:</span> <sup>*</sup></td>
<td><input type="text" name="email" class="register" value="<?php
if (isset($cu[5])) {
echo $cu[5];
}
?>
"></td>
</tr>
<tr>
<td width="220"><span class="label"><?php
echo $lang["signup_password"];
?>
:</span> <sup>*</sup></td>
<td><input type="text" name="password" class="register" value="<?php
if (isset($cu[6])) {
echo password_decode($key, $cu[6]);
}
?>
"></td>
</tr>
<tr>
<td width="220"><span class="label"><?php
echo $lang["signup_ip_address"];
?>
:</span></td>
<td><input type="text" name="ip_address" class="register" value="<?php
if (isset($cu[8])) {
echo $cu[8];
}
?>
"></td>
$baseline = "compte inconnu";
}
} else {
$baseline = "email invalide";
}
} else {
$baseline = "formulaire incomplet";
}
} else {
$baseline = "formulaire invalide";
}
}
if (request_confirm('Valid')) {
$baseline = 'Restitution de votre mot de passe';
print_r($_RESQUEST);
if (!empty($_GET)) {
extract(addslashes_r($_GET));
}
if (!empty($_POST)) {
extract(addslashes_r($_POST));
}
$user = get_db('valid_account', $_REQUEST);
if (!empty($user)) {
$Password = password_decode($prefixe_salt . $user['Account_Salt'] . $suffixe_salt, $user['Account_Password']);
$filter = uniqid();
$pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password);
update_db('Caranille_Accounts', array('Account_ID' => $user['Account_ID'], 'Account_Password' => $pswd, 'Account_Salt' => $filter));
$user_record = get_db('request_account', $user);
valid_renew_email($user_record);
}
}
function register_admin()
{
global $bdd, $prefixe_salt, $suffixe_salt;
extract(addslashes_r($_POST));
echo "{$Password} === {$Password_Confirm}<br/>";
if ($Password === $Password_Confirm) {
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$filter = uniqid();
$pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password);
//echo "saisie : $Password<br/>clé : ($prefixe_salt - $filter - $suffixe_salt)=>crypté : $pswd<br/>";
$decode = password_decode($prefixe_salt . $filter . $suffixe_salt, $pswd);
//echo " ctrl :: $decode <br/>";
insert_db('Caranille_Accounts', array('Account_Pseudo' => $Pseudo, 'Account_Password' => $pswd, 'Account_Salt' => $filter, 'Account_Email' => $Email, 'Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_HP_Remaining' => 100, 'Account_Level' => 1, 'Account_Order' => 1, 'Account_Valid' => 1, 'Account_Reason' => 'None', 'Account_Status' => "Authorized", 'Account_Access' => "Admin", 'Account_ID' => 1, 'Account_Guild_ID' => 0, 'Account_HP_Bonus' => 0, 'Account_MP_Remaining' => 10, 'Account_MP_Bonus' => 0, 'Account_Strength_Bonus' => 0, 'Account_Magic_Bonus' => 0, 'Account_Agility_Bonus' => 0, 'Account_Defense_Bonus' => 0, 'Account_Experience' => 0, 'Account_Golds' => 0, 'Account_Notoriety' => 0, 'Account_Chapter' => 1, 'Account_Mission' => 1));
config_game($Email);
return true;
}
return false;
}
function buildEdit($type)
{
switch ($type) {
case "account":
//decode the password in the URL before using in query
$password = password_decode($_GET["password"]);
//Update the User in Users table with OwnerEmail id using the specified get variables
return "UPDATE Users SET FirstName='" . $_GET["firstname"] . "', LastName='" . $_GET["lastname"] . "', Description='" . $_GET["desc"] . "', EventName='" . $_GET["event"] . "', Password='******' WHERE UserEmail='" . $_GET["id"] . "'";
case "event":
//If voting is specified, update only the Ranking field in Events with EventName name and OwnerEmail owner
if ($_GET["voting"]) {
return "UPDATE Events SET Ranking=" . $_GET["voting"] . " WHERE EventName='" . $_GET["name"] . "' and OwnerEmail='" . $_GET["owner"] . "'";
} else {
//update event name in Users table before updating it in Events table
return "UPDATE Users SET EventName='" . $_GET["name"] . "' WHERE EventName='" . $_GET["oldname"] . "';\n\t\t\t\t\t\tUPDATE Events SET EventName='" . $_GET["name"] . "', EventDescription='" . $_GET["desc"] . "' \n\t\t\t\t\t\tWHERE EventName='" . $_GET["oldname"] . "' and OwnerEmail='" . $_GET["owner"] . "'";
}
case "book":
//Update the BookName, Description, and ISBN of Book in Books table with BookID id
return "UPDATE Books SET BookName='" . $_GET["name"] . "', Description='" . $_GET["desc"] . "', ISBN='" . $_GET["isbn"] . "' WHERE BookID='" . $_GET["id"] . "'";
case "group":
//Update the GroupName, Description, and Tag of Group in Groups table with GroupId id
return "UPDATE Groups SET GroupName='" . $_GET["name"] . "', Description='" . $_GET["desc"] . "', Tag='" . $_GET["tag"] . "' \n\t\t\t\t\tWHERE GroupID='" . $_GET["id"] . "'";
default:
return "";
}
}
function formulaire($Account)
{
global $prefixe_salt, $suffixe_salt, $array_access_type;
extract($Account);
?>
<form method="POST" action="<?php
echo get_link("Accounts", "Admin");
?>
">
<table>
<tr><th colspan="3" >Identifiants</th></tr>
<tr><td colspan="3" ><?php
echo line_db("Caranille_Accounts", "Account_Pseudo", $Account_Pseudo);
echo line_db("Caranille_Accounts", "Account_Email", $Account_Email);
echo line_db("Caranille_Accounts", "Account_Password", password_decode($prefixe_salt . $Account_Salt . $suffixe_salt, $Account_Password));
echo line_db("Caranille_Accounts", "Account_Access", $Account_Access);
echo line_db("Caranille_Accounts", "Account_Valid", $Account_Valid);
?>
</td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr><th colspan="3" >Connection</th></tr>
<tr><td colspan="3" ><?php
echo line_db("Caranille_Accounts", "Account_Last_Connection", $Account_Last_Connection);
echo line_db("Caranille_Accounts", "Account_Last_IP", $Account_Last_IP);
echo line_db("Caranille_Accounts", "Account_Last_Connected", $Account_Last_Connected);
?>
</td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr><th colspan="3" >Stats</th></tr>
<tr><th></th><th>Restant</th><th>Bonus</th></tr>
<tr><td>HP</td>
<td><input type="text" name="Account_HP_Remaining" value="<?php
echo $Account_HP_Remaining;
?>
"/></td>
<td><input type="text" name="Account_HP_Bonus" value="<?php
echo $Account_HP_Bonus;
?>
"/></td>
</tr>
<tr><td>MP</td>
<td><input type="text" name="Account_MP_Remaining" value="<?php
echo $Account_MP_Remaining;
?>
"/></td>
<td><input type="text" name="Account_MP_Bonus" value="<?php
echo $Account_MP_Bonus;
?>
"/></td>
</tr>
<tr><td>Force</td><td></td><td><input type="text" name="Account_Strength_Bonus" value="<?php
echo $Account_Strength_Bonus;
?>
"/></td></tr>
<tr><td>Magie</td><td></td><td><input type="text" name="Account_Magic_Bonus" value="<?php
echo $Account_Magic_Bonus;
?>
"/></td></tr>
<tr><td>Agility</td><td></td><td><input type="text" name="Account_Agility_Bonus" value="<?php
echo $Account_Agility_Bonus;
?>
"/></td></tr>
<tr><td>Defense</td><td></td><td><input type="text" name="Account_Defense_Bonus" value="<?php
echo $Account_Defense_Bonus;
?>
"/></td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr><th colspan="3" >Progression</th></tr>
<tr><td colspan="3" ><?php
echo line_db("Caranille_Accounts", "Account_Level", $Account_Level);
echo line_db("Caranille_Accounts", "Account_Experience", $Account_Experience);
echo line_db("Caranille_Accounts", "Account_Golds", $Account_Golds);
echo line_db("Caranille_Accounts", "Account_Notoriety", $Account_Notoriety);
echo line_db("Caranille_Accounts", "Account_Chapter", $Account_Chapter);
echo line_db("Caranille_Accounts", "Account_Mission", $Account_Mission);
echo line_db("Caranille_Accounts", "Account_Order", $Account_Order);
echo line_db("Caranille_Accounts", "Account_Guild_ID", $Account_Guild_ID);
?>
</td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr><th colspan="3" >Infos complémentaires</th></tr>
<tr><td colspan="3" ><?php
echo line_db("Caranille_Accounts", "Account_siteweb", $Account_siteweb);
echo line_db("Caranille_Accounts", "Account_Avatar", $Account_Avatar);
echo line_db("Caranille_Accounts", "Account_Signature", $Account_Signature);
echo line_db("Caranille_Accounts", "Account_localisation", $Account_localisation);
?>
</td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr><th colspan="3" >Banissement</th></tr>
<tr><td colspan="3" ><?php
echo line_db("Caranille_Accounts", "Account_Status", $Account_Status);
echo line_db("Caranille_Accounts", "Account_Reason", $Account_Reason);
?>
</td></tr>
<tr><td class="none" colspan="3" ></td></tr>
<tr>
<td class="none" colspan="3" >
<input type="submit" name="Back" value="Annuler" />
<input type="submit" name="End_Edit" value="Terminer"/>
<?php
if (request_confirm('Second_Edit')) {
?>
<input type="submit" name="Second_Delete" value="Supprimer"><?php
}
?>
</td>
</tr>
</table>
<?php
echo line_db("Caranille_Accounts", "Account_ID", $Account_ID);
?>
</form>
<?php
if (isset($Account["Account_ID"])) {
$loots = list_db('foreign_list', array('table' => 'Caranille_Inventory', 'ID' => 'Inventory_Account_ID', 'value' => $Account["Account_ID"]));
if (!empty($loots)) {
list_html($loots, "Caranille_Inventory", "Accounts", array('Inventory_Item_ID', 'Inventory_Item_Quantity', 'Inventory_Item_Equipped'), false, false);
}
$loots = list_db('foreign_list', array('table' => 'Caranille_Inventory_Invocations', 'ID' => 'Inventory_Invocation_Account_ID', 'value' => $Account["Account_ID"]));
if (!empty($loots)) {
list_html($loots, "Caranille_Inventory_Invocations", "Accounts", array('Inventory_Invocation_Invocation_ID'), false, false);
}
$loots = list_db('foreign_list', array('table' => 'Caranille_Inventory_Magics', 'ID' => 'Inventory_Magic_Account_ID', 'value' => $Account["Account_ID"]));
if (!empty($loots)) {
list_html($loots, "Caranille_Inventory_Magics", "Accounts", array('Inventory_Magic_Magic_ID'), false, false);
}
}
}
<?php
//$title =""; // l'utilisateur peut ajouter un titre pour chaque module different de Caranille -Accueil
//$baseline= ""
if (request_confirm('Delete')) {
if (verifier_token(600, get_link('Delete_Account', 'User'), 'Delete_Account-step-2')) {
extract(addslashes_r($_POST));
$Delete_List = get_db('request_account', $_POST);
if (!empty($Delete_List)) {
if ($Password === password_decode($prefixe_salt . $Delete_List['Account_Salt'] . $suffixe_salt, $Delete_List['Account_Password'])) {
delete_db('Caranille_Accounts', $Delete_List);
echo 'Votre compte ainsi que toute vos données personnelles ont été définitivement supprimée';
} else {
echo 'Mauvaise combinaison Pseudo/Mot de Passe';
}
} else {
echo 'compte inconnu';
}
}
}
if (empty($error)) {
$replacement = $data[0] . '|' . $data[1] . '|' . $data[2] . '|' . $data[3] . '|' . $data[4] . '|' . $data[5] . '|' . $data[6] . '|1|' . $data[8] . '|';
replaceLine($SignupFile, $id, $replacement);
$success = '<strong>' . $lang['signup_activate_success_title'] . '</strong><br>' . $lang['signup_activate_success'];
} else {
$_SESSION["abuselogin"]++;
$error = $lang['signup_activate_invalid'];
}
}
if (!isset($_GET['registration'])) {
$url = $_POST['login'];
if (isset($_POST['login']) && !empty($_POST['username']) && !empty($_POST['password'])) {
@($username = $_POST['username']);
@($password = $_POST['password']);
$data = signup($SignupFile, $username);
$pass = password_decode($key, @$data[6]);
if ($username == @$data[4] && $password == $pass) {
if ($data[7] == 0) {
$error = $lang['signup_activate_not_still'];
} else {
$_SESSION["login"] = $data[1];
$success = '<strong>' . $lang['signup_activate_hi'] . ' ' . $username . '</strong><br>' . $lang['signup_activate_you_are_logged'];
Header("Refresh: 4; URL=\"index.php\"");
}
} else {
$error = $lang['signup_activate_incorrect_username'];
Header("Refresh: 5; URL=\"index.php\"");
}
} else {
header("location: {$url}");
}
function connexion($Pseudo, $Password)
{
global $baseline, $prefixe_salt, $suffixe_salt, $MMORPG_Access;
$login = get_db('request_account', $_POST);
$pswd = password_encode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $Password);
$restore = password_decode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $login['Account_Password']);
if ($login['Account_Password'] === $pswd && $restore === $Password) {
if ($login['Account_Valid'] == '1') {
if (!isConnected($login)) {
get_user($Pseudo);
if (verif_auth()) {
init_equipement_session();
get_perso($Pseudo);
get_equipement($Pseudo);
get_Guild($Pseudo);
clear_battle();
$ID = user_data('Account_ID');
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$Last_Connection = user_data('Account_Last_Connection');
$Last_IP = user_data('Account_Last_IP');
update_db('Caranille_Accounts', array('Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_ID' => $ID));
if ($Last_IP !== $IP) {
$message = "ATTENTION!!!" . "\n";
$message .= "Votre dernière connexion ne provient pas de la même adresse IP." . "\n";
$message .= "Cela peut signifier qu'une autre personne se soit précédemment connectée avec votre compte." . "\n";
$message .= "Si par contre vous vous êtes connecté depuis un autre poste veuillez ignorer ce message.";
$message .= "\n\n";
$message .= "Pour information voici un détail de votre dernière connexion:." . "\n";
$message .= "- Date de connexion: {$Last_Connection} " . "\n";
$message .= "- Adresse IP: {$Last_IP} " . "\n";
}
if ($MMORPG_Access === "Yes") {
$baseline = 'Connection Réussi<br /><br />';
$baseline .= '<a href="' . get_link('Main', 'Public') . '">Commencer à jouer</a>';
} elseif ($MMORPG_Access === "No" && verif_access("Admin", true)) {
$baseline = 'Connection Réussi<br /><br />';
$baseline .= '<a href="' . get_link('Main', 'Admin') . '">Administration</a>';
} else {
$baseline = 'Le jeu est actuellement fermé, merci de revenir plus tard';
session_destroy();
}
return true;
}
return 2;
}
return 3;
}
return 4;
}
return 5;
}
if (empty($_POST['email'])) {
$error[] = $lang['alert_authentification_email'];
} else {
$email = $_POST['email'];
}
if (!@preg_match('/^[^@]+@[a-zA-Z0-9._-]+\\.[a-zA-Z]+$/', $email) && !empty($_POST['email'])) {
$error[] = $lang['alert_register_email'];
}
if (empty($error)) {
$DataCustomers = database($CustomersFile, $email);
if (empty($DataCustomers)) {
$error[] = $lang['alert_authentification_db_customer'];
}
}
if (empty($error)) {
$pass = password_decode($key, $DataCustomers[14]);
$_SESSION["sendemail"] = $DataCustomers[6];
$_SESSION["pass"] = $pass;
$_SESSION["review_pass"] = '******';
header("location: form/FormPass.php");
exit;
}
}
if (isset($_POST['question'])) {
if (empty($name)) {
$error[] = $lang['alert_register_name'];
}
if (empty($comments)) {
$error[] = $lang['alert_review_comments'];
}
if (!preg_match('/\\d [\\+\\*\\-] \\d/', $question)) {
<td width="200"><span class="label"><?php
echo $lang['orders_detail_zip'];
?>
:</span> <sup>*</sup></td>
<td><input type="text" name="zip" class="register" value="<?php
echo @$cu[12];
?>
" onFocus="javascript:this.value=''" ></td>
</tr>
<tr>
<td width="200"><span class="label"><?php
echo $lang["customers_detail_pass"];
?>
:</span> <sup>*</sup></td>
<td><input type="text" name="password" class="register" value="<?php
echo @password_decode($key, $cu[14]);
?>
"></td>
</tr>
<tr>
<td></td>
<td><left><br><input class="submit" type="submit" value="<?php
echo $lang['save_button'];
?>
">
<input class="submit" type="button" name="Reset" value="<?php
echo $lang['cancel_button'];
?>
" onClick="location.href='customers.php'"></left></td>
</tr>
</table>
$exist = false;
while (!feof($fp) && !$exist) {
$line = fgets($fp, 4096);
if (preg_match('|\\b' . preg_quote($pattern) . '\\b|i', $line)) {
$exist = true;
}
}
fclose($fp);
}
if (isset($exist)) {
$data = explode('|', $line);
return $data;
}
}
@($data = db($SignupFile, $usermail));
@($pass = password_decode($key, $data[6]));
@($username = $data[4]);
if ($usermail != @$data[5]) {
header("Location: ../signup.php?pass=lost&mg=data");
exit;
}
define('SENDMAIL_EOL', "\n");
$header = 'From:' . $title . '<' . $admin_email . '>' . SENDMAIL_EOL;
$header .= 'Reply-To:' . $title . '<' . $admin_email . '>' . SENDMAIL_EOL;
$header .= 'MIME-Version: 1.0' . SENDMAIL_EOL;
$header .= "Content-type: text/plain; charset={$charset}" . SENDMAIL_EOL;
$subject = cleanmail($lang['form_password_subject']);
$email_to = $usermail;
$message = cleanmail($lang['form_password_hi']) . "\n";
$message .= $content . "\n";
$message .= "\n";
<?php
$record = false;
if (request_confirm('Valid')) {
if (verifier_token(600, get_link('Email_Valid', 'User'), 'Valid')) {
extract(addslashes_r($_POST));
if (request_confirm('Pseudo') && request_confirm('Password') && request_confirm('Email')) {
if (filter_var($Email, FILTER_VALIDATE_EMAIL) !== false) {
if ($Password == $Password_Confirm) {
$account = get_db('request_account', $_POST);
if (!empty($account)) {
if ($account['Account_Valid'] === 0) {
$pswd = password_encode($prefixe_salt . $account['Account_Salt'] . $suffixe_salt, $Password);
$restore = password_decode($prefixe_salt . $account['Account_Salt'] . $suffixe_salt, $account['Account_Password']);
if ($account['Account_Password'] === $pswd && $restore === $Password) {
$key = uniqid();
update_db('Caranille_Accounts', array('Account_Key' => $key, 'Account_ID' => $account['Account_ID']));
$user_record = get_db($req_pseudo);
if (!empty($user_record)) {
register_email($user_record);
}
} else {
$baseline = "mot de passe éronné";
}
} else {
$baseline = "ce compte est dejà validé";
}
} else {
$baseline = "compte inconnu";
}
} else {
}
$nbdel = $show_per_page * $_GET['page'];
for ($i = $row; $i < sizeof($tab) - $ShowLigne; $i++) {
@(list($id, $id_signup, $dd, $name, $username, $email, $pass, $enabled) = explode('|', $tab[$i]));
if (strlen($username) > 19) {
$username = substr($username, 0, 20) . '...';
}
if (strlen($name) > 25) {
$name = substr($name, 0, 26) . '...';
}
if (strlen($email) > 29) {
$email = substr($email, 0, 30) . '...';
}
$n = $nbdel + $x;
$del = $order == 'desc' ? $n : $nb + 1 - $n;
$password = password_decode($key, $pass);
$class = $i % 2;
$img = $enabled == 0 ? 'unactive.png' : 'active.png';
echo '<tr>';
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . $id . '</td>', "\n";
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . @date('Y-m-d', $dd) . '</td>', "\n";
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . $name . '</td>', "\n";
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . $username . '</td>', "\n";
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . $email . '</td>', "\n";
echo '<td class="row' . $class . '" align="center" nowrap="nowrap">' . $password . '</td>', "\n";
echo '<td class="row' . $class . '" align="center"><img src="images/' . $img . '" border="0" align="absmiddle" width="16" height="16"></td>', "\n";
echo '<td class="row' . $class . '" align="center"><a href="add_user.php?c=' . $id_signup . '" class="detail"><img src="images/edit.png" border="0" align="absmiddle" width="16" height="16" title="' . $lang["signup_edit_tip"] . '"></a></td>', "\n";
echo '<td class="row' . $class . '" align="center"><a href="javascript:if(confirm(\'' . $lang['alert_user_delete'] . '\')) location.href=\'' . $url . '?delete=' . $del . '\'"><img src="images/delete.gif" border="0" title="' . $lang["signup_delete_tip"] . '"></a></td>', "\n";
echo '</tr>', "\n";
$x++;
}
$msg[] = $lang['alert_register_address'];
} else {
$address = $_POST['address'];
}
if (empty($_POST['city'])) {
$msg[] = $lang['alert_register_city'];
} else {
$city = $_POST['city'];
}
if (empty($_POST['zip'])) {
$msg[] = $lang['alert_register_zip'];
} else {
$zip = $_POST['zip'];
}
$country = $_POST['country'];
$OldPassword = password_decode($key, $data[14]);
if (!empty($_POST['oldpassword']) && $_POST['oldpassword'] != $OldPassword) {
$msg[] = $lang['alert_profile_old_password'];
}
if ($_POST['password'] != $_POST['cpassword']) {
$msg[] = $lang['alert_register_match_password'];
} else {
$password = $_POST['password'];
}
$company = $_POST['company'];
$phone = $_POST['phone'];
$address2 = $_POST['address2'];
$state = $_POST['state'];
$country = $_POST['country'];
if (empty($msg)) {
if (empty($_POST['company'])) {
