API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 22nd, 2018
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.22 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. global $_CONFIG;
  3. // if user is not logged in
  4. if(!isset($_SESSION['user']['id'])) header('Location: '.$_CONFIG['hotel']['url'].'/index');
  5.  
  6.  
  7. $getUser = mysql_query("SELECT * FROM users WHERE id = '". $_SESSION['user']['id'] . "' LIMIT 1");
  8. $userInfo = mysql_fetch_array($getUser);
  9. if(!isset($_SESSION['user']['verified']))
  10. {
  11. if(!empty($userInfo['account_security']))
  12. {
  13. require_once('authentication.php');
  14. }
  15. else
  16. {
  17. $token = 1;
  18. }
  19. }
  20. else
  21. {
  22. $token = 1;
  23. }
  24. if($token == 1){
  25. ?>
  26. <!DOCTYPE html>
  27. <?php
  28. //Staff maintence, only staff can enter
  29. $in_main = false;
  30. if($_SESSION['user']['rank'] < 3 && $in_main){
  31. die("It's only possible for staff to enter right now");
  32. }
  33. ?>
  34. <?php
  35.  
  36. if($_SESSION['user']['rank'] >= 3){
  37. if(!isset($_POST['clientlog'])){
  38. echo '<form action="client" method="post" >';
  39. echo '<label>Staff Pin: </label><input type="password" name="clientpin" placeholder="Staff Pin" /><br />';
  40. echo '<input type="submit" name="clientlog" value="Logga in" />';
  41. echo '</form>';
  42. exit();
  43.  
  44. }
  45.  
  46.  
  47. if(isset($_POST['clientlog'])){
  48. $get_userinfo = mysql_query("SELECT ip FROM identity WHERE username = '" . $_SESSION['user']['username'] . "' LIMIT 1");
  49. $staffUsername = $_SESSION['user']['username'];
  50.  
  51.  
  52.  
  53.  
  54.  
  55.  
  56. $servernameC = "localhost";
  57. $usernameC = "root";
  58. $passwordC = "HabnitehotelA4321";
  59. $dbnameC = "taundb";
  60.  
  61.  
  62. $conn = new mysqli($servernameC, $usernameC, $passwordC, $dbnameC);
  63.  
  64. if ($conn->connect_error) {
  65. die("Connection failed: " . $conn->connect_error);
  66. }
  67.  
  68. $sql = "SELECT pin FROM users WHERE username = '$staffUsername'";
  69. $result = $conn->query($sql);
  70.  
  71. if ($result->num_rows > 0) {
  72.  
  73. while($row = $result->fetch_assoc()) {
  74. $userpin = $row['pin'];
  75. }
  76. }
  77.  
  78.  
  79.  
  80.  
  81.  
  82.  
  83.  
  84.  
  85.  
  86. $userinfo = mysql_fetch_array($get_userinfo);
  87. if($_POST['clientpin'] != $userpin){
  88. die('<div style="width: 50%; height: 20px; border: 2px solid red; background: pink; margin: auto; text-align: center; color: red;">INCORRECT PIN!<br />#400</div>');
  89. }else if(false){
  90. die('<div style="width: 50%; height: 20px; border: 2px solid red; background: pink; margin: auto; text-align: center; color: red;">You should not be here :D<br />#500</div>');
  91. }
  92. }
  93. }
  94.  
  95. ?>
  96. <html lang="en">
  97. <head>
  98.  
  99. <meta http-equiv="content-type" content="text/html; charset=utf-8">
  100. <title>{hotelName} - Client</title>
  101.  
  102. <link rel="shortcut icon" href="{url}/client/favicon.ico" type="image/vnd.microsoft.icon"/>
  103. <link rel="stylesheet" type="text/css" href="{url}/app/tpl/skins/{skin}/css/clientstuff.css?v=<?php echo time(); ?>">
  104. <link rel="shortcut icon" href="https://images.habbo.com/habbo-web/america/en/assets/images/favicon.08c747be.ico">
  105. <script type="text/javascript" src="{url}/app/tpl/skins/{skin}/js/swfobject.js?v=<?php echo time(); ?>"></script>
  106. <script src="{url}/app/tpl/skins/{skin}/js/jquery.min.js"></script>
  107. <script type="text/javascript">
  108. function toggleFullScreen() {
  109. if ((document.fullScreenElement && document.fullScreenElement !== null) ||
  110. (!document.mozFullScreen && !document.webkitIsFullScreen)) {
  111. if (document.documentElement.requestFullScreen) {
  112. document.documentElement.requestFullScreen();
  113. } else if (document.documentElement.mozRequestFullScreen) {
  114. document.documentElement.mozRequestFullScreen();
  115. } else if (document.documentElement.webkitRequestFullScreen) {
  116. document.documentElement.webkitRequestFullScreen(Element.ALLOW_KEYBOARD_INPUT);
  117. }
  118. } else {
  119. if (document.cancelFullScreen) {
  120. document.cancelFullScreen();
  121. } else if (document.mozCancelFullScreen) {
  122. document.mozCancelFullScreen();
  123. } else if (document.webkitCancelFullScreen) {
  124. document.webkitCancelFullScreen();
  125. }
  126. }
  127. }</script>
  128.  
  129. <script type="text/javascript" src="{url}/app/tpl/skins/{skin}/js/swfobject.js?v=<?php echo time(); ?>"></script>
  130. <link rel="stylesheet" type="text/css" href="{url}/app/tpl/skins/{skin}/css/client.min.css?v=<?php echo time(); ?>">
  131. <script type="text/javascript">
  132. var BaseUrl = "{swf_folder}";
  133. var flashvars =
  134. {
  135. "client.starting" : "Vänligen vänta, {hotelname} laddas upp...",
  136. "client.starting.revolving" : "Vänligen vänta, {hotelname} laddas upp...",
  137. "client.allow.cross.domain" : "1",
  138. "client.notify.cross.domain" : "0",
  139. "connection.info.host" : "5.189.148.183",
  140. "connection.info.port" : "30000",
  141. "site.url" : "{url}",
  142. "url.prefix" : "{url}",
  143. "client.reload.url" : "{url}/disconnected",
  144. "client.fatal.error.url" : "{url}/disconnected",
  145. "client.connection.failed.url" : "{url}/disconnected",
  146. "external.variables.txt" : "{external_vars}",
  147. "external.texts.txt" : "{external_texts}",
  148. "productdata.load.url" : "{product_data}",
  149. "furnidata.load.url" : "{furni_data}",
  150. "use.sso.ticket" : "1",
  151. "sso.ticket" : "{sso}",
  152. "processlog.enabled" : "1",
  153. "flash.client.url" : BaseUrl,
  154. "flash.client.origin" : "popup"
  155. };
  156. var params =
  157. {
  158. "base" : BaseUrl + "/",
  159. "allowScriptAccess" : "always",
  160. "menu" : "false"
  161.  
  162. };
  163.  
  164. swfobject.embedSWF(BaseUrl + "/Niteswf.swf", "client", "100%", "100%", "10.0.0", "{swf_base}/expressInstall.swf", flashvars, params, null);
  165. </script>
  166. </head>
  167. <style>
  168. .icon--fullscreen {
  169. background-image: url({url}/app/tpl/skins/{skin}/images/sprites.png);
  170. background-position: -511px -58px;
  171. width: 15px;
  172. height: 14px;
  173. }
  174. </style>
  175. <body>
  176. <div id="fl_but" class="full_screen_but" onclick="fullscreen();"><center><i style="margin-top:7px;" class="fa fa-expand fa-fw"></i></center></div>
  177.  
  178. <div id="client">
  179. <div id="flash-wrapper">
  180. <div id="flash-container">
  181. <div id="content" style="width: 400px; margin: 20px auto 0 auto;">
  182. <div class="client-error">
  183. <h1 class="client-error__title" translate="client_error_title">Du behöver flash för att spela!</h1>
  184. <p translate="client_error_flash">Om du använder en dator behöver du <a href="http://www.adobe.com/go/getflashplayer" target="_blank">tillåta, installera eller uppdatera Flash</a> för att spela. Vänligen <a href="http://www.adobe.com/go/getflashplayer" target="_blank">klicka här för</a> använda Flash! OBS: Om du har blockerat Flash måste du oåteraktivera det!</p>
  185. <div class="client-error__downloads">
  186. <a class="client-error__flash" href="http://www.adobe.com/go/getflashplayer" rel="noopener noreferrer" target="_blank"></a>
  187. </div>
  188. </div>
  189. </div>från
  190. </div>
  191. </div>
  192. </div>
  193. </body>
  194.  
  195. </html>
  196.  
  197. <?php
  198. }
  199. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!