| [ PHPXref.com ] | [ Generated: Sun Jul 20 17:32:17 2008 ] | [ eNdonesia 8.3 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?PHP 2 include ("open_session.php"); 3 if(!isset($mainfile)) { include ("mainfile.php"); } 4 $index =1; 5 6 function nav() { 7 include ("config.php"); 8 $box_stuff = " 9 <a href=\"user.php\">Profile</a> | 10 <a href=\"user.php?op=edituser\">Edit Account</a> | 11 <a href=\"user.php?op=edithome\">Homepage</a> | "; 12 if ($disable_themes){ 13 $box_stuff .= "<a href=\"user.php?op=chgtheme\">Theme</a> | "; 14 } 15 $box_stuff .= " 16 <a href=\"user.php?op=logout\">Logout</a>"; 17 themesidebox("My Menu", $box_stuff); 18 } 19 20 function main($user) { 21 global $stop; 22 23 if(!isset($user) || (isset($user) && empty($user))) 24 { 25 include ("config.php"); 26 include ("header.php"); 27 28 if ($stop) 29 echo "<center><br><span class=\"onebiggerred\">Incorrect Login!</span></center>"; 30 31 if (empty($user)) { 32 $box_title = "User Login"; 33 $box_stuff = " 34 <form action=\"user.php\" method=\"post\"> 35 <table> 36 <tr><td>Nickname:</td><td><input type=\"text\" name=\"uname\" size=\"21\" maxlength=\"25\" /></td></tr> 37 <tr><td>Password:</td><td><input type=\"password\" name=\"pass\" size=\"21\" maxlength=\"20\" /></td></tr> 38 <tr><td> </td><td><input type=\"hidden\" name=\"op\" value=\"login\" /> 39 <input type=\"submit\" value=\"Login\" /></td></tr> 40 </table> 41 </form>"; 42 themesidebox($box_title, $box_stuff); 43 } 44 45 $box_title = "Registrasi"; 46 $box_stuff = " 47 <p>Nikmati aneka fasilitas yang tersedia di Portal ini dengan menjadi member. Untuk menjadi members, 48 Anda hanya perlu melakukan registrasi dengan mengisi form singkat berikut ini.</p> 49 <p>Masukkan nickname atau login name yang diinginkan, lalu masukkan pula email Anda. Selanjutnya, 50 ke alamat email Anda, akan dikirim password untuk login.</p> 51 <p>Data lain bisa Anda masukkan setelah Anda menjadi member.</p> 52 53 <form action=\"user.php\" method=\"post\"> 54 <table><tr><td>Nickname:</td><td><input type=\"text\" name=\"uname\" size=\"25\" maxlength=\"25\" /></td></tr> 55 <tr><td>Email:</td><td><input type=\"text\" name=\"email\" size=\"25\" maxlength=\"60\" /></td></tr> 56 <tr><td> </td><td> 57 <input type=\"hidden\" name=\"op\" value=\"newuser\" /> 58 <input type=\"submit\" value=\"Registrasi\" /> 59 </td></tr> 60 </table> 61 </form>"; 62 63 themesidebox($box_title, $box_stuff); 64 65 $box_title = "Lupa Password?"; 66 $box_stuff = " 67 <p>Tak masalah. Hanya dengan dua langkah, Anda bisa mendapatkan password baru.</p> 68 <p>Langkah pertama, masukkan nickname atau login name yang biasa Anda pakai. Biarkan isian kode 69 konfirmasi tetap kosong. Lalu, klik Send Password. Maka, sebuah kode konfirmasi pun 70 akan dikirim ke alamat email Anda yang tercatat di sini.</p> 71 <p>Langkah kedua, masukkan kembali Nickname anda, plus kode konfirmasi yang baru Anda peroleh, dan klik 72 lagi Send Password. Maka, sebuah password baru pun akan dikirim ke email Anda.</p> 73 <p>Selanjutnya, gunakan password baru anda sebagaimana biasanya.</p> 74 75 <form action=\"user.php\" method=\"post\"> 76 <table border=0> 77 <tr><td>Nickname:</td><td><input type=\"text\" name=\"uname\" size=\"26\" maxlength=\"25\" /></td></tr> 78 <tr><td>Kode Konfirmasi:</td><td><input type=\"text\" name=\"code\" size=\"5\" maxlength=\"6\" /></td></tr> 79 <tr><td> </td><td> 80 <input type=\"hidden\" name=\"op\" value=\"mailpasswd\" /> 81 <input type=\"submit\" value=\"Send Password\" /></td></tr> 82 </table> 83 </form>"; 84 85 themesidebox($box_title, $box_stuff); 86 include ("footer.php"); 87 } else { 88 global $cookie; 89 cookiedecode($user); 90 userinfo($cookie[1]); 91 } 92 } 93 94 function confirmNewUser($uname, $email) { 95 global $stop, $EditedMessage; 96 97 include ("header.php"); 98 filter_text($uname); 99 $uname = $EditedMessage; 100 userCheck($uname, $email); 101 if (!$stop) { 102 $box_title = "Data Registrasi"; 103 $box_stuff = " 104 <p>Berikut ini data yang Anda gunakan untuk registrasi. Jika sudah Ok, klik Finish. Password akan langsung 105 dikirim ke alamat email Anda.</p> 106 <p>Nickname: $uname<br />Email: $email</p> 107 108 <form action=\"user.php\" method=\"post\"> 109 <input type=\"hidden\" name=\"uname\" value=\"$uname\" /> 110 <input type=\"hidden\" name=\"email\" value=\"$email\" /> 111 <br /><br /><input type=\"hidden\" name=\"op\" value=\"finish\" /> 112 <input type=\"submit\" value=\"Finish\" /></form>"; 113 } else { 114 $box_title = "$stop"; 115 $box_stuff = "<span class=\"onebiggerred\">$stop</span>"; 116 } 117 themesidebox($box_title, $box_stuff); 118 include ("footer.php"); 119 } 120 121 function userCheck($uname, $email) { 122 global $stop; 123 include ("config.php"); 124 125 if ((!$email) || ($email=="") || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$",$email))) $stop = "ERROR: Invalid email<br />"; 126 if (strrpos($email,' ') > 0) $stop = "ERROR: Email addresses do not contain spaces"; 127 if ((!$uname) || ($uname =="") || (ereg("[^a-zA-Z0-9_-]",$uname))) $stop = "ERROR: Invalid Nickname<br />"; 128 if (strlen($uname) > 25) $stop = "Nickname is too long. It must be less than 25 characters"; 129 if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrateur)|(nobody)|(anonymous)|(anonyme)|(operator)|(opérateur))$",$uname)) $stop = "ERROR: Name is reserved<br />"; 130 if (strrpos($uname,' ') > 0) $stop = "There cannot be any spaces in the Nickname."; 131 if ($user_dblocation) 132 { 133 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 134 if (mysql_num_rows(mysql_query("select uname from users where uname='$uname'")) > 0) $stop = "ERROR: Nickname sudah dipakai<br />"; 135 if (mysql_num_rows(mysql_query("select email from users where email='$email'")) > 0) $stop = "ERROR: Email sudah terdaftar<br />"; 136 @mysql_select_db("$dbname") or die ("Unable to select database"); 137 } 138 else 139 { 140 if (mysql_num_rows(mysql_query("select uname from users where uname='$uname'")) > 0) $stop = "ERROR: Nickname sudah dipakai<br />"; 141 if (mysql_num_rows(mysql_query("select email from users where email='$email'")) > 0) $stop = "ERROR: Email sudah terdaftar<br />"; 142 143 } 144 return($stop); 145 } 146 147 function finishNewUser($uname, $email) 148 { 149 global $stop, $makepass, $EditedMessage; 150 include ("config.php"); 151 152 include ("header.php"); 153 154 userCheck($uname, $email); 155 if (!isset($stop)) { 156 $makepass=makepass(); 157 158 if(!$system) { 159 $cryptpass=crypt($makepass); 160 $cryptpass=crypt($makepass, substr($cryptpass,0,2)); 161 } 162 else 163 $cryptpass=$makepass; 164 165 if ($user_dblocation) 166 { 167 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 168 $result = mysql_query("insert into users values (NULL,'','$uname','$email','','','$cryptpass',10,'',0,'','','0')"); 169 @mysql_select_db("$dbname") or die ("Unable to select database"); 170 } 171 else 172 { 173 $result = mysql_query("insert into users values (NULL,'','$uname','$email','','','$cryptpass',10,'',0,'','','0')"); 174 } 175 if(!$result) { 176 echo mysql_errno(). ": ".mysql_error(). "<br />"; 177 } else { 178 $message = " 179 Anda atau seseorang telah menggunakan email ini ($email) untuk 180 registrasi keanggotaan di $sitename -- $portal_url.\n\n 181 Berikut ini informasi keanggotaannya: \n\n -Nickname: $uname\n -Password: $makepass\n\n $nuke_url"; 182 $subject="Password untuk $uname"; 183 $from="$adminmail"; 184 185 if ($system == 1) { 186 $title = "<a href=".">Your Password</a>"; 187 $content = " 188 <p>Thanks for your registration. Here are your...</p> 189 <p>Nickname: $uname<br/>Password: <b>$makepass</b></p> 190 <p>Klik login untuk langsung menikmati portal ini: <a href=\"user.php?op=login&uname=$uname&pass=$makepass\"><b>LOGIN</b></a></p>"; 191 themesidebox($title, $content); 192 } else { 193 mail($email, $subject, $message, "From: $from\nX-Mailer: PHP/" . phpversion()); 194 195 $title = "Your Password"; 196 $content = " 197 <p>Registrasi selesai. Password telah dikirim ke alamat email Anda.</p> 198 <p>Silakan cek email Anda dan gunakan password yang diberikan untuk login di sini.</p>"; 199 themesidebox($title, $content); 200 } 201 } 202 } else { 203 echo "$stop"; 204 } 205 include ("footer.php"); 206 } 207 208 function makePass () { 209 $makepass=""; 210 $syllables="er,in,tia,wol,fe,pre,vet,jo,nes,al,len,son,cha,ir,ler,bo,ok,tio,nar,sim,ple,bla,ten,toe,cho,co,lat,spe,ak,er,po,co,lor,pen,cil,li,ght,wh,at,the,he,ck,is,mam,bo,no,fi,ve,any,way,pol,iti,cs,ra,dio,sou,rce,sea,rch,pa,per,com,bo,sp,eak,st,fi,rst,gr,oup,boy,ea,gle,tr,ail,bi,ble,brb,pri,dee,kay,en,be,se"; 211 $syllable_array=explode(",", $syllables); 212 srand((double)microtime()*1000000); 213 for ($count=1;$count<=4;$count++) { 214 if (rand()%10 == 1) { 215 $makepass .= sprintf("%0.0f",(rand()%50)+1); 216 } else { 217 $makepass .= sprintf("%s",$syllable_array[rand()%62]); 218 } 219 } 220 return($makepass); 221 } 222 223 function login($uname, $pass) 224 { 225 global $setinfo,$system; 226 include ("config.php"); 227 228 if ($user_dblocation) 229 { 230 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 231 $result = mysql_query("select pass, uid, storynum, ublockon, theme from users where uname='$uname'"); 232 @mysql_select_db("$dbname") or die ("Unable to select database"); 233 } 234 else 235 { 236 $result = mysql_query("select pass, uid, storynum, ublockon, theme from users where uname='$uname'"); 237 } 238 239 if(mysql_num_rows($result)==1) 240 { 241 $setinfo = mysql_fetch_array($result); 242 243 $dbpass = $setinfo[pass]; 244 245 if(!$system) 246 $pass = crypt($pass, substr($dbpass,0,2)); 247 248 if (strcmp($dbpass, $pass)) 249 { 250 Header("Location: user.php?stop=1"); 251 return; 252 } 253 254 docookie($setinfo[uid], $uname, $pass, $setinfo[storynum], $setinfo[ublockon], $setinfo[theme]); 255 Header("Location: user.php?op=userinfo&bypass=1&uname=$uname"); 256 } 257 else Header("Location: user.php?stop=1"); 258 } 259 260 function userinfo($uname, $bypass=0) 261 { 262 global $user, $cookie; 263 include ("config.php"); 264 265 if ($user_dblocation) 266 { 267 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 268 $result = mysql_query("select name, femail, url, bio from users where uname='$uname'"); 269 @mysql_select_db("$dbname") or die ("Unable to select database"); 270 } 271 else 272 { 273 $result = mysql_query("select name, femail, url, bio from users where uname='$uname'"); 274 } 275 276 $userinfo = mysql_fetch_array($result); 277 if(!$bypass) cookiedecode($user); 278 include ("header.php"); 279 if($uname == $cookie[1]) { 280 $box_title = "Profile of <span class=\"onebiggerred\">" . htmlspecialchars($uname) . "</span>"; 281 }else{ 282 $box_title = "<span class=\"type4bigger\">" . htmlspecialchars($uname) . "</span>"; 283 } 284 285 if((mysql_num_rows($result)==1) && ($userinfo[name] || $userinfo[url] || $userinfo[femail] || $userinfo[bio])) 286 { 287 $box_stuff .="<table cellspacing=2 cellpadding=2>"; 288 289 if ($userinfo[name]) { 290 $box_stuff .= "<tr><td valign=top>Name</td><td valign=top>:</td><td>$userinfo[name]</td></tr>"; 291 } 292 293 if ($userinfo[url]) { 294 if (!strstr($userinfo[url], "http://")) 295 $userinfo[url] = "http://".$userinfo[url]; 296 $box_stuff .= "<tr><td>Website</td><td>:</td><td><a href=\"$userinfo[url]\">$userinfo[url]</a></td></tr>"; 297 } 298 299 if ($userinfo[femail]) { 300 $box_stuff .= "<tr><td>Email</td><td>:</td><td><a href=\"mailto:$userinfo[femail]\">$userinfo[femail]</a></td></tr>"; 301 } 302 303 if ($userinfo[bio]) { 304 $box_stuff .= "<tr><td valign=top>About Me</td><td valign=top>:</td><td>$userinfo[bio]</td></tr>"; 305 } 306 307 $box_stuff .="</table>"; 308 309 } else { 310 $box_stuff .= "There is no available info for " . htmlspecialchars($uname); 311 } 312 313 themesidebox($box_title, $box_stuff); 314 315 if($uname == $cookie[1]){ echo nav(); } 316 include ("footer.php"); 317 } 318 319 function logout() { 320 321 $agent = (phpversion() > "4.1.0") ? $_SERVER[HTTP_USER_AGENT] : $HTTP_SERVER_VARS[HTTP_USER_AGENT]; 322 323 // it seems like M$ Internet Explorer 5.x and 6.x requires this to successfully logout users 324 if (stristr($HTTP_USER_AGENT, 'msie')) 325 if (stristr($agent, 'msie')) 326 setcookie("user","",time()-15552000,'/',""); 327 328 // Netscape/Mozilla requires this instead 329 setcookie("user"); 330 include ("header.php"); 331 $title = "You are now logged out"; 332 $boxy = "<br /><a href=\"index.php\">Kembali ke halaman depan</a><br />"; 333 themesidebox($title, $boxy); 334 include ("footer.php"); 335 } 336 337 function mail_password($uname, $code) { 338 include ("config.php"); 339 340 if($code) 341 { 342 if($uname ==""){ 343 echo "Nickname-nya mana....?"; 344 } else { 345 if ($user_dblocation) 346 { 347 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 348 $result = mysql_query("select email, pass from users where (uname='$uname')"); 349 @mysql_select_db("$dbname") or die ("Unable to select database"); 350 } 351 else 352 { 353 $result = mysql_query("select email, pass from users where (uname='$uname')"); 354 } 355 356 $host_name = getenv("REMOTE_ADDR"); 357 358 list($email, $pass) = mysql_fetch_row($result); 359 360 $areyou = substr($pass, 0, 5); 361 362 if ($areyou==$code) { 363 364 $newpass=makepass(); 365 366 $message = " 367 Anggota bernama: $uname , menggunakan email ini untuk keanggotaannya 368 di $portal_url .\n\n 369 Karena lupa passwordnya, ia ( $host_name ) minta dikirim ulang passwordnya.\n\n 370 Password baru: $newpass\n\n 371 Kalau Anda merasa tak meminta password baru, abaikan email ini.\n\n"; 372 373 $subject="Password untuk $uname"; 374 mail($email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion()); 375 } 376 377 // Next step: add the new password to the database 378 379 if(!$system) { 380 $cryptpass=crypt($newpass); 381 $cryptpass=crypt($newpass,substr($cryptpass,0,2)); 382 } else { 383 $cryptpass=$newpass; 384 } 385 386 $query="update users set pass='$cryptpass' where uname='$uname'"; 387 388 if ($user_dblocation) 389 { 390 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 391 if(!mysql_query($query)) { 392 echo "mail_password: could not update user entry. Contact the Administrator"; 393 } 394 @mysql_select_db("$dbname") or die ("Unable to select database"); 395 } 396 else 397 { 398 if(!mysql_query($query)) { 399 echo "mail_password: could not update user entry. Contact the Administrator"; 400 } 401 } 402 403 include ("header.php"); 404 $title = "User password sent"; 405 $content =" 406 <p>Password untuk $uname telah dikirim lewat email.</p> 407 <p>Dapatkan password tersebut, dan silakan kembali ke halaman <a href=\"user.php\">members</a> 408 untuk login dengan memakai password baru."; 409 themesidebox($title, $content); 410 include ("footer.php"); 411 } 412 413 } else { 414 if($uname =="") 415 { 416 echo "Nickname-nya mana....?"; 417 } else { 418 if ($user_dblocation) 419 { 420 @mysql_select_db("$user_dbname") or die ("Unable to select database"); 421 $result = mysql_query("select email, pass from users where (uname='$uname')"); 422 @mysql_select_db("$dbname") or die ("Unable to select database"); 423 } 424 else { 425 $result = mysql_query("select email, pass from users where (uname='$uname')"); 426 } 427 428 if(!$result) { 429 echo "Maaf, tak ada anggota dengan nama tersebut."; 430 } else { 431 $host_name = getenv("REMOTE_ADDR"); 432 list($email, $pass) = mysql_fetch_row($result); 433 $areyou = substr($pass, 0, 5); 434 435 $message = " 436 Anggota bernama '$uname' menggunakan email ini untuk keanggotaannnya di $portal_url . 437 Karena lupa passwordnya, ia ( $host_name ) minta dikirimi Kode Konfirmasi untuk mengubah 438 password.\n\n 439 Jika Anda tak minta dikirimi, abaikan atau delete email ini.\n\n 440 Kode konfirmasi: $areyou \n\n 441 Gunakan kode konfirmasi ini untuk membuat password baru.\n\n"; 442 443 $subject="Kode Konfirmasi untuk $uname"; 444 mail($email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion()); 445 446 include ("header.php"); 447 $title = "Kode Konfirmasi"; 448 $content = " 449 <p>Kode Konfirmasi untuk <b>$uname</b> telah dikirim via email.</p> 450 <p>Silakan cek email Anda, dapatkan Kode Konfirmasi tersebut, 451 lalu kembali ke halaman lupa password tadi</p> 452 <p>Pada form lupa password, masukkan nickname dan kode konfirmasi.</p>"; 453 themesidebox($title, $content); 454 include ("footer.php"); 455 } 456 } 457 } 458 } 459 460 function docookie($setuid, $setuname, $setpass, $setstorynum, $setublockon, $settheme) 461 { 462 $info = base64_encode("$setuid:$setuname:$setpass:$setstorynum:$setublockon:$settheme"); 463 464 setcookie("user","$info",time()+15552000); // 6 mo is 15552000 465 } 466 467 function edituser() 468 { 469 global $user, $userinfo; 470 471 include ("header.php"); 472 473 getusrinfo($user); 474 if ($userinfo){ 475 $box_title = "Edit Account"; 476 $box_stuff = " 477 <form action=\"user.php\" method=\"post\"> 478 <table width=100% border=0> 479 <tr><td width=20%>Real Name</td><td>:</td><td><input type=\"text\" name=\"name\" value=\"$userinfo[name]\" size=\"30\" maxlength=\"60\" /></td></tr> 480 <tr><td>Real Email</td><td>:</td><td><input type=\"text\" name=\"email\" value=\"$userinfo[email]\" size=\"30\" maxlength=\"60\" /> <span class=smalltype>- Required</span></td></tr> 481 <tr><td>Fake Email</td><td>:</td><td><input type=\"text\" name=\"femail\" value=\"$userinfo[femail]\" size=\"30\" maxlength=\"60\" /> <span class=smalltype>- Just for fun</span></td></tr> 482 <tr><td>Website</td><td>:</td><td><input type=\"text\" name=\"url\" value=\"$userinfo[url]\" size=\"30\" maxlength=\"100\" /></td></tr> 483 <tr><td valign=top>About You<br><br><br><br><span class=smalltype>(255 char max)</span></td><td valign=top>:</td><td><textarea cols=\"35\" rows=\"7\" name=\"bio\" wrap=\"virtual\">$userinfo[bio]</textarea></td></tr> 484 <tr><td >Password</td><td>:</td><td><input type=\"password\" name=\"pass\" size=\"10\" maxlength=\"20\" /><input type=\"password\" name=\"vpass\" size=\"10\" maxlength=\"20\" /> <span class=smalltype>(Type twice to change)</span></td></tr> 485 <tr><td colspan=3 class=tengahtop></td></tr> 486 <tr><td colspan=3 align=center><input type=\"hidden\" name=\"uname\" value=\"$userinfo[uname]\" /> 487 <input type=\"hidden\" name=\"uid\" value=\"$userinfo[uid]\" /> 488 <input type=\"hidden\" name=\"op\" value=\"saveuser\" /> 489 <input type=\"submit\" value=\"Save Changes\" /></form> 490 <tr><td colspan=3 align=center><span class=smalltype>Notes: Real email will be keep private. It will be used to send your password.</span></td></tr> 491 </table>"; 492 } else { 493 $box_title = "Edit Account"; 494 $box_stuff = "Your account is not registered. Please logout to delete your cookie"; 495 } 496 497 themesidebox($box_title, $box_stuff); 498 nav(); 499 include ("footer.php"); 500 } 501 502 function saveuser($uid, $name, $uname, $email, $femail, $url, $pass, $vpass, $bio) 503 { 504 global $user, $cookie, $userinfo, $EditedMessage,$system; 505 include ("config.php"); 506 507 if ((isset($pass)) && ("$pass" != "$vpass")) { 508 echo "Passwords need to be identical."; 509 } elseif (($pass != "") && (strlen($pass) < $minpass)) { 510 echo "Password must be at least