Exemplo n.º 1
0
function check_cust_login()
{
    if (!empty($_SESSION)) {
        if (isset($_SESSION["cust_login"])) {
            if ($_SESSION["cust_login"] === true) {
                $cust_email = $_SESSION["cust_email"];
                $cust_email = trim($cust_email);
                $cust_email = stripslashes($cust_email);
                $cust_email = htmlspecialchars($cust_email);
                if (check_email_exist($cust_email) === true) {
                    if (check_cust_suspension($cust_email) === false) {
                        return true;
                    } else {
                        return false;
                    }
                } else {
                    return false;
                }
            } else {
                return false;
            }
        } else {
            return false;
        }
    } else {
        return false;
    }
}
Exemplo n.º 2
0
include 'functions/global_functions.php';
$_error = '';
if (!isset($_POST['Username']) || !isset($_POST['Password']) || !isset($_POST['RepeatPassword']) || !isset($_POST['Email']) || !isset($_POST['RepeatEmail']) || !isset($_POST['Country']) || !isset($_POST['Age']) || !isset($_POST['foundus']) || !isset($_POST['robot1']) || !isset($_POST['robot2'])) {
    $_error = $_error . 'regerror=1&errtype=';
    header('Location: ../register?' . $_error);
} else {
    if (check_user_exist($_POST['Username']) > 0) {
        $_error = $_error . 'A';
    }
    if (strlen($_POST['Username']) < 3) {
        $_error = $_error . 'B';
    }
    if (strlen($_POST['Password']) < 8) {
        $_error = $_error . 'C';
    }
    if (check_email_exist($_POST['Email']) > 0) {
        $_error = $_error . 'D';
    }
    if (strlen($_POST['Email']) < 10) {
        $_error = $_error . 'E';
    }
    if (strlen($_POST['Country']) < 2) {
        $_error = $_error . 'F';
    }
    if (strlen($_POST['Age']) < 2) {
        $_error = $_error . 'G';
    }
    if (strlen($_POST['foundus']) < 5) {
        $_error = $_error . 'H';
    }
    if (strlen($_POST['robot1']) < 1) {
Exemplo n.º 3
0
                unset($_GET);
            }
            $alert = 'Invalid point of entry';
        } else {
            $GET_email = htmlspecialchars($_GET["email"]);
            if (check_email_exist($GET_email) === true && check_email_confirmed($GET_email) === false) {
                if (send_confirm_email_again($GET_email) === true) {
                    $content = "<h3>Another confirmation email has been sent to " . $GET_email . "</h3>\n\t\t\t\t\t\t\t  <p>Please confirm your email by clicking the link provided inside the email before proceeding to login</p>\n\t\t\t\t\t\t\t  <p>If you haven't received the email, please allow up to 30 minutes for it to arrive and also check your Junk Mail folder.</p>\n\t\t\t\t\t\t\t  <div class='notice_box'><h4>*** Important Notice ***</h4>\n\t\t\t\t\t\t\t  <p>To prevent any possible abuse, we only allow up to 5 confirmation emails to be sent per email address.</p>\n\t\t\t\t\t\t\t  </div>\n\t\t\t\t\t\t\t  <h4>Having problem confirming your email address?</h4>\n\t\t\t\t\t\t\t  <p>Please give us a call at 1 (562) 860-6108 or <a href='https://www.nayadathai.com/send_comment.php?direction=developer'>submit an email to us</a></p>";
                    $content .= '
							  <h4>Still didn\'t get our email?</h4>
							  <p><a class="show_wait_box" href="confirm_email.php?action=again&email=' . $GET_email . '">Click here to let us send the confirmation email to you again<a></p>';
                } else {
                    $content = "<h3>We're sorry, we cannot send any more email to this email addreess</h3>\n\t\t\t\t\t\t\t\t<p>To prevent any possible abuse, we only allow up to 5 confirmation emails to be sent</p>\n\t\t\t\t\t\t\t\t<p>If you encounter any problem confirming your email, Please give us a call at 1 (562) 860-6108 or <a href='https://www.nayadathai.com/send_comment.php?direction=developer'>submit an email to us</a></p>";
                }
                // end else ( if the max limit has been reached )
            } elseif (check_email_exist($GET_email) === true && check_email_confirmed($GET_email) === true) {
                if (isset($_GET)) {
                    unset($_GET);
                }
                $alert = 'This email has already been confirmed';
            } else {
                if (isset($_GET)) {
                    unset($_GET);
                }
                $alert = 'Invalid email address';
            }
            // end else ( if the email has already been confirmed )
        }
        // end else ( if $_GET email is set )
    } else {
        if (isset($_GET)) {
Exemplo n.º 4
0
                $_SESSION["redirect_on_logging_in"] = "https://www.nayadathai.com/send_comment.php";
            }
            $title = "Please login to send comments";
        }
    }
    // end elseif GET["redirect"] is set
}
// end if GET is set
// Evaluate form here
if (isset($_POST["submit"])) {
    if (!isset($_SESSION["cust_login"])) {
        if (clean_input($_POST["submit"]) === "login") {
            if (!empty($_POST["email"]) && !empty($_POST["password"])) {
                $email = clean_input($_POST["email"]);
                $password = clean_input($_POST["password"]);
                if (check_email_exist($email) === true) {
                    if (check_email_confirmed($email) === true) {
                        if (get_cust_single_info($email, "suspension") == 0) {
                            if (check_need_captcha($email) === false) {
                                if (validate_password($email, $password) === true) {
                                    login($email);
                                    if (isset($_SESSION["redirect_on_logging_in"])) {
                                        $location = clean_input($_SESSION["redirect_on_logging_in"]);
                                        unset($_SESSION["redirect_on_logging_in"]);
                                        redirect($location);
                                    } else {
                                        // setup urls
                                        if ($url_set == 1 || $url_set == 2) {
                                            redirect("order.php?tab=2");
                                        } elseif ($url_set == 3) {
                                            redirect("https://www.nayadathai.com/order.php?tab=2");
Exemplo n.º 5
0
function register_user($username, $_new_password, $re_password, $email, $re_email, $country, $age, $foundus, $robot1, $total = 0, $robot2, $checktext = NULL)
{
    $_error = '';
    if (check_user_exist($username) > 0) {
        $_error = $_error . 'A';
    }
    if (strlen($username) < 3) {
        $_error = $_error . 'B';
    }
    if (strlen($_new_password) < 8) {
        $_error = $_error . 'C';
    }
    if (check_email_exist($email) > 0) {
        $_error = $_error . 'D';
    }
    if (strlen($email) < 10) {
        $_error = $_error . 'E';
    }
    if (strlen($country) < 2) {
        $_error = $_error . 'F';
    }
    if (strlen($age) < 2) {
        $_error = $_error . 'G';
    }
    if (strlen($foundus) < 5) {
        $_error = $_error . 'H';
    }
    if (strlen($robot1) < 1) {
        $_error = $_error . 'I';
    }
    if (strlen($robot2) < 1) {
        $_error = $_error . 'J';
    }
    if ($_new_password != $re_password) {
        $_error = $_error . 'K';
    }
    if ($email != $re_email) {
        $_error = $_error . 'L';
    }
    if ($robot1 != $total) {
        $_error = $_error . 'M';
    }
    if (strtoupper($robot2) != $checktext) {
        $_error = $_error . 'N';
    }
    if (strlen($_error) > 0) {
        echo "<script> window.location.href = 'register?regerror=1&errtype={$_error}';</script>";
    } else {
        $encr_password = encrypt($username, $_new_password);
        global $DB_HOST, $DB_USERNAME, $DB_PASSWORD, $DB_AUTH;
        $con = connect($DB_HOST, $DB_USERNAME, $DB_PASSWORD);
        $sql = "INSERT INTO " . $DB_AUTH . ".account (username, sha_pass_hash, email, country, age, foundus) VALUES (?,?,?,?,?,?)";
        if ($stmt = $con->prepare($sql)) {
            $stmt->bind_param("ssssss", $username, $encr_password, $email, $country, $age, $foundus);
            $stmt->execute();
            $stmt->close();
        }
        $con->close();
        //echo "<script> window.location.href = 'inc/success?page=register&user=$username';</script>";
        header('Location: register?success');
    }
}
function register_user($username, $email, $password, $repassword, $humtst = 0, $total = 0)
{
    if ($password != $repassword) {
        echo "<font color='#ff0000;'>Passwords does not match <br></font>";
    } else {
        $new_password = encrypt($username, $password);
    }
    $sql = "INSERT INTO `account` (`username`, `sha_pass_hash`, `email`) VALUES (?,?,?)";
    global $db_ip, $db_user, $db_password, $db_auth;
    $con = connect($db_ip, $db_user, $db_password, $db_auth);
    if (check_user_exist($username) > 0) {
        echo "<font color='#ff0000;'>This username is already in use<br></font>";
    }
    if (check_email_exist($email) > 0) {
        echo "<font color='#ff0000;'>This email is already in use<br></font>";
    }
    if (validate_email($email) == false) {
        echo "<font color='#ff0000;'>This email is not valid, using a valid email will help us to aid you in case of a problem related to your account<br></font>";
    }
    if ($total > 0) {
        if ($humtst != $total) {
            echo "<font color='#ff0000;'>Human verification failed <br></font>";
        } else {
            if (check_user_exist($username) == 0 && check_email_exist($email) == 0) {
                if ($stmt = $con->prepare($sql)) {
                    $stmt->bind_param("sss", $username, $new_password, $email);
                    $stmt->execute();
                    $stmt->close();
                    echo "<script type='text/javascript'>window.location.href = '?success={$username}';</script>";
                }
            } else {
                echo "<font color='#ff0000;'>Please fix the errors and try again</font>";
            }
        }
    } else {
        if (check_user_exist($username) == 0 && check_email_exist($email) == 0 && validate_email($email) != false) {
            if ($stmt = $con->prepare($sql)) {
                $stmt->bind_param("sss", $username, $new_password, $email);
                $stmt->execute();
                $stmt->close();
                echo "<script type='text/javascript'>window.location.href = '?success={$username}';</script>";
            }
        } else {
            echo "<font color='#ff0000;'>Please fix the errors and try again</font>";
        }
    }
    $con->close();
}
Exemplo n.º 7
0
            }
        }
        // end if action === reset
    }
    // end if action is set
}
// end if GET is set
// Evaluate POST values
if (isset($_POST["submit"])) {
    if (clean_input($_POST["submit"]) === "request_reset") {
        if (!empty($_POST["email"])) {
            $cust_email = clean_input($_POST["email"]);
        }
        if (!empty($_POST["email"]) && !empty($_POST['g-recaptcha-response'])) {
            if (validate_captcha($_POST['g-recaptcha-response']) === true) {
                if (check_email_exist($cust_email) === true) {
                    if (prep_reset_password_email($cust_email) === true) {
                        $alert = "An email has been sent to the email address you've entered<br /><br />Please follow the link in the mentioned email to reset your password<br /><br />Please note: If you've requested multiple password resets, only the link in the latest email would work";
                        $appearance = "alert_only";
                        unset($_POST);
                        unset($cust_email);
                    }
                    // end if email is sent
                } else {
                    $alert = "No such email address exists in our database";
                }
                // end else ( if email does not exist )
            } else {
                $alert = "reCAPTCHA validation failed!<br />Please complete reCAPTCHA again";
            }
            // end else