Jump to content
MakeWebGames

Registration and forgot password wont send email


ossukoss

Recommended Posts


<?php
define('BASEPATH', true);
require_once('system/config.php');

$orign = empty($_GET['orign']) ? '/game/?side=startside' : $_GET['orign'];
if (IS_ONLINE)
{
	header("Location: " . $orign);
	exit;
}

$sider = array(
	'logginn' => 'logginn',
	'registrer' => 'registrer',
	'glemt_pass' => 'glemt_pass'
);
$side = $sider[$_GET['side']];

if (!$side)
{
	$side = $sider['logginn'];
}

$open_time = strtotime('8/27/2010 19:30:00');

define('FACEBOOK_APP_ID', '105386132860118');
define('FACEBOOK_SECRET', 'x');

/*$facebook_cookie = false;
$facebook_user = false;
if ($side == 'registrer' && isset($_GET['fb']))
{
	function get_facebook_cookie($app_id, $application_secret) {
	  $args = array();
	  parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args);
	  ksort($args);
	  $payload = '';
	  foreach ($args as $key => $value) {
		if ($key != 'sig') {
		  $payload .= $key . '=' . $value;
		}
	  }
	  if (md5($payload . $application_secret) != $args['sig']) {
		return null;
	  }
	  return $args;
	}

	$facebook_cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_SECRET);

	if ($facebook_cookie)
	{
		$facebook_user = json_decode(file_get_contents('https://graph.facebook.com/me?access_token=' . $facebook_cookie['access_token']));
	}
}*/

if (isset($_GET['setLang']) && $languages_supported[$_GET['setLang']])
{
	$lang = $languages_supported[$_GET['setLang']];
	setcookie('MZ_Language', $lang[0]);

	header('Location: /');
	exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
     xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="keywords" content="<?=$config['meta_keywords']?>" />
<meta name="description" content="<?=$config['meta_description']?>" />
<title>Mafiazone | Norsk Mafia Spill</title>
   <link rel="shortcut icon" href="<?=$config['base_url']?>favicon.ico" />
<link href="<?=$config['base_url']?>css.css" type="text/css" rel="stylesheet" />
<script type="text/javascript" src="<?=$config['base_url']?>game/js/mootools.js"></script>
   <script type="text/javascript" src="js.js"></script>
   <?php if($side == 'logginn') echo '<script type="text/javascript">window.addEvent(\'domready\', function(){$(\'login\').focus()});;</script>' . "\n";?>
</head>
<body>
<div id="default_langSelector">
       <ul>
       <?php
       foreach ($languages_supported as $lang)
       {
           echo '<li' . ($lang[0] == $langBase->language ? ' class="active"' : '') . '><a href="' . $config['base_url'] . '?setLang=' . $lang[0] . '" title="' . $lang[2] . '"><img src="' . $config['base_url'] . 'game/images/flags/' . $lang[0] . '.png" alt="' . $lang[2] . '" /></a></li>';
       }
       ?>
       </ul>
   </div>
<div class="default_wrap">
	<div class="default_header" style="position: relative;">
       	<div style="position: absolute; left: 10px; top: 10px; width: 568px; height: 60px; overflow: hidden;">
           </div>
       </div>
	<div class="default_content_wrap">
		<div class="default_content left">
			<div class="content <?=$side?>">
			<?php
			if ($side == 'logginn')
			{
				if (isset($_POST['do_login']))
				{
					$login = $db->EscapeString($_POST['login']);

					$sql = "SELECT `id`,`pass` FROM `[users]` WHERE ";
					if (is_numeric($login))
					{
						// Logg inn med bruker-id
						$sql .= "`id`='$login'";
					}
					elseif (strstr($login, '@'))
					{
						// Logg inn med epost adresse
						$sql .= "`email`='$login'";
					}
					else
					{
						// Logg inn med spillernavn
						$q = $db->Query("SELECT userid FROM `[players]` WHERE `name`='$login'");
						$player = $db->FetchArray($q);
						$sql .= "`id`='".$player['userid']."'";
					}

					$sql  = $db->Query($sql);
					$user = $db->FetchArray($sql);

					$pass = View::DoubleSalt($db->EscapeString($_POST['password']), $user['id']);

					if ($user['pass'] === $pass)
					{
						$userid = $user['id'];

						$sql = $db->Query("SELECT id FROM `[sessions]` WHERE `Userid`='" . $user['id'] . "' AND `IP`='" . $_SERVER['REMOTE_ADDR'] . "' AND `Active`='1'");
						while ($sess = $db->FetchArray($sql))
						{
							$db->Query("INSERT INTO `" . $config['sql_logdb'] . "`.`[sessions_logg]` SELECT * FROM `[sessions_logg]` WHERE `id`='" . $sess['id'] . "'");
							$db->Query("UPDATE `" . $config['sql_logdb'] . "`.`[sessions_logg]` SET `Active`='0' WHERE `id`='".$sess['id']."'");
							$db->Query("DELETE FROM `[sessions]` WHERE `id`='" . $sess['id'] . "'");
						}

						mysql_query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$user['id']."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')") or die(mysql_error());
						$sid = mysql_insert_id();
						$db->Query("UPDATE `[users]` SET `online`='".time()."', `last_active`='".time()."', `IP_last`='".$_SERVER['REMOTE_ADDR']."' WHERE `id`='$userid'");
						$db->Query("UPDATE `[players]` SET `last_active`='".time()."', `online`='".time()."', `status`='1' WHERE `userid`='".$user['id']."' AND `health`>'0' AND `level`>'0'");

						$_SESSION['MZ_LoginData'] = array(
							'sid' => $sid,
							'userid' => $user['id'],
							'password' => $user['pass']
						);

						header("Location: $orign" . '&sid=' . $sid);
						exit;
					}
					else
					{
						$errorMsg = 'Feil innlogging / passord (<a href="'.$config['base_url'].'?side=glemt_pass">glemt passord</a>)';
					}
				}
				elseif (isset($_POST['do_reg']))
				{
					header('Location: /?side=registrer');
					exit;
				}
			?>
               	<div class="logginn_left"></div>
				<div class="logginn_right">
                   <?php if ($errorMsg) echo '<p class="error">' . $errorMsg . '</p>';?>
					<form method="post" action="">
						<p class="form_item">
							<span class="title">Spillernavn / Epost / Bruker-ID</span><br />
							<input type="text" name="login" id="login" value="<?=$_POST['login']?>" />
						</p>
						<p class="form_item">
							<span class="title">Passord</span><br />
							<input type="password" name="password" value="" />
						</p>
						<div class="hr"></div>
						<p class="buttons">
							<input type="submit" class="first" name="do_login" value="Logg inn" />
                               <input type="submit" name="do_reg" value="Registrer deg" />
						</p>
					</form>
				</div>
				<div class="clear"></div>
               <?php
			}
			elseif ($side == 'registrer')
			{
				if (isset($_GET['fb']) && false)
				{
			?>
               <h1>Registrer deg med Facebook<span style="float: right; margin-right: 20px;"><a href="<?=$config['base_url']?>?side=logginn">Logg inn</a></span></h1>
               <div class="hr"></div>
               <?php
			if ($facebook_cookie && !empty($facebook_user->email))
			{
				if (isset($_POST['reg_name']))
				{
					$name = trim($db->EscapeString($_POST['reg_name']));
					$name_validated = Accessories::ValidatePlayername($name);

					$pass = $db->EscapeString($_POST['reg_pass']);
					$pass_re = $db->EscapeString($_POST['reg_pass_re']);

					$mail = $db->EscapeString($facebook_user->email);

					if (!preg_match("/^[a-zA-Z_\\-][\\w\\.\\-_]*[a-zA-Z0-9_\\-]@[a-zA-Z0-9][\\w\\.-]*[a-zA-Z0-9]\\.[a-zA-Z][a-zA-Z\\.]*[a-zA-Z]$/i", $mail))
					{
						$errorMsg = 'Ugyldig e-post adresse. ' . $mail;
					}
					elseif ($pass !== $pass_re)
					{
						$errorMsg = 'Passordene var ikke like';
					}
					elseif (!View::ValidPassword($pass))
					{
						$errorMsg = 'Ugyldig passord';
					}
					elseif ($db->GetNumRows($db->Query("SELECT id FROM `[users]` WHERE `email`='".$mail."'")) > 0)
					{
						$errorMsg = 'E-posten er allerede i bruk';
					}
					elseif ($name_validated == false)
					{
						$errorMsg = 'Ugyldig spillernavn';
					}
					elseif ($db->GetNumRows($db->Query("SELECT id FROM `[players]` WHERE `name`='".$name."'")) > 0)
					{
						$errorMsg = 'Spillernavnet er opptatt';
					}
					elseif (!isset($_POST['betingelser']))
					{
						$errorMsg = 'Du må godta regelverket';
					}
					else
					{
						$db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'");

						$db->Query("INSERT INTO `[users]` (`email`, `reg_time`, `IP_regged_with`, `hasPlayer`, `enlisted_by`, `online`, `last_active`, `IP_last`, `register_source`)VALUES('".$mail."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '1', '".($extra['enlist'])."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', 'facebook:".$db->EscapeString($facebook_user->name)."')");
						$userID = mysql_insert_id();

						$saltPass = View::DoubleSalt($pass, $userID);
						$db->Query("UPDATE `[users]` SET `pass`='".$saltPass."' WHERE `id`='".$userID."'");

						$db->Query("INSERT INTO `[players]` (`userid`, `name`, `IP_created_with`, `created`, `cash`, `bank`, `live`, `profileimage`, `online`, `last_active`, `status`)VALUES('".$userID."', '".$name_validated."', '".$_SERVER['REMOTE_ADDR']."', '".time()."', '".$config['player_default_money']['cash']."', '".$config['player_default_money']['bank']."', '".array_rand($config['places'])."', '".$config['default_profileimage']."', '".time()."', '".time()."', '1')");

						$db->Query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$userID."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')");
						$sid = mysql_insert_id();

						$_SESSION['MZ_LoginData'] = array(
							'userid' => $userID,
							'sid' => $sid,
							'password' => $saltPass
						);

						View::Message('Gratulerer! Du har fått en bruker på Mafiazone!<br /><br />Trenger du hjelp for å komme i gang?<br />Sjekk <a href="/game/?side=faq">FAQ-en</a>, finner du ikke hjelp der, kan du spørre på <a href="/game/?side=support">support</a>.<br /><br />Lykke til!', 1, true, '/game/?side=faq');
					}
				}
			?>
               <form method="post" action="" style="width: 300px;">
               	<?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?>
                   <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?>
               	<dl class="dd_right" style="margin: 5px 0 0 0;">
                   	<dt>Spillernavn</dt>
                       <dd><input type="text" name="reg_name" value="<?=trim($_POST['reg_name'])?>" /></dd>
                       <dt>Passord</dt>
                       <dd><input type="password" name="reg_pass" value="" /></dd>
                       <dt>Gjenta passord</dt>
                       <dd><input type="password" name="reg_pass_re" value="" /></dd>
                   </dl>
                   <div class="clear"></div>
                   <input type="checkbox" name="betingelser" id="betingelser" /><label for="betingelser">Jeg har lest og godtar <a href="<?=$config['base_url']?>regelverk.php" target="_blank">regelverket</a>.</label>
                   <p style="margin: 0; padding-top: 10px; text-align: center;">
                   	<input type="submit" value="Fullfør registrering" />
                   </p>
               </form>
               <?php
			}
			else
			{
				echo '<div style="margin: 20px; font-size: 14px;"><p>Logg inn for å registrere deg med Facebook:</p>
					  <p><fb:login-button perms="email"></fb:login-button></p></div>';
			}
			?>
               <div id="fb-root"></div>
			<script src="http://connect.facebook.net/en_US/all.js"></script>
               <script>
                 FB.init({appId: '<?= FACEBOOK_APP_ID ?>', status: true,
                          cookie: true, xfbml: true});
                 FB.Event.subscribe('auth.login', function(response) {
                   window.location.href = window.location.href;
                 });
               </script>
               <?php
				}
				else
				{

				$steps = array(
					1,
					2
				);
				$step = $_GET['steg'];
				if (!in_array($step, $steps))
				{
					$step = $steps[0];
				}

				if ($step == 2 && !empty($_GET['v']))
				{
					$last_temp = $db->EscapeString($_GET['v']);
					$sql = $db->Query("SELECT id,time_added,expires,extra FROM `temporary` WHERE `id`='".$last_temp."' AND `active`='1' AND `area`='register'");
					$last_temp = $db->FetchArray($sql);

					$lt_expire = $last_temp['time_added']+$last_temp['expires'] - time();
					if ($lt_expire <= 0)
					{
						$db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'");
						unset($last_temp);
					}

					if ($last_temp['id'] == '')
					{
						header('Location: /?side=registrer&steg=1');
						exit;
					}

					$extra = unserialize($last_temp['extra']);

					if (isset($_POST['reg_name']))
					{
						$name = trim($db->EscapeString($_POST['reg_name']));
						$name_validated = Accessories::ValidatePlayername($name);

						$pass = $db->EscapeString($_POST['reg_pass']);
						$pass_re = $db->EscapeString($_POST['reg_pass_re']);

						if ($pass !== $pass_re)
						{
							$errorMsg = 'Passordene var ikke like';
						}
						elseif (!View::ValidPassword($pass))
						{
							$errorMsg = 'Ugyldig passord';
						}
						elseif ($name_validated == false)
						{
							$errorMsg = 'Ugyldig spillernavn';
						}
						elseif ($db->GetNumRows($db->Query("SELECT id FROM `[players]` WHERE `name`='".$name."'")) > 0)
						{
							$errorMsg = 'Spillernavnet er opptatt';
						}
						elseif (!isset($_POST['betingelser']))
						{
							$errorMsg = 'Du må godta regelverket';
						}
						else
						{
							$db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'");

							$db->Query("INSERT INTO `[users]` (`email`, `reg_time`, `IP_regged_with`, `hasPlayer`, `enlisted_by`, `online`, `last_active`, `IP_last`, `register_source`)VALUES('".$extra['mail']."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '1', '".($extra['enlist'])."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', 'default')");
							$userID = mysql_insert_id();

							$saltPass = View::DoubleSalt($pass, $userID);
							$db->Query("UPDATE `[users]` SET `pass`='".$saltPass."' WHERE `id`='".$userID."'");

							$db->Query("INSERT INTO `[players]` (`userid`, `name`, `IP_created_with`, `created`, `cash`, `bank`, `live`, `profileimage`, `online`, `last_active`, `status`)VALUES('".$userID."', '".$name_validated."', '".$_SERVER['REMOTE_ADDR']."', '".time()."', '".$config['player_default_money']['cash']."', '".$config['player_default_money']['bank']."', '".array_rand($config['places'])."', '".$config['default_profileimage']."', '".time()."', '".time()."', '1')");

							$db->Query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$userID."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')");
							$sid = mysql_insert_id();

							$_SESSION['MZ_LoginData'] = array(
								'userid' => $userID,
								'sid' => $sid,
								'password' => $saltPass
							);

							View::Message('Gratulerer! Du har fått en bruker på Mafiazone!<br /><br />Trenger du hjelp for å komme i gang?<br />Sjekk <a href="/game/?side=faq">FAQ-en</a>, finner du ikke hjelp der, kan du spørre på <a href="/game/?side=support">support</a>.<br /><br />Lykke til!', 1, true, '/game/?side=faq');
						}
					}
			?>
               <form method="post" action="" style="width: 300px;">
               	<?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?>
                   <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?>
               	<dl class="dd_right" style="margin: 5px 0 0 0;">
                   	<dt>Spillernavn</dt>
                       <dd><input type="text" name="reg_name" value="<?=trim($_POST['reg_name'])?>" /></dd>
                       <dt>Passord</dt>
                       <dd><input type="password" name="reg_pass" value="" /></dd>
                       <dt>Gjenta passord</dt>
                       <dd><input type="password" name="reg_pass_re" value="" /></dd>
                   </dl>
                   <div class="clear"></div>
                   <input type="checkbox" name="betingelser" id="betingelser" /><label for="betingelser">Jeg har lest og godtar <a href="<?=$config['base_url']?>regelverk.php" target="_blank">regelverket</a>.</label>
                   <p style="margin: 0; padding-top: 10px; text-align: center;">
                   	<input type="submit" value="Fullfør registrering" />
                   </p>
               </form>
               <?php
				}
				else
				{
					if (isset($_POST['reg_mail']))
					{
						$mail = trim($db->EscapeString($_POST['reg_mail']));
						$mail_re = trim($db->EscapeString($_POST['reg_mail_re']));

						if (!preg_match("/^[a-zA-Z_\\-][\\w\\.\\-_]*[a-zA-Z0-9_\\-]@[a-zA-Z0-9][\\w\\.-]*[a-zA-Z0-9]\\.[a-zA-Z][a-zA-Z\\.]*[a-zA-Z]$/i", $mail))
						{
							$errorMsg = 'Ugyldig epost-adresse';
						}
						elseif ($mail !== $mail_re)
						{
							$errorMsg = 'Epost-adressene var ikke like';
						}
						elseif ($db->GetNumRows($db->Query("SELECT id FROM `[users]` WHERE `email`='".$mail."' LIMIT 1")) > 0)
						{
							$errorMsg = 'Epost-adressen er opptatt';
						}
						elseif ($db->GetNumRows($db->Query("SELECT id FROM `temporary` WHERE `playerid`='".$mail."' AND `active`='1' AND `area`='register' AND `time_added`+`expires`>'".time()."' LIMIT 1")) > 0)
						{
							$errorMsg = 'Det har allerede blitt sendt en verifiseringskode';
						}
						else
						{
							$extra = array(
								'mail' => $mail,
								'enlist' => isset($_GET['e']) ? $db->EscapeString($_GET['e']) : 0
							);

							$tempID = substr(sha1(uniqid(rand())), 0, 6);
							$db->Query("INSERT INTO `temporary` (`id`, `playerid`, `area`, `expires`, `time_added`, `extra`)VALUES('".$tempID."', '".$mail."', 'register', '3600', '".time()."', '".serialize($extra)."')");

							mail($mail, 'Mafiazone » Registrering', 
							'<html>
								<body style="font-family: Verdana; color: #333333; font-size: 12px;">
									<table style="width: 300px; margin: 0px auto;">
										<tr style="text-align: center;">
											<td style="border-bottom: solid 1px #cccccc;"><h1 style="margin: 0; font-size: 20px;"><a href="'.$config['base_url'].'">Mafiazone.biz</a></h1><h2 style="text-align: right; font-size: 14px; margin: 7px 0 10px 0;">« Registrering</h2></td>
										</tr>
										<tr style="text-align: justify;">
											<td style="padding-top: 15px; padding-bottom: 15px;">
												Hei,
												<br />
												<br />
												For å få en bruker på Mafiazone, åpne følgende lenke i nettleseren din:<br />
												<a href="'.$config['base_url'].'?side=registrer&steg=2&v='.$tempID.'">'.$config['base_url'].'?side=registrer&steg=2&v='.$tempID.'</a>
												<br />
												Linken er aktiv til <b>'.View::Time(time()+3600, true).'</b>. Du må bruke linken før denne tiden!
											</td>
										</tr>
										<tr style="text-align: right; color: #777777;">
											<td style="padding-top: 10px; border-top: solid 1px #cccccc;">
												Med vennlig hilsen
												<br>
												<span style="color: #222222;">Mafiazone ledelsen</span>
											</td>
										</tr>
									</table>
								</body>
							</html>',
							"Reply-To: Mafiazone <[email protected]>\r\n" . 
							"Return-Path: Mafiazone <[email protected]>\r\n" . 
							"To: ".$mail." <".$mail.">\r\n" .
							"From: Mafiazone <[email protected]>\r\n" .
							"MIME-Version: 1.0\r\n" .
							"Content-type: text/html; charset=iso-8859-1");

							$successMsg = 'Det har blitt sendt en epost til epost-adressen';
						}
					}
			?>
               <h1>Registrer deg på Mafiazone<!-- (<a href="/?side=registrer&fb">bruk <img src="/img/facebook_reg.png" style="margin-bottom: -5px;" alt="Facebook" /></a>)--><span style="float: right; margin-right: 20px;"><a href="<?=$config['base_url']?>?side=logginn">Logg inn</a></span></h1>
               <div class="hr"></div>
               <form method="post" action="">
                   <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?>
                   <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?>
               	<dl class="dd_right">
                   	<dt>Epost-adresse</dt>
                       <dd><input type="text" name="reg_mail" value="<?=$_POST['reg_mail']?>" /></dd>
                       <dt>Gjenta epost-adresse</dt>
                       <dd><input type="text" name="reg_mail_re" value="" /></dd>
                   </dl>
                   <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;">
                   	<input type="submit" value="Neste steg" />
                   </p>
               </form>
               <?php
				}
				}
			}
			elseif ($side == 'glemt_pass')
			{
				echo '<h1>Glemt passord<span style="float: right; margin-right: 20px;"><a href="'.$config['base_url'].'?side=logginn">Logg inn</a></span></h1>';

				$last_temp = $db->EscapeString($_GET['v']);
				$sql = $db->Query("SELECT id,time_added,expires,extra FROM `temporary` WHERE `id`='".$last_temp."' AND `active`='1' AND `area`='forgot_pass'");
				$last_temp = $db->FetchArray($sql);

				$lt_expire = $last_temp['time_added']+$last_temp['expires'] - time();
				if ($lt_expire <= 0)
				{
					$db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'");
					unset($last_temp);
				}

				if ($last_temp['id'] == '')
				{
					if (isset($_POST['fp_mail']))
					{
						$mail = $db->EscapeString(trim($_POST['fp_mail']));
						$sql = $db->Query("SELECT id,email FROM `[users]` WHERE `email`='".$mail."'");
						$user = $db->FetchArray($sql);

						if ($user['id'] == '')
						{
							$errorMsg = 'Fant ingen brukere med den epost-adressen';
						}
						elseif ($db->GetNumRows($db->Query("SELECT id FROM `temporary` WHERE `playerid`='".$mail."' AND `active`='1' AND `area`='forgot_pass' AND `time_added`+`expires`>'".time()."' LIMIT 1")) > 0)
						{
							$errorMsg = 'Det har allerede blitt sendt en verifiseringskode';
						}
						else
						{
							$extra = array(
								'mail' => $user['email']
							);

							$tempID = substr(sha1(uniqid(rand())), 0, 6);
							$db->Query("INSERT INTO `temporary` (`id`, `playerid`, `area`, `expires`, `time_added`, `extra`)VALUES('".$tempID."', '".$user['email']."', 'forgot_pass', '3600', '".time()."', '".serialize($extra)."')");

							mail($user['email'], 'Mafiazone » Glemt passord', 
							'<html>
								<body style="font-family: Verdana; color: #333333; font-size: 12px;">
									<table style="width: 300px; margin: 0px auto;">
										<tr style="text-align: center;">
											<td style="border-bottom: solid 1px #cccccc;"><h1 style="margin: 0; font-size: 20px;"><a href="'.$config['base_url'].'">Mafiazone.biz</a></h1><h2 style="text-align: right; font-size: 14px; margin: 7px 0 10px 0;">« Registrering</h2></td>
										</tr>
										<tr style="text-align: justify;">
											<td style="padding-top: 15px; padding-bottom: 15px;">
												Hei,
												<br />
												<br />
												En person fra IP-adressen '.$_SERVER['REMOTE_ADDR'].' har bedt om nytt passord til brukeren din på Mafiazone.no
												<br />
												<br />
												Åpne denne linken for å få et nytt passord:<br />
												<a href="'.$config['base_url'].'?side=glemt_pass&v='.$tempID.'">'.$config['base_url'].'?side=glemt_pass&v='.$tempID.'</a><br />
												<br />
												Linken er aktiv til <b>'.View::Time(time()+3600, true).'</b>. Du må bruke linken før denne tiden!
											</td>
										</tr>
										<tr style="text-align: right; color: #777777;">
											<td style="padding-top: 10px; border-top: solid 1px #cccccc;">
												Med vennlig hilsen
												<br />
												<span style="color: #222222;">Mafiazone ledelsen</span>
											</td>
										</tr>
									</table>
								</body>
							</html>',
							"Reply-To: Mafiazone <[email protected]>\r\n" . 
							"Return-Path: Mafiazone <[email protected]>\r\n" . 
							"To: ".$user['email']." <".$user['email'].">\r\n" .
							"From: Mafiazone <[email protected]>\r\n" .
							"MIME-Version: 1.0\r\n" .
							"Content-type: text/html; charset=iso-8859-1");

							$successMsg = 'Det har blitt sendt en epost til epost-adressen';
						}
					}
			?>
               <div class="hr"></div>
               <form method="post" action="">
                   <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?>
                   <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?>
               	<dl class="dd_right">
                   	<dt>Epost-adresse</dt>
                       <dd><input type="text" name="fp_mail" value="<?=$_POST['fp_mail']?>" /></dd>
                   </dl>
                   <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;">
                   	<input type="submit" value="Neste steg" />
                   </p>
               </form>
               <?php
				}
				else
				{
					$extra = unserialize($last_temp['extra']);

					if (isset($_POST['new_pass']))
					{
						$sql = $db->Query("SELECT id FROM `[users]` WHERE `email`='".$extra['mail']."'");
						$user = $db->FetchArray($sql);

						$pass = View::DoubleSalt($db->EscapeString($_POST['new_pass']), $user['id']);
						$pass_re = View::DoubleSalt($db->EscapeString($_POST['new_pass_re']), $user['id']);

						if ($pass !== $pass_re)
						{
							$errorMsg = 'Passordene var ikke like';
						}
						elseif (!View::ValidPassword($_POST['new_pass']))
						{
							$errorMsg = 'Ugyldig passord';
						}
						else
						{
							$db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'");
							$db->Query("UPDATE `[users]` SET `pass`='".$pass."' WHERE `id`='".$user['id']."'");

							$successMsg = 'Du har lagret passordet';
						}
					}
			?>
               <div class="hr"></div>
               <form method="post" action="">
                   <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?>
                   <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?>
               	<dl class="dd_right">
                   	<dt>Nytt passord</dt>
                       <dd><input type="password" name="new_pass" value="" /></dd>
                       <dt>Gjenta passord</dt>
                       <dd><input type="password" name="new_pass_re" value="" /></dd>
                   </dl>
                   <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;">
                   	<input type="submit" value="Lagre passord" />
                   </p>
               </form>
               <?php
				}
			}
			?>
			</div>
		</div>
		<div class="default_content">
			<div id="preview">
               	<div class="nav">
                   	<a href="#" class="prev"></a>
                       <a href="#" class="next"></a>
                   </div>
               </div>
		</div>
	<div class="clear"></div>
	</div>
       <div style="background: #1c1c1c; border: solid 2px #131313; margin: 15px auto; padding: 10px; -moz-border-radius: 5px; -webkit-border-radius: 5px; border-radius: 5px; opacity: 0.7; filter: alpha(opacity=70);">
       	<div style="margin: 0px auto; width: 820px;">
           	<div style="width: 200px; float: left;">
               	<ul class="mz_menulinks">
                   	<li><a href="<?=$config['base_url']?>">« Logg inn</a></li>
                       <li><a href="<?=$config['base_url']?>?side=registrer">« Registrer deg</a></li>
                       <li><a href="<?=$config['base_url']?>?side=glemt_pass">« Glemt passord</a></li>
                   </ul>
               </div>
               <div style="width: 380px; margin-left: 20px; float: left;">
               	<h3 style="text-align: justify;"><?=$config['meta_description']?></h3>
               </div>
               <div style="width: 200px; margin-left: 20px; float: left; text-align: center;">
               	<!--<h3>Registrer deg med <a href="/?side=registrer&fb"><img src="/img/facebook_reg.png" alt="Facebook" style="margin-bottom: -5px;" /></a></h3>
                   <p><a href="/?side=registrer&fb">Klikk her</a></p>-->
               </div>
               <div class="clear"></div>
           </div>
           <div style="margin: 15px auto 15px; width: 728px;">
		</div>
           <h3 style="text-align: center;">Internet Explorer kan ødelegge spillopplevelsen, derfor anbefaler vi at du bruker f. eks. <a href="http://www.opera.com/">Opera</a> eller <a href="http://www.google.com/chrome/">Chrome</a>.</h3>
       </div>
</div>
   <script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-12469117-1']);
  _gaq.push(['_trackPageview']);
  (function() {
	var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
	ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
	var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
</body>
</html>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...