API tools faq
paste
Advertisement
Guest User

Login.php

a guest
Apr 27th, 2016
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.03 KB | None | 0 0
raw download clone embed print report
  1. <!-- Toate drepturile rezervate @Emma -->
  2. <!-- All rights reserved. @Emma -->
  3. <!DOCTYPE html>
  4. <!--head-->
  5. <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
  6. <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
  7. <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
  8. <!--[if gt IE 8]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
  9.  
  10. <head>
  11. <meta charset="utf-8">
  12. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  13. <title>Login - Register</title>
  14. <meta name="description" content="Logheazate pe site">
  15. <meta name="viewport" content="width=device-width">
  16. <link href="/favicon.ico" rel="shortcut icon" type="image/x-icon">
  17. <link rel="stylesheet" type="text/css" href="/css/bootstrap.min.css">
  18. <link rel="stylesheet" type="text/css" href="/css/bootstrap-responsive.min.css">
  19. <link rel="stylesheet" type="text/css" href="/css/animate.css">
  20. <link rel="stylesheet" type="text/css" href="/css/main.css">
  21. <link rel="stylesheet" type="text/css" href="/css/cookiecuttr.css">
  22. <link rel="stylesheet" type="text/css" href="/css/classic.css">
  23. <script src="/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
  24.  
  25. </head>
  26. <body>
  27. <!--/head-->
  28.  
  29.  
  30. <?php
  31. require_once("nav.php");
  32. ?>
  33.  
  34. <div class="adxat" data-adtype="top" align="center" style="width:728;height:90"></div>
  35. <div class="container">
  36. <center><embed src="<?php echo $config->info['banner']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed /></center>
  37. <h1>xat registered user account management page</h1>
  38. <ul class="nav nav-pills"><li class="active"><a href="/login">Login</a></li>
  39. <li><a href="/register">Register</a></li>
  40. <li><a href="/changeuserpassword?u=">Change password.</a></li>
  41. </ul>
  42. <?php
  43. if(!isset($config->complete))
  44. {
  45. return include $pages['setup'];
  46. }
  47.  
  48. function swfavatar($text){
  49. $find[] = '(';
  50. $find[] = ')';
  51. $find[] = '#';
  52. $replace[] = 'http://www.xatech.com/web_gear/flash/smiliesshow.swf?r=';
  53. $replace[] = '';
  54. $replace[] = '%23';
  55. $text = str_replace($find, $replace, $text);
  56. return $text;
  57. }
  58.  
  59. if(isset($_POST['cmd']))
  60. {
  61. $messages = array();
  62. switch($_POST['cmd'])
  63. {
  64. case 'login':
  65. if(!$core->allset($_POST, 'user', 'pass'))
  66. {
  67. break;
  68. }
  69. if(strlen($_POST['user']) == 0)
  70. {
  71. $messages[] = 'Please enter your username';
  72. }
  73. if(strlen($_POST['pass']) == 0)
  74. {
  75. $messages[] = 'Please enter your password';
  76. }
  77. if(!empty($messages)) break;
  78.  
  79. $user = $mysql->fetch_array('select * from `users` where `username`=:a;', array('a' => $_POST['user']));
  80. if(empty($user) || !$mysql->validate($_POST['pass'], $user[0]['password']))
  81. {
  82. $messages[] = 'Bad username / password';
  83. break;
  84. }
  85.  
  86. $loginKey = md5(time() . json_encode($_POST));
  87. setCookie('loginKey', $loginKey, strtotime('+ 1 year'));
  88. $_COOKIE['loginKey'] = $loginKey;
  89. $mysql->query('update `users` set `loginKey`=:a where `username`=:b;', array('a' => $loginKey, 'b' => $user[0]['username']));
  90. $messages[] = '' . header('Refresh: 0; url=/succeslogin');
  91. $core->auth = true;
  92. break;
  93. case 'register':
  94. if(!$core->allset($_POST, 'user', 'pass', 'mail'))
  95. {
  96. break;
  97. }
  98. if(strlen($_POST['user']) < 5 || strlen($_POST['user']) > 32 || !ctype_alnum($_POST['user']))
  99. {
  100. $messages[] = 'Your username requires 5-10 alpha-numeric characters (a-z/0-9)';
  101. }
  102. if(strtolower($_POST['user']) == 'unregistered')
  103. {
  104. $messages[] = 'That username is reserved.';
  105. }
  106. if(strlen($_POST['pass']) < 6)
  107. {
  108. $messages[] = 'You are required to choose a password with at least 6 characters.';
  109. }
  110. if(!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL))
  111. {
  112. $messages[] = 'Please enter a valid email address.';
  113. }
  114. if(!empty($messages)) break;
  115.  
  116. $count = $mysql->fetch_array('select count(*) as `count` from `users` where `username`=:a or `email`=:b or (`connectedlast`=:c and `username`!=\'unregistered\');', array('a' => $_POST['user'], 'b' => $_POST['mail'], 'c' => $_SERVER['REMOTE_ADDR']));
  117. if($count[0]['count'] > 0)
  118. {
  119. $messages[] = 'Someone already registered with that username, or you already have an account.';
  120. break;
  121. }
  122.  
  123. /* Insert Pre-Registration-ID Here (Unregistered) */
  124. $vals = array(
  125. 'id' => 'NULL',
  126. 'username' => $_POST['user'],
  127. 'nickname' => $_POST['user'],
  128. 'password' => $mysql->hash($_POST['pass']),
  129. 'avatar' => rand(0, 1759),
  130. 'url' => '',
  131. 'k' => rand(-1000000, 1000000),
  132. 'k2' => rand(-1000000, 1000000),
  133. 'k3' => rand(-1000000, 1000000),
  134. 'xats' => $config->xats,
  135. 'days' => time() + ($config->days * 86400),
  136. 'email' => $_POST['mail'],
  137. 'powers' => '',
  138. 'enabled' => '1',
  139. 'transferblock' => '',
  140. 'reserve' => '393939393939',
  141. 'connectedlast' => $_SERVER['REMOTE_ADDR'],
  142. 'rank' => 1
  143. );
  144. $result = $mysql->insert('users', $vals);
  145. $messages[] = "Registration successful, you may now login";
  146. break;
  147. case 'update_bio':
  148. if($core->auth)
  149. {
  150. $mysql->query('update `users` set `desc`=:desc where `id`=' . $core->user['id'] . ';', array('desc' => $_POST['bio']));
  151. }
  152. break;
  153. case 'update_css':
  154. if($core->auth)
  155. {
  156. $mysql->query('update `users` set `css`=:css where `id`=' . $core->user['id'] . ';', array('css' => $_POST['css']));
  157. }
  158. break;
  159. }
  160.  
  161. foreach($messages as $message)
  162. {
  163. print '<p style="color:#FF0000"><strong>**: <span style="display: inline;" data-localize="login.wronguep">'.$message.'</span></strong></p>';
  164. }
  165. }
  166. ?>
  167. <p><b>Login with a xat ID:</b></p>
  168.  
  169. <form method="post">
  170. <input type="hidden" name="cmd" value="login" />
  171. <table border="0">
  172.  
  173. <tr><td><p><span data-localize=buy.xatname>xat user name:</span></p></td>
  174. <td><input name="user" type="text" value="" size="60" maxlength="128" /></td>
  175. <td></td></tr>
  176. <tr style="padding-bottom:15px"><td valign="top"><p><span data-localize=buy.password>Password:</span></p></td>
  177. <td><input name="pass" type="password" id="pass" size="60" maxlength="128" /><BR>
  178. <span data-localize=login.securitywarn>
  179. <font color="#FF0000">Please ensure your browser is on: http://<?php echo $config->info['server_domain']; ?> <BR>
  180. <B>IMPORTANT: xat will NEVER ask you for your email password.</b>
  181. Only use your email password to log in to your email. Please read the <a href="http://xat.com/phishing">Phishing info page</a></font>
  182. </span>
  183. </td><td></td></tr>
  184.  
  185. <tr><td></td><td><p>
  186. <button name="Login" type="submit" class="btn"><i class="icon-play-circle"></i>&nbsp;<span data-localize=login.login>Login</span></button>
  187. </p></td></tr>
  188. </table>
  189. </table>
  190. <BR>
  191. </form>
  192. </div>
  193.  
  194. <center><embed src="<?php echo $config->info['reclama']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed />
  195.  
  196. <?php require_once("foot.php"); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!