Ajudem com meu Habbo - Register Bugado 05.02.13 7:46
O Hotel é 24h com VPS.
E queria que me ajudassem!
<?php
define("IN_HOLOCMS", TRUE);
session_start();
// #########################################################################
// MySQL CONNECTOR
// #########################################################################
@require_once('server-data.php_data_classes-config.php.php');
mysql_connect("$MySQLhostname", "$MySQLusername", "$MySQLpassword") or die("<title>SERVERFEHLER</title><h1>SERVERFEHLER</h1>");
mysql_select_db("$MySQLdb") or die("<title>SERVERFEHLER</title><h1>SERVERFEHLER</h1>");
// #########################################################################
// Kurz Befehle
// #########################################################################
$cms_name = mysql_fetch_assoc($cms_name = mysql_query("SELECT * FROM cms_settings WHERE variable = 'cms_name'"));
$localhost = mysql_fetch_assoc($localhost = mysql_query("SELECT * FROM cms_settings WHERE variable = 'localhost'"));
$remote_ip = $_SERVER['REMOTE_ADDR'];
$sitename = "".$cms_name['value']."";
$shortname = "".$cms_name['value']."";
if(@ini_get('date.timezone') == null && function_exists("date_default_timezone_get")){ @date_default_timezone_set("America/Sao_Paulo"); }
$getmoney_date = date('d.m.Y');
$date_normal = date('d.m.Y');
$date_full = date('d.m.Y H:i:s');
$path = "".$localhost['value']."";
$adminpath = "".$path."/manage/hotel/de/housekeeping";
$clientpath = "http://hamp.sytes.net";
$cimagesurl = "".$clientpath."/c_images";
$badgesurl = "/album1584/";
$hash_secret = "xCg532%@%gdvf^5DGaa6&*rFTfg^FD4\$OIFThrR_gh(ugf*/";
$cms_settings = mysql_query("SELECT * FROM cms_settings LIMIT 1");
$config = mysql_fetch_assoc($cms_settings);
$maintenance = mysql_num_rows($maintenance = mysql_query("SELECT * FROM cms_settings WHERE variable = 'cms_maintenance' AND value = '1'"));
$server = mysql_fetch_assoc($server_status = mysql_query("SELECT * FROM server_status"));
$online_count = $server['users_online'];
// #########################################################################
// MySQL TABLE SITE_CONFIG
// #########################################################################
function FetchSITESetting($strSetting){
$tmp = mysql_query("SELECT ".$strSetting." FROM cms_settings LIMIT 1") or die(mysql_error());
$tmp = mysql_fetch_assoc($tmp);
return $tmp[$strSetting];
}
// #########################################################################
// CMS LOGIN FUNKTION
// #########################################################################
function HoloHash($password){
$hash_secret = "xCg532%@%gdvf^5DGaa6&*rFTfg^FD4\$OIFThrR_gh(ugf*/";
$string = sha1($password.($hash_secret));
return $string;
}
function HoloHashMD5($password){
$hash_secret = "xCg532%@%gdvf^5DGaa6&*rFTfg^FD4\$OIFThrR_gh(ugf*/";
$string = md5($password.($hash_secret));
return $string;
}
// #########################################################################
// IS-EVEN FUNKTION
// #########################################################################
function IsEven($intNumber)
{
if($intNumber % 2 == 0){
return true;
} else {
return false;
}
}
// #########################################################################
// SMILIES FOR GRUPPEN/FORUM
// #########################################################################
function bbcode_format($str){
$simple_search = array(
'/\[b\](.*?)\[\/b\]/is',
'/\[i\](.*?)\[\/i\]/is',
'/\[u\](.*?)\[\/u\]/is',
'/\[s\](.*?)\[\/s\]/is',
'/\[quote\](.*?)\[\/quote\]/is',
'/\[link\=(.*?)\](.*?)\[\/link\]/is',
'/\[url\=(.*?)\](.*?)\[\/url\]/is',
'/\[color\=(.*?)\](.*?)\[\/color\]/is',
'/\[size=small\](.*?)\[\/size\]/is',
'/\[size=large\](.*?)\[\/size\]/is',
'/\[code\](.*?)\[\/code\]/is',
'/\[habbo\=(.*?)\](.*?)\[\/habbo\]/is',
'/\[room\=(.*?)\](.*?)\[\/room\]/is',
'/\[group\=(.*?)\](.*?)\[\/group\]/is'
);
$simple_replace = array(
'<strong>$1</strong>',
'<em>$1</em>',
'<u>$1</u>',
'<s>$1</s>',
"<div class='bbcode-quote'>$1</div>",
"<a href='$1'>$2</a>",
"<a href='$1'>$2</a>",
"<font color='$1'>$2</font>",
"<font size='1'>$1</font>",
"<font size='3'>$1</font>",
'<pre>$1</pre>',
"<a href='./user_profile.php?id=$1'>$2</a>",
"<a onclick=\"roomForward(this, '$1', 'private'); return false;\" target=\"client\" href=\"./client.php?forwardId=2&roomId=$1\">$2</a>",
"<a href='./group_profile.php?id=$1'>$2</a>"
);
$str = preg_replace ($simple_search, $simple_replace, $str);
return $str;
}
// #########################################################################
// FÜR LOGIN_TICKET
// #########################################################################
function GenerateTicket(){
$data = "ST-";
for ($i=1; $i<=6; $i++){
$data = $data . rand(0,9);
}
$data = $data . "-";
for ($i=1; $i<=20; $i++){
$data = $data . rand(0,9);
}
$data = $data . "-xubbo-beta-fe";
$data = $data . rand(0,5);
return $data;
}
// #########################################################################
if(@session_is_registered('username')){
$rawname = $_SESSION['username'];
$rawpass = $_SESSION['password'];
$usersql = mysql_query("SELECT * FROM users WHERE username = '".$rawname."' AND password = '".$rawpass."' LIMIT 1");
$myrow = mysql_fetch_assoc($usersql);
$userinfo = mysql_query("SELECT * FROM user_stats WHERE id = '".$myrow['id']."'");
$userinfo = mysql_fetch_assoc($userinfo);
$password_correct = mysql_num_rows($usersql);
$my_id = $myrow['id'];
$user_rank = $myrow['rank'];
$ban = mysql_query("SELECT * FROM bans WHERE value = '".$myrow['username']."' AND bantype = 'user' or value = '".$remote_ip."' AND bantype = 'ip' LIMIT 1");
$bancheck = mysql_num_rows($ban);
if($password_correct !== 1){
session_destroy();
header("location: ".$path."1");
exit;
}elseif($bancheck > 0){
$bandata = mysql_fetch_assoc($ban);
$timestamp = time();
if($bandata['expire'] > $timestamp){
$login_error = "Du bist gebannt! Der Grund für deinen Bann lautet \"".$bandata['reason']."\" und dauert bis ".date('d.m.Y - H:i:s', $bandata['expire'])."";
include('logout.php');
session_destroy(); exit;
}
}
$logged_in = true;
$name = HoloText($myrow['username']);
} else {
$user_rank = 0;
$name = "No-Name";
$my_id = "0";
$myticket = "ST-No-Name-xubbo-fe";
$logged_in = false;
}
// #########################################################################
// HC CHECK
// #########################################################################
$hc_a = mysql_query("SELECT * FROM user_subscriptions WHERE user_id = '".$my_id."' and timestamp_expire > '".time()."'");
$hc = mysql_num_rows($hc_a);
function getHCDays($my_id){
$sql = mysql_query("SELECT timestamp_activated,timestamp_expire FROM user_subscriptions WHERE user_id = '".$my_id."' LIMIT 1") or die(mysql_error());
if (mysql_num_rows($sql) == 0){
return 0;
}
$data = mysql_fetch_assoc($sql);
$diff = $data['timestamp_expire'] - time();
if ($diff <= 0){
return 0;
}
return ceil($diff / 86400);
}
// #########################################################################
// VIP CHECK
// #########################################################################
$vip = mysql_num_rows($vip_a = mysql_query("SELECT * FROM vip WHERE id_user = '".$my_id."'"));
function getVIPDays($my_id){
$sql = mysql_query("SELECT timestamp,timestampend FROM vip WHERE id_user = '".$my_id."' LIMIT 1") or die(mysql_error());
if (mysql_num_rows($sql) == 0){
return 0;
}
$data = mysql_fetch_assoc($sql);
$diff = $data['timestampend'] - time();
if ($diff <= 0){
return 0;
}
return ceil($diff / 86400);
}
if($vip > 0 && getVIPDays($my_id) < 1){
mysql_query("UPDATE users SET vip = '0', rank = '1' WHERE id = '".$my_id."'") or die(mysql_error());
mysql_query("DELETE FROM vip WHERE id_user = '".$my_id."'") or die(mysql_error());
$vip = '0';
echo"<script>alert(\"Dein VIP ist abgelaufen.\");</script>";
header("location: ".$path.""); exit;
}
// #########################################################################
// HK/IS_MAINTENANCE CHECK
// #########################################################################
if(isset($_SESSION['hkusername'])){
if($_SESSION['hkusername'] == $name){
$rank['iAdmin'] = "1";
} else {
$rank['iAdmin'] = "0";
}
} else {
$rank['iAdmin'] = "0";
}
if($maintenance == '1' && !$is_maintenance && $rank['iAdmin'] < 1){
header("Location: ".$path."/maintenance");
exit;
} elseif($rank['iAdmin'] == 1 && $config['variable'] == "cms_maintenance" && $config['value'] == '1'){
$notify_maintenance = true;
}
// #########################################################################
function mysql_evaluate($query, $default_value="undefined") {
$result = mysql_query($query) or die(mysql_error());
if(mysql_num_rows($result) < 1){
return $default_value;
} else {
return mysql_result($result, 0);
}
}
// #########################################################################
function FilterText($str, $advanced=false) {
if($advanced == true){ return mysql_real_escape_string($str); }
$str = mysql_real_escape_string(htmlspecialchars($str));
return $str;
}
function HoloText($str, $advanced=false, $bbcode=false) {
if($advanced == true){ return stripslashes($str); }
$str = stripslashes(nl2br(htmlspecialchars($str)));
if($bbcode == true){$str = bbcode_format($str); }
return $str;
}
?>
<?php
require_once('./data_classes/server-data.php_data_classes-core.php.php');
if($logged_in){
header("Location: ".$path."/me");
exit;
}
$ip_check = mysql_query("SELECT ip_last,username,id FROM users WHERE ip_last = '".$remote_ip."'");
if(isset($_GET['cancal'])){
session_unset();
header("Location: $path/");
exit;
}
switch($_GET['stap']){
case "1":
if(isset($_SESSION['jjp']['register'][1])){
header("Location: ".$path."/quickregister/email_password");
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-1.php');
break;
case "2":
$bday_day = FilterText($_POST['bean_day']);
$bday_month = FilterText($_POST['bean_month']);
$bday_year = FilterText($_POST['bean_year']);
$gender = FilterText($_POST['bean_gender']);
if (!is_numeric($bday_day) || !is_numeric($bday_month) || !is_numeric($bday_year) || $bday_day <= 0 || $bday_day > 31 ||
$bday_month <= 0 || $bday_month > 12 || $bday_year < 1900 || $bday_year > 2010)
{
$errors = "Gib uns bitte gültige Daten an.";
}else if(!empty($gender)){
$_SESSION['jjp']['register'][1]['bday_day'] = $bday_day;
$_SESSION['jjp']['register'][1]['bday_month'] = $bday_month;
$_SESSION['jjp']['register'][1]['bday_year'] = $bday_year;
$_SESSION['jjp']['register'][1]['gender'] = $gender;
header("Location: ".$path."/quickregister/email_password");
exit;
}else{
$errors = "Gib uns bitte gültige Daten an.";
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-1.php');
exit;
break;
case "3":
if(!isset($_SESSION['jjp']['register'][1])){
header("Location: ".$path."/quickregister/start");
} elseif(isset($_SESSION['jjp']['register'][2])){
header("Location: ".$path."/quickregister/captcha");
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-2.php');
break;
case "4":
$name = FilterText($_POST['bean_name']);
$email = FilterText($_POST['bean_email']);
$email2 = FilterText($_POST['bean_retypedEmail']);
$pass1 = FilterText($_POST['bean_password']);
$pass2 = FilterText($_POST['bean_retypedPassword']);
$filter = preg_replace("/[^a-z\d\-=\?!@:\.]/i", "", $name);
$email_check = preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);
$tmp = mysql_query("SELECT id FROM users WHERE username = '".$name."' LIMIT 1") or die(mysql_error());
$tmp = mysql_num_rows($tmp);
$first = substr($name, 0, 4);
// NAME CHECK
if(strnatcasecmp($first,"MOD-") == false) {
$errors = "Dieser Username ist ungültig";
}elseif($tmp > 0){
$errors = "Der Name ist leider vergeben!";
}elseif($filter !== $name){
$errors = "Dieser Username ist ungültig.";
}elseif(strlen($name) > 12){
$errors = "Dieser Username ist zulang.</p></div>";
// E-MAIL CHECK
}elseif($email_check !== 1){
$errors = "Ungültige E-Mail Adresse";
}elseif(strlen($email) < 6){
$errors = "Ungültige E-Mail Adresse";
}elseif($email !== $email2){
$errors = "Die Email-Adressen stimmen nicht überein";
// PASSWORT CHECK
}elseif($pass1 !== $pass2){
$errors = "Die Passwörter stimmen nicht überein";
}elseif(isset($_POST['bean_termsOfServiceSelection'])){
$_SESSION['jjp']['register'][2]['name'] = $name;
$_SESSION['jjp']['register'][2]['email'] = $email;
$_SESSION['jjp']['register'][2]['pass'] = $pass1;
header("Location: ".$path."/quickregister/captcha");
exit;
}else{
$errors = "Bitte akzeptiere die Nutzungsbedienung";
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-2.php');
exit;
break;
case "5":
if(!isset($_SESSION['jjp']['register'][1])){
header("Location: ".$path."/quickregister/start");
}elseif(!isset($_SESSION['jjp']['register'][2])){
header("Location: ".$path."/quickregister/email_password");
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-3.php');
break;
case "6":
if($_SESSION['register-captcha-bubble'] !== strtolower($_POST['captchaResponse'])){
$errors = "Der Sicherheitscode war leider nicht korrekt. Bitte versuch es noch einmal.";
}else{
if($_SESSION['jjp']['register'][1]['gender'] == "male"){
$look = 'hd-180-1.ch-210-66.lg-270-82.sh-290-91.hr-100-';
$gender = 'M';
}else{
$look = 'hd-180-1.ch-210-66.lg-270-82.sh-290-91.hr-100-';
$gender = 'F';
}
mysql_query("INSERT INTO `users` (username,real_name,password,auth_ticket,motto,mail,rank,look,gender,account_created,last_online,online,ip_last,ip_reg,working,secretcode,mymusik) VALUES ('".$_SESSION['jjp']['register'][2]['name']."','".$sitename."','".HoloHashMD5($_SESSION['jjp']['register'][2]['pass'])."','-/-','','".$_SESSION['jjp']['register'][2]['email']."','1','".$look."','".$gender."','".time()."','".time()."','1','".$remote_ip."','".$remote_ip."','','','')") or die(mysql_error());
$userdata2 = mysql_query("SELECT * FROM users WHERE username = '".$_SESSION['jjp']['register'][2]['name']."'");
$userdata = mysql_fetch_assoc($userdata2);
mysql_query("INSERT INTO `user_info` (user_id,reg_timestamp) VALUES ('".$userdata['id']."','".time()."')");
mysql_query("INSERT INTO `user_stats` (id) VALUES ('".$userdata['id']."')");
$_SESSION['username'] = $_SESSION['jjp']['register'][2]['name'];
$_SESSION['password'] = HoloHashMD5($_SESSION['jjp']['register'][2]['pass'], $_SESSION['jjp']['register'][2]['name']);
unset($_SESSION['jjp']['register']);
header("Location: ../me");
exit;
}
require_once('./templates/register_subheader.php');
require_once('./templates/quickregister/page-register-3.php');
exit;
break;
}
?>
Recomendamos a BH Servers com proteção DDOS gratuita em Cloud Server de alta performance. Entrega imediata.