ossukoss Posted August 8, 2013 Posted August 8, 2013 <?php define('BASEPATH', true); require_once('system/config.php'); $orign = empty($_GET['orign']) ? '/game/?side=startside' : $_GET['orign']; if (IS_ONLINE) { header("Location: " . $orign); exit; } $sider = array( 'logginn' => 'logginn', 'registrer' => 'registrer', 'glemt_pass' => 'glemt_pass' ); $side = $sider[$_GET['side']]; if (!$side) { $side = $sider['logginn']; } $open_time = strtotime('8/27/2010 19:30:00'); define('FACEBOOK_APP_ID', '105386132860118'); define('FACEBOOK_SECRET', 'x'); /*$facebook_cookie = false; $facebook_user = false; if ($side == 'registrer' && isset($_GET['fb'])) { function get_facebook_cookie($app_id, $application_secret) { $args = array(); parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); ksort($args); $payload = ''; foreach ($args as $key => $value) { if ($key != 'sig') { $payload .= $key . '=' . $value; } } if (md5($payload . $application_secret) != $args['sig']) { return null; } return $args; } $facebook_cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_SECRET); if ($facebook_cookie) { $facebook_user = json_decode(file_get_contents('https://graph.facebook.com/me?access_token=' . $facebook_cookie['access_token'])); } }*/ if (isset($_GET['setLang']) && $languages_supported[$_GET['setLang']]) { $lang = $languages_supported[$_GET['setLang']]; setcookie('MZ_Language', $lang[0]); header('Location: /'); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="<?=$config['meta_keywords']?>" /> <meta name="description" content="<?=$config['meta_description']?>" /> <title>Mafiazone | Norsk Mafia Spill</title> <link rel="shortcut icon" href="<?=$config['base_url']?>favicon.ico" /> <link href="<?=$config['base_url']?>css.css" type="text/css" rel="stylesheet" /> <script type="text/javascript" src="<?=$config['base_url']?>game/js/mootools.js"></script> <script type="text/javascript" src="js.js"></script> <?php if($side == 'logginn') echo '<script type="text/javascript">window.addEvent(\'domready\', function(){$(\'login\').focus()});;</script>' . "\n";?> </head> <body> <div id="default_langSelector"> <ul> <?php foreach ($languages_supported as $lang) { echo '<li' . ($lang[0] == $langBase->language ? ' class="active"' : '') . '><a href="' . $config['base_url'] . '?setLang=' . $lang[0] . '" title="' . $lang[2] . '"><img src="' . $config['base_url'] . 'game/images/flags/' . $lang[0] . '.png" alt="' . $lang[2] . '" /></a></li>'; } ?> </ul> </div> <div class="default_wrap"> <div class="default_header" style="position: relative;"> <div style="position: absolute; left: 10px; top: 10px; width: 568px; height: 60px; overflow: hidden;"> </div> </div> <div class="default_content_wrap"> <div class="default_content left"> <div class="content <?=$side?>"> <?php if ($side == 'logginn') { if (isset($_POST['do_login'])) { $login = $db->EscapeString($_POST['login']); $sql = "SELECT `id`,`pass` FROM `[users]` WHERE "; if (is_numeric($login)) { // Logg inn med bruker-id $sql .= "`id`='$login'"; } elseif (strstr($login, '@')) { // Logg inn med epost adresse $sql .= "`email`='$login'"; } else { // Logg inn med spillernavn $q = $db->Query("SELECT userid FROM `[players]` WHERE `name`='$login'"); $player = $db->FetchArray($q); $sql .= "`id`='".$player['userid']."'"; } $sql = $db->Query($sql); $user = $db->FetchArray($sql); $pass = View::DoubleSalt($db->EscapeString($_POST['password']), $user['id']); if ($user['pass'] === $pass) { $userid = $user['id']; $sql = $db->Query("SELECT id FROM `[sessions]` WHERE `Userid`='" . $user['id'] . "' AND `IP`='" . $_SERVER['REMOTE_ADDR'] . "' AND `Active`='1'"); while ($sess = $db->FetchArray($sql)) { $db->Query("INSERT INTO `" . $config['sql_logdb'] . "`.`[sessions_logg]` SELECT * FROM `[sessions_logg]` WHERE `id`='" . $sess['id'] . "'"); $db->Query("UPDATE `" . $config['sql_logdb'] . "`.`[sessions_logg]` SET `Active`='0' WHERE `id`='".$sess['id']."'"); $db->Query("DELETE FROM `[sessions]` WHERE `id`='" . $sess['id'] . "'"); } mysql_query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$user['id']."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')") or die(mysql_error()); $sid = mysql_insert_id(); $db->Query("UPDATE `[users]` SET `online`='".time()."', `last_active`='".time()."', `IP_last`='".$_SERVER['REMOTE_ADDR']."' WHERE `id`='$userid'"); $db->Query("UPDATE `[players]` SET `last_active`='".time()."', `online`='".time()."', `status`='1' WHERE `userid`='".$user['id']."' AND `health`>'0' AND `level`>'0'"); $_SESSION['MZ_LoginData'] = array( 'sid' => $sid, 'userid' => $user['id'], 'password' => $user['pass'] ); header("Location: $orign" . '&sid=' . $sid); exit; } else { $errorMsg = 'Feil innlogging / passord (<a href="'.$config['base_url'].'?side=glemt_pass">glemt passord</a>)'; } } elseif (isset($_POST['do_reg'])) { header('Location: /?side=registrer'); exit; } ?> <div class="logginn_left"></div> <div class="logginn_right"> <?php if ($errorMsg) echo '<p class="error">' . $errorMsg . '</p>';?> <form method="post" action=""> <p class="form_item"> <span class="title">Spillernavn / Epost / Bruker-ID</span><br /> <input type="text" name="login" id="login" value="<?=$_POST['login']?>" /> </p> <p class="form_item"> <span class="title">Passord</span><br /> <input type="password" name="password" value="" /> </p> <div class="hr"></div> <p class="buttons"> <input type="submit" class="first" name="do_login" value="Logg inn" /> <input type="submit" name="do_reg" value="Registrer deg" /> </p> </form> </div> <div class="clear"></div> <?php } elseif ($side == 'registrer') { if (isset($_GET['fb']) && false) { ?> <h1>Registrer deg med Facebook<span style="float: right; margin-right: 20px;"><a href="<?=$config['base_url']?>?side=logginn">Logg inn</a></span></h1> <div class="hr"></div> <?php if ($facebook_cookie && !empty($facebook_user->email)) { if (isset($_POST['reg_name'])) { $name = trim($db->EscapeString($_POST['reg_name'])); $name_validated = Accessories::ValidatePlayername($name); $pass = $db->EscapeString($_POST['reg_pass']); $pass_re = $db->EscapeString($_POST['reg_pass_re']); $mail = $db->EscapeString($facebook_user->email); if (!preg_match("/^[a-zA-Z_\\-][\\w\\.\\-_]*[a-zA-Z0-9_\\-]@[a-zA-Z0-9][\\w\\.-]*[a-zA-Z0-9]\\.[a-zA-Z][a-zA-Z\\.]*[a-zA-Z]$/i", $mail)) { $errorMsg = 'Ugyldig e-post adresse. ' . $mail; } elseif ($pass !== $pass_re) { $errorMsg = 'Passordene var ikke like'; } elseif (!View::ValidPassword($pass)) { $errorMsg = 'Ugyldig passord'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `[users]` WHERE `email`='".$mail."'")) > 0) { $errorMsg = 'E-posten er allerede i bruk'; } elseif ($name_validated == false) { $errorMsg = 'Ugyldig spillernavn'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `[players]` WHERE `name`='".$name."'")) > 0) { $errorMsg = 'Spillernavnet er opptatt'; } elseif (!isset($_POST['betingelser'])) { $errorMsg = 'Du må godta regelverket'; } else { $db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'"); $db->Query("INSERT INTO `[users]` (`email`, `reg_time`, `IP_regged_with`, `hasPlayer`, `enlisted_by`, `online`, `last_active`, `IP_last`, `register_source`)VALUES('".$mail."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '1', '".($extra['enlist'])."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', 'facebook:".$db->EscapeString($facebook_user->name)."')"); $userID = mysql_insert_id(); $saltPass = View::DoubleSalt($pass, $userID); $db->Query("UPDATE `[users]` SET `pass`='".$saltPass."' WHERE `id`='".$userID."'"); $db->Query("INSERT INTO `[players]` (`userid`, `name`, `IP_created_with`, `created`, `cash`, `bank`, `live`, `profileimage`, `online`, `last_active`, `status`)VALUES('".$userID."', '".$name_validated."', '".$_SERVER['REMOTE_ADDR']."', '".time()."', '".$config['player_default_money']['cash']."', '".$config['player_default_money']['bank']."', '".array_rand($config['places'])."', '".$config['default_profileimage']."', '".time()."', '".time()."', '1')"); $db->Query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$userID."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')"); $sid = mysql_insert_id(); $_SESSION['MZ_LoginData'] = array( 'userid' => $userID, 'sid' => $sid, 'password' => $saltPass ); View::Message('Gratulerer! Du har fått en bruker på Mafiazone!<br /><br />Trenger du hjelp for å komme i gang?<br />Sjekk <a href="/game/?side=faq">FAQ-en</a>, finner du ikke hjelp der, kan du spørre på <a href="/game/?side=support">support</a>.<br /><br />Lykke til!', 1, true, '/game/?side=faq'); } } ?> <form method="post" action="" style="width: 300px;"> <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?> <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?> <dl class="dd_right" style="margin: 5px 0 0 0;"> <dt>Spillernavn</dt> <dd><input type="text" name="reg_name" value="<?=trim($_POST['reg_name'])?>" /></dd> <dt>Passord</dt> <dd><input type="password" name="reg_pass" value="" /></dd> <dt>Gjenta passord</dt> <dd><input type="password" name="reg_pass_re" value="" /></dd> </dl> <div class="clear"></div> <input type="checkbox" name="betingelser" id="betingelser" /><label for="betingelser">Jeg har lest og godtar <a href="<?=$config['base_url']?>regelverk.php" target="_blank">regelverket</a>.</label> <p style="margin: 0; padding-top: 10px; text-align: center;"> <input type="submit" value="Fullfør registrering" /> </p> </form> <?php } else { echo '<div style="margin: 20px; font-size: 14px;"><p>Logg inn for å registrere deg med Facebook:</p> <p><fb:login-button perms="email"></fb:login-button></p></div>'; } ?> <div id="fb-root"></div> <script src="http://connect.facebook.net/en_US/all.js"></script> <script> FB.init({appId: '<?= FACEBOOK_APP_ID ?>', status: true, cookie: true, xfbml: true}); FB.Event.subscribe('auth.login', function(response) { window.location.href = window.location.href; }); </script> <?php } else { $steps = array( 1, 2 ); $step = $_GET['steg']; if (!in_array($step, $steps)) { $step = $steps[0]; } if ($step == 2 && !empty($_GET['v'])) { $last_temp = $db->EscapeString($_GET['v']); $sql = $db->Query("SELECT id,time_added,expires,extra FROM `temporary` WHERE `id`='".$last_temp."' AND `active`='1' AND `area`='register'"); $last_temp = $db->FetchArray($sql); $lt_expire = $last_temp['time_added']+$last_temp['expires'] - time(); if ($lt_expire <= 0) { $db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'"); unset($last_temp); } if ($last_temp['id'] == '') { header('Location: /?side=registrer&steg=1'); exit; } $extra = unserialize($last_temp['extra']); if (isset($_POST['reg_name'])) { $name = trim($db->EscapeString($_POST['reg_name'])); $name_validated = Accessories::ValidatePlayername($name); $pass = $db->EscapeString($_POST['reg_pass']); $pass_re = $db->EscapeString($_POST['reg_pass_re']); if ($pass !== $pass_re) { $errorMsg = 'Passordene var ikke like'; } elseif (!View::ValidPassword($pass)) { $errorMsg = 'Ugyldig passord'; } elseif ($name_validated == false) { $errorMsg = 'Ugyldig spillernavn'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `[players]` WHERE `name`='".$name."'")) > 0) { $errorMsg = 'Spillernavnet er opptatt'; } elseif (!isset($_POST['betingelser'])) { $errorMsg = 'Du må godta regelverket'; } else { $db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'"); $db->Query("INSERT INTO `[users]` (`email`, `reg_time`, `IP_regged_with`, `hasPlayer`, `enlisted_by`, `online`, `last_active`, `IP_last`, `register_source`)VALUES('".$extra['mail']."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '1', '".($extra['enlist'])."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', 'default')"); $userID = mysql_insert_id(); $saltPass = View::DoubleSalt($pass, $userID); $db->Query("UPDATE `[users]` SET `pass`='".$saltPass."' WHERE `id`='".$userID."'"); $db->Query("INSERT INTO `[players]` (`userid`, `name`, `IP_created_with`, `created`, `cash`, `bank`, `live`, `profileimage`, `online`, `last_active`, `status`)VALUES('".$userID."', '".$name_validated."', '".$_SERVER['REMOTE_ADDR']."', '".time()."', '".$config['player_default_money']['cash']."', '".$config['player_default_money']['bank']."', '".array_rand($config['places'])."', '".$config['default_profileimage']."', '".time()."', '".time()."', '1')"); $db->Query("INSERT INTO `[sessions]` (`Userid`, `Time_start`, `Last_updated`, `IP`, `User_agent`)VALUES('".$userID."', '".time()."', '".time()."', '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['HTTP_USER_AGENT']."')"); $sid = mysql_insert_id(); $_SESSION['MZ_LoginData'] = array( 'userid' => $userID, 'sid' => $sid, 'password' => $saltPass ); View::Message('Gratulerer! Du har fått en bruker på Mafiazone!<br /><br />Trenger du hjelp for å komme i gang?<br />Sjekk <a href="/game/?side=faq">FAQ-en</a>, finner du ikke hjelp der, kan du spørre på <a href="/game/?side=support">support</a>.<br /><br />Lykke til!', 1, true, '/game/?side=faq'); } } ?> <form method="post" action="" style="width: 300px;"> <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?> <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?> <dl class="dd_right" style="margin: 5px 0 0 0;"> <dt>Spillernavn</dt> <dd><input type="text" name="reg_name" value="<?=trim($_POST['reg_name'])?>" /></dd> <dt>Passord</dt> <dd><input type="password" name="reg_pass" value="" /></dd> <dt>Gjenta passord</dt> <dd><input type="password" name="reg_pass_re" value="" /></dd> </dl> <div class="clear"></div> <input type="checkbox" name="betingelser" id="betingelser" /><label for="betingelser">Jeg har lest og godtar <a href="<?=$config['base_url']?>regelverk.php" target="_blank">regelverket</a>.</label> <p style="margin: 0; padding-top: 10px; text-align: center;"> <input type="submit" value="Fullfør registrering" /> </p> </form> <?php } else { if (isset($_POST['reg_mail'])) { $mail = trim($db->EscapeString($_POST['reg_mail'])); $mail_re = trim($db->EscapeString($_POST['reg_mail_re'])); if (!preg_match("/^[a-zA-Z_\\-][\\w\\.\\-_]*[a-zA-Z0-9_\\-]@[a-zA-Z0-9][\\w\\.-]*[a-zA-Z0-9]\\.[a-zA-Z][a-zA-Z\\.]*[a-zA-Z]$/i", $mail)) { $errorMsg = 'Ugyldig epost-adresse'; } elseif ($mail !== $mail_re) { $errorMsg = 'Epost-adressene var ikke like'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `[users]` WHERE `email`='".$mail."' LIMIT 1")) > 0) { $errorMsg = 'Epost-adressen er opptatt'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `temporary` WHERE `playerid`='".$mail."' AND `active`='1' AND `area`='register' AND `time_added`+`expires`>'".time()."' LIMIT 1")) > 0) { $errorMsg = 'Det har allerede blitt sendt en verifiseringskode'; } else { $extra = array( 'mail' => $mail, 'enlist' => isset($_GET['e']) ? $db->EscapeString($_GET['e']) : 0 ); $tempID = substr(sha1(uniqid(rand())), 0, 6); $db->Query("INSERT INTO `temporary` (`id`, `playerid`, `area`, `expires`, `time_added`, `extra`)VALUES('".$tempID."', '".$mail."', 'register', '3600', '".time()."', '".serialize($extra)."')"); mail($mail, 'Mafiazone » Registrering', '<html> <body style="font-family: Verdana; color: #333333; font-size: 12px;"> <table style="width: 300px; margin: 0px auto;"> <tr style="text-align: center;"> <td style="border-bottom: solid 1px #cccccc;"><h1 style="margin: 0; font-size: 20px;"><a href="'.$config['base_url'].'">Mafiazone.biz</a></h1><h2 style="text-align: right; font-size: 14px; margin: 7px 0 10px 0;">« Registrering</h2></td> </tr> <tr style="text-align: justify;"> <td style="padding-top: 15px; padding-bottom: 15px;"> Hei, <br /> <br /> For å få en bruker på Mafiazone, åpne følgende lenke i nettleseren din:<br /> <a href="'.$config['base_url'].'?side=registrer&steg=2&v='.$tempID.'">'.$config['base_url'].'?side=registrer&steg=2&v='.$tempID.'</a> <br /> Linken er aktiv til <b>'.View::Time(time()+3600, true).'</b>. Du må bruke linken før denne tiden! </td> </tr> <tr style="text-align: right; color: #777777;"> <td style="padding-top: 10px; border-top: solid 1px #cccccc;"> Med vennlig hilsen <br> <span style="color: #222222;">Mafiazone ledelsen</span> </td> </tr> </table> </body> </html>', "Reply-To: Mafiazone <[email protected]>\r\n" . "Return-Path: Mafiazone <[email protected]>\r\n" . "To: ".$mail." <".$mail.">\r\n" . "From: Mafiazone <[email protected]>\r\n" . "MIME-Version: 1.0\r\n" . "Content-type: text/html; charset=iso-8859-1"); $successMsg = 'Det har blitt sendt en epost til epost-adressen'; } } ?> <h1>Registrer deg på Mafiazone<!-- (<a href="/?side=registrer&fb">bruk <img src="/img/facebook_reg.png" style="margin-bottom: -5px;" alt="Facebook" /></a>)--><span style="float: right; margin-right: 20px;"><a href="<?=$config['base_url']?>?side=logginn">Logg inn</a></span></h1> <div class="hr"></div> <form method="post" action=""> <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?> <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?> <dl class="dd_right"> <dt>Epost-adresse</dt> <dd><input type="text" name="reg_mail" value="<?=$_POST['reg_mail']?>" /></dd> <dt>Gjenta epost-adresse</dt> <dd><input type="text" name="reg_mail_re" value="" /></dd> </dl> <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;"> <input type="submit" value="Neste steg" /> </p> </form> <?php } } } elseif ($side == 'glemt_pass') { echo '<h1>Glemt passord<span style="float: right; margin-right: 20px;"><a href="'.$config['base_url'].'?side=logginn">Logg inn</a></span></h1>'; $last_temp = $db->EscapeString($_GET['v']); $sql = $db->Query("SELECT id,time_added,expires,extra FROM `temporary` WHERE `id`='".$last_temp."' AND `active`='1' AND `area`='forgot_pass'"); $last_temp = $db->FetchArray($sql); $lt_expire = $last_temp['time_added']+$last_temp['expires'] - time(); if ($lt_expire <= 0) { $db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'"); unset($last_temp); } if ($last_temp['id'] == '') { if (isset($_POST['fp_mail'])) { $mail = $db->EscapeString(trim($_POST['fp_mail'])); $sql = $db->Query("SELECT id,email FROM `[users]` WHERE `email`='".$mail."'"); $user = $db->FetchArray($sql); if ($user['id'] == '') { $errorMsg = 'Fant ingen brukere med den epost-adressen'; } elseif ($db->GetNumRows($db->Query("SELECT id FROM `temporary` WHERE `playerid`='".$mail."' AND `active`='1' AND `area`='forgot_pass' AND `time_added`+`expires`>'".time()."' LIMIT 1")) > 0) { $errorMsg = 'Det har allerede blitt sendt en verifiseringskode'; } else { $extra = array( 'mail' => $user['email'] ); $tempID = substr(sha1(uniqid(rand())), 0, 6); $db->Query("INSERT INTO `temporary` (`id`, `playerid`, `area`, `expires`, `time_added`, `extra`)VALUES('".$tempID."', '".$user['email']."', 'forgot_pass', '3600', '".time()."', '".serialize($extra)."')"); mail($user['email'], 'Mafiazone » Glemt passord', '<html> <body style="font-family: Verdana; color: #333333; font-size: 12px;"> <table style="width: 300px; margin: 0px auto;"> <tr style="text-align: center;"> <td style="border-bottom: solid 1px #cccccc;"><h1 style="margin: 0; font-size: 20px;"><a href="'.$config['base_url'].'">Mafiazone.biz</a></h1><h2 style="text-align: right; font-size: 14px; margin: 7px 0 10px 0;">« Registrering</h2></td> </tr> <tr style="text-align: justify;"> <td style="padding-top: 15px; padding-bottom: 15px;"> Hei, <br /> <br /> En person fra IP-adressen '.$_SERVER['REMOTE_ADDR'].' har bedt om nytt passord til brukeren din på Mafiazone.no <br /> <br /> Åpne denne linken for å få et nytt passord:<br /> <a href="'.$config['base_url'].'?side=glemt_pass&v='.$tempID.'">'.$config['base_url'].'?side=glemt_pass&v='.$tempID.'</a><br /> <br /> Linken er aktiv til <b>'.View::Time(time()+3600, true).'</b>. Du må bruke linken før denne tiden! </td> </tr> <tr style="text-align: right; color: #777777;"> <td style="padding-top: 10px; border-top: solid 1px #cccccc;"> Med vennlig hilsen <br /> <span style="color: #222222;">Mafiazone ledelsen</span> </td> </tr> </table> </body> </html>', "Reply-To: Mafiazone <[email protected]>\r\n" . "Return-Path: Mafiazone <[email protected]>\r\n" . "To: ".$user['email']." <".$user['email'].">\r\n" . "From: Mafiazone <[email protected]>\r\n" . "MIME-Version: 1.0\r\n" . "Content-type: text/html; charset=iso-8859-1"); $successMsg = 'Det har blitt sendt en epost til epost-adressen'; } } ?> <div class="hr"></div> <form method="post" action=""> <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?> <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?> <dl class="dd_right"> <dt>Epost-adresse</dt> <dd><input type="text" name="fp_mail" value="<?=$_POST['fp_mail']?>" /></dd> </dl> <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;"> <input type="submit" value="Neste steg" /> </p> </form> <?php } else { $extra = unserialize($last_temp['extra']); if (isset($_POST['new_pass'])) { $sql = $db->Query("SELECT id FROM `[users]` WHERE `email`='".$extra['mail']."'"); $user = $db->FetchArray($sql); $pass = View::DoubleSalt($db->EscapeString($_POST['new_pass']), $user['id']); $pass_re = View::DoubleSalt($db->EscapeString($_POST['new_pass_re']), $user['id']); if ($pass !== $pass_re) { $errorMsg = 'Passordene var ikke like'; } elseif (!View::ValidPassword($_POST['new_pass'])) { $errorMsg = 'Ugyldig passord'; } else { $db->Query("UPDATE `temporary` SET `active`='0' WHERE `id`='".$last_temp['id']."'"); $db->Query("UPDATE `[users]` SET `pass`='".$pass."' WHERE `id`='".$user['id']."'"); $successMsg = 'Du har lagret passordet'; } } ?> <div class="hr"></div> <form method="post" action=""> <?php if($successMsg) echo '<p class="yellow" style="margin: 0; font-size: 12px;">' . $successMsg . '</p>';?> <?php if($errorMsg) echo '<p class="red" style="margin: 0; font-size: 12px;">' . $errorMsg . '</p>';?> <dl class="dd_right"> <dt>Nytt passord</dt> <dd><input type="password" name="new_pass" value="" /></dd> <dt>Gjenta passord</dt> <dd><input type="password" name="new_pass_re" value="" /></dd> </dl> <p style="clear: both; margin: 0; padding-top: 15px; text-align: center;"> <input type="submit" value="Lagre passord" /> </p> </form> <?php } } ?> </div> </div> <div class="default_content"> <div id="preview"> <div class="nav"> <a href="#" class="prev"></a> <a href="#" class="next"></a> </div> </div> </div> <div class="clear"></div> </div> <div style="background: #1c1c1c; border: solid 2px #131313; margin: 15px auto; padding: 10px; -moz-border-radius: 5px; -webkit-border-radius: 5px; border-radius: 5px; opacity: 0.7; filter: alpha(opacity=70);"> <div style="margin: 0px auto; width: 820px;"> <div style="width: 200px; float: left;"> <ul class="mz_menulinks"> <li><a href="<?=$config['base_url']?>">« Logg inn</a></li> <li><a href="<?=$config['base_url']?>?side=registrer">« Registrer deg</a></li> <li><a href="<?=$config['base_url']?>?side=glemt_pass">« Glemt passord</a></li> </ul> </div> <div style="width: 380px; margin-left: 20px; float: left;"> <h3 style="text-align: justify;"><?=$config['meta_description']?></h3> </div> <div style="width: 200px; margin-left: 20px; float: left; text-align: center;"> <!--<h3>Registrer deg med <a href="/?side=registrer&fb"><img src="/img/facebook_reg.png" alt="Facebook" style="margin-bottom: -5px;" /></a></h3> <p><a href="/?side=registrer&fb">Klikk her</a></p>--> </div> <div class="clear"></div> </div> <div style="margin: 15px auto 15px; width: 728px;"> </div> <h3 style="text-align: center;">Internet Explorer kan ødelegge spillopplevelsen, derfor anbefaler vi at du bruker f. eks. <a href="http://www.opera.com/">Opera</a> eller <a href="http://www.google.com/chrome/">Chrome</a>.</h3> </div> </div> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-12469117-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body> </html> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.