Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- usergroups that should have access
- 6 Admin
- 5 Tech
- 7 Video Maker
- 10 BF2
- 11 COD4
- 12 COD5
- 13 CSS
- 14 CS1.6
- 15 COD
- 16 COD UO
- 17 TF2
- 18 L4D
- 19 Wolfenstien
- put &debug=1 at end of url to activate debug mode.
- */
- $hostname = "localhost";
- $dbname = "dc_forumz";
- $username = $_GET[username];
- $password = $_GET[password];
- $dbuser = "webbymaster";
- $dbpass = "EoD45~4cx]0C";
- $notvip = true;
- $submithwid = false;
- if ($_GET[submithwid] == "1"){
- $submithwid = true;
- }
- $db_link=mysql_connect($hostname, $dbuser, $dbpass);
- mysql_select_db($dbname, $db_link)
- or die("Unable to connect to the database");
- function get_one_row($query) {
- $result = mysql_query($query);
- $row = mysql_fetch_array($result);
- return($row);
- }
- $result = get_one_row("SELECT * FROM `vbuser` WHERE username='" . $username . "' LIMIT 0 , 30");
- $calculatedhash = md5(md5($password).$result['salt']);
- $remotehash = $result['password'];
- $usergroup = $result['usergroupid'];
- $cpu = $result['cpu'];
- $mac = $result['mac'];
- $hd = $result['hd'];
- $motherboard = $result['motherboard'];
- if ($_GET[debug] == "1"){
- echo("username = " . $username . " <br> password = " . $password . "<br>");
- echo("remote password hash = " . $result['password'] . "<br> remote pass salt = " . $result['salt'] . "<br><br>");
- echo ("calculated hash from the inputted stuff is " . $calculatedhash . "<br>" . "the remote password hash (stored in the forum db) is " . $remotehash . "<br><br><br>");
- }
- //TODO if usergroup == vipusergroup then set notvip to false
- if ($calculatedhash == $remotehash){
- //logged in! now echo usergroup ids
- echo("yes" . $usergroup . "," . $result['membergroupids']);
- if ($cpu == "" || $mac == "" || $hd == "" || motherboard == ""){
- echo("needtosubmithwid");
- }
- if ($submithwid == true){
- //insert stuff
- $cpu = $_GET['cpu'];
- $mac = $_GET['mac'];
- $hd = $_GET['hd'];
- $motherboard = $_GET['motherboard'];
- $sql = "UPDATE `vbuser` SET `cpu` = '" . $cpu . "',
- `mac` = '" . $mac . "',
- `hd` = '" . $hd . "',
- `motherboard` = '" . $motherboard . "' WHERE `username` = '" . $username . "' LIMIT 1 ;";
- if (!mysql_query($sql,$db_link))
- {
- die('Error errorwut: ' . mysql_error());
- }
- echo "HARDWARE ID SUBMITTED. CODEWORD: hwidsubmittedgood";
- } else {
- $cpu = $result['cpu'];
- $mac = $result['mac'];
- $hd = $result['hd'];
- $motherboard = $result['motherboard'];
- echo ($cpu . $mac . $hd . $motherboard);
- }
- } else {
- echo("0"); //wrong login
- }
- ?>
Add Comment
Please, Sign In to add comment