pid)) $pid = $inputs->pid; else $pid = ''; // get to be viewed profileid if (isset($inputs->vpid)) $vpid = $inputs->vpid; else $vpid = ''; // get id where they are coming from if (isset($inputs->accreg)) $accreg = $inputs->accreg; else $accreg = ''; // get id where they are coming from if (isset($inputs->accmsg)) $accmsg = $inputs->accmsg; else $accmsg = ''; // get id where they are going to if (isset($inputs->redirect)) $redirect = $inputs->redirect; else $redirect = ''; // decrypt encrypted unique id function simple_decrypt($text) { $salt ='sdj49gYR&%sfh$%5#sdfsjhf'; return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))); } if (isset($inputs->uniqid)) { $uniqidd = $inputs->uniqid; $uniqid = simple_decrypt($uniqidd); $uniqid = urldecode($uniqid); //$uniqid = $inputs->uniqid; } else { $uniqid = ''; } // check whether the given url is valid or not function chkautologin($pid,$uniqid) { global $dbase; $sql = "select count(profileid) as cont from mem_auto_login where profileid = '$pid' and unique_id = '$uniqid'"; $rQue = $dbase->db_sql_query($sql); if ($rQue) { return $rQue['cont']; } else { return 0; } } /* * start on 23917 */ // check message id exists or not function fnCheckMsgExist($msgid,$mfromid,$mtoid){ global $dbase; $sql = "select count(msg_msgid) as cnt from messages where msg_msgid='$msgid' and msg_frompid='$mfromid' and msg_topid='$mtoid'"; $rQue = $dbase->db_sql_query($sql); return $rQue['cnt']; } // insert or update into trace_autologin_msg_mail function fnTraceMsgMani($msgid,$mfpage,$mtpage){ global $dbase; $referer=isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:''; $ip_ser = $_SERVER['SERVER_ADDR']; $traceautolog_inc = getoddevenval('sno',DB_name.'.trace_autologin_msg_mail',$ip_ser); $sql="insert into trace_autologin_msg_mail (sno,msg_id,from_page,to_page,initial_date,last_updated_date,mail_read_count,referer) values ('$traceautolog_inc','$msgid','$mfpage','$mtpage',now(),now(),1,'$referer') ON DUPLICATE KEY UPDATE last_updated_date = NOW(),mail_read_count=mail_read_count+1,referer='$referer'"; $rQue = $dbase->db_sql_query($sql); return $rQue['cnt']; } /* * end on 23917 */ // checking for url injection if (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $pid) || preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $accreg) || preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $redirect)) { header("location:".SITE_PATH."/login?task=logout"); exit; } $pidLen = strlen($pid); $uniqidLen = strlen($uniqid); $accreg = intval($accreg); $redirect = intval($redirect); $accmsg=intval($accmsg); // check length of given and taken id's are same if ($pidLen > 10 || $uniqidLen != 12 || trim($redirect) == "" || (($redirect != "") && (!is_int($redirect))) || trim($accreg) == "" || (($accreg != "") && (!is_int($accreg))) || (($accmsg != "") && (!is_int($accmsg)))) { header("location:".SITE_PATH."/login?task=logout"); exit; } // identify where they are coming from $pagesFromArr = array(1=>"awaitresponse",2=>"newmatches",3=>"addphotos",4=>"notloggedin",5=>"ramadanoffer", 6=>"initiate",7=>"acceptance",8=>"declined",9=>"end communication",10=>"consider request",11=>"Pending Decision", 12=>"profile approved",13=>"photo request",14=>"Message Approval",15=>"Send Free Message",16=>"Send approved Message", 17=>"Dalpay Payment",18=>"Viewed by Others",19=>"Summary",20=>"Migration",21=>"Welcome" ); // identify where they are going to $urlArr = array(1=>"users/viewprofile",2=>"users/upload_photos",3=>"users/basicsearch",4=>"users/inbox",5=>"users/upgradedesk",6=>"users/welcome", 7=>"help/dalpay_status",8=>"users/viewothers",9=>"users/comm_ini_rec",10=>"users/comm_pho_rec",11=>"users/deldet"); // check whether given page from id is exist or not if (!array_key_exists($accreg, $pagesFromArr)) { header("location:".SITE_PATH."/login?task=logout"); exit; } // check whether given page to id is exist or not if (!array_key_exists($redirect, $urlArr)) { header("location:".SITE_PATH."/login?task=logout"); exit; } // check for valid id $autolog = chkautologin($pid,$uniqid); // if valid proceed to futher process if ($autolog) { /* * start on 23917 */ if ($accmsg!=""&&$vpid!=""&&$pid!=""){ $mcnt=fnCheckMsgExist($accmsg,$vpid,$pid); if($mcnt==0){ header("location:".SITE_PATH."/login?task=logout"); exit; } else { fnTraceMsgMani($accmsg,$accreg,$redirect); $_SESSION['al_msg_read_flg']=1; } } /* * end on 23917 */ $proftable = DB_name.'.profile'; // Profile Table $logid = $pid; // if about my self is greater than 40 char $_SESSION['ProfileId'] = $logid; // Set profileid in session $IP = $_SERVER['REMOTE_ADDR']; $selectdetvalues = array("dpro_name"); $detprofval = $querybuild->build_query($selectdetvalues,det_profile,'dpro_profileid',$logid,'looparray','','','','',''); $sesname = $detprofval['dpro_name']; $myname = $sesname; //$mytype = $querybuild->build_query('pro_type',profile,'pro_profileid',$logid,'','','','','',''); $selectalues = array("pro_proid","pro_religion","pro_resid","pro_nstate","pro_ncity","pro_nation","pro_gender", "pro_adminappstatus","pro_type","pro_latitute","pro_longtitude","pro_marital","pro_age","pro_edu", "pro_hide","pro_readquaran","pro_gpoints"); $myprofile = $querybuild->build_query($selectalues,profile,'pro_profileid',$logid,'looparray','','','','',''); $_SESSION['reg_ses_name'] = $myname;//Dproname $_SESSION['my_proid'] = $myprofile['pro_proid']; $_SESSION['my_religion'] = $myprofile['pro_religion']; $_SESSION['my_resid'] = $myprofile['pro_resid']; $_SESSION['my_nstate'] = $myprofile['pro_nstate']; $_SESSION['my_ncity'] = $myprofile['pro_ncity']; $_SESSION['my_nation'] = $myprofile['pro_nation']; $_SESSION['my_gender'] = $myprofile['pro_gender']; $_SESSION['my_status'] = $myprofile['pro_adminappstatus']; $_SESSION['my_protype'] = $myprofile['pro_type']; $_SESSION['my_lat'] = $myprofile['pro_latitute']; $_SESSION['my_long'] = $myprofile['pro_longtitude']; $_SESSION['my_marital'] = $myprofile['pro_marital']; $_SESSION['my_age'] = $myprofile['pro_age']; $_SESSION['my_edu'] = $myprofile['pro_edu']; $_SESSION['my_hide'] = $myprofile['pro_hide']; $_SESSION['my_readquaran'] = $myprofile['pro_readquaran']; $_SESSION['my_progpoints'] = $myprofile['pro_gpoints']; $sql = "select * from paidmembers where profileid='$logid' limit 1"; $rs = $dbase->db_sql_query($sql); if(count($rs)>0){ foreach($rs as $rk=>$rv){ if(is_numeric($rk)) continue; if($rk=="o_order_id") continue; $_SESSION['my_addon_'.$rk] = $rv; } } $rmchat = $myprofile['pro_proid']; $_SESSION['username'] = $rmchat; // set chat Username in session $gender = $myprofile['pro_gender']; $uphoto = new Photographs; $photo = $uphoto->getMyphotos($logid,$gender,'sr'); $_SESSION['my_srphoto'] = $photo; // update logout status - only for android / ios status if ($inputs->dev_id!='' && $inputs->tok_id!='null') { $chkprofexis1 = $querybuild->build_query("pid","devices","device_id='$inputs->dev_id' and token_id='$inputs->tok_id' limit 1","","","","","","",""); if ($chkprofexis1) { $sql = "update devices set pid='$logid',logout='0' where token_id='$inputs->tok_id' and device_id='$inputs->dev_id'"; $dbase->db_sql_query($sql); } else { $IP = $_SERVER['REMOTE_ADDR']; //ip address $ip_ser = $_SERVER['SERVER_ADDR']; $devices_inc = getoddevenval('sno',DB_name.'.devices',$ip_ser); //GET /login?android=23&dev_id=%20&model=Lenovo%20X3a40&brand=Lenovo&product=x3_row&lang=English&width=1080&height=1920&mo=123&tok_id=dXbGEr16K80:APA91bHQiihOHMMxVc-TYjcg4nZ3XoTVfViPT8AZOaUHYhTrzDyOPfZ4s1d6IR3-hiK6VduL_UsYhnzFVnlqDHV5PeLW9YPVrFZmoaItDjWj_ZEMv9saI6NZzw9LAsQ1ApoE3s1PFRCx HTTP/1.0 $screen = ($inputs->width && $inputs->height)?$inputs->width.'-'.$inputs->height:''; // screen width and height $sql = "insert into devices (sno,pid,device_id,token_id,ip,device,device_model,version,language,screen_size,mob_num,download_date,logoutsnosno) values ('$devices_inc','$logid',' $inputs->dev_id','$inputs->tok_id','$IP','$inputs->brand','$inputs->model','$inputs->android','$inputs->lang','$screen','$inputs->mo',curdate(),'0')"; $dbase->db_sql_query($sql); } } $previosonline = $querybuild->build_query('pro_lastonline',profile,'pro_profileid',$logid,'','','','','',''); $_SESSION['log_lastonline'] = $previosonline; // Update lastlogin time and login count, login device details in profile table $sql = "update $proftable set pro_lastonline = now(),pro_logcnt=pro_logcnt+1,pro_device='$mydevice' where pro_profileid = '$logid'"; $rs = $dbase->db_sql_query($sql); $ip_ser = $_SERVER['SERVER_ADDR']; $iphist_inc = getoddevenval('sno',DB_name.'.ip_history',$ip_ser); // Insert ip details in ip country table $sql = "insert into ip_history values ('$iphist_inc','$logid','$IP','',now(),'$mydevice')"; $rs = $dbase->db_sql_query($sql); $chkexit = $querybuild->build_query('count(userid)',CDB_name.'.chat_users','userid',$rmchat,'','','','','',''); // Check if userid already exists $chksexit = $querybuild->build_query('count(userid)',CDB_name.'.chat_status','userid',$rmchat,'','','','','',''); // check if profile is in online // insert chat users table if not exists if ($chkexit=='0') { $chatusr_inc = getoddevenval('sno',CDB_name.'.chat_users',$ip_ser); $sql = "insert into ".CDB_name.".chat_users values ('$chatusr_inc','$rmchat','$logid','$sesname','','','','available','','','')"; $rs = $dbase->db_sql_query($sql); } // Update status if already user is in status table if ($chksexit) { $sql = "update ".CDB_name.".chat_status set status='available' where userid='$rmchat'"; $rs = $dbase->db_sql_query($sql); } else { // Insert user details in status table and set member is in online $sql = "insert into ".CDB_name.".chat_status values ('$rmchat','','available','','')"; $rs = $dbase->db_sql_query($sql); } $himher = ($gender=='32')?'her':'him'; // Alerts Gender // Recent Activity set $act_txt = "has logged in ".$himher." profile."; $sql = "insert into ".DB_name.".recent_activity (sno,profileid,action,date) values (NULL,'$logid','$act_txt',now())"; $rs = $dbase->db_sql_query($sql); //start on 61017 //inserting device details on adm_device_details require_once RIBM_ROOT ."/addon/BrowserDetection.php"; $bro=new BrowserDetection(); require_once RIBM_ROOT ."/addon/Mobile_Detect.php"; $modetect=new Mobile_Detect(); $devType=($modetect->isMobile()?($modetect->isTablet()?2:1):3); $_SESSION['my_devicetype'] = $devType; $broName=$bro->getName(); $broVers=$bro->getVersion(); $broPlatVers=$bro->getPlatformVersion(true); $broSPlatVers=$bro->getPlatformVersion(); //$messId=""; $useragent=(isset($_SERVER['HTTP_USER_AGENT']))?$_SERVER['HTTP_USER_AGENT']:""; $pro_id=$myprofile['pro_proid']; $ip_ser = $_SERVER['SERVER_ADDR']; $admdevicetbl_inc = getoddevenval('sno',CDB_name.'.adm_device_details',$ip_ser); $sql2="insert into ".CDB_name.".adm_device_details (sno,pro_id,device,os,browser,browser_version,browse_time,user_agent) values ('$admdevicetbl_inc','$pro_id','$devType','$broSPlatVers','$broName','$broVers',UNIX_TIMESTAMP(NOW()),'$useragent') ON DUPLICATE KEY UPDATE pro_id='$pro_id',device='$devType',os='$broSPlatVers',browser='$broName', browser_version='$broVers',browse_time=UNIX_TIMESTAMP(NOW()),user_agent='$useragent'"; $exeQue2=$dbase->db_sql_query($sql2); //end on 6110 if($accreg!=17){ $_SESSION['autolog_flg'] = 1; } $_SESSION['autolog_from'] = $accreg; //$_SESSION['autolog_from_str'] = $pagesFromArr[$accreg]; /* if ($mydevice == 'mob') { header("Location: mobile/mob_upgrade.php"); } else { */ if ($vpid) header("location:".SITE_PATH."/".$urlArr[$redirect]."?vpid=".$vpid); else header("location:".SITE_PATH."/".$urlArr[$redirect]); //} } else { /*if($mydevice == 'mob') { header("Location: mobile/mob_upgrade.php"); } else {*/ header("location:".SITE_PATH."/login?task=logout"); exit; //} } ?>