commit 15a736b810e64381319d1e94cd45ad017e0c1508 Author: david Date: Wed Jul 21 17:15:00 2010 +0000 ImportaciÃ³n inicial git-svn-id: https://192.168.0.254/svn/Proyectos.LaFactoriaVerde_Web/trunk@1 017afc1c-778d-45dc-8efe-cc7a6876851a diff --git a/activate.html b/activate.html new file mode 100644 index 0000000..7ae2771 --- /dev/null +++ b/activate.html @@ -0,0 +1,19 @@ + + +Activar cuenta + + +

Activar tu cuenta

+ + + \ No newline at end of file diff --git a/admin/adduser.php b/admin/adduser.php new file mode 100644 index 0000000..bec2f2d --- /dev/null +++ b/admin/adduser.php @@ -0,0 +1,160 @@ +Go Back and re-enter the information"; + exit; +} + + + +//check the password length +$pass_len = password_check($min_pass, $max_pass, $_POST[password]); +if ($pass_len == "no") +{ + + + echo "

You must use a password between $min_pass and $max_pass characters in length, please Go Back and try again.

"; + exit; +} + +//check for authority to view this page +if (allow_access(Administrators) != "yes") +{ + echo "not authorized to perform this function"; +} + +//make the connection to the database +$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); +$db = @mysql_select_db($db_name,$connection)or die(mysql_error()); + +//make query to database +$sql ="SELECT * FROM $table_name WHERE username= '$_POST[username]'"; +$result = @mysql_query($sql,$connection) or die(mysql_error()); + +//get the number of rows in the result set +$num = mysql_num_rows($result); + +//check if that username already exists +if ($num != 0){ + +echo "

Sorry, that username already exists.

"; +echo "

Try Another Username.

"; +echo "$_POST[username]"; +exit; + +}else{ + +//or add it to the database +$sql_add = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login) VALUES + ('$_POST[firstname]', '$_POST[lastname]', '$_POST[username]', password('$_POST[password]'), + '$_POST[group1]', '$_POST[group2]', '$_POST[group3]', '$_POST[pchange]', '$_POST[email]', + '$_POST[redirect]', '1', 'last_login()')"; + +$result = @mysql_query($sql_add,$connection) or die(mysql_error()); +} + +if ($_POST[email_user] == "Yes") +{ + $mailheaders = "From: $domain\n"; + $mailheaders .= "Dear $_POST[firstname] $_POST[lastname],\n"; + $mailheaders .= "\n"; + $mailheaders .= "An account has been created for you at $domain.\n"; + $mailheaders .= "Please log in with the following account information:\n"; + $mailheaders .= "Username: $_POST[username]\n"; + $mailheaders .= "Password: $_POST[password]\n"; + $mailheaders .= "\n"; + $mailheaders .= "Please login at:\n"; + $mailheaders .= "$base_dir/login.html\n"; + $mailheaders .= "Should you have any complications, please email the System Administrator at:\n"; + $mailheaders .= "$adminemail\n"; + + $to = "$_POST[email]"; + $subject = "Your account has been created !!"; + + mail($to, $subject, $mailheaders, "From: No Reply <$adminemail>\n"); + +} +?> + + + + + + + + +Add User + + + + +

User Added:

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

First Name:
Last Name:
Username:
Password:
E-Mail:
Group Memberships:


Redirect to:
Password Change Req'd:
User E-Mailed:

+ + + + diff --git a/admin/admin_add.gif b/admin/admin_add.gif new file mode 100644 index 0000000..073e32a Binary files /dev/null and b/admin/admin_add.gif differ diff --git a/admin/admin_add_up.gif b/admin/admin_add_up.gif new file mode 100644 index 0000000..45a54d6 Binary files /dev/null and b/admin/admin_add_up.gif differ diff --git a/admin/admin_mod.gif b/admin/admin_mod.gif new file mode 100644 index 0000000..6a65e97 Binary files /dev/null and b/admin/admin_mod.gif differ diff --git a/admin/admin_mod_up.gif b/admin/admin_mod_up.gif new file mode 100644 index 0000000..4f19ae5 Binary files /dev/null and b/admin/admin_mod_up.gif differ diff --git a/admin/admin_options.gif b/admin/admin_options.gif new file mode 100644 index 0000000..1d084d5 Binary files /dev/null and b/admin/admin_options.gif differ diff --git a/admin/admin_options_up.gif b/admin/admin_options_up.gif new file mode 100644 index 0000000..9e367b8 Binary files /dev/null and b/admin/admin_options_up.gif differ diff --git a/admin/adminpage.css b/admin/adminpage.css new file mode 100644 index 0000000..6e3a3c6 --- /dev/null +++ b/admin/adminpage.css @@ -0,0 +1,10 @@ +a:active { font-family: Verdana; font-size: 8pt; color: #800000; text-decoration: none} +a:hover { font-family: Verdana; font-size: 8pt; color: #800000; text-decoration: + overline underline } +a:link { font-family: Verdana; font-size: 8pt; text-decoration: none; color: #800000 } +a:visited { font-family: Verdana; font-size: 8pt; text-decoration: none; color: #800000 } +body { font-family: Verdana; font-size: 8pt } +html { font-family: Verdana; font-size: 8pt } +table { font-family: Verdana; font-size: 8pt } +option { font-family: Verdana; font-size: 8pt } +input { font-family: Verdana; font-size: 8pt } \ No newline at end of file diff --git a/admin/adminpage.php b/admin/adminpage.php new file mode 100644 index 0000000..9957b9d --- /dev/null +++ b/admin/adminpage.php @@ -0,0 +1,993 @@ + + + + + + + + + + + +

+ + + + + + + + + + + + + + + + + + + + + +

Panel de control

Ver el registro de accesos

Sesión iniciada como

Salir

Mandar e-mail a todos los usuarios

+ + + + + + + + + +

+ + + + + + + + + + + + + + + + + + + + + firstname; + $m_last = $sql -> lastname; + $g_1 = $sql -> group1; + $g_2 = $sql -> group2; + $g_3 = $sql -> group3; + $chng = $sql -> pchange; + $m_email = $sql -> email; + $direct = $sql -> redirect; + +} +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

+ + + + + + + + + + +

+ + +

"> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Nombre:	+
Apellidos:	+ +
Usuario:	+ +
Contraseña:	+ +
E-Mail:	+ +
Grupo:	+
	+
	+
Redirigir a:	+
Obligar a cambiar la contraseña en el siguiente inicio de sesión:	+
E-Mail User Account + Information:	+
+

+ + + +

+ + + + + + + + + + + + +

+ + + + + + + +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Nombre:	+ +
Apellidos:	+
+ Contraseña:	+
+ E-Mail:	+
+ Grupo:	+
+	+
+	+
+ Redirigir a:	+
+ Obligar a cambiar la contraseña en el siguiente inicio de sesión:	+
+ E-Mail User Account Information:	+
+ +

+ + + +

+ +

+ + + + + + + + + + + + + + +

+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Borrar usuario	+ +
Restaurar usuario	+ +
Banear usuario	+ +
Bloquear dirección IP	+ + ...
Lift User Ban	+ +
Lift IP Ban	+ +
Vaciar la papelera	+
Purgar cuentas inactivas desde
+

+ +

+ + +

+ 1) + { + for ($i=0; $i<$c; $i++) + { + $search = $explodeit[$i]."+"; + } + }else{ + $search = $s_string; + } +} + + + + +echo "Show Number of Results Per Page: 5"; +echo " 10
"; + +// Figure out the limit for the query based +// on the current page number. +$from = (($page * $max_results) - $max_results); + +// Perform MySQL query on only the current page number's results +if (!isset($_GET['search'])) +{ + $set_lim = "SELECT * FROM $table_name ORDER BY username LIMIT $from, $max_results"; +}else{ + $search = $_GET['search']; + $set_lim = "SELECT * FROM $table_name WHERE username LIKE '%$search%' || firstname LIKE '%$search%' + || lastname LIKE '%$search%' || group1 LIKE '%$search%' || group2 LIKE '%$search%' || group3 LIKE '%$search%' + || email LIKE '%$search%' ORDER BY username LIMIT $from, $max_results"; +} +$set_res = @mysql_query($set_lim,$connection) or die(mysql_error()); + +while ($set_lim = mysql_fetch_object($set_res)) +{ + +$fname = $set_lim -> firstname; +$lname = $set_lim -> lastname; +$uname = $set_lim -> username; +$p_change = $set_lim -> pchange; +$verif_d = $set_lim -> verified; +$last = $set_lim -> last_login; +$re_direct = $set_lim -> redirect; +$groupA = $set_lim -> group1; +$groupB = $set_lim -> group2; +$groupC = $set_lim -> group3; +$e_mail = $set_lim -> email; + + +if ($p_change == 1) +{$p_change = "Yes";}else{$p_change = "No";} + +if ($verif_d == "0") +{$verif_d= "No";}else{$verif_d= "Yes";} + + +echo ""; +echo ""; +echo ""; +echo ""; +echo ""; + +echo ""; + +echo ""; +echo ""; +echo ""; +echo ""; +echo ""; + +echo ""; +echo ""; +echo ""; +echo ""; +echo ""; + +echo "

$uname	E-Mail:	$e_mail
	Name:	$fname $lname
	Last Login:	$last

"; + + +} + + +// Figure out the total number of results in DB: +if (!isset($_GET['search'])) +{ + $total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM authorize"),0); +}else{ +$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM authorize + WHERE username LIKE '%$search%' || firstname LIKE '%$search%' + || lastname LIKE '%$search%' || group1 LIKE '%$search%' || group2 LIKE '%$search%' || group3 LIKE '%$search%' + || email LIKE '%$search%'"),0); +} + +// Figure out the total number of pages. Always round up using ceil() +$total_pages = ceil($total_results / $max_results); + +// Build Page Number Hyperlinks +echo "Select a Page
"; + +// Build Previous Link +if($page > 1){ + $prev = ($page - 1); + echo "<< "; +} + +for($i = 1; $i <= $total_pages; $i++){ + if(($page) == $i){ + echo "$i "; + } else { + echo "$i "; + } +} + +// Build Next Link +if($page < $total_pages){ + $next = ($page + 1); + echo " >>"; +} +echo ""; +}else{ +echo "Details for $user_det
"; + +$dsql = "SELECT * FROM $table_name WHERE username = '$user_det'"; +$dresults = @mysql_query($dsql,$connection) or die(mysql_error()); +while ($dsql = mysql_fetch_object($dresults)) +{ +$fname = $dsql -> firstname; +$lname = $dsql -> lastname; +$uname = $dsql -> username; +$p_change = $dsql -> pchange; +$verif_d = $dsql -> verified; +$last = $dsql -> last_login; +$re_direct = $dsql -> redirect; +$groupA = $dsql -> group1; +$groupB = $dsql -> group2; +$groupC = $dsql -> group3; +$e_mail = $dsql -> email; + +if ($p_change == "0") +{ +$p_change = "No"; +}else{ +$p_change = "Yes"; +} + +if ($verif_d == "0") +{ +$verif_d = "No"; +}else{ +$verif_d = "Yes"; +} +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +


	E-Mail:
	Real Name:
	Last Login:
	Password Change Required:
	Verified Through E-Mail:
	Group Memberships:


	Redirect to:

+ +">Back to List + +Exit Search"; +}else{ +echo "

"; +} +?> + + + +

diff --git a/admin/mail_all.htm b/admin/mail_all.htm new file mode 100644 index 0000000..9e48cfb --- /dev/null +++ b/admin/mail_all.htm @@ -0,0 +1,24 @@ + + + + + +E-Mail Subject + + + + + + + + + + diff --git a/admin/mail_all.php b/admin/mail_all.php new file mode 100644 index 0000000..0093c2a --- /dev/null +++ b/admin/mail_all.php @@ -0,0 +1,40 @@ +
"; + while ($sql = mysql_fetch_object($result)) + { + $e_addr = $sql -> email; + $e_user = $sql -> username; + $subject = $_POST[e_subject]; + $mailheaders = $_POST[e_message]; + mail($e_addr, $subject, $mailheaders, "From: No Reply <$adminemail>\n"); + echo "$e_user
"; + } + +?> \ No newline at end of file diff --git a/admin/mod_user.php b/admin/mod_user.php new file mode 100644 index 0000000..921b2c9 --- /dev/null +++ b/admin/mod_user.php @@ -0,0 +1,264 @@ + firstname; + $last = $sql -> lastname; + $uname = $sql -> username; + $pass = $sql -> password; + $gr1 = $sql -> group1; + $gr2 = $sql -> group2; + $gr3 = $sql -> group3; + $change = $sql -> pchange; + $e_mail = $sql -> email; + $re_direct = $sql -> redirect; + $ver_d = $sql -> verified; + $last_log = $sql -> last_login; + $del_dat = last_login(); + } + + $trash_user = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login, del_date)VALUES + ('$first', '$last', '$uname', '$pass', '$gr1', '$gr2', '$gr3', + '$change', '$e_mail', '$re_direct', '$ver_d', '$last_log', '$del_dat')"; + + $del = "DELETE FROM $table_name WHERE username = '$_POST[del_user]'"; + + $result = @mysql_query($del,$connection) or die(mysql_error()); + $result1 = @mysql_query($trash_user,$connection) or die(mysql_error()); + + $msg .= "User $_POST[del_user] has been trashed from the database.
"; + }else{ + $msg .= "User $_POST[del_user] could not be located in the database.
"; + } + + $del_banned = "DELETE FROM banned WHERE no_access = '$_POST[del_user]'"; + $result = @mysql_query($del_banned,$connection) or die(mysql_error()); + + +} + +if (($_POST[username] != "") && ($_POST[mod_pass] == "Same as Old")) +{ +$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'"; +$result = @mysql_query($sql,$connection) or die(mysql_error()); +while ($sql = mysql_fetch_object($result)) + { + $pass = $sql -> password; + $last = $sql -> last_login; + } + $sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'"; + $result = @mysql_query($sql,$connection) or die(mysql_error()); + $sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]', + '$_POST[username]', '$pass', '$_POST[mod_group1]', '$_POST[mod_group2]', + '$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]', + '1', '$last')"; + $result = @mysql_query($sql,$connection) or die(mysql_error()); + $msg .= "The information for $_POST[username] has been changed updated.
"; +} + +if (($_POST[username] != "") && ($_POST[mod_pass] != "Same as Old")) +{ +$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'"; +$result = @mysql_query($sql,$connection) or die(mysql_error()); +while ($sql = mysql_fetch_object($result)) + { + $pass = $sql -> password; + $last = $sql -> last_login; + } + $sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'"; + $result = @mysql_query($sql,$connection) or die(mysql_error()); + $sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]', + '$_POST[username]', password('$_POST[mod_pass]'), '$_POST[mod_group1]', '$_POST[mod_group2]', + '$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]', + '1', '$last')"; + $result = @mysql_query($sql,$connection) or die(mysql_error()); + $msg .= "The information for $_POST[username] has been changed updated.
"; +} + +if ($_POST[ban_user] != "") +{ + + $ban = "INSERT INTO banned (no_access, type) VALUES ('$_POST[ban_user]', 'user')"; + $result = @mysql_query($ban,$connection) or die(mysql_error()); + $msg .= "User $_POST[ban_user] has been banned.
"; + +} + +$ip_addr = "$_POST[oct1].$_POST[oct2].$_POST[oct3].$_POST[oct4]"; + +if ($ip_addr != "...") +{ + $ban_ip = "INSERT INTO banned (no_access, type) VALUES ('$ip_addr', 'ip')"; + $result = @mysql_query($ban_ip,$connection) or die(mysql_error()); + $msg .= "IP Address $ip_addr has been banned.
"; +} + +if ($_POST[lift_user_ban] != "") +{ + + $lift_user = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_user_ban]'"; + $result = @mysql_query($lift_user,$connection) or die(mysql_error()); + $msg .= "The Ban for user $_POST[lift_user_ban] has been lifted.
"; + +} + +if ($_POST[lift_ip_ban] != "") +{ + + $lift_ip = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_ip_ban]'"; + $result = @mysql_query($lift_ip,$connection) or die(mysql_error()); + $msg .= "The Ban for IP Address $_POST[lift_ip_ban] has been lifted.
"; + +} + +if ($_POST[restore] != "") +{ + $ruser = "SELECT * FROM trash WHERE username = '$_POST[restore]'"; + + $result0 = @mysql_query($ruser, $connection) or die(mysql_error()); + + //get the number of rows in the result set + $num = mysql_num_rows($result0); + + //set session variables if there is a match + if ($num != 0) + { + while ($ruser = mysql_fetch_object($result0)) + { + $rfirst = $ruser -> firstname; + $rlast = $ruser -> lastname; + $runame = $ruser -> username; + $rpass = $ruser -> password; + $rgr1 = $ruser -> group1; + $rgr2 = $ruser -> group2; + $rgr3 = $ruser -> group3; + $rchange = $ruser -> pchange; + $re_mail = $ruser -> email; + $rre_direct = $ruser -> redirect; + $rver_d = $ruser -> verified; + $rlast_log = $ruser -> last_login; + } + + $r_user = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login) VALUES + ('$rfirst', '$rlast', '$runame', '$rpass', '$rgr1', '$rgr2', '$rgr3', + '$rchange', '$re_mail', '$rre_direct', '$rver_d', '$rlast_log')"; + + $del = "DELETE FROM trash WHERE username = '$_POST[restore]'"; + + $result = @mysql_query($del,$connection) or die(mysql_error()); + $result1 = @mysql_query($r_user,$connection) or die(mysql_error()); + + $msg .= "User $_POST[restore] has been restored.
"; + }else{ + $msg .= "User $_POST[restore] could not be located in the database.
"; + } +} + +if ($_POST[empt_trash] == "yes") +{ + + $empty = "DELETE FROM trash"; + $gone = @mysql_query($empty, $connection) or die(mysql_error()); + + $msg .= "The trash has been emptied.
"; +} + +if ($_POST[amt_time] != "" && $_POST[incr_time] != "") +{ + $msg .= "The following accounts were inactive for $amt_time $incr_time or more and have been moved to the trash.

"; + $killtime = "NOW() - INTERVAL $_POST[amt_time] $_POST[incr_time]"; + $xfer = "SELECT * FROM $table_name WHERE last_login < $killtime"; + $resultp1 = @mysql_query($xfer, $connection) or die(mysql_error()); + while ($xfer = mysql_fetch_object($resultp1)) + { + $pfirst = $xfer -> firstname; + $plast = $xfer -> lastname; + $puname = $xfer -> username; + $ppass = $xfer -> password; + $pgr1 = $xfer -> group1; + $pgr2 = $xfer -> group2; + $pgr3 = $xfer -> group3; + $ppchange = $xfer -> pchange; + $pe_mail = $xfer -> email; + $pre_direct = $xfer -> redirect; + $pver_d = $xfer -> verified; + $plast_log = $xfer -> last_login; + $pdel_date = last_login(); + + $msg .= "$puname
"; + $xfer2 = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3, + pchange, email, redirect, verified, last_login, del_date) VALUES ('$pfirst', ' $plast', '$puname', + '$ppass', '$pgr1', '$pgr2', '$pgr3', '$ppchange', '$pe_mail', '$pre_direct', '$pver_d', '$plast_log', '$pdel_date')"; + $resultp2 = @mysql_query($xfer2, $connection) or die(mysql_error()); + } + $purge = "DELETE FROM $table_name WHERE last_login < $killtime"; + $resultp3 = @mysql_query($purge, $connection) or die(mysql_error()); + +} + + +echo ""; + +echo $msg; + +if ($_POST[username] == $_SESSION[user_name]) +{ +session_destroy(); +echo ""; +echo ""; +echo ""; +echo "New Page 2"; +echo ""; +exit; +} +?> + + + + + +Modify User + + + + + + + + + diff --git a/banned.html b/banned.html new file mode 100644 index 0000000..62bd1de --- /dev/null +++ b/banned.html @@ -0,0 +1,15 @@ + + + + + +Unauthorized + + + + +

YOU'VE BEEN BANNED

+ + + + diff --git a/check_login.php b/check_login.php new file mode 100644 index 0000000..49f3464 --- /dev/null +++ b/check_login.php @@ -0,0 +1,23 @@ + diff --git a/config.php b/config.php new file mode 100644 index 0000000..2180e97 --- /dev/null +++ b/config.php @@ -0,0 +1,46 @@ + \ No newline at end of file diff --git a/email_change.html b/email_change.html new file mode 100644 index 0000000..415b573 --- /dev/null +++ b/email_change.html @@ -0,0 +1,34 @@ + + + + +Chane E-Mail Address + + + + + + + + + + diff --git a/email_change.php b/email_change.php new file mode 100644 index 0000000..6a6171f --- /dev/null +++ b/email_change.php @@ -0,0 +1,38 @@ + diff --git a/emailpass.html b/emailpass.html new file mode 100644 index 0000000..2b72a6c --- /dev/null +++ b/emailpass.html @@ -0,0 +1,17 @@ + + +Username and Password Request + + +

Request Your Username & Password

+ + + \ No newline at end of file diff --git a/emailpass.php b/emailpass.php new file mode 100644 index 0000000..ad5af9e --- /dev/null +++ b/emailpass.php @@ -0,0 +1,83 @@ + email; + $uname = $sql -> username; + } + +//Update database with new password + $newpass = rand(10000000,99999999); + $chng = "UPDATE $table_name SET + password = password('$newpass'), pchange = '1' + WHERE email = '$email'"; + + $result2 = @mysql_query($chng,$connection) or die(mysql_error()); + +//create message to user + $msg = "

Your username & temporary password has been emailed to you.

"; + $msg .= "

You must change this password immediately after your next login.

"; + $msg .= "

"; + +//create mail message + $mailheaders = "From: www$domain\n"; + $mailheaders .= "Your username is $uname.\n"; + $mailheaders .= "Your password is $newpass.\n"; + $mailheaders .= "$base_dir/login.html"; +} +else +{ + +//If no email was found in the database send a notification to the admin + $email = $adminemail; + $msg = "

Your email address could not be located

"; + $msg .="

The Website Administrator has been emailed, you should contacted by them shortly.

"; + + $mailheaders = "From: www$domain\n"; + $mailheaders .= "A user with the email address of $_POST[email] has requested a username and password reminder.\n"; + $mailheaders .= "$_POST[email] could not be located in the database.\n"; +} + +//Email the request +$to = "$email"; +$subject = "Your Username & Password for www$domain"; + +mail($to, $subject, $mailheaders, "From: No Reply <$adminemail>\n"); + +?> + + +Username and Password Request + + + + + + + diff --git a/errorlogin.html b/errorlogin.html new file mode 100644 index 0000000..846fb44 --- /dev/null +++ b/errorlogin.html @@ -0,0 +1,25 @@ + + +Error Login + + +

There was an error logging you +in, please try again...

+ +

+Click here if would like your username and password to be +e-mailed to the address we have on file.

+ + \ No newline at end of file diff --git a/favorites/edit_links.php b/favorites/edit_links.php new file mode 100644 index 0000000..30477c6 --- /dev/null +++ b/favorites/edit_links.php @@ -0,0 +1,86 @@ + + + + + + +Edit Favorites + + + + + + + + + \ No newline at end of file diff --git a/favorites/edit_links_2.php b/favorites/edit_links_2.php new file mode 100644 index 0000000..2104618 --- /dev/null +++ b/favorites/edit_links_2.php @@ -0,0 +1,49 @@ + \ No newline at end of file diff --git a/favorites/index.htm b/favorites/index.htm new file mode 100644 index 0000000..c9fb6a4 --- /dev/null +++ b/favorites/index.htm @@ -0,0 +1,16 @@ + + + + +New Page 1 + + + + +

+Your browser does not support inline frames or is currently configured not to display inline frames. +

+ + + + diff --git a/favorites/links.php b/favorites/links.php new file mode 100644 index 0000000..7470c9a --- /dev/null +++ b/favorites/links.php @@ -0,0 +1,27 @@ +Add/Change Favorites

"; + +//make the connection to the database +$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); +$db = @mysql_select_db($db_name,$connection)or die(mysql_error()); + +//make query to database +$sql ="SELECT * FROM favorites WHERE username= '$_SESSION[user_name]'"; +$result = @mysql_query($sql,$connection) or die(mysql_error()); + +while ($sql = mysql_fetch_object($result)) +{ + $_link = $sql -> link; + $_nickname = $sql -> nickname; + echo "$_nickname
"; +} + +?> diff --git a/favorites/make_favorites.php b/favorites/make_favorites.php new file mode 100644 index 0000000..4b03caa --- /dev/null +++ b/favorites/make_favorites.php @@ -0,0 +1,37 @@ +Your Favorites table has been created.
"; +} + +?> + + + \ No newline at end of file diff --git a/functions.php b/functions.php new file mode 100644 index 0000000..a0b936b --- /dev/null +++ b/functions.php @@ -0,0 +1,80 @@ + firstname; + $_SESSION[last_name] = $sql -> lastname; + $_SESSION[user_name] = $sql -> username; + $_SESSION[password] = $sql -> password; + $_SESSION[group1] = $sql -> group1; + $_SESSION[group2] = $sql -> group2; + $_SESSION[group3] = $sql -> group3; + $_SESSION[pchange] = $sql -> pchange; + $_SESSION[email] = $sql -> email; + $_SESSION[redirect] = $sql -> redirect; + $_SESSION[verified] = $sql -> verified; + $_SESSION[last_login] = $sql -> last_login; + } + }else{ + $_SESSION[redirect] = "$base_dir/errorlogin.html"; + } +} + +//functions that will determine if access is allowed +function allow_access($group) +{ + if ($_SESSION[group1] == "$group" || $_SESSION[group2] == "$group" || $_SESSION[group3] == "$group" || + $_SESSION[group1] == "Administrators" || $_SESSION[group2] == "Administrators" || $_SESSION[group3] == "Administrators" || + $_SESSION[user_name] == "$group") + { + $allowed = "yes"; + }else{ + $allowed = "no"; + } + return $allowed; +} + +//function to check the length of the requested password +function password_check($min_pass, $max_pass, $pass) +{ + + $valid = "yes"; + if ($min_pass > strlen($pass) || $max_pass < strlen($pass)) + { + $valid = "no"; + } + + return $valid; +} + +?> \ No newline at end of file diff --git a/images/lr_13_header_01.gif b/images/lr_13_header_01.gif new file mode 100644 index 0000000..67ed83e Binary files /dev/null and b/images/lr_13_header_01.gif differ diff --git a/images/lr_13_header_02.gif b/images/lr_13_header_02.gif new file mode 100644 index 0000000..b1d7259 Binary files /dev/null and b/images/lr_13_header_02.gif differ diff --git a/images/lr_13_header_03.gif b/images/lr_13_header_03.gif new file mode 100644 index 0000000..ca476ee Binary files /dev/null and b/images/lr_13_header_03.gif differ diff --git a/images/lr_13_header_04.gif b/images/lr_13_header_04.gif new file mode 100644 index 0000000..6f1c76b Binary files /dev/null and b/images/lr_13_header_04.gif differ diff --git a/images/lr_13_header_05.gif b/images/lr_13_header_05.gif new file mode 100644 index 0000000..b0cd857 Binary files /dev/null and b/images/lr_13_header_05.gif differ diff --git a/images/lr_13_header_06.gif b/images/lr_13_header_06.gif new file mode 100644 index 0000000..3037411 Binary files /dev/null and b/images/lr_13_header_06.gif differ diff --git a/images/mpdolan_logo.gif b/images/mpdolan_logo.gif new file mode 100644 index 0000000..32f84d4 Binary files /dev/null and b/images/mpdolan_logo.gif differ diff --git a/images/mpdolan_logo_bottom.gif b/images/mpdolan_logo_bottom.gif new file mode 100644 index 0000000..92d8cc6 Binary files /dev/null and b/images/mpdolan_logo_bottom.gif differ diff --git a/images/mpdolan_logo_top.gif b/images/mpdolan_logo_top.gif new file mode 100644 index 0000000..76e672c Binary files /dev/null and b/images/mpdolan_logo_top.gif differ diff --git a/index.html b/index.html new file mode 100644 index 0000000..c10d867 --- /dev/null +++ b/index.html @@ -0,0 +1,312 @@ + + + + + +Welcome to Login - Redirect + + + + + + + + + +

This is Version 1.3 of Login - Redirect.

+ Begin Installation

This script is not only a secure login script, +it also allows great control and can be integrated easily into most sites as +well as the following features:

Redirection based on the users login information
+        - The site administrator can dictate +the page that the user will be redirected to once the user has been +authenticated
+Control Panel Administration
+        - The control panel administration +allows Administrators the following functions:
+                +- Add Users
+                +- Modify user information
+                +- Add users to groups
+                +- Delete users
+                +- Undelete Users
+                +- Ban Users
+                +- Lift user bans
+                +- Ban IP Addresses
+                +- Lift IP Address bans
+                +- View and sort login information
+                +- Require users to change their password at next login
+                +- Require users to activate their account as to verify their e-mail address +before they are able to login
+                +- View all user information
+Other functionality of this package:
+        - Control access to pages through +username or groups
+        - Allows users to request an e-mail +of their login information
+        - Allows users to change their own +password and e-mail address
+        - Allows users to self-register
+
+All of the pages viewed by users have been written in html as to allow site +creators easy integration into their site.
+All html pages can be altered, just do not change the functionality of the page.
+For example, if the html page contains to fields named X and Y and the form is +posted to page.php, do not change the name of the field or the name of the page +that the information is posted to unless you know what you are doing.

Requirements:
+        - Website server with php +functionality.
+        - MySQL Database
+
+The installation process is very simple. You will need the following +information to complete the installation:
+        - a MySQL database
+        - The username and password for that +database
+        - Knowledge of the database server +(typically localhost, but it could be different as with 1&1 hosted sites)
+        - FTP ability
+That's it, the installation walks you through all of the steps and creates all +of the table required as well as the configurations settings and the +administrator account setup.
+
+Package Contents and Description:

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

../
*activate.html	This page allows the user to activate + their account. If you has set the configuration to verify e-mail + address, the user will register and an e-mail will be sent requesting + the user to visit this page and activate the account.
*banned.html	This page is displayed to user if + either their IP Address or User account has been banned.
check_login.php	This page is a server-side page that + checks to see if the user still has an open session or has elected + cookies to be set as to limit the number of times the user must login. + You do not have to use this page - If you require your users to login in + every time, I would suggest you remove the "Remember me from this + computer" section from login.html and errorlogin.html. If you + chose to use it and have a "Login" link somewhere on your page, have it + link to check_login.php.
config.php	This is the page with all of the + configuration settings, the code for this page is generated during the + installation process, you will simply need to copy and paste it into + this page and upload.
*email_change.html	This page allows users to change their + own e-mail address.
email_change.php	This is the server-side page that + handles the changing of the user's e-mail address.
*errorlogin.html	This is the page that the user is + directed to should their be an error with their credentials.
functions.php	This page contains various functions + that are used throughout the package.
*login.html	This is the main login page for the + users.
loglogin.php	This is a server-side page that records + the login information to the log_login table.
*no_access.html	This is the page that is displayed + should a user try to gain access to a page that they are no allowed + access to visit.
*not_activated.html	This is the page that is displayed + should a user try to login without activating their account, that is if + you have required e-mail verification.
*pass_change.html	This page allows users to change their + own password.
pass_change.php	This is the server-side page that + handles the password change.
redirect.php	This is the server-side page that sets + the session and redirects the user to the page specified by the + administrator.
*register.html	This page allows user to register + themselves for your site.
register.php	This is the server-side page that + handles the registration.
**../install
**create_admin.php	This is the administrator interface to + create the administrator's account.
**install.html	The first installation page, requests + configurations information.
**install_1.php	The second installation page, allows + for the naming of groups.
**install_2.php	The third installation page, allows for + the creation of the administrator's account.
**install_3.php	The fourth installation page, + installation is complete and provide the config.php code.
../admin
adduser.php	This is the server-side page that + handles the addition of a user.
adminpage.php	This is the Administrator's Control + Panel - very important.
mod_user.php	This is the server-side page that + handles the user modifications, deletions and banning.
../logs
index.html	This is a frames page that includes the + next two pages.
log.php	This is the page that appears on the + right of index.html and contains the login information.
log.html	This is the page that appeats on the + left of index.html and allows for sorting of the login information and + also contain arin.net whois lookup for IP Addresses.

* - indicates that this page is customizable
+** - indicates that this file or folder can be deleted after installation is +complete

+ +

How-to restrict access to your pages:
+1.    All secure pages must be php pages. You can easily +create any page in html and simply save it with a .php extention.
+2.    This code must be added prior to any code on the page:
+
+<?php
+
+//prevents caching
+header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: post-check=0, pre-check=0",false);
+session_cache_limiter();
+session_start();
+
+//this should the the +absolute path to the config.php file
+//(ie /home/website/yourdomain/login/config.php or
+//the location in relationship to the page being protected - ie ../login/config.php +)
+require('../config.php');
+
+//this should the the +absolute path to the functions.php file - see the instrcutions for config.php +above
+require('../functions.php'); +
+
+ //this is +group name or username of the group or person that you wish to allow access to
+ +// - please be advise that the Administrators +Groups has access to all pages.
+if (allow_access(Administrators) != "yes")
+{
+
+//this should the the +absolute path to the no_access.html file - see above
+include ('no_access.html');
+exit;
+}
+?>

For a more precise sample of the code you should +use, please Click Here.

That should do it...

+ + + + diff --git a/install/create_admin.php b/install/create_admin.php new file mode 100644 index 0000000..5a19d7f --- /dev/null +++ b/install/create_admin.php @@ -0,0 +1,61 @@ + + + + + + + +Create Your Administrator Accoun + + + + +

Create Your Administrator Account:

+ + + + + \ No newline at end of file diff --git a/install/header.html b/install/header.html new file mode 100644 index 0000000..6922291 --- /dev/null +++ b/install/header.html @@ -0,0 +1,31 @@ + + + + +Header + + + + + + + + + + + + + + + +

+	+	+
+	+	+

+ + + + diff --git a/install/install.html b/install/install.html new file mode 100644 index 0000000..6cd15a5 --- /dev/null +++ b/install/install.html @@ -0,0 +1,148 @@ + + + + + +Login - Redirect Installation + + + + + + + + + + + + + + + +

+	+	+
+	+	+

+ + + + + + + + + +

Database Name:
+

Server:
+ +

Database Username:
+

Database Password:
+

Installation + Directory:
+

Administrator's + Email:
+
+ Time Zone:
+

Domain Name:
+ www.. + - if other than that listed: +

Verify New User's + Through Email?
+

Default URL:
+

Minimum Password + Length:
+

Maximum Password + Length:
+

Log Logins?
+

Number of Groups:
+

+ + + + diff --git a/install/install_1.php b/install/install_1.php new file mode 100644 index 0000000..51d562c --- /dev/null +++ b/install/install_1.php @@ -0,0 +1,70 @@ +"; +include ('header.html'); + +if (!$_POST[dbase_name] || !$_POST[dbase_server] || !$_POST[dbase_username] || !$_POST[dbase_password] || + !$_POST[install_dir] || !$_POST[time_zone] || + !$_POST[default_url] || !$_POST[min_pass_len] || !$_POST[max_pass_len] || !$_POST[dom_name] || !$_POST[admin_email]) +{ + echo "

You must complete all of the fields, please Go Back and complete all of the fields.

"; + exit; +} + + +?> + + + + + + + +Login - Redirect Installation + + + + +Enter the names of your Groups:
+(Do not use Administrators or Users as a Group Name as there are pre-configured groups)
+ + + + + + \ No newline at end of file diff --git a/install/install_2.php b/install/install_2.php new file mode 100644 index 0000000..f3b84ab --- /dev/null +++ b/install/install_2.php @@ -0,0 +1,233 @@ +"; + +include ('header.html'); + +$group_array = array(); + +$i = 1; +while ($i <= $_SESSION[group_number]) +{ + $group = "group$i"; + array_push($group_array, "$_POST[$group]"); + $i++; +} + +$i = 1; + +//test connection to dbase verifing dbase name, server, username and password + +$connection = @mysql_connect($_SESSION[dbase_server], $_SESSION[dbase_username], $_SESSION[dbase_password]) + or die(mysql_error()); + +$db = @mysql_select_db($_SESSION[dbase_name],$connection) + or die(mysql_error()); + +//create a message to be displayed at the end of the installation +if ($db) +{ + echo "Connection to Database $_SESSION[dbase_name] Successful.
"; +}else{ + echo "

There was an error connecting to the database.

"; + echo "

Please go back and check your Database information.

"; + exit; +} + +//create a table in that dbase +$sql =" +CREATE TABLE IF NOT EXISTS $_SESSION[table_name] +( + firstname VARCHAR(20), + lastname VARCHAR(20), + username VARCHAR(20), + password VARCHAR(50), + group1 VARCHAR(20), + group2 VARCHAR(20), + group3 VARCHAR(20), + pchange VARCHAR(1), + email VARCHAR(100), + redirect VARCHAR(100), + verified VARCHAR(1), + last_login DATE +)"; + +$result = @mysql_query($sql,$connection) + or die(mysql_error()); + +if ($result) +{ + echo "Table $_SESSION[table_name] has been created.
"; +}else{ + echo "

There was an error creating the table.

"; + echo "

Please go back and check your information.

"; + exit; +} + +//create a table in that dbase +$sql_log =" +CREATE TABLE IF NOT EXISTS log_login +( + username VARCHAR(20), + date VARCHAR(20), + time VARCHAR(20), + ip_addr VARCHAR(20), + oper_sys VARCHAR(20), + brow VARCHAR(20) +) +"; + +$result_log = @mysql_query($sql_log,$connection) + or die(mysql_error()); + +if ($result_log) +{ + echo "Table log_login has been created.
"; +}else{ + echo "

There was an error creating the table.

"; + echo "

Please go back and check your information.

"; + exit; +} + +//create a table in that dbase +$sql_ban =" +CREATE TABLE IF NOT EXISTS banned +( + no_access VARCHAR(30), + type VARCHAR(10) +) +"; + +$result_ban = @mysql_query($sql_ban,$connection) + or die(mysql_error()); + +if ($result_ban) +{ + echo "Table banned has been created.
"; +}else{ + echo "

There was an error creating the table.

"; + echo "

Please go back and check your information.

"; + exit; +} + +//create a table in that dbase +$sql_trash =" +CREATE TABLE IF NOT EXISTS trash +( + firstname VARCHAR(20), + lastname VARCHAR(20), + username VARCHAR(20), + password VARCHAR(50), + group1 VARCHAR(20), + group2 VARCHAR(20), + group3 VARCHAR(20), + pchange VARCHAR(1), + email VARCHAR(100), + redirect VARCHAR(100), + verified VARCHAR(1), + last_login DATE, + del_date DATE + ) +"; + +$result_trash = @mysql_query($sql_trash,$connection) + or die(mysql_error()); + +if ($result_trash) +{ + echo "Table trash has been created.
"; +}else{ + echo "

There was an error creating the table.

"; + echo "

Please go back and check your information.

"; + exit; +} + + +?> + + + + + + +Login - Redirect Installation + + + + + + + + +

+ +"; + +include ('create_admin.php'); + +?>

+ + + + + + + diff --git a/install/install_3.php b/install/install_3.php new file mode 100644 index 0000000..5f2b8ee --- /dev/null +++ b/install/install_3.php @@ -0,0 +1,81 @@ +You must complete all of the fields, please Go Back and complete all of the fields.

"; + exit; +} + + + +$pass_len = password_check($_SESSION[min_pass_len], $_SESSION[max_pass_len], $_POST[password]); +if ($pass_len == "no") +{ + echo "

You must use a password between $_SESSION[min_pass_len] and $_SESSION[max_pass_len] characters in length, please Go Back and try again.

"; + exit; +} + +//make connection to dbase +$connection = @mysql_connect($_SESSION[dbase_server], $_SESSION[dbase_username], $_SESSION[dbase_password]) + or die(mysql_error()); + +$db = @mysql_select_db($_SESSION[dbase_name],$connection) + or die(mysql_error()); + +$check_name = "SELECT * FROM $_SESSION[table_name] WHERE username = '$_POST[user_name]'"; +$name_result = @mysql_query($check_name,$connection) or die(mysql_error()); + +//get the number of rows in the result set +$num = mysql_num_rows($name_result); + +if ($num != 0) +{ + echo "

That username already exists. Please Go Back and enter a different username.

"; + exit; +} + +$date = last_login(); + +//enter information into table +$sql = "INSERT INTO $_SESSION[table_name] VALUES + ('$_POST[first_name]', '$_POST[last_name]', '$_POST[user_name]', + password('$_POST[password]'), 'Administrators', '', '', '0', '$_SESSION[admin_email]', + '$_POST[redirect_to]', '1', '$date')"; + +$result = @mysql_query($sql,$connection) or die(mysql_error()); + +if($result) +{ +?> + + + + + +Login - Redirect Installation + + + +The Administrators Account has been Successfully Created.

"; + echo "

The last step is to create a file named config.php.
"; + echo "Copy and paste the below into this file and upload to $_SESSION[install_dir].

"; + echo "

For a sample of the header of each secure page, please Click Here

"; + echo "

Should you have any difficulties, please visit the Help Forum:"; + echo "
MPDolan.com Help Forum

"; + echo "

Please login as with the Adminstrator's Account to complete testing."; + echo "
Login Now

"; +} + + +?> + + \ No newline at end of file diff --git a/install/message.php b/install/message.php new file mode 100644 index 0000000..5c4b586 --- /dev/null +++ b/install/message.php @@ -0,0 +1,21 @@ + + + + + + +New Page 1 + + + + +

+$_SESSION[config]

+ + + + \ No newline at end of file diff --git a/install/sessions.php b/install/sessions.php new file mode 100644 index 0000000..3963ed0 --- /dev/null +++ b/install/sessions.php @@ -0,0 +1,11 @@ + \ No newline at end of file diff --git a/login.html b/login.html new file mode 100644 index 0000000..b00df9a --- /dev/null +++ b/login.html @@ -0,0 +1,24 @@ + + +Login + + +

Login to Secure Area

+ +

+Click here if would like your username and password to be +e-mailed to the address we have on file.

+ + \ No newline at end of file diff --git a/loglogin.php b/loglogin.php new file mode 100644 index 0000000..ad078fa --- /dev/null +++ b/loglogin.php @@ -0,0 +1,60 @@ + \ No newline at end of file diff --git a/logout.php b/logout.php new file mode 100644 index 0000000..64e146c --- /dev/null +++ b/logout.php @@ -0,0 +1,13 @@ + + + + + + diff --git a/logs/index.php b/logs/index.php new file mode 100644 index 0000000..e6451dc --- /dev/null +++ b/logs/index.php @@ -0,0 +1,34 @@ + + + + + + +Log Viewer + + + + + + + <body> + + <p>This page uses frames, but your browser doesn't support them.</p> + + </body> + + + + diff --git a/logs/log.html b/logs/log.html new file mode 100644 index 0000000..9c2f555 --- /dev/null +++ b/logs/log.html @@ -0,0 +1,46 @@ + + + + + +New Page 2 + + + + + + + +

+
+
+
+ARIN WhoIs

+ + +

+ + Volver a la página de administración

+ + + + \ No newline at end of file diff --git a/logs/log.php b/logs/log.php new file mode 100644 index 0000000..99a0d04 --- /dev/null +++ b/logs/log.php @@ -0,0 +1,36 @@ + username; + $whend = $sql -> date; + $whent = $sql -> time; + $ip_add = $sql -> ip_addr; + $operat = $sql -> oper_sys; + $browse = $sql -> brow; + + echo "

Usuario: $user
"; + echo "Fecha: $whend
"; + echo "Hora: $whent
"; + echo "Dirección IP: $ip_add
"; + echo "Sistema operativo: $operat
"; + echo "Navegador: $browse

"; +} + +?> \ No newline at end of file diff --git a/no_access.html b/no_access.html new file mode 100644 index 0000000..9ec2599 --- /dev/null +++ b/no_access.html @@ -0,0 +1,29 @@ + + + + +NO ACCESS ALLOWED + + + + +Access Denied!!!

Please login with proper +credentials:

+ +

+ + + + diff --git a/not_activated.html b/not_activated.html new file mode 100644 index 0000000..6025afb --- /dev/null +++ b/not_activated.html @@ -0,0 +1,15 @@ + + + + +Account Not Activated + + + + +

Your account must be activated before you can log in, please visit the +activation page that was included in the email we sent you.

+ + + + diff --git a/pass_change.html b/pass_change.html new file mode 100644 index 0000000..b8a936b --- /dev/null +++ b/pass_change.html @@ -0,0 +1,36 @@ + + + + +Password Change + + + + + + + + + + + diff --git a/pass_change.php b/pass_change.php new file mode 100644 index 0000000..9e854fe --- /dev/null +++ b/pass_change.php @@ -0,0 +1,80 @@ + + + + + + +Password Change + + + + + + + + + redirect; + } + +//sends the user to their redirect to + header("Location:$_SESSION[redirect]"); + exit; +?> diff --git a/redirect.php b/redirect.php new file mode 100644 index 0000000..798ffd9 --- /dev/null +++ b/redirect.php @@ -0,0 +1,108 @@ + no_access; + if ($username == $banned || $REMOTE_ADDR == $banned) + { + include ('banned.html'); + exit; + } + } + +$last_log = last_login(); + +//updates table with last log as now +$sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'"; +$result = @mysql_query($sql,$connection) or die(mysql_error()); + +if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1")) +{ + include('loglogin.php'); +} + +//redirects the user +header("Location:$_SESSION[redirect]"); + +?> + +Redirect \ No newline at end of file diff --git a/register.html b/register.html new file mode 100644 index 0000000..9f80a88 --- /dev/null +++ b/register.html @@ -0,0 +1,79 @@ + + +Registration + + + + + +

+Register

+ + + \ No newline at end of file diff --git a/register.php b/register.php new file mode 100644 index 0000000..6052112 --- /dev/null +++ b/register.php @@ -0,0 +1,98 @@ + + + + + + +Registration + + + + + + + + +Sorry, that username already exists.

"; +echo "

Try Another Username.

"; +exit; + +}else{ +$sql = "INSERT INTO $table_name VALUES +('$_POST[firstname]', '$_POST[lastname]', '$_POST[username]', password('$_POST[password]'), 'Users', '', '', '$pchange', +'$_POST[email]', '$default_url', '$verify', '')"; + +$result = @mysql_query($sql,$connection) or die(mysql_error()); +} + +//checks to see if the user needs to verify their email address before accessing the site +if ($verify == "0") +{ + $mailheaders = "From: www$domain\n"; + $mailheaders .= "Your account has been created.\n"; + $mailheaders .= "Please activate your account now by visiting this page:\n"; + $mailheaders .= "$base_dir/activate.html\n"; + + + $to = "$_POST[email]"; + $subject = "Please activate your account"; + +mail($to, $subject, $mailheaders, "From: No Reply <$adminemail>\n"); + +}else{ + header('Location:login.html'); +} + + + +?> + + + +Add a User + + +

Please check your email to activate your account.

+ + \ No newline at end of file diff --git a/smpl_sec_header.php b/smpl_sec_header.php new file mode 100644 index 0000000..0932284 --- /dev/null +++ b/smpl_sec_header.php @@ -0,0 +1,51 @@ +
+//prevents caching
+header(\"Expires: Sat, 01 Jan 2000 00:00:00 GMT\");
+header(\"Last-Modified: \".gmdate(\"D, d M Y H:i:s\").\" GMT\");
+header(\"Cache-Control: post-check=0, pre-check=0\",false);
+session_cache_limiter();
+session_start();
+
"; + +if (preg_match("/Windows NT/", $viewer)) +{ + echo "require('$abs\config.php');
+
+ require('$abs\functions.php');
+
"; +} +else +{ + echo "require('$abs/config.php');
+
+ require('$abs/functions.php');
+
"; +} + +echo " +//this is group name or username of the group or person that you wish to allow access to
+// - please be advise that the Administrators Groups has access to all pages.
+if (allow_access(Administrators) != \"yes\")
+{
+"; +if (preg_match("/Windows NT/", $viewer)) +{ + echo " + include ('$abs\\no_access.html');
+ "; +} +else +{ + echo "include ('$abs/no_access.html');
"; +} +echo " +exit;
+}
+?>"; + +?> diff --git a/style.css b/style.css new file mode 100644 index 0000000..9fb19af --- /dev/null +++ b/style.css @@ -0,0 +1,72 @@ +body { + font-family: Verdana; + font-size: 11px; +} + +a:hover { + color: #0000ff; + font-family: Tahoma; + text-decoration: underline overline; +} + +a:visited, a:active { + color: #0000ff; + font-family: Tahoma; + text-decoration: none; +} + +a:link { + color: #0000ff; + font-family: Tahoma; + text-decoration: overline underline; +} + +td { + font-family: Verdana; + font-size: 8pt; +} + +a { + font-family: Tahoma; +} + +h1 { + font-family: Tahoma; +} + +h2 { + font-family: Tahoma; +} + +h3 { + font-family: Tahoma; +} + +h4 { + font-family: Tahoma; +} + +h5 { + font-family: Tahoma; +} + +h6 { + font-family: Tahoma; +} + +p { + font-family: Tahoma; +} + +tr { + font-family: Tahoma; +} + +