prova ad usare sto index.php
<?php
/*
###############################################################################################
# #
# _ _ _ _ _____ __ __ _____ #
# | | | | | | | | / ____| \/ |/ ____| #
# | |__| | __ _ __| | __| | ___ | | | \ / | (___ #
# | __ |/ _` |/ _` |/ _` |/ _ \| | | |\/| |\___ \ #
# | | | | (_| | (_| | (_| | (_) | |____| | | |____) | #
# |_| |_|\__,_|\__,_|\__,_|\___/ \_____|_| |_|_____/ #
# #
# #
# © HaddoCMS ~ Made by Impossibol and Raikas77 #
# This cms is made for habbo related retro hotels/sites. #
# Please, don't claim this Control Management System as your #
# own made cms. #
# #
###############################################################################################
*/
include("./global.php");
if(isset($_SESSION["remember_me_email"]) && $_SESSION["remember_me_email"] !== "" && $_SESSION["remember_me_email"] !== null) {
header("Location: ./security_check");
exit;
}
// FUNZIONE //
function FilterText($str, $advanced=false) {
if($advanced == true){ return mysql_real_escape_string($str); }
$str = mysql_real_escape_string(htmlspecialchars($str));
return $str;
}
// FINE FUNZIONE
// LOGIN //
if($_GET['p'] == "2"){
$email = sql_stripslashes($_POST['log_username']);
$password = sql_stripslashes($_POST['log_password']);
$password_
= hash_Password($password, $_WEBSITE["CMS"]["psswd_hash"]);
$valid_email = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i";
// Check email
$check_email = $conn->query("SELECT * FROM users_spec WHERE email = '". $email ."' LIMIT 1");
$check_login = $conn->query("SELECT * FROM users_spec WHERE email = '". $email ."' AND password = '". $password_
."' LIMIT 1");
// Check username
if($_WEBSITE["CMS"]["login_username"] == true && !preg_match($valid_email, trim(strip_tags($email)))) {
$getUsername = $conn->query("SELECT * FROM users WHERE username = '". $email ."'");
}else{
$getUsername = true;
}
if(!$check_login || !$getUsername) {
echo mysqli_error();
}else{
if($_WEBSITE["CMS"]["login_username"] == true && !preg_match($valid_email, trim(strip_tags($email)))) { // Logging in with username
// Okey the user is trying to login with his/hers username, let's check it (A lot of checking sql's)
if($getUsername->num_rows == 0) {
$errore = $LANG["loginregi"]["login"]["usrname_try_1"] . ' <b>' . str_replace("\\", "", $email) . '</b> ' . $LANG["loginregi"]["login"]["usrname_try_2"];
}else{
$getUserId = $getUsername->fetch_array();
$userId = FilterText($getUserId["user_id"]); // HEAD user ID
$userId_nr = FilterText($getUserId["id"]); // Normal user ID
$checkPassword = $conn->query("SELECT * FROM users_spec WHERE id = '". $userId ."' AND password = '". $password_
."' LIMIT 1");
if(!$checkPassword) {
echo mysqli_error();
}else{
if($checkPassword->num_rows == 0) {
$errore = $LANG["loginregi"]["login"]["usrname_wrongpass"];
}else{
$_SESSION['remember_me_email'] = FilterText($userId);
$_SESSION["avatar_user_name"] = FilterText($userId_nr);
$_SESSION["avatar_user_name2"] = FilterText($email);
header("Location: ./security_check");
exit;
}
}
}
}else{ // Logging in with email
if($check_email->num_rows == 0) {
$errore = $LANG["loginregi"]["login"]["email_usr_noacc"] .'<b>' . str_replace("\\", "", $email) . "</b>";
}else{
if($check_login->num_rows == 0) {
$errore = $LANG["loginregi"]["login"]["email_usr_wrongpass"] . '<b>' . str_replace("\\", "", $email) . "</b>";
}else{
$check_login24 = $check_login->fetch_array();
if($check_login24["activated"] == "0") {
$errore = $LANG["loginregi"]["login"]["email_usr_activate"];
}else{
$_SESSION['remember_me_email'] = $check_login24["id"];
header("Location: ./security_check");
exit;
}
}
}
}
}
}
// FINE LOGIN //
?>
<html>
<head>
<title><?php echo $_WEBSITE["HTL"]["name"]; ?> Hotel: Crea il tuo avatar, arreda le tue Stanze, chatta e incontra nuovi Amici!</title>
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<link rel="stylesheet" href="../css/frontpage.css" type="text/css" />
<script type="text/javascript" src="<?php echo $_WEBSITE["CMS"]["url"] ?>/js/jquery-1.7.1.min.js" ></script>
<link rel="shortcut icon" type="image/x-icon" href="<?php echo $_WEBSITE["CMS"]["url"] ?>/favicon.ico">
<script type="text/javascript" src="<?php echo $_WEBSITE["CMS"]["url"]; ?>/js/registration.js" ></script>
<script>
var logged_in = false;
var user_email = false;
var user_email_id = false;
var user_profile_id = false;
var website_path = "<?php echo $_WEBSITE["CMS"]["url"]; ?>";
</script>
<style>
body .error_text {
background: #A40101;
color: #FFFFFF;
width: 100%;
height: 30px;
line-height: 30px;
font-size: 15px;
text-align: center;
margin-top: 12px;
margin-bottom: 12px;
}
body .
2 {
background: #A40101;
color: #FFFFFF;
width: 100%;
height: 30px;
line-height: 30px;
font-size: 15px;
text-align: center;
margin-top: 12px;
margin-bottom: 12px;
}
.dateselector{
background: url("http://en.habbzo.co.uk/web-gallery/v2/images/input-icons.png") no-repeat scroll 3px -8px rgba(0, 0, 0, 0);
border: 1px solid #FFF;
border-radius: 5px;
box-shadow: 0 1px rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.15) inset;
color: gray;
height: 30px;
margin-bottom: 3px;
margin-top: 1px;
outline: 0 none;
padding: 0 0 0 38px;
width: 156px;
}
body {
background: url("../images/
.png") no-repeat scroll center 90% #81d6ef;
}
#footer .footer-links { color: #e6e6e6 }
#footer .footer-links a { color: #e6e6e6; }
#footer .copyright { color: #e6e6e6; }
.errori{
background-color: red;
border: 1px solid black;
border-radius: 5px;
border-radius: 5px;
color: white;
font-weight: bold;
text-align: center;
font-size: 14px;
padding: 10px;
width: 500px;
margin-right: auto;
margin-left: auto;
}
</style>
</head>
<body id="frontpage">
<div id="site-header">
<div id="login_place">
<form id="login" name="loginformitem" action="?p=2"
method="post">
<div style="clear: both;"></div><div id="site-header-content">
<div id="habbo-logo">
</div><div id="login-form">
<div id="login-form-email">
<label for="login-username" class="login-text">Username:</label>
<div id="login_username">
<input tabindex="3" type="text" class="login-field" name="log_username" placeholder="<?php echo $LANG["index"]["usernameoremail"]; ?>" autocomplete="off" id="login_email">
</div>
<input tabindex="6" type="checkbox" name="_login_remember_me" id="login-remember-me" value="true"/>
<label for="login-remember-me">Ricordami!</label> <div id="landing-remember-me-notification" class="bottom-bubble" style="display:none;"><div class="bottom-bubble-t"><div></div></div>
<div class="bottom-bubble-c"></div><div class="bottom-bubble-b"><div></div></div></div></div>
<div id="login-form-password">
<label for="login-password" class="login-text">Password:</label>
<div class="login_password">
<input tabindex="4" type="password" class="login-field" name="log_password" placeholder="<?php echo $LANG["index"]["password"]; ?>" id="login_password" maxlength="32"/>
</div>
<div id="login-forgot-password"><a href="#" id="forgot-password"><span>Password Dimenticata?</span></a> </div></div>
<div id="login-form-submit">
<input type="submit" name="submit" class="btn green" style="background: scroll 4px -52px rgba(0, 0, 0, 0);
border: 1px solid #FFF;
border-radius: 5px;
box-shadow: 0 1px rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.15) inset;
color: #FFFFFF;
height: 30px;
margin-bottom: 5px;
margin-top: 1px;
outline: 0 none;
width: 95px; " value="Entra">
</div>
</div>
</div>
</form>
</div>
</div>
</div>
<?php
if($_GET['p'] == '2'){
?>
<br><br>
<div class="errori">
<?php echo $errore; ?>
</div>
<?php }else{ } ?>
<br>
<div id="fp-container">
<div id="content"><div id="column1" class="column"><div class="habblet-container ">
<div class="logging_in_check" id="logging_in_check" style="display: none;"><img src="<?php echo $_WEBSITE["CMS"]["url"] ?>/images/loaders/4.gif" /><!-- De inloggegevens worden gecheckt!--></div>
</div>
<div class="error_text" id="error_emailorpassword" style="display: none;">
<?php echo $LANG["index"]["err"]["usrorpassword"]; ?>
</div>
<div class="error_text" id="error_emailorpassword_2" style="display: none;">
<?php echo $LANG["index"]["err"]["empty"]; ?>
</div>
<div class="error_text" id="registration_error" style="display: none;">
<?php echo $LANG["index"]["err"]["regi"]; ?>
</div>
<div id="frontpage-image-container">
<div id="join-now-button-container"><div id="join-now-button-wrapper-fb">
<div class="join-now-alternative"> </div>
</div><div id="join-now-button-wrapper">
<div class="join-now-alternative">
<a href="http://www.sciax2.it/forum/register" class="newusers" onclick="startRegistration(this); return false;">
<b>Sei nuovo?</b> Registrati!</a> </div>
<div class="join-now-button">
<a class="join-now-link" id="register-link" href="http://www.sciax2.it/forum/register" onclick="startRegistration(this); return false;">
<span class="join-now-text-big">Registrati</span> <span class="join-now-text-small">GRATIS!</span><br><br><center>
</center><br><br></a>
<span class="close"></span></div></div></div>
<script type="text/javascript">
function startRegistration(elem) {
targetUrl = elem.href;
if (typeof targetUrl == "undefined") {
targetUrl = "../register";
}
window.location.href = targetUrl;
}$onlinecount
</script>
<a href="#" id="frontpage-image" style="" onclick="startRegistration(this); return false;"></a></div><div id="tags-main-container">
<div id="sulake-logo"><a href="#"><?php echo GetUsersOnline("notext"); ?> online!</a></div>
</div></div><script type="text/javascript">
document.observe("dom:loaded", function() {
LandingPage.checkLoginButtonSetTimer();
});
</script>
</div><script type="text/javascript">if (!$(document.body).hasClassName('process-template')) { Rounder.init(); }</script>
</div>
<!--[if lt IE 7]><script type="text/javascript">
Pngfix.doPngImageFix();
</script>
<![endif]-->
<!--[if lt IE 7]>
<script type="text/javascript">
Pngfix.doPngImageFix();
</script>
<![endif]-->
<div id="footer" class="new_and_improved">
<p class="footer-links"><a href="http://www.sciax2.it/forum/index" target="_self">Homepage</a> | <a href="http://www.sciax2.it/forum/staff" target="_self">Staff</a> | <a href="http://www.sciax2.it/forum/community" target="_self">Community</a> | <a href="http://www.sciax2.it/forum/articles" target="_blank">News</a> | <a href="http://www.sciax2.it/forum/register" target="_blank">Registrazione</a></p>
<p class="copyright">© Copryright 2010 - 2014 Haddo Hotel - <b>HaddoCMS</b> and <b>PhoenixEMU</b> Rewritten<br>
HABBO is a registered trademark of Sulake Corporation. <br>All rights reserved to their respective owner(s).</p><br>
<?php
//////////////////////////////////////////
date_default_timezone_set('GMT');
$query1 = "SELECT ip FROM visitors WHERE ip = '".$ipinc."'";
$result1 = $conn->query($query1);
//Checking if user allready visited today
if($result1->num_rows != 0) {
$query2 = "SELECT ip, date FROM visitors";
$result2 = $conn->query($query2);
while($row = $result2->fetch_array()) {
if($row["date"] != date('d')) {
$query3 = "DELETE FROM visitors WHERE date != '". date('d') ."'";
$result3 = $conn->query($query3);
}elseif($row["ip"] == ""){
$query21 = "DELETE FROM visitors WHERE ip = ''";
$result21 = $conn->query($query21);
}
}
} else {
$query4 = "INSERT INTO visitors (ip, date) VALUES ('".$ipinc."', '". date('d') ."')";
$result4 = $conn->query($query4);
}
//Counting visitors
$query_
= "SELECT ip FROM visitors";
$result_
= $conn->query($query_
);
?>
</div></div>
<br>
<center><script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- alex -->
<ins class="adsbygoogle"
style="display:inline-block;width:728px;height:90px"
data-ad-client="ca-pub-1552661467413154"
data-ad-slot="8994483826"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
</center>
<br>
