Skip to content
This repository has been archived by the owner on Apr 2, 2021. It is now read-only.

Commit

Permalink
Revert "Revert "Update 1.0.5""
Browse files Browse the repository at this point in the history 
This reverts commit a2bfd8c.
  • Loading branch information
@fmohican
fmohican committed Dec 26, 2016
1 parent a2bfd8c commit 0ac7b59
Show file tree
Hide file tree
Showing 6 changed files with 329 additions and 63 deletions.
4 changes: 2 additions & 2 deletions activeacc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
?>
<html>
<head>
<title><?= $title?></title>
<title><?=$title?></title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
Expand All @@ -54,7 +54,7 @@
<form action='activeacc.php' method='POST'>
<div class='form-group'>
<label for='user'>Activation Code</label>
<input type='text' class='form-control' id='noremember' <?php if(strlen($key) == 32) echo "value='$key'";?> onfocus="this.removeAttribute('readonly');" pattern=".{32,32}" placeholder='Activation Code' name='key' required>
<input type='text' class='form-control' <?php if(strlen($key) == 32) echo "value='$key'";?> onfocus="this.removeAttribute('readonly');" pattern=".{32,32}" placeholder='Activation Code' name='key' required>
<p class="help-block">Your activation code from your mail address</p>
</div>
<?php
Expand Down
147 changes: 145 additions & 2 deletions config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
////Do you want to use Google CAPTCHA ? ///
////true = yes | false = no ///
///////////////////////////////////////////
$usecaptcha = true; //if you want to use google captcha you can get secret key and public key there https://www.google.com/recaptcha/admin
$usecaptcha = false; //if you want to use google captcha you can get secret key and public key there https://www.google.com/recaptcha/admin
$captchapublickey = ""; //If yes , put your PUBLIC key there (site key its called on google page's)
$captchasecret = ""; //If yes, put your SECRET key there
///////////////////////////////////////////
Expand Down Expand Up @@ -152,7 +152,7 @@ function registermail($email, $mailtoken, $user)
$message .= " Hello $user,<br/>
Welcome to our server $title we need to check if this is really your email address.<br/>
Please click below button to activate your accont.<br/>
<div align='center'><a href=\"$hosturl/activeacc.php?key=$mailtoken\" style='color: #f9823a; font-family: 'Raleway', arial;font-size: 18px;line-height: 28px;text-decoration: none;padding: 3px 5px;border: 2px dashed'>Activate account</a><br/></div>
<div align='center'><a href=\"$hosturl/activeacc.php?key=$mailtoken\" onMouseOver=\"this.style.color='#03a9f4'\" onMouseOut=\"this.style.color='#f9823a'\" style='color: #f9823a;font-family: 'Raleway', arial;font-size: 18px;line-height: 28px;text-decoration: none;padding: 3px 5px;border: 2px dashed'>Activate account</a><br/></div>
If above button don't work you can go manually at :<br/> $hosturl/activeacc.php <br/> and enter below key<br/>
<b>$mailtoken</b><br/>
Your Staff, $title<br/>";
Expand Down Expand Up @@ -214,4 +214,147 @@ function registermail($email, $mailtoken, $user)
$headers .= "From: $title <$norplaymail>" . "\r\n";
mail($to, $subject, $message, $headers);
}
function forgotmail($email, $mailtoken)
{
global $norplaymail, $title, $hosturl;
$to = $email;
$subject = "Do you forgot password on ".$title;
$message = '
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<link href="http://fonts.googleapis.com/css?family=Raleway:400,600" rel="stylesheet" type="text/css">
<style type="text/css">
html{
width: 100%;
}
body{
width: 100%;
margin:0;
padding:0;
-webkit-font-smoothing: antialiased;
mso-padding-alt: 0px 0px 0px 0px;
background: #ffffff;
}
p,h1,h2,h3,h4{
margin-top:0;
margin-bottom:0;
padding-top:0;
padding-bottom:0;
}
table{
font-size: 14px;
border: 0;
}
img{
border: none!important;
}
</style>
</head>
<body style="margin: 0; padding: 0;">
<table border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#424242" style="height:450px;">
<tr>
<td>
<table width="600" cellpadding="0" cellspacing="0" align="center" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td height="169"></td>
</tr>
<tr>
<td style="text-align:center; color: #fff; font-family: \'Raleway\', arial; font-weight:600; font-size: 36px; text-transform:uppercase; letter-spacing:3px;">'.$title.'</td>
</tr>
<tr>
<td height="133"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0" border="0" bgcolor="#212121" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td>
<table width="600" align="center" border="0" cellpadding="0" cellspacing="0" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td width="100%" height="100"></td>
</tr>
<tr>
<td width="100%" height="20"></td>
</tr>
<tr>
<td style="color: whitesmoke; font-family: \'Raleway\', arial; font-size: 18px; line-height:28px;">';
$message .= " Hello dear user,<br/>
You or someone else ask for your password if you made this request,<br/>
please click below button to forgot your accont password.<br/>
<div align='center'><a href=\"$hosturl/forgot.php?key=$mailtoken&status=enterkey\" style='color: #f9823a;font-family: 'Raleway', arial;font-size: 18px;line-height: 28px;text-decoration: none;padding: 3px 5px;border: 2px dashed'>Forgot Password!</a><br/></div>
If above button don't work you can go manually at :<br/> $hosturl/forgot.php?status=enterkey <br/> and enter below key<br/>
<b>$mailtoken</b><br/>
Your Staff, $title<br/>";
$message .= ' </td>
</tr>
<tr>
<td width="100%" height="100"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table width="100%" bgcolor="#f9823a" cellpadding="0" border="0" cellspacing="0" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td>
<table width="600" align="center" cellpadding="0" border="0" cellspacing="0" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td width="100%" height="40px"></td>
</tr>
<tr>
<td>
<table align="left" cellpadding="0" border="0" cellspacing="0" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tbody>
<tr>
<td>
<table cellpadding="0" border="0" cellspacing="0" style="border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt;">
<tr>
<td width="100%" height="16"></td>
</tr>
<tr>
<td style="color: #fff; font-family: \'Raleway\'; font-size: 12px;">© All rights reserved '.$title.'</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td width="100%" height="40px"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</body>
</html>';
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= "To: $email" . "\r\n";
$headers .= "From: $title <$norplaymail>" . "\r\n";
mail($to, $subject, $message, $headers);
}
?>
2 changes: 1 addition & 1 deletion css/style.min.css
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

150 changes: 150 additions & 0 deletions forgot.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
<?php
require_once('config.php');
$status = cleanthis(@$_REQUEST['status']);
?>
<html>
<head>
<title><?=$title?></title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>
<script src="./js/jquery.min.js"></script>
<script src="./js/bootstrap.min.js"></script>
<link rel="stylesheet" type="text/css" href="./css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="./css/style.min.css">
<link rel="stylesheet" type="text/css" href="./css/font-awesome.min.css">
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<div id='cont'>
<?php
switch($status) {
case "keynotgood":
echo "<p style='color:red;font-width:bold;'>You enter an invalid token! Please try again!</p>";
break;
case "nokeyfound":
echo "<p style='color:red;font-width:bold;'>I can't find your token did you enter right? Please try again!</p>";
break;
case "gcap":
echo "<p style='color:red;font-width:bold;'>You enter captcha wrong. Try again!</p>";
break;
case "mailnotfound":
echo "<p style='color:red;font-width:bold;'>I can't find your mail. Did you type mail right? Please try again!</p>";
break;
case "filterfail":
echo "<p style='color:red;font-width:bold;'>This don't look like mail address did you try to cheat? Try again!</p>";
break;
case "changepass":
$key = cleanthis($_POST["fkey"]);
$pass = cleanthis($_POST["pass"]);
$cpass = cleanthis($_POST["c_pass"]);
$resp = $recaptcha->verify(@$_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
if($resp->isSuccess() or $usecaptcha == false)
{
if($pass === $cpass)
{
if(strlen($key) == 32)
{
$key = strtolower($key);
$params = array($key);
$sql = "SELECT * FROM Account WHERE VerificationToken = ?";
$opts = array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
$result = sqlsrv_query($mssql, $sql, $params, $opts);
$result = sqlsrv_num_rows($result);
if($result == 1)
{
$pass = hash("sha512", $pass);
$params = array($pass,$key);
$loverandom = md5(md5(rand(0,9)).md5(rand(0,9).$key));
$sql = "UPDATE Account SET VerificationToken = '$loverandom', Password = ? WHERE VerificationToken = ?";
$result = sqlsrv_query($mssql, $sql, $params);
echo "<h2 style='color:whitesmoke;'>Your password was changed successfully!";
exit();
}
else
exit(header("Location: forgot.php?status=nokeyfound"));
}
else
exit(header("Location: forgot.php?status=keynotgood"));
}
exit(header("Location: forgot.php?status=enterkey&err=passpass&key=$key"));
}
exit(header("Location: forgot.php?status=gcap"));
break;
case "enterkey":
$key = cleanthis(@$_GET["key"]);
$err = cleanthis(@$_GET['err']);
if($err == "passpass")
echo '<div id="alert" class="alert alert-danger alert-dismissible" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>Failed! Password must be same. Try again.</div>';
echo "<form action='forgot.php' method='POST'>
<div class='form-group'>
<label for='user'>Email</label>";
if(strlen($key) == 32)
echo "<input type='text' class='form-control' pattern='.{32,32}' placeholder='your forgot key' name='fkey' value='$key' required readonly>";
else
echo "<input type='text' class='form-control' pattern='.{32,32}' placeholder='your forgot key' name='fkey' required>";
echo "<p class=\"help-block\">Enter the key was sent early on your email (check for it).</p>
</div>
<div class='form-group'>
<label for='Password'>Password</label>
<input type='password' class='form-control' pattern='.{6,30}' placeholder='Password' name='pass' required>
<p class='help-block'>Password must be between 6 and 30 characters. We recommand to use complexe password.</p>
</div>
<div class='form-group'>
<label for='Password1'>Repeat Password</label>
<input type='password' class='form-control' pattern='.{6,30}' placeholder='Repeat Password' name='c_pass' required>
<p class='help-block'>Repeat your password.</p>
</div>";
if ($usecaptcha == true)
echo "<div style='display: block;text-align: center;text-align: -webkit-center;'><div class='g-recaptcha' id='googlechap' data-sitekey='$captchapublickey;'></div></div>";
echo "<center><button type='submit' class='btn btn-default' name='status' value='changepass'>Change my password!</button></center></form>";
break;
case "forgot":
$resp = $recaptcha->verify(@$_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
if($resp->isSuccess() or $usecaptcha == false)
{
$email = $_POST["fmail"];
$email = filter_var($email, FILTER_SANITIZE_STRING);
if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
$params = array($email);
$sql = "SELECT * FROM Account WHERE Email = ?";
$opts = array("Scrollable" => SQLSRV_CURSOR_KEYSET);
$result = sqlsrv_query($mssql, $sql, $params, $opts);
$restul = sqlsrv_num_rows($result);
if($restul == 1)
{
$keygen = rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9).$title.$_SERVER['REMOTE_ADDR'].rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9);
$enckey = md5(md5($keygen).md5($keygen).$keygen);
$params = array($enckey, $email);
$sql = "UPDATE Account SET VerificationToken = ? WHERE Email = ?";
$result = sqlsrv_query($mssql, $sql, $params);
forgotmail($email, $enckey);
echo "<p style='color:whitesmoke;'>An email has been sent to the address <span class='fmail'>$email</span> .<br/>Check your email and follow the instructions.</p>";
exit();
}
else
exit(header("Location: forgot.php?status=mailnotfound"));
}
else
exit(header("Location: forgot.php?status=filterfail"));
}
else
exit(header("Location: forgot.php?status=gcap"));
break;
default:
echo "<form action='forgot.php' method='POST'>
<div class='form-group'>
<label for='user'>Email</label>
<input type='email' class='form-control' pattern=\"[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}$\" placeholder='YourRegister@email.com' name='fmail' required>
<p class=\"help-block\">Enter your email address.</p>
</div>";
if ($usecaptcha == true)
echo "<div style='display: block;text-align: center;text-align: -webkit-center;'><div class='g-recaptcha' id='googlechap' data-sitekey='$captchapublickey;'></div></div>";
echo "<center><button type='submit' class='btn btn-default' name='status' value='forgot'>Send my password!</button></center></form>";
}
?>
</div>
</body>
</html>
Loading

0 comments on commit 0ac7b59

Please sign in to comment.