Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(!isset($config->complete))
- {
- return include $pages['setup'];
- }
- if(isset($_POST['cmd']))
- {
- $messages = array();
- switch($_POST['cmd'])
- {
- case 'login':
- if(!$core->allset($_POST, 'user', 'pass'))
- {
- break;
- }
- if(strlen($_POST['user']) == 0)
- {
- $messages[] = 'Please enter your username';
- }
- if(strlen($_POST['pass']) == 0)
- {
- $messages[] = 'Please enter your password';
- }
- if(!empty($messages)) break;
- $user = $mysql->fetch_array('select * from `users` where `username`=:a;', array('a' => $_POST['user']));
- if(empty($user) || !$mysql->validate($_POST['pass'], $user[0]['password']))
- {
- $messages[] = 'Bad username / password';
- break;
- }
- $loginKey = md5(time() . json_encode($_POST));
- setCookie('loginKey', $loginKey, strtotime('+ 1 year'));
- $_COOKIE['loginKey'] = $loginKey;
- $mysql->query('update `users` set `loginKey`=:a where `username`=:b;', array('a' => $loginKey, 'b' => $user[0]['username']));
- $messages[] = 'You will be redirected momentarily' . $core->refreshLogin();
- $core->auth = true;
- break;
- case 'register':
- if(!$core->allset($_POST, 'user', 'pass', 'mail'))
- {
- break;
- }
- if(strlen($_POST['user']) < 5 || strlen($_POST['user']) > 32 || !ctype_alnum($_POST['user']))
- {
- $messages[] = 'Your username requires 5-15 alpha-numeric characters (a-z/0-9)';
- }
- if(strtolower($_POST['user']) == 'unregistered')
- {
- $messages[] = 'That username is reserved.';
- }
- if(strlen($_POST['pass']) < 6)
- {
- $messages[] = 'You are required to choose a password with at least 6 characters.';
- }
- if(!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL))
- {
- $messages[] = 'Please enter a valid email address.';
- }
- if(!empty($messages)) break;
- $count = $mysql->fetch_array('select count(*) as `count` from `users` where `username`=:a or `email`=:b or (`connectedlast`=:c and `username`!=:d);', array('a' => $_POST['user'], 'b' => $_POST['mail'], 'c' => $_SERVER['REMOTE_ADDR'], 'd' => ''));
- if($count[0]['count'] > 0)
- {
- $messages[] = 'Someone already registered with that username, or you already have an account.';
- break;
- }
- /* Insert Pre-Registration-ID Here (Unregistered) */
- $vals = array(
- 'id' => 'NULL',
- 'username' => $_POST['user'],
- 'nickname' => $_POST['user'],
- 'password' => $mysql->hash($_POST['pass']),
- 'avatar' => rand(0, 1759),
- 'url' => '',
- 'k' => rand(-1000000, 1000000),
- 'k2' => rand(-1000000, 1000000),
- 'k3' => rand(-1000000, 1000000),
- 'xats' => $config->xats,
- 'reserve' => $config->xats,
- 'days' => time() + ($config->days * 86400),
- 'email' => $_POST['mail'],
- 'powers' => '',
- 'enabled' => '1',
- 'transferblock' => '',
- 'connectedlast' => $_SERVER['REMOTE_ADDR'],
- 'rank' => 1
- );
- $result = $mysql->insert('users', $vals);
- if(isset($_COOKIE['referral']) && is_numeric($_COOKIE['referral']))
- {
- //$mysql->query('update `users` set `credit`=`credit`+125 where `id`=:uid;', array('uid' => $_COOKIE['referral']));
- }
- $messages[] = "Registration successful, you may now login";
- break;
- case 'update_bio':
- if($core->auth)
- {
- $mysql->query('update `users` set `xavi`=:xavi where `id`=' . $core->user['id'] . ';', array('xavi' => $_POST['bio']));
- }
- break;
- case 'update_pawn':
- if(isset($core->auth))
- {
- if($core->user['custpawn'] != '')
- {
- if(substr($_POST['update_pawn'], 0, 1) == '#')
- {
- $_POST['update_pawn'] = substr($_POST['update_pawn'], 1);
- }
- if(!isset($_POST['update_pawn']) || strlen($_POST['update_pawn']) != 6 || !ctype_xdigit($_POST['update_pawn']))
- {
- $_POST['update_pawn'] = 'off';
- }
- $mysql->query('update `users` set `custpawn`=:pawn where `id`=' . $core->user['id'] . ';', array('pawn' => $_POST['update_pawn']));
- }
- }
- break;
- }
- foreach($messages as $message)
- {
- print '<div class="alert alert-dismissable alert-warning">
- <button type="button" class="close" data-dismiss="alert">×</button>
- '.$message.'
- </div>';
- }
- }
- if(!isset($_GET['u']) && isset($core->user['username']))
- {
- $_GET['u'] = $core->user['username'];
- }
- if(isset($_GET['u']) && ctype_alnum($_GET['u']))
- {
- $user = $mysql->fetch_array('select * from `users` where `username`=:uname or `id`=:uid;', array('uname' => $_GET['u'], 'uid' => $_GET['u']));
- if(count($user) == 1)
- {
- $nickname = htmlspecialchars(substr($user[0]['nickname'], 0, strpos($user[0]['nickname'] . '##', '##')));
- $nickname = preg_replace('/\([^)]*\)+/', '', $nickname);
- $pcount = $mysql->fetch_array('select count(*) from `userpowers` where `userid`=:userid;', array('userid' => $user[0]['id']));
- print '<div class="block c5">';
- print '<div class="heading">' . substr($nickname, 0, 50) . '</div>';
- print '<table style="width: 99%">';
- print '<tr> <td> Xats </td> <td class="tr"> ' . $user[0]['xats'] . ' </td> </tr>';
- print '<tr> <td> Days </td> <td class="tr"> ' . floor($user[0]['days'] / 86400) . ' </td> </tr>';
- print '<tr> <td> Powers </td> <td class="tr"> ' . $pcount[0]['count(*)'] . ' </td> </tr>';
- print '<tr> <td> Credit </td> <td class="tr"> ' . $user[0]['credit'] . ' </td> </tr>';
- print '</table>';
- if($core->auth && $core->user['id'] == $user[0]['id'])
- {
- print '<div style="width: 100%" class="tc"> <input type="submit" class="claimCredit" value="Claim Credit" /> <input type="submit" class="relogin" value="Relogin" /> </div>';
- }
- print '</div>';
- print '<div class="block c4-5 fr">';
- if(isset($core->user['id']) && $core->user['id'] == $user[0]['id'] && !isset($_GET['preview']))
- {
- if($user[0]['custpawn'] != '')
- {
- print
- '<div class="heading"> Custom Pawn <small style="font-size: 10px">[Hex 6 characters example: #000000, just type "off" to turn your custom pawn off]</small> </div>
- <form method="post">
- <input style="width: 99%;text-align: center;" type="text" autocomplete="off" name="update_pawn" value="' . ($user[0]['custpawn'] == 'off' ? 'off' : '#' . $user[0]['custpawn']) . '" />
- <input type="hidden" name="cmd" value="update_pawn" />
- <div style="width: 99%;text-align: center"> <input type="submit" class="btn btn-primary btn-xs" value="Update" /> </div>
- </form>';
- }
- print '<div class="heading"> Referral Link <a href="/faq#referrals">(click for explanation)</a> </div>';
- print '<input type="text" style="width: 99%;text-align: center;" value="http://' . $config->server_dm . '/home?ref=' . $core->user['id'] . '" /><br />';
- print '<br />';
- print '<div class="heading"> Xavi [ <a href="/profile?u=' . htmlspecialchars($_GET['u']) . '&preview">CODIGOS</a> ]</div>';
- }
- else
- {
- print '<div class="heading"> Xavi </div>';
- }
- if($user[0]['xavi'] == '' && (!$core->auth || $core->user['id'] != $user[0]['id']))
- {
- print '<div class="tc" style="width: 100%"> ' . $user[0]['username'] . ' does not have a biography. </div>';
- }
- elseif($core->auth && $core->user['id'] == $user[0]['id'] && !isset($_GET['preview']))
- {
- print '<small style="cursor:pointer" title="[br], [center], [b], [h1], [h2], [h3]"> SEU XAVI AKI!</small>';
- print '<form method="post">';
- print '<input type="hidden" name="cmd" value="update_bio" />';
- print '<textarea name="bio" style="width: 99%;resize: none" rows="15">' . htmlspecialchars($user[0]['xavi']) . '</textarea>';
- print '<div style="width: 99%;text-align: center"> <input type="submit" class="btn btn-primary btn-xs" value="Update" /> </div>';
- print '</form>';
- }
- else
- {
- $bb = array(
- '[br]' => '<br />',
- "\n" => '<br />',
- '[center]' => '<span class="tc" style="width: 100%;display: inline-block;">',
- '[/center]' => '</span>',
- '[b]' => '<b>',
- '[/b]' => '</b>',
- '[h1]' => '<h1>',
- '[/h1]' => '</h1>',
- '[h2]' => '<h2>',
- '[/h2]' => '</h2>',
- '[h3]' => '<h3>',
- '[/h3]' => '</h3>',
- '[center]' => '<center>',
- '[/center]' => '</center>',
- );
- print str_replace(array_keys($bb), $bb, htmlspecialchars($user[0]['xavi']));
- }
- print '</div>';
- }
- else
- {
- print '<div class="block c1 tc"> User Not Found </div>';
- }
- }
- else
- {
- print '
- <div class="col-lg-6">
- <div class="well bs-component">
- <form method="POST" class="form-horizontal">
- <input type="hidden" name="cmd" value="login" />
- <fieldset>
- <legend>Login</legend>
- <div class="form-group">
- <label for="inputPassword" class="col-lg-2 control-label">Username</label>
- <div class="col-lg-10">
- <input class="form-control" id="inputEmail" name="user" placeholder="Username" type="text">
- </div>
- </div>
- <div class="form-group">
- <label for="inputPassword" class="col-lg-2 control-label">Password</label>
- <div class="col-lg-10">
- <input class="form-control" id="inputPassword" placeholder="Password" name="pass" type="password">
- </div>
- </div>
- <div class="form-group">
- <div class="col-lg-10 col-lg-offset-2">
- <input type="submit" value="Login" class="btn btn-primary" />
- </div>
- </div>
- </fieldset>
- </form>
- <div style="display: none;" id="source-button" class="btn btn-primary btn-xs">< ></div></div>
- </div>
- <div style="width: 10%; display: inline-block;"> <!-- Spacer --> </div>
- <div class="col-lg-6">
- <div class="well bs-component">
- <form method="POST" class="form-horizontal">
- <input type="hidden" name="cmd" value="register" />
- <fieldset>
- <legend>Registro</legend>
- <div class="form-group">
- <label for="inputPassword" class="col-lg-2 control-label">Username</label>
- <div class="col-lg-10">
- <input class="form-control" id="inputEmail" name="user" placeholder="Username" type="text">
- </div>
- </div>
- <div class="form-group">
- <label for="inputPassword" class="col-lg-2 control-label">Password</label>
- <div class="col-lg-10">
- <input class="form-control" id="inputPassword" placeholder="Password" name="pass" type="password">
- </div
- <div class="form-group">
- <label for="inputPassword" class="col-lg-2 control-label">Email</label>
- <div class="col-lg-10">
- <input class="form-control" id="inputPassword" placeholder="Email" name="mail" type="text">
- </div>
- </div>
- <div class="form-group">
- <div class="col-lg-10 col-lg-offset-2">
- <input type="submit" value="Register" class="btn btn-primary" />
- </div>
- </div>
- </fieldset>
- </form>
- <div style="display: none;" id="source-button" class="btn btn-primary btn-xs">< ></div></div>
- </div>
- ';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement