API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 16th, 2018
273
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.99 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. include('connect_db.php');
  4. if($_SERVER['REMOTE_ADDR'] == '71.176.221.177') {
  5. exit;
  6. }
  7. ?>
  8. <!DOCTYPE html>
  9. <html xmlns="http://www.w3.org/1999/xhtml">
  10. <head>
  11. <title>U.O.T.S - Login</title>
  12. <link rel="shortcut icon" href="images/style/favicon.gif">
  13. <link href="external-2.css" rel="stylesheet" type="text/css">
  14. <script type="text/javascript" src="js/jquery.js"></script>
  15. <script type="text/javascript" src="js/jquery-1.4.2.js"></script>
  16. <script type = 'text/javascript'>
  17. $(function() {
  18. $('#usern').bind('keyup focusout',function() {
  19. var val = $(this).val();
  20. var load = 'reg_checks.php?a=username&string='+val;
  21. $.get(load, function(data) {
  22. $('#un_check').html(data);
  23. });
  24. });
  25. $('#passw').focusout(function() {
  26. var val = $(this).val();
  27. var load = 'reg_checks.php?a=pass&string='+val;
  28. $.get(load, function(data) {
  29. $('#pw_check').html(data);
  30. });
  31. });
  32. $('#passwc').focusout(function() {
  33. var valb = $('#passw').val();
  34. var valc = $(this).val();
  35. if(valb) {
  36. if(valb == valc) {
  37. data = "<font color = '#33FF00'>Matching</font>";
  38. }
  39. else {
  40. data = "<font color = 'red'>Not matching</font>";
  41. }
  42. }
  43. else
  44. {
  45. data = "<font color = 'red'>Empty-0%</font>";
  46. }
  47. $('#pw_checktwo').html(data);
  48. });
  49. $('#email').focusout(function() {
  50. var val = $(this).val();
  51. var load = 'reg_checks.php?a=email&string='+val;
  52. $.get(load, function(data) {
  53. $('#em_check').html(data);
  54. });
  55. });
  56. $('#captcha').keyup(function() {
  57. var val = $(this).val();
  58. if(!val) {
  59. $('#cap_check').html("<font color = 'red'>Empty</font>");
  60. }
  61. else
  62. {
  63. $('#cap_check').html("");
  64. }
  65. });
  66. });
  67. </script>
  68. <meta name="description" content="Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, Starts gangs, Smuggle and produce drugs, Commit crimes, Play the casino, Attack other players, Become a property broker, Buy and sell items and much much more!">
  69. <meta name="keywords" content="TBRPG,MMORPG,University,Of,The,Streets,Com,Game,Gang,Drug,Gun,Violence,Crime,RPG,Free,Text,Based,Attack,Casino,Smuggle,u,o,t,s,UOTS,u.o.t.s" />
  70. </head>
  71. <body>
  72. <center>
  73. <table border = '0' cellspacing = '0' width = '1038px' style = 'margin-top: 3px;'>
  74. <tr>
  75. <td style = 'height: 75px; background: url(images/css/login/banner-text.png) no-repeat left top;'>
  76. </td>
  77. </tr>
  78. <tr>
  79. <td align = 'right' valign = 'top'>
  80. <table style = 'height: 70px;' cellspacing = '0'>
  81. <tr>
  82. <td style = 'width: 28px; background: url(images/css/login/login-area-left.png) no-repeat right top;'>
  83. </td>
  84. <td style = 'background: url(images/css/login/login-area-x.jpg) repeat-x center top;'>
  85. <form action = 'login.php?page=authent' method = 'post'>
  86. <table width = '600px' style = 'color: #360000;'>
  87. <tr>
  88. <td align = 'left'>
  89. <b>Username:</b>
  90. </td>
  91. <td align = 'left'>
  92. <input type = 'text' name = 'username' value = '' style = 'background: #a8a8a8;'>
  93. </td>
  94. <td align = 'left'>
  95. <b>Password:</b>
  96. </td>
  97. <td align = 'left'>
  98. <input type = 'password' name = 'pass' value = '' style = 'background: #a8a8a8;'>
  99. </td>
  100. <td align = 'left'>
  101. <input type = 'submit' name = 'login' value = 'Login' style = 'background: #a8a8a8;'>
  102. </td>
  103. </tr>
  104. </table>
  105. </form>
  106. </td>
  107. <td style = 'width: 28px; background: url(images/css/login/login-area-right.png) no-repeat left top;'>
  108. </td>
  109. </tr>
  110. </table>
  111. </td>
  112. </tr>
  113. <tr>
  114. <td align = 'left' valign = 'bottom' style = 'height: 55px; background: rgba(64, 64, 64, 0);'>
  115. <table width = '100%' height = '35px' style = 'font-weight: 800; color: white;' border = '0'>
  116. <tr align = 'center'>
  117. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  118. &bull; <a href = 'login.php?page=home' id = 'linkage'>Home page</a>
  119. </td>
  120. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  121. &bull; <a href = 'login.php?page=register' id = 'linkage'>Register</a>
  122. </td>
  123. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  124. &bull; <a href = 'login.php?page=forgotpass' id = 'linkage'>Forgot password</a>
  125. </td>
  126. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  127. &bull; <a href = 'login.php?page=about' id = 'linkage'>About us</a>
  128. </td>
  129. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  130. &bull; <a href = 'login.php?page=contact ' id = 'linkage'> Contact us
  131. </td>
  132. <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
  133. &bull; <a href = 'login.php?page=scrshots ' id = 'linkage'> Screenshots
  134. </td>
  135. </tr>
  136. </table>
  137. </td>
  138. </tr>
  139. <tr>
  140. <td align = 'left' valign = 'top' style = 'height: 960px; background: url(images/css/login/page-bg.png) no-repeat center top;'>
  141. <div style = 'width: 675px; height: 445px; margin-top: 75px; margin-left: 70px; text-align: center; background: rgba(225,225,225,0.4);'>
  142. U.O.T.S is copyright &copy; of IceColdCola networks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved.
  143. <?php
  144. if(!in_array($_GET['page'],array('home','home5','register','code','forgotpass','authent','about','scrshots','contact'))) { $_GET['page'] = 'home'; }
  145. if(!$_GET['page']) {
  146. $_GET['page'] = 'home';
  147. }
  148. switch($_GET['page']) {
  149. case 'home' : home(); break;
  150. case 'register' : register(); break;
  151. case 'forgotpass' : forgot_pass(); break;
  152. case 'code' : code(); break;
  153. case 'authent' : authent(); break;
  154. case 'about' : about(); break;
  155. case 'scrshots' : scrshots(); break;
  156. case 'contact' : contact(); break;
  157. }
  158. ?>
  159. </div>
  160. </td>
  161. </tr>
  162. </table>
  163. </center>
  164. </body>
  165. </html>
  166.  
  167. <?php
  168. function home() {
  169. echo "<h1>Welcome</h1>
  170. <center>
  171. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  172. <tr>
  173. <td align = 'center' colspan = '3'>
  174. <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i><br><b><u></u></b><br>";
  175. $sql = "SELECT *
  176. FROM `usr_stats`
  177. ";
  178. $stat = mysql_fetch_array(mysql_query($sql));
  179.  
  180. $totalstats = ($stat['usr_speed']+$stat['usr_strength']+$stat['usr_defence']+$stat['usr_dexterity']);
  181. $q_ry=array();
  182. $q_ry="SELECT * FROM `usr_stats` ORDER BY '".$totalstats."' DESC LIMIT 5";
  183. $tot=mysql_query($q_ry);
  184. $tt=mysql_num_rows($tot);
  185. echo "
  186. </td>
  187. </tr>
  188. <tr>
  189. <td align = 'right' width = '60%'>
  190.  
  191. </td>
  192. <td width = '10%'>
  193. </td>
  194. <td align = 'left'>";
  195. $q_ry = "SELECT `usr_id`
  196. FROM `usr_tbl`
  197. WHERE `usr_lastact` >= '".(time()-86400)."'";
  198. $totoday = mysql_num_rows(mysql_query($q_ry));
  199. echo "<h3><b></b></h3>";
  200. echo "</td>
  201. </tr>
  202. <tr>
  203. <td align = 'center' colspan = '3'>
  204. <a href = 'login.php?page=register' style = 'color: #360000;'><h2><b>Register now!</b></h2></a>
  205. </td>
  206. </tr>
  207. </table>";
  208. }
  209. function about() {
  210. echo "<h1>About Us</h1>
  211. <center>
  212. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  213. <tr>
  214. <td align = 'center' colspan = '3'>
  215. <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i>
  216. </td>
  217. </tr>
  218. </table>";
  219. }
  220. function contact() {
  221. echo "<h1>Contact</h1>
  222. <center>
  223. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  224. <tr>
  225. <td align = 'center' colspan = '3'>
  226. <i><b>If you have any questions or having trouble signing up please feel free to contact us at support@unistreets.com</b></i>
  227. </td>
  228. </tr>
  229. </table>";
  230. }
  231. function register() {
  232. echo "<h1>Register</h1>
  233. <center>";
  234. $_GET['ref'] = preg_replace('/[^0-9]/', '', $_GET['ref']);
  235. $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
  236. $game_url = 'https://'.$_SERVER['HTTP_HOST'];
  237. $referer = $game_url."/login.php";
  238. $first_half = explode("?", $_SERVER['HTTP_REFERER']);
  239. if($first_half[0] == $referer)
  240. {
  241. if(!$_POST['usern']) {
  242. echo "<form action = 'login.php?page=register' method = 'post'>
  243. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  244. <tr valign = 'bottom'>
  245. <td align = 'right' width = '125px'>
  246. Username:
  247. </td>
  248. <td width = '10px'>
  249. </td>
  250. <td align = 'left'>
  251. <input type = 'text' name = 'usern' id = 'usern'>
  252. </td>
  253. <td width = '150px'>
  254. <span id = 'un_check' style = 'font-weight: 800;'><small>0-9, A-Z, _ & - only.</small></span>
  255. </td>
  256. </tr>
  257. <tr valign = 'bottom'>
  258. <td align = 'right'>
  259. Password:
  260. </td>
  261. <td width = '10px'>
  262. </td>
  263. <td align = 'left'>
  264. <input type = 'password' name = 'passw' id = 'passw'>
  265. </td>
  266. <td width = '150px'>
  267. <span id = 'pw_check' style = 'font-weight: 800;'></span>
  268. </td>
  269. </tr>
  270. <tr valign = 'bottom'>
  271. <td align = 'right'>
  272. Repeat password:
  273. </td>
  274. <td width = '10px'>
  275. </td>
  276. <td align = 'left'>
  277. <input type = 'password' name = 'passwc' id = 'passwc'>
  278. </td>
  279. <td width = '150px'>
  280. <span id = 'pw_checktwo' style = 'font-weight: 800;'></span>
  281. </td>
  282. </tr>
  283. <tr valign = 'bottom'>
  284. <td align = 'right'>
  285. Gender:
  286. </td>
  287. <td width = '10px'>
  288. </td>
  289. <td align = 'left'>
  290. <select name = 'sex' style = 'width: 156px;'>
  291. <option value = 'male' SELECTED>Male</option>
  292. <option value = 'female'>Female</option>
  293. </select>
  294. </td>
  295. <td width = '150px'>
  296. </td>
  297. </tr>
  298. <tr valign = 'bottom'>
  299. <td align = 'right'>
  300. Email address:
  301. </td>
  302. <td width = '10px'>
  303. </td>
  304. <td align = 'left'>
  305. <input type = 'text' name = 'email' id = 'email'>
  306. </td>
  307. <td width = '150px'>
  308. <span id = 'em_check' style = 'font-weight: 800;'><small>Email will be verified.</small></span>
  309. </td>
  310. </tr>
  311. <tr valign = 'bottom'>
  312. <td align = 'right' valign = 'top'>
  313. Captcha:
  314. </td>
  315. <td width = '10px'>
  316. </td>
  317. <td align = 'left'>
  318. <input type = 'text' name = 'captcha' id = 'captcha'>
  319. <img src = 'captcha.php' width = '145px' height = '60px' style = 'margin-top: 6px; margin-left: -2px;'>
  320. </td>
  321. <td width = '150px'>
  322. <span id = 'cap_check' style = 'font-weight: 800;'><small>Captcha will be verified.</small></span>
  323. </td>
  324. </tr>
  325. <tr valign = 'bottom'>
  326. <td align = 'right'>
  327. </td>
  328. <td width = '10px'>
  329. </td>
  330. <td align = 'left'>
  331. </td>
  332. <td width = '150px'>
  333. <input type = 'submit' name = 'register' value = 'Register' id = 'linkage'>
  334. </td>
  335. </tr>
  336. </table>
  337. </form>";
  338. }
  339. else
  340. {
  341. echo "<table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  342. <tr>
  343. <td align = 'center'>";
  344. $back = "<hr>&gt;<a href = 'login.php?page=register' style = 'font-weight: 800; cursor: pointer; color: black;'>Try again</a>";
  345. $check_name = check_name();
  346. if($check_name) {
  347. echo $check_name.$back;
  348. }
  349. else
  350. {
  351. $check_pass = check_pass();
  352. if($check_pass) {
  353. echo $check_pass.$back;
  354. }
  355. else
  356. {
  357. $check_email = check_email();
  358. if($check_email) {
  359. echo $check_email.$back;
  360. }
  361. $ip = $_SERVER['REMOTE_ADDR'];
  362. $q=mysql_query("SELECT * FROM usr_tbl WHERE usr_last_ip='$ip'");
  363. if(mysql_num_rows($q))
  364. {
  365. print "You already registered an account on this IP Address. If you feel this is wrong please send an email to support@unistreets.com";
  366. }
  367. else
  368. {
  369. $_POST['email'] = stripslashes($_POST['email']);
  370. $check_cap = check_cap();
  371. if($check_cap) {
  372. echo $check_cap.$back;
  373. }
  374. else
  375. {
  376. $code = null;
  377. $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789';
  378. for($i = 1; $i<=30; $i++) {
  379. $rand = rand(0,strlen($chars)-1);
  380. $code.=substr($chars, $rand, 1);
  381. }
  382. $link = 'https://'.$_SERVER['HTTP_HOST'];
  383. $link.= '/login.php?page=code&code='.$code;
  384. $message = "Hello ".$_POST['usern'].",\n\n
  385. thank you for signing up, to University of the streets. Please feel free to contact us if you have any questions.";
  386. if(!mail($_POST['email'], "Thank you for signing up to U.O.T.S", $message, "From: support@unistreets.com"))
  387. {
  388. echo "There was an error with your email, Please try again.".$back;
  389. }
  390. else
  391. {
  392. $sex = preg_replace('/[^a-z]/', '', $_POST['sex']);
  393. if(!in_array($sex, array('male','female'))) {
  394. $sex = 'male';
  395. }
  396. $usern = preg_replace('/[^0-9a-zA-Z-_]/', '', $_POST['usern']);
  397. $pass = $_POST['passw'];
  398. $email = strip_tags(stripslashes($_POST['email']));
  399. $ip = $_SERVER['REMOTE_ADDR'];
  400. $ref = preg_replace('/[^0-9]/', '', $_GET['ref']);
  401. $ref = $ref ? $ref : 0;
  402. $sql = "INSERT INTO `tmp_users`
  403. VALUES('NULL',
  404. '".mysql_real_escape_string($usern)."',
  405. '".mysql_real_escape_string(md5($pass))."',
  406. '".mysql_real_escape_string($email)."',
  407. '".mysql_real_escape_string($sex)."',
  408. '".mysql_real_escape_string(time())."',
  409. '".mysql_real_escape_string($ip)."',
  410. '".mysql_real_escape_string($ref)."',
  411. '".mysql_real_escape_string($code)."')";
  412. mysql_query($sql);
  413.  
  414.  
  415.  
  416.  
  417.  
  418.  
  419. $u = mysql_fetch_array($sql);
  420. $sql = "INSERT INTO `usr_tbl` (`usr_nme`,`usr_login`,`usr_pas`,`usr_email`,
  421. `usr_sex`,`usr_sign_date`,`usr_sign_ip`)
  422. VALUES ('".mysql_real_escape_string($usern)."',
  423. '".mysql_real_escape_string($usern)."',
  424. '".mysql_real_escape_string(md5($pass))."',
  425. '".mysql_real_escape_string($email)."',
  426. '".mysql_real_escape_string($sex)."',
  427. '".mysql_real_escape_string(time())."',
  428. '".mysql_real_escape_string($ip)."')";
  429. mysql_query($sql);
  430. $user_id = mysql_insert_id();
  431. $sql = "INSERT INTO `usr_stats` (`usr_id`)
  432. VALUES ('".mysql_real_escape_string($user_id)."')";
  433. mysql_query($sql);
  434. $sql = "INSERT INTO `usr_equipped` (`e_userid`)
  435. VALUES ('".mysql_real_escape_string($user_id)."')";
  436. mysql_query($sql);
  437. $inbox = "Hello ".$u['tmp_uname'].", Welcome to university of the streets, Today I will explain your first lessons on becoming a gangster on these streets, Up in the top right you have your missions tab, Click the missions tab and complete the steps i have set for this mission, At the end you will receive a small but worthy reward. If you have any problems don't hesitate to ask a member of staff for help. Staff can be found under the staff link in the city. You have been credited with three free donator days to help you get started.";
  438. inbox_msg($user_id, 3, 'Welcome', $inbox);
  439. if($u['tmp_ref']) {
  440. $sql = "SELECT `usr_id`
  441. FROM `usr_tbl`
  442. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  443. $sql = mysql_query($sql);
  444. if(mysql_num_rows($sql)) {
  445. $sql = "INSERT INTO `referers`
  446. VALUES ('NULL',
  447. '".mysql_real_escape_string($u['tmp_ref'])."',
  448. '".mysql_real_escape_string($user_id)."')";
  449. mysql_query($sql);
  450. $sql = "UPDATE `usr_tbl`
  451. SET `usr_referals` = `usr_referals` + '1'
  452. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  453. mysql_query($sql);
  454. $msg = "Thank you for referring ".$u['tmp_uname']."[".$user_id."]!";
  455. in_event($u['tmp_ref'], $msg);
  456. }
  457. }
  458.  
  459. $sql = "DELETE FROM `tmp_users`
  460. WHERE `tmp_id` = '".mysql_real_escape_string($u['tmp_id'])."'";
  461. mysql_query($sql);
  462. }
  463.  
  464.  
  465.  
  466.  
  467.  
  468.  
  469.  
  470.  
  471.  
  472. echo "<a href=login.php><font color=black>You have signed up successfully, click here to login!</font></a>.";
  473. }
  474. }
  475. }
  476. }
  477. }
  478. echo "</td>
  479. </tr>
  480. </table>";
  481. }
  482. }
  483.  
  484.  
  485.  
  486. function forgot_pass() {
  487. echo "<h1>Forgot password</h1>";
  488. $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
  489. $game_url = 'https://'.$_SERVER['HTTP_HOST'];
  490. $referer = $game_url."/login.php";
  491. $first_half = explode("?", $_SERVER['HTTP_REFERER']);
  492. if($first_half[0] == $referer)
  493. {
  494. $_POST['email'] = strip_tags(stripslashes($_POST['email']));
  495. echo "<center>
  496. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  497. <tr>
  498. <td align = 'center'>";
  499. if(!$_POST['email']) {
  500. echo "Please enter the email address you used to sign up for the account to recover your password.<br><br>
  501. <form action = 'login.php?page=forgotpass' method = 'post'>
  502. <table width = '100%'>
  503. <tr>
  504. <td align = 'right'>
  505. <b>Email address:</b> <input type = 'text' name = 'email'>
  506. </td>
  507. </tr>
  508. <tr>
  509. <td align = 'right'>
  510. <input type = 'submit' name = 'continue' value = 'Continue' id = 'linkage'>
  511. </td>
  512. </tr>
  513. </table>
  514. </form>";
  515. }
  516. else
  517. {
  518. $sql = "SELECT `usr_id`,`usr_nme`
  519. FROM `usr_tbl`
  520. WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'";
  521. $sql = mysql_query($sql);
  522. if(!mysql_num_rows($sql)) {
  523. echo "The account linked the email address \"".$_POST['email']."\"was not found!";
  524. }
  525. else
  526. {
  527. $u = mysql_fetch_array($sql);
  528. $temppass = null;
  529. $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789';
  530. for($i = 1; $i<=8; $i++) {
  531. $rand = rand(0,strlen($chars)-1);
  532. $temppass.=substr($chars, $rand, 1);
  533. }
  534. $sql = "UPDATE `usr_tbl`
  535. SET `usr_pas` = '".mysql_real_escape_string(md5($temppass))."'
  536. WHERE `usr_id` = '".mysql_real_escape_string($u['usr_id'])."'";
  537. mysql_query($sql);
  538. $message = "Hello ".$u['usr_nme'].",\n\n
  539. We have sent you a new password as requested.\n
  540. This password should be changed as soon as you login to something you will remember.\n\n
  541. ".$temppass;
  542. mail($_POST['email'], "Password recovery - U.O.T.S", $message, "From: support@unistreets.com");
  543. echo "An email with a new password has been sent to you, please allow up to ten minutes.<br>Remember to check junk if it does not appear in your inbox!<br>
  544. If you haven't received it by then please feel free to get in touch at support@unistreets.com";
  545. }
  546. echo "<hr>
  547. &gt;<a href = 'login.php?page=forgotpass' id = 'linkage' style = 'color: black;'>Back</a>
  548. <hr>";
  549. }
  550. echo "</td>
  551. </tr>
  552. </table>";
  553. }
  554. }
  555.  
  556. function scrshots() {
  557. echo "<h1>Screenshots</h1>(Click images for enlarged version)";
  558. $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
  559. $game_url = 'https://'.$_SERVER['HTTP_HOST'];
  560. $referer = $game_url."/login.php";
  561. $first_half = explode("?", $_SERVER['HTTP_REFERER']);
  562. if($first_half[0] == $referer)
  563. {
  564. $_POST['email'] = strip_tags(stripslashes($_POST['email']));
  565. echo "<center>
  566. <table width = '720px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  567. <tr>
  568. <td align = 'center'>";
  569. if(!$_POST['email']) {
  570. echo "<a href=pic3.png><img src=pic3.png width = 350 height = 400></a>
  571. <a href=pic4.png><img src=pic4.png width = 350 height = 400></a>
  572. </td>
  573. </tr>
  574. </table>
  575. </form>";
  576. }
  577. else
  578. {
  579. $sql = "SELECT `usr_id`,`usr_nme`
  580. FROM `usr_tbl`
  581. WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'";
  582. $sql = mysql_query($sql);
  583. if(!mysql_num_rows($sql)) {
  584. echo "The account linked the email address \"".$_POST['email']."\"was not found!";
  585. }
  586. else
  587. {
  588. $u = mysql_fetch_array($sql);
  589. $temppass = null;
  590. $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789';
  591. for($i = 1; $i<=8; $i++) {
  592. $rand = rand(0,strlen($chars)-1);
  593. $temppass.=substr($chars, $rand, 1);
  594. }
  595. $sql = "UPDATE `usr_tbl`
  596. SET `usr_pas` = '".mysql_real_escape_string(md5($temppass))."'
  597. WHERE `usr_id` = '".mysql_real_escape_string($u['usr_id'])."'";
  598. mysql_query($sql);
  599. $message = "Hello ".$u['usr_nme'].",\n\n
  600. We have sent you a new password as requested.\n
  601. This password should be changed as soon as you login to something you will remember.\n\n
  602. ".$temppass;
  603. mail($_POST['email'], "Password recovery - U.O.T.S", $message, "From: support@unistreets.com");
  604. echo "<a href=login.php>You have signed up successfully, click here to login!</a>";
  605.  
  606. $u = mysql_fetch_array($sql);
  607. $sql = "INSERT INTO `usr_tbl` (`usr_nme`,`usr_login`,`usr_pas`,`usr_email`,
  608. `usr_sex`,`usr_sign_date`,`usr_sign_ip`)
  609. VALUES ('".mysql_real_escape_string($u['tmp_uname'])."',
  610. '".mysql_real_escape_string($u['tmp_uname'])."',
  611. '".mysql_real_escape_string($u['tmp_pass'])."',
  612. '".mysql_real_escape_string($u['tmp_email'])."',
  613. '".mysql_real_escape_string($u['tmp_sex'])."',
  614. '".mysql_real_escape_string($u['tmp_date'])."',
  615. '".mysql_real_escape_string($u['tmp_ip'])."')";
  616. mysql_query($sql);
  617. $user_id = mysql_insert_id();
  618. $sql = "INSERT INTO `usr_stats` (`usr_id`)
  619. VALUES ('".mysql_real_escape_string($user_id)."')";
  620. mysql_query($sql);
  621. $sql = "INSERT INTO `usr_equipped` (`e_userid`)
  622. VALUES ('".mysql_real_escape_string($user_id)."')";
  623. mysql_query($sql);
  624. $inbox = "Hello ".$u['tmp_uname'].", Welcome to university of the streets, Today I will explain your first lessons on becoming a gangster on these streets, Up in the top right you have your missions tab, Click the missions tab and complete the steps i have set for this mission, At the end you will receive a small but worthy reward. If you have any problems don't hesitate to ask a member of staff for help. Staff can be found under the staff link in the city. You have been credited with three free donator days to help you get started.";
  625. inbox_msg($user_id, 3, 'Welcome', $inbox);
  626. if($u['tmp_ref']) {
  627. $sql = "SELECT `usr_id`
  628. FROM `usr_tbl`
  629. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  630. $sql = mysql_query($sql);
  631. if(mysql_num_rows($sql)) {
  632. $sql = "INSERT INTO `referers`
  633. VALUES ('NULL',
  634. '".mysql_real_escape_string($u['tmp_ref'])."',
  635. '".mysql_real_escape_string($user_id)."')";
  636. mysql_query($sql);
  637. $sql = "UPDATE `usr_tbl`
  638. SET `usr_referals` = `usr_referals` + '1'
  639. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  640. mysql_query($sql);
  641. $msg = "Thank you for referring ".$u['tmp_uname']."[".$user_id."]!";
  642. in_event($u['tmp_ref'], $msg);
  643. }
  644. }
  645. echo "Thank you for signing up ".$u['tmp_uname']."[".$user_id."]!<br><br>
  646. You may now login<br><br>
  647. Enjoy!";
  648. $sql = "DELETE FROM `tmp_users`
  649. WHERE `tmp_id` = '".mysql_real_escape_string($u['tmp_id'])."'";
  650. mysql_query($sql);
  651. }
  652. echo "<hr>
  653. &gt;<a href = 'login.php?page=forgotpass' id = 'linkage' style = 'color: black;'>Back</a>
  654. <hr>";
  655. }
  656. echo "</td>
  657. </tr>
  658. </table>";
  659. }
  660. }
  661.  
  662.  
  663. function code() {
  664. echo "<h1>Confirm email</h1>";
  665. $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
  666. echo "<center>
  667. <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
  668. <tr>
  669. <td align = 'center'>";
  670. if(!$_GET['code']) {
  671. echo "Invalid registration code!";
  672. }
  673. else
  674. {
  675. $sql = "SELECT *
  676. FROM `tmp_users`
  677. WHERE `code` = '".mysql_real_escape_string($_GET['code'])."'";
  678. $sql = mysql_query($sql);
  679. if(!mysql_num_rows($sql)) {
  680. echo "Invalid registration code!";
  681. }
  682. else
  683. {
  684. $u = mysql_fetch_array($sql);
  685.  
  686. $user_id = mysql_insert_id();
  687. $sql = "INSERT INTO `usr_stats` (`usr_id`)
  688. VALUES ('".mysql_real_escape_string($user_id)."')";
  689. mysql_query($sql);
  690. $sql = "INSERT INTO `usr_equipped` (`e_userid`)
  691. VALUES ('".mysql_real_escape_string($user_id)."')";
  692. mysql_query($sql);
  693. $inbox = "Hello ".$u['tmp_uname'].", Welcome to university of the streets, Today I will explain your first lessons on becoming a gangster on these streets, Up in the top right you have your missions tab, Click the missions tab and complete the steps i have set for this mission, At the end you will receive a small but worthy reward. If you have any problems don't hesitate to ask a member of staff for help. Staff can be found under the staff link in the city. You have been credited with three free donator days to help you get started.";
  694. inbox_msg($user_id, 3, 'Welcome', $inbox);
  695. if($u['tmp_ref']) {
  696. $sql = "SELECT `usr_id`
  697. FROM `usr_tbl`
  698. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  699. $sql = mysql_query($sql);
  700. if(mysql_num_rows($sql)) {
  701. $sql = "INSERT INTO `referers`
  702. VALUES ('NULL',
  703. '".mysql_real_escape_string($u['tmp_ref'])."',
  704. '".mysql_real_escape_string($user_id)."')";
  705. mysql_query($sql);
  706. $sql = "UPDATE `usr_tbl`
  707. SET `usr_referals` = `usr_referals` + '1'
  708. WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
  709. mysql_query($sql);
  710. $msg = "Thank you for referring ".$u['tmp_uname']."[".$user_id."]!";
  711. in_event($u['tmp_ref'], $msg);
  712. }
  713. }
  714. echo "Thank you for signing up ".$u['tmp_uname']."[".$user_id."]!<br><br>
  715. You may now login<br><br>
  716. Enjoy!";
  717. $sql = "DELETE FROM `tmp_users`
  718. WHERE `tmp_id` = '".mysql_real_escape_string($u['tmp_id'])."'";
  719. mysql_query($sql);
  720. }
  721. }
  722. echo "</td>
  723. </tr>
  724. </table>";
  725. }
  726.  
  727.  
  728. function authent() {
  729. echo "<h1>Authentication</h1>";
  730. $error = "";
  731. $back = "&gt; <a href = 'login.php'><font color = 'red'>Back</font></a>";
  732. $_POST['pass'] = htmlentities(stripslashes($_POST['pass']));
  733. $_POST['username'] = htmlentities(stripslashes($_POST['username']));
  734. if(!$_POST['username'] || !$_POST['pass']) {
  735. $error = "Please go back and fill in the form correctly.<br>".$back;
  736. }
  737. else {
  738. $sql = "SELECT `usr_id`,`usr_fed`
  739. FROM `usr_tbl`
  740. WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."'
  741. AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."'
  742. LIMIT 1";
  743. $sql = mysql_query($sql);
  744. if(!mysql_num_rows($sql)) {
  745. $error = "User not found! Please go back and try again.<br>".$back;
  746. }
  747. else
  748. {
  749. $user = mysql_fetch_array($sql);
  750. unset($_SESSION['feduser']);
  751. if($user['usr_fed'] > time()) {
  752. $_SESSION['feduser'] = $user['usr_id'];
  753. header('location:fedjail.php');
  754. exit;
  755. }
  756. else
  757. {
  758. if($user['usr_fed']) {
  759. $sql = "UPDATE `usr_tbl`
  760. SET `usr_fed` = '0'
  761. WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";
  762. mysql_query($sql);
  763. }
  764. }
  765. $_SESSION['myid'] = $user['usr_id'];
  766. $_SESSION['verified'] = 0;
  767. $sql = "UPDATE `usr_tbl`
  768. SET `usr_last_login` = '".mysql_real_escape_string(time())."',
  769. `usr_lastact` = '".mysql_real_escape_string(time())."'
  770. WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'";
  771. mysql_query($sql);
  772.  
  773.  
  774. $q_ry = "SELECT `setting_value`
  775. FROM `game_set`
  776. WHERE `setting_id` = '5'";
  777. $rtoday = mysql_fetch_array(mysql_query($q_ry));
  778. $rtoday = $rtoday['setting_value'];
  779. $q_ry = "SELECT `usr_id`
  780. FROM `usr_tbl`
  781. WHERE `usr_lastact` >= ".(time()-86400)."
  782. ORDER BY `usr_lastact` DESC";
  783. $totoday = mysql_num_rows(mysql_query($q_ry));
  784. if($totoday > $rtoday) {
  785. $sql = "UPDATE `game_set`
  786. SET `setting_value` = `setting_value` + '1'
  787. WHERE `setting_id` = '5'";
  788. mysql_query($sql);
  789. }
  790. $q_ry = "SELECT `setting_value`
  791. FROM `game_set`
  792. WHERE `setting_id` = '6'";
  793. $rhour = mysql_fetch_array(mysql_query($q_ry));
  794. $rhour = $rhour['setting_value'];
  795. $q_ry = "SELECT `usr_id`
  796. FROM `usr_tbl`
  797. WHERE `usr_lastact` >= ".(time()-3600)."
  798. ORDER BY `usr_lastact` DESC";
  799. $tothour = mysql_num_rows(mysql_query($q_ry));
  800. if($tothour > $rhour) {
  801. $sql = "UPDATE `game_set`
  802. SET `setting_value` = `setting_value` + '1'
  803. WHERE `setting_id` = '6'";
  804. mysql_query($sql);
  805. }
  806. $q_ry = "SELECT `setting_value`
  807. FROM `game_set`
  808. WHERE `setting_id` = '7'";
  809. $rnow = mysql_fetch_array(mysql_query($q_ry));
  810. $rnow = $rnow['setting_value'];
  811. $q_ry = "SELECT `usr_id`,`usr_lastact`
  812. FROM `usr_tbl`
  813. WHERE `usr_lastact` >= ".(time()-900)."
  814. ORDER BY `usr_lastact` DESC";
  815. $onl = mysql_num_rows(mysql_query($q_ry));
  816. if($onl > $rnow) {
  817. $sql = "UPDATE `game_set`
  818. SET `setting_value` = `setting_value` + '1'
  819. WHERE `setting_id` = '7'";
  820. mysql_query($sql);
  821. }
  822.  
  823. header('location:index.php');
  824. }
  825. }
  826. if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; }
  827. }
  828.  
  829. function add_live($id, $function) {
  830. $sql = "SELECT `usr_live`
  831. FROM `usr_tbl`
  832. WHERE `usr_id` = '".mysql_real_escape_string($id)."'";
  833. $live = mysql_fetch_array(mysql_query($sql));
  834. $live = $live['usr_live'];
  835. $live.= $function;
  836. $sql = "UPDATE `usr_tbl`
  837. SET `usr_live` = '".mysql_real_escape_string($live)."'
  838. WHERE `usr_id` = '".mysql_real_escape_string($id)."'";
  839. mysql_query($sql);
  840. }
  841. function inbox_msg($user, $from, $subj, $mesg) {
  842. $sql = "INSERT INTO `usr_msgs`
  843. VALUES('NULL',
  844. '".mysql_real_escape_string($user)."',
  845. '".mysql_real_escape_string($from)."',
  846. '".time()."',
  847. '".mysql_real_escape_string($subj)."',
  848. '".mysql_real_escape_string($mesg)."',
  849. 'no')";
  850. mysql_query($sql);
  851. add_live($user, "add_msg();");
  852. }
  853. function in_event($player, $text) {
  854. $text = stripslashes($text);
  855. mysql_query("INSERT INTO `usr_events`
  856. VALUES('NULL',
  857. '".mysql_real_escape_string($player)."',
  858. '".time()."',
  859. '".mysql_real_escape_string($text)."',
  860. 'no')");
  861. add_live($player, "add_event();");
  862. }
  863.  
  864.  
  865. function check_name() {
  866. $username = $_POST['usern'];
  867. if(!$username) {
  868. return "Username cannot be empty.";
  869. }
  870. else
  871. {
  872. if(preg_match('/[^0-9a-zA-Z-_]/', $username))
  873. {
  874. return "Invalid characters detected in your username!";
  875. }
  876. else
  877. {
  878. $username = preg_replace('/[^0-9a-zA-Z-_]/', '', $username);
  879. if(strlen($username) < '3') {
  880. return "Your username is too short!";
  881. }
  882. else
  883. {
  884. if(strlen($username) > '21') {
  885. return "Your username is too long.";
  886. }
  887. else
  888. {
  889. $sql1 = "SELECT `usr_id`
  890. FROM `usr_tbl`
  891. WHERE `usr_nme` = '".mysql_real_escape_string($username)."' ||
  892. `usr_login` = '".mysql_real_escape_string($username)."'";
  893. $sql1 = mysql_query($sql1);
  894. $sql2 = "SELECT `tmp_id`
  895. FROM `tmp_users`
  896. WHERE `tmp_uname` = '".mysql_real_escape_string($username)."'";
  897. $sql2 = mysql_query($sql2);
  898. if(mysql_num_rows($sql1) || mysql_num_rows($sql2)) {
  899. return "This username is already in use.";
  900. }
  901. else
  902. {
  903. return 0;
  904. }
  905. }
  906. }
  907. }
  908. }
  909. }
  910. function check_pass() {
  911. $pass = $_POST['passw'];
  912. $passtwo = $_POST['passwc'];
  913. if(!$pass || !$passtwo) {
  914. return "Password does not match.";
  915. }
  916. else
  917. {
  918. if($pass != $passtwo)
  919. {
  920. return "Password does not match.";
  921. }
  922. else
  923. {
  924. return 0;
  925. }
  926. }
  927. }
  928. function check_email() {
  929. $_POST['email'] = strip_tags(stripslashes($_POST['email']));
  930. if(!$_POST['email'])
  931. {
  932. return "Email address cannot be empty.";
  933. }
  934. else
  935. {
  936. $email = explode("@", $_POST['email']);
  937. $check_for_the_dot = explode(".", $email[1]);
  938. if(substr_count($_POST['email'], "@") > '1')
  939. {
  940. return "Invalid email address.";
  941. }
  942. else
  943. {
  944. if(!$check_for_the_dot[1])
  945. {
  946. return "Invalid email address.";
  947. }
  948. else
  949. {
  950. $sql = "SELECT `setting_value`
  951. FROM `game_set`
  952. WHERE `setting_id` = '4'";
  953. $bad_url = mysql_fetch_array(mysql_query($sql));
  954. $bad_url = explode(",", $bad_url['setting_value']);
  955. if(in_array($email[1], $bad_url)) {
  956. return "Disposable email addresses cannot be used.";
  957. }
  958. else
  959. {
  960. if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  961. {
  962. return "Invalid email address.";
  963. }
  964. else
  965. {
  966. $sql = "SELECT `usr_id`
  967. FROM `usr_tbl`
  968. WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'";
  969. $sql = mysql_query($sql);
  970. $sql2 = "SELECT `tmp_id`
  971. FROM `tmp_users`
  972. WHERE `tmp_email` = '".mysql_real_escape_string($_POST['email'])."'";
  973. $sql2 = mysql_query($sql2);
  974. if(mysql_num_rows($sql) || mysql_num_rows($sql2))
  975. {
  976. return "Email address exists.";
  977. }
  978. else
  979. {
  980. return 0;
  981. }
  982. }
  983. }
  984. }
  985. }
  986. }
  987. }
  988. function check_cap() {
  989. $cap = $_POST['captcha'];
  990. if(!$cap) {
  991. return "Captcha cannot be empty.";
  992. }
  993. else
  994. {
  995. if($cap != $_SESSION['cap_code'])
  996. {
  997. return "Captcha did not match.";
  998. }
  999. else
  1000. {
  1001. return 0;
  1002. }
  1003. }
  1004. }
  1005. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!