Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class realmd{
- var $db;
- var $id;
- function __construct($db, $link) {
- $this->db = $db;
- $this->id = $link;
- }
- function membership() {
- if(isset($_POST['login_username']) && isset($_POST['login_password']) && !isset($_SESSION['username'])) { $this->login($_POST['login_username'], $_POST['login_password']); }
- if(!isset($_SESSION['username'])) {
- $output = '<form method="post" action="?p=home" style="text-align:center;">
- <input name="login_username" type="text" value="Username" onFocus="this.value=\'\'"/>
- <br />
- <input name="login_password" type="password" value="Password" onFocus="this.value=\'\'"/>
- <br />
- <input type="submit" value="Login" />
- </form><br />
- <center>No account? <a href="?p=register">Create one here!</a></center>';
- } else {
- $info = mysql_query("SELECT * FROM ".$this->db.".account WHERE username = '".$_SESSION['username']."'", $this->id);
- $info_row = mysql_fetch_assoc($info);
- $exp[0] = "None";
- $exp[1] = "TBC";
- $exp[2] = "WoTLK";
- $ingame[0] = "<span style='color:red;'>No</span>";
- $ingame[1] = "<span style='color:green;'>Yes</span>";
- $rank[0] = "Player";
- $rank[1] = "VIP";
- $rank[2] = "GameMaster";
- $rank[3] = "Administrator";
- $rank[4] = "Server Owner";
- if($_SESSION['rank'] == 4) {
- $acp = '<tr>
- <td>• <a href="?p=admin">Admin panel</a></td>
- </tr>';
- } else { $acp = ""; }
- $output = '<center>Welcome <b>'.$_SESSION['username'].'</b>! [<a href="?p=logout">Logout</a>]<br /><br />
- <table>
- <tr>
- <td><b>Flags: </b></td>
- <td>'.$exp[$info_row['expansion']].'</td>
- </tr>
- <tr>
- <td><b>Email: </b></td>
- <td>'.$info_row['email'].'</td>
- </tr>
- <tr>
- <td><b>Last IP: </b></td>
- <td>'.$info_row['last_ip'].'</td>
- </tr>
- <tr>
- <td><b>Current IP: </b></td>
- <td>'.$_SERVER['REMOTE_ADDR'].'</td>
- </tr>
- <tr>
- <td><b>Online: </b></td>
- <td>'.$ingame[$info_row['online']].'</td>
- </tr>
- <tr>
- <td><b>Rank: </b></td>
- <td>'.$rank[$_SESSION['rank']].'</td>
- </tr>
- <tr>
- <td><b>Vp: </b></td>
- <td>'.$info_row['vp'].'</td>
- </tr>
- <tr>
- <td><b>Dp: </b></td>
- <td>'.$info_row['dp'].'</td>
- </tr>
- </table><br />
- <table width="90%">
- <tr>
- <td><b>Account tools</b></td>
- </tr>
- <tr>
- <td>• <a href="?p=changepw">Change Password</a></td>
- </tr>
- <tr>
- <td>• <a href="?p=changeexp">Change Expansions</a></td>
- </tr>
- <tr>
- <td>• <a href="?p=vote">Vote</a></td>
- </tr>
- <tr>
- <td>• <a href="?p=donate">Donate</a></td>
- </tr>
- <tr>
- <td>• <a href="?p=shop">Item shop</a></td>
- </tr>
- '.$acp.'
- </table>
- </center>';
- }
- echo $output;
- }
- function login($user, $pass) {
- $userx = @mysql_query("SELECT username, sha_pass_hash, id , shoutboxnick FROM ".$this->db.".account WHERE username = '".$user."' LIMIT 1", $this->id);
- $user_row = @mysql_fetch_assoc($userx);
- $shoutnick = $user_row['shoutboxnick'];
- echo $shoutnick;
- $user_u = strtoupper($user);
- $pass_u = strtoupper($pass);
- $hashedpw = sha1($user_u.':'.$pass_u);
- $output = '<center>';
- if(empty($user) || empty($pass)) {
- $output .= 'One or more fields wasn\'t filled!';
- }
- elseif(empty($user_row['username'])) {
- $output .= 'User doesn\'t exist!';
- }
- elseif($hashedpw != $user_row['sha_pass_hash']) {
- $output .= 'Wrong password!';
- }
- else {
- $rank = @mysql_query("SELECT * FROM ".$this->db.".account_access WHERE id = '".$user_row['id']."' LIMIT 1", $this->id);
- $rank_row = @mysql_fetch_assoc($rank);
- $_SESSION['shoutboxnick'] = $shoutnick;
- $_SESSION['username'] = $user;
- if(empty($rank_row['gmlevel'])) {
- $_SESSION['rank'] = 0;
- } else {
- $_SESSION['rank'] = $rank_row['gmlevel'];
- }
- die("<script type='text/javascript'>window.location='?p=home'</script>You are being redirected, press <a href='?p=home'>here</a> if you don't wish to wait!");
- }
- $output .= '</center>';
- echo $output;
- }
- function register() {
- global $realmlist;
- $one = rand(1, 15);
- $two = rand(1, 15);
- $output = '<div class="midbox"><div class="midbox_top">Account creation</div>
- <div class="midbox_content">
- <form action="?p=register" method="post">';
- if(isset($_POST['reg_username'])) {
- $output .= realmd::reg_acc();
- }
- $output .= '<center>
- <input type="text" name="reg_username" value="Username" onFocus="this.value=\'\'"/><br />
- <input type="text" name="reg_shoutboxnick" value="ShoutBox NickName" onFocus="this.value=\'\'"/><br />
- <input type="password" name="reg_password" value="Password" onFocus="this.value=\'\'"/><br />
- <input type="text" name="reg_email" value="yourname@server.com" onFocus="this.value=\'\'"/><br />
- <label for="reg_flags">Expansion:</label>
- <select name="reg_flags">
- <option value="2">WoTLK</option>
- <option value="1">TBC</option>
- <option value="0">None</option>
- </select><br /><br /><br />
- <input type="hidden" name="reg_ans" value="'.($one+$two).'" />
- <input type="text" name="reg_antibot" value="Anti-bot: What is '.$one.' + '.$two.'?" onFocus="this.value=\'\'"/><br />
- <br />
- <input type="submit" value="Create account!"/><br /><br />
- <b>set realmlist '.$realmlist.'</b>
- </center>
- </form>
- </div>
- </div>';
- echo $output;
- }
- <?php
- <?php
- function reg_acc() {
- $userx = @mysql_query("SELECT username, id FROM ".$this->db.".account WHERE username = '".mysql_real_escape_string($_POST['reg_username'])."' LIMIT 1", $this->id);
- $user_row = @mysql_fetch_assoc($userx);
- $totalaccs_q = @mysql_query("SELECT COUNT(*) AS total FROM ".$this->db.".account WHERE registerip = '".$_SERVER['REMOTE_ADDR']."' LIMIT 3", $this->id);
- $totalaccs = @mysql_fetch_assoc($totalaccs_q);
- $output = "<center>";
- if(isset($_SESSION['username'])) {
- $output .= "You're already logged in!";
- }
- elseif(filter_var($_POST['reg_email'], FILTER_VALIDATE_EMAIL) == false) {
- $output .= "Invalid email!";
- }
- elseif(isset($user_row['id'])) {
- $output .= "User already exists!";
- }
- elseif($_POST['reg_antibot'] != $_POST['reg_ans']) {
- $output .= "Wrong anti-bot answear!";
- }
- elseif(empty($_POST['reg_shoutboxnick'])) {
- $output .= "You need to enter a shoutbox nickname!";
- }
- elseif($totalaccs['total'] >= 3) {
- $output .= "You may only register 3 accounts per IP!";
- }
- else {
- $username = mysql_real_escape_string($_POST['reg_username']);
- $pass = mysql_real_escape_string($_POST['reg_password']);
- $email = mysql_real_escape_string($_POST['reg_email']);
- $flags = mysql_real_escape_string($_POST['reg_flags']);
- $shoutboxnick = mysql_real_escape_string($_POST['reg_shoutboxnick']);
- $pw = sha1(strtoupper($username).':'.strtoupper($pass));
- mysql_query("INSERT INTO ".$this->db.".account(`username`, `sha_pass_hash`, `email`, `expansion`, `shoutboxnick`, `registerip`) VALUES('".$username."', '".$pw."', '".$email."', '".$flags."', '".$shoutboxnick."', '".$_SERVER['REMOTE_ADDR']."')", $this->id) or die(mysql_error());
- $output .= "<span style='color:green;'>Account was created successfully!</span>";
- }
- $output .= "</center>";
- return $output;
- }
- ?>
- function xml_status() {
- $query = mysql_query("SELECT COUNT(*) AS total FROM ".$this->db.".account", $this->id);
- $row = mysql_fetch_assoc($query);
- $total = $row['total'];
- $xml = '
- <accounts>'.$total.'</accounts>';
- return $xml;
- }
- function change($what) {
- $output = '<div class="midbox"><div class="midbox_top">Change '.$what.'</div>
- <div class="midbox_content"><center><br />';
- switch($what) {
- case "password":
- $output .= '<form action="?p=changepw" method="post">
- New password:<br />
- <input name="newpw" type="password" value="password" onFocus="this.value=\'\'" /><br /><br />
- <input type="submit" value="Change it!" />
- </form>';
- if(isset($_POST['newpw'])) {
- $acc = $_SESSION['username'];
- $pw = mysql_real_escape_string($_POST['newpw']);
- $pw = sha1(strtoupper($acc).':'.strtoupper($pw));
- mysql_query("UPDATE ".$this->db.".account SET sha_pass_hash='$pw' WHERE username='$acc'", $this->id) or die(mysql_error());
- $output .= "<br /><center>Your password was successfully changed to <b>".$_POST['newpw']."</b>!</center>";
- }
- break;
- case "expansion":
- $output .= '<form action="?p=changeexp" method="post">
- New expansion:<br />
- <select name="newexp">
- <option value="2">WoTLK</option>
- <option value="1">TBC</option>
- <option value="0">None</option>
- </select>
- <br /><br />
- <input type="submit" value="Change it!" />
- </form>';
- if(isset($_POST['newexp'])) {
- $acc = $_SESSION['username'];
- $exp = mysql_real_escape_string($_POST['newexp']);
- mysql_query("UPDATE ".$this->db.".account SET expansion='$exp' WHERE username='$acc'", $this->id) or die(mysql_error());
- $output .= "<br /><center>Your expansion was successfully changed!</center>";
- }
- break;
- }
- $output .= "</center></div></div>";
- echo $output;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement