diff --git a/includes/config.inc.php b/includes/config.inc.php index 7d04a9f3..1abb9f1a 100644 --- a/includes/config.inc.php +++ b/includes/config.inc.php @@ -6,6 +6,6 @@ $db_host="localhost"; $db_user="localuser"; $db_pass="Pkloyn7yvpht!"; $db_name="panel"; -$table_prefix="ogp_"; +$table_prefix="gsp_"; $db_type="mysql"; ?> diff --git a/modules/billing/add_to_cart.php b/modules/billing/add_to_cart.php index a68b0f56..3101e688 100644 --- a/modules/billing/add_to_cart.php +++ b/modules/billing/add_to_cart.php @@ -67,7 +67,7 @@ if (!$db) { if (!empty($resolve_username_for_user_id) && $db) { $safe_uname = mysqli_real_escape_string($db, $resolve_username_for_user_id); // users_login is the correct column name in this schema - $q = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1"); + $q = mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe_uname' LIMIT 1"); if ($q && mysqli_num_rows($q) === 1) { $r = mysqli_fetch_assoc($q); $user_id = intval($r['user_id'] ?? 0); @@ -76,7 +76,7 @@ if (!empty($resolve_username_for_user_id) && $db) { $_SESSION['website_user_id'] = $user_id; site_log_info('resolved_user_id_from_username', ['username'=>$resolve_username_for_user_id,'user_id'=>$user_id]); // Also resolve and persist the user's role so menus and admin checks are consistent - $role_q = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1"); + $role_q = mysqli_query($db, "SELECT users_role FROM {$table_prefix}users WHERE user_id = " . intval($user_id) . " LIMIT 1"); if ($role_q && mysqli_num_rows($role_q) === 1) { $role_row = mysqli_fetch_assoc($role_q); $_SESSION['website_user_role'] = $role_row['users_role'] ?? ''; @@ -89,7 +89,7 @@ if (!empty($resolve_username_for_user_id) && $db) { $price = 0.0; if ($service_id > 0) { - $stmt = $db->prepare('SELECT price_monthly, slot_min_qty, slot_max_qty FROM ogp_billing_services WHERE service_id = ? LIMIT 1'); + $stmt = $db->prepare("SELECT price_monthly, slot_min_qty, slot_max_qty FROM {$table_prefix}billing_services WHERE service_id = ? LIMIT 1"); if ($stmt) { $stmt->bind_param('i', $service_id); $stmt->execute(); @@ -104,7 +104,7 @@ if ($service_id > 0) { } } -// Insert into ogp_billing_invoices (NOT orders - invoice created first) +// Insert into {table_prefix}billing_invoices (NOT orders - invoice created first) $now = date('Y-m-d H:i:s'); $status = 'due'; // Invoice status: due (unpaid), paid @@ -116,10 +116,10 @@ $debug = (isset($_GET['debug']) && $_GET['debug'] == '1') || (isset($_POST['debu $logfile = __DIR__ . '/logs/add_to_cart.log'; site_log_info('add_to_cart_invoked', ['user_id'=>$user_id, 'service_id'=>$service_id]); -// Get customer name and email from ogp_users +// Get customer name and email from {table_prefix}users $customer_name = ''; $customer_email = ''; -$user_q = mysqli_query($db, "SELECT users_fname, users_lname, users_email FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1"); +$user_q = mysqli_query($db, "SELECT users_fname, users_lname, users_email FROM {$table_prefix}users WHERE user_id = " . intval($user_id) . " LIMIT 1"); if ($user_q && mysqli_num_rows($user_q) === 1) { $user_row = mysqli_fetch_assoc($user_q); $customer_name = trim(($user_row['users_fname'] ?? '') . ' ' . ($user_row['users_lname'] ?? '')); @@ -148,7 +148,7 @@ $esc_customer_email = mysqli_real_escape_string($db, $customer_email); $esc_due_date = mysqli_real_escape_string($db, $due_date); $esc_description = mysqli_real_escape_string($db, "New server: {$home_name}"); -$sql = "INSERT INTO ogp_billing_invoices ( +$sql = "INSERT INTO {$table_prefix}billing_invoices ( user_id, service_id, home_name, ip, max_players, qty, invoice_duration, amount, remote_control_password, ftp_password, status, customer_name, customer_email, due_date, description, currency, order_id @@ -172,9 +172,9 @@ if (!$res || $err_no > 0) { site_log_error('mysqli_query_failed', ['errno'=>$err_no, 'error'=>$err, 'sql'=>$sql]); file_put_contents($logfile, date('c') . " - ERROR: " . $err . " (errno: {$err_no})\n", FILE_APPEND); // Log table existence check - $tbl_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_billing_invoices'"); + $tbl_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}billing_invoices'"); $tbl_exists = ($tbl_check && mysqli_num_rows($tbl_check) > 0) ? 'yes' : 'no'; - site_log_warn('ogp_billing_invoices_exists', ['exists'=>$tbl_exists]); + site_log_warn('billing_invoices_exists', ['exists'=>$tbl_exists]); file_put_contents($logfile, date('c') . " - Table exists check: {$tbl_exists}\n", FILE_APPEND); // Show user-friendly error diff --git a/modules/billing/admin_invoices.php b/modules/billing/admin_invoices.php index f087c8c4..29a1e274 100644 --- a/modules/billing/admin_invoices.php +++ b/modules/billing/admin_invoices.php @@ -14,7 +14,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $newStatus = mysqli_real_escape_string($db, $_POST['status']); $newPrice = floatval($_POST['price']); - $sql = "UPDATE ogp_billing_orders SET status = '$newStatus', price = $newPrice WHERE order_id = $orderId LIMIT 1"; + $sql = "UPDATE {$table_prefix}billing_orders SET status = '$newStatus', price = $newPrice WHERE order_id = $orderId LIMIT 1"; mysqli_query($db, $sql); header('Location: admin_invoices.php?updated=' . $orderId); exit; @@ -23,9 +23,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Fetch all orders with coupon information $orders = mysqli_query($db, "SELECT o.*, u.user_name, c.code AS coupon_code, c.discount_percent AS coupon_discount - FROM ogp_billing_orders o - LEFT JOIN ogp_users u ON o.user_id = u.user_id - LEFT JOIN ogp_billing_coupons c ON o.coupon_id = c.coupon_id + FROM {$table_prefix}billing_orders o + LEFT JOIN {$table_prefix}users u ON o.user_id = u.user_id + LEFT JOIN {$table_prefix}billing_coupons c ON o.coupon_id = c.coupon_id ORDER BY o.order_id DESC"); function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); } diff --git a/modules/billing/adminserverlist.php b/modules/billing/adminserverlist.php index 290b6468..e455f732 100644 --- a/modules/billing/adminserverlist.php +++ b/modules/billing/adminserverlist.php @@ -58,8 +58,8 @@ function join_base($base, $path){ } /* which column holds space-separated locations */ -$locationCol = col_exists($db, 'ogp_billing_services', 'remote_server_id') ? 'remote_server_id' : - (col_exists($db, 'ogp_billing_services', 'remote_server') ? 'remote_server' : 'remote_server_id'); +$locationCol = col_exists($db, "{$table_prefix}billing_services", 'remote_server_id') ? 'remote_server_id' : + (col_exists($db, "{$table_prefix}billing_services", 'remote_server') ? 'remote_server' : 'remote_server_id'); $flash = []; @@ -67,11 +67,11 @@ $flash = []; if (isset($_POST['update_remote_servers'])) { $enabledIds = array_map('intval', $_POST['rs'] ?? []); $enabledSet = array_flip($enabledIds); - $allIds = fetch_all_assoc($db, "SELECT remote_server_id FROM ogp_remote_servers"); + $allIds = fetch_all_assoc($db, "SELECT remote_server_id FROM {$table_prefix}remote_servers"); foreach ($allIds as $row) { $id = (int)$row['remote_server_id']; $e = isset($enabledSet[$id]) ? 1 : 0; - $db->query("UPDATE ogp_remote_servers SET enabled={$e} WHERE remote_server_id={$id}"); + $db->query("UPDATE {$table_prefix}remote_servers SET enabled={$e} WHERE remote_server_id={$id}"); } $flash[] = "Server locations updated."; } @@ -99,7 +99,7 @@ function update_service_row(mysqli $db, string $locationCol, int $sid, array $sv $locList = implode(' ', $selected); $locListEsc = esc_mysqli($db, $locList); - $sql = "UPDATE ogp_billing_services + $sql = "UPDATE {$table_prefix}billing_services SET service_name='{$name}', `{$locationCol}`='{$locListEsc}', slot_min_qty={$minSlots}, @@ -131,13 +131,13 @@ if (isset($_POST['bulk_update']) && !empty($_POST['service']) && is_array($_POST /* C) Remove a service (separate small form) */ if (isset($_POST['remove_service'], $_POST['service_id_remove'])) { $sid = (int)$_POST['service_id_remove']; - $db->query("DELETE FROM ogp_billing_services WHERE service_id={$sid}"); + $db->query("DELETE FROM {$table_prefix}billing_services WHERE service_id={$sid}"); $flash[] = "Service #{$sid} removed."; } /* fetch data for UI */ -$remoteServers = fetch_all_assoc($db, "SELECT remote_server_id, remote_server_name, enabled FROM ogp_remote_servers ORDER BY remote_server_name"); -$services = fetch_all_assoc($db, "SELECT service_id, service_name, `{$locationCol}` AS locs, slot_min_qty, slot_max_qty, price_monthly, img_url, enabled FROM ogp_billing_services ORDER BY service_name"); +$remoteServers = fetch_all_assoc($db, "SELECT remote_server_id, remote_server_name, enabled FROM {$table_prefix}remote_servers ORDER BY remote_server_name"); +$services = fetch_all_assoc($db, "SELECT service_id, service_name, `{$locationCol}` AS locs, slot_min_qty, slot_max_qty, price_monthly, img_url, enabled FROM {$table_prefix}billing_services ORDER BY service_name"); ?> diff --git a/modules/billing/check_table.php b/modules/billing/check_table.php index 94e5d9bd..28f91033 100644 --- a/modules/billing/check_table.php +++ b/modules/billing/check_table.php @@ -1,6 +1,6 @@ ogp_billing_invoices Table Structure\n"; +echo "

{$table_prefix}billing_invoices Table Structure

\n"; -$result = mysqli_query($db, "DESCRIBE ogp_billing_invoices"); +$result = mysqli_query($db, "DESCRIBE {$table_prefix}billing_invoices"); if (!$result) { die("Table doesn't exist or query failed: " . mysqli_error($db)); @@ -37,13 +37,13 @@ while ($row = mysqli_fetch_assoc($result)) { echo "\n"; // Count existing invoices -$count_result = mysqli_query($db, "SELECT COUNT(*) as cnt FROM ogp_billing_invoices"); +$count_result = mysqli_query($db, "SELECT COUNT(*) as cnt FROM {$table_prefix}billing_invoices"); $count = mysqli_fetch_assoc($count_result); echo "

Total invoices in table: {$count['cnt']}

\n"; // Show last 5 invoices echo "

Last 5 Invoices

\n"; -$last_result = mysqli_query($db, "SELECT * FROM ogp_billing_invoices ORDER BY invoice_id DESC LIMIT 5"); +$last_result = mysqli_query($db, "SELECT * FROM {$table_prefix}billing_invoices ORDER BY invoice_id DESC LIMIT 5"); if (mysqli_num_rows($last_result) > 0) { echo "\n"; diff --git a/modules/billing/create_servers.php b/modules/billing/create_servers.php index 0e3a9ad9..b4ce246b 100644 --- a/modules/billing/create_servers.php +++ b/modules/billing/create_servers.php @@ -80,8 +80,8 @@ function exec_ogp_module() $settings = $db->getSettings(); $subject = "Gameserver Renewel at " . $settings['panel_name']; $email = $db->resultQuery(" SELECT DISTINCT users_email - FROM ogp_users, ogp_billing_orders - WHERE ogp_users.user_id = $user_id")[0]["users_email"]; + FROM {$table_prefix}users, {$table_prefix}billing_orders + WHERE {$table_prefix}users.user_id = $user_id")[0]["users_email"]; $message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been renewed.
Thank You for your continued support.
@@ -245,8 +245,8 @@ function exec_ogp_module() $settings = $db->getSettings(); $subject = "New Gameserver installed at " . $settings['panel_name']; $email = $db->resultQuery(" SELECT DISTINCT users_email - FROM ogp_users, ogp_billing_orders - WHERE ogp_users.user_id = $user_id")[0]["users_email"]; + FROM {$table_prefix}users, {$table_prefix}billing_orders + WHERE {$table_prefix}users.user_id = $user_id")[0]["users_email"]; $message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been created.
Thank You for your continued support.
diff --git a/modules/billing/forgot_password.php b/modules/billing/forgot_password.php index 9c1449c7..5e64fc97 100644 --- a/modules/billing/forgot_password.php +++ b/modules/billing/forgot_password.php @@ -31,7 +31,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) { $identifier = mysqli_real_escape_string($db, $identifier); // Check if it's an email or username - $query = "SELECT user_id, users_login, users_email FROM ogp_users + $query = "SELECT user_id, users_login, users_email FROM {$table_prefix}users WHERE users_login = '$identifier' OR users_email = '$identifier' LIMIT 1"; $result = mysqli_query($db, $query); @@ -43,10 +43,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) { $expires = date('Y-m-d H:i:s', strtotime('+1 hour')); // Check if password_reset_tokens table exists - $table_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_password_reset_tokens'"); + $table_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}password_reset_tokens'"); if (!$table_check || mysqli_num_rows($table_check) === 0) { // Create table if it doesn't exist - $create_table = "CREATE TABLE IF NOT EXISTS ogp_password_reset_tokens ( + $create_table = "CREATE TABLE IF NOT EXISTS {$table_prefix}password_reset_tokens ( id INT AUTO_INCREMENT PRIMARY KEY, user_id INT NOT NULL, token VARCHAR(64) NOT NULL, @@ -60,13 +60,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['request_reset'])) { } // Delete any existing tokens for this user - $stmt = $db->prepare("DELETE FROM ogp_password_reset_tokens WHERE user_id = ?"); + $stmt = $db->prepare("DELETE FROM {$table_prefix}password_reset_tokens WHERE user_id = ?"); $stmt->bind_param('i', $user['user_id']); $stmt->execute(); $stmt->close(); // Insert new token - $stmt = $db->prepare("INSERT INTO ogp_password_reset_tokens (user_id, token, expires) VALUES (?, ?, ?)"); + $stmt = $db->prepare("INSERT INTO {$table_prefix}password_reset_tokens (user_id, token, expires) VALUES (?, ?, ?)"); $stmt->bind_param('iss', $user['user_id'], $token, $expires); $stmt->execute(); $stmt->close(); diff --git a/modules/billing/includes/admin_auth.php b/modules/billing/includes/admin_auth.php index 5de15c90..8cdc6270 100644 --- a/modules/billing/includes/admin_auth.php +++ b/modules/billing/includes/admin_auth.php @@ -39,7 +39,7 @@ if (!$auth_db) { $uid = intval($_SESSION['website_user_id']); $role = ''; -$res = mysqli_query($auth_db, "SELECT users_role FROM ogp_users WHERE user_id = $uid LIMIT 1"); +$res = mysqli_query($auth_db, "SELECT users_role FROM {$table_prefix}users WHERE user_id = $uid LIMIT 1"); if ($res && mysqli_num_rows($res) === 1) { $row = mysqli_fetch_assoc($res); $role = (string)($row['users_role'] ?? ''); diff --git a/modules/billing/login.php b/modules/billing/login.php index 0177da21..6ca5a697 100644 --- a/modules/billing/login.php +++ b/modules/billing/login.php @@ -78,7 +78,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) { $resolved_uid = null; if ($db) { $safe = mysqli_real_escape_string($db, $username); - $res = @mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe' LIMIT 1"); + $res = @mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe' LIMIT 1"); if ($res && mysqli_num_rows($res) === 1) { $r = mysqli_fetch_assoc($res); $resolved_uid = intval($r['user_id'] ?? 0); diff --git a/modules/billing/my_account.php b/modules/billing/my_account.php index 5ebba5d3..7432bc5e 100644 --- a/modules/billing/my_account.php +++ b/modules/billing/my_account.php @@ -52,7 +52,7 @@ $user_id = intval($_SESSION['website_user_id'] ?? 0); // Fetch user information from database $user_info = null; if ($user_id > 0) { - $query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM ogp_users WHERE user_id = $user_id LIMIT 1"; + $query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = $user_id LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_num_rows($result) === 1) { $user_info = mysqli_fetch_assoc($result); @@ -74,13 +74,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['change_password'])) { } else { // Verify current password (using MD5 as per panel legacy) $current_hash = md5($current_password); - $verify_query = "SELECT user_id FROM ogp_users WHERE user_id = $user_id AND users_passwd = '$current_hash' LIMIT 1"; + $verify_query = "SELECT user_id FROM {$table_prefix}users WHERE user_id = $user_id AND users_passwd = '$current_hash' LIMIT 1"; $verify_result = mysqli_query($db, $verify_query); if ($verify_result && mysqli_num_rows($verify_result) === 1) { // Update password $new_hash = md5($new_password); - $update_query = "UPDATE ogp_users SET users_passwd = '$new_hash' WHERE user_id = $user_id LIMIT 1"; + $update_query = "UPDATE {$table_prefix}users SET users_passwd = '$new_hash' WHERE user_id = $user_id LIMIT 1"; if (mysqli_query($db, $update_query)) { $success_message = 'Password changed successfully!'; } else { @@ -101,11 +101,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_info'])) { if (!empty($email) && !filter_var($email, FILTER_VALIDATE_EMAIL)) { $error_message = 'Invalid email address.'; } else { - $update_query = "UPDATE ogp_users SET users_fname = '$fname', users_lname = '$lname', users_email = '$email' WHERE user_id = $user_id LIMIT 1"; + $update_query = "UPDATE {$table_prefix}users SET users_fname = '$fname', users_lname = '$lname', users_email = '$email' WHERE user_id = $user_id LIMIT 1"; if (mysqli_query($db, $update_query)) { $success_message = 'Account information updated successfully!'; // Refresh user info - $query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM ogp_users WHERE user_id = $user_id LIMIT 1"; + $query = "SELECT user_id, users_login, users_email, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = $user_id LIMIT 1"; $result = mysqli_query($db, $query); if ($result && mysqli_num_rows($result) === 1) { $user_info = mysqli_fetch_assoc($result); @@ -127,8 +127,8 @@ $servers_query = "SELECT o.home_id, o.end_date, bs.service_name - FROM ogp_billing_orders o - LEFT JOIN ogp_billing_services bs ON o.service_id = bs.service_id + FROM {$table_prefix}billing_orders o + LEFT JOIN {$table_prefix}billing_services bs ON o.service_id = bs.service_id WHERE o.user_id = $user_id ORDER BY o.order_id DESC"; $servers_result = mysqli_query($db, $servers_query); diff --git a/modules/billing/my_servers.php b/modules/billing/my_servers.php index 51fe4d15..26502637 100644 --- a/modules/billing/my_servers.php +++ b/modules/billing/my_servers.php @@ -28,8 +28,8 @@ $user_id = intval($_SESSION['website_user_id']); // Fetch user's active servers // We'll look for homes assigned to this user -// The relationship is: ogp_billing_orders -> user_id and contains home_id references -// We need to join with ogp_home to get server details +// The relationship is: {table_prefix}billing_orders -> user_id and contains home_id references +// We need to join with {table_prefix}home to get server details $query = "SELECT h.home_id, @@ -49,12 +49,12 @@ $query = "SELECT o.coupon_id, bc.code AS coupon_code, bc.discount_percent AS coupon_discount_percent - FROM ogp_home h - LEFT JOIN ogp_remote_servers rs ON h.remote_server_id = rs.remote_server_id - LEFT JOIN ogp_game_configs gc ON h.home_cfg_id = gc.home_cfg_id - LEFT JOIN ogp_billing_orders o ON h.user_id = o.user_id - LEFT JOIN ogp_billing_services bs ON o.service_id = bs.service_id - LEFT JOIN ogp_billing_coupons bc ON o.coupon_id = bc.coupon_id + FROM {$table_prefix}home h + LEFT JOIN {$table_prefix}remote_servers rs ON h.remote_server_id = rs.remote_server_id + LEFT JOIN {$table_prefix}game_configs gc ON h.home_cfg_id = gc.home_cfg_id + LEFT JOIN {$table_prefix}billing_orders o ON h.user_id = o.user_id + LEFT JOIN {$table_prefix}billing_services bs ON o.service_id = bs.service_id + LEFT JOIN {$table_prefix}billing_coupons bc ON o.coupon_id = bc.coupon_id WHERE h.user_id = $user_id ORDER BY h.home_id DESC"; diff --git a/modules/billing/order.php b/modules/billing/order.php index 365a5318..ddcee005 100644 --- a/modules/billing/order.php +++ b/modules/billing/order.php @@ -16,7 +16,7 @@ When the user clicks the "Add to Cart" button, the next page to load is "add_to_ All the configuration info is passed to the add_to_cart.php in hidden fields In our website, we are setting "post" pages with a "Tag". The first tag in our post should be the service ID from the services table -There are other methods that might be better to get the info. But all we need is the "service_ID" in the "ogp_billing_services" table +There are other methods that might be better to get the info. But all we need is the "service_ID" in the "{$table_prefix}billing_services" table This method means we can use one code block in every game page and fill in the data dynamically. */ @@ -42,7 +42,7 @@ include(__DIR__ . '/includes/menu.php'); $new_description = str_replace("\\r\\n", "
", $_POST['description']); $service = $_POST['service_id']; - $change_description = "UPDATE opg_billing_services + $change_description = "UPDATE {$table_prefix}billing_services SET description ='".$new_description."' WHERE service_id=".$service; $save = $db->query($change_description); @@ -60,7 +60,7 @@ THIS IS WHAT WE DISPLAY ON THE SHOP PAGE AT THE TOP query($qry_services); if (isset($_REQUEST['service_id']) && $services === false) { @@ -191,7 +191,7 @@ if ($row['price_monthly'] == 0.0) { //loop through each of the assigned servers and see if its disabled foreach($rsiArray as $rsi) { - $query = "SELECT * FROM ogp_remote_servers WHERE remote_server_id = ".$rsi; + $query = "SELECT * FROM {$table_prefix}remote_servers WHERE remote_server_id = ".$rsi; $result = $db->query($query); foreach($result as $rs) { diff --git a/modules/billing/register.php b/modules/billing/register.php index ed2c450d..5492002e 100644 --- a/modules/billing/register.php +++ b/modules/billing/register.php @@ -3,7 +3,7 @@ session_name("gameservers_website"); session_start(); require_once(__DIR__ . '/includes/config.inc.php'); -// Simple registration form (creates a user in ogp_users with MD5 password) +// Simple registration form (creates a user in {table_prefix}users with MD5 password) if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['username']) && !empty($_POST['password'])) { $db = mysqli_connect($db_host, $db_user, $db_pass, $db_name); if ($db) { @@ -21,16 +21,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['username']) && !empt // Try to insert with shadow column if it exists $has_shadow = false; - $res = $db->query("SHOW COLUMNS FROM ogp_users LIKE 'users_pass_hash'"); + $res = $db->query("SHOW COLUMNS FROM {$table_prefix}users LIKE 'users_pass_hash'"); if ($res && $res->num_rows > 0) { $has_shadow = true; } if ($has_shadow) { - $stmt = $db->prepare("INSERT INTO ogp_users (users_login, users_passwd, users_pass_hash, users_email, users_role) VALUES (?, ?, ?, ?, 'user')"); + $stmt = $db->prepare("INSERT INTO {$table_prefix}users (users_login, users_passwd, users_pass_hash, users_email, users_role) VALUES (?, ?, ?, ?, 'user')"); $stmt->bind_param('ssss', $username, $md5pw, $modern, $email); } else { - $stmt = $db->prepare("INSERT INTO ogp_users (users_login, users_passwd, users_email, users_role) VALUES (?, ?, ?, 'user')"); + $stmt = $db->prepare("INSERT INTO {$table_prefix}users (users_login, users_passwd, users_email, users_role) VALUES (?, ?, ?, 'user')"); $stmt->bind_param('sss', $username, $md5pw, $email); } diff --git a/modules/billing/renew_server.php b/modules/billing/renew_server.php index ac10eb4c..005bf7c7 100644 --- a/modules/billing/renew_server.php +++ b/modules/billing/renew_server.php @@ -24,7 +24,7 @@ if (!$db) { $user_id = intval($_SESSION['website_user_id'] ?? $_SESSION['user_id'] ?? 0); if ($user_id <= 0 && isset($_SESSION['website_username']) && !empty($_SESSION['website_username'])) { $safe_uname = mysqli_real_escape_string($db, $_SESSION['website_username']); - $qr = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1"); + $qr = mysqli_query($db, "SELECT user_id FROM {$table_prefix}users WHERE users_login = '$safe_uname' LIMIT 1"); if ($qr && mysqli_num_rows($qr) === 1) { $rr = mysqli_fetch_assoc($qr); $user_id = intval($rr['user_id'] ?? 0); @@ -47,7 +47,7 @@ if ($order_id <= 0 || $user_id <= 0) { } // Fetch order and verify ownership (get all needed fields for invoice creation) -$stmt = $db->prepare('SELECT order_id, user_id, service_id, qty, invoice_duration, price, home_id, home_name, ip, max_players, remote_control_password, ftp_password FROM ogp_billing_orders WHERE order_id = ? LIMIT 1'); +$stmt = $db->prepare("SELECT order_id, user_id, service_id, qty, invoice_duration, price, home_id, home_name, ip, max_players, remote_control_password, ftp_password FROM {$table_prefix}billing_orders WHERE order_id = ? LIMIT 1"); if (!$stmt) { header('Location: ' . $redirect_to); exit; @@ -73,7 +73,7 @@ if (intval($order['user_id']) !== intval($user_id)) { $service_id = intval($order['service_id'] ?? 0); $price_val = floatval($order['price'] ?? 0.0); if ($service_id > 0) { - $sstmt = $db->prepare('SELECT price_monthly, price_year FROM ogp_billing_services WHERE service_id = ? LIMIT 1'); + $sstmt = $db->prepare("SELECT price_monthly, price_year FROM {$table_prefix}billing_services WHERE service_id = ? LIMIT 1"); if ($sstmt) { $sstmt->bind_param('i', $service_id); $sstmt->execute(); @@ -93,7 +93,7 @@ if ($service_id > 0) { // Get user email for invoice $user_email = ''; $user_name = ''; -$user_stmt = $db->prepare('SELECT users_email, users_login, users_fname, users_lname FROM ogp_users WHERE user_id = ? LIMIT 1'); +$user_stmt = $db->prepare("SELECT users_email, users_login, users_fname, users_lname FROM {$table_prefix}users WHERE user_id = ? LIMIT 1"); if ($user_stmt) { $user_stmt->bind_param('i', $user_id); $user_stmt->execute(); @@ -163,9 +163,9 @@ if ($inv_insert) { // Try to log to panel logger $logger_table = null; - $check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_logger'"); + $check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}logger'"); if ($check && mysqli_num_rows($check) > 0) { - $logger_table = 'ogp_logger'; + $logger_table = '{$table_prefix}logger'; } else { $reslt = mysqli_query($db, "SHOW TABLES LIKE '%logger'"); if ($reslt && mysqli_num_rows($reslt) > 0) { @@ -204,7 +204,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['confirm_renewal'])) { $price = ($duration === 'year' && !empty($order['price_year']) && floatval($order['price_year']) > 0) ? floatval($order['price_year']) : floatval($order['price_monthly']); // Prepare update to set this order into renew state - if ($upd = $db->prepare("UPDATE ogp_billing_orders SET status = ?, invoice_duration = ?, qty = ?, price = ? WHERE order_id = ? AND user_id = ? LIMIT 1")) { + if ($upd = $db->prepare("UPDATE {$table_prefix}billing_orders SET status = ?, invoice_duration = ?, qty = ?, price = ? WHERE order_id = ? AND user_id = ? LIMIT 1")) { $new_status = 'renew'; $orderIdInt = intval($order_id); $userIdInt = intval($user_id); diff --git a/modules/billing/reset_password.php b/modules/billing/reset_password.php index bc30fb50..420107fa 100644 --- a/modules/billing/reset_password.php +++ b/modules/billing/reset_password.php @@ -32,7 +32,7 @@ if (empty($token)) { $token = mysqli_real_escape_string($db, $token); // Verify token - $query = "SELECT user_id, expires, used FROM ogp_password_reset_tokens + $query = "SELECT user_id, expires, used FROM {$table_prefix}password_reset_tokens WHERE token = '$token' LIMIT 1"; $result = mysqli_query($db, $query); @@ -70,7 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['reset_password']) && // Check if shadow column exists $has_shadow = false; - $res_cols = mysqli_query($db, "SHOW COLUMNS FROM ogp_users LIKE 'users_pass_hash'"); + $res_cols = mysqli_query($db, "SHOW COLUMNS FROM {$table_prefix}users LIKE 'users_pass_hash'"); if ($res_cols && mysqli_num_rows($res_cols) > 0) { $has_shadow = true; } @@ -78,16 +78,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['reset_password']) && // Update password if ($has_shadow) { $modern_hash = password_hash($new_password, PASSWORD_DEFAULT); - $stmt = $db->prepare("UPDATE ogp_users SET users_passwd = ?, users_pass_hash = ? WHERE user_id = ?"); + $stmt = $db->prepare("UPDATE {$table_prefix}users SET users_passwd = ?, users_pass_hash = ? WHERE user_id = ?"); $stmt->bind_param('ssi', $md5_password, $modern_hash, $user_id); } else { - $stmt = $db->prepare("UPDATE ogp_users SET users_passwd = ? WHERE user_id = ?"); + $stmt = $db->prepare("UPDATE {$table_prefix}users SET users_passwd = ? WHERE user_id = ?"); $stmt->bind_param('si', $md5_password, $user_id); } if ($stmt->execute()) { // Mark token as used - $stmt2 = $db->prepare("UPDATE ogp_password_reset_tokens SET used = 1 WHERE token = ?"); + $stmt2 = $db->prepare("UPDATE {$table_prefix}password_reset_tokens SET used = 1 WHERE token = ?"); $stmt2->bind_param('s', $token); $stmt2->execute(); $stmt2->close(); diff --git a/modules/billing/server_status.php b/modules/billing/server_status.php index 1aad2b7b..0eb87b91 100644 --- a/modules/billing/server_status.php +++ b/modules/billing/server_status.php @@ -21,10 +21,10 @@ include(__DIR__ . '/includes/top.php'); include(__DIR__ . '/includes/menu.php'); // Check if server status table exists, if not create it -$table_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_server_status'"); +$table_check = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}server_status'"); if (!$table_check || mysqli_num_rows($table_check) === 0) { // Create table for server status updates - $create_table = "CREATE TABLE IF NOT EXISTS ogp_server_status ( + $create_table = "CREATE TABLE IF NOT EXISTS {$table_prefix}server_status ( status_id INT AUTO_INCREMENT PRIMARY KEY, remote_server_id INT NOT NULL, server_name VARCHAR(255) NOT NULL, @@ -55,8 +55,8 @@ $query = "SELECT ss.uptime, ss.last_updated, ss.notes - FROM ogp_remote_servers rs - LEFT JOIN ogp_server_status ss ON rs.remote_server_id = ss.remote_server_id + FROM {$table_prefix}remote_servers rs + LEFT JOIN {$table_prefix}server_status ss ON rs.remote_server_id = ss.remote_server_id ORDER BY rs.remote_server_name"; $result = mysqli_query($db, $query); diff --git a/modules/billing/serverlist.php b/modules/billing/serverlist.php index 841a6ee8..6bb4f3af 100644 --- a/modules/billing/serverlist.php +++ b/modules/billing/serverlist.php @@ -24,7 +24,7 @@ if (!$db) { if (isset($_POST['save']) && !empty($_POST['description'])) { $new_description = str_replace("\\r\\n", "
", $_POST['description']); $service = intval($_POST['service_id']); - $stmt = $db->prepare("UPDATE ogp_billing_services SET description = ? WHERE service_id = ?"); + $stmt = $db->prepare("UPDATE {$table_prefix}billing_services SET description = ? WHERE service_id = ?"); $stmt->bind_param("si", $new_description, $service); $stmt->execute(); $stmt->close(); @@ -33,7 +33,7 @@ if (isset($_POST['save']) && !empty($_POST['description'])) { // Fetch services $service_id = isset($_REQUEST['service_id']) ? intval($_REQUEST['service_id']) : 0; $where_service_id = $service_id !== 0 ? "WHERE enabled = 1 AND service_id = $service_id" : "WHERE enabled = 1"; -$qry_services = "SELECT * FROM ogp_billing_services $where_service_id ORDER BY service_name"; +$qry_services = "SELECT * FROM {$table_prefix}billing_services $where_service_id ORDER BY service_name"; $services = $db->query($qry_services); if (!$services) { diff --git a/modules/billing/test_db_connection.php b/modules/billing/test_db_connection.php index 061ad552..bc8cbe21 100644 --- a/modules/billing/test_db_connection.php +++ b/modules/billing/test_db_connection.php @@ -2,7 +2,7 @@ /** * Database Connection Test Script * - * This script tests the database connection and queries the ogp_users table + * This script tests the database connection and queries the {$table_prefix}users table * to verify the login functionality will work correctly. * * ⚠️ SECURITY WARNING: Delete this file after testing! @@ -53,14 +53,14 @@ if ($db && mysqli_ping($db)) { } echo ""; -// Test 2: Check if ogp_users table exists +// Test 2: Check if {$table_prefix}users table exists echo "
"; -echo "

Test 2: Check ogp_users Table

"; -$result = mysqli_query($db, "SHOW TABLES LIKE 'ogp_users'"); +echo "

Test 2: Check {$table_prefix}users Table

"; +$result = mysqli_query($db, "SHOW TABLES LIKE '{$table_prefix}users'"); if ($result && mysqli_num_rows($result) > 0) { - echo "

✓ ogp_users table exists!

"; + echo "

✓ {$table_prefix}users table exists!

"; } else { - echo "

✗ ogp_users table not found!

"; + echo "

✗ {$table_prefix}users table not found!

"; echo "
"; exit(); } @@ -69,7 +69,7 @@ echo ""; // Test 3: Check table structure echo "
"; echo "

Test 3: Table Structure

"; -$result = mysqli_query($db, "DESCRIBE ogp_users"); +$result = mysqli_query($db, "DESCRIBE {$table_prefix}users"); if ($result) { echo "

✓ Table structure retrieved

"; echo "

Columns:

";
@@ -85,7 +85,7 @@ echo "
"; // Test 4: Count users echo "
"; echo "

Test 4: User Count

"; -$result = mysqli_query($db, "SELECT COUNT(*) as count FROM ogp_users"); +$result = mysqli_query($db, "SELECT COUNT(*) as count FROM {$table_prefix}users"); if ($result) { $row = mysqli_fetch_assoc($result); echo "

✓ Total users in database: " . $row['count'] . "

"; @@ -98,7 +98,7 @@ echo "
"; echo "
"; echo "

Test 5: Required Columns Check

"; $required_columns = ['user_id', 'users_login', 'users_passwd', 'users_role', 'users_email']; -$result = mysqli_query($db, "SHOW COLUMNS FROM ogp_users"); +$result = mysqli_query($db, "SHOW COLUMNS FROM {$table_prefix}users"); $existing_columns = []; while ($row = mysqli_fetch_assoc($result)) { $existing_columns[] = $row['Field']; diff --git a/themes/AdminLTE-2/dist/php/theme.class.php b/themes/AdminLTE-2/dist/php/theme.class.php index a0f1978f..7eb2914a 100644 --- a/themes/AdminLTE-2/dist/php/theme.class.php +++ b/themes/AdminLTE-2/dist/php/theme.class.php @@ -393,7 +393,7 @@ class Theme // delete old stats (keep only entries from last 1 day) $ThemeDB->query(" - DELETE FROM ogp_adminlte_serverstats WHERE current_stamp < DATE_ADD(NOW(), INTERVAL -1 DAY) + DELETE FROM ".$ThemeDB->serverStatsTable." WHERE current_stamp < DATE_ADD(NOW(), INTERVAL -1 DAY) "); return "successfully updated";