if ($sql) {
print "<p class=\"erok\">Таблица для логов просмотров страниц - создана!</p>";
} else {
print "<p class=\"er\">Не удалось создать таблицу для логов просмотра страниц!</p>";
}
$sql = mysql_query("CREATE TABLE `accounting` (\n `id` int(10) NOT NULL auto_increment,\n `date` int(1) NOT NULL default '0',\n `ccat` smallint(1) NOT NULL default '0',\n `description` varchar(100) NOT NULL default '',\n `sum` decimal(10,2) NOT NULL default '0.00',\n `dc` smallint(1) NOT NULL default '0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM");
if ($sql) {
print "<p class=\"erok\">Таблица для бухгалтерии - создана!</p>";
} else {
print "<p class=\"er\">Не удалось создать таблицу для бухгалтерии!</p>";
}
$sql = mysql_query("CREATE TABLE `users` (\n `id` int(1) NOT NULL auto_increment,\n `login` char(20) NOT NULL default '',\n `pass` char(32) NOT NULL default '',\n `mail` char(30) NOT NULL default '',\n `reg_time` int(10) NOT NULL default '0',\n `go_time` int(10) NOT NULL default '0',\n `ip` char(15) NOT NULL default '',\n `status` smallint(1) NOT NULL default '0',\n `comment` char(150) NOT NULL default '',\n `balance` decimal(10,2) NOT NULL default '0.00',\n `bonus` decimal(10,2) NOT NULL default '0.00',\n `bonuslevel` smallint(1) NOT NULL default '0',\n `clx` int(1) NOT NULL default '0',\n `ref` int(1) NOT NULL default '0',\n `ref_money` decimal(10,2) NOT NULL default '0.00',\n `reftop` decimal(10,2) NOT NULL default '0.00',\n `ref_percent` decimal(10,2) NOT NULL default '0.00',\n `pm` char(10) NOT NULL default '',\n `pe` char(50) NOT NULL default '',\n `icq` char(20) default NULL,\n `skype` char(50) default NULL,\n `active` smallint(1) NOT NULL default '0',\n `bot` smallint(1) NOT NULL default '0',\n PRIMARY KEY (`id`),\n KEY `login` (`login`)\n) ENGINE=MyISAM");
if ($sql) {
print "<p class=\"erok\">Таблица пользователей - создана!</p>";
// Создаём администраторов
$sql = mysql_query("INSERT INTO `users` (`login`, `pass`, `mail`, `reg_time`, `status`) VALUES('" . $login . "', '" . gs_md5($licKEY, $pass) . "', '" . $mail . "', " . time() . ", 1)");
// Закончили создание админов
if ($sql) {
print "<p class=\"erok\">Администратор - создан!</p>";
} else {
print "<p class=\"er\">Не удалось создать администратора!</p>";
}
} else {
print "<p class=\"er\">Не удалось создать таблицу пользователей!</p>";
}
print "<p class=\"er\">Удалите файл install.php!</p>";
}
}
if (!$_GET['action'] || $_GET['action'] == "install" && $error) {
print $error;
?>
} else {
if ($pass_1 != $pass_2) {
echo '<p class="er">' . $lang['er_11'] . '</p>';
} else {
if (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $email)) {
print '<p class="er">' . $lang['er_09'] . '!</p>';
} elseif ($pm[0] != 'U' && $pm) {
print '<p class="er">' . $lang['er_20'] . '</p>';
} elseif (mysql_num_rows(mysql_query("SELECT pm FROM users WHERE pm = '" . $pm . "' AND id != " . $user_id)) && $pm) {
print "<p class=\"er\">" . $lang['er_19'] . "</p>";
} elseif (mysql_num_rows(mysql_query("SELECT mail FROM users WHERE mail = '" . $email . "' AND id != " . $user_id))) {
print "<p class=\"er\">" . $lang['er_13'] . "</p>";
} else {
$sql = 'UPDATE `users` SET ';
if ($pass_1) {
$sql .= 'pass = "******", ';
}
$sql .= 'currency = ' . $currency . ', phone = "' . $phone . '", social = "' . $social . '", bankName = "' . $bankName . '", bankCardNumber = "' . $bankCardNumber . '", bankUserName = "******", mail = "' . $email . '", icq = "' . $icq . '", pm = "' . $pm . '", pe = "' . $pe . '", skype = "' . $skype . '" WHERE id = ' . $user_id . ' LIMIT 1';
if (mysql_query($sql)) {
print '<p class="erok">' . $lang['savedata'] . '</p>';
} else {
print '<p class="er">' . $lang['erbd'] . '</p>';
}
}
}
}
}
$sql = 'SELECT * FROM users WHERE login = "******" LIMIT 1';
$rs = mysql_query($sql);
$a = mysql_fetch_array($rs);
include "tpl/profile.php";
$rs = mysql_query($sql);
$a = mysql_fetch_array($rs);
$s = $a['status'];
if (!$a) {
print '<p class="er">' . $lang['er_06'] . '</p>';
} else {
$case1 = on;
$case2 = on;
$case3 = on;
$case4 = off;
$num1 = 8;
$num2 = 1;
$newpass = generator($case1, $case2, $case3, $case4, $num1);
$text = "<p>Здравствуйте <b>" . $a['login'] . "</b>!</p><p>По Вашей просьбе высылаем новый пароль к аккаунту " . $a['login'] . "<br /><p>Новый пароль: <b>" . $newpass . "</b></p>С Уважением, администрация проекта " . $cfgURL . "<hr /><p>Hello <b>" . $a['login'] . "</b>!</p><p>At your request, send new password to your account " . $a['login'] . "<br /><p>New password: <b>" . $newpass . "</b></p>Sincerely, Administration project <a href=\"http://" . $cfgURL . "\">" . $cfgURL . "</a>";
$subject = "New password / Новый пароль";
$headers = "From: " . $adminmail . "\n";
$headers .= "Reply-to: " . $adminmail . "\n";
$headers .= "X-Sender: < http://" . $cfgURL . " >\n";
$headers .= "Content-Type: text/html; charset=windows-1251\n";
mysql_query("UPDATE `users` SET pass = '******' WHERE login = '******'login'] . "' LIMIT 1");
if (mail($email, $subject, $text, $headers)) {
print '<p class="erok">' . $lang['er_07'] . '</p>';
} else {
print '<p class="er">' . $lang['er_08'] . '</p>';
}
}
} else {
print '<p class="er">' . $lang['er_09'] . '</p>';
}
}
include "tpl/reminder.php";
$mail = htmlspecialchars($_POST['mail'], ENT_QUOTES, '');
$ul = htmlspecialchars($_POST['ul'], ENT_QUOTES, '');
$com = htmlspecialchars($_POST['com'], ENT_QUOTES, '');
$pm = htmlspecialchars($_POST['pm'], ENT_QUOTES, '');
$pe = htmlspecialchars($_POST['pe'], ENT_QUOTES, '');
$skype = htmlspecialchars($_POST['skype'], ENT_QUOTES, '');
$icq = htmlspecialchars($_POST['icq'], ENT_QUOTES, '');
$currency = intval($_POST['currency']);
$phone = gs_html($_POST['phone']);
$social = gs_html($_POST['social']);
$bankName = gs_html($_POST['bankName']);
$bankCardNumber = gs_html($_POST['bankCardNumber']);
$bankUserName = gs_html($_POST['bankUserName']);
if ($pass && $repass) {
if ($pass == $repass) {
mysql_query('UPDATE users SET pass = "******" WHERE id = ' . intval($_GET['id']) . ' LIMIT 1');
} else {
print "<p class=\"er\">Пароль не изменён, из-за несовпадения введённых паролей!</p>";
}
}
if ($mail) {
if (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $mail)) {
print "<p class=\"er\">Введите правильный e-mail!</p>";
} else {
mysql_query('UPDATE users SET currency = ' . $currency . ', phone = "' . $phone . '", social = "' . $social . '", bankName = "' . $bankName . '", bankCardNumber = "' . $bankCardNumber . '", bankUserName = "******", mail = "' . $mail . '", comment = "' . $com . '", balance = balance + ' . sprintf("%01.2f", $_POST['pmbal']) . ', bonus = bonus + ' . sprintf("%01.2f", $_POST['bonus']) . ', pm = "' . $pm . '", pe = "' . $pe . '", skype = "' . $skype . '", icq = "' . $icq . '", ref_percent = ' . sprintf("%01.2f", $_POST['ref_percent']) . ' WHERE id = ' . intval($_GET['id']) . ' LIMIT 1');
print "<p class=\"erok\">Данные сохранены!</p>";
if ($_POST['pmbal'] != 0.0) {
mysql_query('INSERT INTO enter (sum, date, login, status, purse, paysys) VALUES ("' . sprintf("%01.2f", $_POST['pmbal']) . '", "' . time() . '", "' . $ul . '", 2, "ADMINISTRATOR", "PerfectMoney")');
}
}
} else {
<?php
defined('ACCESS') or die;
$user = trim(gs_html($_POST["user"]));
$password = trim($_POST['pass']);
$get_pass = mysql_query("SELECT `id`, `login`, `pass`, `status`, `active` FROM `users` WHERE login = '******' LIMIT 1");
$row = mysql_fetch_array($get_pass);
$id = $row['id'];
$login = $row['login'];
$user_password = $row['pass'];
$status = $row['status'];
$active = $row['active'];
if (!$user || !$password) {
$er = "";
include "tpl/login.php";
} elseif (gs_md5($licKEY, $password) != $user_password || !$login) {
$er = 1;
$login = '';
include "tpl/login.php";
} elseif ($status == 4) {
print "<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"><script language=\"javascript\">alert('" . $lang['loginblock'] . "'); top.location.href=\"/\";</script></head><body></body></html>";
} elseif ($active != 0) {
$er = 2;
$login = '';
include "tpl/login.php";
} else {
$_SESSION['user'] = $login;
$time = time();
mysql_query("UPDATE `users` SET ip = '" . $userip . "', go_time = " . $time . " WHERE login = '******' LIMIT 1");
mysql_query("INSERT INTO `logip` (`user_id`, `ip`, `date`) VALUES (" . $id . ", '" . $userip . "', " . $time . ")");
print "<html><head><script language=\"javascript\">top.location.href=\"/deposits/\";</script></head><body></body></html>";
$pass1 = $_POST['pass'];
$pass2 = $_POST['re_pass'];
$email = htmlspecialchars($_POST['email'], ENT_QUOTES, '');
if (!$name or !$pass1 or !$pass2 or !$email) {
print '<p class="er">Корректно заполните все поля!</p>';
} else {
if ($pass1 != $pass2) {
print '<p class="er">Пароль и подтерждение не совпадают!</p>';
} elseif (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $email)) {
print "<p class=\"er\">Введите правильно e-mail!</p>";
} else {
$sql = 'SELECT `login` FROM `users` WHERE `login` = "' . $name . '"';
if (mysql_num_rows(mysql_query($sql))) {
print '<p class="er">Пользователь с таким именем уже существует!</p>';
} else {
$sql = 'INSERT INTO `users` (`login`, `go_time`, `ip`, `pass`, `mail`, `reg_time`) VALUES ("' . $name . '", ' . time() . ', "' . $userip . '", "' . gs_md5($licKEY, $pass1) . '", "' . $email . '", ' . time() . ')';
if (mysql_query($sql)) {
print '<p class="erok">Создание пользователя прошло успешно!</p>';
} else {
print '<p class="er">Ошибка записи в БД!</p>';
}
}
}
}
}
// Закончили создавать
$money = 0.0;
$query = "SELECT `balance` FROM `users`";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$money = $money + $row['balance'];
} else {
$time = time();
$ip = $userip;
$pass = gs_md5($licKEY, $pass);
if ($referal) {
$get_user_info = mysql_query("SELECT * FROM `users` WHERE `login` = '" . $referal . "' LIMIT 1");
$row = mysql_fetch_array($get_user_info);
$ref_id = intval($row['id']);
} else {
$ref_id = 1;
//admin id
}
if (cfgSET('cfgMailConf') == "on") {
$active = 1;
$actlink = "Ваша ссылка для активации аккаунта: http://" . $cfgURL . "/activate.php?m=" . $email . "&h=" . gs_md5($licKEY, $ulogin . $email);
$enactlink = "Your link to activate your account: http://" . $cfgURL . "/activate.php?m=" . $email . "&h=" . gs_md5($licKEY, $ulogin . $email);
} else {
$active = 0;
$actlink = "";
$enactlink = "";
}
$sql = "INSERT INTO `users` (`login`, `pass`, `mail`, `go_time`, `ip`, `reg_time`, `ref`, `pm`, `active`, `skype`, `icq`, `pe`, `bonus`) VALUES ('" . $ulogin . "', '" . $pass . "', '" . $email . "', " . $time . ", '" . $ip . "', " . $time . ", " . $ref_id . ", '" . $pm . "', " . $active . ", '" . $skype . "', '" . $icq . "', '" . $pe . "', " . cfgSET('cfgBonusReg') . ")";
mysql_query($sql);
$subject = "Registration Info / Регистрационная информация";
$headers = "From: " . $adminmail . "\n";
$headers .= "Reply-to: " . $adminmail . "\n";
$headers .= "X-Sender: < http://" . $cfgURL . " >\n";
$headers .= "Content-Type: text/html; charset=windows-1251\n";
$text = "Здравствуйте <b>" . $ulogin . "!</b><br />Поздравляем Вас с успешной регистрацией в проекте <a href=\"http://" . $cfgURL . "/\" target=\"_blank\">http://" . $cfgURL . "</a><br />Ваш Login: <b>" . $ulogin . "</b><br />Ваш пароль: <b>" . $repass . "</b><br />" . $actlink . "<br /><br />С Уважением, администрация проекта " . $cfgURL . "<hr />Hello <b>" . $ulogin . "!</b><br />Congratulations on your successful registration for project <a href=\"http://" . $cfgURL . "/\" target=\"_blank\">http://" . $cfgURL . "</a><br />Your Login: <b>" . $ulogin . "</b><br />Your password: <b>" . $repass . "</b><br />" . $enactlink . "<br /><br />Sincerely, administration of the project " . $cfgURL;
mail($email, $subject, $text, $headers);
$ulogin = "";
alert(\'Error link\');
top.location.href=\'/\';
//-->
</script>';
} else {
$query = "SELECT `login`, `mail` FROM `users` WHERE `mail` = '" . $m . "' LIMIT 1";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
if (!$row['mail']) {
print '<script language="JavaScript">
<!--
alert(\'No mail\');
top.location.href=\'/\';
//-->
</script>';
} elseif ($h != gs_md5($licKEY, $row['login'] . $row['mail'])) {
print '<script language="JavaScript">
<!--
alert(\'Error activate link\');
top.location.href=\'/\';
//-->
</script>';
} else {
mysql_query('UPDATE `users` SET `active` = 0 WHERE `mail` = "' . $row['mail'] . '" LIMIT 1');
print '<html><head><script language="JavaScript">
<!--
top.location.href=\'/login/?activate=yes\';
//-->
</script></head><body></body>';
}
}
