forked from XG-Project/xNova
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
executable file
·118 lines (102 loc) · 3.31 KB
/
index.php
File metadata and controls
executable file
·118 lines (102 loc) · 3.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
/**
* @project XG Proyect
* @version 2.10.x build 0000
* @copyright Copyright (C) 2008 - 2012
*/
define('INSIDE' , TRUE);
define('INSTALL' , FALSE);
define('LOGIN' , TRUE);
define('XGP_ROOT', './');
$InLogin = TRUE;
include(XGP_ROOT . 'global.php');
includeLang ( 'PUBLIC' );
$parse = $lang;
$page = isset($_GET['page']) ? $_GET['page'] : NULL;
switch ($page)
{
case'lostpassword':
function sendnewpassword($mail)
{
global $lang;
$ExistMail = doquery("SELECT `email` FROM {{table}} WHERE `email` = '". $mail ."' LIMIT 1;", 'users', TRUE);
if (empty($ExistMail['email']))
{
message($lang['mail_not_exist'], "index.php?modo=claveperdida",2, FALSE, FALSE);
}
else
{
$Caracters='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$NewPass = '';
for ($i=0; $i < 8; $i++)
{
$NewPass .= substr($pool, mt_rand(0, 61), 1);
}
$Title = $lang['mail_title'];
$Body = $lang['mail_text'];
$Body .= $NewPass;
mail($mail,$Title,$Body);
$NewPassSql = sha1($NewPass);
$QryPassChange = "UPDATE {{table}} SET ";
$QryPassChange .= "`password` ='". $NewPassSql ."' ";
$QryPassChange .= "WHERE `email`='". $mail ."' LIMIT 1;";
doquery( $QryPassChange, 'users');
}
}
if ( $_POST )
{
sendnewpassword ( $_POST['email'] );
message ( $lang['mail_sended'] , "./" , 2 , FALSE , FALSE );
}
else
{
$parse['year'] = date ( "Y" );
$parse['version'] = VERSION;
$parse['forum_url'] = read_config ( 'forum_url' );
display ( parsetemplate ( gettemplate ( 'public/lostpassword' ) , $parse ) , FALSE , '' , FALSE , FALSE );
}
break;
default:
if ($_POST)
{
$login = doquery("SELECT `id`,`username`,`password`,`banaday` FROM {{table}} WHERE `username` = '" . mysql_escape_string($_POST['username']) . "' AND `password` = '" . sha1($_POST['password']) . "' LIMIT 1", "users", TRUE);
if($login['banaday'] <= time() && $login['banaday'] != '0')
{
doquery("UPDATE {{table}} SET `banaday` = '0', `bana` = '0' WHERE `username` = '".$login['username']."' LIMIT 1;", 'users');
doquery("DELETE FROM {{table}} WHERE `who` = '".$login['username']."'",'banned');
}
if ($login)
{
if (isset($_POST["rememberme"]))
{
$expiretime = time() + 31536000;
$rememberme = 1;
}
else
{
$expiretime = 0;
$rememberme = 0;
}
@include('config.php');
$cookie = $login["id"] . "/%/" . $login["username"] . "/%/" . md5($login["password"] . "--" . $dbsettings["secretword"]) . "/%/" . $rememberme;
setcookie(read_config ( 'cookie_name' ), $cookie, $expiretime, "/", "", 0);
doquery("UPDATE `{{table}}` SET `current_planet` = `id_planet` WHERE `id` ='".$login["id"]."'", 'users');
unset ( $dbsettings );
header ( 'location:game.php?page=overview' );
exit;
}
else
{
message ( $lang['login_error'] , "./" , 2 , FALSE , FALSE );
}
}
else
{
$parse['year'] = date ( "Y" );
$parse['version'] = VERSION;
$parse['servername'] = read_config ( 'game_name' );
$parse['forum_url'] = read_config ( 'forum_url' );
display ( parsetemplate ( gettemplate ( 'public/index_body' ) , $parse ) , FALSE , '' , FALSE , FALSE );
}
}
?>