Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require('../includes/config.php');
- require('../structure/database.php');
- require('../structure/base.php');
- require('../structure/user.php');
- $database = new database($db_host, $db_name, $db_user, $db_password);
- $base = new base($database);
- $user = new user($database);
- $user->updateLastActive();
- $username = $user->getUsername($_COOKIE['user'], 2);
- $rank = $user->getRank($username);
- if($rank < 4) $base->redirect('../index.php');
- $salt = substr(hash(sha256, sha1(time())), 10);
- $rpassword = $_POST['requested_password'] == $salt .hash(sha256, md5(sha1($_POST['password']))) . substr($salt, 0, -51);
- ?>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
- <html xmlns:IE>
- <head>
- <meta http-equiv="Expires" content="0">
- <meta http-equiv="Pragma" content="no-cache">
- <meta http-equiv="Cache-Control" content="no-cache">
- <meta name="MSSmartTagsPreventParsing" content="TRUE">
- <title><?php echo $data['wb_title']; ?></title>
- <link href="../css/basic-3.css" rel="stylesheet" type="text/css" media="all">
- <link href="../css/main/title-5.css" rel="stylesheet" type="text/css" media="all">
- <link href="../css/kbase-2.css" rel="stylesheet" type="text/css" media="all" />
- <link rel="shortcut icon" href="../img/favicon.ico" />
- <?php include('../includes/google_analytics.html'); ?>
- <script type="text/javascript">
- function goBack()
- {
- window.history.back();
- }
- </script>
- </head>
- <div id="body">
- <?php $base->getNavBar($username, $path, $rank); ?>
- <br/><br/>
- <div style="text-align: center; background: none;">
- <div class="titleframe e">
- <b>Administration - Recovery requests</b><br> <a href="../index.php" class=c>Main Menu</a> - <a href="index.php">Admin Control Panel</a>
- </div>
- </div>
- <br/>
- <br/>
- <div class="titleframe e" style="text-align:left; color:white; width:750px; margin-left:auto; margin-right:auto;">
- Recovery requests are displayed one at a time to keep the steady flow. - <b>currently functional but under development</b>.<br><br/>
- <?php
- //query details
- $tracking = $database->processQuery("SELECT id, ip, date, account, a1, a2, a3, a4, a5, message_content, reg_date, requested_password FROM tracking WHERE status = 0 ORDER BY id ASC LIMIT 0,1", array(), true);
- if($database->getRowCount() == 0)
- {
- ?>
- <center><h2>No recovery requests at this time.</h2></center>
- <?php
- }
- else {
- $recovery = $database->processQuery("SELECT cancel, a1, a2, a3, a4, a5 FROM `recoveries` WHERE `id` = ?", array($tracking[0]['account']), true);
- $users = $database->processQuery("SELECT password, reg_date FROM users WHERE id = ?", array($user->getIdByName($username)), true);
- $database->processQuery("SELECT password FROM users WHERE id = ? LIMIT 1", array($user->getUserId($_COOKIE['user'])), true);
- if (isset($_POST['password'])) {
- $tracking = hash(sha256, md5(sha1($_POST['requested_password'])));
- //update user password
- $update = $database->processQuery("UPDATE `users` SET `password` = ? WHERE `id` = ? LIMIT 1", array($password, $info[0]['account']), false);
- $requested_password = substr(substr($update[0]['password'], 54), 0, -3);
- }
- ?>
- <center>
- <table width="55%">
- <tr>
- <td style="color:red; font-weight: bold">Username</td>
- <td><?php echo $user->dName($user->getNameById($tracking[0]['account'])); ?></td>
- </tr>
- <tr>
- <td style="border-bottom:1px dotted white;">I.P</td>
- <td style="border-bottom:1px dotted white;"><?php echo $tracking[0]['ip']; ?></td>
- </tr>
- <!-- QUESTION ONE -->
- <tr>
- <td>Question #1</td>
- <td>What is your favorite meal? - broken</td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $recovery[0]['cancel']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['a1']; ?></td>
- </tr>
- <!-- QUESTION TWO -->
- <tr>
- <td>Question #2</td>
- <td>Who was your best friend growing up?</td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $recovery[0]['a1']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['a2']; ?></td>
- </tr>
- <!-- QUESTION THREE -->
- <tr>
- <td>Question #3</td>
- <td>What is your mothers maiden name?</td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $recovery[0]['a2']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['a3']; ?></td>
- </tr>
- <!-- QUESTION FOUR -->
- <tr>
- <td>Question #4</td>
- <td>Where were you born?</td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $recovery[0]['a3']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['a4']; ?></td>
- </tr>
- <!-- QUESTION FIVE -->
- <tr>
- <td>Question #5</td>
- <td>What color was your first bedroom?</td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $recovery[0]['a4']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['a5']; ?></td>
- </tr>
- <!-- DETAILS -->
- <tr>
- <td>Date Registered</b></td>
- </tr>
- <tr>
- <td>Actual Answer</td>
- <td><?php echo $users[0]['reg_date']; ?></td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Supplied Answer</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['reg_date']; ?></td>
- </tr>
- <!-- DETAILS -->
- <tr>
- <td>Message Contents</td>
- </tr>
- <tr>
- <td style="border-bottom:2px yellow dotted;">Explanation</td>
- <td style="border-bottom:2px yellow dotted;"><?php echo $tracking[0]['message_content']; ?></td>
- </tr>
- <tr>
- <td>
- <form action="recovery_takeaction.php?action=1&id=<?php echo $tracking[0]['id']; ?>" method="POST">
- <input type="Submit" value="Accept"></td>
- </form>
- <td>
- <form action="recovery_takeaction.php?action=2&id=<?php echo $tracking[0]['id']; ?>" method="POST">
- <input type="submit" value="Deny"></td>
- </form>
- </tr>
- </table>
- </center>
- <?php
- }
- ?>
- </div>
- </div>
- <div class="tandc"><?php echo $data['wb_foot']; ?></div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement