<?php
require "_inc/functions.php";
//Redirect to members page if logged in
if ($auth->logged_in) {
header("Location: members.php");
}
$nonce = new Nonce("register_action");
if (isset($_POST['submit'])) {
if (!isset($_POST["nonce"]) || !$nonce->verify($_POST["nonce"])) {
die("CSRF detected, knock it off you punk");
}
if (!isset($_POST['uname']) || !isset($_POST['password']) || !isset($_POST['fname']) || !isset($_POST['lname'])) {
die('<p>You did not fill in a required field.
Please go back and try again!</p>');
}
if (!$auth->createUser($_POST["uname"], $_POST["password"], $_POST["fname"], $_POST["lname"])) {
die("Sorry, can't create user");
} else {
$userCreated = true;
}
}
require "_inc/header.php";
?>
<div class="post">
<div class="post-bgtop">
<div class="post-bgbtm">
<h2 class = "title">hackme Registration</h2>
<?php
if (isset($userCreated)) {
?>
<?php
define("MEMBERS_ONLY", true);
require "_inc/functions.php";
//if the login form is submitted
if (isset($_POST['submit']) && isset($_POST["password"]) && isset($_POST["username"]) && isset($_POST["nonce"])) {
$nonce = new Nonce("login_action");
if (!$nonce->verify($_POST["nonce"])) {
die("CSRF detected, knock it off you punk");
}
$auth->login($_POST["username"], $_POST["password"]);
}
require "_inc/header.php";
$threads = $auth->query("SELECT * FROM threads ORDER BY date DESC", array(), true);
foreach ($threads as $thread) {
?>
<div class="post">
<div class="post-bgtop">
<div class="post-bgbtm">
<h2 class="title">
<a href="show.php?pid=<?php
echo htmlspecialchars($thread->id);
?>
"><?php
echo htmlspecialchars($thread->title);
?>
</a>
</h2>
<p class="meta">
<span class="date"><?php
echo date('l, d F, Y', htmlspecialchars($thread->date));
