Файл: html/index.php
Строк: 245
<?php
require_once ('system/func.php');
require_once ('system/dbc.php');
require_once ('system/header.php');
noauth();
if (isset($_GET['vostanovlenie'])) {
?>
<center>-Получение кода-
<table class="table_block2">
<tr>
<td class="block101" style="width: 2%"></td>
<td class="block102" style="width: 96%"></td>
<td class="block103" style="width: 2%"></td>
</tr>
<tr>
<td class="block104" style="width: 2%"></td>
<td class="block105" style="width: 96%;text-align: center;">
<p> Если к вашему персонажу привязан почтовый ящик,
то введите его:</p>
<div style="padding-bottom: 6px;">
<input style="text-align: center;" class="buttonregInput" type="text" id="eemail" maxlength="50" value="" placeholder="Email">
<button class="button_alt_01" onclick="showContent('/index.php?vostanovlenie&email=' + $('#eemail').val())">Отправить</button>
</div>
<p>На указанный почтовый ящик будет отправлено СМС с кодом</p></center>
</td>
<td class="block106" style="width: 2%"></td>
</tr>
<tr>
<td class="block107"></td>
<td class="block108"></td>
<td class="block109"></td>
</tr>
</table>
<?php
}
if (isset($_GET['vostanovlenie']) && isset($_GET['email'])) {
$code = rand(111111, 999999);
$userE = 1;
$email = $_GET['email'];
$userCOUNTe = $mc->query("SELECT COUNT(*) FROM `users` WHERE `email` = '" . $_GET['email'] . "'")->fetch_array(MYSQLI_ASSOC);
$userInfoE = $mc->query("SELECT * FROM `users` WHERE `email`")->fetch_array(MYSQLI_ASSOC);
if ($userCOUNTe['COUNT(*)'] > 1) {
$userE = "*";
}
if ($mc->query("INSERT INTO `code_mail` (`code`,`id_user`,`email`) VALUES('" . $code . "','" . $userE . "','" . $email . "')")) {
$date = date("h:i");
$time = date("d.m.20y");
$headers = "<head>MIME-Version: 1.0rn";
$headers .= "Content-type: text/html; charset=utf-8rn</head>";
$htmlpismo = "<div style='background-color:#C8AC70;'>Здравствуйте," . $user['name'] . "<br><b> Ваш код:</b> " . $code . "</br><br><b> Дата: </b>" . $time . "</br><br><b> Время:</b> " . $date . "</br><br><b> Сервер: mobitva2.0 n по всем вопросам писать на support@mobitva2.online<b><br><center>
<img src='https://mobitva2.online/images/logo2.png'></div></br>";
if (preg_match("/[0-9a-z]+@[a-z]/", $email)) {
if($mc->query("SELECT * FROM `users` WHERE `email` = '".$email."'")->fetch_array(MYSQLI_ASSOC)){
mail($email, "Mobitva 2", $htmlpismo, $headers);
?><script>showContent("/index.php?goEmail&email=<?= $email; ?>");</script><?php
}else{
message("Почта не привязана");
}
}else{
message(" почта введена некорректно");
}
}
}
if (isset($_GET['goEmail']) && isset($_GET['email'])) {
message("На указанный Почтовый адрес отправлен код для восстановления персонажей");
?><table class="table_block2">
<tr>
<td class="block101" style="width: 2%"></td>
<td class="block102" style="width: 96%"></td>
<td class="block103" style="width: 2%"></td>
</tr>
<tr>
<td class="block104" style="width: 2%"></td>
<td class="block105" style="width: 96%;text-align: center;"
<p>Введите код в форму ниже:</p>
<input style="text-align: center;" class="buttonregInput" type="text" id="code" maxlength="50" value="" placeholder="Код восстановления">
<button class="button_alt_01" onclick="showContent('/index.php?gEmail&email=<?= $_GET['email']; ?>&code=' + $('#code').val())">Отправить</button>
<td class="block106" style="width: 2%"></td>
</tr>
<tr>
<td class="block107"></td>
<td class="block108"></td>
<td class="block109"></td>
</tr>
</table><?php
}
$array = [];
if (isset($_GET['gEmail']) && isset($_GET['code']) && isset($_GET['email'])) {
$CODES = $mc->query("SELECT * FROM `code_mail` WHERE `code` = '" . $_GET['code'] . "' AND `email` = '" . $_GET['email'] . "'")->fetch_array(MYSQLI_ASSOC);
if (preg_match("/[0-9a-z]+@[a-z]/", $_GET['email'])) {
if ((int) $_GET['code'] == (int) $CODES['code']) {
if ($CODES['id_user'] == "*" || $CODES['id_user'] == 1) {
$account = $mc->query("SELECT * FROM `users` WHERE `email` = '" . $CODES['email'] . "' OR `email` = '" . $_GET['email'] . "'")->fetch_all(MYSQLI_ASSOC);
?><center>Выбор персонажа
<table class="table_block2">
<tr>
<td class="block101" style="width: 2%"></td>
<td class="block102" style="width: 96%"></td>
<td class="block103" style="width: 2%"></td>
</tr>
<tr>
<td class="block104" style="width: 2%"></td>
<td class="block105" style="width: 96%;text-align: center;"><?php
for ($i = 0; $i < count($account); $i++) {
// login,id_user,level,name,password
if ($mc->query("INSERT INTO `code_user` (`id_user`,`login`,`password`,`level`,`side`,`name`, `email`)VALUES('" . $account[$i]['id'] . "','" . $account[$i]['login'] . "','" . $account[$i]['password'] . "','" . $account[$i]['level'] . "','" . $account[$i]['side'] . "','" . $account[$i]['name'] . "', '". $_GET['email'] ."')")) {
?>
<a onclick="showContent('index.php?gEmail=<?= $_GET['email']; ?>&code=<?= $_GET['code']; ?>&onclick&arr=<?= $account[$i]['id']; ?>')"><?= $account[$i]['name']; ?> [<?= $account[$i]['level']; ?>]</a><br>
<?php
}
}
?>
<td class="block106" style="width: 2%"></td>
</tr>
<tr>
<td class="block107"></td>
<td class="block108"></td>
<td class="block109"></td>
</tr>
</table></center><?php
}
} else {
message("error 1149");
}
} else {
message("error 0094");
}
}
if (isset($_GET['gEmail']) && isset($_GET['onclick']) && isset($_GET['code']) && isset($_GET['arr'])) {
?>
<?php
$CODES = $mc->query("SELECT COUNT(*) FROM `code_mail` WHERE `code` = '" . $_GET['code'] . "' AND `email` = '" . $_GET['gEmail'] . "'")->fetch_array(MYSQLI_ASSOC);
$acc = $mc->query("SELECT *, COUNT(*) FROM `code_user` WHERE `id_user` = '" . $_GET['arr'] . "' AND `email` = '". $_GET['gEmail'] ."'")->fetch_array(MYSQLI_ASSOC);
if($CODES['COUNT(*)'] == 0 || $acc['COUNT(*)'] == 0)
{
$mc->query("DELETE FROM `code_user` WHERE `id_user` = '" . $_GET['arr'] . "'");
$mc->query("DELETE FROM `code_mail` WHERE `email` = '" . $_GET['gEmail'] . "'");
?><script>showContent('index.php?')</script><?php
exit(0);
}
$ii = rand(0, 50);
$newid = $acc['id_user'] * $ii;
?><center>-Изменение пароля-</center>
<table class="table_block2">
<tr>
<td class="block101" style="width: 2%"></td>
<td class="block102" style="width: 96%"></td>
<td class="block103" style="width: 2%"></td>
</tr>
<tr>
<td class="block104" style="width: 2%"></td>
<td class="block105" style="width: 96%;text-align: center;">
<center><?= $acc['name']; ?> [<?= $acc['level']; ?>]</center><br>
Логин: <?= $acc['login']; ?><br>
Новый пароль:<br>
<input style="text-align: center;" class="buttonregInput" type="text" id="pass1" maxlength="50" value="" placeholder=""><br>
Новый пароль ещё раз:<br>
<input style="text-align: center;" class="buttonregInput" type="text" id="pass2" maxlength="50" value="" placeholder="">
<button class="button_alt_01" onclick="showContent('/index.php?data&id=<?= $newid; ?>&cl=<?= $ii; ?>&pass1=' + $('#pass1').val() + '&pass2=' + $('#pass2').val())">Отправить</button>
<td class="block106" style="width: 2%"></td>
</tr>
<tr>
<td class="block107"></td>
<td class="block108"></td>
<td class="block109"></td>
</tr>
</table>
<?php
}
if (isset($_GET['data']) && isset($_GET['id']) && isset($_GET['pass1']) && isset($_GET['pass2']) && isset($_GET['cl'])) {
if ($_GET['pass1'] == $_GET['pass2']) {
$uid = $_GET['id'] / $_GET['cl'];
$pass00 = md5($_GET['pass1']);
$count = $mc->query("SELECT COUNT(*) FROM `users` WHERE `id` = '" . $uid . "'")->fetch_array(MYSQLI_ASSOC);
$accc = $mc->query("SELECT * FROM `users` WHERE `id` = '" . $uid . "'")->fetch_array(MYSQLI_ASSOC);
if ($count['COUNT(*)'] > 0) {
if ($mc->query("UPDATE `users` SET `password` = '" . $pass00 . "' WHERE `id` = '" . $uid . "'")) {
message("Успешно");
if ($mc->query("DELETE FROM `code_user` WHERE `id_user` = '" . $uid . "'")) {
$mc->query("DELETE FROM `code_mail` WHERE `email` = '" . $accc['email'] . "'");
?><script>showContent('index.php')</script><?php
}
} else {
message("ПЛОХОЙ ХАКЕР");
if ($mc->query("DELETE FROM `code_user` WHERE `id_user` = '" . $uid . "'")) {
$mc->query("DELETE FROM `code_mail` WHERE `email` = '" . $accc['email'] . "'");
?><script>showContent('index.php')</script><?php
}
}
}
} else {
message("пароли не совпадают");
}
}
if (isset($_GET['login']) && isset($_GET['password'])) {
$login = urldecode($_GET['login']);
$pass = $_GET['password'];
//получить параметры героя 1 запись взять
$result = $mc->query("SELECT * FROM `users` WHERE `login` = '$login' AND `password` = '" . md5($pass) . "' ORDER BY `id` DESC LIMIT 1");
if ($result->num_rows) {
$resulddb = $result->fetch_array(MYSQLI_ASSOC);
setcookie('login', urlencode($resulddb['login']), time() + 2592000, '/');
setcookie('password', md5($pass), time() + 2592000, '/');
?>
<script>/*nextshowcontemt*/showContent("/main.php?initGame");</script>
<?php
exit(0);
} else if (empty($login)) {
message('Введите логин');
} else if (empty($pass)) {
message('Введите пароль');
} else {
message('<div style="color: red;">Пользователь не существует</div>');
}
}
if (!$user['id']) {
if (isset($_GET['init'])) {
message("пройдите регистрацию или войдите в свой игровой аккаунт");
}
}
?>
<style type="text/css">
.buttonreg{
position: relative;
text-align: center;
}
.buttonreg:hover{
opacity: 0.5;
}
.buttonregText{
outline: 0 !important;
pointer-events: none;
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
color:#f8b334;
}
.buttonregImg{
width: 300px;
height: 50px;
}
.buttonregInputBlock{
text-align: center;
margin: auto;
}
.buttonregInput{
width: 280px;
height: 50px;
}
</style>
<body>
<?php
if (!isset($_GET['gEmail']) && !isset($_GET['onclick']) && !isset($_GET['arr']) && !isset($_GET['cl'])) {
if (!isset($_GET['vostanovlenie']) && !isset($_GET['email'])) {
if (!isset($_GET['goEmail']) && !isset($_GET['email'])) {
?>
<center>
<div class="line">
</div>
<div>
<img src="images/logo2.png" alt="" style="width: 320px;margin-top:-5px;margin-bottom:-56px;"/>
</div>
<div class="buttonregInputBlock">
<div style="padding-bottom: 6px;">
<input style="text-align: center;" class="buttonregInput" type="text" id="login" maxlength="50" value="" placeholder="Логин">
</div>
<div style="padding-bottom: 6px;">
<input style="text-align: center;" class="buttonregInput" type="password" id="password" maxlength="50" value="" placeholder="Пароль">
</div>
</div>
<div class="buttonreg" style="padding-bottom: 6px;">
<div class="buttonregText" >Вход</div>
<div><input class="buttonregImg butt1" src="/img/buttonreg.png" type="image"></div>
</div>
<div class="buttonreg" style="padding-bottom: 6px;">
<div class="buttonregText" >Регистрация</div>
<div><input class="buttonregImg" src="/img/buttonreg.png" type="image" onclick="showContent('/registration')"></div>
</div>
<a onclick="showContent('/index.php?vostanovlenie')">Забыли пароль?</a>
<br>
<br>
<a href="app.apk" download>
<div class="button_alt_01" style="max-width: 320px;">-Скачать Android Приложение-</div>
</a>
</center>
<script>
$(".butt1").click(function () {
showContent(
"?" +
"login=" + encodeURIComponent($("#login").val()) +
"&password=" + encodeURIComponent($("#password").val())
);
});
</script>
<?php
}
}
}
$footval = 'indexnone';
require_once ('system/foot/foot.php');