<option value="Enabled">Enabled</option> <option value="Disabled">Disabled</option> <option value="Awaiting Approval">Awaiting Approval</option> </select> <table class="user footable table" cols=7 data-page-size="20" data-filter="#filter"> <thead><tr> <th class="ui-widget-header" colspan=2 data-hide="phone" data-type="alpha">FB ' . $lang['User'] . ' <th class="ui-widget-header" data-type="alpha">' . $lang['Username'] . ' <th class="ui-widget-header" data-hide="phone" data-type="alpha">' . $lang['Email'] . ' <th class="ui-widget-header" data-type="numeric" data-hide="phone">' . $lang['Register'] . ' ' . $lang['Date'] . ' <th class="ui-widget-header" data-type="numeric" data-hide="phone">' . $lang['Last'] . ' ' . $lang['Visit'] . ' <th class="ui-widget-header">' . $lang['Operations'] . '</tr></thead> <tbody>'; foreach ($tempData as $s) { $userOptions = readOptions($s['useroptions']); $userOptions = checkUserOptions($userOptions); if ($hardDemo) { $tempID = $s['userid']; $s['username'] = $s['userid'] = $userOptions['email'] = '[hidden in demo]'; if ($s['fullname']) { $s['fullname'] = substr($s['fullname'], 0, 1) . str_repeat('*', strlen($s['fullname']) - 1); } } $userIdentity = $s['userid'] != '' ? $s['userid'] : $s['username']; if (is_numeric($userIdentity) && $s['userid'] == '') { //fix for all numeric usernames from prev. versions $userIdentity .= "#"; } $message .= "<tr><td data-value='" . $s['fullname'] . "'><img "; if ($hardDemo && $tempID) { $message .= "src='?proxyurl=" . urlencode(encrypt("http://graph.facebook.com/v2.3/" . $tempID . "/picture?redirect=1&height=32&type=normal&width=32")) . "'";
function checkLogin($user, $hashed_pass, $uid = 0) { global $dbName, $adminloggedIn, $loggedIn, $cookie, $warn, $step, $failImg, $lang; global $tempData, $userName, $fullname, $password, $userId, $userToken, $pageData, $groupData, $userOptions, $userIds; global $fb, $hardDemo; if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) { //Is admin Login? $statement = $db->prepare("SELECT * FROM Settings"); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Settings Database opened OK but statement execution failed."); } $tempData = $statement->fetchAll(); if (strcasecmp($user, $tempData[0]['admin']) == 0 && $hashed_pass === md5(decrypt($tempData[0]['adminpass']))) { $adminloggedIn = true; $cookie = base64_encode("{$user}:" . $hashed_pass); setcookie('FBMPGPLogin', $cookie); if (isset($_GET['logs'])) { showLogs(); } elseif (isset($_GET['rg']) && !$hardDemo) { //This refresh is used for Admin Token Install authRedirect(); } elseif (isset($_GET['users'])) { require_once 'includes/showusers.php'; } elseif (isset($_GET['crons'])) { require_once 'includes/showcrons.php'; } elseif (isset($_GET['clogs'])) { if (file_exists($dbName . '-logs.db')) { unlink($dbName . '-logs.db'); } header("Location: ./?logs"); exit; } else { showHTML(include_once 'includes/admin.php', $lang['Admin Panel']); } } } else { showHTML("{$failImg} Failed to open settings database while checking login information. Exiting..."); } if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("SELECT COUNT(*) FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Users Database opened OK but statement execution failed."); } if ($statement->fetchColumn() > 0) { if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\" AND userid = \"{$uid}\""); } else { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); } if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking login information"); } $tempData = $statement->fetchAll(); if (!$tempData) { $warn = $lang['User does not exist']; showLogin(); } $userName = $tempData[0]['username']; $password = decrypt($tempData[0]['password']); $userToken = $tempData[0]['usertoken']; $fullname = $tempData[0]['fullname']; $pageData = $tempData[0]['pagedata']; $groupData = $tempData[0]['groupdata']; $userId = $tempData[0]['userid']; $userOptions = readOptions($tempData[0]['useroptions']); $userOptions = checkUserOptions($userOptions); $userOptions['lastActive'] = time(); saveUserOptions(); if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking id information"); } $tempData = $statement->fetchAll(); } foreach ($tempData as $s) { $userIds[$s['fullname']] = $s['userid']; } } } else { showHTML("{$failImg} Failed to open users database while checking login information. Exiting..."); } if (strcasecmp($user, $userName) != 0 || $hashed_pass != md5($password)) { if (isset($_POST['un'])) { $warn = $lang['Incorrect login info']; } showLogin(); } $cookie = base64_encode("{$userName}:" . md5($password)); $loggedIn = true; }