<?php 
if (!isset($_GET['mobile'])) {
    ?>
<a href="/" class="btn btn-primary pull-right" value="Register" ><i class="fa fa-ban"></i> Cancel</a><?php 
}
?>
    								
							</div>
						</div>
					</form>
					
					<?php 
if (isset($_POST['username']) && isset($_POST['g-recaptcha-response'])) {
    if (isValid()) {
        if (strlen($_POST['username']) >= 8) {
            if (strlen($_POST['phone']) == countDigits($_POST['phone'])) {
                $con = mysqli_connect("localhost", "root", "PASS", "secure_login");
                if (mysqli_connect_errno()) {
                    die('Could not connect: ' . mysqli_connect_error());
                }
                $result = mysqli_query($con, "SELECT username FROM members WHERE username='******'username'] . "'");
                if (mysqli_num_rows($result) == 0) {
                    $result = mysqli_query($con, "SELECT email FROM members WHERE email='" . strtolower($_POST['email']) . "'");
                    if (mysqli_num_rows($result) == 0) {
                        mysqli_query($con, "INSERT INTO members (username, password, email, phone, salt, recoveryid, recoveryValid) VALUES ('" . $_POST['username'] . "','" . strtoupper(getSalt()) . "','" . strtolower($_POST['email']) . "','" . $_POST['phone'] . "','" . strtoupper(getSalt()) . "','" . generateRandomString(16) . "','" . date("d/m/Y") . "')");
                        send_mail();
                        mysqli_close($con);
                        $pieces = explode("@", $_POST['email']);
                        echo "Thank you for your registration. <br/>";
                        echo "Please check <a href=\"" . $pieces[1] . "\">your email</a> to activate your account.";
                    } else {
Example #2
0
             echo 'ERROR_INVALID_CHARS';
         }
     } else {
         echo 'ERROR_TOO_SHORT';
     }
 } else {
     if (isset($_GET['deleteImei'])) {
         $con = mysqli_connect("localhost", "root", "PASS", "secure_login");
         if (mysqli_connect_errno()) {
             die('Could not connect: ' . mysqli_connect_error());
         }
         mysqli_query($con, "UPDATE `wallets` SET `commandQuery` = 'INTIAL', `userID` = '-1', `walletLabel` = '', `lastKnowLocation` = '', `lastUpdateTime` = '' WHERE `wallets`.`IMEI` = '" . $_GET['deleteImei'] . "'");
         echo 'WALLET_DELETED<br/>' . $_GET['deleteImei'];
     } else {
         if (isset($_GET['addImei'])) {
             if (countDigits($_GET['addImei']) == strlen($_GET['addImei'])) {
                 //Check if IMEI IS ALREADY REGISTERED
                 $con = mysqli_connect("localhost", "root", "PASS", "secure_login");
                 if (mysqli_connect_errno()) {
                     die('Could not connect: ' . mysqli_connect_error());
                 }
                 $resultss = mysqli_fetch_assoc(mysqli_query($con, "SELECT * FROM members WHERE email='" . $result['email'] . "'"));
                 $results = mysqli_fetch_assoc(mysqli_query($con, "SELECT * FROM wallets WHERE IMEI='" . $_GET['addImei'] . "'"));
                 if (isset($results['IMEI']) && $results['userID'] == "-1") {
                     if (strlen($_GET['walletLabel']) < 256) {
                         $qury = "UPDATE `wallets` SET `userID` = '" . $resultss['id'] . "', `walletLabel` = '" . $_GET['walletLabel'] . "', `lastKnowLocation` = 'Location is unknown', `lastUpdateTime` = '00:00:00 1/1/1970' WHERE `wallets`.`IMEI` = '" . $_GET['addImei'] . "'";
                         mysqli_query($con, $qury);
                         echo 'WALLET_ADDED';
                     } else {
                         echo 'WALLET_NAMETOOLONG';
                     }
            if (isset($_POST['imei'])) {
                echo $_POST['imei'];
            }
            ?>
" id="imei" placeholder="IMEI...">
									</div>   <br/>     							

									<div class="form-group">
										<!-- Button -->
										<div class="col-sm-12 controls">
											<button method="post" class="btn btn-primary pull-right"><i class="glyphicon glyphicon-log-in"></i> Add Wallet</button>                          
										</div>
									</div>
									<?php 
            if (isset($_POST['imei']) && isset($_POST['walletLabel'])) {
                if (countDigits($_POST['imei']) == strlen($_POST['imei'])) {
                    //Check if IMEI IS ALREADY REGISTERED
                    $con = mysqli_connect("localhost", "root", "PASS", "secure_login");
                    if (mysqli_connect_errno()) {
                        die('Could not connect: ' . mysqli_connect_error());
                    }
                    $result = mysqli_fetch_assoc(mysqli_query($con, "SELECT * FROM wallets WHERE IMEI='" . $_POST['imei'] . "'"));
                    if (isset($result['IMEI']) && $result['userID'] == "-1") {
                        if (strlen($_POST['walletLabel']) < 256) {
                            $qury = "UPDATE `wallets` SET `userID` = '" . $_SESSION['userID'] . "', `walletLabel` = '" . $_POST['walletLabel'] . "', `lastKnowLocation` = 'Location is unknown', `lastUpdateTime` = '00:00:00 1/1/1970' WHERE `wallets`.`IMEI` = '" . $_POST['imei'] . "'";
                            mysqli_query($con, $qury);
                            header('Location: home_wallet.php?addComplete=');
                        } else {
                            echo 'This label is too long. Please shorten it and try again.';
                        }
                    } else {
Example #4
0
								<div class="input-group">
									<span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
									<input id="confirmnew" type="password" class="form-control" name="confirmnew" value="" placeholder="Confirm...">                                        
								</div>
								
								<div class="form-group">
									<!-- Button -->
									<div class="col-sm-12 controls">
										<a href="http://wallet.stardebris.net/" class="btn btn-primary pull-right"><i class="glyphicon glyphicon-remove"></i> Cancel</a>							
										<button type="submit" name="submit" class="btn btn-primary pull-right"><i class="glyphicon glyphicon-ok"></i> Reset Password</button>  
									</div>
								</div>
								<?php 
            if (isset($_POST['newpassword']) && isset($_POST['confirmnew'])) {
                if ($_POST['newpassword'] == $_POST['confirmnew']) {
                    if (strlen($_POST['newpassword']) >= 8 && countDigits($_POST['newpassword']) >= 1 && countUppercase($_POST['newpassword']) >= 1) {
                        $salt = getSalt();
                        mysqli_query($con, "UPDATE members SET password='******'sha512', strtoupper(hash('sha512', $_POST['newpassword'])) . $salt)) . "' WHERE email=\"" . $result['email'] . "\";");
                        mysqli_query($con, "UPDATE members SET salt='" . $salt . "' WHERE email=\"" . $result['email'] . "\";");
                        echo "Your password has been reset. Try login :)";
                        mysqli_query($con, "UPDATE members SET recoveryValid='1/1/1970' WHERE email=\"" . $result['email'] . "\";");
                        mysqli_query($con, "UPDATE members SET recoveryid='" . generateRandomString(16) . "' WHERE email=\"" . $result['email'] . "\";");
                        header('Location: ../index.php?reset=');
                    } else {
                        echo 'Sorry but this password is not complex enough. Please try a more complex password. (Minimal 8 characters and minimal 1 number and 1 uppercase)';
                    }
                } else {
                    echo 'Passwords do not match! Please try again.';
                }
            }
        } else {
Example #5
0
                    $mail->SetFrom("*****@*****.**", "NOREPLY - StarDebris Customer Support");
                    $mail->Subject = "Wallet Finder Account Recovery";
                    $mail->Body = $emailTemplate;
                    try {
                        $mail->Send();
                        echo "<center>Your request has been send!<br \\>Please check your email. <br \\><br \\>(If you didn't receive any mail then please check your spam folder.)</center>";
                    } catch (Exception $e) {
                        echo "Fail - " . $mail->ErrorInfo;
                    }
                } else {
                    echo '<center>There is no account associated with this email address. Please double check the address.<br />If you continue to experience issues please contact our customer support.</center>';
                }
            } else {
                if (isset($_POST['new_passcode'])) {
                    if (strlen($_POST['new_passcode']) > 4) {
                        if (strlen($_POST['new_passcode']) == countDigits($_POST['new_passcode'])) {
                            $con = mysqli_connect("localhost", "root", "PASS", "secure_login");
                            if (mysqli_connect_errno()) {
                                die('Could not connect: ' . mysqli_connect_error());
                            }
                            mysqli_query($con, "UPDATE members SET passcode='" . $_POST['new_passcode'] . "' WHERE email=\"" . $_SESSION['email'] . "\";");
                            echo 'Your pass-code has been updated.';
                        } else {
                            ?>
									Pass-code contains invalid characters. Please try again. (Valid characters [0-9])<br />
									<?php 
                        }
                    } else {
                        ?>
								Pass-code is too short. Please try again. (Minimal lenght is 5 digits)<br />
								<?php