api.php

   1 <?php
   2 include('encrypt.php');
   3 $incpa = "";
   4
   5 $g = $_GET;
   6 if(count($g)>1){
   7         if (isset($g['mail']) && !empty($g['mail']) && !empty($g['pass'])) {
   8                 $err = false;
   9                 $email = filter_var($g['mail'], FILTER_SANITIZE_EMAIL);
  10                 if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  11                         //echo "Invalid email";
  12                         $err = true;
  13                 }
  14                 $pass = filter_var($g['pass'], FILTER_SANITIZE_STRING);
  15
  16                 $email = strip_tags(addslashes($email));
  17                 $pass = strip_tags(addslashes($pass));
  18
  19               if(!preg_match("/[a-z0-9 \!\"\#\$\%\&\'\(\)\*\+\,\-\.\/\:\;\<\=\>\?\@\[\]\^\_\{\}\|\~]{4,32}+/i",$pass)) {
  20                         die("ERROR1");
  21                         $err = true;
  22               }
  23
  24                 $fdir = substr($email, 0, 1);
  25                 $sdir = substr($email, 1, 1);
  26                 $data = @file(DB_PATH."$fdir/$sdir/$email");
  27
  28                 if(count($data)>3) {
  29                         for ($i=0; $i < count($data); $i++) {
  30                                 $data[$i] = trim($data[$i]);
  31                         }
  32                         $inputpass = md5($pass."kahitanupo");
  33                         if ($inputpass != $data[2]) {
  34                                 $inputpass = hash("sha256", $pass."kahitanupo");
  35                                 if ($inputpass != $data[2]) {
  36                                         $incpa = "無効なパスワード";
  37                                         $err = true;
  38                                 }
  39                         }
  40                         if ($err == false) {
  41                                 if (isset($data[count($data)-1]) && $data[count($data)-1]== FORGOT) {
  42                                         unset($data[count($data)-1]);
  43                                         $writeData = implode("\n", $data);
  44                                         //$writeData = $data[0]."\n".$data[1]."\n".$data[2]."\n".$data[3]."\n".$data[4]."\n".$data[5]."\n";
  45                                         file_put_contents(DB_PATH."$fdir/$sdir/$email", $writeData);
  46                                 }
  47                                 foreach($_COOKIE as $ky => $vl){
  48                                         setcookie($ky,"",time()-3600);
  49                                 }
  50                                 $DMDM = Encrypt($email,KEY);
  51                                 $MDMD = Encrypt($pass,KEY);
  52
  53                                 echo "DMDM=" . $DMDM . ";MDMD=" . $MDMD;
  54                                 // setcookie('DMDM',$DMDM,0,'/',".2ch.net");
  55                                 // setcookie('MDMD',$MDMD,0,'/',".2ch.net");
  56                                 $_SESSION['sLoggedDir'] = loggedEmail($email, MDB_PATH);
  57                         }else{
  58                                 die("ERROR");
  59                         }
  60                 } else {
  61                         //User Doesnt Exist
  62                         die("ERROR");
  63                         // echo "ユーザーは存在しません";
  64                 }
  65
  66         } else {
  67                 //Invalid Details
  68                 die("ERROR");
  69                 // echo "無効な詳細";
  70         }
  71 }
  72 ?>