3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the Revised BSD License.
6 This program is distributed in the hope that it will be useful,
7 but WITHOUT ANY WARRANTY; without even the implied warranty of
8 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 Revised BSD License for more details.
11 Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
12 Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
14 $FileInfo: members.php - Last Update: 07/14/2007 SVN 43 - Author: cooldude2k $
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="members.php"||$File3Name=="/members.php") {
20 if($_GET['act']=="list") {
22 $orderlist = "order by `ID` asc";
23 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
24 if(!isset($_GET['sorttype'])) { $_GET['sorttype'] = null; }
25 if(!isset($_GET['ordertype'])) { $_GET['ordertype'] = null; }
26 if(!isset($_GET['orderby'])) { $_GET['orderby'] = null; }
27 if(!isset($_GET['sortby'])) { $_GET['sortby'] = null; }
28 if(!isset($_GET['gid'])) { $_GET['gid'] = null; }
29 if(!isset($_GET['groupid'])) { $_GET['groupid'] = null; }
30 if($_GET['orderby']==null) {
31 if($_GET['sortby']!=null) {
32 $_GET['orderby'] = $_GET['sortby']; } }
33 if($_GET['orderby']==null) { $_GET['orderby'] = "joined"; }
34 if($_GET['orderby']!=null) {
35 if($_GET['orderby']=="id") { $orderlist = "order by `ID`"; }
36 if($_GET['orderby']=="name") { $orderlist = "order by `Name`"; }
37 if($_GET['orderby']=="joined") { $orderlist = "order by `Joined`"; }
38 if($_GET['orderby']=="active") { $orderlist = "order by `LastActive`"; }
39 if($_GET['orderby']=="posts") { $orderlist = "order by `PostCount`"; }
40 if($_GET['orderby']=="offset") { $orderlist = "order by `TimeZone`"; } }
41 if($_GET['ordertype']==null) {
42 if($_GET['sorttype']!=null) {
43 $_GET['ordertype'] = $_GET['sorttype']; } }
44 if($_GET['ordertype']==null) { $_GET['ordertype'] = "asc"; }
45 if($_GET['ordertype']!=null) {
46 if($_GET['ordertype']=="ascending") { $orderlist .= " asc"; }
47 if($_GET['ordertype']=="descending") { $orderlist .= " desc"; }
48 if($_GET['ordertype']=="asc") { $orderlist .= " asc"; }
49 if($_GET['ordertype']=="desc") { $orderlist .= " desc"; } }
50 if(!is_numeric($_GET['gid'])) { $_GET['gid'] = null; }
51 if($_GET['gid']!=null&&$_GET['groupid']==null) { $_GET['groupid'] = $_GET['gid']; }
52 if(!is_numeric($_GET['groupid'])) { $_GET['groupid'] = null; }
53 $ggquery = query("select * from `".$Settings['sqltable']."groups` where `Name`='%s'", array($Settings['GuestGroup']));
54 $ggresult=mysql_query($ggquery);
55 $GGroup=mysql_result($ggresult,0,"id");
56 @mysql_free_result($ggresult);
57 if($_GET['groupid']==null) {
58 $query = query("select * from `".$Settings['sqltable']."members` where `GroupID`<>%i ".$orderlist, array($GGroup)); }
59 if($_GET['groupid']!=null) {
60 $query = query("select * from `".$Settings['sqltable']."members` where `GroupID`=%i and `GroupID`<>%i ".$orderlist, array($_GET['groupid'],$GGroup)); }
61 $result=mysql_query($query);
62 $num=mysql_num_rows($result);
63 //Start MemberList Page Code (Will be used at later time)
64 if($_GET['page']==null) { $_GET['page'] = 1; }
65 if($_GET['page']<=0) { $_GET['page'] = 1; }
66 $nums = $_GET['page'] * $Settings['max_memlist'];
67 if($nums>$num) { $nums = $num; }
68 $numz = $nums - $Settings['max_memlist'];
69 if($numz<=0) { $numz = 0; }
71 if($nums<$num) { $nextpage = $_GET['page'] + 1; }
72 if($nums>=$num) { $nextpage = $_GET['page']; }
73 if($numz>=$Settings['max_memlist']) { $backpage = $_GET['page'] - 1; }
74 if($_GET['page']<=1) { $backpage = 1; }
75 //End MemberList Page Code (Its not used yet but its still good to have :P )
78 <div class="Table1Border">
79 <table class="Table1">
80 <tr class="TableRow1">
81 <td class="TableRow1" colspan="7"><span style="float: left;">
82 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Member List</a>
83 </span><span style="float: right;"> </span></td>
85 <tr id="Member" class="TableRow2">
86 <th class="TableRow2" style="width: 5%;">ID</th>
87 <th class="TableRow2" style="width: 28%;">Name</th>
88 <th class="TableRow2" style="width: 10%;">Group</th>
89 <th class="TableRow2" style="width: 10%;">Posts</th>
90 <th class="TableRow2" style="width: 20%;">Joined</th>
91 <th class="TableRow2" style="width: 20%;">Last Active</th>
92 <th class="TableRow2" style="width: 7%;">Website</th>
96 $MemList['ID']=mysql_result($result,$i,"id");
97 $MemList['Name']=mysql_result($result,$i,"Name");
98 $MemList['Email']=mysql_result($result,$i,"Email");
99 $MemList['GroupID']=mysql_result($result,$i,"GroupID");
100 $MemList['WarnLevel']=mysql_result($result,$i,"WarnLevel");
101 $MemList['Interests']=mysql_result($result,$i,"Interests");
102 $MemList['Title']=mysql_result($result,$i,"Title");
103 $MemList['Joined']=mysql_result($result,$i,"Joined");
104 $MemList['Joined']=GMTimeChange("F j Y, g:i a",$MemList['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
105 $MemList['LastActive']=mysql_result($result,$i,"LastActive");
106 $MemList['LastActive']=GMTimeChange("F j Y, g:i a",$MemList['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
107 $MemList['Website']=mysql_result($result,$i,"Website");
108 $MemList['Gender']=mysql_result($result,$i,"Gender");
109 $MemList['PostCount']=mysql_result($result,$i,"PostCount");
110 $MemList['TimeZone']=mysql_result($result,$i,"TimeZone");
111 $MemList['DST']=mysql_result($result,$i,"DST");
112 $MemList['IP']=mysql_result($result,$i,"IP");
113 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($MemList['GroupID']));
114 $gresult=mysql_query($gquery);
115 $MemList['Group']=mysql_result($gresult,0,"Name");
116 @mysql_free_result($gresult);
117 $membertitle = " ".$ThemeSet['TitleDivider']." Member List";
118 if($MemList['Group']!=$Settings['GuestGroup']) {
120 <tr class="TableRow3" id="Member<?php echo $MemList['ID']; ?>">
121 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['ID']; ?></td>
122 <td class="TableRow3"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$MemList['ID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Name']; ?></a></td>
123 <td class="TableRow3" style="text-align: center;"><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=list&gid=".$MemList['GroupID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $MemList['Group']; ?></a></td>
124 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['PostCount']; ?></td>
125 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['Joined']; ?></td>
126 <td class="TableRow3" style="text-align: center;"><?php echo $MemList['LastActive']; ?></td>
127 <td class="TableRow3" style="text-align: center;"><a href="<?php echo $MemList['Website']; ?>" onclick="window.open(this.href);return false;">Website</a></td>
130 ++$i; } @mysql_free_result($result);
132 <tr id="MemEnd" class="TableRow4">
133 <td class="TableRow4" colspan="7"> </td>
137 if($_GET['act']=="view") {
138 $query = query("select * from `".$Settings['sqltable']."members` where `id`=%i", array($_GET['id']));
139 $result=mysql_query($query);
140 $num=mysql_num_rows($result);
142 if($num==0||$_GET['id']=="-1") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false));
143 ob_clean(); @header("Content-Type: text/plain; charset=".$Settings['charset']);
144 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); die(); }
145 $ViewMem['ID']=mysql_result($result,$i,"id");
146 $ViewMem['Name']=mysql_result($result,$i,"Name");
147 $ViewMem['Signature']=mysql_result($result,$i,"Signature");
148 $ViewMem['Avatar']=mysql_result($result,$i,"Avatar");
149 $ViewMem['AvatarSize']=mysql_result($result,$i,"AvatarSize");
150 $ViewMem['Email']=mysql_result($result,$i,"Email");
151 $ViewMem['GroupID']=mysql_result($result,$i,"GroupID");
152 $ViewMem['WarnLevel']=mysql_result($result,$i,"WarnLevel");
153 $ViewMem['Interests']=mysql_result($result,$i,"Interests");
154 $ViewMem['Title']=mysql_result($result,$i,"Title");
155 $ViewMem['Joined']=mysql_result($result,$i,"Joined");
156 $ViewMem['Joined']=GMTimeChange("M j Y, g:i a",$ViewMem['Joined'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
157 $ViewMem['LastActive']=mysql_result($result,$i,"LastActive");
158 $ViewMem['LastActive']=GMTimeChange("M j Y, g:i a",$ViewMem['LastActive'],$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
159 $ViewMem['Website']=mysql_result($result,$i,"Website");
160 $ViewMem['Gender']=mysql_result($result,$i,"Gender");
161 $ViewMem['PostCount']=mysql_result($result,$i,"PostCount");
162 $ViewMem['TimeZone']=mysql_result($result,$i,"TimeZone");
163 $ViewMem['DST']=mysql_result($result,$i,"DST");
164 $ViewMem['IP']=mysql_result($result,$i,"IP");
165 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($ViewMem['GroupID']));
166 $gresult=mysql_query($gquery);
167 $ViewMem['Group']=mysql_result($gresult,0,"Name");
168 @mysql_free_result($gresult);
169 $membertitle = " ".$ThemeSet['TitleDivider']." Viewing Profile ".$ViewMem['Name'];
170 if ($ViewMem['Avatar']=="http://"||$ViewMem['Avatar']==null) {
171 $ViewMem['Avatar']=$ThemeSet['NoAvatar'];
172 $ViewMem['AvatarSize']=$ThemeSet['NoAvatarSize']; }
173 $AvatarSize1=explode("x", $ViewMem['AvatarSize']);
174 $AvatarSize1W=$AvatarSize1[0]; $AvatarSize1H=$AvatarSize1[1];
175 $ViewMem['Signature'] = text2icons($ViewMem['Signature'],$Settings['sqltable']);
176 if($_GET['view']==null) { $_GET['view'] = "profile"; }
177 if($_GET['view']!="profile"&&$_GET['view']!="avatar"&&
178 $_GET['view']!="website"&&$_GET['view']!="homepage") { $_GET['view'] = "profile"; }
179 if($_GET['view']=="avatar") {
180 @session_write_close();
181 @header("Location: ".$ViewMem['Avatar']); }
182 if($_GET['view']=="website"||$_GET['view']=="homepage") {
183 if ($ViewMem['Website']!="http://"&&$ViewMem['Website']!=null) {
184 @session_write_close();
185 @header("Location: ".$ViewMem['Website']); }
186 if ($ViewMem['Website']=="http://"||$ViewMem['Website']==null) {
187 @session_write_close();
188 @header("Location: ".$BoardURL."index.php?act=view"); } }
190 <div class="Table1Border">
191 <table class="Table1">
192 <tr class="TableRow1">
193 <td class="TableRow1" colspan="2"><span style="float: left;">
194 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Viewing Profile</a>
195 </span><span style="float: right;"> </span></td>
197 <tr id="Member" class="TableRow2">
198 <th class="TableRow2" style="width: 50%;">Avatar</th>
199 <th class="TableRow2" style="width: 50%;">User Info</th>
201 <tr class="TableRow3" id="MemberProfile">
202 <td class="TableRow3">
203 <?php /* Avatar Table Thanks For SeanJ's Help at http://seanj.jcink.com/ */ ?>
204 <table class="AvatarTable" style="width: 100%; height: 100px; text-align: center;">
205 <tr class="AvatarRow" style="width: 100px; height: 100px;">
206 <td class="AvatarRow" style="width: 100%; height: 100%; text-align: center; vertical-align: middle;">
207 <img src="<?php echo $ViewMem['Avatar']; ?>" alt="<?php echo $ViewMem['Name']; ?>'s Avatar" title="<?php echo $ViewMem['Name']; ?>'s Avatar" style="border: 0px; width: <?php echo $AvatarSize1W; ?>px; height: <?php echo $AvatarSize1H; ?>px;" />
211 <div style="text-align: center;">
212 Name: <?php echo $ViewMem['Name']; ?><br />
213 Title: <?php echo $ViewMem['Title']; ?></div>
215 <td class="TableRow3">
216 User Name: <?php echo $ViewMem['Name']; ?><br />
217 User Title: <?php echo $ViewMem['Title']; ?><br />
218 User Group: <?php echo $ViewMem['Group']; ?><br />
219 User Joined: <?php echo $ViewMem['Joined']; ?><br />
220 Last Active: <?php echo $ViewMem['LastActive']; ?><br />
221 User Time: <?php echo GMTimeGet("M j Y, g:i a",$ViewMem['TimeZone'],0,$ViewMem['DST']); ?><br />
222 User Website: <a href="<?php echo $ViewMem['Website']; ?>" onclick="window.open(this.href);return false;">Website</a><br />
223 Post Count: <?php echo $ViewMem['PostCount']; ?><br />
224 Interests: <?php echo $ViewMem['Interests']; ?><br />
227 <tr class="TableRow4">
228 <td class="TableRow4" colspan="2"> </td>
231 <?php } @mysql_free_result($result);
232 if($_GET['act']=="logout") {
234 @setcookie("MemberName", null, GMTimeStamp() - 3600, $basedir);
235 @setcookie("UserID", null, GMTimeStamp() - 3600, $basedir);
236 @setcookie("SessPass", null, GMTimeStamp() - 3600, $basedir);
237 @setcookie(session_name(), "", GMTimeStamp() - 3600, $basedir);
238 unset($_COOKIE[session_name()]);
242 @redirect("location",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false));
243 ob_clean(); @header("Content-Type: text/plain; charset=".$Settings['charset']);
244 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); die(); }
246 if($_GET['act']=="login")
248 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
250 <div class="Table1Border">
251 <table class="Table1">
252 <tr class="TableRow1">
253 <td class="TableRow1"><span style="float: left;">
254 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a>
255 </span><span style="float: right;"> </span></td>
257 <tr class="TableRow2">
258 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your login info: </th>
260 <tr class="TableRow3">
261 <td class="TableRow3">
262 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login_now",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
263 <table style="text-align: left;">
264 <tr style="text-align: left;">
265 <td style="width: 30%;"><label class="TextBoxLabel" for="username">Enter UserName: </label></td>
266 <td style="width: 70%;"><input class="TextBox" id="username" type="text" name="username" /></td>
268 <td style="width: 30%;"><label class="TextBoxLabel" for="userpass">Enter Password: </label></td>
269 <td style="width: 70%;"><input class="TextBox" id="userpass" type="password" name="userpass" maxlength="30" /></td>
271 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
272 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
273 <option value="true">Yes</option>
274 <option value="false">No</option>
277 <table style="text-align: left;">
278 <tr style="text-align: left;">
279 <td style="width: 100%;">
280 <input type="hidden" name="act" value="loginmember" style="display: none;" />
281 <input class="Button" type="submit" value="Log in" />
286 <tr class="TableRow4">
287 <td class="TableRow4"> </td>
290 <?php } if($_POST['act']=="loginmember"&&$_GET['act']=="login_now") {
291 $membertitle = " ".$ThemeSet['TitleDivider']." Login";
292 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
293 $URL['REFERER'] = $REFERERurl['host'];
294 $URL['HOST'] = $_SERVER["SERVER_NAME"];
295 $REFERERurl = null; unset($REFERERurl);
297 <div class="Table1Border">
298 <table class="Table1">
299 <tr class="TableRow1">
300 <td class="TableRow1">
301 <span style="float: left;"> <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Log in</a></span>
302 <span style="float: right;"> </span></td>
304 <tr class="TableRow2">
305 <th class="TableRow2" style="width: 100%; text-align: left;"> Login Message: </th>
307 <tr class="TableRow3">
308 <td class="TableRow3">
309 <table style="width: 100%; height: 25%; text-align: center;">
311 if (strlen($_POST['userpass'])=="30") { $Error="Yes"; ?>
313 <td><span class="TableMessage">
314 <br />Your password is too big.<br />
317 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
319 <td><span class="TableMessage">
320 <br />Your user name is too big.<br />
323 <?php } if ($Settings['TestReferer']==true) {
324 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
326 <td><span class="TableMessage">
327 <br />Sorry the referering url dose not match our host name.<br />
332 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false),"4"); }
334 $YourName = stripcslashes(htmlspecialchars($_POST['username'], ENT_QUOTES));
335 $YourName = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $YourName);
336 $YourName = @remove_spaces($YourName);
338 $querylog = query("select * from `".$Settings['sqltable']."members` where `Name` = '%s'", array($YourName));
339 $resultlog=mysql_query($querylog);
340 $numlog=mysql_num_rows($resultlog);
343 $YourPassTry=mysql_result($resultlog,$i,"Password");
344 $HashType=mysql_result($resultlog,$i,"HashType");
345 $JoinedPass=mysql_result($resultlog,$i,"Joined");
346 $HashSalt=mysql_result($resultlog,$i,"Salt");
348 if($HashType=="ODFH") {
349 $YourPassword = sha1(md5($_POST['userpass'])); }
350 if($HashType=="DF4H") {
351 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
352 if($HashType=="iDBH"||$UpdateHash!=true) {
353 $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); }
354 if($YourPassword==$YourPassTry) {
356 } if($YourPassword==$YourPassTry) {
358 $YourIDM=mysql_result($resultlog,$i,"id");
359 $YourNameM=mysql_result($resultlog,$i,"Name");
360 $YourPassM=mysql_result($resultlog,$i,"Password");
361 $YourGroupM=mysql_result($resultlog,$i,"GroupID");
362 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($YourGroupM));
363 $gresult=mysql_query($gquery);
364 $YourGroupM=mysql_result($gresult,0,"Name");
365 @mysql_free_result($gresult);
366 $YourTimeZoneM=mysql_result($resultlog,$i,"TimeZone");
367 $YourDSTM=mysql_result($resultlog,$i,"DST");
368 $JoinedDate=mysql_result($resultlog,$i,"Joined");
369 $UseTheme=mysql_result($resultlog,$i,"UseTheme");
370 $NewHashSalt = salt_hmac();
371 $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"sha1");
372 $NewDay=GMTimeStamp();
373 $NewIP=$_SERVER['REMOTE_ADDR'];
374 $queryup = query("update `".$Settings['sqltable']."members` set `Password`='%s',`HashType`='iDBH',`LastActive`='%s',`IP`='%s',`Salt`='%s' WHERE `id`=%i", array($NewPassword,$NewDay,$NewIP,$NewHashSalt,$YourIDM));
375 mysql_query($queryup);
376 @mysql_free_result($resultlog); @mysql_free_result($queryup);
377 //session_regenerate_id();
378 $_SESSION['Theme']=$UseTheme;
379 $_SESSION['MemberName']=$YourNameM;
380 $_SESSION['UserID']=$YourIDM;
381 $_SESSION['UserTimeZone']=$YourTimeZoneM;
382 $_SESSION['UserGroup']=$YourGroupM;
383 $_SESSION['UserDST']=$YourDSTM;
384 if($_POST['storecookie']==true) {
385 setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
386 setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
387 setcookie("SessPass", $NewPassword, time() + (7 * 86400), $basedir); }
389 //echo "Password was not right or user not found!! <_< ";
391 <?php if($passright==true) {
392 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false),"3"); ?>
394 <td><span class="TableMessage">
395 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
396 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
399 <?php } if($passright==false) { ?>
401 <td><span class="TableMessage">
402 <br />Password was not right or user not found!! <_<<br />
403 Click <a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=login",$Settings['qstr'],$Settings['qsep'],$exqstr['member'],$prexqstr['member']); ?>">here</a> to try again.<br />
409 <tr class="TableRow4">
410 <td class="TableRow4"> </td>
414 if($_GET['act']=="signup")
416 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up"; ?>
417 <div class="Table1Border">
418 <table class="Table1">
419 <tr class="TableRow1">
420 <td class="TableRow1"><span style="float: left;">
421 <?php echo $ThemeSet['TitleIcon'] ?><a href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">Register</a>
422 </span><span style="float: right;"> </span></td>
424 <tr class="TableRow2">
425 <th class="TableRow2" style="width: 100%; text-align: left;"> Inert your user info: </th>
427 <tr class="TableRow3">
428 <td class="TableRow3">
429 <form method="post" action="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=makemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>">
430 <table style="text-align: left;">
431 <tr style="text-align: left;">
432 <td style="width: 30%;"><label class="TextBoxLabel" for="Name">Insert a UserName:</label></td>
433 <td style="width: 70%;"><input type="text" class="TextBox" name="Name" size="20" id="Name" /></td>
435 <td><label class="TextBoxLabel" for="Password">Insert a Password:</label></td>
436 <td><input type="password" class="TextBox" name="Password" size="20" id="Password" maxlength="30" /></td>
438 <td><label class="TextBoxLabel" for="RePassword">ReInsert a Password:</label></td>
439 <td><input type="password" class="TextBox" name="RePassword" size="20" id="RePassword" maxlength="30" /></td>
441 <td><label class="TextBoxLabel" for="Email">Insert Your Email:</label></td>
442 <td><input type="text" class="TextBox" name="Email" size="20" id="Email" /></td>
444 <td><label class="TextBoxLabel" for="YourOffSet">Your TimeZone:</label></td>
445 <td><select id="YourOffSet" name="YourOffSet" class="TextBox"><?php
446 $tsa_mem = explode(":",$Settings['DefaultTimeZone']);
447 $TimeZoneArray = array("offset" => $Settings['DefaultTimeZone'], "hour" => $tsa_mem[0], "minute" => $tsa_mem[1]);
448 $plusi = 1; $minusi = 12;
449 $plusnum = 13; $minusnum = 0;
450 while ($minusi > $minusnum) {
451 if($TimeZoneArray['hour']==-$minusi) {
452 echo "<option selected=\"selected\" value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
453 if($TimeZoneArray['hour']!=-$minusi) {
454 echo "<option value=\"-".$minusi."\">GMT - ".$minusi.":00 hours</option>\n"; }
456 if($TimeZoneArray['hour']==0) { ?>
457 <option selected="selected" value="0">GMT +/- 0:00 hours</option>
458 <?php } if($TimeZoneArray['hour']!=0) { ?>
459 <option value="0">GMT +/- 0:00 hours</option>
461 while ($plusi < $plusnum) {
462 if($TimeZoneArray['hour']==$plusi) {
463 echo "<option selected=\"selected\" value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
464 if($TimeZoneArray['hour']!=$plusi) {
465 echo "<option value=\"".$plusi."\">GMT + ".$plusi.":00 hours</option>\n"; }
469 <td style="width: 50%;"><label class="TextBoxLabel" for="MinOffSet">Minute OffSet:</label></td>
470 <td style="width: 50%;"><select id="MinOffSet" name="MinOffSet" class="TextBox"><?php
471 $mini = 0; $minnum = 60;
472 while ($mini < $minnum) {
473 if(strlen($mini)==2) { $showmin = $mini; }
474 if(strlen($mini)==1) { $showmin = "0".$mini; }
475 if($mini==$TimeZoneArray['minute']) {
476 echo "\n<option selected=\"selected\" value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
477 if($mini!=$TimeZoneArray['minute']) {
478 echo "<option value=\"".$showmin."\">0:".$showmin." minutes</option>\n"; }
482 <td style="width: 40%;"><label class="TextBoxLabel" for="DST">Is <span title="Daylight Savings Time">DST</span> / <span title="Summer Time">ST</span> on or off:</label></td>
483 <td style="width: 60%;"><select id="DST" name="DST" class="TextBox"><?php echo "\n" ?>
484 <?php if($Settings['DefaultDST']=="off"||$Settings['DefaultDST']!="on") { ?>
485 <option selected="selected" value="off">off</option><?php echo "\n" ?><option value="on">on</option>
486 <?php } if($Settings['DefaultDST']=="on") { ?>
487 <option selected="selected" value="on">on</option><?php echo "\n" ?><option value="off">off</option>
488 <?php } echo "\n" ?></select></td>
490 <td><label class="TextBoxLabel" for="YourGender">Your Gender:</label></td>
491 <td><select id="YourGender" name="YourGender" class="TextBox">
492 <option value="Male">Male</option>
493 <option value="Female">Female</option>
494 <option value="Unknow">Unknow</option>
497 <td><label class="TextBoxLabel" for="Website">Insert your Website:</label></td>
498 <td><input type="text" class="TextBox" name="Website" size="20" value="http://" id="Website" /></td>
500 <td><label class="TextBoxLabel" for="Avatar">Insert a URL for Avatar:</label></td>
501 <td><input type="text" class="TextBox" name="Avatar" size="20" value="http://" id="Avatar" /></td>
503 <td style="width: 30%;"><label class="TextBoxLabel" title="Store userinfo as a cookie so you dont need to login again." for="storecookie">Store as cookie?</label></td>
504 <td style="width: 70%;"><select id="storecookie" name="storecookie" class="TextBox">
505 <option value="true">Yes</option>
506 <option value="false">No</option>
510 <table style="text-align: left;">
511 <tr style="text-align: left;">
512 <td style="width: 100%;">
513 <label class="TextBoxLabel" for="TOSBox">TOS - Please read fully and check 'I agree' box ONLY if you agree to terms</label><br />
514 <textarea rows="10" cols="58" id="TOSBox" name="TOSBox" class="TextBox" readonly="readonly" accesskey="T"><?php
515 echo file_get_contents("TOS"); ?></textarea><br />
516 <input type="checkbox" class="TextBox" name="TOS" value="Agree" id="TOS" /><label class="TextBoxLabel" for="TOS">I Agree</label><br/>
517 <input type="hidden" style="display: none;" name="act" value="makemembers" />
518 <input type="submit" class="Button" value="Sign UP" />
523 <tr class="TableRow4">
524 <td class="TableRow4"> </td>
527 <?php } if($_GET['act']=="makemember") {
528 if($_POST['act']=="makemembers") {
529 $membertitle = " ".$ThemeSet['TitleDivider']." Signing up";
530 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
531 $URL['REFERER'] = $REFERERurl['host'];
532 $URL['HOST'] = $_SERVER["SERVER_NAME"];
533 $REFERERurl = null; unset($REFERERurl);
534 if(!isset($_POST['username'])) { $_POST['username'] = null; }
535 if(!isset($_POST['TOS'])) { $_POST['TOS'] = null; }
537 <div class="Table1Border">
538 <table class="Table1">
539 <tr class="TableRow1">
540 <td class="TableRow1"><span style="float: right;"> </span>
541 <a href="<?php echo url_maker($exfile['messenger'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['messenger'],$exqstr['messenger']); ?>">Register</a></td>
543 <tr class="TableRow2">
544 <th class="TableRow2" style="width: 100%; text-align: left;"> Signup Message: </th>
546 <tr class="TableRow3">
547 <td class="TableRow3">
548 <table style="width: 100%; height: 25%; text-align: center;">
549 <?php if (strlen($_POST['Password'])=="30") { $Error="Yes"; ?>
551 <td><span class="TableMessage">
552 <br />Your password is too big.<br />
555 <?php } if (strlen($_POST['username'])=="20") { $Error="Yes"; ?>
557 <td><span class="TableMessage">
558 <br />Your user name is too big.<br />
561 <?php } if ($_POST['Password']!=$_POST['RePassword']) { $Error="Yes"; ?>
563 <td><span class="TableMessage">
564 <br />Your passwords did not match.<br />
567 <?php } if ($Settings['TestReferer']==true) {
568 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?>
570 <td><span class="TableMessage">
571 <br />Sorry the referering url dose not match our host name.<br />
575 $Name = stripcslashes(htmlspecialchars($_POST['Name'], ENT_QUOTES));
576 $Name = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Name);
577 $Name = @remove_spaces($Name);
578 $sql_email_check = mysql_query(query("select `Email` from `".$Settings['sqltable']."members` where `Email` = '%s'", array($_POST['Email'])));
579 $sql_username_check = mysql_query(query("select `Name` from `".$Settings['sqltable']."members` where `Name` = '%s'", array($Name)));
580 $email_check = mysql_num_rows($sql_email_check);
581 $username_check = mysql_num_rows($sql_username_check);
582 @mysql_free_result($sql_email_check); @mysql_free_result($sql_username_check);
583 if ($_POST['TOS']!="Agree") { $Error="Yes"; ?>
585 <td><span class="TableMessage">
586 <br />You need to agree to the tos.<br />
589 <?php } if ($_POST['Name']==null) { $Error="Yes"; ?>
591 <td><span class="TableMessage">
592 <br />You need to enter a name.<br />
595 <?php } if ($_POST['Name']=="ShowMe") { $Error="Yes"; ?>
597 <td><span class="TableMessage">
598 <br />You need to enter a name.<br />
601 <?php } if ($_POST['Password']==null) { $Error="Yes"; ?>
603 <td><span class="TableMessage">
604 <br />You need to enter a password.<br />
607 <?php } if ($_POST['Email']==null) { $Error="Yes"; ?>
609 <td><span class="TableMessage">
610 <br />You need to enter a email.<br />
613 <?php } if($email_check > 0) { $Error="Yes"; ?>
615 <td><span class="TableMessage">
616 <br />Email address is already used.<br />
619 <?php } if($username_check > 0) { $Error="Yes"; ?>
621 <td><span class="TableMessage">
622 <br />UserName is already used.<br />
625 <?php } if ($Error=="Yes") {
626 @redirect("refresh",$basedir.url_maker($exfile['member'],$Settings['file_ext'],"act=signup",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],FALSE),"4"); }
628 $_POST['UserIP'] = $_SERVER['REMOTE_ADDR'];
629 $_POST['Group'] = $Settings['MemberGroup'];
630 $_POST['Joined'] = GMTimeStamp(); $_POST['LastActive'] = GMTimeStamp();
631 $_POST['Signature'] = ""; $_POST['Interests'] = "";
632 $_POST['Title'] = ""; $_POST['PostCount'] = "0";
633 if($Settings['AdminValidate']==true||$Settings['AdminValidate']!=false)
634 { $ValidateStats="no"; $yourgroup=$Settings['ValidateGroup']; }
635 if($Settings['AdminValidate']==false)
636 { $ValidateStats="yes"; $yourgroup=$Settings['MemberGroup']; }
637 $HashSalt = salt_hmac();
638 $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"sha1");
639 $_GET['YourPost'] = $_POST['Signature'];
640 //require( './'.$SettDir['misc'].'HTMLTags.php');
641 $_GET['YourPost'] = htmlspecialchars($_GET['YourPost'], ENT_QUOTES);
642 $_GET['YourPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_GET['YourPost']);
643 $NewSignature = $_GET['YourPost'];
644 $_GET['YourPost'] = preg_replace("/\t+/"," ",$_GET['YourPost']);
645 $_GET['YourPost'] = preg_replace("/\s\s+/"," ",$_GET['YourPost']);
646 $Avatar = stripcslashes(htmlspecialchars($_POST['Avatar'], ENT_QUOTES));
647 $Avatar = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Avatar);
648 $Avatar = @remove_spaces($Avatar);
649 $Website = stripcslashes(htmlspecialchars($_POST['Website'], ENT_QUOTES));
650 $Website = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Website);
651 $Website = @remove_spaces($Website);
652 $gquerys = query("select * from `".$Settings['sqltable']."groups` where `Name`='%s'", array($Settings['MemberGroup']));
653 $gresults=mysql_query($gquerys);
654 $yourgroup=mysql_result($gresults,0,"id");
655 @mysql_free_result($gresults);
656 $yourid = getnextid($Settings['sqltable'],"members");
657 $_POST['Interests'] = @remove_spaces($_POST['Interests']);
658 $_POST['Title'] = @remove_spaces($_POST['Title']);
659 $_POST['Email'] = @remove_spaces($_POST['Email']);
660 if(!is_numeric($_POST['YourOffSet'])) { $_POST['YourOffSet'] = "0"; }
661 if($_POST['YourOffSet']>12) { $_POST['YourOffSet'] = "12"; }
662 if($_POST['YourOffSet']<-12) { $_POST['YourOffSet'] = "-12"; }
663 if(!is_numeric($_POST['MinOffSet'])) { $_POST['MinOffSet'] = "00"; }
664 if($_POST['MinOffSet']>59) { $_POST['MinOffSet'] = "59"; }
665 if($_POST['MinOffSet']<0) { $_POST['MinOffSet'] = "00"; }
666 $_POST['YourOffSet'] = $_POST['YourOffSet'].":".$_POST['MinOffSet'];
667 $query = query("insert into `".$Settings['sqltable']."members` values (".$yourid.",'%s','%s','%s','%s','%s','%s','%i','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", array($Name,$NewPassword,"iDBH",$_POST['Email'],$yourgroup,$ValidateStats,"0",$_POST['Interests'],$_POST['Title'],$_POST['Joined'],$_POST['LastActive'],"0",$NewSignature,'Your Notes',$Avatar,"100x100",$Website,$_POST['YourGender'],$_POST['PostCount'],$_POST['YourOffSet'],$_POST['DST'],$Settings['DefaultTheme'],$_POST['UserIP'],$HashSalt));
669 $querylogr = query("select * from `".$Settings['sqltable']."members` where `Name`='%s' AND `Password`='%s'", array($Name,$NewPassword));
670 $resultlogr=mysql_query($querylogr);
671 $numlogr=mysql_num_rows($resultlogr);
674 $YourIDMr=mysql_result($resultlogr,$ir,"id");
675 $YourNameMr=mysql_result($resultlogr,$ir,"Name");
676 $YourGroupMr=mysql_result($resultlogr,$ir,"GroupID");
677 $gquery = query("select * from `".$Settings['sqltable']."groups` where `id`=%i", array($YourGroupMr));
678 $gresult=mysql_query($gquery);
679 $YourGroupMr=mysql_result($gresult,0,"Name");
680 @mysql_free_result($gresult);
681 $YourTimeZoneMr=mysql_result($resultlogr,$ir,"TimeZone");
682 $YourDSTMr=mysql_result($resultlogr,$ir,"DST"); }
683 @mysql_free_result($resultlogr);
684 @session_regenerate_id(true);
685 $_SESSION['Loggedin']=true;
686 $_SESSION['MemberName']=$YourNameMr;
687 $_SESSION['UserID']=$YourIDMr;
688 $_SESSION['UserTimeZone']=$YourTimeZoneMr;
689 $_SESSION['UserDST']=$YourDSTMr;
690 $_SESSION['UserGroup']=$YourGroupMr;
691 if($_POST['storecookie']==true) {
692 @setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir);
693 @setcookie("UserID", $YourIDM, time() + (7 * 86400), $basedir);
694 @setcookie("SessPass", $YourPassM, time() + (7 * 86400), $basedir); }
695 //$SendPMtoID=$_SESSION['UserID'];
697 //$PMTitle = "Welcome ".$Name.".";
698 //$YourMessage = "Hello ".$Name.". Welcome to ".$Settings['board_name'].". I hope you have fun here. ^_^ ";
699 //$_POST['YourDate'] = $_POST['Joined'];
700 //$query = query("insert into `".$Settings['sqltable']."messenger` values (null,'%s','%s','%s','%s','%s','%s',0)", array($YourPMID,$SendPMtoID,'',$PMTitle,$YourMessage,$_POST['YourDate']));
701 //mysql_query($query);
702 @redirect("refresh",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],FALSE),"3");
705 <td><span class="TableMessage">
706 <br />Welcome to the Board <?php echo $_SESSION['MemberName']; ?>. ^_^<br />
707 Click <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here</a> to continue to board.<br />
713 <tr class="TableRow4">
714 <td class="TableRow4"> </td>