<?php require "_inc/functions.php"; //Redirect to members page if logged in if ($auth->logged_in) { header("Location: members.php"); } $nonce = new Nonce("register_action"); if (isset($_POST['submit'])) { if (!isset($_POST["nonce"]) || !$nonce->verify($_POST["nonce"])) { die("CSRF detected, knock it off you punk"); } if (!isset($_POST['uname']) || !isset($_POST['password']) || !isset($_POST['fname']) || !isset($_POST['lname'])) { die('<p>You did not fill in a required field. Please go back and try again!</p>'); } if (!$auth->createUser($_POST["uname"], $_POST["password"], $_POST["fname"], $_POST["lname"])) { die("Sorry, can't create user"); } else { $userCreated = true; } } require "_inc/header.php"; ?> <div class="post"> <div class="post-bgtop"> <div class="post-bgbtm"> <h2 class = "title">hackme Registration</h2> <?php if (isset($userCreated)) { ?>
<?php define("MEMBERS_ONLY", true); require "_inc/functions.php"; //if the login form is submitted if (isset($_POST['submit']) && isset($_POST["password"]) && isset($_POST["username"]) && isset($_POST["nonce"])) { $nonce = new Nonce("login_action"); if (!$nonce->verify($_POST["nonce"])) { die("CSRF detected, knock it off you punk"); } $auth->login($_POST["username"], $_POST["password"]); } require "_inc/header.php"; $threads = $auth->query("SELECT * FROM threads ORDER BY date DESC", array(), true); foreach ($threads as $thread) { ?> <div class="post"> <div class="post-bgtop"> <div class="post-bgbtm"> <h2 class="title"> <a href="show.php?pid=<?php echo htmlspecialchars($thread->id); ?> "><?php echo htmlspecialchars($thread->title); ?> </a> </h2> <p class="meta"> <span class="date"><?php echo date('l, d F, Y', htmlspecialchars($thread->date));