3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the Revised BSD License.
6 This program is distributed in the hope that it will be useful,
7 but WITHOUT ANY WARRANTY; without even the implied warranty of
8 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 Revised BSD License for more details.
11 Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
12 Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
14 $FileInfo: members.php - Last Update: 07/13/2007 SVN 42 - Author: cooldude2k $
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="members.php"||$File3Name=="/members.php") {
20 if($_GET['act']=="list") {
22 $orderlist = "order by `ID` asc";
23 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
24 if(!isset($_GET['sorttype'])) { $_GET['sorttype'] = null; }
25 if(!isset($_GET['ordertype'])) { $_GET['ordertype'] = null; }
26 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
27 if(!isset($_GET['sortby'])) { $_GET['sortby'] = null; }
28 if(!isset($_GET['gid'])) { $_GET['gid'] = null; }
29 if(!isset($_GET['groupid'])) { $_GET['groupid'] = null; }
30 if($_GET['orderby']==null) {
31 if($_GET['sortby']!=null) {
32 $_GET['orderby'] = $_GET['sortby']; } }
33 if($_GET['orderby']==null) { $_GET['orderby'] = "joined"; }
34 if($_GET['orderby']!=null) {
35 if($_GET['orderby']=="id") { $orderlist = "order by `ID`"; }
36 if($_GET['orderby']=="name") { $orderlist = "order by `Name`"; }
37 if($_GET['orderby']=="joined") { $orderlist = "order by `Joined`"; }
38 if($_GET['orderby']=="active") { $orderlist = "order by `LastActive`"; }
39 if($_GET['orderby']=="posts") { $orderlist = "order by `PostCount`"; }
40 if($_GET['orderby']=="offset") { $orderlist = "order by `TimeZone`"; } }
41 if($_GET['ordertype']==null) {
42 if($_GET['sorttype']!=null) {
43 $_GET['ordertype'] = $_GET['sorttype']; } }
44 if($_GET['ordertype']==null) { $_GET['ordertype'] = "asc"; }
45 if($_GET['ordertype']!=null) {
46 if($_GET['ordertype']=="ascending") { $orderlist .= " asc"; }
47 if($_GET['ordertype']=="descending") { $orderlist .= " desc"; }
48 if($_GET['ordertype']=="asc") { $orderlist .= " asc"; }
49 if($_GET['ordertype']=="desc") { $orderlist .= " desc"; } }
50 if(!is_numeric($_GET['gid'])) { $_GET['gid'] = null; }
51 if($_GET['gid']!=null&&$_GET['groupid']==null) { $_GET['groupid'] = $_GET['gid']; }
52 if(!is_numeric($_GET['groupid'])) { $_GET['groupid'] = null; }
53 $ggquery = query("select * from `".$Settings['sqltable']."groups` where `Name`='%s'", array($Settings['GuestGroup']));
54 $ggresult=mysql_query($ggquery);
55 $GGroup=mysql_result($ggresult,0,"id");
56 @mysql_free_result($ggresult);
57 if($_GET['groupid']==null) {
58 $query = query("select * from `".$Settings['sqltable']."members` where `GroupID`<>%i ".$orderlist, array($GGroup)); }
59 if($_GET['groupid']!=null) {
60 $query = query("select * from `".$Settings['sqltable']."members` where `GroupID`=%i and `GroupID`<>%i ".$orderlist, array($_GET['groupid'],$GGroup)); }
61 $result=mysql_query($query);
62 $num=mysql_num_rows($result);
63 //Start MemberList Page Code (Will be used at later time)
64 if($_GET['page']==null) { $_GET['page'] = 1; }
65 if($_GET['page']<=0) { $_GET['page'] = 1; }
66 $nums = $_GET['page'] * $Settings['max_memlist'];
67 if($nums>$num) { $nums = $num; }
68 $numz = $nums - $Settings['max_memlist'];
69 if($numz<=0) { $numz = 0; }
71 if($nums<$num) { $nextpage = $_GET['page'] + 1; }
72 if($nums>=$num) { $nextpage = $_GET['page']; }
73 if($numz>=$Settings['max_memlist']) { $backpage = $_GET['page'] - 1; }
74 if($_GET['page']<=1) { $backpage = 1; }
75 //End MemberList Page Code (Its not used yet but its still good to have :P )
78 <div class="Table1Border">
79 <table class="Table1">
80 <tr class="TableRow1">
81 <td class="TableRow1" colspan="7"><span style="float: left;">
82 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Member List</a>
83 </span><span style="float: right;"> </span></td>
85 <tr id="Member" class="TableRow2">
86 <th class="TableRow2" style="width: 5%;">ID</th>
87 <th class="TableRow2" style="width: 28%;">Name</th>
88 <th class="TableRow2" style="width: 10%;">Group</th>
89 <th class="TableRow2" style="width: 10%;">Posts</th>
90 <th class="TableRow2" style="width: 20%;">Joined</th>
91 <th class="TableRow2" style="width: 20%;">Last Active</th>
92 <th class="TableRow2" style="width: 7%;">Website</th>
96 $MemList['ID']=mysql_result($result,$i,"id");
97 $MemList['Name']=mysql_result($result,$i,"Name");
98 $MemList['Email']=mysql_result($result,$i,"Email");
99 $MemList['GroupID']=mysql_result($result,$i,"GroupID");
100 $MemList['WarnLevel']=mysql_result($result,$i,"WarnLevel");
101 $MemList['Interests']=mysql_result($result,$i,"Interests");
102 $MemList['Title']=mysql_result($result,$i,"Title");
103 $MemList['Joined']=mysql_result($result,$i,"Joined");
104 $MemList['Joined']=GMTimeChange("F j Y, g:i a",$MemList['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
105 $MemList['LastActive']=mysql_result($result,$i,"LastActive");
106 $MemList['LastActive']=GMTimeChange("F j Y, g:i a",$MemList['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
107 $MemList['Website']=mysql_result($result,$i,"Website");
108 $MemList['Gender']=mysql_result($result,$i,"Gender");
109 $MemList['PostCount']=mysql_result($result,$i,"PostCount");
110 $MemList['TimeZone']=mysql_result($result,$i,"TimeZone");
111 $MemList['DST']=mysql_result($result,$i,"DST");
112 $MemList['IP']=mysql_result($result,$i,"IP");
113 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($MemList['GroupID']));
114 $gresult=mysql_query($gquery);
115 $MemList['Group']=mysql_result($gresult,0,"Name");
116 @mysql_free_result($gresult);
117 $membertitle = " ".$ThemeSet['TitleDivider']." Member List";
118 if($MemList['Group']!=$Settings['GuestGroup']) {
120 <tr class="TableRow3" id="Member<?php echo $MemList['ID']; ?>">
121 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['ID']; ?></td>
122 <td class="TableRow3"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$MemList['ID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Name']; ?></a></td>
123 <td class="TableRow3" style="text-align: center;"><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list&gid=".$MemList['GroupID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Group']; ?></a></td>
124 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['PostCount']; ?></td>
125 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['Joined']; ?></td>
126 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['LastActive']; ?></td>
127 <td class="TableRow3" style="text-align: center;"><a href="<?php echo $MemList['Website']; ?>" onclick="window.open(this.href);return false;">Website</a></td>
130 ++$i; } @mysql_free_result($result);
132 <tr id="MemEnd" class="TableRow4">
133 <td class="TableRow4" colspan="7"> </td>
137 if($_GET['act']=="view") {
138 $query = query("select * from `".$Settings['sqltable']."members` where `id`=%i", array($_GET['id']));
139 $result=mysql_query($query);
140 $num=mysql_num_rows($result);
142 if($num==0||$_GET['id']=="-1") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); }
143 $ViewMem['ID']=mysql_result($result,$i,"id");
144 $ViewMem['Name']=mysql_result($result,$i,"Name");
145 $ViewMem['Signature']=mysql_result($result,$i,"Signature");
146 $ViewMem['Avatar']=mysql_result($result,$i,"Avatar");
147 $ViewMem['AvatarSize']=mysql_result($result,$i,"AvatarSize");
148 $ViewMem['Email']=mysql_result($result,$i,"Email");
149 $ViewMem['GroupID']=mysql_result($result,$i,"GroupID");
150 $ViewMem['WarnLevel']=mysql_result($result,$i,"WarnLevel");
151 $ViewMem['Interests']=mysql_result($result,$i,"Interests");
152 $ViewMem['Title']=mysql_result($result,$i,"Title");
153 $ViewMem['Joined']=mysql_result($result,$i,"Joined");
154 $ViewMem['Joined']=GMTimeChange("M j Y, g:i a",$ViewMem['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
155 $ViewMem['LastActive']=mysql_result($result,$i,"LastActive");
156 $ViewMem['LastActive']=GMTimeChange("M j Y, g:i a",$ViewMem['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
157 $ViewMem['Website']=mysql_result($result,$i,"Website");
158 $ViewMem['Gender']=mysql_result($result,$i,"Gender");
159 $ViewMem['PostCount']=mysql_result($result,$i,"PostCount");
160 $ViewMem['TimeZone']=mysql_result($result,$i,"TimeZone");
161 $ViewMem['DST']=mysql_result($result,$i,"DST");
162 $ViewMem['IP']=mysql_result($result,$i,"IP");
163 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($ViewMem['GroupID']));
164 $gresult=mysql_query($gquery);
165 $ViewMem['Group']=mysql_result($gresult,0,"Name");
166 @mysql_free_result($gresult);
167 $membertitle = " ".$ThemeSet['TitleDivider']." Viewing Profile ".$ViewMem['Name'];
168 if ($ViewMem['Avatar']=="http://"||$ViewMem['Avatar']==null) {
169 $ViewMem['Avatar']=$ThemeSet['NoAvatar'];
170 $ViewMem['AvatarSize']=$ThemeSet['NoAvatarSize']; }
171 $AvatarSize1=explode("x", $ViewMem['AvatarSize']);
172 $AvatarSize1W=$AvatarSize1[0]; $AvatarSize1H=$AvatarSize1[1];
173 $ViewMem['Signature'] = text2icons($ViewMem['Signature'],$Settings['sqltable']);
174 if($_GET['view']==null) { $_GET['view'] = "profile"; }
175 if($_GET['view']!="profile"&&$_GET['view']!="avatar"&&
176 $_GET['view']!="website"&&$_GET['view']!="homepage") { $_GET['view'] = "profile"; }
177 if($_GET['view']=="avatar") {
178 @session_write_close();
179 @header("Location: ".$ViewMem['Avatar']); }
180 if($_GET['view']=="website"||$_GET['view']=="homepage") {
181 if ($ViewMem['Website']!="http://"&&$ViewMem['Website']!=null) {
182 @session_write_close();
183 @header("Location: ".$ViewMem['Website']); }
184 if ($ViewMem['Website']=="http://"||$ViewMem['Website']==null) {
185 @session_write_close();
186 @header("Location: ".$BoardURL."index.php?act=view"); } }
188 <div class="Table1Border">
189 <table class="Table1">
190 <tr class="TableRow1">
191 <td class="TableRow1" colspan="2"><span style="float: left;">
192 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Viewing Profile</a>
193 </span><span style="float: right;"> </span></td>
195 <tr id="Member" class="TableRow2">
196 <th class="TableRow2" style="width: 50%;">Avatar</th>
197 <th class="TableRow2" style="width: 50%;">User Info</th>
199 <tr class="TableRow3" id="MemberProfile">
200 <td class="TableRow3">
201 <?php /* Avatar Table Thanks For SeanJ's Help at http://seanj.jcink.com/ */ ?>
202 <table class="AvatarTable" style="width: 100%; height: 100px; text-align: center;">
203 <tr class="AvatarRow" style="width: 100px; height: 100px;">
204 <td class="AvatarRow" style="width: 100%; height: 100%; text-align: center; vertical-align: middle;">
205 <img src="<?php echo $ViewMem['Avatar']; ?>" alt="<?php echo $ViewMem['Name']; ?>'s Avatar" title="<?php echo $ViewMem['Name']; ?>'s Avatar" style="border: 0px; width: <?php echo $AvatarSize1W; ?>px; height: <?php echo $AvatarSize1H; ?>px;" />
209 <div style="text-align: center;">
210 Name: <?php echo $ViewMem['Name']; ?><br />
211 Title: <?php echo $ViewMem['Title']; ?></div>
213 <td class="TableRow3">
214 User Name: <?php echo $ViewMem['Name']; ?><br />
215 User Title: <?php echo $ViewMem['Title']; ?><br />
216 User Group: <?php echo $ViewMem['Group']; ?><br />
217 User Joined: <?php echo $ViewMem['Joined']; ?><br />
218 Last Active: <?php echo $ViewMem['LastActive']; ?><br />
219 User Time: <?php echo GMTimeGet("M j Y, g:i a",$ViewMem['TimeZone'],0,$ViewMem['DST']); ?><br />
220 User Website: <a href="<?php echo $ViewMem['Website']; ?>" onclick="window.open(this.href);return false;">Website</a><br />
221 Post Count: <?php echo $ViewMem['PostCount']; ?><br />
222 Interests: <?php echo $ViewMem['Interests']; ?><br />
225 <tr class="TableRow4">
226 <td class="TableRow4" colspan="2"> </td>
229 <?php } @mysql_free_result($result);
230 if($_GET['act']=="logout") {
232 @setcookie("MemberName", null, GMTimeStamp() - 3600, $basedir);
233 @setcookie("UserID", null, GMTimeStamp() - 3600, $basedir);
234 @setcookie("SessPass", null, GMTimeStamp() - 3600, $basedir);
235 @setcookie(session_name(), "", GMTimeStamp() - 3600, $basedir);
236 unset($_COOKIE[session_name()]);
240 @redirect("location",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false));
243 if($_GET['act']=="login")
245 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
247 <div class="Table1Border">
248 <table class="Table1">
249 <tr class="TableRow1">
250 <td class="TableRow1"><span style="float: left;">
251 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a>
252 </span><span style="float: right;"> </span></td>
254 <tr class="TableRow2">
255 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your login info: </th>
257 <tr class="TableRow3">
258 <td class="TableRow3">
259 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login_now",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
260 <table style="text-align: left;">
261 <tr style="text-align: left;">
262 <td style="width: 30%;"><label class="TextBoxLabel" for="username">Enter UserName: </label></td>
263 <td style="width: 70%;"><input class="TextBox" id="username" type="text" name="username" /></td>
265 <td style="width: 30%;"><label class="TextBoxLabel" for="userpass">Enter Password: </label></td>
266 <td style="width: 70%;"><input class="TextBox" id="userpass" type="password" name="userpass" maxlength="30" /></td>
268 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
269 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
270 <option value="true">Yes</option>
271 <option value="false">No</option>
274 <table style="text-align: left;">
275 <tr style="text-align: left;">
276 <td style="width: 100%;">
277 <input type="hidden" name="act" value="loginmember" style="display: none;" />
278 <input class="Button" type="submit" value="Log in" />
283 <tr class="TableRow4">
284 <td class="TableRow4"> </td>
287 <?php } if($_POST['act']=="loginmember"&&$_GET['act']=="login_now") {
288 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
289 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
290 $URL['REFERER'] = $REFERERurl['host'];
291 $URL['HOST'] = $_SERVER["SERVER_NAME"];
292 $REFERERurl = null; unset($REFERERurl);
294 <div class="Table1Border">
295 <table class="Table1">
296 <tr class="TableRow1">
297 <td class="TableRow1">
298 <span style="float: left;"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a></span>
299 <span style="float: right;"> </span></td>
301 <tr class="TableRow2">
302 <th class="TableRow2" style="width: 100%; text-align: left;"> Login Message: </th>
304 <tr class="TableRow3">
305 <td class="TableRow3">
306 <table style="width: 100%; height: 25%; text-align: center;">
308 if (strlen($_POST['userpass'])=="30") { $Error="Yes"; ?>
310 <td><span class="TableMessage">
311 <br />Your password is too big.<br />
314 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
316 <td><span class="TableMessage">
317 <br />Your user name is too big.<br />
320 <?php } if ($Settings['TestReferer']==true) {
321 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
323 <td><span class="TableMessage">
324 <br />Sorry the referering url dose not match our host name.<br />
329 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false),"4"); }
331 $YourName = stripcslashes(htmlspecialchars($_POST['username'], ENT_QUOTES));
332 $YourName = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $YourName);
333 $YourName = @remove_spaces($YourName);
335 $querylog = query("select * from `".$Settings['sqltable']."members` where `Name` = '%s'", array($YourName));
336 $resultlog=mysql_query($querylog);
337 $numlog=mysql_num_rows($resultlog);
340 $YourPassTry=mysql_result($resultlog,$i,"Password");
341 $HashType=mysql_result($resultlog,$i,"HashType");
342 $JoinedPass=mysql_result($resultlog,$i,"Joined");
343 $HashSalt=mysql_result($resultlog,$i,"Salt");
345 if($HashType=="ODFH") {
346 $YourPassword = sha1(md5($_POST['userpass'])); }
347 if($HashType=="DF4H") {
348 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
349 if($HashType=="iDBH"||$UpdateHash!=true) {
350 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
351 if($YourPassword==$YourPassTry) {
353 } if($YourPassword==$YourPassTry) {
355 $YourIDM=mysql_result($resultlog,$i,"id");
356 $YourNameM=mysql_result($resultlog,$i,"Name");
357 $YourPassM=mysql_result($resultlog,$i,"Password");
358 $YourGroupM=mysql_result($resultlog,$i,"GroupID");
359 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($YourGroupM));
360 $gresult=mysql_query($gquery);
361 $YourGroupM=mysql_result($gresult,0,"Name");
362 @mysql_free_result($gresult);
363 $YourTimeZoneM=mysql_result($resultlog,$i,"TimeZone");
364 $YourDSTM=mysql_result($resultlog,$i,"DST");
365 $JoinedDate=mysql_result($resultlog,$i,"Joined");
366 $UseTheme=mysql_result($resultlog,$i,"UseTheme");
367 $NewHashSalt = salt_hmac();
368 $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"sha1");
369 $NewDay=GMTimeStamp();
370 $NewIP=$_SERVER['REMOTE_ADDR'];
371 $queryup = query("update `".$Settings['sqltable']."members` set `Password`='%s',`HashType`='iDBH',`LastActive`='%s',`IP`='%s',`Salt`='%s' WHERE `id`=%i", array($NewPassword,$NewDay,$NewIP,$NewHashSalt,$YourIDM));
372 mysql_query($queryup);
373 @mysql_free_result($resultlog); @mysql_free_result($queryup);
374 //session_regenerate_id();
375 $_SESSION['Theme']=$UseTheme;
376 $_SESSION['MemberName']=$YourNameM;
377 $_SESSION['UserID']=$YourIDM;
378 $_SESSION['UserTimeZone']=$YourTimeZoneM;
379 $_SESSION['UserGroup']=$YourGroupM;
380 $_SESSION['UserDST']=$YourDSTM;
381 if($_POST['storecookie']==true) {
382 setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
383 setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
384 setcookie("SessPass", $NewPassword, time() + (7 * 86400), $basedir); }
386 //echo "Password was not right or user not found!! <_< ";
388 <?php if($passright==true) {
389 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false),"3"); ?>
391 <td><span class="TableMessage">
392 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
393 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
396 <?php } if($passright==false) { ?>
398 <td><span class="TableMessage">
399 <br />Password was not right or user not found!! <_<<br />
400 Click <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$exqstr['member'],$prexqstr['member']); ?>">here</a> to try again.<br />
406 <tr class="TableRow4">
407 <td class="TableRow4"> </td>
411 if($_GET['act']=="signup")
413 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up"; ?>
414 <div class="Table1Border">
415 <table class="Table1">
416 <tr class="TableRow1">
417 <td class="TableRow1"><span style="float: left;">
418 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Register</a>
419 </span><span style="float: right;"> </span></td>
421 <tr class="TableRow2">
422 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your user info: </th>
424 <tr class="TableRow3">
425 <td class="TableRow3">
426 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=makemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
427 <table style="text-align: left;">
428 <tr style="text-align: left;">
429 <td style="width: 30%;"><label class="TextBoxLabel" for="Name">Insert a UserName:</label></td>
430 <td style="width: 70%;"><input type="text" class="TextBox" name="Name" size="20" id="Name" /></td>
432 <td><label class="TextBoxLabel" for="Password">Insert a Password:</label></td>
433 <td><input type="password" class="TextBox" name="Password" size="20" id="Password" maxlength="30" /></td>
435 <td><label class="TextBoxLabel" for="RePassword">ReInsert a Password:</label></td>
436 <td><input type="password" class="TextBox" name="RePassword" size="20" id="RePassword" maxlength="30" /></td>
438 <td><label class="TextBoxLabel" for="Email">Insert Your Email:</label></td>
439 <td><input type="text" class="TextBox" name="Email" size="20" id="Email" /></td>
441 <td><label class="TextBoxLabel" for="YourOffSet">Your TimeZone:</label></td>
442 <td><select id="YourOffSet" name="YourOffSet" class="TextBox"><?php
443 $tsa_mem = explode(":",$Settings['DefaultTimeZone']);
444 $TimeZoneArray = array("offset" => $Settings['DefaultTimeZone'], "hour" => $tsa_mem[0], "minute" => $tsa_mem[1]);
445 $plusi = 1; $minusi = 12;
446 $plusnum = 13; $minusnum = 0;
447 while ($minusi > $minusnum) {
448 if($TimeZoneArray['hour']==-$minusi) {
449 echo "<option selected=\"selected\" value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
450 if($TimeZoneArray['hour']!=-$minusi) {
451 echo "<option value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
453 if($TimeZoneArray['hour']==0) { ?>
454 <option selected="selected" value="0">GMT +/- 0:00 hours</option>
455 <?php } if($TimeZoneArray['hour']!=0) { ?>
456 <option value="0">GMT +/- 0:00 hours</option>
458 while ($plusi < $plusnum) {
459 if($TimeZoneArray['hour']==$plusi) {
460 echo "<option selected=\"selected\" value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
461 if($TimeZoneArray['hour']!=$plusi) {
462 echo "<option value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
466 <td style="width: 50%;"><label class="TextBoxLabel" for="MinOffSet">Minute OffSet:</label></td>
467 <td style="width: 50%;"><select id="MinOffSet" name="MinOffSet" class="TextBox"><?php
468 $mini = 0; $minnum = 60;
469 while ($mini < $minnum) {
470 if(strlen($mini)==2) { $showmin = $mini; }
471 if(strlen($mini)==1) { $showmin = "0".$mini; }
472 if($mini==$TimeZoneArray['minute']) {
473 echo "\n<option selected=\"selected\" value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
474 if($mini!=$TimeZoneArray['minute']) {
475 echo "<option value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
479 <td style="width: 40%;"><label class="TextBoxLabel" for="DST">Is <span title="Daylight Savings Time">DST</span> / <span title="Summer Time">ST</span> on or off:</label></td>
480 <td style="width: 60%;"><select id="DST" name="DST" class="TextBox"><?php echo "\n" ?>
481 <?php if($Settings['DefaultDST']=="off"||$Settings['DefaultDST']!="on") { ?>
482 <option selected="selected" value="off">off</option><?php echo "\n" ?><option value="on">on</option>
483 <?php } if($Settings['DefaultDST']=="on") { ?>
484 <option selected="selected" value="on">on</option><?php echo "\n" ?><option value="off">off</option>
485 <?php } echo "\n" ?></select></td>
487 <td><label class="TextBoxLabel" for="YourGender">Your Gender:</label></td>
488 <td><select id="YourGender" name="YourGender" class="TextBox">
489 <option value="Male">Male</option>
490 <option value="Female">Female</option>
491 <option value="Unknow">Unknow</option>
494 <td><label class="TextBoxLabel" for="Website">Insert your Website:</label></td>
495 <td><input type="text" class="TextBox" name="Website" size="20" value="http://" id="Website" /></td>
497 <td><label class="TextBoxLabel" for="Avatar">Insert a URL for Avatar:</label></td>
498 <td><input type="text" class="TextBox" name="Avatar" size="20" value="http://" id="Avatar" /></td>
500 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
501 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
502 <option value="true">Yes</option>
503 <option value="false">No</option>
507 <table style="text-align: left;">
508 <tr style="text-align: left;">
509 <td style="width: 100%;">
510 <label class="TextBoxLabel" for="TOSBox">TOS - Please read fully and check 'I agree' box ONLY if you agree to terms</label><br />
511 <textarea rows="10" cols="58" id="TOSBox" name="TOSBox" class="TextBox" readonly="readonly" accesskey="T"><?php
512 echo file_get_contents("TOS"); ?></textarea><br />
513 <input type="checkbox" class="TextBox" name="TOS" value="Agree" id="TOS" /><label class="TextBoxLabel" for="TOS">I Agree</label><br/>
514 <input type="hidden" style="display: none;" name="act" value="makemembers" />
515 <input type="submit" class="Button" value="Sign UP" />
520 <tr class="TableRow4">
521 <td class="TableRow4"> </td>
524 <?php } if($_GET['act']=="makemember") {
525 if($_POST['act']=="makemembers") {
526 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up";
527 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
528 $URL['REFERER'] = $REFERERurl['host'];
529 $URL['HOST'] = $_SERVER["SERVER_NAME"];
530 $REFERERurl = null; unset($REFERERurl);
531 if(!isset($_POST['username'])) { $_POST['username'] = null; }
532 if(!isset($_POST['TOS'])) { $_POST['TOS'] = null; }
534 <div class="Table1Border">
535 <table class="Table1">
536 <tr class="TableRow1">
537 <td class="TableRow1"><span style="float: right;"> </span>
538 <a href="<?php echo url_maker($exfile['messenger'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['messenger'],$exqstr['messenger']); ?>">Register</a></td>
540 <tr class="TableRow2">
541 <th class="TableRow2" style="width: 100%; text-align: left;"> Signup Message: </th>
543 <tr class="TableRow3">
544 <td class="TableRow3">
545 <table style="width: 100%; height: 25%; text-align: center;">
546 <?php if (strlen($_POST['Password'])=="30") { $Error="Yes"; ?>
548 <td><span class="TableMessage">
549 <br />Your password is too big.<br />
552 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
554 <td><span class="TableMessage">
555 <br />Your user name is too big.<br />
558 <?php } if ($_POST['Password']!=$_POST['RePassword']) { $Error="Yes"; ?>
560 <td><span class="TableMessage">
561 <br />Your passwords did not match.<br />
564 <?php } if ($Settings['TestReferer']==true) {
565 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
567 <td><span class="TableMessage">
568 <br />Sorry the referering url dose not match our host name.<br />
572 $Name = stripcslashes(htmlspecialchars($_POST['Name'], ENT_QUOTES));
573 $Name = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Name);
574 $Name = @remove_spaces($Name);
575 $sql_email_check = mysql_query(query("select `Email` from `".$Settings['sqltable']."members` where `Email` = '%s'", array($_POST['Email'])));
576 $sql_username_check = mysql_query(query("select `Name` from `".$Settings['sqltable']."members` where `Name` = '%s'", array($Name)));
577 $email_check = mysql_num_rows($sql_email_check);
578 $username_check = mysql_num_rows($sql_username_check);
579 @mysql_free_result($sql_email_check); @mysql_free_result($sql_username_check);
580 if ($_POST['TOS']!="Agree") { $Error="Yes"; ?>
582 <td><span class="TableMessage">
583 <br />You need to agree to the tos.<br />
586 <?php } if ($_POST['Name']==null) { $Error="Yes"; ?>
588 <td><span class="TableMessage">
589 <br />You need to enter a name.<br />
592 <?php } if ($_POST['Name']=="ShowMe") { $Error="Yes"; ?>
594 <td><span class="TableMessage">
595 <br />You need to enter a name.<br />
598 <?php } if ($_POST['Password']==null) { $Error="Yes"; ?>
600 <td><span class="TableMessage">
601 <br />You need to enter a password.<br />
604 <?php } if ($_POST['Email']==null) { $Error="Yes"; ?>
606 <td><span class="TableMessage">
607 <br />You need to enter a email.<br />
610 <?php } if($email_check > 0) { $Error="Yes"; ?>
612 <td><span class="TableMessage">
613 <br />Email address is already used.<br />
616 <?php } if($username_check > 0) { $Error="Yes"; ?>
618 <td><span class="TableMessage">
619 <br />UserName is already used.<br />
622 <?php } if ($Error=="Yes") {
623 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],FALSE),"4"); }
625 $_POST['UserIP'] = $_SERVER['REMOTE_ADDR'];
626 $_POST['Group'] = $Settings['MemberGroup'];
627 $_POST['Joined'] = GMTimeStamp(); $_POST['LastActive'] = GMTimeStamp();
628 $_POST['Signature'] = ""; $_POST['Interests'] = "";
629 $_POST['Title'] = ""; $_POST['PostCount'] = "0";
630 if($Settings['AdminValidate']==true||$Settings['AdminValidate']!=false)
631 { $ValidateStats="no"; $yourgroup=$Settings['ValidateGroup']; }
632 if($Settings['AdminValidate']==false)
633 { $ValidateStats="yes"; $yourgroup=$Settings['MemberGroup']; }
634 $HashSalt = salt_hmac();
635 $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"sha1");
636 $_GET['YourPost'] = $_POST['Signature'];
637 //require( './'.$SettDir['misc'].'HTMLTags.php');
638 $_GET['YourPost'] = htmlspecialchars($_GET['YourPost'], ENT_QUOTES);
639 $_GET['YourPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_GET['YourPost']);
640 $NewSignature = $_GET['YourPost'];
641 $_GET['YourPost'] = preg_replace("/\t+/"," ",$_GET['YourPost']);
642 $_GET['YourPost'] = preg_replace("/\s\s+/"," ",$_GET['YourPost']);
643 $Avatar = stripcslashes(htmlspecialchars($_POST['Avatar'], ENT_QUOTES));
644 $Avatar = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Avatar);
645 $Avatar = @remove_spaces($Avatar);
646 $Website = stripcslashes(htmlspecialchars($_POST['Website'], ENT_QUOTES));
647 $Website = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Website);
648 $Website = @remove_spaces($Website);
649 $gquerys = query("select * from `".$Settings['sqltable']."groups` where `Name`='%s'", array($Settings['MemberGroup']));
650 $gresults=mysql_query($gquerys);
651 $yourgroup=mysql_result($gresults,0,"id");
652 @mysql_free_result($gresults);
653 $yourid = getnextid($Settings['sqltable'],"members");
654 $_POST['Interests'] = @remove_spaces($_POST['Interests']);
655 $_POST['Title'] = @remove_spaces($_POST['Title']);
656 $_POST['Email'] = @remove_spaces($_POST['Email']);
657 if(!is_numeric($_POST['YourOffSet'])) { $_POST['YourOffSet'] = "0"; }
658 if($_POST['YourOffSet']>12) { $_POST['YourOffSet'] = "12"; }
659 if($_POST['YourOffSet']<-12) { $_POST['YourOffSet'] = "-12"; }
660 if(!is_numeric($_POST['MinOffSet'])) { $_POST['MinOffSet'] = "00"; }
661 if($_POST['MinOffSet']>59) { $_POST['MinOffSet'] = "59"; }
662 if($_POST['MinOffSet']<0) { $_POST['MinOffSet'] = "00"; }
663 $_POST['YourOffSet'] = $_POST['YourOffSet'].":".$_POST['MinOffSet'];
664 $query = query("insert into `".$Settings['sqltable']."members` values (".$yourid.",'%s','%s','%s','%s','%s','%s','%i','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", array($Name,$NewPassword,"iDBH",$_POST['Email'],$yourgroup,$ValidateStats,"0",$_POST['Interests'],$_POST['Title'],$_POST['Joined'],$_POST['LastActive'],"0",$NewSignature,'Your Notes',$Avatar,"100x100",$Website,$_POST['YourGender'],$_POST['PostCount'],$_POST['YourOffSet'],$_POST['DST'],$Settings['DefaultTheme'],$_POST['UserIP'],$HashSalt));
666 $querylogr = query("select * from `".$Settings['sqltable']."members` where `Name`='%s' AND `Password`='%s'", array($Name,$NewPassword));
667 $resultlogr=mysql_query($querylogr);
668 $numlogr=mysql_num_rows($resultlogr);
671 $YourIDMr=mysql_result($resultlogr,$ir,"id");
672 $YourNameMr=mysql_result($resultlogr,$ir,"Name");
673 $YourGroupMr=mysql_result($resultlogr,$ir,"GroupID");
674 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($YourGroupMr));
675 $gresult=mysql_query($gquery);
676 $YourGroupMr=mysql_result($gresult,0,"Name");
677 @mysql_free_result($gresult);
678 $YourTimeZoneMr=mysql_result($resultlogr,$ir,"TimeZone");
679 $YourDSTMr=mysql_result($resultlogr,$ir,"DST"); }
680 @mysql_free_result($resultlogr);
681 @session_regenerate_id(true);
682 $_SESSION['Loggedin']=true;
683 $_SESSION['MemberName']=$YourNameMr;
684 $_SESSION['UserID']=$YourIDMr;
685 $_SESSION['UserTimeZone']=$YourTimeZoneMr;
686 $_SESSION['UserDST']=$YourDSTMr;
687 $_SESSION['UserGroup']=$YourGroupMr;
688 if($_POST['storecookie']==true) {
689 @setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
690 @setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
691 @setcookie("SessPass", $YourPassM, time() + (7 * 86400), $basedir); }
692 //$SendPMtoID=$_SESSION['UserID'];
694 //$PMTitle = "Welcome ".$Name.".";
695 //$YourMessage = "Hello ".$Name.". Welcome to ".$Settings['board_name'].". I hope you have fun here. ^_^ ";
696 //$_POST['YourDate'] = $_POST['Joined'];
697 //$query = query("insert into `".$Settings['sqltable']."messenger` values (null,'%s','%s','%s','%s','%s','%s',0)", array($YourPMID,$SendPMtoID,'',$PMTitle,$YourMessage,$_POST['YourDate']));
698 //mysql_query($query);
699 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],FALSE),"3");
702 <td><span class="TableMessage">
703 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
704 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
710 <tr class="TableRow4">
711 <td class="TableRow4"> </td>