Untitled

<?php
include('./classes/homepage/IndexHeader.php');

$index = 'index';
$ip_check = $mysqli->query("SELECT * FROM users WHERE ip_last = '" . $my->ip . "' ");
if ($ip_check->num_rows < 6) {

    if (isset($_POST['submit'])) {
        if (isset($_SESSION['step2'])) {
            $username = protect($_SESSION['username']);
            $pw = $_SESSION['password'];

            $mail = protect($_POST['mail']);
            $sicherheitsfrage = protect($_POST['sicherheitsfrage']);
            $sicherheitsantwort = protect($_POST['sicherheitsantwort']);
            $startroom = '0';
            $g_captcha = protect($_POST['g-recaptcha-response']);

            $check = $mysqli->query("SELECT * FROM users WHERE UPPER(mail) = '" . strtoupper($mail) . "' ");
            if ($check->num_rows < 1) {
                if (filter_var($mail, FILTER_VALIDATE_EMAIL)) {

                } else {
                    $msg = 'E-Mail Adresse ist nicht g&uuml;ltig!';
                }
            } else {
                $msg = 'E-Mail Adresse existiert bereits!';
            }


            if (isset($msg)) {
                $fehler = 'true';
            } else {
                if (strlen($sicherheitsantwort) > 2) {


                    $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $register->googlecatpchasecretkey . "&response=" . $$g_captcha . "&remoteip=" . $my->ip);
                    if ($response . success == false) {
                        $msg = 'faBitte fÃ¼lle den Captcha aus!';
                        $fail = 'true';
                    } else {


                        $mysqli->query("INSERT INTO users (username, password, auth_ticket, rank, credits, activity_points, vip_points, look, motto, mail, account_created, ip_last, ip_reg, home_room, birth, privacy_ownsite, privacy_ownsite_money, privacy_ownsite_rooms, privacy_highscore, startroom, websocket, sicherheitsfrage, sicherheitsantwort, last_online, status, staff_inacc) VALUES
('" . $username . "', '" . $pw . "', '-/-', '1', '" . $register->credits . "', '" . $register->duckets . "', '" . $register->dias . "', '" . getSettings('register_look1') . "', '" . $register->motto . "', '" . $mail . "', '" . time() . "', '" . $my->ip . "', '" . $my->ip . "', '" . $register->homeroom . "', '0', '1', '1', '1', '1', '" . $startroom . "', '0', '" . $sicherheitsfrage . "', '" . $sicherheitsantwort . "', '0', '1', '0') ");

                        $searchid = $mysqli->query("SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1");
                        $row = $searchid->fetch_object();


                        $mysqli->query("INSERT INTO user_stats (id) VALUES ('" . $row->id . "') ");
                        $mysqli->query("INSERT INTO hp_modlog (user_id, action, bemerkung, timestamp) VALUES ('" . $row->id . "', 'register', '', '" . time() . "') ");

                        if (isset($_SESSION['ref_name'])) {
                            $ref_name = protect($_SESSION['ref_name']);

                            $check = $mysqli->query("SELECT * FROM users WHERE username = '" . $ref_name . "' ");
                            if ($check->num_rows > 0) {
                                $ref = $check->fetch_object();

                                $mysqli->query("INSERT INTO user_geworben (eingeladen_id, einlader_id, eingeladen_ip) VALUES ('" . $row->id . "', '" . $ref->id . "', '" . $my->ip . "') ");
                                $mysqli->query("UPDATE users SET credits = credits+4500, vip_points = vip_points+2 WHERE id = '" . $ref->id . "' ");
                                MUS('addFriend', $ref->einlader_id . ' ' . $row->id);
                                aktivitaetenstreamown($row->username, '... hat sich mit deinem REF-Link bei uns regisriert!');
                            }
                        }


                        if (getlogin($row->id, $row->username, $row->password, 'REGISTER', 'keineweiterleitung') == 'true') {
                            header("location: $path/me");
                            exit;
                        } else {
                            echo 'not logged in';
                        }
                    }
                } else {
                    $msg = 'Deine Sicherheitsantwort muss min. 3 Zeichen enthalten!';
                }
            }
        } else {
            $username = protect($_POST['username']);
            $pw = protect($_POST['pw']);
            $pwd = protect($_POST['pwd']);
            if (preg_match("/^[a-zA-Z0-9._]{3,15}$/", $username)) {
                $check = $mysqli->query("SELECT * FROM users WHERE UPPER(username) = '" . strtoupper($username) . "' ");
                if ($check->num_rows < 1) {
                    if (strlen($username) > 2) {
                        if (strlen($username) < 21) {
                            if (substr(strtolower($username), 0, 4) == 'mod-' || substr(strtolower($username), 0, 4) == 'adm-' || substr(strtolower($username), 0, 6) == 'staff-') {
                                $msg = 'faDieser Benutzername ist nicht zugelassen!';
                            } else {

                            }
                        } else {
                            $msg = 'Der Benutzername ist zulang!';
                        }
                    } else {
                        $msg = 'Username zu kurz!';
                    }
                } else {
                    $msg = 'Username existiert bereits!';
                }
            } else {
                $msg = 'Es gibt ungÃ¼ltige Zeichen in deinem Username!';
            }

            if (isset($msg)) {
                $fehler = 'true';
            } else {
                if ($pw == $pwd) {
                    if (strlen($pw) > 7) {
                        $_SESSION['step2'] = true;
                        $_SESSION ['password'] = pwhash($pw);
                        $_SESSION['username'] = $username;
                    } else {
                        $msg = 'Dein Passwort muss mindestens 8 Zeichen haben!';
                        $fehler = 'true';
                    }
                } else {
                    $msg = 'Passw&ouml;rter stimmen nicht &uuml;berrein';
                    $fehler = 'true';
                }
            }
        }
    }
} else {
    $index = 'moreAccounts';
}
?>


<div id="header">


    <div id="login">
        <div id="avatar">
            <div id="onlinebox">
                <b><?php echo getServerCount('users'); ?></b> <?php
                if (getServerCount('users') == '1') {
                    echo 'Habbo';
                } else {
                    echo 'Habbos';
                }
                ?> online

            </div>
        </div>

        <div id="avatar2"></div>

        </form>
    </div>
    <div id="logo"></div>
</div>


<?php if ($index == 'index') { ?>
    <style>
        .center {
            width: 100%;
            margin: 0px auto;
        }

        .input {
            float: left;
        }

        .check {
            float: left;
            margin-left: 20px;
            width: 220px;
            height: 33px;
            line-height: 35px;
            text-align: center;
            border: 1px solid rgba(0, 0, 0, 0.2);
            border-bottom: 2px solid rgba(0, 0, 0, 0.2);
            border-radius: 3px;
            font-size: 12px;
        }

        .room {

            height: 167px;
            width: 167px;
            border: 3px solid rgba(0, 0, 0, 0.2);
            border-bottom: 2px solid rgba(0, 0, 0, 0.2);
            float: left;
            border-radius: 5px;
            margin-right: 20px;
            cursor: pointer;
        }

        .room.active {
            border: 3px solid #2AB8D6;

        }

        .room1 {
            background: url('<?php echo $path; ?>/public/images/register/room1.png') no-repeat;
            background-color: #000;
            background-size: 150%;
            background-position: 40% 50%;
        }

        .room2 {
            background: url('<?php echo $path; ?>/public/images/register/room2.png') no-repeat;
            background-color: #000;
            background-size: 150%;
            background-position: 40% 50%;
        }

        .room3 {
            background: url('<?php echo $path; ?>/public/images/register/room3.png') no-repeat;
            background-color: #000;
            background-size: 150%;
            background-position: 48% 50%;
        }

        .small {
            float: left;
            width: 100%;
            height: 20px;
            font-size: 12px;
            color: rgba(255, 255, 255 0.7);
            margin-bottom: 25px;
            margin-top: 5px;
            margin-left: 10px;
        }

        .preis {
            float: left;
            background: #A58D57;
            width: 345px;
            height: 25px;
            line-height: 25px;
            padding-left: 10px;
            margin-bottom: 10px;
            border-radius: 4px;
            border: 2px solid #E3C47C;
            -webkit-box-shadow: 0 0 0 1px #000;
            box-shadow: 0 0 0 1px #000;
            color: #FFF;
            text-shadow: 1px 1px 0 #000;
        }

        .preis .icon{
            float:right;
            background: url('https://habbo.tl/public/images/me/6.png') no-repeat;
            background-position: 35% 50%;
            height: 25px;
            width: 25px;
            border-radius: 4px;
            border: 2px solid #E3C47C;
            margin-top: -2px;
            margin-right: -3px;
            -webkit-box-shadow: 0 0 0 1px #000;
            box-shadow: 0 0 0 1px #000;
        }

        #msg {
            float: left;
            width: 1000px;
            height: 35px;
            line-height: 35px;
            text-align: center;
            background: #B62B1C;
            font-size: 14px;
            color: #FFF;
            border-bottom: 2px solid rgba(0, 0, 0, 0.2);
            border-radius: 4px;

            margin-top: 10px;
        }

    </style>
    <div id="center">

        <?php if (isset($msg)) { ?>
            <?php if ($fehler == 'true') { ?>
                <div id="msg" class="red"><?php echo $msg; ?></div>
            <?php } else { ?>
                <div id="msg" class="green"><?php echo $msg; ?></div>
            <?php } ?>
        <?php } ?>

        <?php if (isset($_SESSION['step2'])) {
            ?>
            <div id="box" class="box register" style="color: #FFF;background: rgba(0, 0, 0, 0.6);float: right;width: 560px;height: 410px;margin-bottom: 10px;">
                <form action="" method="post">
                    <script src='https://www.google.com/recaptcha/api.js'></script>
                    <b>E-Mail Adresse</b><br>
                    <input type="text"  class="input input-email" name="mail" style="width: 540px;">
                    <div class="small">Bitte gib eine aktuelle E-Mail Adresse an, mit dieser du dein Passwort jederzeit zur&uuml;cksetzten kannst. </div><br><br>


                    <b>Sicherheitsfrage</b><br>
                    <select name="sicherheitsfrage" class="input input-sicherheitsfrage"  style="width: 540px;">
                        <option value="1">Wie hei&szlig;t dein bester Freund mit Vornamen?</option>
                        <option value="2">Wie hei&szlig;t die erste Schule die du besucht hast?</option>
                        <option value="3">Wie hei&szlig;t du mit zweitem Vornamen?</opion>
                        <option value="4">Wann hat deine Mutter Geburtstag? </option>
                        <option value="5">Wann hast du deine erste Reise angetreten?</option>
                    </select><br><br>

                    <input type="text" class="input input-sicherheitsantwort" name="sicherheitsantwort"  style="margin-top: 10px;width: 540px;">

                    <div class="small">Die Sicherheitsfrage ist insofern wichtig, damit du dein Passwort sofort bei abhandenkommen &auml;ndern kannst.  </div><br><br>


                    <div style="float: right;">
                        <div class="small" style="float: right;width:220px;margin-top: 20px;">Mit dem abschliessen der Registration, akzeptierst du unsere AGB.</div>
                    </div>

                    <div style="margin-top: 20px;">
                        <div class="g-recaptcha" data-sitekey="6LdrqAcTAAAAACoQ0M2wwnWZrVtVGmmgcg-I8wca"></div>
                    </div>


                    <input type="submit" class="submit green" name="submit" value="Account registrieren" style="width: 560px;margin-top: 40px;">
                </form>
            </div>
        <?php } else { ?>
            <div id="box" class="box register" style="color: #FFF;background: rgba(0, 0, 0, 0.6);float: right;width: 560px;height: 360px;margin-bottom: 10px;">
                <form action="" method="post">
                    <b>Username</b><br>
                    <input type="text" class="input input-username" name="username" style="width: 560px;" value="<?php echo $username; ?>">
                    <div class="small">Bitte gib einen Habbo Nutzernamen an, mit diesem Namen bist du im Hotel sichtbar. </div><br><br>


                    <b>Passwort</b><br>
                    <input type="password" class="input input-password" name="pw" style="width: 560px;">
                    <div class="small">Bitte gib ein vertrauliches Passwort ein, dieses muss mindestens 8 Zeichen beinhalten.</div><br><br>

                    <b>Passwort wiederholen</b><br>
                    <input type="password" class="input input-password2" name="pwd" style="width: 560px;">
                    <div class="small">Nur um sicherzugehen, dass du dein Passwort nicht unabsichtlich falsch geschrieben hast,<br> best&auml;tige es ein weiteres mal.</div><br><br>
                    <br>

                    <input type="submit" class="submit green" style="width: 560px;" name="submit" value="Weiter zum 2. Schritt">
                </form>
            </div>
        <?php } ?>

        <div id="box" class="box userinfo" style="width: 360px;float: left;height: 170px;">
            <div id="headtitle"">Das bist Du!</div>
            <div class="platte" style="float: left;margin-left:-15px;margin-top:-10px;background:url(<?php echo $path; ?>/public/images/me/platte.png) no-repeat;background-position:50% 50%;width:119px;height:195px">
                <img src="<?php echo $avatar . getSettings('register_look1'); ?>&head_direction=3&action=wav&gesture=sml" style="margin-top: -5px;position: absolute;margin-left: 25px;">
            </div>
            <br><span style="font-size: 13px;">Ich hei&#xdf;e im Habbo.tl:</span><br>
            &#xbb; <b style="font-size: 14px;"><?php
                if (isset($username)) {
                    echo $username;
                } else {
                    echo 'Unbekannt';
                }
                ?></b>

            <br><br>
        </div>
        <div id="box" class="box userinfo" style="width: 360px;height: 160px;float: left;">
            <div id="headtitle">Willkommensgeschenk</div>
            <div class="preis">
                <div class="icon" style=""></div>
                <b><?php echo number_format($register->credits, 0, ',', ' '); ?></b> Taler
            </div>

            <div class="preis" style="background: #A46615;border-color: #E28D1D;">
                <div class="icon" style="border-color: #E28D1D;background: url('https://habbo.tl/public/images/me/5.png')30% 50% no-repeat;"></div>
                <b><?php echo number_format($register->duckets, 0, ',', ' '); ?></b> Duckets
            </div>

            <div class="preis" style="background: #875989;border-color: #BA7CC2;">
                <div class="icon" style="border-color: #BA7CC2;background: url('https://habbo.tl/public/images/me/8.png')50% 50% no-repeat;"></div>
                <b><?php echo number_format($register->dias, 0, ',', ' '); ?></b> Diamanten
            </div>

        </div>

    </div>


<?php } ?>

<?php if ($index == 'moreAccounts') {
    ?>
    <div id="box" class="box register" style="float: right;width: 978px;height: 80px;margin-bottom: 10px;">
        <div id="headtitle">Multiaccount</div>

        <center>Du kannst dich nicht mehr im Habbo Hotel registrieren, da du bereits mehr als 2 Accounts hast.</center>
    </div>

<?php } ?>

<?php include('./classes/homepage/IndexFooter.php'); ?>

<script>

    function roomx(id)
    {
        var id = id;
        $(".room").removeClass('active');
        $(".room" + id).addClass('active');
        $(".startroom").val(id);
    }


</script>