; - return $this->query($sql)->num_rows; - } + public function insert($data, $table = null) { + $keys = ""; + $values = ""; + $table = is_null($table) ? $this->table_name : $table; - public function checkRecordExist($key, $value) { - return ($this->getNumRows($key, $value) != 0) ? true : false; - } + foreach($data as $key => $value) { + if ($value == end($data)) { + $keys .= '`'.$key.'`'; + $values .= '"'.$value.'"'; + } else { + $keys .= '`'.$key.'`,'; + $values .= '"'.$value.'", '; + } + } - public function insert($array) { - $uname = $array['uname']; - $passwd = $array['passwd']; - $ip = $array['ip']; - $sql = "INSERT INTO ".DB_PREFIX."users (username, password, ip, preference) - VALUES ('$uname', '$passwd', '$ip', 'default')"; + $sql = "INSERT INTO $table ({$keys}) VALUES ($values)"; return $this->query($sql); } - public function update($uname, $key, $value) { - return $this->query("UPDATE ".DB_PREFIX."users SET `$key`='$value' WHERE username='$uname'"); + public function update($key, $value, $condition = null, $table = null) { + $table = is_null($table) ? $this->table_name : $table; + return $this->query("UPDATE $table SET `$key`='$value'".$this->where($condition)); } - public function delete($uname) { - return $this->query("DELETE FROM ".DB_PREFIX."users WHERE username='$uname'"); + public function delete($condition = null, $table = null) { + $table = is_null($table) ? $this->table_name : $table; + return $this->query("DELETE FROM $table".$this->where($condition)); } - public function encryptPassword($raw_passwd, $username="") { + public function getNumRows($key, $value, $table = null) { + $table = is_null($table) ? $this->table_name : $table; + $sql = "SELECT * FROM $table WHERE $key='$value'"; + return $this->query($sql)->num_rows; + } + + public function getRecordNum($table = null) { + $table = is_null($table) ? $this->table_name : $table; + $sql = "SELECT * FROM $table WHERE 1"; + return $this->query($sql)->num_rows; + } + + public function encryptPassword($raw_passwd, $username = "") { $encrypt = md5($raw_passwd); return $encrypt; } - public function sync($username) { - return ($this->checkRecordExist('username', $username)) ? true : false; + public function sync($username, $reverse = false) { + return ($this->has('username', $username)) ? true : false; + } + + /** + * Generate where statement + * + * @param array $condition, e.g. array('where'=>'username="shit"', 'limit'=>10, 'order'=>'uid') + * @return string + */ + private function where($condition) { + $statement = ""; + if (isset($condition['where']) && $condition['where'] != "") { + $statement .= ' WHERE '.$condition['where']; + } + if (isset($condition['order'])) { + $statement .= ' ORDER BY `'.$condition['order'].'`'; + } + if (isset($condition['limit'])) { + $statement .= ' LIMIT '.$condition['limit']; + } + return $statement; + } + + function __destruct() { + $this->connection->close(); } } diff --git a/libraries/Database/SyncInterface.class.php b/libraries/Database/SyncInterface.class.php index c136d010..0995493b 100644 --- a/libraries/Database/SyncInterface.class.php +++ b/libraries/Database/SyncInterface.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-13 13:31:28 * @Last Modified by: printempw - * @Last Modified time: 2016-03-18 17:23:33 + * @Last Modified time: 2016-04-02 21:36:09 */ namespace Database; @@ -16,6 +16,6 @@ interface SyncInterface * @param string $username, unique identifier of each record * @return bool */ - public function sync($username); + public function sync($username, $reverse = false); } diff --git a/libraries/E.class.php b/libraries/E.class.php index cf97a2cb..cdf5787e 100644 --- a/libraries/E.class.php +++ b/libraries/E.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-27 11:04:14 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 11:36:57 + * @Last Modified time: 2016-04-02 22:25:08 */ class E extends Exception @@ -27,7 +27,7 @@ class E extends Exception private function showErrorJson() { $exception['errno'] = $this->code; $exception['msg'] = $this->message; - header('Content-type: application/json; charset=utf-8'); + @header('Content-type: application/json; charset=utf-8'); exit(json_encode($exception)); } diff --git a/libraries/Option.class.php b/libraries/Option.class.php index ac7663a5..be844192 100644 --- a/libraries/Option.class.php +++ b/libraries/Option.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-03-18 14:02:12 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 11:28:24 + * @Last Modified time: 2016-04-02 22:50:19 */ use Database\Database; @@ -11,72 +11,37 @@ use Database\Database; class Option { public static function get($key) { - $conn = Database::checkConfig(); - $sql = "SELECT * FROM ".DB_PREFIX."options WHERE `option_name` = '$key'"; - $result = $conn->query($sql); - if ($conn->error) - throw new E("Database query error: ".$conn->error, -1); - return $result->fetch_array()['option_value']; + $db = new Database('options'); + $result = $db->select('option_name', $key); + return $result['option_value']; } public static function set($key, $value) { - $conn = Database::checkConfig(); + $db = new Database('options'); if (!self::has($key)) { self::add($key, $value); } else { - $sql = "UPDATE ".DB_PREFIX."options SET `option_value`='$value' WHERE `option_name`='$key'"; - $result = $conn->query($sql); - if ($conn->error) - throw new E("Database query error: ".$conn->error, -1); - else - return true; + return $db->update('option_value', $value, ['where' => "option_name='$key'"]); } } public static function add($key, $value) { - $conn = Database::checkConfig(); - // check if option exists - if (!self::has($key)) { - $sql = "INSERT INTO ".DB_PREFIX."options (`option_name`, `option_value`) VALUES ('$key', '$value')"; - $result = $conn->query($sql); - if ($conn->error) - throw new E("Database query error: ".$conn->error, -1); - else - return true; - } else { - return true; - } + $db = new Database('options'); + return $db->insert(['option_name' => $key, 'option_value' => $value]); } public static function has($key) { - $conn = Database::checkConfig(); - // check if option exists - $sql = "SELECT * FROM ".DB_PREFIX."options WHERE `option_name` = '$key'"; - if ($conn->query($sql)->num_rows != 0) { - return true; - } else { - return false; - } + $db = new Database('options'); + return $db->has('option_name', $key); } public static function delete($key) { - $conn = Database::checkConfig(); + $db = new Database('options'); if (self::has($key)) { - $sql = "DELETE FROM ".DB_PREFIX."options WHERE `option_name`='$key'"; - $result = $conn->query($sql); - if ($conn->error) - throw new E("Database query error: ".$conn->error, -1); - else - return true; + return $db->delete(['where' => "option_name='$key'"]); } else { return false; } } - public static function setArray($options) { - foreach ($options as $key => $value) { - self::set($key, $value); - } - return true; - } } diff --git a/libraries/User.class.php b/libraries/User.class.php index 8dfbbdc7..273a1aad 100644 --- a/libraries/User.class.php +++ b/libraries/User.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-01-16 23:01:33 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 11:44:48 + * @Last Modified time: 2016-04-02 22:50:16 */ use Database\Database; @@ -21,7 +21,7 @@ class User function __construct($uname) { $this->uname = Utils::convertString($uname); $class_name = "Database\\".Option::get('data_adapter')."Database"; - $this->db = new $class_name(); + $this->db = new $class_name('users'); if ($this->db->sync($this->uname)) { $this->passwd = $this->db->select('username', $this->uname)['password']; @@ -55,7 +55,8 @@ class User } public function changePasswd($new_passwd) { - $this->db->update($this->uname, 'password', $this->db->encryptPassword($new_passwd, $this->uname)); + $this->db->update('password', $this->db->encryptPassword($new_passwd, $this->uname), ['where' => "username='$this->uname'"]); + $this->db->sync($this->uname, true); } public function getToken() { @@ -63,11 +64,13 @@ class User } public function register($passwd, $ip) { - return $this->db->insert(array( - "uname" => $this->uname, - "passwd" => $this->db->encryptPassword($passwd), - "ip" => $ip - )); + $data = array( + "username" => $this->uname, + "password" => $this->db->encryptPassword($passwd), + "ip" => $ip, + "preference" => 'default' + ); + return $this->db->insert($data); } public function unRegister() { @@ -76,7 +79,7 @@ class User if ($this->getTexture($skin_type_map[$i]) != "" && !Utils::checkTextureOccupied($this->getTexture($skin_type_map[$i]))) Utils::remove("./textures/".$this->getTexture($skin_type_map[$i])); } - return $this->db->delete($this->uname); + return $this->db->delete(['where' => "username='$this->uname'"]); } public function reset() { @@ -84,9 +87,9 @@ class User for ($i = 0; $i <= 2; $i++) { if ($this->getTexture($skin_type_map[$i]) != "" && !Utils::checkTextureOccupied($this->getTexture($skin_type_map[$i]))) Utils::remove("./textures/".$this->getTexture($skin_type_map[$i])); - $this->db->update($this->uname, 'hash_'.$skin_type_map[$i], ''); + $this->db->update('hash_'.$skin_type_map[$i], '', ['where' => "username='$this->uname'"]); } - return $this->db->update($this->uname, 'preference', 'default'); + return $this->db->update('preference', 'default', ['where' => "username='$this->uname'"]); } /** @@ -104,7 +107,7 @@ class User public function getBinaryTexture($type) { if ($this->getTexture($type) != "") { - $filename = "./textures/".$this->getTexture($type); + $filename = BASE_DIR."/textures/".$this->getTexture($type); if (file_exists($filename)) { header('Content-Type: image/png'); // Cache friendly @@ -150,7 +153,7 @@ class User $this->updateLastModified(); $hash = Utils::upload($file); if ($type == "steve" | $type == "alex" | $type == "cape") - return $this->db->update($this->uname, 'hash_'.$type, $hash); + return $this->db->update('hash_'.$type, $hash, ['where' => "username='$this->uname'"]); return false; } @@ -159,7 +162,7 @@ class User * @param string $type, 'slim' or 'default' */ public function setPreference($type) { - return $this->db->update($this->uname, 'preference', $type); + return $this->db->update('preference', $type, ['where' => "username='$this->uname'"]); } public function getPreference() { @@ -200,9 +203,9 @@ class User return json_encode($json, JSON_PRETTY_PRINT); } - public function updateLastModified() { + public function updateLastModified() {//$this->uname // @see http://stackoverflow.com/questions/2215354/php-date-format-when-inserting-into-datetime-in-mysql - return $this->db->update($this->uname, 'last_modified', date("Y-m-d H:i:s")); + return $this->db->update('last_modified', date("Y-m-d H:i:s"), ['where' => "username='$this->uname'"]); } /** diff --git a/libraries/Utils.class.php b/libraries/Utils.class.php index 7d3c7a17..d9614c5d 100644 --- a/libraries/Utils.class.php +++ b/libraries/Utils.class.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-01-16 23:01:33 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 11:33:59 + * @Last Modified time: 2016-04-02 22:01:48 */ class Utils @@ -151,7 +151,7 @@ class Utils * @return bool */ public static function checkTextureOccupied($hash) { - $db = new Database\Database(); + $db = new Database\Database('users'); if ($db->getNumRows('hash_steve', $hash) > 1) { return true; } elseif ($db->getNumRows('hash_alex', $hash) > 1) { @@ -163,4 +163,13 @@ class Utils return false; } + public function generateRndString($length) { + $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|'; + $rnd_string = ''; + for ($i = 0; $i < $length; $i++) { + $rnd_string .= $chars[mt_rand(0, strlen($chars) - 1)]; + } + return $rnd_string; + } + } diff --git a/libraries/autoloader.php b/libraries/autoloader.php index d0590e24..aa17eadf 100644 --- a/libraries/autoloader.php +++ b/libraries/autoloader.php @@ -3,7 +3,7 @@ * @Author: printempw * @Date: 2016-02-02 21:17:59 * @Last Modified by: printempw - * @Last Modified time: 2016-03-27 11:19:58 + * @Last Modified time: 2016-04-02 19:19:48 */ function __autoload($classname) { @@ -11,6 +11,8 @@ function __autoload($classname) { // echo $classname.'
'; $include_dir = $dir.DIRECTORY_SEPARATOR."libraries".DIRECTORY_SEPARATOR; $filename = $include_dir.str_replace('\\', DIRECTORY_SEPARATOR, $classname) . '.class.php'; + if (!file_exists($filename)) + exit("Undefined class `$classname` @ `$filename`"); require_once($filename); } if (!file_exists($dir.'/config.php')) diff --git a/templates/admin/list.tpl.php b/templates/admin/list.tpl.php index 365d53c9..000fc97b 100644 --- a/templates/admin/list.tpl.php +++ b/templates/admin/list.tpl.php @@ -29,14 +29,22 @@ query("SELECT * FROM ".DB_PREFIX."users WHERE `username` LIKE '%".$_POST['search-username']."%' ORDER BY `uid` LIMIT ".(string)(($page_now-1)*30).", 30"); + $result = $db->select(null, null, [ + 'where' => "`username` LIKE '%".$_POST['search-username']."%'", + 'order' => 'uid', + 'limit' => (string)(($page_now-1)*30).", 30" + ]); $page_total = round($db->query("SELECT * FROM ".DB_PREFIX."users WHERE `username` LIKE '%".$_POST['search-username']."%'")->num_rows/30); } else { - $result = $db->query("SELECT * FROM ".DB_PREFIX."users ORDER BY `uid` LIMIT ".(string)(($page_now-1)*30).", 30"); - $page_total = round($db->query("SELECT * FROM ".DB_PREFIX."users WHERE 1")->num_rows/30); + $result = $db->select(null, null, [ + 'where' => '', + 'order' => 'uid', + 'limit' => (string)(($page_now-1)*30).", 30" + ], null, true); + $page_total = round($db->getRecordNum()/30); } while ($row = $result->fetch_array()) { ?> diff --git a/templates/admin/show.tpl.php b/templates/admin/show.tpl.php index 21341894..d6e810e6 100644 --- a/templates/admin/show.tpl.php +++ b/templates/admin/show.tpl.php @@ -7,7 +7,7 @@ User Preview - select('uid', $data['uid'])['username']); ?>