<div class='col-rs-2'>
<label class='form-label' style='margin-left: -5px'>Username:</label>
</div>
<div class='col-rs-10 ns'>
<input type='text' class='input' name='username'>
</div>
</div>
<div class='form'>
<div class='col-rs-2'>
<label class='form-label' style='margin-left: -5px'>Password:</label>
</div>
<div class='col-rs-10 ns'>
<input type='password' class='input' name='password'>
<?php
if (isset($_GET["action"]) && strtolower($_GET["action"]) == "login") {
if ($api->isPlayerRegistered($_POST["username"]) && $api->getPlayerData($_POST["username"])["password"] == hash($api->getPasswordHash(), $_POST["password"])) {
$_SESSION["login"] = $_POST["username"];
header("Location: account.php");
} else {
echo "<p class='hint out-error'>Wrong username or password</p>";
}
}
?>
</div>
</div>
<br>
<div class='col-rs-12 ns alignment-right'>
<input class='button button-primary' type='submit' value="Login">
</div>
</form>
<?php
<div class='col-rs-3'>
<label class='form-label' style='margin-left: -5px'>Password:</label>
</div>
<div class='col-rs-9 ns'>
<input type='password' class='input' name='password'>
</div>
</div>
<div class='form'>
<div class='col-rs-3'>
<label class='form-label' style='margin-left: -5px'>Confirm password:</label>
</div>
<div class='col-rs-9 ns'>
<input type='password' class='input' name='cpassword'>
<?php
if (isset($_GET["action"]) && strtolower($_GET["action"]) == "register" && isset($_POST["username"]) && isset($_POST["password"])) {
if (!$api->isPlayerRegistered($_POST["username"])) {
if ($_POST["password"] == $_POST["cpassword"]) {
if (preg_match('/\\s/', $_POST["password"]) == 0) {
if (strlen($_POST["password"]) <= $config["min-password-length"]) {
echo "<div class='hint out-error'>Password too short</div>";
} elseif (strlen($_POST["password"]) >= $config["max-password-length"]) {
echo "<div class='hint out-error'>Password too long</div>";
} else {
$api->registerPlayer($_POST["username"], $_POST["password"], $_SERVER['REMOTE_ADDR'], time() * 1000, time() * 1000);
$_SESSION["login"] = $_POST["username"];
header("Location: account.php");
}
} else {
echo "<div class='hint out-error'>Password can't contain spaces</div>";
}
} else {
</div>
</div>
<?php
} elseif ($api_status == ServerAuthWebAPI::ERR_OUTDATED_WEBAPI) {
?>
<div class='panel'>
<div class='panel-header'>
<div class='panel-title'><i class='fa fa-exclamation-circle'></i> Outdated WebAPI Error</div>
</div>
<div class='panel-content'>
<div class='alert alert-error square' style='margin-bottom: 0'><i class='fa fa-exclamation-circle'></i> ServerAuth Web API is outdated. Please update it.</div>
</div>
</div>
<?php
} else {
if (!$api->isPlayerRegistered($_SESSION["login"])) {
session_destroy();
header("Location: index.php");
}
if ($config["allow-show-info"]) {
?>
<div class='panel panel-info'>
<div class='panel-header'>
<div class='panel-title'><i class='fa fa-info-circle'></i> Account Info</div>
</div>
<div class='panel-content'>
<?php
echo "<h4><b>Username:</b> " . $_SESSION["login"] . "</h4>";
echo "<h4><b>IP Address:</b> " . $api->getPlayerData($_SESSION["login"])["ip"] . "</h4>";
echo "<h4><b>Registration date:</b> " . date("d/m/Y H:i:s", $api->getPlayerData($_SESSION["login"])["firstlogin"] / 1000) . "</h4>";
echo "<h4><b>Last login:</b> " . date("d/m/Y H:i:s", $api->getPlayerData($_SESSION["login"])["lastlogin"] / 1000) . "</h4>";
$api = new ServerAuthWebAPI($config["db_host"], $config["db_port"], $config["db_username"], $config["db_password"], $config["db_database"], $config["db_table_prefix"]);
$api_status = $api->getStatus();
if ($api_status == ServerAuthWebAPI::ERR_MYSQL) {
echo "<div class='alert alert-error square'><i class='fa fa-exclamation-circle'></i> <b>MySQL Error:</b> " . $api->getDatabase()->connect_error . "</div>";
} elseif ($api_status == ServerAuthWebAPI::ERR_OUTDATED_PLUGIN) {
echo "<div class='alert alert-error square'><i class='fa fa-exclamation-circle'></i> ServerAuth plugin is outdated. Please update it.</div>";
} elseif ($api_status == ServerAuthWebAPI::ERR_OUTDATED_WEBAPI) {
echo "<div class='alert alert-error square'><i class='fa fa-exclamation-circle'></i> ServerAuth Web API is outdated. Please update it.</div>";
}
}
?>
<?php
echo "<div class='alert alert-info square'><i class='fa fa-info-circle'></i> Welcome, <b>" . $_SESSION["admin_login"] . "</b>.</div>";
if (isset($_GET["action"]) && isset($_GET["account"]) && strtolower($_GET["action"]) == "delete") {
if ($api_status == ServerAuthWebAPI::SUCCESS) {
if ($api->isPlayerRegistered($_GET["account"])) {
echo "<div class='alert alert-success square'><button class='close'><span class='fa fa-close'></span></button><i class='fa fa-info-circle'></i> <b>" . $_GET["account"] . "</b> account deleted!</div>";
$api->unregisterPlayer($_GET["account"]);
} else {
echo "<div class='alert alert-error square'><button class='close'><span class='fa fa-close'></span></button><i class='fa fa-exclamation-circle'></i> Account <b>" . $_GET["account"] . "</b> not found.</div>";
}
} else {
echo "<div class='alert alert-error square'><button class='close'><span class='fa fa-close'></span></button><i class='fa fa-exclamation-circle'></i> Can't delete <b>" . $_GET["account"] . "</b>. An error has occurred.</div>";
}
}
if (isset($_GET["action"]) && strtolower($_GET["action"]) == "chuserpass" && isset($_GET["user"]) && isset($_POST["new_password"])) {
if ($api_status == ServerAuthWebAPI::SUCCESS) {
if ($api->isPlayerRegistered($_GET["user"])) {
if (preg_match('/\\s/', $_POST["new_password"]) == 0) {
if (strlen($_POST["new_password"]) <= $config["min-password-length"]) {
echo "<div class='alert alert-error square'><button class='close'><span class='fa fa-close'></span></button><i class='fa fa-exclamation-circle'></i> Password for <b>" . $_GET["user"] . "</b> account too short!</div>";
