Skip to content

Instantly share code, notes, and snippets.

@Orange-Men

Orange-Men/form.account.php Secret

Last active July 28, 2016 07:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Orange-Men/d0dab7e34116def6febe to your computer and use it in GitHub Desktop.
Save Orange-Men/d0dab7e34116def6febe to your computer and use it in GitHub Desktop.
Download ZIP
sitedota
Raw
form.account.php
<?php
if ($Module == 'logout' and $_SESSION['USER_LOGIN_IN'] == 1){
if ($_COOKIE['user']){
setcookie('user', '', strtotime('-30 days'), '/');
unset($_COOKIE['user']);
}
session_unset();
exit(header('Location: /login'));
}
if ($Module == 'edit' and $_POST['enter']) {
ULogin(1);
$_POST['old_password'] = FormChars($_POST['old_password']);
$_POST['new_password'] = FormChars($_POST['new_password']);
$_POST['name'] = FormChars($_POST['name']);
$_POST['country'] = FormChars($_POST['country']);
if ($_POST['old_password'] or $_POST['new_password']) {
if (!$_POST['old_password'])
MessageSend(1, 'Не указазан старый пароль.');
if (!$_POST['new_password'])
MessageSend(1, 'Не указазан новый пароль.');
$Password = GenPass($_POST['new_password'], $_SESSION['USER_LOGIN']);
if ($_SESSION['USER_PASSWORD'] != GenPass($_POST['old_password'], $_SESSION['USER_LOGIN']))
MessageSend(1, 'Старый пароль указан неверно.');
$Password = GenPass($_POST['new_password'], $_SESSION['USER_LOGIN']);
mysqli_query($CONNECT, "UPDATE users SET password = '$Password' WHERE id = '$_SESSION[USER_ID]'");
$_SESSION['USER_PASSWORD'] = $Password;
}
if ($_POST['name'] != $_SESSION['USER_NAME']) {
mysqli_query($CONNECT, "UPDATE users SET name = '$_POST[name]' WHERE id = '$_SESSION[USER_ID]'");
$_SESSION['USER_NAME'] = $_POST['name'];
}
if (UserCountry($_POST['country']) != $_SESSION['USER_COUNTRY']) {
mysqli_query($CONNECT, "UPDATE users SET country = '$_POST[country]' WHERE id = '$_SESSION[USER_ID]'");
$_SESSION['USER_COUNTRY'] = UserCountry($_POST['country']);
}
if ($_FILES['avatar']['tmp_name']) {
if ($_FILES['avatar']['type'] != 'image/png')
MessageSend(1, 'Неверный тип изображения.');
if ($_FILES['avatar']['size'] > 60000)
MessageSend(1, 'Размер изображения слишком большой.');
$Image = imagecreatefrompng($_FILES['avatar']['tmp_name']);
$Size = getimagesize($_FILES['avatar']['tmp_name']);
$Tmp = imagecreatetruecolor(120, 120);
imagecopyresampled($Tmp, $Image, 0, 0, 0, 0, 120, 120, $Size[0], $Size[1]);
if ($_SESSION['USER_AVATAR'] == 0) {
$Files = glob ('resource/avatar/*', GLOB_ONLYDIR);
foreach($Files as $num => $Dir) {
$Num ++;
$Count = sizeof(glob($Dir.'/*.*'));
if ($Count < 250) {
$Download = $Dir.'/'.$_SESSION['USER_ID'];
$_SESSION['USER_AVATAR'] = $Num;
mysqli_query($CONNECT, "UPDATE users SET avatar = $Num WHERE id = '$_SESSION[USER_ID]'");
break;
}
}
}
else $Download = 'resource/avatar/'.$_SESSION['USER_AVATAR'].'/'.$_SESSION['USER_ID'];
imagepng($Tmp, $Download.'.png');
imagedestroy($Image);
imagedestroy($Tmp);
}
MessageSend(3, 'Данные изменены.');
}
ULogin(0);
if ($Module == 'restore' and !$Param['code'] and substr($_SESSION['RESTORE'], 0, 4) == 'wait'){
MessageSend(2, 'Вы уже отправили заявку на восстановление пароля. Проверьте ваш E-mail <b>'.HideEmail(substr($_SESSION['RESTORE'], 5)).'</b>.');
}
if ($Module == 'restore' and $_SESSION['RESTORE'] and substr($_SESSION['RESTORE'], 0, 4) != 'wait'){
MessageSend(2, 'Ваш пароль был изменён. Для входа используйте новый пароль <b>'.$_SESSION['RESTORE'].'</b>', '/login');
}
if ($Module == 'restore' and $Param['code']){
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, 'SELECT login FROM users WHERE id = '.str_replace(md5(substr($_SESSION['RESTORE'], 5)), '', $Param['code'])));
if (!$Row['login'])
MessageSend(1, 'Невозможно восстановить пароль.', '/login');
$Random = RandomString(15);
$_SESSION['RESTORE'] = $Random;
mysqli_query($CONNECT, 'UPDATE users SET password = '.GenPass($Random, $Row['login']).'WHERE login = '.$Row['login']);
MessageSend(1, 'Пароль успешно изменён, для входа используйте новый пароль <b>'.$Random.'</b>', '/login');
}
if ($Module == 'restore' and $_POST['enter']) {
$_POST['login'] = FormChars($_POST['login']);
$_POST['captcha'] = FormChars($_POST['captcha']);
if (!$_POST['login'] or !$_POST['captcha'])
MessageSend(1, 'Что-то пошло не так ...');
if ($_SESSION['captcha'] != md5($_POST['captcha']))
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, email FROM users WHERE login = '$_POST[login]'"));
if (!$Row['email'])
MessageSend(1, 'Пользователь не найден.');
mail($Row['email'], 'Orange_Men', 'Ссылка для восстановления: http://site-dota.ua/account/restore/code/'.md5($Row['email']).$Row['id'], 'From: Orange_Men');
$_SESSION['RESTORE'] = 'wait/'.$Row['email'];
MessageSend(2, 'На ваш E-mail <b>'.HideEmail($Row['email']).'</b> отправлено подтверждение смены пароля');
}
if ($Module == 'register' and $_POST['enter']){
$_POST['login'] = FormChars($_POST['login']);
$_POST['email'] = FormChars($_POST['email']);
$_POST['password'] = GenPass(FormChars($_POST['password']), $_POST['login']);
$_POST['name'] = FormChars($_POST['name']);
$_POST['country'] = FormChars($_POST['country']);
$_POST['captcha'] = FormChars($_POST['captcha']);
if (!$_POST['login'] or !$_POST['email'] or !$_POST['password'] or !$_POST['name'] or $_POST['country'] > 4 or !$_POST['captcha'])
MessageSend(1, 'Что-то пошло не так ...');
if ($_SESSION['captcha'] != md5($_POST['captcha']))
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT login FROM users WHERE login = '$_POST[login]'"));
if ($Row['login'])
MessageSend(1, 'Логин <b>'.$_POST['login'].'</b> уже использован.', '/register');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT email FROM users WHERE email = '$_POST[email]'"));
if ($Row['email'])
MessageSend(1, 'E-mail <b>'.$_POST['email'].'</b> уже использован.', '/register');
mysqli_query($CONNECT, "INSERT INTO users VALUES ('',
'$_POST[login]',
'$_POST[password]',
'$_POST[name]',
now(),
'$_POST[email]',
'$_POST[country]',
0,
0,
0)");
$Сode = str_replace('=', '', base64_encode($_POST['email']));
mail($_POST['email'], 'Регистрация на сайте. Orange_Men', 'Ссылка для активации: http://site-dota.ua/account/active/code/'.substr($Code, 5).substr($Code, 0, -5), 'From: Orange_Men');
MessageSend(3, 'Регистрация аккаунта успешно заверщена. На указаный e-mail адрес <b>'.$_POST['email'].'</b> отправлено письмо с подтверждением регистрации.');
}
else if ($Module == 'active' and $Param['code']) {
if (!$_SESSION['USER_ACTIVE_EMAIL']) {
$Email = base64_decode(substr($Param['code'], 5).substr($Param['code'], 0, 5));
if (strpos($Email, '@') !== false) {
mysqli_query($CONNECT, "UPDATE users SET active = 1 WHERE email = '$Email'");
$_SESSION['USER_ACTIVE_EMAIL'] = $Email;
MessageSend(3, 'E-mail <b>'.$Email.' подтвержден.</b>', '/login');
}
else MessageSend(1, 'E-mail адрес не подтвержден.', '/login');
}
else MessageSend(1, 'E-mail адрес <b>'.$_SESSION['USER_ACTIVE_EMAIL'].'</b> уже подтвержден', '/login');
}
else if ($Module == 'login' and $_POST['enter']) {
$_POST['login'] = FormChars($_POST['login']);
$_POST['password'] = GenPass(FormChars($_POST['password']), $_POST['login']);
$_POST['captcha'] = FormChars($_POST['captcha']);
if (!$_POST['login'] or !$_POST['password'] or !$_POST['captcha'])
MessageSend(1, 'Что-то пошло не так ...');
if ($_SESSION['captcha'] != md5($_POST['captcha']))
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT password, active FROM users WHERE login = '$_POST[login]'"));
if ($Row['password'] != $_POST['password'])
MessageSend(1, 'Неверный логин или пароль ! Попробуйте ещё раз.');
/*if ($Row['active'] == 0)
MessageSend(1, 'Аккаунт пользователя <b>'.$_POST['login'].'</b> не подтвержден.');*/
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, name, regdate, email, country, avatar, password, login, groups FROM users WHERE login = '$_POST[login]'"));
$_SESSION['USER_LOGIN'] = $Row['login'];
$_SESSION['USER_PASSWORD'] = $Row['password'];
$_SESSION['USER_ID'] = $Row['id'];
$_SESSION['USER_NAME'] = $Row['name'];
$_SESSION['USER_REGDATE'] = $Row['regdate'];
$_SESSION['USER_EMAIL'] = $Row['email'];
$_SESSION['USER_COUNTRY'] = UserCountry($Row['country']);
$_SESSION['USER_AVATAR'] = $Row['avatar'];
$_SESSION['USER_GROUP'] = $Row['groups'];
$_SESSION['USER_LOGIN_IN'] = 1;
if ($_REQUEST['remember'])
setcookie('user', $_POST['password'], strtotime('+30 days'), '/');
exit(header('Location: /profile'));
}
/*else if ($Module == 'profile' and $_POST['exit'] and $_SESSION['USER_LOGIN_IN'] == 1){
if ($_COOKIE['user']){
setcookie('user', '', strtotime('-30 days'), '/');
unset($_COOKIE['user']);
}
session_unset();
exit(header('Location: /login'));
}*/
?>
Raw
index.php
<?php
include_once 'setting.php';
session_start();
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$CONNECT = mysqli_connect(HOST, USER, PASS, DB);
if ($_SESSION['USER_LOGIN_IN'] != 1 and $_COOKIE['user']) {
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, name, regdate, email, country, avatar, login, groups FROM users WHERE password = '$_COOKIE[user]'"));
$_SESSION['USER_LOGIN'] = $Row['login'];
$_SESSION['USER_ID'] = $Row['id'];
$_SESSION['USER_NAME'] = $Row['name'];
$_SESSION['USER_REGDATE'] = $Row['regdate'];
$_SESSION['USER_EMAIL'] = $Row['email'];
$_SESSION['USER_COUNTRY'] = UserCountry($Row['country']);
$_SESSION['USER_AVATAR'] = $Row['avatar'];
$_SESSION['USER_GROUP'] = $Row['groups'];
$_SESSION['USER_LOGIN_IN'] = 1;
}
// Единая точка входа
if ($_SERVER['REQUEST_URI'] == '/'){
$Page = 'index';
$Module = 'index';
}else{
$URL_Path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$URL_Parts = explode('/', trim($URL_Path, ' /'));
$Page = array_shift($URL_Parts);
$Module = array_shift($URL_Parts);
if (!empty($Module)){
$Param = array();
for ($i = 0; $i < count($URL_Parts); $i++){
$Param[$URL_Parts[$i]] = $URL_Parts[++$i];
}
}
}
//Наши страницы
if ($Page == 'index' and $Module == 'index') include('page/index.php');
else if ($Page == 'login') include('page/login.php');
else if ($Page == 'register') include('page/register.php');
else if ($Page == 'account') include('form/account.php');
else if ($Page == 'profile') include('page/profile.php');
else if ($Page == 'restore') include('page/restore.php');
else if ($Page == 'guestbook') include('page/guestbook.php');
else if ($Page == 'news'){
if (!$Module or $Page == 'news' and $Module == 'category' or $Page == 'news' and $Module == 'main')
include('module/news/main.php');
else if ($Module == 'material')
include('module/news/material.php');
else if ($Module == 'add')
include('module/news/add.php');
else if ($Module == 'edit')
include('module/news/edit.php');
else if ($Module == 'control')
include('module/news/control.php');
}
//Проверка на авторизацию
function ULogin($p1) {
if ($p1 <= 0 and $_SESSION[USER_LOGIN_IN] != $p1)
MessageSend(1, 'Данная страница доступна только для гостей.', '/');
else if ($_SESSION[USER_LOGIN_IN] != $p1)
MessageSend(1, 'Данная страница доступна только для пользователей сайта.', '/');
}
//Страны
function UserCountry($p1) {
if ($p1 == 0)
return 'Украина';
if ($p1 == 1)
return 'Россия';
if ($p1 == 2)
return 'Беларусь';
if ($p1 == 3)
return 'Казахстан';
}
//Группы пользователей
function UserGroup($p1) {
if ($p1 == 0)
return 'Пользователь';
if ($p1 == 1)
return 'Модератор';
if ($p1 == 2)
return 'Администратор';
if ($p1 == -1)
return 'Заблокирован';
}
function UserAccess($p1) {
if ($_SESSION['USER_GROUP'] < $p1)
MessageSend(1, 'У вас нет прав доступа для просмотра данной страницы сайта.', '/');
}
//Рандомная строка
function RandomString($p1) {
$Char = '0123456789abcdefghijklmnopqrstuvwxyz';
$String = '';
for ($i = 0; $i < $p1; $i ++)
$String .= $Char[rand(0, strlen($Char) - 1)];
return $String;
}
//Скрыте символов в email после @
function HideEmail($p1) {
$Explode = explode('@', $p1);
return $Explode[0].'@*****';
}
//Выплывающее сообщение об ошибке, подсказке или информации.
function MessageSend($p1, $p2, $p3 = '') {
if ($p1 == 1)
$p1 = 'Ошибка';
else if ($p1 == 2)
$p1 = 'Подсказка';
else if ($p1 == 3)
$p1 = 'Информация';
$_SESSION['message'] = '<div class = MessageBlock><b>'.$p1.'</b>: '.$p2.'</div>';
if ($p3)
$_SERVER['HTTP_REFERER'] = $p3;
exit(header('Location: '.$_SERVER['HTTP_REFERER']));
}
//Вывод этой ошибки, подсказки или информации.
function MessageShow(){
if ($_SESSION['message'])
$Message = $_SESSION['message'];
echo $Message;
$_SESSION['message'] = array();
}
//Проверка
//nl2br — Вставляет HTML-код разрыва строки перед каждым переводом строки
//htmlspecialchars — Преобразует специальные символы в HTML-сущности
//trim — Удаляет пробелы (или другие символы) из начала и конца строки
function FormChars ($p1) {
return nl2br(htmlspecialchars(trim($p1), ENT_QUOTES), false);
}
//Шифровка md5
function GenPass ($p1, $p2){
return md5('Orange_Men'.md5('123'.$p1.'321').md5('456'.$p2.'654'));
}
//<head>
function Head($p1) {
echo "
<head>
<meta charset='utf-8'/>
<title>$p1</title>
<meta name='keywords' content='' />
<meta name='description' content='' />
<link href='/resource/style.css' rel='stylesheet'>
<link href='/resource/img/dota.ico' rel='icon' type = 'image/x-icon'>
</head>";
}
//Функция переключателя страниц
//$p1 - URL (Example: /news/main/page)
//$p2 - Текущая страница ($Param['page'])
//$p3 - Кол-во новостей
//$p4 - Кол-во новостей на странице
function PageSelector($p1, $p2, $p3, $p4 = 5) {
$Page = ceil($p3[0] / $p4); // делим кол-во новостей на кол-во записей на странице
if ($Page > 1) { //А нужен ли переключатель ?
echo '<div class = "PageSelector">';
for ($i = ($p2 - 3); $i < ($Page + 1); $i++) {
if ($i > 0 and $i <= ($p2 + 3)) {
if ($p2 == $i)
$Swch = 'SwchItemCur';
else $Swch = 'SwchItem';
echo '<a class = "page_selector_a '.$Swch.'" href = "'.$p1.$i.'">'.$i.'</a>';
}
}
echo '</div>';
}
}
//MenuHead
function Menu() {
if ($_SESSION['USER_LOGIN_IN'] != 1)
$Menu = "<a href = '/register'><div class = 'Menu'>Регистрация</div></a>
<a href = '/login'><div class = 'Menu'>Вход</div></a>";
else $Menu = "<a href = '/profile'><div class = 'Menu'>Профиль</div></a>
<a href = '/guestbook'><div class = 'Menu'>Гостевая книга</div></a>";
echo "<div class = 'MenuHead'>
<a href = '/'><div class = 'Menu'>Главная</div></a>
<a href = '/news'><div class = 'Menu'>Новости</div></a>
$Menu
</div>";
}
//<footer>
function Footer() {
echo "<footer class='footer'>
Orange_Men<br> Все права защищены
</footer>";
}
?>
<head>
<meta charset = "utf-8">
</head>
Raw
news.add.php
<?php
ULogin(1);
if ($_SESSION['USER_GROUP'] == 2)
$Active = 1;
else
$Active = 0;
if ($_POST['enter'] and $_POST['text'] and $_POST['name'] and $_POST['cat']) {
$_POST['name'] = FormChars($_POST['name']);
$_POST['text'] = FormChars($_POST['text']);
$_POST['cat'] += 0;
mysqli_query($CONNECT, "INSERT INTO news VALUES ('',
'$_POST[name]',
'$_POST[cat]',
0,
'$_SESSION[USER_LOGIN]',
'$_POST[text]',
NOW(),
$Active)");
MessageSend(3, 'Новость добавлена.', '/news');
}
?>
<!DOCTYPE html>
<html>
<?php Head('Добавить новость')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<form method = "POST" action = "/news/add">
<input type = "text" name = "name" placeholder="Название новости" required><br>
<select size = '1' name = 'cat' required>
<option selected value = '1'>Категория 1</option>
<option value = '2'>Категория 2</option>
<option value = '3'>Категория 3</option>
</select><br>
<textarea class = "Add" name = "text" required></textarea><br>
<input type = "submit" name = "enter" value = "Добавить">
<input type = "reset" value = "Очистить">
</form>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.control.php
<?php
UserAccess(2);
if ($Param['id'] and $Param['command']) {
if ($Param['command'] == 'delete') {
mysqli_query($CONNECT, "DELETE FROM news WHERE id = $Param[id]");
MessageSend(3, 'Новость удалена.', '/news');
} else if ($Param['command'] == 'active') {
mysqli_query($CONNECT, "UPDATE news SET active = 1 WHERE id = $Param[id]");
MessageSend(3, 'Новость активирована.', '/news/material/id/'.$Param['id']);
}
}
?>
Raw
page.edit.php
<?php
UserAccess(2);
$Param['id'] += 0;
if (!$Param['id'])
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT cat, name, text FROM news WHERE id = $Param[id]"));
if (!$Row['name'])
MessageSend(1, 'Новость не найдена, обратитесь к администратору.', '/news');
if ($_POST['enter'] and $_POST['text'] and $_POST['name'] and $_POST['cat']) {
$_POST['name'] = FormChars($_POST['name']);
$_POST['text'] = FormChars($_POST['text']);
$_POST['cat'] += 0;
mysqli_query($CONNECT, "UPDATE news SET name = '$_POST[name]',
cat = $_POST[cat],
text = '$_POST[text]'
WHERE id = $Param[id]");
MessageSend(3, 'Новость отредактирована.', '/news/material/id/'.$Param['id']);
}
?>
<!DOCTYPE html>
<html>
<?php Head('Редактировать новость')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
echo '
<form method = "POST" action = "/news/edit/id/'.$Param['id'].'">
<input type = "text" name = "name" placeholder="Название новости" value = "'.$Row['name'].'" required><br>
<select size = "1" name = "cat" required>
'.str_replace('value = "'.$Row['cat'], 'selected value = "'.$Row['cat'],
'<option selected value = "1">Категория 1</option>
<option value = "2">Категория 2</option>
<option value = "3">Категория 3</option>').'
</select><br>
<textarea class = "Add" name = "text" required>'.str_replace('<br>', '', $Row['text']).'</textarea><br>
<input type = "submit" name = "enter" value = "Сохранить">
<input type = "reset" value = "Очистить">
</form>';
?>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.guestbook.php
<?php
ULogin(1);
if ($_POST['enter'] and $_POST['text']) {
$_POST['text'] = FormChars($_POST['text']);
mysqli_query($CONNECT, "INSERT INTO guestbook VALUES ('',
'$_POST[text]',
'$_SESSION[USER_LOGIN]',
now())");
exit(header('location: /guestbook'));
}
?>
<!DOCTYPE html>
<html>
<?php Head('Гостевая книга')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<div class = "guestbook_box">
<?php
$Query = mysqli_query($CONNECT, "SELECT id, message, user, time FROM guestbook ORDER BY time DESC LIMIT 50");
while ($Row = mysqli_fetch_assoc($Query)){
echo '<div class = "guestbook_block">
<span>'.$Row['user'].' | '.$Row['time'].'</span>'.$Row['message'].'
</div>';
}
?>
</div>
<form method = "POST" action = "/guestbook">
<textarea class = "questbook" name = "text" placeholder="Текст сообщения" required></textarea><br>
<input type = "submit" name = "enter" value = "Отправить">
<input type = "reset" value = "Очистить">
</form>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.index.php
<!DOCTYPE html>
<html>
<?php Head('Главная страница')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.login.php
<?php
ULogin(0);
?>
<!DOCTYPE html>
<html>
<?php Head('Вход')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<form method = "POST" action = "/account/login">
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br>
<input type = "password" name = "password" placeholder="Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр." required><br>
<div class = "capdiv">
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required>
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча">
</div>
<input type = "checkbox" name = "remember"> Запомнить меня<br>
<input type = "submit" name = "enter" value = "Вход">
<input type = "reset" value = "Очистить"><br><br>
<a class = "button pass" href = "/restore">Забыли пароль ?</a>
</form>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.main.php
<?php
if ($Module == 'category' and $Param['id'] != 1 and $Param['id'] != 2 and $Param['id'] != 3)
MessageSend(1, 'Такой категории не существует.', '/news');
$Param['page'] += 0;
?>
<!DOCTYPE html>
<html>
<?php Head('Новости')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<div class = "CatHead">
<?php
if($_SESSION['USER_LOGIN_IN'])
echo '
<a href = "/news/add"><div class = "Cat">Добавить новость</div></a>
';
?>
<a href = "/news"><div class = "Cat">Все категории</div></a>
<a href = "/news/category/id/1"><div class = "Cat">Категория 1</div></a>
<a href = "/news/category/id/2"><div class = "Cat">Категория 2</div></a>
<a href = "/news/category/id/3"><div class = "Cat">Категория 3</div></a>
</div>
<br><div class = "text">
<?php
if (!$Module or $Module == 'main') {
if ($_SESSION['USER_GROUP'] != 2)
$Active = 'WHERE active = 1';
$Param1 = 'SELECT id, name, added, date, active FROM news '.$Active.' ORDER BY id DESC LIMIT 0, 5';
$Param2 = 'SELECT id, name, added, date, active FROM news '.$Active.' ORDER BY id DESC LIMIT START, 5';
$Param3 = 'SELECT COUNT(id) FROM news';
$Param4 = '/news/main/page/';
}else if ($Module == 'category') {
if ($_SESSION['USER_GROUP'] != 2)
$Active = 'AND active = 1';
$Param1 = 'SELECT id, name, added, date, active FROM news WHERE cat = '.$Param['id'].' '.$Active.' ORDER BY id DESC LIMIT 0, 5';
$Param2 = 'SELECT id, name, added, date, active FROM news WHERE cat = '.$Param['id'].' '.$Active.' ORDER BY id DESC LIMIT START, 5';
$Param3 = 'SELECT COUNT(id) FROM news WHERE cat = '.$Param['id'];
$Param4 = '/news/category/id/'.$Param['id'].'/page/';
}
$Count = mysqli_fetch_row(mysqli_query($CONNECT, $Param3));
if (!$Param['page']) {
$Param['page'] = 1;
$Result = mysqli_query($CONNECT, $Param1);
} else {
$Start = ($Param['page'] - 1) * 5;
$Result = mysqli_query($CONNECT, str_replace('START', $Start, $Param2));
}
while ($Row = mysqli_fetch_assoc($Result)) {
if (!$Row['active'])
$Row['name'] .= ' <b>(Ожидает подтверждения от администрации.)</b>';
echo '<a class = "main_a" href = "/news/material/id/'.$Row['id'].'">
<div class = "news_block">
<span>Добавил: '.$Row['added'].' | '.$Row['date'].'</span>'.$Row['name'].'
</div>
</a>';
}
PageSelector($Param4, $Param['page'], $Count);
?>
</div>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.materila.php
<?php
$Param['id'] += 0;
if ($Param['id'] == 0)
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news');
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, 'SELECT name, cat, readed, added, text, date, active FROM news WHERE id = '.$Param['id']));
if (!$Row['name'])
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news');
if (!$Row['active'] and $_SESSION['USER_GROUP'] != 2)
MessageSend(1, 'Неактивированная новость. Обратитесь к администрации.', '/news');
mysqli_query($CONNECT, 'UPDATE news SET readed = readed + 1 WHERE id = '.$Param['id']);
?>
<!DOCTYPE html>
<html>
<?php Head($Row['name']);?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<div class = "text">
<?php
if (!$Row['active'])
$Active = '| <a class = "edit_a" href = "/news/control/id/'.$Param['id'].'/command/active"><div class = "button edit">Активировать новость</div></a>';
if($_SESSION['USER_GROUP'] == 2){
$Edit = '| <a class = "edit_a" href = "/news/edit/id/'.$Param['id'].'"><div class = "button edit">Редактировать новость</div></a>';
$Delete = '| <a class = "edit_a" href = "/news/control/id/'.$Param['id'].'/command/delete"><div class = "button edit">Удалить новость</div></a>';
}
echo 'Просмотров: '.($Row['readed'] + 1).' | Добавил: '.$Row['added'].' | Дата: '.$Row['date'].' '.$Edit.' '.$Active.' '.$Delete.'<br><br><b>'.$Row['name'].'</b><br>'.$Row['text'];
?>
</div>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.profile.php
<?php
ULogin(1);
?>
<!DOCTYPE html>
<html>
<?php Head('Профиль пользователя')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<div class = "text">
<?php
if ($_SESSION['USER_AVATAR'] == 0)
$Avatar = 0;
else $Avatar = $_SESSION['USER_AVATAR'].'/'.$_SESSION['USER_ID'];
echo '
<img src = "/resource/avatar/'.$Avatar.'.png" width = "120" height = "120" alt = "Аватар" align = "left">
<div class = "block">
ID: '.$_SESSION['USER_ID'].' ('.UserGroup($_SESSION['USER_GROUP']).')
<br>Name: '.$_SESSION['USER_NAME'].'
<br>E-mail: '.$_SESSION['USER_EMAIL'].'
<br>Country: '.$_SESSION['USER_COUNTRY'].'
<br>Rgdate: '.$_SESSION['USER_REGDATE'].'
<br>
</div>
<a class = "button profileb" href = "/account/logout">Выход</a>
<form method = "POST" action = "/account/edit" enctype = "multipart/form-data">
<input type = "password" name = "old_password" placeholder="Старый Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр."><br>
<input type = "password" name = "new_password" placeholder="Новый Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр."><br>
<input type = "text" name = "name" placeholder="Имя" maxlength = "10" pattern = "[А-Яа-яЁё]{4,10}" title = "Не менее 4 и не более 10 русских букаф." value = "'.$_SESSION['USER_NAME'].'" required><br>
<select size = "1" name = "country" required>
'.str_replace('>'.$_SESSION['USER_COUNTRY'], 'selected>'.$_SESSION['USER_COUNTRY'],
'<option value = "1">Украина</option>
<option value = "2">Россия</option>
<option value = "3">Беларусь</option>
<option value = "4">Казахстан</option>').'
</select><br>
<div class = "attention">
<input type = "file" name = "avatar" accept = "image/png">
<p>*Аватарка должна быть в формате png и размером 120х120 рх</p><br>
</div>
<input type = "submit" name = "enter" value = "Редактировать">
<input type = "reset" value = "Очистить">
</form>
';
?>
<!--<form method = "POST" action = "/account/profile">
<input type = "button" name = "exit" value = "Выход">
</form>-->
</div>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.register.php
<?php
ULogin(0);
?>
<!DOCTYPE html>
<html>
<?php Head('Регистрация')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<form method = "POST" action = "/account/register">
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br>
<input type = "email" name = "email" placeholder="E-Mail" required><br>
<input type = "password" name = "password" placeholder="Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр." required><br>
<input type = "text" name = "name" placeholder="Имя" maxlength = "10" pattern = "[А-Яа-яЁё]{4,10}" title = "Не менее 4 и не более 10 русских букаф." required><br>
<select size = '1' name = 'country' required>
<option selected value = '0'>Украина</option>
<option value = '1'>Россия</option>
<option value = '2'>Беларусь</option>
<option value = '3'>Казахстан</option>
</select><br>
<input type = "file" name = "avatar"><br>
<div class = "capdiv">
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required>
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча">
</div>
<input type = "submit" name = "enter" value = "Регистрация">
<input type = "reset" value = "Очистить">
</form>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
page.restore.php
<?php
ULogin(0);
?>
<!DOCTYPE html>
<html>
<?php Head('Восстановление пароля')?>
<body>
<div class="wrapper">
<div class="header"></div>
<div class="content">
<?php Menu();
MessageShow();
?>
<form method = "POST" action = "/account/restore">
<input type = "email" name = "email" placeholder="E-mail" maxlength = "10" required><br>
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br>
<div class = "capdiv">
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required>
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча">
</div>
<input type = "submit" name = "enter" value = "Восстановить">
<input type = "reset" value = "Очистить">
</form>
</div>
<?php Footer() ?>
</div>
</body>
</html>
Raw
resource.captcha.php
<?php
session_start();
$Random = rand(10001, 99999);
$_SESSION['captcha'] = md5($Random);
$im = imagecreatetruecolor(90, 30);
imagefilledrectangle($im, 0, 0, 110, 30, imagecolorallocate($im, 212, 75, 56));
imagettftext($im, 40, 0, 15, 23, imagecolorallocate($im, 255, 255, 255), 'font.ttf', $Random);
header ('Expires: Wed, 1 Jan 1997 00:00:00 GMT');
header ('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
header ('Cache-Control: no-store, no-cache, must-revalidate');
header ('Cache-Control: post-check=0, pre-check', false);
header ('Pragma: no-cache');
header ('Content-type: image.gif');
imagegif($im);
imagedestroy($im);
?>
Raw
resource.style.css
*{margin: 0; padding: 0;}
body {
font: 12px/18px Arial, sens-serif;
width: 100%;
background: url(/resource/img/pw_maze_black.png);
}
.wrapper {
width: 1000px;
margin: 0 auto;
}
.text {
padding: 10px;
}
/* Header*/
.header {
width: 900px;
height: 150px;
background: url(/resource/img/dota_logo.png) center no-repeat;
background-size: 70%, cover;
}
/* Middle*/
.content {
width: 1000px;
height: 700px;
background: #d7d4d4;
}
.MenuHead {
display: block;
height: 60px;
}
.Menu {
float: left;
display: inline-block;
height: 20px;
background: #D44B38;
color: #fff;
padding: 20px;
font-size: 20px;
font-weight: bold;
}
.Menu:hover, .Cat:hover{
opacity: 0.5;
cursor: pointer;
}
.CatHead {
display: block;
height: 40px;
margin: 10px 0 0 0;
}
.Cat {
float: left;
display: inline-block;
background: #D44B38;
color: #fff;
padding: 20px;
font-size: 15px;
font-weight: bold;
}
input[type=text],
input[type=password],
input[type=email] {
height: 15px;
width: 200px;
padding: 5px;
margin: 0 0 5px 0;
}
.button,
input[type=submit],
input[type=file],
input[type=reset] {
color: #fff;
text-decoration: none;
background: #D44B38;
padding: 8px;
border: 1px solid #A83B2D
}
.edit {
width: 140px;
display: inline;
}
.button:hover,
input[type=submit]:hover,
input[type=reset]:hover {
background: #E85F4C
}
.button.pass {
display: block;
margin: -10px 0 0 0;
width: 100px;
}
select {
height: 30px;
width: 100px;
padding: 5px;
margin: 0 0 5px 0;
}
input[type=file]{
margin: 0 0 5px 0;
}
form {
margin: 10px 0 0 10px;
}
.attention p{
position: absolute;
display: none;
opacity: 0;
}
.attention:hover p{
display: inline;
opacity: 0.8;
}
.MessageBlock {
border: 1px solid #A83B2D;
background: #D44B38;
padding: 10px;
color: #fff;
}
.capinp {
max-width: 80px;
}
.capimg {
width: 90px;
height: 26px;
border: 1px solid #A83B2D;
margin: 0 0 -10px 0;
}
.capdiv {
width: 215px;
height: 30px;
margin: 0 0 5px 0;
}
.block {
border: 1px solid #e5e5e5;
background: #D7D4D4;
padding: 10px;
width: 815px;
height: 135px;
display: table;
line-height: 25px;
}
.profileb {
float: left;
width: 102px;
margin: -37px 0 0 0;
}
.guestbook_box {
height: 300px;
overflow: auto;
border: 1px solid #ddd;
}
.guestbook_block,
.news_block {
border: 1px solid #ddd;
background: #f2f2f2;
padding: 10px;
color: #000;
margin: 10px;
}
.guestbook_block span,
.news_block span{
color: #828282;
font-size: 10px;
display: block;
}
.edit_a,
.main_a,
.page_selector_a{
text-decoration: none;
}
.guestbook {
width: 300px;
height: 40px;
resize: none;
padding: 5px;
}
.PageSelector {
margin: 10px;
}
.SwchItem, .SwchItemCur {
padding: 2px 15px;
background: #D44B38;
color: #fff;
}
.SwchItemCur {
background: #A83B2D;
}
.Add {
width: 800px;
height: 300px;
}
/* Footer*/
.footer {
height: 30px;
background: #2c2c2c;
color: #fff;
padding: 20px;
}
Raw
setting.php
<?php
define ('HOST', 'sitedota');
define ('USER', 'root');
define ('PASS', '');
define ('DB', 'users');
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment