Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- session_name(md5('seg'.$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']));
- $sessao_id = session_id();
- $timestamp = time();
- if (!isset($_SESSION["sessao"])) { //Inicializa variavel Sessao
- $sessao = array();
- $sessao["erro"] = "";
- $sessao["logado"]=false;
- $sessao["login"]= "";
- $sessao["timeout"]="";
- $_SESSION["sessao"] = $sessao; //Grava variavel sessao
- }
- else {
- $sessao = $_SESSION["sessao"]; //Recupera dados da variavel Sessao
- }
- include __DIR__ ."/atualizar/incluso/config.php";
- $ref2 = $_POST['ref'];
- $now = time();
- $dt = date("Y-m-d");
- $hora_cad = strftime("%H:%M:%S");
- $data = (!empty($dt)?substr($dt,8,2).'/'.substr($dt,5,2).'/'.substr($dt,0,4):date('d.m.Y'));
- if(!empty($ref2)){
- $vai = "<meta http-equiv='refresh' content='0;URL=$ref2'>";
- } else {
- $vai = "<meta http-equiv='refresh' content='0;URL=meus-anuncios'>";
- }
- // VERIFICA SE EXISTE O USUÁRIO
- if(isset($_POST["email"])) {
- $login = $_POST['email'];
- $email2 = base64_encode($login);
- }
- $sql = $mysqli->query("SELECT id, email FROM usuarios WHERE email = '$login'");
- $linha = $sql->fetch_assoc();
- $total = $sql->num_rows;
- if ( $total > 0 ){ // ABRE SE O LOGIN EXISTE
- } // FECHA SE O LOGIN EXISTE
- else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('login') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE ESTÁ PENDENTE DE CONFIFRMAÇÃO
- $sql2 = $mysqli->query("SELECT id, senha, salt FROM usuarios WHERE email = '$login' and status = 'zero'");
- $linha2 = $sql2->fetch_assoc();
- $total2 = $sql2->num_rows;
- if ( $total2 > 0 ){
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('pendente') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE O USUÁRIO ESTÁ ATIVO
- $sql2 = $mysqli->query("SELECT id, email, senha, salt FROM usuarios WHERE email = '$login' and status = 'sim'");
- $linha2 = $sql2->fetch_assoc();
- $total2 = $sql2->num_rows;
- if ( $total2 > 0 ){
- $senha_valida = $linha2["senha"];
- $salt = $linha2["salt"];
- } else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('status') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE A SENHA É IGUAL A DIGITADA
- if(isset($_POST["senha"])) {
- $senha = $_POST["senha"];
- //$senha = md5(anti_injection($_POST["password"]));
- $senha = hash('sha512', $senha . $salt);
- //$senha = hash('sha512', $senha);
- }
- if ($senha == "$senha_valida"){
- // Todas as tentativas de login são contadas a partir da última hora.
- $valid_attempts = $now - (1 * 60 * 60);
- $sqlBrute = $mysqli->query("SELECT * FROM usuarios_banidos WHERE usuario_id = '$linha[id]' AND time > '$valid_attempts'");
- $totalBrute = $sqlBrute->num_rows;
- if ($totalBrute > 2) {
- echo "<meta http-equiv='refresh' content='0;URL=entrar.php?ac=". base64_encode('banido') ."&token=$email2&ref=$ref2'>";
- die;
- }
- $sql_inclu = $mysqli->query("INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')");
- $data = date ("Y-m-d");
- $hora = strftime("%H:%M:%S");
- $sql_logar = $mysqli->query("SELECT * FROM usuarios WHERE email = '$login' && senha = '$senha'");
- $fet_logar = $sql_logar->fetch_assoc();
- $num_logar = $sql_logar->num_rows;
- $ip_u = $fet_logar['ip'];
- $data_u = $fet_logar['data'];
- $hora_u = $fet_logar['hora'];
- $id_user = $fet_logar['id'];
- $visitas = $fet_logar['visitas'] + 1;
- $insere = $mysqli->query("UPDATE usuarios SET data_u = '".$data_u."', hora_u = '".$hora_u."', ip_upd = '".$ip_u."' WHERE email = '".$login."'");
- //VERIFICAR SE O USUARIO JA ESTA CONECTADO E EXCLUIR O LOG DE usuarios_online
- $sql_busca = $mysqli->query("SELECT login FROM usuarios_online WHERE login = '".$login."'");
- if ($sql_busca->num_rows > 0){
- $sql = "DELETE FROM usuarios_online WHERE login='".$login."'";
- $query = $mysqli->query($sql);
- }
- $sql_inclu = $mysqli->query("INSERT INTO usuarios_online(codigo_usu, login, sessao, entrada, entrada2, hora, ip, ult_clique) VALUES
- ('$id_user', '$login', '$sessao_id', '$data', '$timestamp', '$hora', '".$ip."', '$timestamp')");
- $sql_inclu = $mysqli->query("INSERT INTO usuario_log(id_user, login, entrada, hora, ip) VALUES
- ('$id_user', '$login', '$data', '$hora', '".$ip."')");
- $sql_upgrade = $mysqli->query("UPDATE usuarios SET hora='$hora', data='$data', ip='".$ip."', visitas = '".$visitas."' WHERE login = '$login'");
- $sql2 = $mysqli->query("SELECT * FROM usuarios WHERE email = '$login'");
- $s = $sql2->fetch_assoc();
- //EXCLUIR USU�RIO DO BRUTEFORCE
- $sql_banido = $mysqli->query("SELECT * FROM usuarios_banidos WHERE usuario_id='".$s['id']."'");
- for ($i = 0; $i < $sql_banido->num_rows; $i++) {
- $delete = $mysqli->query("DELETE FROM usuarios_banidos WHERE usuario_id='".$s['id']."'");
- }
- if ($s['nivel'] == 1){
- echo "<meta http-equiv='refresh' content='0;URL=/atualizar/admin.php'>";
- } elseif ($s['nivel'] == 2){
- echo "$vai";
- } elseif ($s['nivel'] == 100){
- echo "<meta http-equiv='refresh' content='0;URL=master.php'>";
- } elseif ($s['nivel'] == 3){
- echo "<meta http-equiv='refresh' content='0;URL=vip.php'>";
- }
- //2 = Administrador
- else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('permissao') ."&token=$email2&ref=$ref2'>";
- }
- } else {
- // Todas as tentativas de login são contadas a partir da últimas horas.
- $valid_attempts = $now - (1 * 60 * 60);
- $sqlBrute = $mysqli->query("SELECT * FROM usuarios_banidos WHERE usuario_id = '$linha[id]' AND time > '$valid_attempts'");
- if ($sqlBrute->num_rows > 2) {
- //phpmail
- if (!class_exists("phpmailer")) {
- require("PHPMailerAutoload.php");
- }
- $cMail = new PHPMailer();
- $cMail->IsSMTP();
- // dados para autenticação no servidor SMTP
- $cMail->Host = "".$i['smtp_servidor']."";
- $cMail->SMTPAuth = true;
- $cMail->Username = "".$i['smtp_email']."";
- $cMail->Password = "".$i['smtp_senha']."";
- // caso queira enviar o email no formato HTML adicione a linha
- $cMail->IsHTML(true);
- // email de origem
- $cMail->CharSet = 'UTF-8';
- $cMail->From = "nobody@npop.com.br";
- $cMail->FromName = "".utf8_decode($i['copyright'])." - Monitoramento";
- //email de destino
- //$cMail->AddAddress("".$email."");
- $cMail->AddAddress("".$i['email_principal']."", "Tentativas inválidas de login - ".utf8_decode($i['copyright'])."");
- $cMail->AddCC("".$i['email_alternativo']."", "Tentativas inválidas de login - ".utf8_decode($i['copyright']).""); // Cópia
- //anexos
- //$cMail->AddAttachment("/tmp/documento.pdf", "novo_nome.pdf"); // Insere um anexo
- // assunto da mensagem
- $cMail->Subject = "Tentativas inválidas de login ".utf8_decode($i['copyright'])."";
- // conteudo da mensagem mensagem
- $cMail->Body = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
- <html xmlns=\"http://www.w3.org/1999/xhtml\">
- <head>
- <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
- <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"/>
- <title>Verificar Conta</title>
- <style type=\"text/css\">
- /* Based on The MailChimp Reset INLINE: Yes. */
- /* Client-specific Styles */
- #outlook a {
- padding: 0;
- } /* Force Outlook to provide a \"view in browser\" menu link. */
- body {
- width: 100% !important;
- -webkit-text-size-adjust: 100%;
- -ms-text-size-adjust: 100%;
- margin: 0;
- padding: 0;
- }
- .ExternalClass {
- width: 100%;
- } /* Force Hotmail to display emails at full width */
- .ExternalClass, .ExternalClass p, .ExternalClass span, .ExternalClass font, .ExternalClass td, .ExternalClass div {
- line-height: 100%;
- }
- /* Forces Hotmail to display normal line spacing. More on that: http://www.emailonacid.com/forum/viewthread/43/ */
- #backgroundTable {
- margin: 0;
- padding: 0;
- width: 100% !important;
- line-height: 100% !important;
- }
- /* End reset */
- /* Some sensible defaults for images
- Bring inline: Yes. */
- img {
- outline: none;
- text-decoration: none;
- -ms-interpolation-mode: bicubic;
- }
- a img {
- border: none;
- }
- .image_fix {
- display: block;
- }
- /* Yahoo paragraph fix
- Bring inline: Yes. */
- p {
- margin: 1em 0;
- }
- /* Hotmail header color reset
- Bring inline: Yes. */
- h1, h2, h3, h4, h5, h6 {
- color: black !important;
- }
- h1 a, h2 a, h3 a, h4 a, h5 a, h6 a {
- color: blue !important;
- }
- h1 a:active, h2 a:active, h3 a:active, h4 a:active, h5 a:active, h6 a:active {
- color: red !important; /* Preferably not the same color as the normal header link color. There is limited support for psuedo classes in email clients, this was added just for good measure. */
- }
- h1 a:visited, h2 a:visited, h3 a:visited, h4 a:visited, h5 a:visited, h6 a:visited {
- color: purple !important; /* Preferably not the same color as the normal header link color. There is limited support for psuedo classes in email clients, this was added just for good measure. */
- }
- /* Outlook 07, 10 Padding issue fix
- Bring inline: No.*/
- table td {
- border-collapse: collapse;
- }
- /* Remove spacing around Outlook 07, 10 tables
- Bring inline: Yes */
- table {
- border-collapse: collapse;
- mso-table-lspace: 0pt;
- mso-table-rspace: 0pt;
- }
- /***************************************************
- ****************************************************
- MOBILE TARGETING
- ****************************************************
- ***************************************************/
- @media only screen and (max-device-width: 480px) {
- /* Part one of controlling phone number linking for mobile. */
- a[href^=\"tel\"], a[href^=\"sms\"] {
- text-decoration: none;
- color: blue; /* or whatever your want */
- pointer-events: none;
- cursor: default;
- }
- .mobile_link a[href^=\"tel\"], .mobile_link a[href^=\"sms\"] {
- text-decoration: default;
- color: orange !important;
- pointer-events: auto;
- cursor: default;
- }
- }
- /* More Specific Targeting */
- @media only screen and (min-device-width: 768px) and (max-device-width: 1024px) {
- /* You guessed it, ipad (tablets, smaller screens, etc) */
- /* repeating for the ipad */
- a[href^=\"tel\"], a[href^=\"sms\"] {
- text-decoration: none;
- color: blue; /* or whatever your want */
- pointer-events: none;
- cursor: default;
- }
- .mobile_link a[href^=\"tel\"], .mobile_link a[href^=\"sms\"] {
- text-decoration: default;
- color: orange !important;
- pointer-events: auto;
- cursor: default;
- }
- }
- </style>
- <!-- Targeting Windows Mobile -->
- <!--[if IEMobile 7]>
- <style type=\"text/css\">
- </style>
- <![endif]-->
- <!-- ***********************************************
- ****************************************************
- END MOBILE TARGETING
- ****************************************************
- ************************************************ -->
- <!--[if gte mso 9]>
- <style>
- /* Target Outlook 2007 and 2010 */
- </style>
- <![endif]-->
- </head>
- <body style=\"padding:0; margin:0;\" bgcolor=\"#ffffff\">
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#3b81bc\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#ffffff !important; font-size:24px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\"><img src=\"".$i[site]."/logomarcas/npop_logo_email.png\" alt=\"\" style=\"display:block;\" /></td>
- <td align=\"right\" height=\"45\" style=\"color:#FFFFFF !important; font-size:11px; font-family: Helvetica Neue Light, Helvetica Neue Regular, Helvetica, Arial;\">Tentativas inv�lidas de acesso.<br />
- Data/Hora: ".$data." �s ".$hora_cad."</td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#ffffff\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#333333 !important; font-size:20px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\">
- <h3 style=\"font-weight:normal; margin: 20px 0 0 0;\">Sinal de Alerta</h3>
- <h2 style=\"font-weight:normal; margin: 0;\">Atenção para tentativas inv�lidas de login</h2>
- <p style=\"font-size:14px; line-height:18px;\">
- Prezado(a) administrador do site NPop, <br /><br />
- Observamos que ocorreu mais de duas tentativas inv�lidas de acesso a �rea do anunciante.</p>
- <p style=\"font-size:14px; line-height:18px;\">Login: <a href=\"#\">JohnDoe@johndoesemail.com</a><br />
- Data/Hora: ".$data." - ".$hora_cad."<br />
- IP: ".$ip."<br /><br/>
- Atenciosamente:<br/>
- Monitoramento <a href=\"".$i['site']."\">".utf8_decode($i['copyright'])."</a>
- </p>
- </td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#3b81bc\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#ffffff !important; font-size:20px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\"><center>
- <p style=\"font-size:10px; line-height:14px;\"> * O $i[copyright] conta com um sistema de aviso caso haja mais de duas tentativas de acesso sem sucesso.<br/>
- Não responda a este e-mail. Os e-mails enviados a este endereço não serão respondidos.<br/>
- Copyright © 2016"; if($ano != "2016") { " - $ano";} "$i[copyright]. Todos os direitos reservados.
- </p>
- </center></td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- </body>
- </html>";
- //final do phpmail
- $sql_inclu = "INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')";
- $exe_inclu = mysql_query($sql_inclu) or die (mysql_error());
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('banido') ."&token=$email2&ref=$ref2'>";
- die;
- }
- $sql_inclu = "INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')";
- $exe_inclu = mysql_query($sql_inclu) or die (mysql_error());
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('senha') ."&token=$email2&ref=$ref2'>";
- die;
- }
- //REGISTRA SE��O
- $sessao["erro"] = "";
- $sessao["logado"] = true;
- $sessao["login"]= "$login";
- $sessao["timeout"] = time();
- $_SESSION["sessao"] = $sessao;
- session_name("SESS");
- session_start();
- $sessao_id = session_id();
- $timestamp = time();
- if (!isset($_SESSION["sessao"])) { //Inicializa variavel Sessao
- $sessao = array();
- $sessao["erro"] = "";
- $sessao["logado"]=false;
- $sessao["login"]= "";
- $sessao["timeout"]="";
- $_SESSION["sessao"] = $sessao; //Grava variavel sessao
- }
- else {
- $sessao = $_SESSION["sessao"]; //Recupera dados da variavel Sessao
- }
- include ("atualizar/incluso/config.php");
- $ref2 = $_POST['ref'];
- $now = time();
- $dt = date("Y-m-d");
- $hora_cad = strftime("%H:%M:%S");
- $data = (!empty($dt)?substr($dt,8,2).'/'.substr($dt,5,2).'/'.substr($dt,0,4):date('d.m.Y'));
- if(!empty($ref2)){
- $vai = "<meta http-equiv='refresh' content='0;URL=$ref2'>";
- } else {
- $vai = "<meta http-equiv='refresh' content='0;URL=./anuncios'>";
- }
- $aclogin = base64_encode('login');
- $banido = base64_encode('banido');
- $acsenha = base64_encode('senha');
- $acstatus = base64_encode('acstatus');
- $pendente = base64_encode('pendente');
- $acpermissao = base64_encode('permissao');
- // VERIFICA SE EXISTE O USU�RIO
- if(isset($_POST["email"])) {
- $login = $_POST['email'];
- $email2 = base64_encode($login);
- }
- $sql = mysql_query("SELECT id, email FROM usuarios WHERE email = '$login'");
- $total = mysql_num_rows($sql);
- $linha = mysql_fetch_array($sql);
- if ( $total > 0 ){ // ABRE SE O LOGIN EXISTE
- } // FECHA SE O LOGIN EXISTE
- else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('login') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE EST� PENDENTE DE CONFIFRMA��O
- $sql2 = mysql_query("SELECT id, senha, salt FROM usuarios WHERE email = '$login' and status = 'zero'");
- $total2 = mysql_num_rows($sql2);
- $linha2 = mysql_fetch_array($sql2);
- if ( $total2 > 0 ){
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('pendente') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE O USU�RIO EST� ATIVO
- $sql2 = mysql_query("SELECT id, email, senha, salt FROM usuarios WHERE email = '$login' and status = 'sim'");
- $total2 = mysql_num_rows($sql2);
- $linha2 = mysql_fetch_array($sql2);
- if ( $total2 > 0 ){
- $senha_valida = $linha2["senha"];
- $salt = $linha2["salt"];
- } else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('status') ."&token=$email2&ref=$ref2'>";
- die;
- }
- // VERIFICA SE A SENHA � IGUAL � DIGITADA
- if(isset($_POST["senha"])) {
- $senha = $_POST["senha"];
- //$senha = md5(anti_injection($_POST["password"]));
- $senha = hash('sha512', $senha . $salt);
- //$senha = hash('sha512', $senha);
- }
- if ($senha == "$senha_valida"){
- // Todas as tentativas de login s�o contadas a partir das �ltimas 1 horas.
- $valid_attempts = $now - (1 * 60 * 60);
- $sqlBrute = mysql_query("SELECT * FROM usuarios_banidos WHERE usuario_id = '$linha[id]' AND time > '$valid_attempts'");
- $totalBrute = mysql_num_rows($sqlBrute);
- if ($totalBrute > 2) {
- echo "<meta http-equiv='refresh' content='0;URL=entrar.php?ac=$banido&token=$email2&ref=$ref2'>";
- die;
- }
- $sql_inclu = "INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')";
- $exe_inclu = mysql_query($sql_inclu) or die (mysql_error());
- $data = date ("Y-m-d");
- $hora = strftime("%H:%M:%S");
- $sql_logar = "SELECT * FROM usuarios WHERE email = '$login' && senha = '$senha'";
- $exe_logar = mysql_query($sql_logar) or die (mysql_error());
- $fet_logar = mysql_fetch_assoc($exe_logar);
- $num_logar = mysql_num_rows($exe_logar);
- $ip_u = $fet_logar['ip'];
- $data_u = $fet_logar['data'];
- $hora_u = $fet_logar['hora'];
- $id_user = $fet_logar['id'];
- $visitas = $fet_logar['visitas'] + 1;
- $insere = mysql_query("UPDATE usuarios SET data_u = '".$data_u."', hora_u = '".$hora_u."', ip_upd = '".$ip_u."' WHERE email = '".$login."'");
- //VERIFICAR SE O USUARIO JA ESTA CONECTADO E EXCLUIR O LOG DE usuarios_online
- $sql_busca = "SELECT login FROM usuarios_online WHERE login = '".$login."'";
- $exe_busca = mysql_query($sql_busca) or die (mysql_error());
- $num_busca = mysql_num_rows($exe_busca);
- if ($num_busca > 0){
- $sql = mysql_query("DELETE FROM usuarios_online WHERE login='".$login."'");
- }
- $sql_inclu = "INSERT INTO usuarios_online(codigo_usu, login, sessao, entrada, entrada2, hora, ip, ult_clique) VALUES
- ('$id_user', '$email', '$sessao_id', '$data', '$timestamp', '$hora', '". $_SERVER['REMOTE_ADDR'] ."', '$timestamp')";
- $exe_inclu = mysql_query($sql_inclu) or die (mysql_error());
- $sql_inclu = "INSERT INTO usuario_log(id, id_user, login, entrada, hora, ip) VALUES
- ('','$id_user', '$login', '$data', '$hora', '". $_SERVER['REMOTE_ADDR'] ."')";
- $exe_inclu = mysql_query($sql_inclu) or die (mysql_error());
- $sql_update = "UPDATE usuarios SET hora='$hora', data='$data', ip='". $_SERVER['REMOTE_ADDR'] ."', visitas = '".$visitas."' WHERE email = '$login'";
- $exe_update = mysql_query($sql_update) or die (mysql_error());
- $sql2 = "SELECT * FROM usuarios WHERE email = '$login'";
- $verifica = mysql_query($sql2) or die (mysql_error());
- $s = mysql_fetch_assoc($verifica);
- //EXCLUIR USU�RIO DO BRUTEFORCE
- $sql_banido = mysql_query("SELECT * FROM usuarios_banidos WHERE usuario_id='".$fet_logar[id]."'");
- while ($banido = mysql_fetch_array($sql_banido)) {
- mysql_query("DELETE FROM usuarios_banidos WHERE usuario_id='".$fet_logar[id]."'");
- }
- if ($s['nivel'] == 1){
- echo "<meta http-equiv='refresh' content='0;URL=/atualizar/admin.php'>";
- } elseif ($s['nivel'] == 2){
- echo "$vai";
- } elseif ($s['nivel'] == 100){
- echo "<meta http-equiv='refresh' content='0;URL=master.php'>";
- } elseif ($s['nivel'] == 3){
- echo "<meta http-equiv='refresh' content='0;URL=vip.php'>";
- }
- //2 = Administrador
- else {
- echo "<meta http-equiv='refresh' content='0;URL=entrar?ac=". base64_encode('permissao') ."&token=$email2&ref=$ref2'>";
- }
- } else {
- // Todas as tentativas de login s�o contadas a partir das �ltimas 1 horas.
- $valid_attempts = $now - (1 * 60 * 60);
- $sqlBrute = mysql_query("SELECT * FROM usuarios_banidos WHERE usuario_id = '$linha[id]' AND time > '$valid_attempts'");
- $totalBrute = mysql_num_rows($sqlBrute);
- if ($totalBrute > 2) {
- //phpmail
- if (!class_exists("phpmailer")) {
- require("PHPMailerAutoload.php");
- }
- $cMail = new PHPMailer();
- $cMail->IsSMTP();
- // dados para autentica��o no servidor SMTP
- $cMail->Host = "".$i['smtp_servidor']."";
- $cMail->SMTPAuth = true;
- $cMail->Username = "".$i['smtp_email']."";
- $cMail->Password = "".$i['smtp_senha']."";
- // caso queira enviar o email no formato HTML adicione a linha
- $cMail->IsHTML(true);
- // email de origem
- $cMail->CharSet = 'UTF-8';
- $cMail->From = "nobody@npop.com.br";
- $cMail->FromName = "".utf8_decode($i['copyright'])." - Monitoramento";
- //email de destino
- //$cMail->AddAddress("".$email."");
- $cMail->AddAddress("".$i['email_principal']."", "Tentativas inv�lidas de login - ".utf8_decode($i['copyright'])."");
- $cMail->AddCC("".$i['email_alternativo']."", "Tentativas inv�lidas de login - ".utf8_decode($i['copyright']).""); // C�pia
- //anexos
- //$cMail->AddAttachment("/tmp/documento.pdf", "novo_nome.pdf"); // Insere um anexo
- // assunto da mensagem
- $cMail->Subject = "Tentativas inv�lidas de login ".utf8_decode($i['copyright'])."";
- // conteudo da mensagem mensagem
- $cMail->Body = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
- <html xmlns=\"http://www.w3.org/1999/xhtml\">
- <head>
- <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
- <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"/>
- <title>Verificar Conta</title>
- <style type=\"text/css\">
- /* Based on The MailChimp Reset INLINE: Yes. */
- /* Client-specific Styles */
- #outlook a {
- padding: 0;
- } /* Force Outlook to provide a \"view in browser\" menu link. */
- body {
- width: 100% !important;
- -webkit-text-size-adjust: 100%;
- -ms-text-size-adjust: 100%;
- margin: 0;
- padding: 0;
- }
- .ExternalClass {
- width: 100%;
- } /* Force Hotmail to display emails at full width */
- .ExternalClass, .ExternalClass p, .ExternalClass span, .ExternalClass font, .ExternalClass td, .ExternalClass div {
- line-height: 100%;
- }
- /* Forces Hotmail to display normal line spacing. More on that: http://www.emailonacid.com/forum/viewthread/43/ */
- #backgroundTable {
- margin: 0;
- padding: 0;
- width: 100% !important;
- line-height: 100% !important;
- }
- /* End reset */
- /* Some sensible defaults for images
- Bring inline: Yes. */
- img {
- outline: none;
- text-decoration: none;
- -ms-interpolation-mode: bicubic;
- }
- a img {
- border: none;
- }
- .image_fix {
- display: block;
- }
- /* Yahoo paragraph fix
- Bring inline: Yes. */
- p {
- margin: 1em 0;
- }
- /* Hotmail header color reset
- Bring inline: Yes. */
- h1, h2, h3, h4, h5, h6 {
- color: black !important;
- }
- h1 a, h2 a, h3 a, h4 a, h5 a, h6 a {
- color: blue !important;
- }
- h1 a:active, h2 a:active, h3 a:active, h4 a:active, h5 a:active, h6 a:active {
- color: red !important; /* Preferably not the same color as the normal header link color. There is limited support for psuedo classes in email clients, this was added just for good measure. */
- }
- h1 a:visited, h2 a:visited, h3 a:visited, h4 a:visited, h5 a:visited, h6 a:visited {
- color: purple !important; /* Preferably not the same color as the normal header link color. There is limited support for psuedo classes in email clients, this was added just for good measure. */
- }
- /* Outlook 07, 10 Padding issue fix
- Bring inline: No.*/
- table td {
- border-collapse: collapse;
- }
- /* Remove spacing around Outlook 07, 10 tables
- Bring inline: Yes */
- table {
- border-collapse: collapse;
- mso-table-lspace: 0pt;
- mso-table-rspace: 0pt;
- }
- /***************************************************
- ****************************************************
- MOBILE TARGETING
- ****************************************************
- ***************************************************/
- @media only screen and (max-device-width: 480px) {
- /* Part one of controlling phone number linking for mobile. */
- a[href^=\"tel\"], a[href^=\"sms\"] {
- text-decoration: none;
- color: blue; /* or whatever your want */
- pointer-events: none;
- cursor: default;
- }
- .mobile_link a[href^=\"tel\"], .mobile_link a[href^=\"sms\"] {
- text-decoration: default;
- color: orange !important;
- pointer-events: auto;
- cursor: default;
- }
- }
- /* More Specific Targeting */
- @media only screen and (min-device-width: 768px) and (max-device-width: 1024px) {
- /* You guessed it, ipad (tablets, smaller screens, etc) */
- /* repeating for the ipad */
- a[href^=\"tel\"], a[href^=\"sms\"] {
- text-decoration: none;
- color: blue; /* or whatever your want */
- pointer-events: none;
- cursor: default;
- }
- .mobile_link a[href^=\"tel\"], .mobile_link a[href^=\"sms\"] {
- text-decoration: default;
- color: orange !important;
- pointer-events: auto;
- cursor: default;
- }
- }
- </style>
- <!-- Targeting Windows Mobile -->
- <!--[if IEMobile 7]>
- <style type=\"text/css\">
- </style>
- <![endif]-->
- <!-- ***********************************************
- ****************************************************
- END MOBILE TARGETING
- ****************************************************
- ************************************************ -->
- <!--[if gte mso 9]>
- <style>
- /* Target Outlook 2007 and 2010 */
- </style>
- <![endif]-->
- </head>
- <body style=\"padding:0; margin:0;\" bgcolor=\"#ffffff\">
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#3b81bc\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#ffffff !important; font-size:24px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\"><img src=\"".$i['site']."/logomarcas/npop_logo_email.png\" alt=\"\" style=\"display:block;\" /></td>
- <td align=\"right\" height=\"45\" style=\"color:#FFFFFF !important; font-size:11px; font-family: Helvetica Neue Light, Helvetica Neue Regular, Helvetica, Arial;\">Tentativas inválidas de acesso.<br />
- Data/Hora: ".$data." às ".$hora_cad."</td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#ffffff\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#333333 !important; font-size:20px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\">
- <h3 style=\"font-weight:normal; margin: 20px 0 0 0;\">Sinal de Alerta</h3>
- <h2 style=\"font-weight:normal; margin: 0;\">Atenção para tentativas inválidas de login</h2>
- <p style=\"font-size:14px; line-height:18px;\">
- Prezado(a) administrador do site NPop, <br /><br />
- Observamos que ocorreu mais de duas tentativas inválidas de acesso a área do anunciante.</p>
- <p style=\"font-size:14px; line-height:18px;\">Login: <a href=\"#\">".$_POST["email"]."</a><br />
- Data/Hora: ".$data." - ".$hora_cad."<br />
- IP: ".$ip."<br /><br/>
- Atenciosamente:<br/>
- Monitoramento <a href=\"".$i['site']."\">".utf8_decode($i['copyright'])."</a>
- </p>
- </td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" bgcolor=\"#3b81bc\">
- <tr>
- <td align=\"center\"><center>
- <table border=\"0\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">
- <tr>
- <td style=\"color:#ffffff !important; font-size:20px; font-family: Arial, Verdana, sans-serif; padding-left:10px;\" height=\"40\"><center>
- <p style=\"font-size:10px; line-height:14px;\"> * O $i[copyright] conta com um sistema de aviso caso haja mais de duas tentativas de acesso sem sucesso.<br/>
- Não responda a este e-mail. Os e-mails enviados a este endereço não serão respondidos.<br/>
- Copyright © $ano " . $i['copyright'] . ". Todos os direitos reservados.
- </p>
- </center></td>
- </tr>
- </table>
- </center></td>
- </tr>
- </table>
- </body>
- </html>";
- //final do phpmail
- $sql_inclu = $mysqli->query("INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')");
- echo "<meta http-equiv='refresh' content='0;URL=entrar.php?ac=". base64_encode('banido') ."&token=$email2&ref=$ref2'>";
- die;
- }
- $sql_inclu = $mysqli->query("INSERT INTO usuarios_banidos (usuario_id, time) VALUES ('$linha2[id]', '$now')");
- echo "<meta http-equiv='refresh' content='0;URL=entrar.php?ac=". base64_encode('senha') ."&token=$email2&ref=$ref2'>";
- die;
- }
- $sessao["erro"] = "";
- $sessao["logado"] = true;
- $sessao["login"]= "$login";
- $sessao["timeout"] = time();
- $_SESSION["sessao"] = $sessao;
Add Comment
Please, Sign In to add comment