API tools faq
paste
Advertisement
Guest User

test

a guest
Jan 25th, 2016
50
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. ob_start();
  3. @session_start();
  4. ini_set( 'display_errors', True );
  5. date_default_timezone_set( @date_default_timezone_get() );
  6. error_reporting( E_ALL );
  7.  
  8. define( '_sep', str_replace( '\\', '\\\\', DIRECTORY_SEPARATOR ) );
  9. define( '_root', str_replace( '\\', '\\\\', __DIR__ ) . _sep );
  10. require _root . '_class' . _sep . 'class.php';
  11. ?>
  12. <head>
  13.  
  14. <title>Edit chat group</title>
  15.  
  16. </head>
  17.  
  18.  
  19.  
  20. <?php include('nav.php'); ?>
  21.  
  22.  
  23. <div align="center"> </a><span style="color:#001aff;text-shadow: 0px 0px 5px#000000;"><h2>Editar Seu perfil geral</h2></span>
  24. <body>
  25. <div class="block c4">
  26.  
  27.  
  28.  
  29. <head>
  30. <meta charset="utf-8">
  31. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  32. <title>Edit your chat</title>
  33. <meta name="description" content="Edit your chat">
  34. <meta name="viewport" content="width=device-width">
  35. <!--<meta name="msapplication-TileImage" content="http://xat.com/images/win8-tile-144.png"/> TODO: -->
  36. <meta name="msapplication-TileColor" content="#000033"/>
  37. <meta name="xt" content="edit">
  38. <meta name="xcb_js" content="gv6DD4">
  39. <meta name="xcb_l" content="oH7gcs">
  40. <script type="text/javascript">
  41. //<![CDATA[
  42. try{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:"/cdn-cgi/nexp/dokv=88e434a982/"},atok:"0debc295324a9a09ed533e125f1d04e4",petok:"fd9196e3ee1acabc243e686f1fd2939fca198378-1409869586-1800",zone:"xat.com",rocket:"0",apps:{}}];CloudFlare.push({"apps":{"ape":"ce6a7c57d5e4e884b40b3c5937c588e0"}});!function(a,b){a=document.createElement("script"),b=document.getElementsByTagName("script")[0],a.async=!0,a.src="//ajax.cloudflare.com/cdn-cgi/nexp/dokv=97fb4d042e/cloudflare.min.js",b.parentNode.insertBefore(a,b)}()}}catch(e){};
  43. //]]>
  44. </script>
  45. <link href="http://xat.com/favicon.ico" rel="shortcut icon" type="image/x-icon">
  46. <link rel="dns-prefetch" href="//www.xatech.com">
  47. <link rel="stylesheet" type="text/css" href="http://xat.com/css/bootstrap.min.css?v=gv6DD4">
  48. <link rel="stylesheet" type="text/css" href="http://xat.com/css/bootstrap-responsive.min.css?v=gv6DD4">
  49. <link rel="stylesheet" type="text/css" href="http://xat.com/css/animate.css?v=gv6DD4">
  50. <link rel="stylesheet" type="text/css" href="http://xat.com/css/main.css?v=gv6DD4">
  51. <link rel="stylesheet" type="text/css" href="http://xat.com/css/cookiecuttr.css?v=gv6DD4">
  52. <script src="http://xat.com/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?v=gv6DD4"></script>
  53. </head>
  54. <body>
  55. <!--[if lt IE 7]>
  56. <p class="chromeframe">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> or <a href="http://www.google.com/chromeframe/?redirect=true">activate Google Chrome Frame</a> to improve your experience.</p>
  57. <![endif]-->
  58. <!--/head-->
  59.  
  60. <!--header-->
  61.  
  62.  
  63.  
  64.  
  65. <?php
  66. If ( Isset( $_POST[ 'cmd' ] ) )
  67. {
  68. $messages = Array( );
  69. switch ( $_POST[ 'cmd' ] )
  70. {
  71. case 'login':
  72. If ( !$core->allset( $_POST, 'user', 'pass' ) )
  73. {
  74. break;
  75. } //!$core->allset( $_POST, 'user', 'pass' )
  76. If ( strlen( $_POST[ 'user' ] ) == 0 )
  77. {
  78. $messages[ ] = 'Por favor digite seu usuario.';
  79. } //strlen( $_POST[ 'user' ] ) == 0
  80. If ( strlen( $_POST[ 'pass' ] ) == 0 )
  81. {
  82. $messages[ ] = 'Por favor digite sua senha.';
  83. } //strlen( $_POST[ 'pass' ] ) == 0
  84. If ( !empty( $messages ) )
  85. break;
  86.  
  87. $user = $mysql->fetch_Array( 'select * from `users` where `username`=:a;', Array(
  88. 'a' => $_POST[ 'user' ]
  89. ) );
  90. If ( empty( $user ) || !$mysql->validate( $_POST[ 'pass' ], $user[ 0 ][ 'password' ] ) )
  91. {
  92. $messages[ ] = 'Usuario/senha esta incorreto!';
  93. break;
  94. } //empty( $user ) || !$mysql->validate( $_POST[ 'pass' ], $user[ 0 ][ 'password' ] )
  95.  
  96. $loginKey = md5( time() . json_encode( $_POST ) );
  97. $_COOKIE[ 'loginKey' ] = $loginKey;
  98. $expire = time() + 60 * 60 * 24 * 30;
  99. setcookie( "loginKey", $loginKey, $expire );
  100. $mysql->query( 'update `users` set `loginKey`=:a where `username`=:b;', Array(
  101. 'a' => $loginKey,
  102. 'b' => $user[ 0 ][ 'username' ]
  103. ) );
  104. $messages[ ] = 'Voce sera redirecionado automaticamente para a pagina inicial!' . $core->refreshLogin();
  105. $core->auth = True;
  106. break;
  107. case 'register':
  108. If ( !$core->allset( $_POST, 'user', 'pass', 'mail' ) )
  109. {
  110. break;
  111. } //!$core->allset( $_POST, 'user', 'pass', 'mail' )
  112. If ( strlen( $_POST[ 'user' ] ) < 5 || strlen( $_POST[ 'user' ] ) > 32 || !ctype_alnum( $_POST[ 'user' ] ) )
  113. {
  114. $messages[ ] = 'O seu usuario precisa ter 5-15 alpha-numerico ou caracteres (a-z/0-9).';
  115. } //strlen( $_POST[ 'user' ] ) < 5 || strlen( $_POST[ 'user' ] ) > 32 || !ctype_alnum( $_POST[ 'user' ] )
  116. If ( strtolower( $_POST[ 'user' ] ) == 'unregistered' )
  117. {
  118. $messages[ ] = 'Este usuario e reservado!';
  119. } //strtolower( $_POST[ 'user' ] ) == 'unregistered'
  120. If ( strlen( $_POST[ 'pass' ] ) < 6 )
  121. {
  122. $messages[ ] = 'Sua senha precisa ter pelo menos 6 caracteres.';
  123. } //strlen( $_POST[ 'pass' ] ) < 6
  124. If ( !filter_var( $_POST[ 'mail' ], FILTER_VALIDATE_EMAIL ) )
  125. {
  126. $messages[ ] = 'Por favor digite um email valido.';
  127. } //!filter_var( $_POST[ 'mail' ], FILTER_VALIDATE_EMAIL )
  128. If ( !empty( $messages ) )
  129. break;
  130.  
  131. $count = $mysql->fetch_Array( 'select count(*) as `count` from `users` where `username`=:a or `email`=:b or (`connectedlast`=:c and `username`!=:d);', Array(
  132. 'a' => $_POST[ 'user' ],
  133. 'b' => $_POST[ 'mail' ],
  134. 'c' => $_SERVER[ 'REMOTE_ADDR' ],
  135. 'd' => ''
  136. ) );
  137. If ( $count[ 0 ][ 'count' ] > 0 )
  138. {
  139. $messages[ ] = 'Este nome de usuario ja esta em uso, ou voce ja tem uma conta!';
  140. break;
  141. } //$count[ 0 ][ 'count' ] > 0
  142.  
  143. $vals = Array(
  144. 'id' => 'NULL',
  145. 'username' => $_POST[ 'user' ],
  146. 'nickname' => $_POST[ 'user' ],
  147. 'password' => $mysql->hash( $_POST[ 'pass' ] ),
  148. 'avatar' => rand( 0, 1759 ),
  149. 'url' => '',
  150. 'k' => rand( -1000000000, 1000000000 ),
  151. 'k2' => rand( -1000000000, 1000000000 ),
  152. 'k3' => rand( -10000000000, 1000000000 ),
  153. 'xats' => $config->xats,
  154. 'reserve' => $config->xats,
  155. 'days' => time() + ( $config->days * 86400 ),
  156. 'email' => $_POST[ 'mail' ],
  157. 'powers' => '',
  158. 'enabled' => '1',
  159. 'transferblock' => '',
  160. 'connectedlast' => $_SERVER[ 'REMOTE_ADDR' ],
  161. 'rank' => 1
  162. );
  163. $result = $mysql->insert( 'users', $vals );
  164.  
  165. $messages[ ] = "Voce foi registrado com sucesso, agora faca o login!";
  166. break;
  167. case 'update_bio':
  168. If ( $core->auth )
  169. {
  170. $mysql->query( 'update `users` set `css`=:css where `id`=' . $core->user[ 'id' ] . ';', Array(
  171. 'css' => $_POST[ 'bio' ]
  172. ) );
  173. } //$core->auth
  174. break;
  175. case 'update_passok':
  176. If ( $core->auth )
  177. {
  178. $mysql->query( 'update `users` set `passok`=:passok where `id`=' . $core->user[ 'id' ] . ';', Array(
  179. 'passok' => $_POST[ 'passok' ]
  180. ) );
  181. } //$core->auth
  182. break;
  183. case 'update_desc':
  184. If ( $core->auth )
  185. {
  186. $mysql->query( 'update `users` set `desc`=:desc where `id`=' . $core->user[ 'id' ] . ';', Array(
  187. 'desc' => $_POST[ 'desc' ]
  188. ) );
  189. } //$core->auth
  190. break;
  191. case 'update_embed':
  192. If ( $core->auth )
  193. {
  194. $mysql->query( 'update `users` set `embed`=:embed where `id`=' . $core->user[ 'id' ] . ';', Array(
  195. 'embed' => $_POST[ 'embed' ]
  196. ) );
  197. } //$core->auth
  198. break;
  199. case 'update_tickle':
  200. If ( $core->auth )
  201. {
  202. $mysql->query( 'update `users` set `tickle`=:tickle where `id`=' . $core->user[ 'id' ] . ';', Array(
  203. 'tickle' => $_POST[ 'tickle' ]
  204. ) );
  205. } //$core->auth
  206. break;
  207. } //$_POST[ 'cmd' ]
  208.  
  209. Foreach ( $messages as $message )
  210. {
  211. print '<div class="message"> ' . $message . ' </div>';
  212. } //$messages as $message
  213. } //Isset( $_POST[ 'cmd' ] )
  214.  
  215. If ( !Isset( $_GET[ 'u' ] ) && Isset( $core->user[ 'username' ] ) )
  216. {
  217. $_GET[ 'u' ] = $core->user[ 'username' ];
  218. } //!Isset( $_GET[ 'u' ] ) && Isset( $core->user[ 'username' ] )
  219.  
  220. If ( Isset( $_GET[ 'u' ] ) && ctype_alnum( $_GET[ 'u' ] ) )
  221. {
  222. $user = $mysql->fetch_Array( 'select * from `users` where `username`=:uname;', Array(
  223. 'uname' => $_GET[ 'u' ]
  224. ) );
  225. If ( count( $user ) == 1 )
  226. {
  227. $nickname = htmlspecialchars( substr( $user[ 0 ][ 'nickname' ], 0, strpos( $user[ 0 ][ 'nickname' ] . '##', '##' ) ) );
  228. $nickname = preg_replace( '/\([^)]*\)+/', '', $nickname );
  229. $pcount = $mysql->fetch_Array( 'select count(*) from `userpowers` where `userid`=:userid;', Array(
  230. 'userid' => $user[ 0 ][ 'id' ]
  231. ) );
  232. print '<div class="block c5">';
  233. print '<div class="heading">' . substr( $nickname, 0, 50 ) . '</div>';
  234. print '<table style="width: 99%">';
  235.  
  236. If ( is_numeric( $user[ 0 ][ 'avatar' ] ) )
  237. {
  238. } //is_numeric( $user[ 0 ][ 'avatar' ] )
  239. print '</table>';
  240. If ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] )
  241. {
  242.  
  243.  
  244. print '';
  245. } //$core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ]
  246.  
  247. print '</div>';
  248.  
  249. print '<embed src="../web_gear/flash/profile.swf?a30" wmode="transparent" quality="high" width="425" height="600" name="profile" FlashVars="Info=' . $user[ 0 ][ 'id' ] . ';=' . $user[ 0 ][ 'username' ] . ';=' . $user[ 0 ][ 'nickname' ] . ';=' . $user[ 0 ][ 'avatar' ] . ';=http://BlockedDomain/;=" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash" /></div>
  250. ';
  251.  
  252. print '<p><center><div class="heading"> Editar DESCRIÇAO [<a href="usuario/' . htmlspecialchars( $_GET[ 'u' ] ) . '&preview">Visualizar</a>]</div></center></p>';
  253. }
  254.  
  255. If ( $user[ 0 ][ 'desc' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] ) )
  256. {
  257. print '<div class="tc" style="width: 100%"> ' . $user[ 0 ][ 'username' ] . ' nao tem um perfil. </div>';
  258. } //$user[ 0 ][ 'desc' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] )
  259. ElseIf ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  260. {
  261. print '<form method="post">';
  262. print '<input type="hidden" name="cmd" value="update_desc" />';
  263. print '<textarea name="desc" style="width: 20%;resize: none" rows="10">' . htmlspecialchars( $user[ 0 ][ 'desc' ] ) . '</textarea>';
  264. print '<div style="width: 33%;text-align: center"> <input type="submit" value="Mudar Descriçao" /> </div>';
  265. print '</form>';
  266.  
  267. print '<center><div class="heading"> Sua Senha <a href="usuario/' . htmlspecialchars( $_GET[ 'u' ] ) . '<p align="left"><font color="#FF0000"><p>(Por medidas de Segurança sua senha só será mostrada a voce)</p></font></a></div></center>';
  268. }
  269.  
  270. If ( $user[ 0 ][ 'passok' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] ) )
  271. {
  272. print '<div class="tc" style="width: 100%"> ' . $user[ 0 ][ 'username' ] . ' nao tem um perfil. </div>';
  273. } //$user[ 0 ][ 'passok' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] )
  274. ElseIf ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  275. {
  276. print '<form method="post">';
  277. print '<input type="hidden" name="cmd" value="update_passok" />';
  278. print '<p><text name="passok" style="width: 33%;resize: none" rows="15"></p>' . htmlspecialchars( $user[ 0 ][ 'passok' ] ) . '</text>';
  279. print '</form>';
  280.  
  281.  
  282. print '<div class="block c4-5 fr">';
  283. If ( Isset( $core->user[ 'id' ] ) && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  284. {
  285. print '<br />';
  286. print '<center><div class="heading"> Editar CSS [<a href="usuario/' . htmlspecialchars( $_GET[ 'u' ] ) . '&preview">Visualizar</a>]</div></center>';
  287. } //Isset( $core->user[ 'id' ] ) && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] )
  288. Else
  289. {
  290. print '<div class="heading"> Perfil </div>';
  291. }
  292.  
  293. If ( $user[ 0 ][ 'css' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] ) )
  294. {
  295. print '<div class="tc" style="width: 100%"> ' . $user[ 0 ][ 'username' ] . ' nao tem um perfil. </div>';
  296. } //$user[ 0 ][ 'css' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] )
  297. ElseIf ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  298. {
  299. print '<form method="post">';
  300. print '<input type="hidden" name="cmd" value="update_bio" />';
  301. print '<textarea name="bio" style="width: 20%;resize: none" rows="10">' . htmlspecialchars( $user[ 0 ][ 'css' ] ) . '</textarea>';
  302. print '<div style="width: 33%;text-align: center"> <input type="submit" value="Mudar css" /> </div>';
  303. print '</form>';
  304.  
  305.  
  306.  
  307. print '<center><div class="heading"> Editar HTML [<a href="usuario/' . htmlspecialchars( $_GET[ 'u' ] ) . '&preview">Visualizar</a>]</div></center>';
  308. }
  309.  
  310. If ( $user[ 0 ][ 'embed' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] ) )
  311. {
  312. print '<div class="tc" style="width: 100%"> ' . $user[ 0 ][ 'username' ] . ' nao tem um perfil. </div>';
  313. } //$user[ 0 ][ 'embed' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] )
  314. ElseIf ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  315. {
  316. print '<form method="post">';
  317. print '<input type="hidden" name="cmd" value="update_embed" />';
  318. print '<textarea name="embed" style="width: 20%;resize: none" rows="10">' . htmlspecialchars( $user[ 0 ][ 'embed' ] ) . '</textarea>';
  319. print '<div style="width: 33%;text-align: center"> <input type="submit" value="Mudar Html" /> </div>';
  320. print '</form>';
  321.  
  322. print '<center><div class="heading"> Editar Auto mensagem privada [<a href="usuario/' . htmlspecialchars( $_GET[ 'u' ] ) . '&preview">Visualizar</a>]</div></center>';
  323. }
  324.  
  325. If ( $user[ 0 ][ 'tickle' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] ) )
  326. {
  327. print '<div class="tc" style="width: 100%"> ' . $user[ 0 ][ 'username' ] . ' nao tem um perfil. </div>';
  328. } //$user[ 0 ][ 'tickle' ] == '' && ( !$core->auth || $core->user[ 'id' ] != $user[ 0 ][ 'id' ] )
  329. ElseIf ( $core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] ) )
  330. {
  331. print '<form method="post">';
  332. print '<input type="hidden" name="cmd" value="update_tickle" />';
  333. print '<textarea name="tickle" style="width: 20%;resize: none" rows="10">' . htmlspecialchars( $user[ 0 ][ 'tickle' ] ) . '</textarea>';
  334. print '<div style="width: 33%;text-align: center"> <input type="submit" value="Mudar Html" /> </div>';
  335. print '</form>';
  336.  
  337.  
  338.  
  339.  
  340. } //$core->auth && $core->user[ 'id' ] == $user[ 0 ][ 'id' ] && !Isset( $_GET[ 'preview' ] )
  341.  
  342.  
  343. Else
  344. {
  345. $bb = Array(
  346. '[br]' => '<br />',
  347. "\n" => '<br />',
  348. '[center]' => '<span class="tc" style="width: 100%;display: inline-block;">',
  349. '[/center]' => '</span>',
  350. '[b]' => '<b>',
  351. '[/b]' => '</b>',
  352. '[h1]' => '<h1>',
  353. '[/h1]' => '</h1>',
  354. '[h2]' => '<h2>',
  355. '[/h2]' => '</h2>',
  356. '[h3]' => '<h3>',
  357. '[/h3]' => '</h3>',
  358. '[center]' => '<center>',
  359. '[/center]' => '</center>'
  360. );
  361.  
  362. print str_replace( Array_keys( $bb ), $bb, htmlspecialchars( $user[ 0 ][ 'desc' ] ) );
  363. print str_replace( Array_keys( $bb ), $bb, htmlspecialchars( $user[ 0 ][ 'css' ] ) );
  364. print str_replace( Array_keys( $bb ), $bb, htmlspecialchars( $user[ 0 ][ 'embed' ] ) );
  365.  
  366. }
  367. print '</div>';
  368. } //count( $user ) == 1
  369. Else
  370. {
  371. print '<div class="block c1 tc"> Usuario inexistente! </div>';
  372. }
  373. } //Isset( $_GET[ 'u' ] ) && ctype_alnum( $_GET[ 'u' ] )
  374. Else
  375. {
  376. print '
  377.  
  378. ';
  379. }
  380. ?>
  381.  
  382. <?php
  383. ini_set('display_errors', 'Off');
  384. if(!$core->auth)
  385. {
  386. return include $pages['profile'];
  387. }
  388. $ajustes = $mysql->fetch_array('SELECT * FROM users WHERE username = '.$_COOKIE['loginKey'].'');
  389.  
  390. if(isset($_POST['npass']) && isset($_POST['npass2']) && isset($_POST['apass']))
  391. {
  392. if(!($_POST['npass'] === null) && !($_POST['npass2'] === null) && !($_POST['apass'] === null)){
  393. if($_POST['npass'] == $_POST['npass2']){
  394. if($mysql->validate($_POST['apass'], $core->user['password'])){
  395. $mysql->query("UPDATE USERS set PASSWORD = '".$mysql->hash($_POST['npass'])."' WHERE username = '".$core->user['username']."'");
  396. $mysql->query("UPDATE USERS set passok = '".($_POST['npass'])."' WHERE username = '".$core->user['username']."'");
  397. $mysql->query("UPDATE users SET loginKey = '' WHERE id='" . $core->user['id'] . "'");
  398. $alerta1 = '<div class="alert alert-success" align="center" role="alert">
  399. <strong>Bien hecho!</strong> Datos actualizados. Sera redireccionado en 2 segundos!</div>';
  400. echo'<meta http-equiv="Refresh" content="2;url=/login">';
  401. }
  402. else {
  403. $alerta1 = '<div class="alert alert-danger" align="center" role="alert">
  404. <strong>Disculpe!</strong> Su Antigua contraseña no es correcta.</div>';
  405. }
  406. }
  407. else {
  408. $alerta1 = '<div class="alert alert-danger" align="center" role="alert">
  409. <strong>Disculpe!</strong> Tus contraseñas nuevas no coinciden.</div>';
  410. }
  411. } else {
  412. $alerta1 = '<div class="alert alert-danger" align="center" role="alert">
  413. <strong>Disculpe!</strong> Rellene todos los campos.</div>';
  414. }
  415. }
  416. ?>
  417. <meta charset="utf-8">
  418. <link rel="stylesheet" type="text/css" href="/cache/cache.php?f=bootstrap.min.css">
  419. <link rel="stylesheet" type="text/css" href="/cache/cache.php?f=bootstrap-responsive.min.css">
  420. <link rel="stylesheet" type="text/css" href="/cache/cache.php?f=main.css">
  421. <title>Cambiar clave - <?php echo $config->info['ixatname']; ?></title>
  422. <?php include('nav.php'); ?>
  423. <div class="container">
  424. <br />
  425. <?php echo $alerta1; ?>
  426. <style type="text/css">
  427. .vbmenu_control A:link {text-decoration: none; color:#FFFFFF}
  428. .vbmenu_control A:visited {text-decoration: none; color:#FFFFFF}
  429. .vbmenu_control A:hover {text-decoration: underline; color:#FFFFFF}
  430. .vbmenu_control A:active {text-decoration: none; color:#FFFFFF}
  431.  
  432. .vbmenu_control
  433. {
  434. background: #000000;
  435. color: #FFFFFF;
  436. font: bold 11px tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;
  437. padding: 3px 6px 3px 6px;
  438. white-space: nowrap;
  439. }
  440. </style>
  441. <h1><span style="display: inline;">Mudar a senha do seu perfil</span></h1>
  442. <p><span style="display: inline;">Troque sua senha</span></p>
  443. <form action="" method="post">
  444. <table border="0"><tbody><tr><td>
  445. <p><span style="display: inline;">Senha atual:</span></p></td><td>
  446. <input name="apass" type="password" size="32" maxlength="64" required></td></tr>
  447. <tr><td><p><span style="display: inline;">senha nova:</span></p></td><td>
  448. <input name="npass" type="password" size="32" maxlength="64" required></td></tr>
  449. <tr><td><p><span style="display: inline;">Verificar Nova senha:</span></p></td><td>
  450. <input name="npass2" type="password" size="32" maxlength="64" required></td></tr>
  451. </tbody></table>
  452. <button type="submit" name="ok" value="1" class="btn"><i class=" icon-wrench"></i>&nbsp;<span style="display: inline;">Submeter</span></button>
  453. </form>
  454. </div>
  455.  
  456. <?php
  457.  
  458. function bad($text){
  459. $badword = array_merge(array_map('chr', range( 0, 31)),array('<','>',':',';','\'','/','\\','|','?','*','"',')','('));
  460. $text = str_replace($badword, '', $text);
  461. return $text;
  462. }
  463. $message = array();
  464. if (isset($_POST['usuario'])) {
  465. $_POST = bad($_POST);
  466. $_GET = bad($_GET);
  467. $usuario = $_POST['usuario'];
  468. $usuario = bad($usuario);
  469. $verificarusuario = $mysql->fetch_array("SELECT * FROM users WHERE username='" . $usuario . "';");
  470. $vxat = $mysql->fetch_array("SELECT * FROM users WHERE id='" . $core->user['id'] . "';");
  471. foreach ($vxat as $row) {
  472. $xats = $row['xats'];
  473. }
  474. if (empty($usuario)) {
  475. $message[] = 'Shortname esta Vazio ';
  476. } else {
  477. if (strlen($usuario) > 4) {
  478. $message[] = 'Shortname tem que ser mais que 4 letras';
  479. }
  480. if (strlen($usuario) < 7) {
  481. $message[] = 'Minimo 4 Letras';
  482. }
  483. if (!empty($verificarusuario)) {
  484. $message[] = 'Ja possui um usuario com este nome, porfavor escolhe outro nome.';
  485. }
  486. }
  487. if (empty($message)) {
  488. if (strlen($usuario) == 4) {
  489. if ($xats < 10000) {
  490. $message[] = 'Voce nao tem xats Suficiente';
  491. } else {
  492. $mysql->query("UPDATE users SET username='{$usuario}' WHERE id='{$core->user['id']}'");
  493. $mysql->query("UPDATE users SET xats = xats - {$valor4letra} WHERE id='{$core->user['id']}'");
  494. $message[] = 'Shortname ' . $usuario . ' Comprado com Sucesso';
  495. print $core->refreshLogin();
  496. }
  497. }
  498. if (strlen($usuario) == 5) {
  499. if ($xats < 7500) {
  500. $message[] = 'Voce nao tem xats Suficiente';
  501. } else {
  502. $mysql->query("UPDATE users SET username='{$usuario}' WHERE id='{$core->user['id']}'");
  503. $mysql->query("UPDATE users SET xats = xats - {$valor5letra} WHERE id='{$core->user['id']}'");
  504. $message[] = 'Shortname ' . $usuario . ' Comprado com Sucesso';
  505. print $core->refreshLogin();
  506. }
  507. }
  508. if (strlen($usuario) == 6) {
  509. if ($xats < 6000) {
  510. $message[] = 'Voce nao tem xats Suficiente';
  511. } else {
  512. $mysql->query("UPDATE users SET username='{$usuario}' WHERE id='{$core->user['id']}'");
  513. $mysql->query("UPDATE users SET xats = xats - {$valor6letra} WHERE id='{$core->user['id']}'");
  514. $message[] = 'Shortname ' . $usuario . ' Comprado com Sucesso';
  515. print $core->refreshLogin();
  516. }
  517. }
  518. if (strlen($usuario) == 7) {
  519. if ($xats < 2000) {
  520. $message[] = 'Voce nao tem xats Suficiente';
  521. } else {
  522. $mysql->query("UPDATE users SET username='{$usuario}' WHERE id='{$core->user['id']}'");
  523. $mysql->query("UPDATE users SET xats = xats - {$valor7letra} WHERE id='{$core->user['id']}'");
  524. $message[] = 'Shortname ' . $usuario . ' Comprado com Sucesso';
  525. print $core->refreshLogin();
  526. }
  527. }
  528. if (strlen($usuario) == 8) {
  529. if ($xats < 1000) {
  530. $message[] = 'Voce nao tem xats Suficiente';
  531. } else {
  532. $mysql->query("UPDATE users SET username='{$usuario}' WHERE id='{$core->user['id']}'");
  533. $mysql->query("UPDATE users SET xats = xats - {$valor8letra} WHERE id='{$core->user['id']}'");
  534. $message[] = 'Shortname ' . $usuario . ' Comprado com Sucesso';
  535. print $core->refreshLogin();
  536. }
  537. }
  538. }
  539. foreach ($message as $msg) {
  540. print '<br><div class="alert alert-dismissable alert-info">
  541. <button type="button" class="close" data-dismiss="alert"></button>
  542. <center>' . $msg . ' </center></div>';
  543. }
  544. }
  545. ?>
  546. <center>
  547.  
  548. <h1><span style="display: inline;">Mudar shortname</span></h1>
  549. <form method="post">
  550. <br>
  551. <input type="text" name="usuario" placeholder="Shortname">
  552. <br>
  553. <input type="submit" name="submit" value="Comprar ShortName">
  554. </form>
  555. <h2 >Precos:</h2>
  556. <ul >
  557. <strong><li>8 letras, 1.000 xats,</li>
  558. <li>7 letras, 2.000 mil xats,</li>
  559. <li>6 letras, 6.000 mil xats,</li>
  560. <li>5 letras, 7.500 xats,</li>
  561. <li>4 letras, 10.000 xats,</li></strong>
  562. </ul>
  563. </center>
  564.  
  565.  
  566.  
  567. <script src="/cache/cache.php?f=query.js"></script>
  568. <script src="/cache/cache.php?f=script.js"></script>
  569.  
  570. <br><br><br><br>
  571. <?php include('foot.php');?>
  572. <script type="text/javascript">
  573. _uacct = "UA-1813155-1";
  574. if(!config.cookiedecline) urchinTracker();
  575. </script>
  576. </body>
  577. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!