OSDN Git Service

(root) / idb / iDB.git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Small bug fix to ( file: members.php )
[idb/iDB.git.git] / inc / members.php
1 <?php
2 /*
3     This program is free software; you can redistribute it and/or modify
4     it under the terms of the Revised BSD License.
5
6     This program is distributed in the hope that it will be useful,
7     but WITHOUT ANY WARRANTY; without even the implied warranty of
8     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
9     Revised BSD License for more details.
10
11     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
12     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
13
14     $FileInfo: members.php - Last Update: 06/27/2007 SVN 31 - Author: cooldude2k $
15 */
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="members.php"||$File3Name=="/members.php") {
18         require('index.php');
19         exit(); }
20 if($_GET['act']=="list") {
21 $orderlist = null;
22 $orderlist = "order by `ID` asc";
23 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
24 if(!isset($_GET['sorttype'])) { $_GET['sorttype'] = null; }
25 if(!isset($_GET['ordertype'])) { $_GET['ordertype'] = null; }
26 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
27 if(!isset($_GET['sortby'])) { $_GET['sortby'] = null; }
28 if(!isset($_GET['gid'])) { $_GET['gid'] = null; }
29 if(!isset($_GET['groupid'])) { $_GET['groupid'] = null; }
30 if($_GET['orderby']==null) { 
31         if($_GET['sortby']!=null) { 
32                 $_GET['orderby'] = $_GET['sortby']; } }
33 if($_GET['orderby']==null) { $_GET['orderby'] = "joined"; }
34 if($_GET['orderby']!=null) {
35 if($_GET['orderby']=="id") { $orderlist = "order by `ID`"; }
36 if($_GET['orderby']=="name") { $orderlist = "order by `Name`"; }
37 if($_GET['orderby']=="joined") { $orderlist = "order by `Joined`"; }
38 if($_GET['orderby']=="active") { $orderlist = "order by `LastActive`"; }
39 if($_GET['orderby']=="posts") { $orderlist = "order by `PostCount`"; }
40 if($_GET['orderby']=="offset") { $orderlist = "order by `TimeZone`"; } }
41 if($_GET['ordertype']==null) { 
42         if($_GET['sorttype']!=null) { 
43                 $_GET['ordertype'] = $_GET['sorttype']; } }
44 if($_GET['ordertype']==null) { $_GET['ordertype'] = "asc"; }
45 if($_GET['ordertype']!=null) {
46 if($_GET['ordertype']=="ascending") { $orderlist .= " asc"; }
47 if($_GET['ordertype']=="descending") { $orderlist .= " desc"; }
48 if($_GET['ordertype']=="asc") { $orderlist .= " asc"; }
49 if($_GET['ordertype']=="desc") { $orderlist .= " desc"; } }
50 if(!is_numeric($_GET['gid'])) { $_GET['gid'] = null; }
51 if($_GET['gid']!=null&&$_GET['groupid']==null) { $_GET['groupid'] = $_GET['gid']; }
52 if(!is_numeric($_GET['groupid'])) { $_GET['groupid'] = null; }
53 $ggquery = query("select * from ".$Settings['sqltable']."groups where `Name`='%s'", array($Settings['GuestGroup']));
54 $ggresult=mysql_query($ggquery);
55 $GGroup=mysql_result($ggresult,0,"id");
56 @mysql_free_result($ggresult);
57 if($_GET['groupid']==null) {
58 $query = query("select * from ".$Settings['sqltable']."members where `GroupID`<>%i ".$orderlist, array($GGroup)); }
59 if($_GET['groupid']!=null) {
60 $query = query("select * from ".$Settings['sqltable']."members where `GroupID`=%i and `GroupID`<>%i ".$orderlist, array($_GET['groupid'],$GGroup)); }
61 $result=mysql_query($query);
62 $num=mysql_num_rows($result);
63 //Start MemberList Page Code (Will be used at later time)
64 if($_GET['page']==null) { $_GET['page'] = 1; } 
65 if($_GET['page']<=0) { $_GET['page'] = 1; }
66 $nums = $_GET['page'] * $Settings['max_memlist'];
67 if($nums>$num) { $nums = $num; }
68 $numz = $nums - $Settings['max_memlist'];
69 if($numz<=0) { $numz = 0; }
70 $i=$numz;
71 if($nums<$num) { $nextpage = $_GET['page'] + 1; }
72 if($nums>=$num) { $nextpage = $_GET['page']; }
73 if($numz>=$Settings['max_memlist']) { $backpage = $_GET['page'] - 1; }
74 if($_GET['page']<=1) { $backpage = 1; }
75 //End MemberList Page Code (Its not used yet but its still good to have :P )
76 $i=0;
77 ?>
78 <div class="Table1Border">
79 <table class="Table1">
80 <tr class="TableRow1">
81 <td class="TableRow1" colspan="7"><span style="float: left;">
82 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Member List</a>
83 </span><span style="float: right;">&nbsp;</span></td>
84 </tr>
85 <tr id="Member" class="TableRow2">
86 <th class="TableRow2" style="width: 5%;">ID</th>
87 <th class="TableRow2" style="width: 28%;">Name</th>
88 <th class="TableRow2" style="width: 10%;">Group</th>
89 <th class="TableRow2" style="width: 10%;">Posts</th>
90 <th class="TableRow2" style="width: 20%;">Joined</th>
91 <th class="TableRow2" style="width: 20%;">Last Active</th>
92 <th class="TableRow2" style="width: 7%;">Website</th>
93 </tr>
94 <?php
95 while ($i < $num) {
96 $MemList['ID']=mysql_result($result,$i,"id");
97 $MemList['Name']=mysql_result($result,$i,"Name");
98 $MemList['Email']=mysql_result($result,$i,"Email");
99 $MemList['GroupID']=mysql_result($result,$i,"GroupID");
100 $MemList['WarnLevel']=mysql_result($result,$i,"WarnLevel");
101 $MemList['Interests']=mysql_result($result,$i,"Interests");
102 $MemList['Title']=mysql_result($result,$i,"Title");
103 $MemList['Joined']=mysql_result($result,$i,"Joined");
104 $MemList['Joined']=GMTimeChange("F j Y, g:i a",$MemList['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
105 $MemList['LastActive']=mysql_result($result,$i,"LastActive");
106 $MemList['LastActive']=GMTimeChange("F j Y, g:i a",$MemList['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
107 $MemList['Website']=mysql_result($result,$i,"Website");
108 $MemList['Gender']=mysql_result($result,$i,"Gender");
109 $MemList['PostCount']=mysql_result($result,$i,"PostCount");
110 $MemList['TimeZone']=mysql_result($result,$i,"TimeZone");
111 $MemList['DST']=mysql_result($result,$i,"DST");
112 $MemList['IP']=mysql_result($result,$i,"IP");
113 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($MemList['GroupID']));
114 $gresult=mysql_query($gquery);
115 $MemList['Group']=mysql_result($gresult,0,"Name");
116 @mysql_free_result($gresult);
117 $membertitle = " ".$ThemeSet['TitleDivider']." Member List";
118 if($MemList['Group']!=$Settings['GuestGroup']) {
119 ?>
120 <tr class="TableRow3" id="Member<?php echo $MemList['ID']; ?>">
121 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['ID']; ?></td>
122 <td class="TableRow3">&nbsp;<a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$MemList['ID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Name']; ?></a></td>
123 <td class="TableRow3" style="text-align: center;"><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list&gid=".$MemList['GroupID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Group']; ?></a></td>
124 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['PostCount']; ?></td>
125 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['Joined']; ?></td>
126 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['LastActive']; ?></td>
127 <td class="TableRow3" style="text-align: center;"><a href="<?php echo $MemList['Website']; ?>" onclick="window.open(this.href);return false;">Website</a></td>
128 </tr>
129 <?php }
130 ++$i; } @mysql_free_result($result);
131 ?>
132 <tr id="MemEnd" class="TableRow4">
133 <td class="TableRow4" colspan="7">&nbsp;</td>
134 </tr>
135 </table></div>
136 <?php }
137 if($_GET['act']=="view") { 
138 $query = query("select * from ".$Settings['sqltable']."members where `id`=%i", array($_GET['id']));
139 $result=mysql_query($query);
140 $num=mysql_num_rows($result);
141 $i=0;
142 if($num==0||$_GET['id']=="-1") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); }
143 $ViewMem['ID']=mysql_result($result,$i,"id");
144 $ViewMem['Name']=mysql_result($result,$i,"Name");
145 $ViewMem['Signature']=mysql_result($result,$i,"Signature");
146 $ViewMem['Avatar']=mysql_result($result,$i,"Avatar");
147 $ViewMem['AvatarSize']=mysql_result($result,$i,"AvatarSize");
148 $ViewMem['Email']=mysql_result($result,$i,"Email");
149 $ViewMem['GroupID']=mysql_result($result,$i,"GroupID");
150 $ViewMem['WarnLevel']=mysql_result($result,$i,"WarnLevel");
151 $ViewMem['Interests']=mysql_result($result,$i,"Interests");
152 $ViewMem['Title']=mysql_result($result,$i,"Title");
153 $ViewMem['Joined']=mysql_result($result,$i,"Joined");
154 $ViewMem['Joined']=GMTimeChange("M j Y, g:i a",$ViewMem['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
155 $ViewMem['LastActive']=mysql_result($result,$i,"LastActive");
156 $ViewMem['LastActive']=GMTimeChange("M j Y, g:i a",$ViewMem['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
157 $ViewMem['Website']=mysql_result($result,$i,"Website");
158 $ViewMem['Gender']=mysql_result($result,$i,"Gender");
159 $ViewMem['PostCount']=mysql_result($result,$i,"PostCount");
160 $ViewMem['TimeZone']=mysql_result($result,$i,"TimeZone");
161 $ViewMem['DST']=mysql_result($result,$i,"DST");
162 $ViewMem['IP']=mysql_result($result,$i,"IP");
163 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($ViewMem['GroupID']));
164 $gresult=mysql_query($gquery);
165 $ViewMem['Group']=mysql_result($gresult,0,"Name");
166 @mysql_free_result($gresult);
167 $membertitle = " ".$ThemeSet['TitleDivider']." Viewing Profile ".$ViewMem['Name'];      
168 if ($ViewMem['Avatar']=="http://"||$ViewMem['Avatar']==null) {
169 $ViewMem['Avatar']=$ThemeSet['NoAvatar'];
170 $ViewMem['AvatarSize']=$ThemeSet['NoAvatarSize']; }
171 $AvatarSize1=explode("x", $ViewMem['AvatarSize']);
172 $AvatarSize1W=$AvatarSize1[0]; $AvatarSize1H=$AvatarSize1[1];
173 $ViewMem['Signature'] = text2icons($ViewMem['Signature'],$Settings['sqltable']);
174 if($_GET['view']==null) { $_GET['view'] = "profile"; }
175 if($_GET['view']!="profile"&&$_GET['view']!="avatar"&&
176         $_GET['view']!="website"&&$_GET['view']!="homepage") { $_GET['view'] = "profile"; }
177 if($_GET['view']=="avatar") { 
178         @session_write_close();
179         @header("Location: ".$ViewMem['Avatar']); }
180 if($_GET['view']=="website"||$_GET['view']=="homepage") { 
181         if ($ViewMem['Website']!="http://"&&$ViewMem['Website']!=null) {
182         @session_write_close();
183         @header("Location: ".$ViewMem['Website']); }
184         if ($ViewMem['Website']=="http://"||$ViewMem['Website']==null) {
185         @session_write_close();
186         @header("Location: ".$BoardURL."index.php?act=view"); } }
187 ?>
188 <div class="Table1Border">
189 <table class="Table1">
190 <tr class="TableRow1">
191 <td class="TableRow1" colspan="2"><span style="float: left;">
192 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Viewing Profile</a>
193 </span><span style="float: right;">&nbsp;</span></td>
194 </tr>
195 <tr id="Member" class="TableRow2">
196 <th class="TableRow2" style="width: 50%;">Avatar</th>
197 <th class="TableRow2" style="width: 50%;">User Info</th>
198 </tr>
199 <tr class="TableRow3" id="MemberProfile">
200 <td class="TableRow3">
201 <?php  /* Avatar Table Thanks For SeanJ's Help at http://seanj.jcink.com/ */  ?>
202  <table class="AvatarTable" style="width: 100%; height: 100px; text-align: center;">
203         <tr class="AvatarRow" style="width: 100px; height: 100px;">
204                 <td class="AvatarRow" style="width: 100%; height: 100%; text-align: center; vertical-align: middle;">
205                 <img src="<?php echo $ViewMem['Avatar']; ?>" alt="<?php echo $ViewMem['Name']; ?>'s Avatar" title="<?php echo $ViewMem['Name']; ?>'s Avatar" style="border: 0px; width: <?php echo $AvatarSize1W; ?>px; height: <?php echo $AvatarSize1H; ?>px;" />
206                 </td>
207         </tr>
208  </table>
209 <div style="text-align: center;">
210 Name: <?php echo $ViewMem['Name']; ?><br />
211 Title: <?php echo $ViewMem['Title']; ?></div>
212 </td>
213 <td class="TableRow3">
214 &nbsp;User Name: <?php echo $ViewMem['Name']; ?><br />
215 &nbsp;User Title: <?php echo $ViewMem['Title']; ?><br />
216 &nbsp;User Group: <?php echo $ViewMem['Group']; ?><br />
217 &nbsp;User Joined: <?php echo $ViewMem['Joined']; ?><br />
218 &nbsp;Last Active: <?php echo $ViewMem['LastActive']; ?><br />
219 &nbsp;User Time: <?php echo GMTimeGet("M j Y, g:i a",$ViewMem['TimeZone'],0,$ViewMem['DST']); ?><br />
220 &nbsp;User Website: <a href="<?php echo $ViewMem['Website']; ?>" onclick="window.open(this.href);return false;">Website</a><br />
221 &nbsp;Post Count: <?php echo $ViewMem['PostCount']; ?><br />
222 &nbsp;Interests: <?php echo $ViewMem['Interests']; ?><br />
223 </td>
224 </tr>
225 <tr class="TableRow4">
226 <td class="TableRow4" colspan="2">&nbsp;</td>
227 </tr>
228 </table></div>
229 <?php } @mysql_free_result($result);
230 if($_GET['act']=="logout") {
231 @session_unset();
232 @setcookie("MemberName", null, GMTimeStamp() - 3600, $basedir);
233 @setcookie("UserID", null, GMTimeStamp() - 3600, $basedir);
234 @setcookie("SessPass", null, GMTimeStamp() - 3600, $basedir);
235 @setcookie(session_name(), "", GMTimeStamp() - 3600, $basedir);
236 unset($_COOKIE[session_name()]);
237 $_SESSION = array();
238 @session_unset();
239 @session_destroy();
240 @redirect("location",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false));
241 }
242
243 if($_GET['act']=="login")
244 {
245 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
246 ?>
247 <div class="Table1Border">
248 <table class="Table1">
249 <tr class="TableRow1">
250 <td class="TableRow1"><span style="float: left;">
251 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a>
252 </span><span style="float: right;">&nbsp;</span></td>
253 </tr>
254 <tr class="TableRow2">
255 <th class="TableRow2" style="width: 100%; text-align: left;">&nbsp;Inert your login info: </th>
256 </tr>
257 <tr class="TableRow3">
258 <td class="TableRow3">
259 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login_now",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
260 <table style="text-align: left;">
261 <tr style="text-align: left;">
262         <td style="width: 30%;"><label class="TextBoxLabel" for="username">Enter UserName: </label></td>
263         <td style="width: 70%;"><input class="TextBox" id="username" type="text" name="username" /></td>
264 </tr><tr>
265         <td style="width: 30%;"><label class="TextBoxLabel" for="userpass">Enter Password: </label></td>
266         <td style="width: 70%;"><input class="TextBox" id="userpass" type="password" name="userpass" maxlength="30" /></td>
267 </tr><tr>
268         <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
269         <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
270 <option value="true">Yes</option>
271 <option value="false">No</option>
272 </select></td>
273 </tr></table>
274 <table style="text-align: left;">
275 <tr style="text-align: left;">
276 <td style="width: 100%;">
277 <input type="hidden" name="act" value="loginmember" style="display: none;" />
278 <input class="Button" type="submit" value="Log in" />
279 </td></tr></table>
280 </form>
281 </td>
282 </tr>
283 <tr class="TableRow4">
284 <td class="TableRow4">&nbsp;</td>
285 </tr>
286 </table></div>
287 <?php } if($_POST['act']=="loginmember"&&$_GET['act']=="login_now") {
288 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
289 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
290 $URL['REFERER'] = $REFERERurl['host'];
291 $URL['HOST'] = $_SERVER["SERVER_NAME"];
292 $REFERERurl = null; unset($REFERERurl);
293 ?>
294 <div class="Table1Border">
295 <table class="Table1">
296 <tr class="TableRow1">
297 <td class="TableRow1">
298 <span style="float: left;">&nbsp;<a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a></span>
299 <span style="float: right;">&nbsp;</span></td>
300 </tr>
301 <tr class="TableRow2">
302 <th class="TableRow2" style="width: 100%; text-align: left;">&nbsp;Login Message: </th>
303 </tr>
304 <tr class="TableRow3">
305 <td class="TableRow3">
306 <table style="width: 100%; height: 25%; text-align: center;">
307 <?php
308 if (strlen($_POST['userpass'])=="30") { $Error="Yes";  ?>
309 <tr>
310         <td><span class="TableMessage">
311         <br />Your password is too big.<br />
312         </span></td>
313 </tr>
314 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes";  ?>
315 <tr>
316         <td><span class="TableMessage">
317         <br />Your user name is too big.<br />
318         <span></td>
319 </tr>
320 <?php } if ($Settings['TestReferer']==true) {
321         if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes";  ?>
322 <tr>
323         <td><span class="TableMessage">
324         <br />Sorry the referering url dose not match our host name.<br />
325         <span></td>
326 </tr>
327 <?php } }
328 if ($Error=="Yes") {
329 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false),"4"); }
330 if($Error!="Yes"){
331 $YourName = stripcslashes(htmlspecialchars($_POST['username'], ENT_QUOTES));
332 $YourName = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $YourName);
333 $YourName = @remove_spaces($YourName);
334 $passtype="ODFH";
335 $querylog = query("select * from ".$Settings['sqltable']."members where `Name` = '%s'", array($YourName));
336 $resultlog=mysql_query($querylog);
337 $numlog=mysql_num_rows($resultlog);
338 if($numlog>=1) {
339 $i=0;
340 $YourPassTry=mysql_result($resultlog,$i,"Password");
341 $HashType=mysql_result($resultlog,$i,"HashType");
342 $JoinedPass=mysql_result($resultlog,$i,"Joined");
343 $HashSalt=mysql_result($resultlog,$i,"Salt");
344 $UpdateHash = false;
345 if($HashType=="ODFH") { 
346         $YourPassword = sha1(md5($_POST['userpass'])); }
347 if($HashType=="DF4H") { 
348         $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
349 if($HashType=="iDBH"||$UpdateHash!=true) { 
350         $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
351 if($YourPassword==$YourPassTry) { 
352 $passright = false;
353 } if($YourPassword==$YourPassTry) {
354 $passright = true;
355 $YourIDM=mysql_result($resultlog,$i,"id");
356 $YourNameM=mysql_result($resultlog,$i,"Name");
357 $YourPassM=mysql_result($resultlog,$i,"Password");
358 $YourGroupM=mysql_result($resultlog,$i,"GroupID");
359 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($YourGroupM));
360 $gresult=mysql_query($gquery);
361 $YourGroupM=mysql_result($gresult,0,"Name");
362 @mysql_free_result($gresult);
363 $YourTimeZoneM=mysql_result($resultlog,$i,"TimeZone");
364 $YourDSTM=mysql_result($resultlog,$i,"DST");
365 $JoinedDate=mysql_result($resultlog,$i,"Joined");
366 $UseTheme=mysql_result($resultlog,$i,"UseTheme");
367 $NewHashSalt = salt_hmac();
368 $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"sha1");
369 $NewDay=GMTimeStamp();
370 $NewIP=$_SERVER['REMOTE_ADDR'];
371 $queryup = query("update ".$Settings['sqltable']."members set `Password`='%s',`HashType`='iDBH',`LastActive`='%s',`IP`='%s',`Salt`='%s' WHERE `id`=%i", array($NewPassword,$NewDay,$NewIP,$NewHashSalt,$YourIDM));
372 mysql_query($queryup);
373 @mysql_free_result($resultlog); @mysql_free_result($queryup);
374 //session_regenerate_id();
375 $_SESSION['Theme']=$UseTheme;
376 $_SESSION['MemberName']=$YourNameM;
377 $_SESSION['UserID']=$YourIDM;
378 $_SESSION['UserTimeZone']=$YourTimeZoneM;
379 $_SESSION['UserGroup']=$YourGroupM;
380 $_SESSION['UserDST']=$YourDSTM;
381 if($_POST['storecookie']==true) {
382 setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
383 setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
384 setcookie("SessPass", $NewPassword, time() + (7 * 86400), $basedir); }
385 } } if($numlog<=0) {
386 //echo "Password was not right or user not found!! <_< ";
387 } ?>
388 <?php if($passright==true) {
389 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false),"3"); ?>
390 <tr>
391         <td><span class="TableMessage">
392         <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
393         Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />&nbsp;
394         </span></td>
395 </tr>
396 <?php } if($passright==false) { ?>
397 <tr>
398         <td><span class="TableMessage">
399         <br />Password was not right or user not found!! &lt;_&lt;<br />
400         Click <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$exqstr['member'],$prexqstr['member']); ?>">here</a> to try again.<br />&nbsp;
401         </span></td>
402 </tr>
403 <?php } } ?>
404 </table>
405 </td></tr>
406 <tr class="TableRow4">
407 <td class="TableRow4">&nbsp;</td>
408 </tr>
409 </table></div>
410 <?php }
411 if($_GET['act']=="signup")
412
413 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up"; ?>
414 <div class="Table1Border">
415 <table class="Table1">
416 <tr class="TableRow1">
417 <td class="TableRow1"><span style="float: left;">
418 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Register</a>
419 </span><span style="float: right;">&nbsp;</span></td>
420 </tr>
421 <tr class="TableRow2">
422 <th class="TableRow2" style="width: 100%; text-align: left;">&nbsp;Inert your user info: </th>
423 </tr>
424 <tr class="TableRow3">
425 <td class="TableRow3">
426 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=makemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
427 <table style="text-align: left;">
428 <tr style="text-align: left;">
429         <td style="width: 30%;"><label class="TextBoxLabel" for="Name">Insert a UserName:</label></td>
430         <td style="width: 70%;"><input type="text" class="TextBox" name="Name" size="20" id="Name" /></td>
431 </tr><tr>
432         <td><label class="TextBoxLabel" for="Password">Insert a Password:</label></td>
433         <td><input type="password" class="TextBox" name="Password" size="20" id="Password" maxlength="30" /></td>
434 </tr><tr>
435         <td><label class="TextBoxLabel" for="RePassword">ReInsert a Password:</label></td>
436         <td><input type="password" class="TextBox" name="RePassword" size="20" id="RePassword" maxlength="30" /></td>
437 </tr><tr>
438         <td><label class="TextBoxLabel" for="Email">Insert Your Email:</label></td>
439         <td><input type="text" class="TextBox" name="Email" size="20" id="Email" /></td>
440 </tr><tr>
441         <td><label class="TextBoxLabel" for="YourOffSet">Your TimeZone:</label></td>
442         <td><select id="YourOffSet" name="YourOffSet" class="TextBox"><?php
443 $tsa_mem = explode(":",$Settings['DefaultTimeZone']);
444 $TimeZoneArray = array("offset" => $Settings['DefaultTimeZone'], "hour" => $tsa_mem[0], "minute" => $tsa_mem[1]);
445 $plusi = 1; $minusi = 12;
446 $plusnum = 13; $minusnum = 0;
447 while ($minusi > $minusnum) {
448 if($TimeZoneArray['hour']==-$minusi) {
449 echo "<option selected=\"selected\" value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
450 if($TimeZoneArray['hour']!=-$minusi) {
451 echo "<option value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
452 --$minusi; }
453 if($TimeZoneArray['hour']==0) { ?>
454 <option selected="selected" value="0">GMT +/- 0:00 hours</option>
455 <?php } if($TimeZoneArray['hour']!=0) { ?>
456 <option value="0">GMT +/- 0:00 hours</option>
457 <?php }
458 while ($plusi < $plusnum) {
459 if($TimeZoneArray['hour']==$plusi) {
460 echo "<option selected=\"selected\" value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
461 if($TimeZoneArray['hour']!=$plusi) {
462 echo "<option value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
463 ++$plusi; }
464 ?></select></td>
465 </tr><tr>
466         <td style="width: 50%;"><label class="TextBoxLabel" for="MinOffSet">Minute OffSet:</label></td>
467         <td style="width: 50%;"><select id="MinOffSet" name="MinOffSet" class="TextBox"><?php
468 $mini = 0; $minnum = 60;
469 while ($mini < $minnum) {
470 if(strlen($mini)==2) { $showmin = $mini; }
471 if(strlen($mini)==1) { $showmin = "0".$mini; }
472 if($mini==$TimeZoneArray['minute']) {
473 echo "\n<option selected=\"selected\" value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
474 if($mini!=$TimeZoneArray['minute']) {
475 echo "<option value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
476 ++$mini; }
477 ?></select></td>
478 </tr><tr>
479         <td style="width: 40%;"><label class="TextBoxLabel" for="DST">Is <span title="Daylight Savings Time">DST</span> / <span title="Summer Time">ST</span> on or off:</label></td>
480         <td style="width: 60%;"><select id="DST" name="DST" class="TextBox"><?php echo "\n" ?>
481 <?php if($Settings['DefaultDST']=="off"||$Settings['DefaultDST']!="on") { ?>
482 <option selected="selected" value="off">off</option><?php echo "\n" ?><option value="on">on</option>
483 <?php } if($Settings['DefaultDST']=="on") { ?>
484 <option selected="selected" value="on">on</option><?php echo "\n" ?><option value="off">off</option>
485 <?php } echo "\n" ?></select></td>
486 </tr><tr>
487         <td><label class="TextBoxLabel" for="YourGender">Your Gender:</label></td>
488         <td><select id="YourGender" name="YourGender" class="TextBox">
489 <option value="Male">Male</option>
490 <option value="Female">Female</option>
491 <option value="Unknow">Unknow</option>
492 </select></td>
493 </tr><tr>
494         <td><label class="TextBoxLabel" for="Website">Insert your Website:</label></td>
495         <td><input type="text" class="TextBox" name="Website" size="20" value="http://" id="Website" /></td>
496 </tr><tr>
497         <td><label class="TextBoxLabel" for="Avatar">Insert a URL for Avatar:</label></td>
498         <td><input type="text" class="TextBox" name="Avatar" size="20" value="http://" id="Avatar" /></td>
499 </tr><tr>
500         <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
501         <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
502 <option value="true">Yes</option>
503 <option value="false">No</option>
504 </select></td>
505 </tr>
506 </table>
507 <table style="text-align: left;">
508 <tr style="text-align: left;">
509 <td style="width: 100%;">
510 <label class="TextBoxLabel" for="TOSBox">TOS - Please read fully and check 'I agree' box ONLY if you agree to terms</label><br />
511 <textarea rows="10" cols="58" id="TOSBox" name="TOSBox" class="TextBox" readonly="readonly" accesskey="T"><?php 
512         echo file_get_contents("TOS");  ?></textarea><br />
513 <input type="checkbox" class="TextBox" name="TOS" value="Agree" id="TOS" /><label class="TextBoxLabel" for="TOS">I Agree</label><br/>
514 <input type="hidden" style="display: none;" name="act" value="makemembers" />
515 <input type="submit" class="Button" value="Sign UP" />
516 </td></tr></table>
517 </form>
518 </td>
519 </tr>
520 <tr class="TableRow4">
521 <td class="TableRow4">&nbsp;</td>
522 </tr>
523 </table></div>
524 <?php } if($_GET['act']=="makemember") {
525         if($_POST['act']=="makemembers") {
526 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up";
527 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
528 $URL['REFERER'] = $REFERERurl['host'];
529 $URL['HOST'] = $_SERVER["SERVER_NAME"];
530 $REFERERurl = null; unset($REFERERurl);
531 if(!isset($_POST['username'])) { $_POST['username'] = null; }
532 if(!isset($_POST['TOS'])) { $_POST['TOS'] = null; }
533 ?>
534 <div class="Table1Border">
535 <table class="Table1">
536 <tr class="TableRow1">
537 <td class="TableRow1"><span style="float: right;">&nbsp;</span>
538 &nbsp;<a href="<?php echo url_maker($exfile['messenger'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['messenger'],$exqstr['messenger']); ?>">Register</a></td>
539 </tr>
540 <tr class="TableRow2">
541 <th class="TableRow2" style="width: 100%; text-align: left;">&nbsp;Signup Message: </th>
542 </tr>
543 <tr class="TableRow3">
544 <td class="TableRow3">
545 <table style="width: 100%; height: 25%; text-align: center;">
546 <?php if (strlen($_POST['Password'])=="30") { $Error="Yes";  ?>
547 <tr>
548         <td><span class="TableMessage">
549         <br />Your password is too big.<br />
550         </span></td>
551 </tr>
552 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes";  ?>
553 <tr>
554         <td><span class="TableMessage">
555         <br />Your user name is too big.<br />
556         </span></td>
557 </tr>
558 <?php } if ($_POST['Password']!=$_POST['RePassword']) { $Error="Yes";  ?>
559 <tr>
560         <td><span class="TableMessage">
561         <br />Your passwords did not match.<br />
562         </span></td>
563 </tr>
564 <?php } if ($Settings['TestReferer']==true) {
565         if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes";  ?>
566 <tr>
567         <td><span class="TableMessage">
568         <br />Sorry the referering url dose not match our host name.<br />
569         </span></td>
570 </tr>
571 <?php } }
572 $Name = stripcslashes(htmlspecialchars($_POST['Name'], ENT_QUOTES));
573 $Name = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Name);
574 $Name = @remove_spaces($Name);
575 $sql_email_check = mysql_query(query("select `Email` from ".$Settings['sqltable']."members where `Email` = '%s'", array($_POST['Email'])));
576 $sql_username_check = mysql_query(query("select `Name` from ".$Settings['sqltable']."members where `Name` = '%s'", array($Name)));
577 $email_check = mysql_num_rows($sql_email_check); 
578 $username_check = mysql_num_rows($sql_username_check);
579 @mysql_free_result($sql_email_check); @mysql_free_result($sql_username_check);
580 if ($_POST['TOS']!="Agree") { $Error="Yes";  ?>
581 <tr>
582         <td><span class="TableMessage">
583         <br />You need to  agree to the tos.<br />
584         </span></td>
585 </tr>
586 <?php } if ($_POST['Name']==null) { $Error="Yes"; ?>
587 <tr>
588         <td><span class="TableMessage">
589         <br />You need to enter a name.<br />
590         </span></td>
591 </tr>
592 <?php } if ($_POST['Name']=="ShowMe") { $Error="Yes"; ?>
593 <tr>
594         <td><span class="TableMessage">
595         <br />You need to enter a name.<br />
596         </span></td>
597 </tr>
598 <?php } if ($_POST['Password']==null) { $Error="Yes"; ?>
599 <tr>
600         <td><span class="TableMessage">
601         <br />You need to enter a password.<br />
602         </span></td>
603 </tr>
604 <?php } if ($_POST['Email']==null) { $Error="Yes"; ?>
605 <tr>
606         <td><span class="TableMessage">
607         <br />You need to enter a email.<br />
608         </span></td>
609 </tr>
610 <?php } if($email_check > 0) { $Error="Yes"; ?>
611 <tr>
612         <td><span class="TableMessage">
613         <br />Email address is already used.<br />
614         </span></td>
615 </tr>
616 <?php } if($username_check > 0) { $Error="Yes"; ?>
617 <tr>
618         <td><span class="TableMessage">
619         <br />UserName is already used.<br />
620         </span></td>
621 </tr>
622 <?php } if ($Error=="Yes") {
623 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],FALSE),"4"); }
624 if ($Error!="Yes") {
625 $_POST['UserIP'] = $_SERVER['REMOTE_ADDR'];
626 $_POST['Group'] = $Settings['MemberGroup'];
627 $_POST['Joined'] = GMTimeStamp(); $_POST['LastActive'] = GMTimeStamp();
628 $_POST['Signature'] = ""; $_POST['Interests'] = "";
629 $_POST['Title'] = ""; $_POST['PostCount'] = "0";
630 if($Settings['AdminValidate']==true||$Settings['AdminValidate']!=false)
631 { $ValidateStats="no"; $yourgroup=$Settings['ValidateGroup']; }
632 if($Settings['AdminValidate']==false)
633 { $ValidateStats="yes"; $yourgroup=$Settings['MemberGroup']; }
634 $HashSalt = salt_hmac(); 
635 $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"sha1");
636 $_GET['YourPost'] = $_POST['Signature'];
637 //require( './'.$SettDir['misc'].'HTMLTags.php');
638 $_GET['YourPost'] = htmlspecialchars($_GET['YourPost'], ENT_QUOTES);
639 $_GET['YourPost'] = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_GET['YourPost']);
640 $NewSignature = $_GET['YourPost'];
641 $_GET['YourPost'] = preg_replace("/\t+/"," ",$_GET['YourPost']);
642 $_GET['YourPost'] = preg_replace("/\s\s+/"," ",$_GET['YourPost']);
643 $Avatar = stripcslashes(htmlspecialchars($_POST['Avatar'], ENT_QUOTES));
644 $Avatar = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Avatar);
645 $Avatar = @remove_spaces($Avatar);
646 $Website = stripcslashes(htmlspecialchars($_POST['Website'], ENT_QUOTES));
647 $Website = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Website);
648 $Website = @remove_spaces($Website);
649 $gquerys = query("select * from ".$Settings['sqltable']."groups where `Name`='%s'", array($Settings['MemberGroup']));
650 $gresults=mysql_query($gquerys);
651 $yourgroup=mysql_result($gresults,0,"id");
652 @mysql_free_result($gresults);
653 $yourid = getnextid($Settings['sqltable'],"members");
654 $_POST['Interests'] = @remove_spaces($_POST['Interests']);
655 $_POST['Title'] = @remove_spaces($_POST['Title']);
656 $_POST['Email'] = @remove_spaces($_POST['Email']);
657 if(!is_numeric($_POST['YourOffSet'])) { $_POST['YourOffSet'] = "0"; }
658 if($_POST['YourOffSet']>12) { $_POST['YourOffSet'] = "12"; }
659 if($_POST['YourOffSet']<-12) { $_POST['YourOffSet'] = "-12"; }
660 if(!is_numeric($_POST['MinOffSet'])) { $_POST['MinOffSet'] = "00"; }
661 if($_POST['MinOffSet']>59) { $_POST['MinOffSet'] = "59"; }
662 if($_POST['MinOffSet']<0) { $_POST['MinOffSet'] = "00"; }
663 $_POST['YourOffSet'] = $_POST['YourOffSet'].":".$_POST['MinOffSet'];
664 $query = query("insert into ".$Settings['sqltable']."members values (".$yourid.",'%s','%s','%s','%s','%s','%s','%i','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", array($Name,$NewPassword,"iDBH",$_POST['Email'],$yourgroup,$ValidateStats,"0",$_POST['Interests'],$_POST['Title'],$_POST['Joined'],$_POST['LastActive'],"0",$NewSignature,'Your Notes',$Avatar,"100x100",$Website,$_POST['YourGender'],$_POST['PostCount'],$_POST['YourOffSet'],$_POST['DST'],$Settings['DefaultTheme'],$_POST['UserIP'],$HashSalt));
665 mysql_query($query);
666 $querylogr = query("select * from ".$Settings['sqltable']."members where `Name`='%s' AND `Password`='%s'", array($Name,$NewPassword));
667 $resultlogr=mysql_query($querylogr);
668 $numlogr=mysql_num_rows($resultlogr);
669 if($numlogr>=1) {
670 $ir=0;
671 $YourIDMr=mysql_result($resultlogr,$ir,"id");
672 $YourNameMr=mysql_result($resultlogr,$ir,"Name");
673 $YourGroupMr=mysql_result($resultlogr,$ir,"GroupID");
674 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($YourGroupMr));
675 $gresult=mysql_query($gquery);
676 $YourGroupMr=mysql_result($gresult,0,"Name");
677 @mysql_free_result($gresult);
678 $YourTimeZoneMr=mysql_result($resultlogr,$ir,"TimeZone");
679 $YourDSTMr=mysql_result($resultlogr,$ir,"DST"); }
680 @mysql_free_result($resultlogr);
681 @session_regenerate_id(true);
682 $_SESSION['Loggedin']=true;
683 $_SESSION['MemberName']=$YourNameMr;
684 $_SESSION['UserID']=$YourIDMr;
685 $_SESSION['UserTimeZone']=$YourTimeZoneMr;
686 $_SESSION['UserDST']=$YourDSTMr;
687 $_SESSION['UserGroup']=$YourGroupMr;
688 if($_POST['storecookie']==true) {
689 @setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
690 @setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
691 @setcookie("SessPass", $YourPassM, time() + (7 * 86400), $basedir); }
692 //$SendPMtoID=$_SESSION['UserID'];
693 //$YourPMID = 1;
694 //$PMTitle = "Welcome ".$Name.".";
695 //$YourMessage = "Hello ".$Name.". Welcome to ".$Settings['board_name'].". I hope you have fun here. ^_^ ";
696 //$_POST['YourDate'] = $_POST['Joined'];
697 //$query = query("insert into ".$Settings['sqltable']."messenger values (null,%s,%s,'%s','%s','%s',%s,0)", array($YourPMID,$SendPMtoID,'',$PMTitle,$YourMessage,$_POST['YourDate']));
698 //mysql_query($query);
699 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],FALSE),"3");
700 ?>
701 <tr>
702         <td><span class="TableMessage">
703         <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
704         Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />&nbsp;
705         </span></td>
706 </tr>
707 <?php } ?>
708 </table>
709 </td></tr>
710 <tr class="TableRow4">
711 <td class="TableRow4">&nbsp;</td>
712 </tr>
713 </table></div>
714 <?php } } ?>
Internet Discussion Boards is a message board system by Game Maker 2k. Its very easy to set up. Your web host needs PHP and CUBRID / MySQL / MariaDB / PostgreSQL / SQLite. Internet Discussion Boards is Open Source so you can make changes to it.
About OSDN
Find Software
Develop Software
Help