Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- @require_once('config.php');
- header('Content-Type: text/html; charset=UTF-8');
- session_start();
- // function session_is_registered($x){return isset($_SESSION['$x']);}
- $_SESSION['hotelip'] = "127.0.0.1";
- $_SESSION['hotelport'] = "30000";
- // MD5 HASH
- function HoloHashMD5($password){
- $hash_secret = "xCg532%@%gdvf^5DGaa6&*rFTfg^FD4\$OIFThrR_gh(ugf*/";
- $string = md5($password.($hash_secret));
- return $string;
- }
- // Escape string
- function Escape($str, $advanced=false) {
- if($advanced == true){ return mysql_real_escape_string(addslashes($str)); }
- $str = mysql_real_escape_string(addslashes(htmlspecialchars($str)));
- return $str;
- }
- function News($str) {
- if(get_magic_quotes_gpc()){ $str = stripslashes($str); }
- $str = preg_replace(array('/\x{0001}/u','/\x{0002}/u','/\x{0003}/u','/\x{0005}/u','/\x{0009}/u'),' ',$str);
- $str = mysql_real_escape_string($str);
- return $str;
- }
- // MUS-DATA
- define('SEP', DIRECTORY_SEPARATOR);
- $dir = str_replace('register'.SEP, '', dirname(__FILE__).SEP);
- define('DIR', $dir);
- define('INCLUDES', DIR.''.SEP);
- $core = new Core();
- class Core {
- public function MUS($command, $data = ''){
- $MUSdata = $command . chr(1) . $data;
- $socket = socket_create(AF_INET, SOCK_STREAM, getprotobyname('tcp'));
- socket_connect($socket, '127.0.0.1', '30001');
- socket_send($socket, $MUSdata, strlen($MUSdata), MSG_DONTROUTE);
- }
- }
- $muscore = $core->MUS;
- // Htmlspecialchars
- function xEscape($str, $advanced=false, $bbcode=false) {
- if($advanced == true){ return stripslashes($str); }
- $str = stripslashes(nl2br(htmlspecialchars($str)));
- return $str;
- }
- if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
- $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
- }
- if(isset($_SERVER['HTTP_INCAP_CLIENT_IP'])){
- $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_INCAP_CLIENT_IP'];
- }
- $remote_ip = $_SERVER['REMOTE_ADDR'];
- $date = date('d.m.Y H:i:s');
- $date2 = date('d.m.Y');
- $server = mysql_fetch_assoc($server_status = mysql_query("SELECT * FROM server_status"));
- $onlinecount = $server['users_online']+2;
- $_SESSION['lastcheck'] = time();
- // LOGIN
- if(isset($_SESSION['username'])) {
- $rawname = Escape($_SESSION['username']);
- $rawpass = Escape($_SESSION['password']);
- $usersql = mysql_query("SELECT * FROM users WHERE username = '".$rawname."' AND password = '".$rawpass."' LIMIT 1");
- $myrow = mysql_fetch_assoc($usersql);
- $password_correct = mysql_num_rows($usersql);
- $userid = $myrow['id'];
- $user_rank = $myrow['rank'];
- $username = $myrow['username'];
- $ban = mysql_query("SELECT expire,reason FROM bans WHERE value = '".$myrow['username']."' AND bantype = 'user' or value = '".$remote_ip."' AND bantype = 'ip' ORDER BY id DESC LIMIT 1");
- if($password_correct !== 1){
- @session_destroy();
- header("location: ".$path."");
- exit;
- }elseif(mysql_num_rows($ban) > 0){
- $bandata = mysql_fetch_assoc($ban);
- $timestamp = time();
- if($bandata['expire'] > $timestamp){
- @session_destroy();
- }
- }
- $logged_in = true;
- $name = $myrow['username'];
- }
- else {
- $user_rank = 0;
- $username = "Gast";
- $user_id = "0";
- $myticket = "ST-No-Name-habbore-fe";
- $logged_in = false;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
