示例#1
0
文件: cpw.php 项目: EbrahemS/SRCMS
<?php

if (isset($_GET['uid'])) {
    if (security::isSecureString($_GET['uid'], 3)) {
        $uid = $_GET['uid'];
        if (core::$sql->numRows("select * from PW_Restore where RandomPASS = '******'") == 0) {
            echo 'this UID is incorrect or have been changed , request a new UID.';
        } else {
            if (isset($_POST['submit'])) {
                //process data
                if (!security::isSecureString($_POST['password_new'], 3)) {
                    $errors[] = "Password [new] contains forbidden symbols";
                }
                if (strlen($_POST['password_new']) > 32) {
                    $errors[] = "Password [new] too long";
                }
                if (strlen($_POST['password_new']) < 6) {
                    $errors[] = "Passwrod [new] too short";
                }
                if ($_POST['password_new'] !== $_POST['password_new_confirm']) {
                    $errors[] = "New Passwords does not match!.";
                }
                if (count($errors) > 0) {
                    foreach ($errors as $nElement) {
                        echo $nElement . ".<br/>";
                    }
                    misc::back();
                } else {
                    //verify
                    if (user::RestorePass($_GET['uid'], $_POST['password_new'])) {
                        echo "Password changed successfully. <br/>";
示例#2
0
文件: cem.php 项目: EbrahemS/SRCMS
<?php

if (isset($_GET['uid'])) {
    if (security::isSecureString($_GET['uid'], 3)) {
        $uid = $_GET['uid'];
        if (core::$sql->numRows("select * from Email_Change where RandomPASS = '******'") == 0) {
            echo 'this UID is incorrect or have been changed , request a new UID.';
        } else {
            if (isset($_POST['submit'])) {
                //process data
                if (!security::isSecureString($_POST['email_first'], 2)) {
                    $errors[] = "Password [new] contains forbidden symbols";
                }
                if (!security::isSecureString($_POST['email_first'], 2)) {
                    $errors[] = "Password [new] contains forbidden symbols";
                }
                if (!filter_var($_POST['email_first'], FILTER_VALIDATE_EMAIL)) {
                    $errors[] = "Email is invalid.";
                }
                if (strlen($_POST['email_first']) > 54) {
                    $errors[] = "Email too long";
                }
                if (strlen($_POST['email_first']) < 10) {
                    $errors[] = "Email too short";
                }
                if ($_POST['email_first'] !== $_POST['email_verify']) {
                    $errors[] = "Emails does not match!.";
                }
                if (count($errors) > 0) {
                    foreach ($errors as $nElement) {
                        echo $nElement . ".<br/>";
示例#3
0
文件: ucp.php 项目: EbrahemS/SRCMS
             } else {
                 echo "You can't delete message that does not belong to you.<br/>";
             }
         }
     } else {
         echo "No messages in inbox";
     }
     break;
 case 'mychars':
     //module disabled
     if ($core->aConfig['allowListChars'] == 0) {
         echo "This module is currently disabled.";
         return;
     }
     if (isset($_GET['charname'])) {
         if (!security::isSecureString($_GET['charname'], 3)) {
             echo "Invalid char name<br/>";
             misc::back();
             break;
         }
         if (user::usernameByCharname($_GET['charname']) != $_SESSION['username']) {
             echo "This character is not yours !<br/>";
             misc::back();
             break;
         }
         if (isset($_GET['charname']) && isset($_GET['char_act'])) {
             switch ($_GET['char_act']) {
                 case 'reset_pos':
                     if ($core->aConfig['allowCharTeleport'] == 0) {
                         echo "This function is disabled.<br/>";
                         break;
示例#4
0
<?php

if (isset($_GET['username']) && security::isSecureString($_GET['username'], 3)) {
    $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_GET['username']) . "'");
    if ($userData['ispublic'] == '1') {
        user::viewProfile($_GET['username']);
        //send msg there too
    } else {
        user::viewProfile($_GET['username']);
        //send msg there too
    }
} else {
    echo "No username specified, or username contains forbidden symbols.<br/>";
}
示例#5
0
文件: index.php 项目: EbrahemS/SRCMS
        if ($nMsgCountUnread > 0) {
            $msgText = "[<b>{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a></b>";
        } else {
            $msgText = "[{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a>";
        }
    }
    echo "{$msgText}\r\n\t<br />\t<td><a href='./?pg=ucp&act=logout'>Logout</a></td>\r\n\t\t</tr>\r\n</table>\r\n\t";
} else {
    if ($_POST['submit'] != 'login') {
        ucp::showLoginForm();
    } else {
        //process login
        if (security::isSecureString($_POST['username'], 3) == false) {
            $errors[] = "Username contains forbidden symbols";
        }
        if (security::isSecureString($_POST['password'], 3) == false) {
            $errors[] = "Password contains forbidden symbols";
        }
        if (strlen($_POST['username']) > 16) {
            $errors[] = "Username too long";
        }
        if (strlen($_POST['username']) < 3) {
            $errors[] = "Username too short";
        }
        if (strlen($_POST['password']) > 32) {
            $errors[] = "Password too long";
        }
        if (strlen($_POST['password']) < 6) {
            $errors[] = "Password too short";
        }
        if (count($errors) > 0) {
示例#6
0
文件: rank.php 项目: EbrahemS/SRCMS
 //Guilds Ranking
 case 'guild':
     core::$sql->changeDB('shard');
     if (!isset($_GET['name'])) {
         $hQuery = core::$sql->exec("select top 50 * from _Guild where ID > 0 and ID != 24 order by Lvl desc,GatheredSP desc");
         echo "<table id='table-3' class='tborder' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t<td align='center' class='thead'>Rank</td>\r\n\t\t\t\t\t<td align='center' class='thead'>Name</td>\r\n\t\t\t\t\t<td align='center' class='thead'>Level</td>\r\n\t\t\t\t\t<td align='center' class='thead'>Members</td>\r\n\t\t\t\t\t<td align='center' class='thead'>Points</td><tr/>\r\n\t\t\t\t\t";
         $nGuild = 1;
         while ($row = mssql_fetch_array($hQuery)) {
             $nMembers = core::$sql->getRow("select count(*) from _GuildMember where GuildID='{$row['ID']}'");
             echo "\r\n\t\t\t\t<td align='center'>{$nGuild}</td>\r\n\t\t\t\t<td align='center'><a href='?pg=rank&type=guild&name={$row['Name']}'>{$row['Name']}</a></td>\r\n\t\t\t\t<td align='center'>{$row['Lvl']}</td>\r\n\t\t\t\t<td align='center'>{$nMembers}</td>\r\n\t\t\t\t<td align='center'>{$row['GatheredSP']}</td><tr/>";
             $nGuild++;
         }
         echo "</table>";
         misc::back();
     } else {
         if (security::isSecureString($_GET['name'], 3)) {
             if (core::$sql->numRows("select * from _Guild where Name='{$_GET['name']}'") == 0) {
                 echo "Guild with such name not found.";
             } else {
                 $hGuildData = mssql_fetch_array(mssql_query("select * from _Guild where Name='{$_GET['name']}'"));
                 $hGuildMembers = core::$sql->exec("select * from _GuildMember where GuildID='{$hGuildData['ID']}' order by MemberClass asc,Contribution DESC,GuildWarKill DESC,CharLevel DESC,GP_Donation DESC");
                 /*
                 					for guild Gold add those lines :
                 <td align='center'>Gold</td>
                 					<td align='center'>$hGuildData[Gold]</td>
                 */
                 echo "<table id='table-3' class='tborder' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t<td align='center'>Name</td>\r\n\t\t\t\t\t\t\t<td align='center'>{$hGuildData['Name']}</td><tr/>\r\n\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t<td align='center'>Level</td>\r\n\t\t\t\t\t\t\t<td align='center'>{$hGuildData['Lvl']}</td><tr/>\r\n\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t<td align='center'>Points</td>\r\n\t\t\t\t\t\t\t<td align='center'>{$hGuildData['GatheredSP']}</td><tr/>\r\n\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t<td align='center'>Foundation</td>\r\n\t\t\t\t\t\t\t<td align='center'>{$hGuildData['FoundationDate']}</td><tr/>\r\n\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t<br/><br/>";
                 echo "<table  id='table-3' class='tborder' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t<td width='5%' align='center' class='thead'>Rank</td>\r\n\t\t\t\t\t\t\t\t<td width='5%' align='center' class='thead'>Race</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Charname</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Nick</td>\r\n\t\t\t\t\t\t\t\t<td width='10%' align='center' class='thead'>Level</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Donation</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Guild War Kills</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Guild War Killed</td>\r\n\t\t\t\t\t\t\t\t<td width='15%' align='center' class='thead'>Type</td><tr/>\r\n\t\t\t\t\t\t\t\t";
                 $n = 1;
                 while ($row = mssql_fetch_array($hGuildMembers)) {
                     $cName = char::charnameByCharID($row['CharID']);