Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*************** PHP LOGIN SCRIPT V 2.3*********************
- (c) Balakrishnan 2009. All Rights Reserved
- Usage: This script can be used FREE of charge for any commercial or personal projects. Enjoy!
- Limitations:
- - This script cannot be sold.
- - This script should have copyright notice intact. Dont remove it please...
- - This script may not be provided for download except from its original site.
- For further usage, please contact me.
- ***********************************************************/
- include 'dbc.php';
- $err = array();
- foreach($_GET as $key => $value) {
- $get[$key] = filter($value); //get variables are filtered.
- }
- if ($_POST['doLogin']=='Login')
- {
- foreach($_POST as $key => $value) {
- $data[$key] = filter($value); // post variables are filtered
- }
- $user_email = $data['usr_email'];
- $pass = $data['pwd'];
- if (strpos($user_email,'@') === false) {
- $user_cond = "user_name='$user_email'";
- } else {
- $user_cond = "user_email='$user_email'";
- }
- $result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE
- $user_cond
- AND `banned` = '0'
- ") or die (mysql_error());
- $num = mysql_num_rows($result);
- // Match row found with more than 1 results - the user is authenticated.
- if ( $num > 0 ) {
- list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result);
- if(!$approved) {
- //$msg = urlencode("Account not activated. Please check your email for activation code");
- $err[] = "Account not activated. Please pay. If you already paid, please create a support ticket!";
- // die("<hr>Account not activated. Please pay. If you already paid, please create a support ticket!");
- //header("Location: login.php?msg=$msg");
- //exit();
- }
- //check against salt
- if ($pwd === PwdHash($pass,substr($pwd,0,9))) {
- if(empty($err)){
- // this sets session and logs user in
- session_start();
- session_regenerate_id (true); //prevent against session fixation attacks.
- // this sets variables in the session
- $_SESSION['user_id']= $id;
- $_SESSION['user_name'] = $full_name;
- $_SESSION['user_level'] = $user_level;
- $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
- //update the timestamp and key for cookie
- $stamp = time();
- $ckey = GenKey();
- mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
- //set a cookie
- if(isset($_POST['remember'])){
- setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
- setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
- setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
- }
- header("Location: index.php");
- }
- }
- else
- {
- //die("<hr>Invalid login.");
- header("Location: login.php?msg=$msg");
- }
- } else {
- echo("<hr>Invalid login, wrong username/password.");
- }
- }
- ?>
- <html>
- <head>
- <title>Equinox Stress Test</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
- <link href="style1.css" rel="stylesheet" type="text/css" />
- </head>
- <body>
- <div class="main">
- <div class="blok_header">
- <div class="header">
- <div class="logo"> <a href="index.html"><img src="images/logo.gif" width="139" height="153" border="0" alt="logo" class="one" /></a> </div>
- <div class="menu">
- <ul>
- <li><a href="index.php"><span>Home</span></a></li>
- <li><a href="register.php"><span>Register</span></a></li>
- <?php
- if (checkAdmin()) { ?>
- <li><a href="addshell.php"><span>Add Shell</span></a></li>
- <li><a href="logs.php"><span>Logs</span></a></li>
- <li><a href="admin.php"><span>Admin Cp</span></a></li>
- <li><a href="logout.php"><span>Logout</span></a></li>
- <?php } ?>
- </ul>
- </div>
- <div class="clr"></div>
- </div>
- <div class="clr"></div>
- </div>
- <div class="clr"></div>
- <div class="header_text_bg">
- <h2> </h2>
- <div class="header_text">
- <div class="header_text_resize">
- <h2> <?php
- $link = mysql_connect(DB_HOST, DB_USER, DB_PASS);
- mysql_select_db(DB_NAME, $link);
- $result = mysql_query("SELECT * FROM getshells", $link);
- $num_rows = mysql_num_rows($result);
- $result2 = mysql_query("SELECT * FROM postshells", $link);
- $num_rows2 = mysql_num_rows($result2);
- $shellsOnline = $num_rows + $num_rows2;
- echo "There are currently <b>" . $shellsOnline . "</b> shells online.";
- ?><br />
- <span>We update our shells daily!</span></h2>
- <div class="clr"></div>
- </div>
- </div>
- <div class="clr"></div>
- </div>
- <div class="clr"></div>
- </div>
- <div class="body_resize">
- <div class="body">
- <h3>Equinox Stress Test(DDoS)</h3><br />
- <span>
- <!--header -->
- <div id="header">
- <div id="header-links">
- No account? <b><a href="register.php">Click here</a></b> to buy.
- </div>
- </div>
- <div id="header-photo">
- <h1 id="logo-text"><a href="home.html" title=""></a></h1>
- <div id="playnow">
- <table class="l0g1n">
- <form action="login.php" method="post" name="logForm" id="logForm" >
- <tr>
- <td><b>Username</b></td>
- <td><input name="usr_email" type="text" class="required" id="txtbox" size="25"></li></td>
- </tr>
- <tr>
- <td><b>Password</b></td>
- <td>
- <input name="pwd" type="password" class="required password" id="txtbox" size="25"></li></td>
- </tr>
- <tr>
- <td>
- <input name="doLogin" type="submit" id="doLogin3" value="Login"></li>
- </td>
- <td>
- <input name="remember" type="checkbox" id="remember" value="1">
- <b>Remember me</b><br></li>
- </td>
- </tr>
- </form>
- </table>
- </div>
- </span>
- </div>
- <div class="clr"></div>
- </div>
- </body>
- </html>
- <br/><br/><br/><br/><br/><br/>
- <?php
- include 'footer.php';
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement