forked from halo-battle/game
Version 0.10
This commit is contained in:
parent
73645ccc1f
commit
b9c240c781
246 changed files with 10218 additions and 1598 deletions
|
|
@ -2,53 +2,100 @@
|
|||
session_start();
|
||||
|
||||
$id = $_SESSION['id'];
|
||||
require('common.php');
|
||||
require('../connectBDD.php');
|
||||
$x = mysql_query("SELECT * FROM user WHERE id='".$id."'");
|
||||
$x = mysql_query("SELECT * FROM user WHERE id='$id'");
|
||||
$donnees = mysql_fetch_array($x);
|
||||
|
||||
$pseudo = $donnees['pseudo'];
|
||||
$mail = $donnees['mail'];
|
||||
$mdp = $donnees['mdp'];
|
||||
|
||||
if (isset($_POST['ancien_mdp']) && isset($_POST['nouveau_mdp']) && isset($_POST['nouveau_mdp2']) && $_POST['nouveau_mdp']!="" && $_POST['nouveau_mdp2']!="" && $_POST['ancien_mdp'] !='' ) {
|
||||
if(sha1(strtoupper($pseudo).':'.$_POST['ancien_mdp']) == $mdp) {
|
||||
if ($_POST['nouveau_mdp'] == $_POST['nouveau_mdp2']) {
|
||||
$password = htmlspecialchars($_POST['nouveau_mdp']);
|
||||
$password = sha1(strtoupper($pseudo).':'.$password);
|
||||
mysql_query("UPDATE `user` SET mdp='$password' WHERE ID='$id'");
|
||||
$okmdp = true;
|
||||
header('Location: options.php?ok=2');
|
||||
exit;
|
||||
if (isset($_GET['chg']) && $_GET['chg'] == 'mdp') {
|
||||
if (isset($_POST['mdp_anc']) && isset($_POST['mdp_nouv']) && isset($_POST['mdp_conf']) && !empty($_POST['mdp_anc']) && !empty($_POST['mdp_nouv']) && !empty($_POST['mdp_conf'])) {
|
||||
if(sha1(strtoupper($pseudo).':'.$_POST['mdp_anc']) == $mdp) {
|
||||
if ($_POST['mdp_nouv'] == $_POST['mdp_conf']) {
|
||||
$password = htmlspecialchars(mysql_escape_string($_POST['mdp_nouv']));
|
||||
$password = sha1(strtoupper($pseudo).':'.$password);
|
||||
$auth = sha1($password);
|
||||
mysql_query("UPDATE `user` SET `mdpNOUV`='$password' WHERE ID='$id'");
|
||||
|
||||
$from = "From: \"Staff Halo-Battle\" <staffhb@hotmail.fr>\r\n";
|
||||
$from .= "Content-type: text/html; charset=ISO-8859-1\r\n";
|
||||
$from .= "X-Mailer: HBMessagerie v1.0a\r\n";
|
||||
$from .= "MIME-Version: 1.0\r\n";
|
||||
$message = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Halo-Battle :: Activation de votre nouveau mot de passe</title></head><body><p>Bonjour,<br />Vous recevez ce mail suite à votre demande de changement de mot de passe. Ce dernier entrera en vigueur une fois que vous aurez valider ce changement en cliquant via ce lien :<br /><a href="http://127.0.0.1/hbc/pages/options_validation.php?chg=activation&util='.$id.'&auth='.$auth.'">http://battle.halo.fr/pages/options_validation.php?chg=activation&util='.$id.'&auth='.$auth.'</a><br />Notez que pour que le mot de passe soit changé, il faut que vous soyer connecté sur votre compte.<br /><br />A bientôt dans Halo-Battle,<br />Le staff</p></body></html>';
|
||||
|
||||
mail($mail,'Halo-Battle :: Activation de votre nouveau mot de passe',$message,$from);
|
||||
|
||||
header('Location: options.php?erreur=1');
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
header('Location: options.php?erreur=2');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
else {
|
||||
header('Location: options.php?erreur=2');
|
||||
header('Location: options.php?erreur=3');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
else {
|
||||
header('Location: options.php?erreur=3');
|
||||
header('Location: options.php?erreur=4');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['nouveau_mail']) && $_POST['nouveau_mail']!='')
|
||||
{
|
||||
if (preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,4}$#", $_POST['nouveau_mail']))
|
||||
{
|
||||
$result = mysql_query("SELECT mail FROM user WHERE mail='".$_POST["nouveau_mail"]."'");
|
||||
if(mysql_num_rows($result)>=1) header('Location: options.php?erreur=1');
|
||||
else {
|
||||
$mail=htmlspecialchars($_POST['nouveau_mail']);
|
||||
mysql_query("UPDATE `user` SET mail='".$mail."' WHERE ID='".$id."'");
|
||||
if (isset($okmdp)) header('Location: options.php?ok=3');
|
||||
else header('Location: options.php?ok=1');
|
||||
elseif (isset($_GET['chg']) && $_GET['chg'] == 'mail') {
|
||||
if (isset($_POST['mail']) && !empty($_POST['mail'])) {
|
||||
if (preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,4}$#", $_POST['mail'])) {
|
||||
$result = mysql_query("SELECT mail FROM user WHERE mail = '".$_POST["mail"]."'");
|
||||
if(mysql_num_rows($result) >= 1) {
|
||||
header('Location: options.php?erreur=5');
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
$Nmail = htmlspecialchars(mysql_escape_string($_POST['mail']));
|
||||
$auth = sha1($Nmail);
|
||||
mysql_query("UPDATE `user` SET `mailNOUV` = '$Nmail' WHERE ID = '$id'");
|
||||
|
||||
$from = "From: \"Staff Halo-Battle\" <staffhb@hotmail.fr>\r\n";
|
||||
$from .= "Content-type: text/html; charset=ISO-8859-1\r\n";
|
||||
$from .= "X-Mailer: HBMessagerie v1.0a\r\n";
|
||||
$from .= "MIME-Version: 1.0\r\n";
|
||||
$message = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>Halo-Battle :: Activation de votre nouvelle adresse électronique</title></head><body><p>Bonjour,<br />Vous recevez ce mail suite à votre demande de changement d\'adresse électronique. Cette dernière entrera en vigueur une fois que vous aurez valider ce changement en cliquant via ce lien :<br /><a href="http://127.0.0.1/hbc/pages/options_validation.php?chg=activation&util='.$id.'&auth='.$auth.'">http://battle.halo.fr/pages/options_validation.php?chg=activation&util='.$id.'&auth='.$auth.'</a><br />Notez que pour que l\'adresse soit changée, il faut que vous soyer connecté sur votre compte.<br /><br />A bientôt dans Halo-Battle,<br />Le staff</p></body></html>';
|
||||
|
||||
mail($Nmail,'Halo-Battle :: Activation de votre nouvelle adresse électronique',$message,$from);
|
||||
|
||||
header('Location: options.php?erreur=7');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
else {
|
||||
header('Location: options.php?erreur=6');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
header('Location: options.php?erreur=4');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['chg']) && $_GET['chg'] == 'activation' && isset($_GET['util']) && !empty($_GET['util']) && isset($_GET['auth']) && !empty($_GET['auth'])) {
|
||||
if ($_GET['util'] == $id) {
|
||||
if (!empty($donnees['mdpNOUV']) && sha1($donnees['mdpNOUV']) == $_GET['auth']) {
|
||||
mysql_query("UPDATE `user` SET `mdp` = `mdpNOUV`, `mdpNOUV` = '', `mailNOUV` = '' WHERE ID='$id'");
|
||||
header('Location: options.php?erreur=8');
|
||||
exit;
|
||||
}
|
||||
elseif (!empty($donnees['mailNOUV']) && sha1($donnees['mailNOUV']) == $_GET['auth']) {
|
||||
mysql_query("UPDATE `user` SET `mail` = `mailNOUV`, `mailNOUV` = '', `mdpNOUV` = '' WHERE ID='$id'");
|
||||
header('Location: options.php?erreur=9');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
mysql_close();
|
||||
header('Location: options.php');
|
||||
?>
|
||||
Loading…
Add table
Add a link
Reference in a new issue