<?php
if(!defined('AWM'))
die('Nope.');
if(Config::isLogged()) header('Location: ' . Config::$_PAGE_URL . 'profile');
if(isset($_POST['login_submit'])) {
if(!$_POST['login_username'] || !$_POST['login_password']) {
echo '<font color="red"><b>Complete all fields.</b></font>';
} else {
$q = Config::$g_con->prepare('SELECT `reg_id` FROM `players` WHERE `name` = ? AND `pass` = ?');
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password']))));
if($q->rowCount()) {
$row = $q->fetch(PDO::FETCH_OBJ);
$_SESSION['awm_user'] = $row->playerID;
echo '<font color="green"><b>You have successfully logged in. You will be redirected in <b>3</b> seconds.</b></font><br><br>';
echo '<meta http-equiv="refresh" content="3;URL=\''.Config::$_PAGE_URL.'profile\'/>';
}
else echo '<font color="red"><b>Invalid username or password.</b></font>';
}
}
?>
<link href="http://redpanel.bugged.ro/css/font-awesome.min.css" media="all" type="text/css" rel="stylesheet">
<br><br>
<form action="" method="post" >
<input type="text" placeholder="Username" id="login_username" name="login_username" /> <br>
<input type="password" placeholder="Password" id="login_password" name="login_password" /> <br>
<input type="submit" value="Login" id="login_submit" name="login_submit">
</form>
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password']))));
|
Originally Posted by Vince
 I don't know how you would do that without first knowing the original password because it is impossible to reverse a hash (brute force/rainbow tables excluded). You can only do the conversion once a player successfully logs in and you'd need to have a transition period where you have two columns in your database: one with the original hash and one with the new hash and you've have to write some extra code that actually does the conversion. Depending on how often your users log in that transition period might span multiple week or months. You can also change the algorithm right now but then all passwords will become useless instantly and no-one will be able to log in. So if you fancy sending a password reset link to a million users you can also try that.
|
This page isn’t working *********.com is currently unable to handle this request. HTTP ERROR 500
<?php
include 'includes/config.php';
include 'includes/header.php';
checkForLogin();
if(!isset($_GET['id']))
{
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';
exit;
}
$charaID = $_GET['id'];
$sesuID = $_SESSION['uID'];
$query = $con->prepare("SELECT * from players where reg_id = '$charaID'");
$query->execute();
$gData = $query->fetch();
if($gData['reg_id'] != $sesuID)
{
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';
exit;
}
?>
<div class="row">
<div class="col-md-12">
<h1 class="page-header">
<?php echo $gData['name']; ?>
</h1>
</div>
</div>
<div class="row">
<div class="col-lg-2">
<img src="../skins/Skin_<?php echo $gData['saveskin']; ?>.png" style="height:300px;">
</div>
<div class="col-lg-8">
<div class="panel panel-default">
<div class="panel-body">
<div class="row">
<div class="col-lg-6">
Status: <?php if($gData['active'] == 1)
{
echo '<span style="color:#00FF00";>ONLINE</span>'
}
else
{
echo '<span style="color:#FF0000";>OFFLINE</span>'
} ?>
<hr />
Playing Time: <?php echo($gData['hours']); ?> Hours, <?php echo($gData['minutes']); ?> Minutes and <?php echo($gData['seconds']); ?> Seconds
<hr />
Premium: <?php if($gData['premium'] == 1)
{
echo '<span style="color:#00FF00";>PREMIUM</span>'
}
else if($gData['premium'] == 2)
{
echo '<span style="color:#00FF00";>PREMIUM 2</span>'
}
else if($gData['premium'] == 3)
{
echo '<span style="color:#00FF00";>VIP</span>'
}
else if($gData['premium'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Helper: <?php if($gData['helper'] == 1)
{
echo '<span style="color:#00FF00";>HELPER</span>'
}
else if($gData['helper'] == 2)
{
echo '<span style="color:#00FF00";>MAPPER</span>'
}
else if($gData['helper'] == 3)
{
echo '<span style="color:#00FF00";>DEVELOPER</span>'
}
else if($gData['helper'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Admin: <?php if($gData['adminlevel'] == 1)
{
echo '<span style="color:#00FF00";>MODERATOR</span>'
}
else if($gData['adminlevel'] == 2)
{
echo '<span style="color:#00FF00";>ADMIN</span>'
}
else if($gData['adminlevel'] == 3)
{
echo '<span style="color:#00FF00";>SENIOR ADMIN</span>'
}
else if($gData['adminlevel'] == 4)
{
echo '<span style="color:#00FF00";>HEAD ADMIN</span>'
}
else if($gData['adminlevel'] == 5)
{
echo '<span style="color:#00FF00";>SERVER OWNER</span>'
}
else if($gData['adminlevel'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Score: <?php echo number_format($gData['score']); ?>
<hr />
Cookies: <?php echo number_format($gData['cookies']); ?>
<hr />
Money: $<?php echo number_format($gData['money']); ?>
<hr />
Bank Money: $<?php echo number_format($gData['bmoney']); ?>
<hr />
Total Money: $<?php echo number_format($gData['money'] + $gData['bmoney']); ?>
<hr />
Group ID: <?php echo number_format($gData['group_id']); ?>
<hr />
Group Rank: <?php echo number_format($gData['group_rank']); ?>
<hr />
Member since: <?php echo $gData['reg_time']); ?>
<hr />
Last login: <?php echo $gData['last_time']); ?>
<hr />
Kills: <?php echo number_format($gData['kills']); ?>
<hr />
Deaths: <?php echo number_format($gData['deaths']); ?>
<hr />
Kill/Death Ratio: <?php echo number_format($gData['kills'] / $gData['kills']); ?>
<hr />
House ID: <?php echo number_format($gData['house_id']); ?>
<hr />
</div>
</div>
</div>
</div>
</div>
</div>
<?php
include 'includes/footer.php';
?>