Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ## INDEX BY ANONYMOUS ##
- $allow_guests = "true";
- include('core.php');
- session_start();
- if(!session_is_registered(username)){
- if(isset($_POST['username'])){
- $username = $_POST['username'];
- $password = $_POST['password'];
- if(empty($username) || empty($password)){
- $error = "<div class='bobble'><div class='arrow'></div>Perfavore non lasciare spazi bianchi!</div>";
- }else{
- $select = mysql_query("SELECT * FROM users WHERE username ='".$_POST['username']."' ");
- $user = mysql_fetch_assoc($select);
- if(mysql_num_rows($select) == 0){ $error = "<div class='bobble'><div class='arrow'></div>Username o Password errati!</div>"; }
- $prendiban = mysql_query("SELECT * FROM bans WHERE value = '".$username."' ");
- $ban = mysql_fetch_assoc($prendiban);
- if(mysql_num_rows($prendiban) > 0){ $error="<div class='bobble'><div class='arrow'></div>Sei stato bannato per ".$ban['reason']."</div>";}else{
- if(HoloHash($_POST['password']) == $user['password'] && empty($error)){
- $_SESSION['username'] = $user['username'];
- $_SESSION['password'] = HoloHash($_POST['password']);
- mysql_query("UPDATE users SET lastvisit = '".$date_full."' WHERE username = '".$username."'") or die(mysql_error());
- header("location:home.php"); exit;
- }else{ $error = "<div class='bobble'><div class='arrow'></div>Username o Password errati!</div>"; }
- }
- }
- }
- }else{ header("location: home.php"); }
- if(isset($_POST['username_reg'])){
- $sele_username = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username_reg']."' ");
- $sele_mail = mysql_query("SELECT * FROM users WHERE mail = '".$_POST['email']."' ");
- if(empty($_POST['username_reg'])){ $error_us = "Inserisci un username!<br>"; }if(empty($_POST['email'])){ $error_em = "Inserisci una e-mail!<br>"; }if(empty($_POST['password_reg'])){ $error_psw = "Inserisci una password!<br>"; }if(empty($_POST['password_repeat'])){ $error_psw2 = "Conferma la password!<br>"; }
- if($_POST['password_repeat'] !== $_POST['password_reg']){ $error_psw2 = "Le password non corrispondono!<br>"; }
- if(mysql_num_rows($sele_username) > 0){ $error_us = "Username già in uso!<br>"; }
- if(mysql_num_rows($sele_mail) > 0){ $error_em = "E-mail già in uso!<br>"; }
- if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $error_em = 'E-mail non valida!<br>'; }
- if(strlen($_POST['password_reg']) < 6){ $error_psw = 'Password troppo corta!<br>'; }
- if(strlen($_POST['password_reg']) > 25){ $error_psw = 'Password troppo lunga!<br>'; }
- if(!preg_match('/^[0-9a-zA-Z!?,.:=-]+$/i', $_POST['username_reg']) || preg_match("/MOD-/i", $_POST['username_reg']) || preg_match("/MOD/i", $_POST['username_reg'])){ $error_us = 'Username non valido!<br>'; }
- if(empty($error_us) && empty($error_psw) && empty($error_psw2) && empty($error_em)){
- mysql_query("INSERT INTO users (username, password, mail, credits, look, gender, motto, account_created, last_online, ip_last, ip_reg) VALUES ('".$_POST['username_reg']."', '".HoloHash($_POST['password_reg'])."', '".$_POST['email']."', '100000', 'hr-115-42.hd-190-1.ch-215-62.lg-285-91.sh-290-629', 'M', 'Benvenuto su ".$shortname."!', '".$date_full."', UNIX_TIMESTAMP(), '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['REMOTE_ADDR']."')");
- $user_id = mysql_insert_id();
- mysql_query("INSERT INTO user_stats (id, RoomVisits, OnlineTime, Respect, RespectGiven, GiftsGiven, GiftsReceived, DailyRespectPoints, DailyPetRespectPoints) VALUES ('".$user_id."', 0, 0, 0, 0, 0, 0, 3, 3)");
- mysql_query("INSERT INTO user_info (user_id, bans, cautions, reg_timestamp, login_timestamp, cfhs, cfhs_abusive) VALUES ('".$user_id."', '0', '0', UNIX_TIMESTAMP(), '0', '0', '0')");
- mysql_query("INSERT INTO user_badges (user_id, badge_id, badge_slot) VALUES ('".$user_id."', 'HH1', '0'); ");
- $_SESSION['username'] = $_POST['username_reg'];
- $_SESSION['password'] = HoloHash($_POST['password_reg']);
- header("location: home.php");
- }
- }
- if(isset($_GET['banned']) && isset($_GET['banid'])){
- $prendib = mysql_query("SELECT * FROM bans WHERE id = '".$_GET['banid']."' LIMIT 1");
- $ban = mysql_fetch_assoc($prendib);
- $error = "Sei stato bannato per ".$ban['reason']." fino al ".date("d/m/Y", $ban['expire'])." ";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement