} else { event_log_log('classic_reg_form_sign_up'); /* Input from user is OK, create rows in required tables */ $query = 'INSERT INTO login(username, password, regtimestamp, regip, lastlogon) '; $query .= 'VALUES ("' . $_POST['username'] . '", "' . md5(utf8_decode($_POST['password'])) . '", "'; $query .= time() . '", "' . $_SERVER['REMOTE_ADDR'] . '", "")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $user_id = mysql_insert_id(); $query = 'INSERT INTO userinfo (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $query = 'INSERT INTO traffa (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $query = 'INSERT INTO preferences (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); /* Rows created, log on the user */ login_dologin($_POST['username'], $_POST['password']); /* Redirect to welcome page asking the user for more information */ jscript_alert('Du kan numera känna dig som en riktig Hamsterpajare!\\nVi loggar in dig på ditt konto nu.'); jscript_location('/registered.php'); } } else { regform_header_p13(); regform_header_welcome(); register_form(); event_log_log('classic_reg_form_load'); } ui_bottom(); ?>
require '../include/core/common.php'; if (!is_privilegied('use_ghosting_tools') && !isset($_SESSION['ghost'])) { die('Move along...'); } $allow_ghost = array('borttagen', strtolower($_SESSION['login']['username']), '-johan', 'ace', 'heggan', 'joel', 'soode'); if (isset($_GET['username'], $_GET['reason']) && !in_array(strtolower($_GET['username']), $allow_ghost)) { $query = 'SELECT id, username FROM login WHERE username LIKE "' . $_GET['username'] . '"'; $result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); if (mysql_num_rows($result) == 1) { trace('ghosted_users', $_GET['username'] . ' (userid ) ghosted by ' . $_SESSION['login']['username'] . ' (userid ' . $_SESSION['login']['id'] . '). Reason: ' . $_GET['reason']); $_SESSION = array(); session_destroy(); session_start(); session_regenerate_id(); var_dump(login_dologin(array('username' => $_GET['username'], 'method' => 'ghost'))); } else { $output .= 'Användaren hittades inte.' . "\n"; } } else { $output .= '<form action="' . $_SERVER['PHP_SELF'] . '" method="get">' . "\n"; $output .= '<h2>Varför ghostar du personen?</h2>' . "\n"; $output .= '<p>' . "\n"; $output .= '<label for="reason_fld">Alla ghostningar <strong>måste</strong> ha en anledning:</label><br />' . "\n"; $output .= '<textarea name="reason"></textarea><br />' . "\n"; $output .= '</p>' . "\n"; $output .= '<h2>Vem vill du ghosta?</h2>' . "\n"; $output .= '<p>' . "\n"; $output .= '<label for="username_fld">Användare att ghosta:</label><br />'; $output .= '<input type="text" name="username" id="username_fld" />' . "\n"; $output .= '</p>' . "\n";
require '../include/core/common.php'; if (!is_privilegied('use_ghosting_tools') && !isset($_SESSION['ghost'])) { die('Move along...'); } $allow_ghost = array('borttagen', strtolower($_SESSION['login']['username']), '-johan', 'ace', 'heggan', 'joel', 'soode'); if (isset($_GET['username'], $_GET['reason']) && !in_array(strtolower($_GET['username']), $allow_ghost)) { $query = 'SELECT id, username FROM login WHERE username LIKE "' . $_GET['username'] . '"'; $result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); if (mysql_num_rows($result) == 1) { trace('ghosted_users', $_GET['username'] . ' (userid ) ghosted by ' . $_SESSION['login']['username'] . ' (userid ' . $_SESSION['login']['id'] . '). Reason: ' . $_GET['reason']); $_SESSION = array(); session_destroy(); session_start(); session_regenerate_id(); $login_options['ghost'] = true; var_dump(login_dologin($_GET['username'], NULL, $login_options)); // $output .= in_array(login_dologin($_GET['username'], NULL, $login_options), array(true, 1), true) ? 'Ghostningen lyckades!' : 'Ghostningen misslyckades.'; } else { $output .= 'Användaren hittades inte.' . "\n"; } } else { $output .= '<form action="' . $_SERVER['PHP_SELF'] . '" method="get">' . "\n"; $output .= '<h2>Varför ghostar du personen?</h2>' . "\n"; $output .= '<p>' . "\n"; $output .= '<label for="reason_fld">Alla ghostningar <strong>måste</strong> ha en anledning:</label><br />' . "\n"; $output .= '<textarea name="reason"></textarea><br />' . "\n"; $output .= '</p>' . "\n"; $output .= '<h2>Vem vill du ghosta?</h2>' . "\n"; $output .= '<p>' . "\n"; $output .= '<label for="username_fld">Användare att ghosta:</label><br />'; $output .= '<input type="text" name="username" id="username_fld" />' . "\n";
<?php require '../include/core/common.php'; if (isset($_POST['username'], $_POST['password'])) { try { login_dologin(array('username' => $_POST['username'], 'password' => $_POST['password'], 'method' => 'username_and_password')); if (strpos($_SERVER['HTTP_REFERER'], 'login.php') !== false) { header('Location: /index.php'); } else { if (strlen($_SERVER['HTTP_REFERER']) > 5) { header('Location: ' . $_SERVER['HTTP_REFERER']); } else { header('Location: /index.php'); } } exit; } catch (Exception $error) { $ui_options['title'] = 'Inloggningen misslyckades.'; ui_top($ui_options); echo '<h1>Ett fel inträffade när du skulle logga in!</h1>' . "\n"; echo $error->getMessage(); ui_bottom(); } }
$userid = db_insert("users", $data, TRUE); if (!$employee) { $accountData = array("userid" => $userid, "balance" => "10000"); // We are generous and are giving everyone so much money! db_insert("accounts", $accountData); } pb_replace_all("main", "doregister_success.html"); } } } break; case "_dologin": $getUsersForName = function ($email) { return db_queryWith("SELECT userid,email,isEmployee,credentials FROM users WHERE isVerified = 1 AND (email = :email)", array("email" => $email)); }; $success = login_dologin($_POST, $getUsersForName); if ($success !== 0) { pb_replace_all("main", "dologin_fail.html"); pb_replace_with("ERRORCODE", $success); } else { pb_replace_all("main", "dologin_success.html"); if (login_privileges() === 1) { header("Location: index.php?page=uhome"); } if (login_privileges() === 2) { header("Location: index.php?page=ehome"); } } break; case "uhome": $userid = login_userid();