SHARE
TWEET

Login.php

a guest Apr 27th, 2016 96 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <!-- Toate drepturile rezervate @Emma -->
  2. <!-- All rights reserved. @Emma -->
  3. <!DOCTYPE html>
  4. <!--head-->
  5. <!--[if lt IE 7]>      <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
  6. <!--[if IE 7]>         <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
  7. <!--[if IE 8]>         <html class="no-js lt-ie9"> <![endif]-->
  8. <!--[if gt IE 8]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
  9.  
  10. <head>
  11.     <meta charset="utf-8">
  12.     <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  13.     <title>Login - Register</title>
  14.     <meta name="description" content="Logheazate pe site">
  15.     <meta name="viewport" content="width=device-width">
  16.     <link href="/favicon.ico" rel="shortcut icon" type="image/x-icon">
  17.     <link rel="stylesheet" type="text/css" href="/css/bootstrap.min.css">
  18.         <link rel="stylesheet" type="text/css" href="/css/bootstrap-responsive.min.css">
  19.         <link rel="stylesheet" type="text/css" href="/css/animate.css">
  20.     <link rel="stylesheet" type="text/css" href="/css/main.css">
  21.     <link rel="stylesheet" type="text/css" href="/css/cookiecuttr.css">
  22.     <link rel="stylesheet" type="text/css" href="/css/classic.css">
  23.     <script src="/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
  24.    
  25. </head>
  26. <body>
  27. <!--/head-->
  28.  
  29.  
  30. <?php
  31. require_once("nav.php");
  32. ?> 
  33.  
  34. <div class="adxat" data-adtype="top" align="center" style="width:728;height:90"></div>
  35. <div class="container">
  36. <center><embed src="<?php echo $config->info['banner']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed /></center>
  37. <h1>xat registered user account management page</h1>
  38. <ul class="nav nav-pills"><li class="active"><a href="/login">Login</a></li>
  39. <li><a href="/register">Register</a></li>
  40. <li><a href="/changeuserpassword?u=">Change password.</a></li>
  41. </ul>
  42. <?php
  43. if(!isset($config->complete))
  44. {
  45.     return include $pages['setup'];
  46. }
  47.  
  48. function swfavatar($text){
  49.   $find[] = '(';
  50.   $find[] = ')';
  51.   $find[] = '#';
  52.   $replace[] = 'http://www.xatech.com/web_gear/flash/smiliesshow.swf?r=';
  53.   $replace[] = '';
  54.   $replace[] = '%23';
  55.   $text = str_replace($find, $replace, $text);
  56.   return $text;
  57. }
  58.  
  59. if(isset($_POST['cmd']))
  60. {
  61.     $messages = array();
  62.     switch($_POST['cmd'])
  63.     {
  64.         case 'login':
  65.             if(!$core->allset($_POST, 'user', 'pass'))
  66.             {
  67.                 break;
  68.             }
  69.             if(strlen($_POST['user']) == 0)
  70.             {
  71.                 $messages[] = 'Please enter your username';
  72.             }
  73.             if(strlen($_POST['pass']) == 0)
  74.             {
  75.                 $messages[] = 'Please enter your password';
  76.             }
  77.             if(!empty($messages)) break;
  78.            
  79.             $user = $mysql->fetch_array('select * from `users` where `username`=:a;', array('a' => $_POST['user']));
  80.             if(empty($user) || !$mysql->validate($_POST['pass'], $user[0]['password']))
  81.             {
  82.                 $messages[] = 'Bad username / password';
  83.                 break;
  84.             }
  85.            
  86.             $loginKey = md5(time() . json_encode($_POST));
  87.             setCookie('loginKey', $loginKey, strtotime('+ 1 year'));
  88.             $_COOKIE['loginKey'] = $loginKey;
  89.             $mysql->query('update `users` set `loginKey`=:a where `username`=:b;', array('a' => $loginKey, 'b' => $user[0]['username']));
  90.             $messages[] = '' . header('Refresh: 0; url=/succeslogin');
  91.             $core->auth = true;
  92.             break;
  93.         case 'register':
  94.             if(!$core->allset($_POST, 'user', 'pass', 'mail'))
  95.             {
  96.                 break;
  97.             }
  98.             if(strlen($_POST['user']) < 5 || strlen($_POST['user']) > 32 || !ctype_alnum($_POST['user']))
  99.             {
  100.                 $messages[] = 'Your username requires 5-10 alpha-numeric characters (a-z/0-9)';
  101.             }
  102.             if(strtolower($_POST['user']) == 'unregistered')
  103.             {
  104.                 $messages[] = 'That username is reserved.';
  105.             }
  106.             if(strlen($_POST['pass']) < 6)
  107.             {
  108.                 $messages[] = 'You are required to choose a password with at least 6 characters.';
  109.             }
  110.             if(!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL))
  111.             {
  112.                 $messages[] = 'Please enter a valid email address.';
  113.             }
  114.             if(!empty($messages)) break;
  115.            
  116.             $count = $mysql->fetch_array('select count(*) as `count` from `users` where `username`=:a or `email`=:b or (`connectedlast`=:c and `username`!=\'unregistered\');', array('a' => $_POST['user'], 'b' => $_POST['mail'], 'c' => $_SERVER['REMOTE_ADDR']));
  117.             if($count[0]['count'] > 0)
  118.             {
  119.                 $messages[] = 'Someone already registered with that username, or you already have an account.';
  120.                 break;
  121.             }
  122.            
  123.             /* Insert Pre-Registration-ID Here (Unregistered) */
  124.             $vals = array(
  125.                 'id' => 'NULL',
  126.                 'username' => $_POST['user'],
  127.                 'nickname' => $_POST['user'],
  128.                 'password' => $mysql->hash($_POST['pass']),
  129.                 'avatar' => rand(0, 1759),
  130.                 'url' => '',
  131.                 'k' => rand(-1000000, 1000000),
  132.                 'k2' => rand(-1000000, 1000000),
  133.                 'k3' => rand(-1000000, 1000000),
  134.                 'xats' => $config->xats,
  135.                 'days' => time() + ($config->days * 86400),
  136.                 'email' => $_POST['mail'],
  137.                 'powers' => '',
  138.                 'enabled' => '1',
  139.                 'transferblock' => '',
  140.                 'reserve' => '393939393939',
  141.                 'connectedlast' => $_SERVER['REMOTE_ADDR'],
  142.                 'rank' => 1
  143.             );
  144.             $result = $mysql->insert('users', $vals);
  145.             $messages[] = "Registration successful, you may now login";
  146.             break;
  147.         case 'update_bio':
  148.             if($core->auth)
  149.             {
  150.                 $mysql->query('update `users` set `desc`=:desc where `id`=' . $core->user['id'] . ';', array('desc' => $_POST['bio']));
  151.             }
  152.             break;
  153.         case 'update_css':
  154.             if($core->auth)
  155.             {
  156.                 $mysql->query('update `users` set `css`=:css where `id`=' . $core->user['id'] . ';', array('css' => $_POST['css']));
  157.             }
  158.             break;
  159.     }
  160.    
  161.     foreach($messages as $message)
  162.     {
  163.         print '<p style="color:#FF0000"><strong>**: <span style="display: inline;" data-localize="login.wronguep">'.$message.'</span></strong></p>';
  164.     }
  165. }
  166. ?>
  167. <p><b>Login with a xat ID:</b></p>
  168.  
  169. <form method="post">
  170. <input type="hidden" name="cmd" value="login" />
  171. <table border="0">
  172.  
  173. <tr><td><p><span data-localize=buy.xatname>xat user name:</span></p></td>
  174. <td><input name="user" type="text" value="" size="60" maxlength="128" /></td>
  175. <td></td></tr>
  176. <tr style="padding-bottom:15px"><td valign="top"><p><span data-localize=buy.password>Password:</span></p></td>
  177. <td><input name="pass" type="password" id="pass" size="60" maxlength="128" /><BR>
  178. <span data-localize=login.securitywarn>
  179. <font color="#FF0000">Please ensure your browser is on: http://<?php echo $config->info['server_domain']; ?> <BR>
  180. <B>IMPORTANT: xat will NEVER ask you for your email password.</b>
  181. Only use your email password to log in to your email. Please read the <a href="http://xat.com/phishing">Phishing info page</a></font>
  182. </span>
  183. </td><td></td></tr>
  184.  
  185. <tr><td></td><td><p>
  186. <button name="Login" type="submit" class="btn"><i class="icon-play-circle"></i>&nbsp;<span data-localize=login.login>Login</span></button>
  187. </p></td></tr>
  188. </table>
  189. </table>
  190. <BR>
  191. </form>
  192. </div>
  193.  
  194. <center><embed src="<?php echo $config->info['reclama']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed />
  195.  
  196. <?php require_once("foot.php"); ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top