Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(E_ALL); //DEBUG ONLY
- ob_start();
- session_start();
- require_once 'settings.php';
- function toKey($length = 6) {
- $characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $addToKey = '';
- for ($i = 0; $i < $length; $i++) {
- $addToKey .= $characters[rand(0, $charactersLength - 1)];
- }
- return $addToKey;
- }
- function generateKey() {
- for ($i = 0; $i < 6; $i++) {
- if ($i == 5) {
- $key .= toKey();
- } else {
- $key .= toKey() . '-';
- }
- }
- }
- if ( isset($_POST['createKey']) ) {
- $keyHash = hash('sha512', $key);
- $sqlStmt = $pdo->prepare("INSERT INTO pkeys(pkey, username) VALUES(:pkey, :username)");
- $stmt->bindParam(':pkey', $keyHash);
- $stmt->bindParam(':username', $_SESSION['user']);
- if ($sqlStmt->execute()) {
- $MSG = "Key: " .$key;
- unset($key);
- } else {
- $MSG = "Error";
- }
- }
- if ( isset($_POST['loginKey']) ) {
- $keyHash = hash('sha512', htmlspecialchars(strip_tags(trim($_POST['loginFieldKey']))));
- $sqlStmt = $pdo->prepare('SELECT id, pkey, keyStatus FROM pkeys WHERE pkey = :pkey');
- $sqlStmt->execute(array(':pkey' => $keyHash));
- $sqlResult = $sqlStmt->fetchAll(\PDO::FETCH_ASSOC);
- if (!empty($sqlResult)) {
- foreach($sqlResult as $row) {
- if ($row['pkey'] == $keyHash) {
- if( $row['keyStatus'] != 1) {
- $MSG = "Key already used!";
- echo "Key not valid";
- ?>
- <script type="text/javascript">
- $('#loginMask').modal('show');
- </script>
- <?php
- } else {
- $sqlStmt = $pdo->prepare("UPDATE pkeys SET keyStatus=0, keyUsed=:currentTimestamp WHERE id = :id");
- $sqlStmt->execute(array(':currentTimestamp' => date('Y-m-d G:i:s'),':id' => $row['id']));
- $_SESSION['loginMethod'] = 'key';
- ?>
- <script type="text/javascript">
- $('#loginMask').modal('hide');
- </script>
- <?php
- }
- }
- }
- } else {
- $MSG = "Key not found!";
- //echo '<script type="text/javascript">$(\'#loginMask\').modal(\'show\')</script>';
- }
- unset($sqlResult);
- unset($sqlStmt);
- }
- if ( isset($_POST['loginUser']) ) {
- $username = htmlspecialchars(strip_tags(trim($_POST['loginFieldUsername'])));
- $password = hash('sha512', htmlspecialchars(strip_tags(trim($_POST['loginFieldPasswd']))));
- $stmt = $pdo->prepare('SELECT id, username, passwd FROM login WHERE username = :username');
- $stmt->bindParam(':username', $username);
- $stmt->execute();
- $sqlResult = $stmt->fetchAll(\PDO::FETCH_ASSOC);
- if (!empty($sqlResult)) {
- foreach($sqlResult as $row) {
- if ($row['passwd'] == $password) {
- if( $row['status'] == 1) {
- $MSG = "Bitte verifizieren sie zuerst ihre E-Mail.";
- } else {
- $_SESSION['user'] = $username;
- header("Location: index.php");
- }
- } else {
- $MSG = "Wrong credentials!";
- }
- }
- }
- unset($sqlResult);
- unset($stmt);
- }
- if ( isset($_POST['register']) ) {
- if (! isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $ipAddr = $_SERVER['REMOTE_ADDR'];
- } else {
- $ipAddr = $_SERVER['HTTP_X_FORWARDED_FOR'];
- }
- $username = htmlspecialchars(strip_tags(trim($_POST['registerFieldUser'])));
- $email = htmlspecialchars(strip_tags(trim($_POST['registerFieldEmail'])));
- $password = hash('sha512', htmlspecialchars(strip_tags(trim($_POST['registerFieldPasswd']))));
- if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
- $MSG = "Ungültige E-Mail Adresse!";
- } else {
- $characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $verficationHash = '';
- for ($i = 0; $i < 8; $i++) {
- $verficationHash .= $characters[rand(0, $charactersLength - 1)];
- }
- $stmt = $pdo->prepare("INSERT INTO login(username,email,passwd,verificationHash) VALUES(:username,:email,:password,:verificationHash)");
- $stmt->bindParam(':username', $username);
- $stmt->bindParam(':email', $email);
- $stmt->bindParam(':password', $password);
- $stmt->bindParam(':verificationHash', $verficationHash);
- if ($stmt->execute()) {
- $message = '
- Hallo '.$username.',
- Ihr Account wurde erstellt, er wird aktiviert nachdem sie den untenstehenden Link gedrückt haben.
- Die Registrierung kam von der IP Adresse: '.$ipAddr.'
- Bitte klicken sie auf den Link, um ihren Account zu aktivieren
- http://chirpa.de/verify.php?email='.$email.'&hash='.$verficationHash.'
- ';
- if ( mail($email, 'Chirpa Verification E-Mail', $message, 'From:noreply@chirpa.de' . "\r\n") ) {
- $MSG = "Die Registrierung war erfolgreich, eine E-Mail wurde zur Verifizierung der E-Mail Adresse an sie geschickt.";
- unset($username);
- unset($email);
- unset($password);
- } else {
- $MSG = "Die E-Mail konnte nicht gesendet werden.";
- }
- } else {
- $MSG = "Es ist ein Fehler aufgetreten, bitte versuchen sie es später erneut.";
- }
- unset($stmt);
- }
- }
- ?>
- <html>
- <head>
- <title>Herzlich Willkommen</title>
- <meta charset="utf-8" />
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css" />
- <link rel="stylesheet" href="assets/css/main.css" type="text/css" />
- <script src="assets/js/jquery.min.js"></script>
- <script src="assets/js/jquery.scrolly.min.js"></script>
- <script src="assets/js/jquery.dropotron.min.js"></script>
- <script src="assets/js/bootstrap.min.js"></script>
- <script src='https://www.google.com/recaptcha/api.js'></script>
- </head>
- <body>
- <nav class="navbar navbar-default">
- <div class="container-fluid">
- <!-- Brand and toggle get grouped for better mobile display -->
- <div class="navbar-header">
- <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
- <span class="sr-only">Toggle navigation</span>
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- </button>
- <a class="navbar-brand" href="index.php">Herzlich Willkommen</a>
- </div>
- <!-- Services Menu -->
- <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
- <ul class="nav navbar-nav">
- <li class="dropdown">
- <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Services <span class="caret"></span></a>
- <ul class="dropdown-menu">
- <li><a href="https://chirpa.de/owncloud">ownCloud</a></li>
- <li role="separator" class="divider"></li>
- <li><a href="https://chirpa.de:8888">GitLab</a></li>
- <li role="separator" class="divider"></li>
- <li><a href="https://chirpa.de/dokuwiki">Dokuwiki</a></li>
- <li role="separator" class="divider"></li>
- <li><a href="ts3server://chirpa.de?port=9987">Connect to TeamSpeak 3 Server</a></li>
- <?php if( isset($_SESSION['user'])!="" ) : ?>
- <li role="separator" class="divider"></li>
- <li><a data-toggle="modal" href="#generateKeyMask">Generate a new Key</a></li>
- <?php endif; ?>
- </ul>
- <li>
- </li>
- <!--Project Menu-->
- <li class="dropdown">
- <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Projects <span class="caret"></span></a>
- <ul class="dropdown-menu">
- <li><a href="https://chirpa.de/patchliste.html">Patchliste</a></li>
- <!--<li role="separator" class="divider"></li>-->
- </ul>
- <li>
- </li>
- <!--Administrative Menu-->
- <?php if( isset($_SESSION['user'])!="" || isset($_SESSION['loginMethod'])=="key" ) : ?>
- <li class="dropdown">
- <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Administration <span class="caret"></span></a>
- <ul class="dropdown-menu">
- <li><a href="https://chirpa.de/phpmyadmin">PHPmyAdmin</a></li>
- <li role="separator" class="divider"></li>
- <li><a href="https://chirpa.de/ts3webinterface">TeamSpeak 3 Webinterface</a></li>
- </ul>
- </li>
- <?php endif; ?>
- </ul>
- <!--Login/Logout/Register buttons on the right side.-->
- <ul class="nav navbar-nav navbar-right">
- <?php if( isset($_SESSION['user'])!="" ) : ?>
- <li><a href="logout.php?logout"> Logout</a></li>
- <?php else : ?>
- <?php if(isset($_SESSION['loginMethod'])=="key") : ?>
- <li><a data-toggle="modal" href="#registerMask"> Register</a></li>
- <li><a href="logout.php?logout"> Logout</a></li>
- <?php else :?>
- <li><a data-toggle="modal" href="#loginMask">Login</a></li>
- <?php endif; ?>
- <?php endif; ?>
- </ul>
- </div>
- </div>
- </nav>
- <!--Login Mask-->
- <div class="modal fade" id="loginMask" tabindex="-1" role="dialog">
- <div class="modal-dialog" role="document">
- <div class="modal-content">
- <div class="modal-header">
- <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
- <h4 class="modal-title">Login</h4>
- </div>
- <form method="post" autocomplete="off">
- <div class="modal-body">
- <div id="login-form">
- <div class="col-md-12">
- <?php
- if ( isset($MSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-danger">
- <?php echo $MSG; ?>
- </div>
- </div>
- <?php
- }
- ?>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon" class="glyphicon glyphicon-lock"></span>
- <input type="text" name="loginFieldKey" class="form-control" placeholder="Key" />
- </div>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon" class="glyphicon glyphicon-user"></span>
- <input type="text" name="loginFieldUser" class="form-control" placeholder="Username" />
- </div>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon" class="glyphicon glyphicon-lock"></span>
- <input type="password" name="loginFieldPasswd" class="form-control" placeholder="Password" />
- </div>
- </div>
- </div>
- </div>
- </div>
- <div class="modal-footer">
- <div id="login-form">
- <div class="form-group">
- <button type="submit" class="btn btn-block btn-primary" name="loginKey">Use key</button>
- <button type="submit" class="btn btn-block btn-primary" name="loginUser">Use credentials</button>
- </div>
- </div>
- </div>
- </form>
- </div>
- </div>
- </div>
- <!--Register Mask-->
- <div class="modal fade" id="registerMask" tabindex="-1" role="dialog">
- <div class="modal-dialog" role="document">
- <div class="modal-content">
- <div class="modal-header">
- <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
- <h4 class="modal-title">Register</h4>
- </div>
- <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">
- <div class="modal-body">
- <div id="login-form">
- <div class="col-md-12">
- <?php
- if ( isset($errMSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-success">
- <span class="glyphicon glyphicon-info-sign"></span> <?php echo $MSG; ?>
- </div>
- </div>
- <?php
- }
- ?>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
- <input type="text" name="registerFieldUser" class="form-control" placeholder="Username" required />
- </div>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon"><span class="glyphicon glyphicon-envelope"></span></span>
- <input type="email" name="registerFieldEmail" class="form-control" placeholder="E-Mail" maxlength="40" required />
- </div>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
- <input type="password" name="registerFieldPasswd" class="form-control" placeholder="Password" maxlength="30" required />
- </div>
- </div>
- </div>
- </div>
- </div>
- <div class="modal-footer">
- <div id="login-form">
- <div class="form-group">
- <button type="submit" class="btn btn-block btn-primary" data-sitekey="6LcLEhsUAAAAAEmGkaQMHepzeJUv3lLhh49xfnMl" name="register">Register</button>
- </div>
- </div>
- </div>
- </form>
- </div>
- </div>
- </div>
- <!--Generate a new Key Mask-->
- <div class="modal fade" id="generateKeyMask" tabindex="-1" role="dialog">
- <div class="modal-dialog" role="document">
- <div class="modal-content">
- <div class="modal-header">
- <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
- <h4 class="modal-title">Generate a new key</h4>
- </div>
- <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">
- <div class="modal-body">
- <div id="login-form">
- <div class="col-md-12">
- <?php
- if ( isset($MSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-success">
- <?php echo $MSG; ?>
- </div>
- </div>
- <?php
- }
- ?>
- </div>
- </div>
- </div>
- <div class="modal-footer">
- <div class="form-group">
- <button type="submit" class="btn btn-block btn-primary" name="createKey">Create a new key</button>
- </div>
- </div>
- </form>
- </div>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement