API tools faq
paste
Guest User

Untitled

a guest
Jan 24th, 2018
88
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.66 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. if (!($user -> LoggedIn()))
  3. {
  4. if (isset($_POST['logINBoss']))
  5. {
  6. $captcha = htmlspecialchars($_POST["g-recaptcha-response"]);
  7. $secret = $odb->query("SELECT `google_secret` FROM `admin` LIMIT 1")->fetchColumn(0);
  8. $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
  9. $response = json_decode($response);
  10. if (!$captcha || $response->success == false)
  11. {
  12. echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Invalid Captcha Code Entered!</div></center>';
  13. } else {
  14. $username = htmlspecialchars($_POST['username']);
  15. $password = htmlspecialchars($_POST['password']);
  16. $Errors = array();
  17. if (!ctype_alnum($username) || strlen($username) < 1 || strlen($username) > 15)
  18. {
  19. $Errors[] = '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Username Must Be Alphanumberic And 4-15 characters in length</div></center>';
  20. }
  21. if (empty($username) || empty($password))
  22. {
  23. $Errors[] = '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Fill in all fields</div></center>';
  24. }
  25. if (empty($Errors))
  26. {
  27. $SQLCheckLogin = $odb->prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
  28. $SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
  29. $countLogin = $SQLCheckLogin -> fetchColumn(0);
  30. if ($countLogin == 1)
  31. {
  32. $SQLGetInfo = $odb->prepare("SELECT `username`, `ID`, `status` FROM `users` WHERE `username` = :username AND `password` = :password");
  33. $SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
  34. $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
  35. if ($countLogin == 1)
  36. {
  37. $SQL = $odb->prepare("SELECT `status` FROM `users` WHERE `username` = :username");
  38. $SQL->execute(array(':username' => $username));
  39. $status = $SQL->fetchColumn(0);
  40. if($status == 1)
  41. {
  42. $SQL = $odb->prepare("SELECT `reason` FROM `bans` WHERE `username` = :username");
  43. $SQL->execute(array(':username' => $username));
  44. $ban = $SQL->fetchColumn(0);
  45. die('<span style="color:red;">You are banned. Reason:</span> ' . htmlspecialchars($ban));
  46. }
  47. $logAddr = $odb->prepare("INSERT INTO `loginip` (`username`,`ip`,`date`,`http_agent`) VALUES (:user, :ip, UNIX_TIMESTAMP(NOW()), :agent);");
  48. $logAddr->execute(array( ":user" => $username, ":ip" => $_SERVER['REMOTE_ADDR'], ":agent" => $_SERVER['HTTP_USER_AGENT']));
  49. $_SESSION['username'] = $userInfo['username'];
  50. $_SESSION['ID'] = $userInfo['ID'];
  51. echo '<center><div class="alert alert-icon alert-success alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You have been logged in successfully..</div></center><meta http-equiv="refresh" content="3;url=index.php">';
  52. }
  53. else
  54. {
  55. echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You are banned for Reason...</div></center>';
  56. }
  57. }
  58. else
  59. {
  60. echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Login Failed!!</div></center>';
  61. }
  62. }
  63. else
  64. {
  65. echo '';
  66. foreach($Errors as $Error)
  67. {
  68. echo ''.htmlspecialchars($Error).'';
  69. }
  70. echo '</div>';
  71. }
  72. }
  73. }
  74. }
  75. ?>
  76.  
  77. echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You are banned for Reason...</div></center>';
  78.  
  79. echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Login Failed!!</div></center>';
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!