<?php
//
//File for remote vb
//This file must be exists in VB  folder script. 
//copyright 2007-2009 Kleeja.com ..
//$Author: phpfalcon $ , $Rev: 817 $,  $Date:: 2009-08-12 14:43:06 +0300#$
//

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### DEFINE IMPORTANT CONSTANTS #######################
define('THIS_SCRIPT', 'sendmessage');

//call vb global file
require_once('./global.php');

//change this
$script_api_key = '';

//error_reporting(E_ALL & ~E_NOTICE);



if(!isset($_GET['api_key']) || (isset($_GET['api_key']) &&  base64_decode($_GET['api_key']) != $script_api_key) || (!isset($_GET['userid']) && !isset($_GET['username'])))
{
	print_output('0');
	exit;
}

#hashed ? 
$hashed = isset($_GET['userid']) ? true : false;
$pass = isset($_GET['pass']) ? stripslashes(htmlspecialchars_decode(base64_decode($_GET['pass']))) : '';
$username = isset($_GET['username']) ? strip_blank_ascii($_GET['username'], ' ') : '';
//print_output($username);
$userid = isset($_GET['userid']) ? $_GET['userid'] : '';
$c = array(
    'pass' => isset($_GET['pass']) ?  htmlspecialchars($pass) : '',
    'username' => isset($_GET['username']) ? $username : '',
    'userid' => isset($_GET['userid']) ? intval($userid) : 0,
);


$q_where = $hashed ? "userid=" . $c['userid'] . " AND password='" . mysql_escape_string($c['pass']) . "' AND usergroupid != '8'" :  "username='" . $vbulletin->db->escape_string(htmlspecialchars_uni($c['username'])) . "' AND usergroupid != '8'";

if(isset($_GET['return_username']))
{
	$q_where = "userid=" . $c['userid'];
}

$rqr = mysql_query("SELECT " . ($hashed ? '*' : (isset($_GET['return_username']) ? 'username' : 'salt')) . " FROM " . $config['Database']['tableprefix'] . "user WHERE " . $q_where);

if (mysql_num_rows($rqr))
{
		while ($user = mysql_fetch_array($rqr))
		{
			//if return_username, no password just userid , and return username
			if(isset($_GET['return_username']))
			{
				print_output(base64_encode('1%|%' . $user['username']));
				exit;
			}
			
			$is_admin_or_no = ($row['usergroupid'] == 6) ? '1' : '0';
			
			if($hashed)
			{
				print_output(base64_encode('1%|%' . $user['userid'] . '%|%' . $user['username'] . '%|%' . $user['email'] . '%|%' . $user['password'] . '%|%' . $is_admin_or_no));
				exit;
			}
			else
			{
				$pass = md5(md5($c['pass']) . $user['salt']);  // without normal md5

				$rqr2 = mysql_query("
						SELECT *
						FROM " . $config['Database']['tableprefix'] . "user
						WHERE username='" . mysql_escape_string($c['username']) . "' AND password='" . mysql_escape_string($pass) . "' AND usergroupid != '8'
					");
				if (!mysql_num_rows($rqr))
				{
					print_output('0');
					exit;
				}
				else
				{
					while ($user2 = mysql_fetch_array($rqr2))
					{
						print_output(base64_encode('1%|%' . $user2['userid'] . '%|%' . $user2['username'] . '%|%' . $user2['email'] . '%|%' . $user2['password'] . '%|%' . $is_admin_or_no));
						exit;
					}
					
					//it's bad situation
					print_output('0');
					exit;
				}
			}
			
			//break 
			break;
		}
}
else
{
	print_output('0');
	exit;
}


//<--- EOF
?>