Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "config.php";
- mysql_connect($location,$databaseuser,$databasepass);
- @mysql_select_db($database) or die( "Unable to select database"); //Connects to database
- $username = $_GET['username']; //gets username from url
- $password = $_GET['password']; //gets password from url
- $hwid = $_GET['hwid']; //gets HWID from url
- $time = $_GET['time']; //gets username from url
- $username = stripslashes($username); //MySQL Injection Protection
- $username = mysql_real_escape_string($username); //MySQL Injection Protection
- $password = stripslashes($password); //MySQL Injection Protection
- $password = mysql_real_escape_string($password); //MySQL Injection Protection
- $hwid = stripslashes($hwid); //MySQL Injection Protection
- $hwid = mysql_real_escape_string($hwid); //MySQL Injection Protection
- $time = stripslashes($time); //MySQL Injection Protection
- $time = mysql_real_escape_string($time); //MySQL Injection Protection
- $date = date('Y-m-d H:i:s', time());
- if($username==""){ //if username is blank, then show the blank username error
- echo $blankuser;
- }elseif($password=="D4-1D-8C-D9-8F-00-B2-04-E9-80-09-98-EC-F8-42-7E"){ //if password is blank, then show the blank password error
- echo $blankpass;
- }elseif($hwid==""){ //If the HWID is blank then show this error
- echo $blankhwid;
- }elseif($time==""){
- echo "This was not posted through the application.";
- }else{ //Goes here if every information required is filled with some info
- $sql="SELECT * FROM Users WHERE username='$username' and password='$password' and hwid='$hwid'"; //tries logging in
- $result=mysql_query($sql);
- $count=mysql_num_rows($result);
- if($count==1){ //goes here if logged in successfully
- $expires = mysql_query("SELECT Expires FROM Users WHERE username='$username' AND password='$password' AND hwid='$hwid'");
- while($expiresdata = mysql_fetch_assoc($expires)) { //gets data to see expiration date of user
- $dateexpired = $expiresdata["Expires"]; //gets the expired date
- }
- $blacklistdata = mysql_query("SELECT Blacklisted FROM Users WHERE username='$username' AND password='$password' AND hwid='$hwid'");
- while($blacklist = mysql_fetch_assoc($blacklistdata)) { //gets data to see if user is blacklisted
- $blacklisted = $blacklist["Blacklisted"]; //gets the result
- }
- $blacklisted = strtolower($blacklisted);
- $banreasondata = mysql_query("SELECT CustomReason FROM Users WHERE username='$username' AND password='$password' AND hwid='$hwid'");
- while($banreasoninfo = mysql_fetch_assoc($banreasondata)) { //gets the data of the custom ban message
- $banreason = $banreasoninfo["CustomReason"]; //gets the result
- }
- $today = date("Y-d-m"); //gets today's date
- $today = strtotime($today); //changes it into time
- $expiration_date = strtotime($dateexpired); //changes the date of expiration into time
- if($expiration_date > today){ //if your not expired then
- if($blacklisted=="yes"){ //if your blacklisted then
- echo $blacklistedmessage . $banreason; //showing blacklisted/banned message
- }else{ //if your not expired or blacklisted
- $date = date('Y-m-d H:i:s', time());
- $crypted = sha1($hwid . $time);
- mysql_query("UPDATE Users SET Signed_in = '$date'
- WHERE UserName = '$username' AND Password = '$password' AND HWID = '$hwid'");
- mysql_query("INSERT INTO Logged_in (username, hwid, logged_in, time)
- VALUES ('$username', '$hwid', 'Yes', '$date')");
- echo $crypted; //your validated, everything is correct
- }
- }else{ //your expired
- if($blacklisted=="yes"){ //are you expired and black listed?
- mysql_query("INSERT INTO Logged_in (username, hwid, logged_in, time)
- VALUES ('$username', '$hwid', 'No - Showed expired + ban message', '$date')");
- echo $licenseexpired . "\n" . $blacklistedmessage . $banreason; //shows licensed expired and ban message
- }else{ //Your licensed expired, but your not banned
- mysql_query("INSERT INTO Logged_in (username, hwid, logged_in, time)
- VALUES ('$username', '$hwid', 'No - Showed expired message', '$date')");
- echo $licenseexpired;
- }
- }
- }else{
- mysql_query("INSERT INTO Logged_in (username, hwid, logged_in, time)
- VALUES ('$username', '$hwid', 'No - Error logging in', '$date')");
- echo $errorlogin;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement