API tools faq
paste
Guest User

Untitled

a guest
Apr 16th, 2018
127
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.51 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. usergroups that should have access
  4.  
  5. 6 Admin
  6. 5 Tech
  7. 7 Video Maker
  8. 10 BF2
  9. 11 COD4
  10. 12 COD5
  11. 13 CSS
  12. 14 CS1.6
  13. 15 COD
  14. 16 COD UO
  15. 17 TF2
  16. 18 L4D
  17. 19 Wolfenstien
  18.  
  19.  
  20.  
  21.  
  22. put &debug=1 at end of url to activate debug mode.
  23. */
  24.  
  25.  
  26.  
  27. $hostname = "localhost";
  28. $dbname = "dc_forumz";
  29. $username = $_GET[username];
  30. $password = $_GET[password];
  31. $dbuser = "webbymaster";
  32. $dbpass = "EoD45~4cx]0C";
  33. $notvip = true;
  34. $submithwid = false;
  35. if ($_GET[submithwid] == "1"){
  36. $submithwid = true;
  37. }
  38.  
  39.  
  40. $db_link=mysql_connect($hostname, $dbuser, $dbpass);
  41.  
  42. mysql_select_db($dbname, $db_link)
  43. or die("Unable to connect to the database");
  44.  
  45.  
  46.  
  47. function get_one_row($query) {
  48. $result = mysql_query($query);
  49. $row = mysql_fetch_array($result);
  50. return($row);
  51. }
  52.  
  53.  
  54. $result = get_one_row("SELECT * FROM `vbuser` WHERE username='" . $username . "' LIMIT 0 , 30");
  55.  
  56. $calculatedhash = md5(md5($password).$result['salt']);
  57. $remotehash = $result['password'];
  58. $usergroup = $result['usergroupid'];
  59.  
  60. $cpu = $result['cpu'];
  61. $mac = $result['mac'];
  62. $hd = $result['hd'];
  63. $motherboard = $result['motherboard'];
  64. if ($_GET[debug] == "1"){
  65.  
  66. echo("username = " . $username . " <br> password = " . $password . "<br>");
  67. echo("remote password hash = " . $result['password'] . "<br> remote pass salt = " . $result['salt'] . "<br><br>");
  68.  
  69. echo ("calculated hash from the inputted stuff is " . $calculatedhash . "<br>" . "the remote password hash (stored in the forum db) is " . $remotehash . "<br><br><br>");
  70. }
  71.  
  72. //TODO if usergroup == vipusergroup then set notvip to false
  73.  
  74.  
  75. if ($calculatedhash == $remotehash){
  76. //logged in! now echo usergroup ids
  77. echo("yes" . $usergroup . "," . $result['membergroupids']);
  78.  
  79. if ($cpu == "" || $mac == "" || $hd == "" || motherboard == ""){
  80. echo("needtosubmithwid");
  81. }
  82.  
  83.  
  84. if ($submithwid == true){
  85.  
  86. //insert stuff
  87.  
  88. $cpu = $_GET['cpu'];
  89. $mac = $_GET['mac'];
  90. $hd = $_GET['hd'];
  91. $motherboard = $_GET['motherboard'];
  92.  
  93. $sql = "UPDATE `vbuser` SET `cpu` = '" . $cpu . "',
  94. `mac` = '" . $mac . "',
  95. `hd` = '" . $hd . "',
  96. `motherboard` = '" . $motherboard . "' WHERE `username` = '" . $username . "' LIMIT 1 ;";
  97.  
  98. if (!mysql_query($sql,$db_link))
  99. {
  100. die('Error errorwut: ' . mysql_error());
  101. }
  102. echo "HARDWARE ID SUBMITTED. CODEWORD: hwidsubmittedgood";
  103.  
  104. } else {
  105. $cpu = $result['cpu'];
  106. $mac = $result['mac'];
  107. $hd = $result['hd'];
  108. $motherboard = $result['motherboard'];
  109. echo ($cpu . $mac . $hd . $motherboard);
  110. }
  111.  
  112.  
  113.  
  114. } else {
  115. echo("0"); //wrong login
  116. }
  117.  
  118.  
  119.  
  120.  
  121.  
  122. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!