Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- ?>
- <?php require_once('Connections/localserver.php'); ?>
- <?php
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $editFormAction = $_SERVER['PHP_SELF'];
- if (isset($_SERVER['QUERY_STRING'])) {
- $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
- }
- if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
- $updateSQL = sprintf("UPDATE users SET user_hash=%s WHERE user_level=%s",
- GetSQLValueString($_POST['user_hash'], "text"),
- GetSQLValueString($_POST['valcode'], "int"));
- mysql_select_db($database_localserver, $localserver);
- $Result1 = mysql_query($updateSQL, $localserver) or die(mysql_error());
- $updateGoTo = "validated.php";
- if (isset($_SERVER['QUERY_STRING'])) {
- $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
- $updateGoTo .= $_SERVER['QUERY_STRING'];
- }
- header(sprintf("Location: %s", $updateGoTo));
- }
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $colname_rstUsers = "-1";
- if (isset($_GET['hash'])) {
- $colname_rstUsers = $_GET['hash'];
- }
- mysql_select_db($database_localserver, $localserver);
- $query_rstUsers = sprintf("SELECT * FROM users WHERE user_hash = %s", GetSQLValueString($colname_rstUsers, "int"));
- $rstUsers = mysql_query($query_rstUsers, $localserver) or die(mysql_error());
- $row_rstUsers = mysql_fetch_assoc($rstUsers);
- $totalRows_rstUsers = mysql_num_rows($rstUsers);
- if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
- $_SESSION['valcode'] = $row_rstUsers['password'];
- $_SESSION['userguess']= GetSQLValueString($_POST['password'], "text");
- if (($_SESSION['userguess'])==($_SESSION['valcode'])){ /* both values match */
- $updateSQL = sprintf("UPDATE users SET user_level='1' WHERE user_hash='%s'", /* Update the user level to 1 where the user hashtag is equal to the one that was sent in the link*/
- GetSQLValueString($_POST['password'], "text"));
- mysql_select_db($mmos, $localserver);
- $Result1 = mysql_query($updateSQL, $localserver) or die(mysql_error());
- if (isset($_SERVER['QUERY_STRING'])) {
- $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
- $updateGoTo .= $_SERVER['QUERY_STRING'];
- }
- header('Location: validated.php');
- }
- else { /* If values dont match*/
- header( 'Location: validate.php' ) ; /* Where to go if validation failed, does not update database and goes back to the same page. */
- }
- }
- ?>
- <?php require_once('Connections/localserver.php'); ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Validate</title>
- <meta name="description" content="This is an experimental site which reviews the latest and greatest titles of the MMORPG genre">
- <meta name="keywords" content="Review, Video Game, MMORPG, MMO, Massively, Multiplayer, Online, Roleplaying, Game, World of Warcraft, Guild Wars, Rift, EVE Online, Star Wars: The Old Republic">
- <link href="savedstylesheet.css" rel="stylesheet" type="text/css" />
- </head>
- <body id="Mainbody">
- <div id="Wrapper">
- <div id="Header">
- <h1>MMORPG Reviews </h1>
- </div>
- <div id="MainNavbarone">
- <ul>
- <li> <h2> <a href="index.php">Home</a></h2> </li>
- <li> <h2> <a href="includes/warcraft.php">World of Warcraft</a></h2> </li>
- <li> <h2> <a href="includes/guildwars.php">Guild Wars</a></h2> </li>
- <li> <h2> <a href="includes/rift.php">Rift</a></h2> </li>
- <li> <h2> <a href="includes/eveonline.php">Eve Online</a></h2> </li>
- <li> <h2> <a href="includes/starwars.php"> Star Wars: The Old Republic </a></h2> </li>
- <li> <h2> <a href="includes/login.php">Login</a></h2> </li>
- <li> <h2> <a href="includes/about.php"> About</a></h2> </li>
- </ul>
- </div>
- <div id="MainAdbar">
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here </h3>
- <h3>Content for id "Adbar" Goes Here</h3>
- <h3>Content for id "Adbar" Goes Here </h3>
- </div>
- <div id="RedirectMainareaone">
- <?php if ($totalRows_rstUsers == 0) { // Show if recordset empty ?>
- <p> </p>
- <p>Oops! Your URL was incorrect. Please click <a href="index.php">here</a> to return to the Home Page!
- <p> </p>
- <?php } // Show if recordset empty ?>
- <?php if ($totalRows_rstUsers > 0) { // Show if recordset not empty ?>
- <?php if ($row_rstUsers['user_level']==0) { // Select between validated or not ?>
- <p> </p>
- <p>Welcome <?php echo $row_rstUsers['user_name']; ?>. To continue validating your account please enter your password below into the box provided and click on Next to continue:</p>
- <form id="form1" name="form1" method="POST" action="<?php echo $editFormAction; ?>">
- <p>
- <label for="password">Enter Password:</label>
- <input type="password" name="valcode" id="password" />
- <input name="user_hash" type="hidden" value="<?php echo $_GET['hash']; ?>"/>
- </p>
- <p>
- <input type="submit" name="go" id="go" value="Validate" />
- </p>
- <input type="hidden" name="MM_update" value="form1" />
- </form>
- <p> </p>
- <?php } else { ?>
- <p> </p>
- <p>Oops! Your account has already been validated! Please click <a href="index.php">here</a> to return to the Home Page! </p>
- <p> </p>
- <?php } // Select between validated or not ?>
- <?php } // Show if recordset not empty ?>
- </div>
- <div id="Wrapperone">
- <div id="MainNavbar">
- <h3><a href="http://eu.battle.net/wow/en/">Official World Of Warcraft Website</a></h3>
- <h3><a href="https://www.guildwars2.com/en-gb/">Official Guild Wars Website</a></h3>
- <h3><a href="http://eu.riftgame.com/en/">Official Rift Website</a></h3>
- <h3><a href="http://www.eveonline.com/">Official EVE Online Website</a></h3>
- <h3><a href="http://www.swtor.com/">Official Star Wars: The Old Republic Website</a></h3>
- </div>
- <div id="MainChatbar">
- <?php
- if ( isset ($_SESSION['MM_UserGroup']) ) {
- if ($_SESSION['MM_UserGroup']==1)//user
- { ?>
- <embed src="http://www.xatech.com/web_gear/chat/chat.swf" quality="high" width="300" height="700" name="chat" flashvars="id=184909259" align="middle" allowscriptaccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://xat.com/update_flash.shtml" />
- <?php
- }
- elseif ($_SESSION['MM_UserGroup']==2)//admin
- { ?>
- <embed src="http://www.xatech.com/web_gear/chat/chat.swf" quality="high" width="300" height="700" name="chat" flashvars="id=184909259" align="middle" allowscriptaccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://xat.com/update_flash.shtml" />
- <?php
- }
- else//hide chatbox
- {
- echo '<h3> Oops! User Authentication Is Required To Access This Content! </h3>';
- }
- }
- else echo '<h3> Oops! User Authentication Is Required To Access This Content! </h3>';
- ?>
- </div>
- </div>
- <div id="MainFooter">
- <h4><a href="includes/sitemap.php">Site Map/</a><a href="includes/admin.php">Administrative Page</a></h4>
- </div>
- </div>
- </body>
- </html>
- <?php
- mysql_free_result($rstUsers);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement