Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- session_start();
- ini_set('display_errors', 1);
- error_reporting(E_ERROR);
- define("CHECK_IN", "1");
- include_once("configuration.php");
- include_once("fonctions.php");
- $conn = mysqli_connect(SQL_HOST,SQL_USER,SQL_PASSEWORD, SQL_BDD);
- if ($_SESSION['af_id'] && $_SESSION['af_ip_client'])
- echo '<meta http-equiv="refresh" content="0; URL=index.php">';
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
- <title> <? echo LOGO_TITLE; ?> </title>
- <link rel="Shortcut Icon" href="./img/favicon.ico" />
- <link href="css/reset.css" media="screen" rel="stylesheet" type="text/css" />
- <link href="css/style.css" media="screen" rel="stylesheet" type="text/css" />
- <!--[if IE]>
- <link href="css/ie.css" media="screen" rel="stylesheet" type="text/css">
- <![endif]-->
- <script type="text/javascript" src="js/jquery-1.4.4.min.js"></script>
- <script type="text/javascript" src="js/jquery-custom.js"></script>
- </head>
- <body>
- <div class="shadow-login"></div><!-- end div .shadow-login -->
- <!-- BEGIN LOGIN -->
- <div id="login">
- <p class="logo"><a>Identification</a></p>
- <div class="box-out">
- <div class="box-in">
- <?
- if (isset($_GET['steam_id']))
- {
- $steam_id = htmlentities($_GET['steam_id'], ENT_QUOTES);
- $result = mysqli_query($conn, "
- SELECT *
- FROM `".SQL_PREFIX."_users`
- WHERE steam_id='".$steam_id."'
- LIMIT 0,1
- ");
- $resultat = mysqli_fetch_array($result);
- $adresse_email = $resultat['mail'];
- }
- if($_GET['c'] == "already")
- echo '
- <div class="notification info">
- <div class="messages">Vous avez déjà un compte, connectez-vous<div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification info -->';
- $formulaire = '
- <form action="login.php" METHOD="POST">
- <fieldset>
- <input type="HIDDEN" name="login" value="login">
- <label>Adresse e-mail</label><input type="text" name="maillogin" class="text" value="'.GetInfo($_GET['af_id'], 'mail').'" />
- <label>Mot de passe</label><input type="password" name="passwordlogin" class="text" />
- <input type="submit" class="submit" value=" S\'identifier ! " />
- <input name="passoublie" type="submit" class="submit" value="Mot de passe oublié" />
- </fieldset>
- </form><br>
- <center><p><a href="index.php">Retour au site</a></p></center>
- <p>
- ';
- if ($_POST['passoublie'])
- {
- /*
- if (!$_POST['maillogin'])
- {
- echo '
- <div class="notification error">
- <div class="messages">Vous devez compléter le champs \'Adresse e-mail\' <div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification error -->';
- echo $formulaire;
- }
- else
- {
- $sql = mysqli_query($conn, "SELECT id, recovery_date, username FROM `".SQL_PREFIX."_users` WHERE `mail`= '".$_POST['maillogin']."' LIMIT 1");
- $id = mysqli_result($sql, 0, 'id'); $recovery_date = mysqli_result($sql, 0, 'recovery_date');
- $username = mysqli_result($sql, 0, 'username');
- if ($id < 1 OR !is_numeric($id))
- {
- echo '
- <div class="notification error">
- <div class="messages">Cette adresse e-mail n\'est pas reconnue <div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification error -->';
- echo $formulaire;
- }
- elseif ((time() - $recovery_date) < DELAY_RECOVERY_PASSE && DELAY_RECOVERY_PASSE > 0)
- {
- echo '
- <div class="notification error">
- <div class="messages">Vous avez déjà demandé votre mot de passe<div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification error -->';
- echo $formulaire;
- }
- else
- {
- $recovery_code = random(16);
- mysqli_query($conn, "UPDATE `".SQL_PREFIX."_users` SET `recovery_code` = '".md5($recovery_code)."', `recovery_date` = '".time()."' WHERE `id` =".$id.";");
- $lien = URL_SITE . "/index.php?p=pwr&id=".$id."&code=" . $recovery_code;
- $message_recovery = "
- Bonjour, ".htmlentities($username, ENT_QUOTES).".
- <br>
- Vous avez demandé un changement de mot de passe sur notre site ".URL_SITE.".<br><br>
- Si vous n'êtes pas l'auteur de cette demande, ignorez ce message.<br><br>
- Pour changer votre mot de passe, il vous suffit de <a href=\"".$lien."\">cliquer ici</a>.<br>
- Si vous ne voyez pas le lien, copiez coller le lien suivant dans votre barre de navigateur :<br><br> ".$lien."<br><br><br>
- Cette demande a été faites avec l'ip suivante : ".$_SERVER['HTTP_CLIENT_IP'].".<br>
- ";
- mail_envois($_POST['maillogin'], "Récupération de votre mot de passe", $message_recovery);
- echo '
- <div class="notification success">
- <div class="messages">Vous allez recevoir un mail sous peu<div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification success -->';
- echo '<meta http-equiv="refresh" content="4; URL=login.php">';
- }
- }*/
- echo '
- <div class="notification error">
- <div class="messages">Tapez <i>!pw</i> sur un serveur pour en changer<div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification error -->';
- echo $formulaire;
- }
- elseif (($_POST['login'] OR $_GET['login']) && (!$_POST['passoublie'])) {
- if ($_POST['login'])
- {
- $mail = $_POST['maillogin'];
- $pass = $_POST['passwordlogin'];
- } // Récupération des infos via le formulaire
- else
- {
- $mail = $_GET['maillogin'];
- $pass = $_GET['passwordlogin'];
- } // Récupération des infos via le get
- $result = mysqli_query($conn, "
- SELECT *
- FROM `".SQL_PREFIX."_users`
- WHERE mail='".mysqli_real_escape_string($conn, $mail)."' AND password='".mysqli_real_escape_string($conn, md5($pass))."'
- LIMIT 0,1
- ");
- if (mysqli_num_rows($result) == 1) {
- $resultat = mysqli_fetch_array($result);
- $_SESSION['af_id'] = $resultat['id'];
- $_SESSION['af_steam_id'] = $resultat['steam_id'];
- $_SESSION['af_pseudo'] = $resultat['username'];
- $_SESSION['af_token'] = GetInfo($resultat['id'], 'token');
- $_SESSION['af_date_register'] = $resultat['date_register'];
- $_SESSION['af_ip_register'] = $resultat['ip_register'];
- $_SESSION['af_lastseen'] = $resultat['lastseen'];
- $_SESSION['af_lastseen_ip'] = $resultat['lastseen_ip'];
- $_SESSION['af_ip_client'] = $_SERVER['HTTP_CLIENT_IP'];
- $_SESSION['af_admin_level'] = $resultat['admin_level'];
- $requete_sql = "UPDATE `".SQL_PREFIX."_users` SET `lastseen` = '".time()."', `lastseen_ip` = '".$_SERVER['HTTP_CLIENT_IP']."' WHERE `id` =".$resultat['id'].";";
- mysqli_query($conn, $requete_sql);
- if (ROOT_SITE == $resultat['steam_id'])
- $_SESSION['af_admin_level'] = 10;
- echo '
- <div class="notification success">
- <div class="messages">Identification réussie, redirection en cours... <div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification success -->';
- echo '<meta http-equiv="refresh" content="1; URL=index.php?p=compte">';
- }
- else
- {
- echo '
- <div class="notification error">
- <div class="messages">Adresse e-mail/mot de passe incorrects<div class="close"><img src="img/icon/close.png" alt="close" /></div></div>
- </div><!-- end div .notification error -->';
- echo $formulaire;
- }
- }
- else
- echo $formulaire;
- ?>
- </div><!-- end div .box-in -->
- </div><!-- end div .box-out -->
- </div><!-- end div #login -->
- <!-- END LOGIN -->
- </body>
- </html>
- <? mysqli_close(); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement