if ($sql) { print "<p class=\"erok\">Таблица для логов просмотров страниц - создана!</p>"; } else { print "<p class=\"er\">Не удалось создать таблицу для логов просмотра страниц!</p>"; } $sql = mysql_query("CREATE TABLE `accounting` (\n `id` int(10) NOT NULL auto_increment,\n `date` int(1) NOT NULL default '0',\n `ccat` smallint(1) NOT NULL default '0',\n `description` varchar(100) NOT NULL default '',\n `sum` decimal(10,2) NOT NULL default '0.00',\n `dc` smallint(1) NOT NULL default '0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM"); if ($sql) { print "<p class=\"erok\">Таблица для бухгалтерии - создана!</p>"; } else { print "<p class=\"er\">Не удалось создать таблицу для бухгалтерии!</p>"; } $sql = mysql_query("CREATE TABLE `users` (\n `id` int(1) NOT NULL auto_increment,\n `login` char(20) NOT NULL default '',\n `pass` char(32) NOT NULL default '',\n `mail` char(30) NOT NULL default '',\n `reg_time` int(10) NOT NULL default '0',\n `go_time` int(10) NOT NULL default '0',\n `ip` char(15) NOT NULL default '',\n `status` smallint(1) NOT NULL default '0',\n `comment` char(150) NOT NULL default '',\n `balance` decimal(10,2) NOT NULL default '0.00',\n `bonus` decimal(10,2) NOT NULL default '0.00',\n `bonuslevel` smallint(1) NOT NULL default '0',\n `clx` int(1) NOT NULL default '0',\n `ref` int(1) NOT NULL default '0',\n `ref_money` decimal(10,2) NOT NULL default '0.00',\n `reftop` decimal(10,2) NOT NULL default '0.00',\n `ref_percent` decimal(10,2) NOT NULL default '0.00',\n `pm` char(10) NOT NULL default '',\n `pe` char(50) NOT NULL default '',\n `icq` char(20) default NULL,\n `skype` char(50) default NULL,\n `active` smallint(1) NOT NULL default '0',\n `bot` smallint(1) NOT NULL default '0',\n PRIMARY KEY (`id`),\n KEY `login` (`login`)\n) ENGINE=MyISAM"); if ($sql) { print "<p class=\"erok\">Таблица пользователей - создана!</p>"; // Создаём администраторов $sql = mysql_query("INSERT INTO `users` (`login`, `pass`, `mail`, `reg_time`, `status`) VALUES('" . $login . "', '" . gs_md5($licKEY, $pass) . "', '" . $mail . "', " . time() . ", 1)"); // Закончили создание админов if ($sql) { print "<p class=\"erok\">Администратор - создан!</p>"; } else { print "<p class=\"er\">Не удалось создать администратора!</p>"; } } else { print "<p class=\"er\">Не удалось создать таблицу пользователей!</p>"; } print "<p class=\"er\">Удалите файл install.php!</p>"; } } if (!$_GET['action'] || $_GET['action'] == "install" && $error) { print $error; ?>
} else { if ($pass_1 != $pass_2) { echo '<p class="er">' . $lang['er_11'] . '</p>'; } else { if (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $email)) { print '<p class="er">' . $lang['er_09'] . '!</p>'; } elseif ($pm[0] != 'U' && $pm) { print '<p class="er">' . $lang['er_20'] . '</p>'; } elseif (mysql_num_rows(mysql_query("SELECT pm FROM users WHERE pm = '" . $pm . "' AND id != " . $user_id)) && $pm) { print "<p class=\"er\">" . $lang['er_19'] . "</p>"; } elseif (mysql_num_rows(mysql_query("SELECT mail FROM users WHERE mail = '" . $email . "' AND id != " . $user_id))) { print "<p class=\"er\">" . $lang['er_13'] . "</p>"; } else { $sql = 'UPDATE `users` SET '; if ($pass_1) { $sql .= 'pass = "******", '; } $sql .= 'currency = ' . $currency . ', phone = "' . $phone . '", social = "' . $social . '", bankName = "' . $bankName . '", bankCardNumber = "' . $bankCardNumber . '", bankUserName = "******", mail = "' . $email . '", icq = "' . $icq . '", pm = "' . $pm . '", pe = "' . $pe . '", skype = "' . $skype . '" WHERE id = ' . $user_id . ' LIMIT 1'; if (mysql_query($sql)) { print '<p class="erok">' . $lang['savedata'] . '</p>'; } else { print '<p class="er">' . $lang['erbd'] . '</p>'; } } } } } $sql = 'SELECT * FROM users WHERE login = "******" LIMIT 1'; $rs = mysql_query($sql); $a = mysql_fetch_array($rs); include "tpl/profile.php";
$rs = mysql_query($sql); $a = mysql_fetch_array($rs); $s = $a['status']; if (!$a) { print '<p class="er">' . $lang['er_06'] . '</p>'; } else { $case1 = on; $case2 = on; $case3 = on; $case4 = off; $num1 = 8; $num2 = 1; $newpass = generator($case1, $case2, $case3, $case4, $num1); $text = "<p>Здравствуйте <b>" . $a['login'] . "</b>!</p><p>По Вашей просьбе высылаем новый пароль к аккаунту " . $a['login'] . "<br /><p>Новый пароль: <b>" . $newpass . "</b></p>С Уважением, администрация проекта " . $cfgURL . "<hr /><p>Hello <b>" . $a['login'] . "</b>!</p><p>At your request, send new password to your account " . $a['login'] . "<br /><p>New password: <b>" . $newpass . "</b></p>Sincerely, Administration project <a href=\"http://" . $cfgURL . "\">" . $cfgURL . "</a>"; $subject = "New password / Новый пароль"; $headers = "From: " . $adminmail . "\n"; $headers .= "Reply-to: " . $adminmail . "\n"; $headers .= "X-Sender: < http://" . $cfgURL . " >\n"; $headers .= "Content-Type: text/html; charset=windows-1251\n"; mysql_query("UPDATE `users` SET pass = '******' WHERE login = '******'login'] . "' LIMIT 1"); if (mail($email, $subject, $text, $headers)) { print '<p class="erok">' . $lang['er_07'] . '</p>'; } else { print '<p class="er">' . $lang['er_08'] . '</p>'; } } } else { print '<p class="er">' . $lang['er_09'] . '</p>'; } } include "tpl/reminder.php";
$mail = htmlspecialchars($_POST['mail'], ENT_QUOTES, ''); $ul = htmlspecialchars($_POST['ul'], ENT_QUOTES, ''); $com = htmlspecialchars($_POST['com'], ENT_QUOTES, ''); $pm = htmlspecialchars($_POST['pm'], ENT_QUOTES, ''); $pe = htmlspecialchars($_POST['pe'], ENT_QUOTES, ''); $skype = htmlspecialchars($_POST['skype'], ENT_QUOTES, ''); $icq = htmlspecialchars($_POST['icq'], ENT_QUOTES, ''); $currency = intval($_POST['currency']); $phone = gs_html($_POST['phone']); $social = gs_html($_POST['social']); $bankName = gs_html($_POST['bankName']); $bankCardNumber = gs_html($_POST['bankCardNumber']); $bankUserName = gs_html($_POST['bankUserName']); if ($pass && $repass) { if ($pass == $repass) { mysql_query('UPDATE users SET pass = "******" WHERE id = ' . intval($_GET['id']) . ' LIMIT 1'); } else { print "<p class=\"er\">Пароль не изменён, из-за несовпадения введённых паролей!</p>"; } } if ($mail) { if (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $mail)) { print "<p class=\"er\">Введите правильный e-mail!</p>"; } else { mysql_query('UPDATE users SET currency = ' . $currency . ', phone = "' . $phone . '", social = "' . $social . '", bankName = "' . $bankName . '", bankCardNumber = "' . $bankCardNumber . '", bankUserName = "******", mail = "' . $mail . '", comment = "' . $com . '", balance = balance + ' . sprintf("%01.2f", $_POST['pmbal']) . ', bonus = bonus + ' . sprintf("%01.2f", $_POST['bonus']) . ', pm = "' . $pm . '", pe = "' . $pe . '", skype = "' . $skype . '", icq = "' . $icq . '", ref_percent = ' . sprintf("%01.2f", $_POST['ref_percent']) . ' WHERE id = ' . intval($_GET['id']) . ' LIMIT 1'); print "<p class=\"erok\">Данные сохранены!</p>"; if ($_POST['pmbal'] != 0.0) { mysql_query('INSERT INTO enter (sum, date, login, status, purse, paysys) VALUES ("' . sprintf("%01.2f", $_POST['pmbal']) . '", "' . time() . '", "' . $ul . '", 2, "ADMINISTRATOR", "PerfectMoney")'); } } } else {
<?php defined('ACCESS') or die; $user = trim(gs_html($_POST["user"])); $password = trim($_POST['pass']); $get_pass = mysql_query("SELECT `id`, `login`, `pass`, `status`, `active` FROM `users` WHERE login = '******' LIMIT 1"); $row = mysql_fetch_array($get_pass); $id = $row['id']; $login = $row['login']; $user_password = $row['pass']; $status = $row['status']; $active = $row['active']; if (!$user || !$password) { $er = ""; include "tpl/login.php"; } elseif (gs_md5($licKEY, $password) != $user_password || !$login) { $er = 1; $login = ''; include "tpl/login.php"; } elseif ($status == 4) { print "<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"><script language=\"javascript\">alert('" . $lang['loginblock'] . "'); top.location.href=\"/\";</script></head><body></body></html>"; } elseif ($active != 0) { $er = 2; $login = ''; include "tpl/login.php"; } else { $_SESSION['user'] = $login; $time = time(); mysql_query("UPDATE `users` SET ip = '" . $userip . "', go_time = " . $time . " WHERE login = '******' LIMIT 1"); mysql_query("INSERT INTO `logip` (`user_id`, `ip`, `date`) VALUES (" . $id . ", '" . $userip . "', " . $time . ")"); print "<html><head><script language=\"javascript\">top.location.href=\"/deposits/\";</script></head><body></body></html>";
$pass1 = $_POST['pass']; $pass2 = $_POST['re_pass']; $email = htmlspecialchars($_POST['email'], ENT_QUOTES, ''); if (!$name or !$pass1 or !$pass2 or !$email) { print '<p class="er">Корректно заполните все поля!</p>'; } else { if ($pass1 != $pass2) { print '<p class="er">Пароль и подтерждение не совпадают!</p>'; } elseif (!preg_match("/^[a-z0-9_.-]{1,20}@(([a-z0-9-]+\\.)+(com|net|org|mil|edu|gov|arpa|info|biz|[a-z]{2})|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\$/is", $email)) { print "<p class=\"er\">Введите правильно e-mail!</p>"; } else { $sql = 'SELECT `login` FROM `users` WHERE `login` = "' . $name . '"'; if (mysql_num_rows(mysql_query($sql))) { print '<p class="er">Пользователь с таким именем уже существует!</p>'; } else { $sql = 'INSERT INTO `users` (`login`, `go_time`, `ip`, `pass`, `mail`, `reg_time`) VALUES ("' . $name . '", ' . time() . ', "' . $userip . '", "' . gs_md5($licKEY, $pass1) . '", "' . $email . '", ' . time() . ')'; if (mysql_query($sql)) { print '<p class="erok">Создание пользователя прошло успешно!</p>'; } else { print '<p class="er">Ошибка записи в БД!</p>'; } } } } } // Закончили создавать $money = 0.0; $query = "SELECT `balance` FROM `users`"; $result = mysql_query($query); while ($row = mysql_fetch_array($result)) { $money = $money + $row['balance'];
} else { $time = time(); $ip = $userip; $pass = gs_md5($licKEY, $pass); if ($referal) { $get_user_info = mysql_query("SELECT * FROM `users` WHERE `login` = '" . $referal . "' LIMIT 1"); $row = mysql_fetch_array($get_user_info); $ref_id = intval($row['id']); } else { $ref_id = 1; //admin id } if (cfgSET('cfgMailConf') == "on") { $active = 1; $actlink = "Ваша ссылка для активации аккаунта: http://" . $cfgURL . "/activate.php?m=" . $email . "&h=" . gs_md5($licKEY, $ulogin . $email); $enactlink = "Your link to activate your account: http://" . $cfgURL . "/activate.php?m=" . $email . "&h=" . gs_md5($licKEY, $ulogin . $email); } else { $active = 0; $actlink = ""; $enactlink = ""; } $sql = "INSERT INTO `users` (`login`, `pass`, `mail`, `go_time`, `ip`, `reg_time`, `ref`, `pm`, `active`, `skype`, `icq`, `pe`, `bonus`) VALUES ('" . $ulogin . "', '" . $pass . "', '" . $email . "', " . $time . ", '" . $ip . "', " . $time . ", " . $ref_id . ", '" . $pm . "', " . $active . ", '" . $skype . "', '" . $icq . "', '" . $pe . "', " . cfgSET('cfgBonusReg') . ")"; mysql_query($sql); $subject = "Registration Info / Регистрационная информация"; $headers = "From: " . $adminmail . "\n"; $headers .= "Reply-to: " . $adminmail . "\n"; $headers .= "X-Sender: < http://" . $cfgURL . " >\n"; $headers .= "Content-Type: text/html; charset=windows-1251\n"; $text = "Здравствуйте <b>" . $ulogin . "!</b><br />Поздравляем Вас с успешной регистрацией в проекте <a href=\"http://" . $cfgURL . "/\" target=\"_blank\">http://" . $cfgURL . "</a><br />Ваш Login: <b>" . $ulogin . "</b><br />Ваш пароль: <b>" . $repass . "</b><br />" . $actlink . "<br /><br />С Уважением, администрация проекта " . $cfgURL . "<hr />Hello <b>" . $ulogin . "!</b><br />Congratulations on your successful registration for project <a href=\"http://" . $cfgURL . "/\" target=\"_blank\">http://" . $cfgURL . "</a><br />Your Login: <b>" . $ulogin . "</b><br />Your password: <b>" . $repass . "</b><br />" . $enactlink . "<br /><br />Sincerely, administration of the project " . $cfgURL; mail($email, $subject, $text, $headers); $ulogin = "";
alert(\'Error link\'); top.location.href=\'/\'; //--> </script>'; } else { $query = "SELECT `login`, `mail` FROM `users` WHERE `mail` = '" . $m . "' LIMIT 1"; $result = mysql_query($query); $row = mysql_fetch_array($result); if (!$row['mail']) { print '<script language="JavaScript"> <!-- alert(\'No mail\'); top.location.href=\'/\'; //--> </script>'; } elseif ($h != gs_md5($licKEY, $row['login'] . $row['mail'])) { print '<script language="JavaScript"> <!-- alert(\'Error activate link\'); top.location.href=\'/\'; //--> </script>'; } else { mysql_query('UPDATE `users` SET `active` = 0 WHERE `mail` = "' . $row['mail'] . '" LIMIT 1'); print '<html><head><script language="JavaScript"> <!-- top.location.href=\'/login/?activate=yes\'; //--> </script></head><body></body>'; } }