} else {
event_log_log('classic_reg_form_sign_up');
/* Input from user is OK, create rows in required tables */
$query = 'INSERT INTO login(username, password, regtimestamp, regip, lastlogon) ';
$query .= 'VALUES ("' . $_POST['username'] . '", "' . md5(utf8_decode($_POST['password'])) . '", "';
$query .= time() . '", "' . $_SERVER['REMOTE_ADDR'] . '", "")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$user_id = mysql_insert_id();
$query = 'INSERT INTO userinfo (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO traffa (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO preferences (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
/* Rows created, log on the user */
login_dologin($_POST['username'], $_POST['password']);
/* Redirect to welcome page asking the user for more information */
jscript_alert('Du kan numera känna dig som en riktig Hamsterpajare!\\nVi loggar in dig på ditt konto nu.');
jscript_location('/registered.php');
}
} else {
regform_header_p13();
regform_header_welcome();
register_form();
event_log_log('classic_reg_form_load');
}
ui_bottom();
?>
require '../include/core/common.php';
if (!is_privilegied('use_ghosting_tools') && !isset($_SESSION['ghost'])) {
die('Move along...');
}
$allow_ghost = array('borttagen', strtolower($_SESSION['login']['username']), '-johan', 'ace', 'heggan', 'joel', 'soode');
if (isset($_GET['username'], $_GET['reason']) && !in_array(strtolower($_GET['username']), $allow_ghost)) {
$query = 'SELECT id, username FROM login WHERE username LIKE "' . $_GET['username'] . '"';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
if (mysql_num_rows($result) == 1) {
trace('ghosted_users', $_GET['username'] . ' (userid ) ghosted by ' . $_SESSION['login']['username'] . ' (userid ' . $_SESSION['login']['id'] . '). Reason: ' . $_GET['reason']);
$_SESSION = array();
session_destroy();
session_start();
session_regenerate_id();
var_dump(login_dologin(array('username' => $_GET['username'], 'method' => 'ghost')));
} else {
$output .= 'Användaren hittades inte.' . "\n";
}
} else {
$output .= '<form action="' . $_SERVER['PHP_SELF'] . '" method="get">' . "\n";
$output .= '<h2>Varför ghostar du personen?</h2>' . "\n";
$output .= '<p>' . "\n";
$output .= '<label for="reason_fld">Alla ghostningar <strong>måste</strong> ha en anledning:</label><br />' . "\n";
$output .= '<textarea name="reason"></textarea><br />' . "\n";
$output .= '</p>' . "\n";
$output .= '<h2>Vem vill du ghosta?</h2>' . "\n";
$output .= '<p>' . "\n";
$output .= '<label for="username_fld">Användare att ghosta:</label><br />';
$output .= '<input type="text" name="username" id="username_fld" />' . "\n";
$output .= '</p>' . "\n";
require '../include/core/common.php';
if (!is_privilegied('use_ghosting_tools') && !isset($_SESSION['ghost'])) {
die('Move along...');
}
$allow_ghost = array('borttagen', strtolower($_SESSION['login']['username']), '-johan', 'ace', 'heggan', 'joel', 'soode');
if (isset($_GET['username'], $_GET['reason']) && !in_array(strtolower($_GET['username']), $allow_ghost)) {
$query = 'SELECT id, username FROM login WHERE username LIKE "' . $_GET['username'] . '"';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
if (mysql_num_rows($result) == 1) {
trace('ghosted_users', $_GET['username'] . ' (userid ) ghosted by ' . $_SESSION['login']['username'] . ' (userid ' . $_SESSION['login']['id'] . '). Reason: ' . $_GET['reason']);
$_SESSION = array();
session_destroy();
session_start();
session_regenerate_id();
$login_options['ghost'] = true;
var_dump(login_dologin($_GET['username'], NULL, $login_options));
// $output .= in_array(login_dologin($_GET['username'], NULL, $login_options), array(true, 1), true) ? 'Ghostningen lyckades!' : 'Ghostningen misslyckades.';
} else {
$output .= 'Användaren hittades inte.' . "\n";
}
} else {
$output .= '<form action="' . $_SERVER['PHP_SELF'] . '" method="get">' . "\n";
$output .= '<h2>Varför ghostar du personen?</h2>' . "\n";
$output .= '<p>' . "\n";
$output .= '<label for="reason_fld">Alla ghostningar <strong>måste</strong> ha en anledning:</label><br />' . "\n";
$output .= '<textarea name="reason"></textarea><br />' . "\n";
$output .= '</p>' . "\n";
$output .= '<h2>Vem vill du ghosta?</h2>' . "\n";
$output .= '<p>' . "\n";
$output .= '<label for="username_fld">Användare att ghosta:</label><br />';
$output .= '<input type="text" name="username" id="username_fld" />' . "\n";
<?php
require '../include/core/common.php';
if (isset($_POST['username'], $_POST['password'])) {
try {
login_dologin(array('username' => $_POST['username'], 'password' => $_POST['password'], 'method' => 'username_and_password'));
if (strpos($_SERVER['HTTP_REFERER'], 'login.php') !== false) {
header('Location: /index.php');
} else {
if (strlen($_SERVER['HTTP_REFERER']) > 5) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: /index.php');
}
}
exit;
} catch (Exception $error) {
$ui_options['title'] = 'Inloggningen misslyckades.';
ui_top($ui_options);
echo '<h1>Ett fel inträffade när du skulle logga in!</h1>' . "\n";
echo $error->getMessage();
ui_bottom();
}
}
$userid = db_insert("users", $data, TRUE);
if (!$employee) {
$accountData = array("userid" => $userid, "balance" => "10000");
// We are generous and are giving everyone so much money!
db_insert("accounts", $accountData);
}
pb_replace_all("main", "doregister_success.html");
}
}
}
break;
case "_dologin":
$getUsersForName = function ($email) {
return db_queryWith("SELECT userid,email,isEmployee,credentials FROM users WHERE isVerified = 1 AND (email = :email)", array("email" => $email));
};
$success = login_dologin($_POST, $getUsersForName);
if ($success !== 0) {
pb_replace_all("main", "dologin_fail.html");
pb_replace_with("ERRORCODE", $success);
} else {
pb_replace_all("main", "dologin_success.html");
if (login_privileges() === 1) {
header("Location: index.php?page=uhome");
}
if (login_privileges() === 2) {
header("Location: index.php?page=ehome");
}
}
break;
case "uhome":
$userid = login_userid();
