Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- Toate drepturile rezervate @Emma -->
- <!-- All rights reserved. @Emma -->
- <!DOCTYPE html>
- <!--head-->
- <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
- <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
- <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
- <!--[if gt IE 8]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <title>Login - Register</title>
- <meta name="description" content="Logheazate pe site">
- <meta name="viewport" content="width=device-width">
- <link href="/favicon.ico" rel="shortcut icon" type="image/x-icon">
- <link rel="stylesheet" type="text/css" href="/css/bootstrap.min.css">
- <link rel="stylesheet" type="text/css" href="/css/bootstrap-responsive.min.css">
- <link rel="stylesheet" type="text/css" href="/css/animate.css">
- <link rel="stylesheet" type="text/css" href="/css/main.css">
- <link rel="stylesheet" type="text/css" href="/css/cookiecuttr.css">
- <link rel="stylesheet" type="text/css" href="/css/classic.css">
- <script src="/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script>
- </head>
- <body>
- <!--/head-->
- <?php
- require_once("nav.php");
- ?>
- <div class="adxat" data-adtype="top" align="center" style="width:728;height:90"></div>
- <div class="container">
- <center><embed src="<?php echo $config->info['banner']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed /></center>
- <h1>xat registered user account management page</h1>
- <ul class="nav nav-pills"><li class="active"><a href="/login">Login</a></li>
- <li><a href="/register">Register</a></li>
- <li><a href="/changeuserpassword?u=">Change password.</a></li>
- </ul>
- <?php
- if(!isset($config->complete))
- {
- return include $pages['setup'];
- }
- function swfavatar($text){
- $find[] = '(';
- $find[] = ')';
- $find[] = '#';
- $replace[] = 'http://www.xatech.com/web_gear/flash/smiliesshow.swf?r=';
- $replace[] = '';
- $replace[] = '%23';
- $text = str_replace($find, $replace, $text);
- return $text;
- }
- if(isset($_POST['cmd']))
- {
- $messages = array();
- switch($_POST['cmd'])
- {
- case 'login':
- if(!$core->allset($_POST, 'user', 'pass'))
- {
- break;
- }
- if(strlen($_POST['user']) == 0)
- {
- $messages[] = 'Please enter your username';
- }
- if(strlen($_POST['pass']) == 0)
- {
- $messages[] = 'Please enter your password';
- }
- if(!empty($messages)) break;
- $user = $mysql->fetch_array('select * from `users` where `username`=:a;', array('a' => $_POST['user']));
- if(empty($user) || !$mysql->validate($_POST['pass'], $user[0]['password']))
- {
- $messages[] = 'Bad username / password';
- break;
- }
- $loginKey = md5(time() . json_encode($_POST));
- setCookie('loginKey', $loginKey, strtotime('+ 1 year'));
- $_COOKIE['loginKey'] = $loginKey;
- $mysql->query('update `users` set `loginKey`=:a where `username`=:b;', array('a' => $loginKey, 'b' => $user[0]['username']));
- $messages[] = '' . header('Refresh: 0; url=/succeslogin');
- $core->auth = true;
- break;
- case 'register':
- if(!$core->allset($_POST, 'user', 'pass', 'mail'))
- {
- break;
- }
- if(strlen($_POST['user']) < 5 || strlen($_POST['user']) > 32 || !ctype_alnum($_POST['user']))
- {
- $messages[] = 'Your username requires 5-10 alpha-numeric characters (a-z/0-9)';
- }
- if(strtolower($_POST['user']) == 'unregistered')
- {
- $messages[] = 'That username is reserved.';
- }
- if(strlen($_POST['pass']) < 6)
- {
- $messages[] = 'You are required to choose a password with at least 6 characters.';
- }
- if(!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL))
- {
- $messages[] = 'Please enter a valid email address.';
- }
- if(!empty($messages)) break;
- $count = $mysql->fetch_array('select count(*) as `count` from `users` where `username`=:a or `email`=:b or (`connectedlast`=:c and `username`!=\'unregistered\');', array('a' => $_POST['user'], 'b' => $_POST['mail'], 'c' => $_SERVER['REMOTE_ADDR']));
- if($count[0]['count'] > 0)
- {
- $messages[] = 'Someone already registered with that username, or you already have an account.';
- break;
- }
- /* Insert Pre-Registration-ID Here (Unregistered) */
- $vals = array(
- 'id' => 'NULL',
- 'username' => $_POST['user'],
- 'nickname' => $_POST['user'],
- 'password' => $mysql->hash($_POST['pass']),
- 'avatar' => rand(0, 1759),
- 'url' => '',
- 'k' => rand(-1000000, 1000000),
- 'k2' => rand(-1000000, 1000000),
- 'k3' => rand(-1000000, 1000000),
- 'xats' => $config->xats,
- 'days' => time() + ($config->days * 86400),
- 'email' => $_POST['mail'],
- 'powers' => '',
- 'enabled' => '1',
- 'transferblock' => '',
- 'reserve' => '393939393939',
- 'connectedlast' => $_SERVER['REMOTE_ADDR'],
- 'rank' => 1
- );
- $result = $mysql->insert('users', $vals);
- $messages[] = "Registration successful, you may now login";
- break;
- case 'update_bio':
- if($core->auth)
- {
- $mysql->query('update `users` set `desc`=:desc where `id`=' . $core->user['id'] . ';', array('desc' => $_POST['bio']));
- }
- break;
- case 'update_css':
- if($core->auth)
- {
- $mysql->query('update `users` set `css`=:css where `id`=' . $core->user['id'] . ';', array('css' => $_POST['css']));
- }
- break;
- }
- foreach($messages as $message)
- {
- print '<p style="color:#FF0000"><strong>**: <span style="display: inline;" data-localize="login.wronguep">'.$message.'</span></strong></p>';
- }
- }
- ?>
- <p><b>Login with a xat ID:</b></p>
- <form method="post">
- <input type="hidden" name="cmd" value="login" />
- <table border="0">
- <tr><td><p><span data-localize=buy.xatname>xat user name:</span></p></td>
- <td><input name="user" type="text" value="" size="60" maxlength="128" /></td>
- <td></td></tr>
- <tr style="padding-bottom:15px"><td valign="top"><p><span data-localize=buy.password>Password:</span></p></td>
- <td><input name="pass" type="password" id="pass" size="60" maxlength="128" /><BR>
- <span data-localize=login.securitywarn>
- <font color="#FF0000">Please ensure your browser is on: http://<?php echo $config->info['server_domain']; ?> <BR>
- <B>IMPORTANT: xat will NEVER ask you for your email password.</b>
- Only use your email password to log in to your email. Please read the <a href="http://xat.com/phishing">Phishing info page</a></font>
- </span>
- </td><td></td></tr>
- <tr><td></td><td><p>
- <button name="Login" type="submit" class="btn"><i class="icon-play-circle"></i> <span data-localize=login.login>Login</span></button>
- </p></td></tr>
- </table>
- </table>
- <BR>
- </form>
- </div>
- <center><embed src="<?php echo $config->info['reclama']; ?>" pluginspage="http:/www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="obj1" width="728" height="90" quality="High" wmode="transparent"></embed />
- <?php require_once("foot.php"); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement