3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the Revised BSD License.
6 This program is distributed in the hope that it will be useful,
7 but WITHOUT ANY WARRANTY; without even the implied warranty of
8 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 Revised BSD License for more details.
11 Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
12 Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
14 $FileInfo: members.php - Last Update: 06/27/2007 SVN 29 - Author: cooldude2k $
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="members.php"||$File3Name=="/members.php") {
20 if($_GET['act']=="list") {
22 $orderlist = "order by `ID` asc";
23 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
24 if(!isset($_GET['sorttype'])) { $_GET['sorttype'] = null; }
25 if(!isset($_GET['ordertype'])) { $_GET['ordertype'] = null; }
26 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
27 if(!isset($_GET['sortby'])) { $_GET['sortby'] = null; }
28 if(!isset($_GET['gid'])) { $_GET['gid'] = null; }
29 if(!isset($_GET['groupid'])) { $_GET['groupid'] = null; }
30 if($_GET['orderby']==null) {
31 if($_GET['sortby']!=null) {
32 $_GET['orderby'] = $_GET['sortby']; } }
33 if($_GET['orderby']==null) { $_GET['orderby'] = "joined"; }
34 if($_GET['orderby']!=null) {
35 if($_GET['orderby']=="id") { $orderlist = "order by `ID`"; }
36 if($_GET['orderby']=="name") { $orderlist = "order by `Name`"; }
37 if($_GET['orderby']=="joined") { $orderlist = "order by `Joined`"; }
38 if($_GET['orderby']=="active") { $orderlist = "order by `LastActive`"; }
39 if($_GET['orderby']=="posts") { $orderlist = "order by `PostCount`"; }
40 if($_GET['orderby']=="offset") { $orderlist = "order by `TimeZone`"; } }
41 if($_GET['ordertype']==null) {
42 if($_GET['sorttype']!=null) {
43 $_GET['ordertype'] = $_GET['sorttype']; } }
44 if($_GET['ordertype']==null) { $_GET['ordertype'] = "asc"; }
45 if($_GET['ordertype']!=null) {
46 if($_GET['ordertype']=="ascending") { $orderlist .= " asc"; }
47 if($_GET['ordertype']=="descending") { $orderlist .= " desc"; }
48 if($_GET['ordertype']=="asc") { $orderlist .= " asc"; }
49 if($_GET['ordertype']=="desc") { $orderlist .= " desc"; } }
50 if(!is_numeric($_GET['gid'])) { $_GET['gid'] = null; }
51 if($_GET['gid']!=null&&$_GET['groupid']==null) { $_GET['groupid'] = $_GET['gid']; }
52 if(!is_numeric($_GET['groupid'])) { $_GET['groupid'] = null; }
53 $ggquery = query("select * from ".$Settings['sqltable']."groups where `Name`='%s'", array($Settings['GuestGroup']));
54 $ggresult=mysql_query($ggquery);
55 $GGroup=mysql_result($ggresult,0,"id");
56 @mysql_free_result($ggresult);
57 if($_GET['groupid']==null) {
58 $query = query("select * from ".$Settings['sqltable']."members where `GroupID`<>%i ".$orderlist, array($GGroup)); }
59 if($_GET['groupid']!=null) {
60 $query = query("select * from ".$Settings['sqltable']."members where `GroupID`=%i and `GroupID`<>%i ".$orderlist, array($_GET['groupid'],$GGroup)); }
61 $result=mysql_query($query);
62 $num=mysql_num_rows($result);
63 //Start MemberList Page Code (Will be used at later time)
64 if($_GET['page']==null) { $_GET['page'] = 1; }
65 if($_GET['page']<=0) { $_GET['page'] = 1; }
66 $nums = $_GET['page'] * $Settings['max_memlist'];
67 if($nums>$num) { $nums = $num; }
68 $numz = $nums - $Settings['max_memlist'];
69 if($numz<=0) { $numz = 0; }
71 if($nums<$num) { $nextpage = $_GET['page'] + 1; }
72 if($nums>=$num) { $nextpage = $_GET['page']; }
73 if($numz>=$Settings['max_memlist']) { $backpage = $_GET['page'] - 1; }
74 if($_GET['page']<=1) { $backpage = 1; }
75 //End MemberList Page Code (Its not used yet but its still good to have :P )
78 <div class="Table1Border">
79 <table class="Table1">
80 <tr class="TableRow1">
81 <td class="TableRow1" colspan="7"><span style="float: left;">
82 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Member List</a>
83 </span><span style="float: right;"> </span></td>
85 <tr id="Member" class="TableRow2">
86 <th class="TableRow2" style="width: 5%;">ID</th>
87 <th class="TableRow2" style="width: 28%;">Name</th>
88 <th class="TableRow2" style="width: 10%;">Group</th>
89 <th class="TableRow2" style="width: 10%;">Posts</th>
90 <th class="TableRow2" style="width: 20%;">Joined</th>
91 <th class="TableRow2" style="width: 20%;">Last Active</th>
92 <th class="TableRow2" style="width: 7%;">Website</th>
96 $MemList['ID']=mysql_result($result,$i,"id");
97 $MemList['Name']=mysql_result($result,$i,"Name");
98 $MemList['Email']=mysql_result($result,$i,"Email");
99 $MemList['GroupID']=mysql_result($result,$i,"GroupID");
100 $MemList['WarnLevel']=mysql_result($result,$i,"WarnLevel");
101 $MemList['Interests']=mysql_result($result,$i,"Interests");
102 $MemList['Title']=mysql_result($result,$i,"Title");
103 $MemList['Joined']=mysql_result($result,$i,"Joined");
104 $MemList['Joined']=GMTimeChange("F j Y, g:i a",$MemList['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
105 $MemList['LastActive']=mysql_result($result,$i,"LastActive");
106 $MemList['LastActive']=GMTimeChange("F j Y, g:i a",$MemList['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
107 $MemList['Website']=mysql_result($result,$i,"Website");
108 $MemList['Gender']=mysql_result($result,$i,"Gender");
109 $MemList['PostCount']=mysql_result($result,$i,"PostCount");
110 $MemList['TimeZone']=mysql_result($result,$i,"TimeZone");
111 $MemList['DST']=mysql_result($result,$i,"DST");
112 $MemList['IP']=mysql_result($result,$i,"IP");
113 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($MemList['GroupID']));
114 $gresult=mysql_query($gquery);
115 $MemList['Group']=mysql_result($gresult,0,"Name");
116 @mysql_free_result($gresult);
117 $membertitle = " ".$ThemeSet['TitleDivider']." Member List";
118 if($MemList['Group']!=$Settings['GuestGroup']) {
120 <tr class="TableRow3" id="Member<?php echo $MemList['ID']; ?>">
121 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['ID']; ?></td>
122 <td class="TableRow3"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$MemList['ID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Name']; ?></a></td>
123 <td class="TableRow3" style="text-align: center;"><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list&gid=".$MemList['GroupID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Group']; ?></a></td>
124 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['PostCount']; ?></td>
125 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['Joined']; ?></td>
126 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['LastActive']; ?></td>
127 <td class="TableRow3" style="text-align: center;"><a href="<?php echo $MemList['Website']; ?>" onclick="window.open(this.href);return false;">Website</a></td>
130 ++$i; } @mysql_free_result($result);
132 <tr id="MemEnd" class="TableRow4">
133 <td class="TableRow4" colspan="7"> </td>
137 if($_GET['act']=="view") {
138 $query = query("select * from ".$Settings['sqltable']."members where `id`=%i", array($_GET['id']));
139 $result=mysql_query($query);
140 $num=mysql_num_rows($result);
142 if($num==0||$_GET['id']=="-1") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); }
143 $ViewMem['ID']=mysql_result($result,$i,"id");
144 $ViewMem['Name']=mysql_result($result,$i,"Name");
145 $ViewMem['Signature']=mysql_result($result,$i,"Signature");
146 $ViewMem['Avatar']=mysql_result($result,$i,"Avatar");
147 $ViewMem['AvatarSize']=mysql_result($result,$i,"AvatarSize");
148 $ViewMem['Email']=mysql_result($result,$i,"Email");
149 $ViewMem['GroupID']=mysql_result($result,$i,"GroupID");
150 $ViewMem['WarnLevel']=mysql_result($result,$i,"WarnLevel");
151 $ViewMem['Interests']=mysql_result($result,$i,"Interests");
152 $ViewMem['Title']=mysql_result($result,$i,"Title");
153 $ViewMem['Joined']=mysql_result($result,$i,"Joined");
154 $ViewMem['Joined']=GMTimeChange("M j Y, g:i a",$ViewMem['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
155 $ViewMem['LastActive']=mysql_result($result,$i,"LastActive");
156 $ViewMem['LastActive']=GMTimeChange("M j Y, g:i a",$ViewMem['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
157 $ViewMem['Website']=mysql_result($result,$i,"Website");
158 $ViewMem['Gender']=mysql_result($result,$i,"Gender");
159 $ViewMem['PostCount']=mysql_result($result,$i,"PostCount");
160 $ViewMem['TimeZone']=mysql_result($result,$i,"TimeZone");
161 $ViewMem['DST']=mysql_result($result,$i,"DST");
162 unset($dstake); $dstake = null;
163 if($ViewMem['DST']=="on") {
164 if($dstake!="done") {
165 if($ViewMem['TimeZone']>=0) { $dstake = "done";
166 $ViewMem['TimeZone'] = $ViewMem['TimeZone']-1; } }
167 if($dstake!="done") {
168 if($ViewMem['TimeZone']<0) { $dstake = "done";
169 $ViewMem['TimeZone'] = $ViewMem['TimeZone']+1; } } }
170 $ViewMem['IP']=mysql_result($result,$i,"IP");
171 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($ViewMem['GroupID']));
172 $gresult=mysql_query($gquery);
173 $ViewMem['Group']=mysql_result($gresult,0,"Name");
174 @mysql_free_result($gresult);
175 $membertitle = " ".$ThemeSet['TitleDivider']." Viewing Profile ".$ViewMem['Name'];
176 if ($ViewMem['Avatar']=="http://"||$ViewMem['Avatar']==null) {
177 $ViewMem['Avatar']=$ThemeSet['NoAvatar'];
178 $ViewMem['AvatarSize']=$ThemeSet['NoAvatarSize']; }
179 $AvatarSize1=explode("x", $ViewMem['AvatarSize']);
180 $AvatarSize1W=$AvatarSize1[0]; $AvatarSize1H=$AvatarSize1[1];
181 $ViewMem['Signature'] = text2icons($ViewMem['Signature'],$Settings['sqltable']);
182 if($_GET['view']==null) { $_GET['view'] = "profile"; }
183 if($_GET['view']!="profile"&&$_GET['view']!="avatar"&&
184 $_GET['view']!="website"&&$_GET['view']!="homepage") { $_GET['view'] = "profile"; }
185 if($_GET['view']=="avatar") {
186 @session_write_close();
187 @header("Location: ".$ViewMem['Avatar']); }
188 if($_GET['view']=="website"||$_GET['view']=="homepage") {
189 if ($ViewMem['Website']!="http://"&&$ViewMem['Website']!=null) {
190 @session_write_close();
191 @header("Location: ".$ViewMem['Website']); }
192 if ($ViewMem['Website']=="http://"||$ViewMem['Website']==null) {
193 @session_write_close();
194 @header("Location: ".$BoardURL."index.php?act=view"); } }
196 <div class="Table1Border">
197 <table class="Table1">
198 <tr class="TableRow1">
199 <td class="TableRow1" colspan="2"><span style="float: left;">
200 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Viewing Profile</a>
201 </span><span style="float: right;"> </span></td>
203 <tr id="Member" class="TableRow2">
204 <th class="TableRow2" style="width: 50%;">Avatar</th>
205 <th class="TableRow2" style="width: 50%;">User Info</th>
207 <tr class="TableRow3" id="MemberProfile">
208 <td class="TableRow3">
209 <?php /* Avatar Table Thanks For SeanJ's Help at http://seanj.jcink.com/ */ ?>
210 <table class="AvatarTable" style="width: 100%; height: 100px; text-align: center;">
211 <tr class="AvatarRow" style="width: 100px; height: 100px;">
212 <td class="AvatarRow" style="width: 100%; height: 100%; text-align: center; vertical-align: middle;">
213 <img src="<?php echo $ViewMem['Avatar']; ?>" alt="<?php echo $ViewMem['Name']; ?>'s Avatar" title="<?php echo $ViewMem['Name']; ?>'s Avatar" style="border: 0px; width: <?php echo $AvatarSize1W; ?>px; height: <?php echo $AvatarSize1H; ?>px;" />
217 <div style="text-align: center;">
218 Name: <?php echo $ViewMem['Name']; ?><br />
219 Title: <?php echo $ViewMem['Title']; ?></div>
221 <td class="TableRow3">
222 User Name: <?php echo $ViewMem['Name']; ?><br />
223 User Title: <?php echo $ViewMem['Title']; ?><br />
224 User Group: <?php echo $ViewMem['Group']; ?><br />
225 User Joined: <?php echo $ViewMem['Joined']; ?><br />
226 Last Active: <?php echo $ViewMem['LastActive']; ?><br />
227 User Time: <?php echo GMTimeGet("M j Y, g:i a",$ViewMem['TimeZone']); ?><br />
228 User Website: <a href="<?php echo $ViewMem['Website']; ?>" onclick="window.open(this.href);return false;">Website</a><br />
229 Post Count: <?php echo $ViewMem['PostCount']; ?><br />
230 Interests: <?php echo $ViewMem['Interests']; ?><br />
233 <tr class="TableRow4">
234 <td class="TableRow4" colspan="2"> </td>
237 <?php } @mysql_free_result($result);
238 if($_GET['act']=="logout") {
240 @setcookie("MemberName", null, GMTimeStamp() - 3600, $basedir);
241 @setcookie("UserID", null, GMTimeStamp() - 3600, $basedir);
242 @setcookie("SessPass", null, GMTimeStamp() - 3600, $basedir);
243 @setcookie(session_name(), "", GMTimeStamp() - 3600, $basedir);
244 unset($_COOKIE[session_name()]);
248 @redirect("location",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false));
251 if($_GET['act']=="login")
253 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
255 <div class="Table1Border">
256 <table class="Table1">
257 <tr class="TableRow1">
258 <td class="TableRow1"><span style="float: left;">
259 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a>
260 </span><span style="float: right;"> </span></td>
262 <tr class="TableRow2">
263 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your login info: </th>
265 <tr class="TableRow3">
266 <td class="TableRow3">
267 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login_now",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
268 <table style="text-align: left;">
269 <tr style="text-align: left;">
270 <td style="width: 30%;"><label class="TextBoxLabel" for="username">Enter UserName: </label></td>
271 <td style="width: 70%;"><input class="TextBox" id="username" type="text" name="username" /></td>
273 <td style="width: 30%;"><label class="TextBoxLabel" for="userpass">Enter Password: </label></td>
274 <td style="width: 70%;"><input class="TextBox" id="userpass" type="password" name="userpass" maxlength="30" /></td>
276 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
277 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
278 <option value="true">Yes</option>
279 <option value="false">No</option>
282 <table style="text-align: left;">
283 <tr style="text-align: left;">
284 <td style="width: 100%;">
285 <input type="hidden" name="act" value="loginmember" style="display: none;" />
286 <input class="Button" type="submit" value="Log in" />
291 <tr class="TableRow4">
292 <td class="TableRow4"> </td>
295 <?php } if($_POST['act']=="loginmember"&&$_GET['act']=="login_now") {
296 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
297 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
298 $URL['REFERER'] = $REFERERurl['host'];
299 $URL['HOST'] = $_SERVER["SERVER_NAME"];
300 $REFERERurl = null; unset($REFERERurl);
302 <div class="Table1Border">
303 <table class="Table1">
304 <tr class="TableRow1">
305 <td class="TableRow1">
306 <span style="float: left;"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a></span>
307 <span style="float: right;"> </span></td>
309 <tr class="TableRow2">
310 <th class="TableRow2" style="width: 100%; text-align: left;"> Login Message: </th>
312 <tr class="TableRow3">
313 <td class="TableRow3">
314 <table style="width: 100%; height: 25%; text-align: center;">
316 if (strlen($_POST['userpass'])=="30") { $Error="Yes"; ?>
318 <td><span class="TableMessage">
319 <br />Your password is too big.<br />
322 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
324 <td><span class="TableMessage">
325 <br />Your user name is too big.<br />
328 <?php } if ($Settings['TestReferer']==true) {
329 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
331 <td><span class="TableMessage">
332 <br />Sorry the referering url dose not match our host name.<br />
337 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false),"4"); }
339 $YourName = stripcslashes(htmlspecialchars($_POST['username'], ENT_QUOTES));
340 $YourName = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $YourName);
341 $YourName = @remove_spaces($YourName);
343 $querylog = query("select * from ".$Settings['sqltable']."members where `Name` = '%s'", array($YourName));
344 $resultlog=mysql_query($querylog);
345 $numlog=mysql_num_rows($resultlog);
348 $YourPassTry=mysql_result($resultlog,$i,"Password");
349 $HashType=mysql_result($resultlog,$i,"HashType");
350 $JoinedPass=mysql_result($resultlog,$i,"Joined");
351 $HashSalt=mysql_result($resultlog,$i,"Salt");
353 if($HashType=="ODFH") {
354 $YourPassword = sha1(md5($_POST['userpass'])); }
355 if($HashType=="DF4H") {
356 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
357 if($HashType=="iDBH"||$UpdateHash!=true) {
358 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
359 if($YourPassword==$YourPassTry) {
361 } if($YourPassword==$YourPassTry) {
363 $YourIDM=mysql_result($resultlog,$i,"id");
364 $YourNameM=mysql_result($resultlog,$i,"Name");
365 $YourPassM=mysql_result($resultlog,$i,"Password");
366 $YourGroupM=mysql_result($resultlog,$i,"GroupID");
367 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($YourGroupM));
368 $gresult=mysql_query($gquery);
369 $YourGroupM=mysql_result($gresult,0,"Name");
370 @mysql_free_result($gresult);
371 $YourTimeZoneM=mysql_result($resultlog,$i,"TimeZone");
372 $YourDSTM=mysql_result($resultlog,$i,"DST");
373 $JoinedDate=mysql_result($resultlog,$i,"Joined");
374 $UseTheme=mysql_result($resultlog,$i,"UseTheme");
375 $NewHashSalt = salt_hmac();
376 $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"sha1");
377 $NewDay=GMTimeStamp();
378 $NewIP=$_SERVER['REMOTE_ADDR'];
379 $queryup = query("update ".$Settings['sqltable']."members set `Password`='%s',`HashType`='iDBH',`LastActive`='%s',`IP`='%s',`Salt`='%s' WHERE `id`=%i", array($NewPassword,$NewDay,$NewIP,$NewHashSalt,$YourIDM));
380 mysql_query($queryup);
381 @mysql_free_result($resultlog); @mysql_free_result($queryup);
382 //session_regenerate_id();
383 $_SESSION['Theme']=$UseTheme;
384 $_SESSION['MemberName']=$YourNameM;
385 $_SESSION['UserID']=$YourIDM;
386 $_SESSION['UserTimeZone']=$YourTimeZoneM;
387 $_SESSION['UserGroup']=$YourGroupM;
388 $_SESSION['UserDST']=$YourDSTM;
389 if($_POST['storecookie']==true) {
390 setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
391 setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
392 setcookie("SessPass", $NewPassword, time() + (7 * 86400), $basedir); }
394 //echo "Password was not right or user not found!! <_< ";
396 <?php if($passright==true) {
397 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false),"3"); ?>
399 <td><span class="TableMessage">
400 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
401 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
404 <?php } if($passright==false) { ?>
406 <td><span class="TableMessage">
407 <br />Password was not right or user not found!! <_<<br />
408 Click <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$exqstr['member'],$prexqstr['member']); ?>">here</a> to try again.<br />
414 <tr class="TableRow4">
415 <td class="TableRow4"> </td>
419 if($_GET['act']=="signup")
421 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up"; ?>
422 <div class="Table1Border">
423 <table class="Table1">
424 <tr class="TableRow1">
425 <td class="TableRow1"><span style="float: left;">
426 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Register</a>
427 </span><span style="float: right;"> </span></td>
429 <tr class="TableRow2">
430 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your user info: </th>
432 <tr class="TableRow3">
433 <td class="TableRow3">
434 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=makemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
435 <table style="text-align: left;">
436 <tr style="text-align: left;">
437 <td style="width: 30%;"><label class="TextBoxLabel" for="Name">Insert a UserName:</label></td>
438 <td style="width: 70%;"><input type="text" class="TextBox" name="Name" size="20" id="Name" /></td>
440 <td><label class="TextBoxLabel" for="Password">Insert a Password:</label></td>
441 <td><input type="password" class="TextBox" name="Password" size="20" id="Password" maxlength="30" /></td>
443 <td><label class="TextBoxLabel" for="RePassword">ReInsert a Password:</label></td>
444 <td><input type="password" class="TextBox" name="RePassword" size="20" id="RePassword" maxlength="30" /></td>
446 <td><label class="TextBoxLabel" for="Email">Insert Your Email:</label></td>
447 <td><input type="text" class="TextBox" name="Email" size="20" id="Email" /></td>
449 <td><label class="TextBoxLabel" for="YourOffSet">Your TimeZone:</label></td>
450 <td><select id="YourOffSet" name="YourOffSet" class="TextBox"><?php
451 $tsa_mem = explode(":",$Settings['DefaultTimeZone']);
452 $TimeZoneArray = array("offset" => $Settings['DefaultTimeZone'], "hour" => $tsa_mem[0], "minute" => $tsa_mem[1]);
453 $plusi = 1; $minusi = 12;
454 $plusnum = 13; $minusnum = 0;
455 while ($minusi > $minusnum) {
456 if($TimeZoneArray['hour']==-$minusi) {
457 echo "<option selected=\"selected\" value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
458 if($TimeZoneArray['hour']!=-$minusi) {
459 echo "<option value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
461 if($TimeZoneArray['hour']==0) { ?>
462 <option selected="selected" value="0">GMT +/- 0:00 hours</option>
463 <?php } if($TimeZoneArray['hour']!=0) { ?>
464 <option value="0">GMT +/- 0:00 hours</option>
466 while ($plusi < $plusnum) {
467 if($TimeZoneArray['hour']==$plusi) {
468 echo "<option selected=\"selected\" value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
469 if($TimeZoneArray['hour']!=$plusi) {
470 echo "<option value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
474 <td style="width: 50%;"><label class="TextBoxLabel" for="MinOffSet">Minute OffSet:</label></td>
475 <td style="width: 50%;"><select id="MinOffSet" name="MinOffSet" class="TextBox"><?php
476 $mini = 0; $minnum = 60;
477 while ($mini < $minnum) {
478 if(strlen($mini)==2) { $showmin = $mini; }
479 if(strlen($mini)==1) { $showmin = "0".$mini; }
480 if($mini==$TimeZoneArray['minute']) {
481 echo "\n<option selected=\"selected\" value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
482 if($mini!=$TimeZoneArray['minute']) {
483 echo "<option value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
487 <td style="width: 40%;"><label class="TextBoxLabel" for="DST">Is <span title="Daylight Savings Time">DST</span> / <span title="Summer Time">ST</span> on or off:</label></td>
488 <td style="width: 60%;"><select id="DST" name="DST" class="TextBox"><?php echo "\n" ?>
489 <?php if($Settings['DefaultDST']=="off"||$Settings['DefaultDST']!="on") { ?>
490 <option selected="selected" value="off">off</option><?php echo "\n" ?><option value="on">on</option>
491 <?php } if($Settings['DefaultDST']=="on") { ?>
492 <option selected="selected" value="on">on</option><?php echo "\n" ?><option value="off">off</option>
493 <?php } echo "\n" ?></select></td>
495 <td><label class="TextBoxLabel" for="YourGender">Your Gender:</label></td>
496 <td><select id="YourGender" name="YourGender" class="TextBox">
497 <option value="Male">Male</option>
498 <option value="Female">Female</option>
499 <option value="Unknow">Unknow</option>
502 <td><label class="TextBoxLabel" for="Website">Insert your Website:</label></td>
503 <td><input type="text" class="TextBox" name="Website" size="20" value="http://" id="Website" /></td>
505 <td><label class="TextBoxLabel" for="Avatar">Insert a URL for Avatar:</label></td>
506 <td><input type="text" class="TextBox" name="Avatar" size="20" value="http://" id="Avatar" /></td>
508 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
509 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
510 <option value="true">Yes</option>
511 <option value="false">No</option>
515 <table style="text-align: left;">
516 <tr style="text-align: left;">
517 <td style="width: 100%;">
518 <label class="TextBoxLabel" for="TOSBox">TOS - Please read fully and check 'I agree' box ONLY if you agree to terms</label><br />
519 <textarea rows="10" cols="58" id="TOSBox" name="TOSBox" class="TextBox" readonly="readonly" accesskey="T"><?php
520 echo file_get_contents("TOS"); ?></textarea><br />
521 <input type="checkbox" class="TextBox" name="TOS" value="Agree" id="TOS" /><label class="TextBoxLabel" for="TOS">I Agree</label><br/>
522 <input type="hidden" style="display: none;" name="act" value="makemembers" />
523 <input type="submit" class="Button" value="Sign UP" />
528 <tr class="TableRow4">
529 <td class="TableRow4"> </td>
532 <?php } if($_GET['act']=="makemember") {
533 if($_POST['act']=="makemembers") {
534 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up";
535 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
536 $URL['REFERER'] = $REFERERurl['host'];
537 $URL['HOST'] = $_SERVER["SERVER_NAME"];
538 $REFERERurl = null; unset($REFERERurl);
539 if(!isset($_POST['username'])) { $_POST['username'] = null; }
540 if(!isset($_POST['TOS'])) { $_POST['TOS'] = null; }
542 <div class="Table1Border">
543 <table class="Table1">
544 <tr class="TableRow1">
545 <td class="TableRow1"><span style="float: right;"> </span>
546 <a href="<?php echo url_maker($exfile['messenger'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['messenger'],$exqstr['messenger']); ?>">Register</a></td>
548 <tr class="TableRow2">
549 <th class="TableRow2" style="width: 100%; text-align: left;"> Signup Message: </th>
551 <tr class="TableRow3">
552 <td class="TableRow3">
553 <table style="width: 100%; height: 25%; text-align: center;">
554 <?php if (strlen($_POST['Password'])=="30") { $Error="Yes"; ?>
556 <td><span class="TableMessage">
557 <br />Your password is too big.<br />
560 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
562 <td><span class="TableMessage">
563 <br />Your user name is too big.<br />
566 <?php } if ($_POST['Password']!=$_POST['RePassword']) { $Error="Yes"; ?>
568 <td><span class="TableMessage">
569 <br />Your passwords did not match.<br />
572 <?php } if ($Settings['TestReferer']==true) {
573 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
575 <td><span class="TableMessage">
576 <br />Sorry the referering url dose not match our host name.<br />
580 $Name = stripcslashes(htmlspecialchars($_POST['Name'], ENT_QUOTES));
581 $Name = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Name);
582 $Name = @remove_spaces($Name);
583 $sql_email_check = mysql_query(query("select `Email` from ".$Settings['sqltable']."members where `Email` = '%s'", array($_POST['Email'])));
584 $sql_username_check = mysql_query(query("select `Name` from ".$Settings['sqltable']."members where `Name` = '%s'", array($Name)));
585 $email_check = mysql_num_rows($sql_email_check);
586 $username_check = mysql_num_rows($sql_username_check);
587 @mysql_free_result($sql_email_check); @mysql_free_result($sql_username_check);
588 if ($_POST['TOS']!="Agree") { $Error="Yes"; ?>
590 <td><span class="TableMessage">
591 <br />You need to agree to the tos.<br />
594 <?php } if ($_POST['Name']==null) { $Error="Yes"; ?>
596 <td><span class="TableMessage">
597 <br />You need to enter a name.<br />
600 <?php } if ($_POST['Name']=="ShowMe") { $Error="Yes"; ?>
602 <td><span class="TableMessage">
603 <br />You need to enter a name.<br />
606 <?php } if ($_POST['Password']==null) { $Error="Yes"; ?>
608 <td><span class="TableMessage">
609 <br />You need to enter a password.<br />
612 <?php } if ($_POST['Email']==null) { $Error="Yes"; ?>
614 <td><span class="TableMessage">
615 <br />You need to enter a email.<br />
618 <?php } if($email_check > 0) { $Error="Yes"; ?>
620 <td><span class="TableMessage">
621 <br />Email address is already used.<br />
624 <?php } if($username_check > 0) { $Error="Yes"; ?>
626 <td><span class="TableMessage">
627 <br />UserName is already used.<br />
630 <?php } if ($Error=="Yes") {
631 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],FALSE),"4"); }
633 $_POST['UserIP'] = $_SERVER['REMOTE_ADDR'];
634 $_POST['Group'] = $Settings['MemberGroup'];
635 $_POST['Joined'] = GMTimeStamp(); $_POST['LastActive'] = GMTimeStamp();
636 $_POST['Signature'] = ""; $_POST['Interests'] = "";
637 $_POST['Title'] = ""; $_POST['PostCount'] = "0";
638 if($Settings['AdminValidate']==true||$Settings['AdminValidate']!=false)
639 { $ValidateStats="no"; $yourgroup=$Settings['ValidateGroup']; }
640 if($Settings['AdminValidate']==false)
641 { $ValidateStats="yes"; $yourgroup=$Settings['MemberGroup']; }
642 $HashSalt = salt_hmac();
643 $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"sha1");
644 $_GET['YourPost'] = $_POST['Signature'];
645 //require( './'.$SettDir['misc'].'HTMLTags.php');
646 $_GET['YourPost'] = htmlspecialchars($_GET['YourPost'], ENT_QUOTES);
647 $_GET['YourPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_GET['YourPost']);
648 $NewSignature = $_GET['YourPost'];
649 $_GET['YourPost'] = preg_replace("/\t+/"," ",$_GET['YourPost']);
650 $_GET['YourPost'] = preg_replace("/\s\s+/"," ",$_GET['YourPost']);
651 $Avatar = stripcslashes(htmlspecialchars($_POST['Avatar'], ENT_QUOTES));
652 $Avatar = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Avatar);
653 $Avatar = @remove_spaces($Avatar);
654 $Website = stripcslashes(htmlspecialchars($_POST['Website'], ENT_QUOTES));
655 $Website = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Website);
656 $Website = @remove_spaces($Website);
657 $gquerys = query("select * from ".$Settings['sqltable']."groups where `Name`='%s'", array($Settings['MemberGroup']));
658 $gresults=mysql_query($gquerys);
659 $yourgroup=mysql_result($gresults,0,"id");
660 @mysql_free_result($gresults);
661 $yourid = getnextid($Settings['sqltable'],"members");
662 $_POST['Interests'] = @remove_spaces($_POST['Interests']);
663 $_POST['Title'] = @remove_spaces($_POST['Title']);
664 $_POST['Email'] = @remove_spaces($_POST['Email']);
665 if(!is_numeric($_POST['YourOffSet'])) { $_POST['YourOffSet'] = "0"; }
666 if($_POST['YourOffSet']>12) { $_POST['YourOffSet'] = "12"; }
667 if($_POST['YourOffSet']<-12) { $_POST['YourOffSet'] = "-12"; }
668 if(!is_numeric($_POST['MinOffSet'])) { $_POST['MinOffSet'] = "00"; }
669 if($_POST['MinOffSet']>59) { $_POST['MinOffSet'] = "59"; }
670 if($_POST['MinOffSet']<0) { $_POST['MinOffSet'] = "00"; }
671 $_POST['YourOffSet'] = $_POST['YourOffSet'].":".$_POST['MinOffSet'];
672 $query = query("insert into ".$Settings['sqltable']."members values (".$yourid.",'%s','%s','%s','%s','%s','%s','%i','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", array($Name,$NewPassword,"iDBH",$_POST['Email'],$yourgroup,$ValidateStats,"0",$_POST['Interests'],$_POST['Title'],$_POST['Joined'],$_POST['LastActive'],"0",$NewSignature,'Your Notes',$Avatar,"100x100",$Website,$_POST['YourGender'],$_POST['PostCount'],$_POST['YourOffSet'],$_POST['DST'],$Settings['DefaultTheme'],$_POST['UserIP'],$HashSalt));
674 $querylogr = query("select * from ".$Settings['sqltable']."members where `Name`='%s' AND `Password`='%s'", array($Name,$NewPassword));
675 $resultlogr=mysql_query($querylogr);
676 $numlogr=mysql_num_rows($resultlogr);
679 $YourIDMr=mysql_result($resultlogr,$ir,"id");
680 $YourNameMr=mysql_result($resultlogr,$ir,"Name");
681 $YourGroupMr=mysql_result($resultlogr,$ir,"GroupID");
682 $gquery = query("select * from ".$Settings['sqltable']."groups where `id`=%i", array($YourGroupMr));
683 $gresult=mysql_query($gquery);
684 $YourGroupMr=mysql_result($gresult,0,"Name");
685 @mysql_free_result($gresult);
686 $YourTimeZoneMr=mysql_result($resultlogr,$ir,"TimeZone");
687 $YourDSTMr=mysql_result($resultlogr,$ir,"DST"); }
688 @mysql_free_result($resultlogr);
689 @session_regenerate_id(true);
690 $_SESSION['Loggedin']=true;
691 $_SESSION['MemberName']=$YourNameMr;
692 $_SESSION['UserID']=$YourIDMr;
693 $_SESSION['UserTimeZone']=$YourTimeZoneMr;
694 $_SESSION['UserDST']=$YourDSTMr;
695 $_SESSION['UserGroup']=$YourGroupMr;
696 if($_POST['storecookie']==true) {
697 @setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
698 @setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
699 @setcookie("SessPass", $YourPassM, time() + (7 * 86400), $basedir); }
700 //$SendPMtoID=$_SESSION['UserID'];
702 //$PMTitle = "Welcome ".$Name.".";
703 //$YourMessage = "Hello ".$Name.". Welcome to ".$Settings['board_name'].". I hope you have fun here. ^_^ ";
704 //$_POST['YourDate'] = $_POST['Joined'];
705 //$query = query("insert into ".$Settings['sqltable']."messenger values (null,%s,%s,'%s','%s','%s',%s,0)", array($YourPMID,$SendPMtoID,'',$PMTitle,$YourMessage,$_POST['YourDate']));
706 //mysql_query($query);
707 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],FALSE),"3");
710 <td><span class="TableMessage">
711 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
712 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
718 <tr class="TableRow4">
719 <td class="TableRow4"> </td>
OSDN Git Service
