Untitled

From Stained Pintail, 9 Years ago, written in PHP.

Embed

Download Paste or View Raw
Hits: 486

<?

class ENGINE_front_logowanie extends CMS

{

public $valid = false;

function defaulted()

{

header('Location: '.$this->config['root']);

}

function zaloguj()

{

$b=$_POST['back']!='' ? $_POST['back'] : '/uzytkownik/';

if(isset($_POST['email']) && isset($_POST['pass']))

{

$data = $this->slashesData($_POST,'add');

$res = $this->db->dbQuery("SELECT * FROM customers WHERE email='".$data['email']."' AND pass=sha1('".$data['pass']."') AND access=1");

$data = $this->db->assocAll($res);

if($data)

{

$fields = array('firstname','secondname','company','street','nr1',

'nr2','postcode','city','fax','phone','nip','email');

foreach($fields as $field)

$_SESSION[$field] = $data[0][$field];

$_SESSION['id'] = $data[0]['id'];

$_SESSION['auth'] = md5(time());

unset($_SESSION['pass']);

$d = array();

$d['idUser'] = $data[0]['id'];

$d['ip'] = $_SERVER['REMOTE_ADDR'];

$d['user_agent'] = $_SERVER['HTTP_USER_AGENT'];

$d['data_dodania'] = time();

$this->contents->table = 'login_logs';

$this->contents->data = $d;

$this->contents->insert();

$res = $this->db->dbQuery("SELECT * FROM customers_groups WHERE id=".$data[0]['grupa']);

$rabat = $this->db->result($res,'rabat');

$_SESSION['rabat'] = $rabat;

}

else

{

if($_POST['back']=='/koszyk/platnosc.html')

{header('location:../koszyk/platnosc.html?error=pass');exit();}

$this->contents->assign('error',true);

}

}

else

$this->contents->assign('form',true);

if($_POST['back']=='/koszyk/platnosc.html' && $_SESSION['rabat'])

$b = '/koszyk/udziel_rabatu.html';

if(isset($_SESSION['auth']) && $_SESSION['auth']==true) {

$this->loadModule('logs');

$this->logs->insert("Uzytkownik sie zalogowal");

header("Location: ..".$b);

exit();

}

$this->contents->display('system/zaloguj.html');

}

function wyloguj()

{

if(!isset($_SESSION['auth'])) header("Location: ".$this->config['root']);

$_SESSION['id']=0;

session_destroy();

$_SESSION = array();

$_SESSION['id']=0;

/*$this->setHeaderToTpl('Refresh','5; URL=../');

$this->putHeaderToTpl('contents');

$this->contents->assign('system','logout');

echo '<META HTTP-EQUIV="Refresh" CONTENT="5;URL='.$this->config['root'].'">';

$this->contents->display('system/login.html');

*/

header("location:/?mess=Zostałeś wylogowany");

}

function przypomnij_haslo()

{

if(isset($_POST['email']))

{

$fields = array(

'email' => array(

'reguired' => true,

'regxp2' => '[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}',

'length_min' => 6,

'length_max' => 128,

'db' => array('table'=>'customers','field'=>'email'),

'dbrequired' => true

)

);

$this->validationFields($fields,$_POST,'contents');

if($this->valid)

$this->remaindPassword();

}

$this->contents->display('forms/remain_password.html');

}

function zmien_haslo()

{

if(strlen($_POST['pass'])>2 AND $_POST['pass']==$_POST['pass1'])

{

$this->db->dbQuery("Update customers set pass ='".sha1(mysql_real_escape_string($_POST['pass']))."' where id=".$_SESSION['id']);

header("Location: zmien_haslo.html?mess=Hasło zostało zmienione!");

$this->contents->assign('ch',true);

}

$this->contents->display('forms/zmien_haslo.html');

}

function remaindPassword()

{

$new_pass='now'.rand(11,2339);

$this->contents->table = 'customers';

$this->contents->cond = "email='".mysql_real_escape_string($_POST['email'])."'";

$this->contents->order = false;

$this->contents->data=array('tmppass'=>$new_pass);

$this->contents->update();

$user = $this->contents->getContent();

$this->contents->assign('hash',sha1($user['email']));

$this->contents->assign('new_pass',$new_pass);

$msg = mysql_escape_string($this->contents->fetch('system/remain_password_email.html'));

$this->contents->display('system/remain_password.html');

$this->sendEmailMsg($this->config['remain_password_msg_from'],$this->config['remain_password_msg_email'],$_POST['email'], $this->config['remain_password_msg_title'], $msg);

exit;

}

function akceptujHaslo()

{

$res = $this->db->dbQuery("UPDATE customers set pass=sha1(tmppass) WHERE sha1(email)='".mysql_escape_string($_GET['hash'])."'");

if($this->db->affected())

header('Location: ../?mess=Twoje hasło zostało aktywowane');

else

header('Location: ../?mess=Twój link stracił ważność lub jest niepoprawny');

}

}

?>

Author

Title

Language

Your paste - Paste your paste here

&lt;?

class ENGINE_front_logowanie extends CMS
	{
		public $valid = false;
		
		function defaulted()
		{
			header('Location: '.$this-&gt;config['root']);
		}
		
		function zaloguj()
		{

$b=$_POST['back']!='' ? $_POST['back'] : '/uzytkownik/';
		
		
			if(isset($_POST['email']) &amp;&amp; isset($_POST['pass']))
			{
				$data = $this-&gt;slashesData($_POST,'add');
				 
				
				$res  = $this-&gt;db-&gt;dbQuery(&quot;SELECT * FROM customers WHERE email='&quot;.$data['email'].&quot;' AND pass=sha1('&quot;.$data['pass'].&quot;') AND access=1&quot;);
				$data = $this-&gt;db-&gt;assocAll($res);

if($data)
				{
					$fields = array('firstname','secondname','company','street','nr1', 
													'nr2','postcode','city','fax','phone','nip','email');
											
					foreach($fields as $field)
						$_SESSION[$field] = $data[0][$field];
					
					$_SESSION['id'] = $data[0]['id']; 
					$_SESSION['auth']  = md5(time());
					unset($_SESSION['pass']);
					
					$d = array();
					$d['idUser'] = $data[0]['id'];
					$d['ip'] = $_SERVER['REMOTE_ADDR'];
					$d['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
					$d['data_dodania'] = time();
					
					$this-&gt;contents-&gt;table = 'login_logs';
					$this-&gt;contents-&gt;data = $d;
					$this-&gt;contents-&gt;insert();
					
					
					$res = $this-&gt;db-&gt;dbQuery(&quot;SELECT * FROM customers_groups WHERE id=&quot;.$data[0]['grupa']);
					$rabat = $this-&gt;db-&gt;result($res,'rabat');
					
					$_SESSION['rabat'] = $rabat;
					
				}
				else
				{
					if($_POST['back']=='/koszyk/platnosc.html')
						{header('location:../koszyk/platnosc.html?error=pass');exit();}
					$this-&gt;contents-&gt;assign('error',true);
				}
			}
			else
				$this-&gt;contents-&gt;assign('form',true);
			
			
			if($_POST['back']=='/koszyk/platnosc.html' &amp;&amp; $_SESSION['rabat'])
				$b = '/koszyk/udziel_rabatu.html';
			
			
			if(isset($_SESSION['auth']) &amp;&amp; $_SESSION['auth']==true)	{
			$this-&gt;loadModule('logs');
			$this-&gt;logs-&gt;insert(&quot;Uzytkownik sie zalogowal&quot;);
					header(&quot;Location: ..&quot;.$b);
					exit();
			}
			$this-&gt;contents-&gt;display('system/zaloguj.html');
		}
		
		function wyloguj()
		{
			if(!isset($_SESSION['auth'])) header(&quot;Location: &quot;.$this-&gt;config['root']);
			$_SESSION['id']=0;
			session_destroy();
			$_SESSION = array();
			$_SESSION['id']=0;
			/*$this-&gt;setHeaderToTpl('Refresh','5; URL=../');
			$this-&gt;putHeaderToTpl('contents');
			$this-&gt;contents-&gt;assign('system','logout');
			echo '&lt;META HTTP-EQUIV=&quot;Refresh&quot; CONTENT=&quot;5;URL='.$this-&gt;config['root'].'&quot;&gt;';
			$this-&gt;contents-&gt;display('system/login.html');
			*/
			header(&quot;location:/?mess=Zostałeś wylogowany&quot;);
		}

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection -

Reply to "Untitled"