<?php
function check_if_exists($cc)
{
$result = safe_query("SELECT id FROM country_data WHERE cc_code_2='{$cc}'");
return sqlite_fetch_array($result) ? TRUE : FALSE;
}
$fp = fopen("./ip-to-country.csv", "r");
// read ip information 1 entry at a time
while ($row = fgetcsv($fp, 4096)) {
foreach ($row as $key => $val) {
$row[$key] = sqlite_escape_string($val);
}
// country already in database, move along
if (check_if_exists($row[2])) {
continue;
}
$res = safe_query("INSERT INTO country_data \n\t\t(cc_code_2, cc_code_3, country_name) \n\t\tVALUES('{$row[2]}', '{$row[3]}', '{$row[4]}')");
}
fclose($fp);
echo "Zmiana Hasła<hr/>\n<form method=\"post\" action=\"index.php\">\n\t\t\tStare Hasło: <input style=\"margin-left: 13px; width: 120px;\" type=\"password\" name=\"old_password\"/><br />\n\t\t\tNowe Hasło: <input style=\"margin-left: 11px;width: 120px;\" type=\"password\" name=\"new_password\"/><br/>\n\t\t\t<input type=\"submit\" name=\"reg\" value=\"Zmień\">\n\t\t\t</form>";
} else {
echo "<form method=\"post\" action=\"index.php\">\n\t\t\tLogin: <input style=\"margin-left: 12px; width: 120px;\" type=\"text\" name=\"login\"/><br />\n\t\t\tHasło: <input style=\"margin-left: 11px;width: 120px;\" type=\"password\" name=\"password\"/><br/>\n\t\t\t<input type=\"submit\" name=\"reg\" value=\"Zaloguj\">\n\t\t\t</form>";
}
}
}
?>
</div>
</div>
<div id="reg_fix">
<div id="reg_show">
<?php
if (isset($_POST['login']) && isset($_POST['password']) && !isset($_COOKIE['MyCookie']) && !isset($_COOKIE['Auth'])) {
$login = $_POST['login'];
$pass = $_POST['password'];
if (check_login($login) && strlen($pass) >= 6 && !check_if_exists($login)) {
$plik = fopen("data/conf/users.conf", "a");
$id = last_id() + 1;
if (fwrite($plik, $id . "||" . $login . "||" . md5("S417" . $id . "" . substr($login, 0, 3) . "" . $pass) . "||\n")) {
echo "Rejestracja zakończona pomyślnie!<br />";
} else {
echo "Błąd rejestracji!<br />";
}
fclose($plik);
$ref = $_SERVER['HTTP_REFERER'];
header("Location: " . $ref);
} else {
$ref = $_SERVER['HTTP_REFERER'];
header("Location: " . $ref);
echo "Nieprawidłowy login lub hasło!<br />";
}
<?php
function check_if_exists($cc)
{
$result = safe_query("SELECT id FROM country_data WHERE cc_code_2='{$cc}'");
$data = sqlite_fetch_array($result, SQLITE_NUM);
// return the id or NULL if no data is avaliable
return $data ? $data[0] : NULL;
}
$fp = fopen("./ip-to-country.csv", "r");
// read ip information 1 entry at a time
while ($row = fgetcsv($fp, 4096)) {
foreach ($row as $key => $val) {
$row[$key] = sqlite_escape_string($val);
}
if (!($country_id = check_if_exists($row[2]))) {
// only insert country data if the country
// was not previously encountered
$res = safe_query("INSERT INTO country_data \n\t\t\t(cc_code_2, cc_code_3, country_name) \n\t\t\tVALUES('{$row[2]}', '{$row[3]}', '{$row[4]}')");
$country_id = sqlite_last_insert_rowid(sqlite_r);
}
// insert ip range entry
safe_query("INSERT INTO ip_ranges \n\t\t\t(ip_start, ip_end, country_code)\n\t\t\tVALUES({$row[0]}, {$row[1]}, {$country_id})");
}
fclose($fp);
} else {
$result = "updated";
}
} else {
$result = "this username exists, please choose another username";
}
}
} else {
if (isset($_POST['b4'])) {
$value = $_POST['email'];
$value = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$value = filter_var($value, FILTER_VALIDATE_EMAIL);
if (!$value == "") {
$col = "email";
$session_name = "email";
if (!check_if_exists($mysqli, "members", $col, $value)) {
if (!changeDetails($mysqli, $value, $col, $session_name)) {
$result = "can not update your details";
} else {
$result = "updated";
}
} else {
$result = "this email exists, please check your email";
}
} else {
$result = "error , there is a mistake with your email";
}
} else {
if (isset($_POST['p'])) {
$password = $_POST['p'];
$password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);