Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Q&A
RevCMS referral system
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Adrian" data-source="post: 283510" data-attributes="member: 20165"><p>To set it up follow this.</p><p></p><p>run this SQL first</p><p>Code:</p><p>ALTER TABLE `users` ADD `ref` VARCHAR( 255 ) NOT NULL</p><p>open class.template.php in /app/</p><p></p><p>search for this</p><p>PHP Code:</p><p>$this->setParams('ip_last', $users->getInfo($_SESSION['user']['id'], 'ip_last'));</p><p>add this under</p><p></p><p>PHP Code:</p><p>$this->setParams('refferal', $users->getInfo($_SESSION['user']['id'], 'ref'));</p><p>search for this in interface.users.php in /app/interface/</p><p></p><p>PHP Code:</p><p>public function nameTaken($username);</p><p>add this under</p><p></p><p>PHP Code:</p><p>[SPOILER][/SPOILER]public function ref($post);</p><p></p><p>replace your whole class.users.php in /app/ with this</p><p></p><p>[SPOILER="Code"]</p><p><?phpnamespace Revolution;</p><p>if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); }</p><p>class users implements iUsers{</p><p>/*-------------------------------Authenticate-------------------------------------*/</p><p>final public function isLogged()</p><p>{</p><p>if(isset($_SESSION['user']['id']))</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p>/*-------------------------------Checking of submitted data-------------------------------------*/</p><p>final public function validName($username)</p><p>{</p><p>if(strlen($username) <= 25 && ctype_alnum($username))</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p></p><p>final public function validEmail($email)</p><p>{</p><p>return preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);</p><p>}</p><p></p><p>final public function validSecKey($seckey)</p><p>{</p><p>if(is_numeric($seckey) && strlen($seckey) == 4)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p></p><p>final public function nameTaken($username)</p><p>{</p><p>global $engine;</p><p></p><p>if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1") > 0)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p></p><p>final public function emailTaken($email)</p><p>{</p><p>global $engine;</p><p></p><p>if($engine->num_rows("SELECT * FROM users WHERE mail = '" . $email . "' LIMIT 1") > 0)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p></p><p>final public function userValidation($username, $password)</p><p>{</p><p>global $engine;</p><p>if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "' LIMIT 1") > 0)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p>/*-------------------------------Stuff related to bans-------------------------------------*/</p><p>final public function isBanned($value)</p><p>{</p><p>global $engine;</p><p>if($engine->num_rows("SELECT * FROM bans WHERE value = '" . $value . "' LIMIT 1") > 0)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p></p><p>final public function getReason($value)</p><p>{</p><p>global $engine;</p><p>return $engine->result("SELECT reason FROM bans WHERE value = '" . $value . "' LIMIT 1");</p><p>}</p><p></p><p>final public function hasClones($ip)</p><p>{</p><p>global $engine;</p><p>if($engine->num_rows("SELECT * FROM users WHERE ip_reg = '" . $_SERVER['REMOTE_ADDR'] . "'") == 1)</p><p>{</p><p>return true;</p><p>}</p><p></p><p>return false;</p><p>}</p><p>/*-------------------------------Login or Register user-------------------------------------*/</p><p>final public function register()</p><p>{</p><p>global $core, $template, $_CONFIG;</p><p></p><p>if(isset($_POST['register']))</p><p>{</p><p>unset($template->form->error);</p><p>$template->form->setData();</p><p></p><p>if($this->validName($template->form->reg_username))</p><p>{</p><p>if(!$this->nameTaken($template->form->reg_username))</p><p>{</p><p>if($this->validEmail($template->form->reg_email))</p><p>{</p><p>if(!$this->emailTaken($template->form->reg_email))</p><p>{</p><p>if(strlen($template->form->reg_password) > 6)</p><p>{</p><p>if($template->form->reg_password == $template->form->reg_rep_password)</p><p>{</p><p>if(isset($template->form->reg_seckey))</p><p>{</p><p>if($this->validSecKey($template->form->reg_seckey))</p><p>{//Continue}</p><p>else</p><p>{$template->form->error = 'Secret key must only have 4 numbers';</p><p>return;</p><p>}</p><p>}</p><p>if($this->isBanned($_SERVER['REMOTE_ADDR']) == false)</p><p>{</p><p>if(!$this->hasClones($_SERVER['REMOTE_ADDR']))</p><p>{</p><p>if(!isset($template->form->reg_gender)) { $template->form->reg_gender = 'M'; }</p><p>if(!isset($template->form->reg_figure)) { $template->form->reg_figure = $_CONFIG['hotel']['figure']; }</p><p>$this->addUser($template->form->reg_username, $core->hashed($template->form->reg_password), $template->form->reg_email, $_CONFIG['hotel']['motto'], $_CONFIG['hotel']['credits'], $_CONFIG['hotel']['pixels'], 1, $template->form->reg_figure, $template->form->reg_gender, $core->hashed($template->form->reg_key));</p><p>$this->turnOn($template->form->reg_username);</p><p>header('Location: ' . $_CONFIG['hotel']['url'] . '/me');</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'Sorry, but you cannot register twice';</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Sorry, it appears you are IP banned.<br />';$template->form->error .= 'Reason: ' . $this->getReason($_SERVER['REMOTE_ADDR']);</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Password does not match repeated password';</p><p>return;</p><p>}</p><p></p><p>}</p><p>else</p><p>{$template->form->error = 'Password must have more than 6 characters';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Email: <b>' . $template->form->reg_email . '</b> is already registered';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Email is not valid';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Username is already registered';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Username is invalid';</p><p>return;</p><p>}</p><p>}</p><p>}</p><p></p><p>final public function login()</p><p>{</p><p>global $template, $_CONFIG, $core;</p><p></p><p>if(isset($_POST['login']))</p><p>{$template->form->setData();</p><p>unset($template->form->error);</p><p></p><p>if($this->nameTaken($template->form->log_username))</p><p>{</p><p>if($this->isBanned($template->form->log_username) == false || $this->isBanned($_SERVER['REMOTE_ADDR']) == false)</p><p>{</p><p>if($this->userValidation($template->form->log_username, $core->hashed($template->form->log_password)))</p><p>{$this->turnOn($template->form->log_username);$this->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['REMOTE_ADDR']);$template->form->unsetData();header('Location: ' . $_CONFIG['hotel']['url'] . '/me');</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'Details do not match';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Sorry, it appears this user is banned<br />';$template->form->error .= 'Reason: ' . $this->getReason($template->form->log_username);</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Username does not exist';</p><p>return;</p><p>}</p><p>}</p><p>}</p><p>final public function ref($post){</p><p>if(!$this->nameTaken($post)){</p><p>echo'The user you reffered does not exist';</p><p>}else{</p><p>global $engine;$this->addUser($template->form->reg_username, $core->hashed($template->form->reg_password), $template->form->reg_email, $_CONFIG['hotel']['motto'], $_CONFIG['hotel']['credits'], $_CONFIG['hotel']['pixels'], 1, $template->form->reg_figure, $template->form->reg_gender, $core->hashed($template->form->reg_key));$engine->query("UPDATE users SET credits=(`credits`+1000) WHERE username='".$post."'");$engine->query("UPDATE users SET ref=(`ref`+1) WHERE username='".$post."'");</p><p>}</p><p>}</p><p>final public function loginHK()</p><p>{</p><p>global $template, $_CONFIG, $core;</p><p></p><p>if(isset($_POST['login']))</p><p>{ $template->form->setData();</p><p>unset($template->form->error);</p><p></p><p>if(isset($template->form->username) && isset($template->form->password))</p><p>{</p><p>if($this->nameTaken($template->form->username))</p><p>{</p><p>if($this->userValidation($template->form->username, $core->hashed($template->form->password)))</p><p>{</p><p>if(($this->getInfo($_SESSION['user']['id'], 'rank')) >= 4)</p><p>{$_SESSION["in_hk"] = true;header("Location:".$_CONFIG['hotel']['url']."/ase/dash");</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'Incorrect access level.';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Incorrect password.';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'User does not exist.';</p><p>return;</p><p>}</p><p>}</p><p>$template->form->unsetData();</p><p>}</p><p>}</p><p></p><p>final public function help()</p><p>{</p><p>global $template, $_CONFIG;$template->form->setData();</p><p></p><p>if(isset($template->form->help))</p><p>{$to = $_CONFIG['hotel']['email'];$subject = "Help from RevCMS user - " . $this->getInfo($_SESSION['user']['id'], 'username');$body = $template->form->question;</p><p></p><p>if (mail($to, $subject, $body))</p><p>{$template->form->error = 'Message successfully sent! We will answer you shortly!';</p><p>}</p><p>else</p><p>{$template->form->error = 'Message delivery failed.';</p><p>}</p><p>}</p><p>}</p><p>/*-------------------------------Account settings-------------------------------------*/</p><p>final public function updateAccount()</p><p>{</p><p>global $template, $_CONFIG, $core, $engine;</p><p></p><p>if(isset($_POST['account']))</p><p>{</p><p></p><p>if(isset($_POST['acc_motto']) && strlen($_POST['acc_motto']) < 30 && $_POST['acc_motto'] != $this->getInfo($_SESSION['user']['id'], 'motto'))</p><p>{$this->updateUser($_SESSION['user']['id'], 'motto', $engine->secure($_POST['acc_motto']));header('Location: '.$_CONFIG['hotel']['url'].'/account');</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'Motto is invalid.';</p><p>}</p><p></p><p>if(isset($_POST['acc_email']) && $_POST['acc_email'] != $this->getInfo($_SESSION['user']['id'], 'mail'))</p><p>{</p><p>if($this->validEmail($_POST['acc_email']))</p><p>{$this->updateUser($_SESSION['user']['id'], 'mail', $engine->secure($_POST['acc_email']));header('Location: '.$_CONFIG['hotel']['url'].'/account');</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'Email is not valid';</p><p>return;</p><p>}</p><p>}</p><p></p><p>if(!empty($_POST['acc_old_password']) && !empty($_POST['acc_new_password']))</p><p>{</p><p>if($this->userValidation($this->getInfo($_SESSION['user']['id'], 'username'), $core->hashed($_POST['acc_old_password'])))</p><p>{</p><p>if(strlen($_POST['acc_new_password']) >= 8)</p><p>{$this->updateUser($_SESSION['user']['id'], 'password', $core->hashed($_POST['acc_new_password']));header('Location: '.$_CONFIG['hotel']['url'].'/me');</p><p>exit;</p><p>}</p><p>else</p><p>{$template->form->error = 'New password is too short';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Current password is wrong';</p><p>return;</p><p>}</p><p>}</p><p>}</p><p>}</p><p></p><p></p><p>final public function turnOn($k)</p><p>{ $j = $this->getID($k);$this->createSSO($j);$_SESSION['user']['id'] = $j; $this->cacheUser($j);</p><p>unset($j);</p><p>}</p><p>/*-------------------------------Loggin forgotten-------------------------------------*/</p><p>final public function forgotten()</p><p>{</p><p>global $template, $_CONFIG, $core;</p><p></p><p>if(isset($_POST['forgot']))</p><p>{</p><p>$template->form->setData();</p><p>unset($template->form->error);</p><p></p><p>if($this->nameTaken($template->form->for_username))</p><p>{</p><p>if(strlen($template->form->for_password) > 6)</p><p>{</p><p>if($this->getInfo($this->getID($template->form->for_username), 'seckey') == $core->hashed($template->form->for_key))</p><p>{$this->updateUser($this->getID($template->form->for_username), 'password', $core->hashed($template->form->for_password));$template->form->error = 'Account recovered! Go <b><a href="index">here</a></b> to login!';</p><p>return;</p><p>}</p><p>else</p><p>{$template->form->error = 'Secret key is incorrect';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Password must have more than 6 characters.';</p><p>return;</p><p>}</p><p>}</p><p>else</p><p>{$template->form->error = 'Username does not exist';</p><p>return;</p><p>}</p><p>}</p><p>}</p><p>/*-------------------------------Create SSO auth_ticket-------------------------------------*/</p><p>final public function createSSO($k)</p><p>{ $sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33);</p><p>$this->updateUser($k, 'auth_ticket', $sessionKey);</p><p></p><p>unset($sessionKey);</p><p>}</p><p>/*-------------------------------Adding/Updating/Deleting users-------------------------------------*/</p><p>final public function addUser($username, $password, $email, $motto, $credits, $pixels, $rank, $figure, $gender, $seckey)</p><p>{</p><p></p><p>if($_POST['ref']){$ref = $_POST['ref'];$this->ref($ref);</p><p>}else{</p><p></p><p>global $engine;$sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33);$engine->query("INSERT INTO users (username, password, mail, motto, credits, activity_points, rank, look, gender, seckey, ip_last, ip_reg, account_created, last_online, auth_ticket) VALUES('" . $username . "', '" . $password . "', '" . $email . "', '" . $motto . "', '" . $credits . "', '" . $pixels . "', '" . $rank . "', '" . $figure . "', '" . $gender . "', '" . $seckey . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . time() . "', '" . time() . "', '" . $sessionKey . "')"); $user_id = $this->getID($username);$engine->query("INSERT INTO user_info (user_id, bans, cautions, reg_timestamp, login_timestamp, cfhs, cfhs_abusive) VALUES ('". $user_id ."', '0', '0', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), '0', '0')");</p><p>unset($sessionKey);</p><p>}</p><p>}</p><p></p><p>final public function deleteUser($k)</p><p>{</p><p>global $engine; $engine->query("DELETE FROM users WHERE id = '" . $k . "' LIMIT 1"); $engine->query("DELETE FROM items WHERE userid = '" . $k . "' LIMIT 1"); $engine->query("DELETE FROM rooms WHERE ownerid = '" . $k . "' LIMIT 1");</p><p>}</p><p></p><p>final public function updateUser($k, $key, $value)</p><p>{</p><p>global $engine; $engine->query("UPDATE users SET " . $key . " = '" . $engine->secure($value) . "' WHERE id = '" . $k . "' LIMIT 1");$_SESSION['user'][$key] = $engine->secure($value);</p><p>}</p><p>/*-------------------------------Handling user information-------------------------------------*/</p><p>final public function cacheUser($k)</p><p>{</p><p>global $engine; $userInfo = $engine->fetch_assoc("SELECT username, rank, motto, mail, credits, activity_points, look, auth_ticket, ip_last FROM users WHERE id = '" . $k . "' LIMIT 1");</p><p></p><p>foreach($userInfo as $key => $value)</p><p>{$this->setInfo($key, $value);</p><p>}</p><p>}</p><p></p><p>final public function setInfo($key, $value)</p><p>{</p><p>global $engine;$_SESSION['user'][$key] = $engine->secure($value);</p><p>}</p><p></p><p>final public function getInfo($k, $key)</p><p>{</p><p>global $engine;</p><p>if(!isset($_SESSION['user'][$key]))</p><p>{$value = $engine->result("SELECT $key FROM users WHERE id = '" . $engine->secure($k) . "' LIMIT 1");</p><p>if($value != null)</p><p>{ $this->setInfo($key, $value);</p><p>}</p><p>}</p><p></p><p>return $_SESSION['user'][$key];</p><p>}</p><p></p><p></p><p>/*-------------------------------Get user ID or Username-------------------------------------*/</p><p>final public function getID($k)</p><p>{</p><p>global $engine;</p><p>return $engine->result("SELECT id FROM users WHERE username = '" . $engine->secure($k) . "' LIMIT 1");</p><p>}</p><p></p><p>final public function getUsername($k)</p><p>{</p><p>global $engine;</p><p>return $this->getInfo($_SESSION['user']['id'], 'username');</p><p>}</p><p></p><p>}?></p><p>[/SPOILER]</p><p>open your quick register page</p><p></p><p>search for this</p><p></p><p>Code:</p><p><div class="field"></p><p><label for="email-address">Email</label></p><p><input type="text" id="email" size="35" name="email" value="<?php echo $template->form->reg_email; ?>" class="text-field" maxlength="48"></p><p></div></p><p>add this under</p><p></p><p>Code:</p><p><div class="field"></p><p><label for="email-address">Refferer (Optional)</label></p><p><input type="text" id="email" size="35" name="ref" value="<?php echo $template->form->reg_email; ?>" class="text-field" maxlength="48"></p><p></div></p><p></p><p>then add this to your me page</p></blockquote><p></p>
[QUOTE="Adrian, post: 283510, member: 20165"] To set it up follow this. run this SQL first Code: ALTER TABLE `users` ADD `ref` VARCHAR( 255 ) NOT NULL open class.template.php in /app/ search for this PHP Code: $this->setParams('ip_last', $users->getInfo($_SESSION['user']['id'], 'ip_last')); add this under PHP Code: $this->setParams('refferal', $users->getInfo($_SESSION['user']['id'], 'ref')); search for this in interface.users.php in /app/interface/ PHP Code: public function nameTaken($username); add this under PHP Code: [SPOILER][/SPOILER]public function ref($post); replace your whole class.users.php in /app/ with this [SPOILER="Code"] <?phpnamespace Revolution; if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); } class users implements iUsers{ /*-------------------------------Authenticate-------------------------------------*/ final public function isLogged() { if(isset($_SESSION['user']['id'])) { return true; } return false; } /*-------------------------------Checking of submitted data-------------------------------------*/ final public function validName($username) { if(strlen($username) <= 25 && ctype_alnum($username)) { return true; } return false; } final public function validEmail($email) { return preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email); } final public function validSecKey($seckey) { if(is_numeric($seckey) && strlen($seckey) == 4) { return true; } return false; } final public function nameTaken($username) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1") > 0) { return true; } return false; } final public function emailTaken($email) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE mail = '" . $email . "' LIMIT 1") > 0) { return true; } return false; } final public function userValidation($username, $password) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "' LIMIT 1") > 0) { return true; } return false; } /*-------------------------------Stuff related to bans-------------------------------------*/ final public function isBanned($value) { global $engine; if($engine->num_rows("SELECT * FROM bans WHERE value = '" . $value . "' LIMIT 1") > 0) { return true; } return false; } final public function getReason($value) { global $engine; return $engine->result("SELECT reason FROM bans WHERE value = '" . $value . "' LIMIT 1"); } final public function hasClones($ip) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE ip_reg = '" . $_SERVER['REMOTE_ADDR'] . "'") == 1) { return true; } return false; } /*-------------------------------Login or Register user-------------------------------------*/ final public function register() { global $core, $template, $_CONFIG; if(isset($_POST['register'])) { unset($template->form->error); $template->form->setData(); if($this->validName($template->form->reg_username)) { if(!$this->nameTaken($template->form->reg_username)) { if($this->validEmail($template->form->reg_email)) { if(!$this->emailTaken($template->form->reg_email)) { if(strlen($template->form->reg_password) > 6) { if($template->form->reg_password == $template->form->reg_rep_password) { if(isset($template->form->reg_seckey)) { if($this->validSecKey($template->form->reg_seckey)) {//Continue} else {$template->form->error = 'Secret key must only have 4 numbers'; return; } } if($this->isBanned($_SERVER['REMOTE_ADDR']) == false) { if(!$this->hasClones($_SERVER['REMOTE_ADDR'])) { if(!isset($template->form->reg_gender)) { $template->form->reg_gender = 'M'; } if(!isset($template->form->reg_figure)) { $template->form->reg_figure = $_CONFIG['hotel']['figure']; } $this->addUser($template->form->reg_username, $core->hashed($template->form->reg_password), $template->form->reg_email, $_CONFIG['hotel']['motto'], $_CONFIG['hotel']['credits'], $_CONFIG['hotel']['pixels'], 1, $template->form->reg_figure, $template->form->reg_gender, $core->hashed($template->form->reg_key)); $this->turnOn($template->form->reg_username); header('Location: ' . $_CONFIG['hotel']['url'] . '/me'); exit; } else {$template->form->error = 'Sorry, but you cannot register twice'; } } else {$template->form->error = 'Sorry, it appears you are IP banned.<br />';$template->form->error .= 'Reason: ' . $this->getReason($_SERVER['REMOTE_ADDR']); return; } } else {$template->form->error = 'Password does not match repeated password'; return; } } else {$template->form->error = 'Password must have more than 6 characters'; return; } } else {$template->form->error = 'Email: <b>' . $template->form->reg_email . '</b> is already registered'; return; } } else {$template->form->error = 'Email is not valid'; return; } } else {$template->form->error = 'Username is already registered'; return; } } else {$template->form->error = 'Username is invalid'; return; } } } final public function login() { global $template, $_CONFIG, $core; if(isset($_POST['login'])) {$template->form->setData(); unset($template->form->error); if($this->nameTaken($template->form->log_username)) { if($this->isBanned($template->form->log_username) == false || $this->isBanned($_SERVER['REMOTE_ADDR']) == false) { if($this->userValidation($template->form->log_username, $core->hashed($template->form->log_password))) {$this->turnOn($template->form->log_username);$this->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['REMOTE_ADDR']);$template->form->unsetData();header('Location: ' . $_CONFIG['hotel']['url'] . '/me'); exit; } else {$template->form->error = 'Details do not match'; return; } } else {$template->form->error = 'Sorry, it appears this user is banned<br />';$template->form->error .= 'Reason: ' . $this->getReason($template->form->log_username); return; } } else {$template->form->error = 'Username does not exist'; return; } } } final public function ref($post){ if(!$this->nameTaken($post)){ echo'The user you reffered does not exist'; }else{ global $engine;$this->addUser($template->form->reg_username, $core->hashed($template->form->reg_password), $template->form->reg_email, $_CONFIG['hotel']['motto'], $_CONFIG['hotel']['credits'], $_CONFIG['hotel']['pixels'], 1, $template->form->reg_figure, $template->form->reg_gender, $core->hashed($template->form->reg_key));$engine->query("UPDATE users SET credits=(`credits`+1000) WHERE username='".$post."'");$engine->query("UPDATE users SET ref=(`ref`+1) WHERE username='".$post."'"); } } final public function loginHK() { global $template, $_CONFIG, $core; if(isset($_POST['login'])) { $template->form->setData(); unset($template->form->error); if(isset($template->form->username) && isset($template->form->password)) { if($this->nameTaken($template->form->username)) { if($this->userValidation($template->form->username, $core->hashed($template->form->password))) { if(($this->getInfo($_SESSION['user']['id'], 'rank')) >= 4) {$_SESSION["in_hk"] = true;header("Location:".$_CONFIG['hotel']['url']."/ase/dash"); exit; } else {$template->form->error = 'Incorrect access level.'; return; } } else {$template->form->error = 'Incorrect password.'; return; } } else {$template->form->error = 'User does not exist.'; return; } } $template->form->unsetData(); } } final public function help() { global $template, $_CONFIG;$template->form->setData(); if(isset($template->form->help)) {$to = $_CONFIG['hotel']['email'];$subject = "Help from RevCMS user - " . $this->getInfo($_SESSION['user']['id'], 'username');$body = $template->form->question; if (mail($to, $subject, $body)) {$template->form->error = 'Message successfully sent! We will answer you shortly!'; } else {$template->form->error = 'Message delivery failed.'; } } } /*-------------------------------Account settings-------------------------------------*/ final public function updateAccount() { global $template, $_CONFIG, $core, $engine; if(isset($_POST['account'])) { if(isset($_POST['acc_motto']) && strlen($_POST['acc_motto']) < 30 && $_POST['acc_motto'] != $this->getInfo($_SESSION['user']['id'], 'motto')) {$this->updateUser($_SESSION['user']['id'], 'motto', $engine->secure($_POST['acc_motto']));header('Location: '.$_CONFIG['hotel']['url'].'/account'); exit; } else {$template->form->error = 'Motto is invalid.'; } if(isset($_POST['acc_email']) && $_POST['acc_email'] != $this->getInfo($_SESSION['user']['id'], 'mail')) { if($this->validEmail($_POST['acc_email'])) {$this->updateUser($_SESSION['user']['id'], 'mail', $engine->secure($_POST['acc_email']));header('Location: '.$_CONFIG['hotel']['url'].'/account'); exit; } else {$template->form->error = 'Email is not valid'; return; } } if(!empty($_POST['acc_old_password']) && !empty($_POST['acc_new_password'])) { if($this->userValidation($this->getInfo($_SESSION['user']['id'], 'username'), $core->hashed($_POST['acc_old_password']))) { if(strlen($_POST['acc_new_password']) >= 8) {$this->updateUser($_SESSION['user']['id'], 'password', $core->hashed($_POST['acc_new_password']));header('Location: '.$_CONFIG['hotel']['url'].'/me'); exit; } else {$template->form->error = 'New password is too short'; return; } } else {$template->form->error = 'Current password is wrong'; return; } } } } final public function turnOn($k) { $j = $this->getID($k);$this->createSSO($j);$_SESSION['user']['id'] = $j; $this->cacheUser($j); unset($j); } /*-------------------------------Loggin forgotten-------------------------------------*/ final public function forgotten() { global $template, $_CONFIG, $core; if(isset($_POST['forgot'])) { $template->form->setData(); unset($template->form->error); if($this->nameTaken($template->form->for_username)) { if(strlen($template->form->for_password) > 6) { if($this->getInfo($this->getID($template->form->for_username), 'seckey') == $core->hashed($template->form->for_key)) {$this->updateUser($this->getID($template->form->for_username), 'password', $core->hashed($template->form->for_password));$template->form->error = 'Account recovered! Go <b><a href="index">here</a></b> to login!'; return; } else {$template->form->error = 'Secret key is incorrect'; return; } } else {$template->form->error = 'Password must have more than 6 characters.'; return; } } else {$template->form->error = 'Username does not exist'; return; } } } /*-------------------------------Create SSO auth_ticket-------------------------------------*/ final public function createSSO($k) { $sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33); $this->updateUser($k, 'auth_ticket', $sessionKey); unset($sessionKey); } /*-------------------------------Adding/Updating/Deleting users-------------------------------------*/ final public function addUser($username, $password, $email, $motto, $credits, $pixels, $rank, $figure, $gender, $seckey) { if($_POST['ref']){$ref = $_POST['ref'];$this->ref($ref); }else{ global $engine;$sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33);$engine->query("INSERT INTO users (username, password, mail, motto, credits, activity_points, rank, look, gender, seckey, ip_last, ip_reg, account_created, last_online, auth_ticket) VALUES('" . $username . "', '" . $password . "', '" . $email . "', '" . $motto . "', '" . $credits . "', '" . $pixels . "', '" . $rank . "', '" . $figure . "', '" . $gender . "', '" . $seckey . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . time() . "', '" . time() . "', '" . $sessionKey . "')"); $user_id = $this->getID($username);$engine->query("INSERT INTO user_info (user_id, bans, cautions, reg_timestamp, login_timestamp, cfhs, cfhs_abusive) VALUES ('". $user_id ."', '0', '0', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), '0', '0')"); unset($sessionKey); } } final public function deleteUser($k) { global $engine; $engine->query("DELETE FROM users WHERE id = '" . $k . "' LIMIT 1"); $engine->query("DELETE FROM items WHERE userid = '" . $k . "' LIMIT 1"); $engine->query("DELETE FROM rooms WHERE ownerid = '" . $k . "' LIMIT 1"); } final public function updateUser($k, $key, $value) { global $engine; $engine->query("UPDATE users SET " . $key . " = '" . $engine->secure($value) . "' WHERE id = '" . $k . "' LIMIT 1");$_SESSION['user'][$key] = $engine->secure($value); } /*-------------------------------Handling user information-------------------------------------*/ final public function cacheUser($k) { global $engine; $userInfo = $engine->fetch_assoc("SELECT username, rank, motto, mail, credits, activity_points, look, auth_ticket, ip_last FROM users WHERE id = '" . $k . "' LIMIT 1"); foreach($userInfo as $key => $value) {$this->setInfo($key, $value); } } final public function setInfo($key, $value) { global $engine;$_SESSION['user'][$key] = $engine->secure($value); } final public function getInfo($k, $key) { global $engine; if(!isset($_SESSION['user'][$key])) {$value = $engine->result("SELECT $key FROM users WHERE id = '" . $engine->secure($k) . "' LIMIT 1"); if($value != null) { $this->setInfo($key, $value); } } return $_SESSION['user'][$key]; } /*-------------------------------Get user ID or Username-------------------------------------*/ final public function getID($k) { global $engine; return $engine->result("SELECT id FROM users WHERE username = '" . $engine->secure($k) . "' LIMIT 1"); } final public function getUsername($k) { global $engine; return $this->getInfo($_SESSION['user']['id'], 'username'); } }?> [/SPOILER] open your quick register page search for this Code: <div class="field"> <label for="email-address">Email</label> <input type="text" id="email" size="35" name="email" value="<?php echo $template->form->reg_email; ?>" class="text-field" maxlength="48"> </div> add this under Code: <div class="field"> <label for="email-address">Refferer (Optional)</label> <input type="text" id="email" size="35" name="ref" value="<?php echo $template->form->reg_email; ?>" class="text-field" maxlength="48"> </div> then add this to your me page [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Q&A
RevCMS referral system
Top