From 4ff4872142164869b4c29ab33916f713ac58030a Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve Date: Sat, 27 Feb 2021 15:25:17 -0500 Subject: [PATCH] Convert line endings from MAC to UNIX --- include/import.csv.php | 57 ++- preferences.php | 3 +- register/admin_index.php | 327 ++++++++++------ register/auth_check_header.php | 165 +++++--- register/checklogin.php | 192 ++++++--- register/delete_this.php | 207 ++++++---- register/delete_user.php | 195 ++++++---- register/delete_user_confirm.php | 153 +++++--- register/edit_user.php | 450 ++++++++++++++------- register/edit_user_save.php | 240 ++++++++---- register/email_password.php | 162 +++++--- register/email_password_sender.php | 216 ++++++---- register/email_sent.php | 75 ++-- register/include_menu.php | 3 +- register/linktick.php | 123 ++++-- register/login.php | 189 ++++++--- register/login_failed.php | 69 ++-- register/logout.php | 57 ++- register/master_inc.php | 36 +- register/readme.php | 177 ++++++--- register/reset_password.php | 369 ++++++++++++------ register/reset_password_save.php | 120 ++++-- register/router.php | 180 ++++++--- register/sample_page.php | 99 +++-- register/traffic.php | 606 +++++++++++++++++++---------- register/user_add.form.php | 27 +- register/user_add.php | 51 ++- register/user_add_errors.php | 168 +++++--- register/user_add_sso.php | 162 +++++--- 29 files changed, 3270 insertions(+), 1608 deletions(-) diff --git a/include/import.csv.php b/include/import.csv.php index 2cd271c..4a0f5c7 100644 --- a/include/import.csv.php +++ b/include/import.csv.php @@ -1 +1,56 @@ - 0 ? $chars[0] : " "); foreach($chars as $char) { $new_count = substr_count($testString, $char); if($new_count > $max_count) { $max_count = $new_count; $the_char = $char; } } return $the_char; } $test_line = $file_lines[0]; // // Detect the most probable delimiter. // $delim = maxChar($delims, $test_line); $quote = maxChar($quotes, $test_line); // // Re-Conncat the file-lines // $input = implode("\n", $file_lines)."\n"; // // Setup and run the parser // include "lib/parsecsv.lib.php"; $csv = new parseCSV(); $csv->delimiter = $delim; $csv->enclosure = $quote; $csv->file_data = &$input; $this->data = $csv->parse_string(); // // Convert the array to addresses // $this->convertToAddresses(); } } ?> \ No newline at end of file + 0 ? $chars[0] : " "); + foreach($chars as $char) { + $new_count = substr_count($testString, $char); + if($new_count > $max_count) { + $max_count = $new_count; + $the_char = $char; + } + } + + return $the_char; + } + + $test_line = $file_lines[0]; + + // + // Detect the most probable delimiter. + // + $delim = maxChar($delims, $test_line); + $quote = maxChar($quotes, $test_line); + + // + // Re-Conncat the file-lines + // + $input = implode("\n", $file_lines)."\n"; + + // + // Setup and run the parser + // + include "lib/parsecsv.lib.php"; + $csv = new parseCSV(); + $csv->delimiter = $delim; + $csv->enclosure = $quote; + $csv->file_data = &$input; + $this->data = $csv->parse_string(); + + // + // Convert the array to addresses + // + $this->convertToAddresses(); + } +} +?> \ No newline at end of file diff --git a/preferences.php b/preferences.php index af6eb1b..1c030d0 100644 --- a/preferences.php +++ b/preferences.php @@ -16,7 +16,8 @@ echo "\n"; } ?>

- --> + --> + -   - - - - -

- - "; - - -$query = "SELECT * FROM users WHERE (`id` LIKE \"%$var%\" OR `username` LIKE \"%$var%\" OR `password` LIKE \"%$var%\" OR `email` LIKE \"%$var%\" OR `lastname`LIKE \"%$var%\" OR `firstname`LIKE \"%$var%\") ORDER BY `id` desc"; - -$numresults=mysqli_query($db, $query); -$numrows=mysqli_num_rows($numresults); - -// get results -$result = mysqli_query($query) or die("Couldn't execute query"); - -// now you can display the results returned -while ($row= mysqli_fetch_array($result)) { - -$id= $row["id"]; -$username= $row["username"]; -$password= $row["password"]; -$lastname= $row["lastname"]; -$firstname= $row["firstname"]; -$phone= $row["phone"]; -$email= $row["email"]; -$permissions = $row["permissions"]; -$email_sub = substr($email, 0, 50); - - - $row_color = ($row_count % 2) ? $color1 : $color2; -//DISPLAY DATA HERE_____________ - -echo " - - - - "; - $row_count++; -} - - -echo""; - - - ?> -

-

 

- -

- - -
- - - - - - - - -
$username$lastname, $firstname$phone$email_sub$permissionsedit
-
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + - -
+ + Admin Index
+ +
+ +
+ +
+ +
+ +

+ + + + | Traffic Report

+ +
+ + + + + + + + + +
+ + + +   + + + +
+ +

+ + + + "; + + + + + +$query = "SELECT * FROM users WHERE (`id` LIKE \"%$var%\" OR `username` LIKE \"%$var%\" OR `password` LIKE \"%$var%\" OR `email` LIKE \"%$var%\" OR `lastname`LIKE \"%$var%\" OR `firstname`LIKE \"%$var%\") ORDER BY `id` desc"; + + + +$numresults=mysqli_query($db, $query); + +$numrows=mysqli_num_rows($numresults); + + + +// get results + +$result = mysqli_query($query) or die("Couldn't execute query"); + + + +// now you can display the results returned + +while ($row= mysqli_fetch_array($result)) { + + + +$id= $row["id"]; + +$username= $row["username"]; + +$password= $row["password"]; + +$lastname= $row["lastname"]; + +$firstname= $row["firstname"]; + +$phone= $row["phone"]; + +$email= $row["email"]; + +$permissions = $row["permissions"]; + +$email_sub = substr($email, 0, 50); + + + + + + $row_color = ($row_count % 2) ? $color1 : $color2; + +//DISPLAY DATA HERE_____________ + + + +echo " + + + + + + + + "; + + $row_count++; + +} + + + + + +echo""; + + + + + + ?> + +

+ +

 

+ + + +

+ + + + + +
+ + + + + + + + + + + + + + + + + +
$username$lastname, $firstname$phone$email_sub$permissionsedit
+ +
+ +
+ +
+ +
+ + + + + diff --git a/register/auth_check_header.php b/register/auth_check_header.php index 21cdf6d..f893170 100644 --- a/register/auth_check_header.php +++ b/register/auth_check_header.php @@ -1,56 +1,111 @@ -'$threshold'"; - -} - -$result=mysqli_query($db,$sql); - -// mysqli_num_row is counting table rows - -$count=mysqli_num_rows($result); - -// If result matches $myusername and $mypassword, table row must be 1 row - -if($count==0){ - -{ - -header("location:login.php"); - -} - -} - -$query = "SELECT * FROM users WHERE `username`='$username_from_cookie'"; - -$numresults=mysqli_query($db, $query); -$numrows=mysqli_num_rows($numresults); - -// get results -$result = mysqli_query($query) or die("Couldn't execute query"); - -// now you can display the results returned -while ($row= mysqli_fetch_array($result)) { - -$permissions= $row["permissions"]; - -} - -//end Chris Carr Auth Check Header - -$username = $username_from_cookie; - +'$threshold'"; + + + +} + + + +$result=mysqli_query($db,$sql); + + + +// mysqli_num_row is counting table rows + + + +$count=mysqli_num_rows($result); + + + +// If result matches $myusername and $mypassword, table row must be 1 row + + + +if($count==0){ + + + +{ + + + +header("location:login.php"); + + + +} + + + +} + + + +$query = "SELECT * FROM users WHERE `username`='$username_from_cookie'"; + + + +$numresults=mysqli_query($db, $query); + +$numrows=mysqli_num_rows($numresults); + + + +// get results + +$result = mysqli_query($query) or die("Couldn't execute query"); + + + +// now you can display the results returned + +while ($row= mysqli_fetch_array($result)) { + + + +$permissions= $row["permissions"]; + + + +} + + + +//end Chris Carr Auth Check Header + + + +$username = $username_from_cookie; + + + ?> \ No newline at end of file diff --git a/register/checklogin.php b/register/checklogin.php index 3eabf55..fe2ef0d 100644 --- a/register/checklogin.php +++ b/register/checklogin.php @@ -1,64 +1,128 @@ -"; - -//$sql="SELECT * FROM agents WHERE username='$urlun' and password='$urlpw'"; -$sql="SELECT * FROM users WHERE username='$urlun' and password='$cleanpw'"; - -$result=mysqli_query($db,$sql); - -// mysqli_num_row is counting table rows - -$count=mysqli_num_rows($result); - -// If result matches $myusername and $mypassword, table row must be 1 row - -//echo"Count:$count
"; - -if($count==1){ - -// Register $myusername and redirect to file designated success file - -$cookie_name ="$cookiename"; - -$cookie_value ="$urlun"; - -//set to 24 hours - -$cookie_expire ="86400"; - -setcookie($cookie_name,$cookie_value,time() + (86400),"/", $cookie_domain); - -header("location:$successful_login_url"); - -}else{ - -header("location:$failed_login"); - -} - - -?> - - - - - +"; + + + +//$sql="SELECT * FROM agents WHERE username='$urlun' and password='$urlpw'"; + +$sql="SELECT * FROM users WHERE username='$urlun' and password='$cleanpw'"; + + + +$result=mysqli_query($db,$sql); + + + +// mysqli_num_row is counting table rows + + + +$count=mysqli_num_rows($result); + + + +// If result matches $myusername and $mypassword, table row must be 1 row + + + +//echo"Count:$count
"; + + + +if($count==1){ + + + +// Register $myusername and redirect to file designated success file + + + +$cookie_name ="$cookiename"; + + + +$cookie_value ="$urlun"; + + + +//set to 24 hours + + + +$cookie_expire ="86400"; + + + +setcookie($cookie_name,$cookie_value,time() + (86400),"/", $cookie_domain); + + + +header("location:$successful_login_url"); + + + +}else{ + + + +header("location:$failed_login"); + + + +} + + + + + +?> + + + + + + + + + + + diff --git a/register/delete_this.php b/register/delete_this.php index 4561319..962e376 100644 --- a/register/delete_this.php +++ b/register/delete_this.php @@ -1,69 +1,138 @@ - - - - -Untitled Document - - - - - - - - - - - - - - - - - - - - - - -

readyclip.com logo - -
- - + + + + + + + + +Untitled Document + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
readyclip.com logo + + + +
+ + + + + diff --git a/register/delete_user.php b/register/delete_user.php index 2eaeaf0..65ec7c5 100644 --- a/register/delete_user.php +++ b/register/delete_user.php @@ -1,65 +1,130 @@ - - - - - - -AMS Agent Index - - - - - - - -
- Delete User
-
-
-
-
-

-

- Successfully deleted the entry." ); -} -else -{ -die( "Error: Could not delete entry: " . mysqli_error() ); -} - - - - ?> -

- - - - -
- - -
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + + + + +
+ + Delete User
+ +
+ +
+ +
+ +
+ +

+ +

+ + Successfully deleted the entry." ); + +} + +else + +{ + +die( "Error: Could not delete entry: " . mysqli_error() ); + +} + + + + + + + + ?> + +

+ + + + + + + + + +
+ + + + + +
+ +
+ +
+ +
+ + + + + diff --git a/register/delete_user_confirm.php b/register/delete_user_confirm.php index df0137f..64b1407 100644 --- a/register/delete_user_confirm.php +++ b/register/delete_user_confirm.php @@ -1,51 +1,102 @@ - - - - - - -AMS Agent Index - - - - - - - -
- Delete User
-
-
-
-
-

-

-
Are you sure you want to delete user ID: $id?

No

Yes
"; - - - ?> -

- - - - -
- - -
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + + + + +
+ + Delete User
+ +
+ +
+ +
+ +
+ +

+ +

+ +
Are you sure you want to delete user ID: $id?

No

Yes
"; + + + + + + ?> + +

+ + + + + + + + + +
+ + + + + +
+ +
+ +
+ +
+ + + + + diff --git a/register/edit_user.php b/register/edit_user.php index b1200e8..528c034 100644 --- a/register/edit_user.php +++ b/register/edit_user.php @@ -1,150 +1,300 @@ - - - - - - -AMS Agent Index - - - - - - - -
- Edit User
-
-
-
-
-

-
- - - - -
-

  - "; - - -$query = "SELECT * FROM users WHERE `id`='$id'"; - -$numresults=mysqli_query($query); -$numrows=mysqli_num_rows($numresults); - -// get results -$result = mysqli_query($query) or die("Couldn't execute query"); - -// now you can display the results returned -while ($row= mysqli_fetch_array($result)) { - -$id= $row["id"]; -$username= $row["username"]; -$password= $row["password"]; -$lastname= $row["lastname"]; -$firstname= $row["firstname"]; -$phone= $row["phone"]; -$notes= $row["notes"]; -$email= $row["email"]; -$permissions= $row["permissions"]; -$email_sub = substr($email, 0, 50); - -} - - -echo""; - - - ?> -

-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ID -
Username -
Password -
Lastname - -
Firstname - -
Phone - -
Email - -
Permissions - -
Notes

- -

-

- -

-

 

-

Delete User

-
-

- -

 

-

- -

-

 

-

 

-
-

-
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + + + + +
+ + Edit User
+ +
+ +
+ +
+ +
+ +

+ +
+ + + + + + + + + +
+ +

  + + "; + + + + + +$query = "SELECT * FROM users WHERE `id`='$id'"; + + + +$numresults=mysqli_query($query); + +$numrows=mysqli_num_rows($numresults); + + + +// get results + +$result = mysqli_query($query) or die("Couldn't execute query"); + + + +// now you can display the results returned + +while ($row= mysqli_fetch_array($result)) { + + + +$id= $row["id"]; + +$username= $row["username"]; + +$password= $row["password"]; + +$lastname= $row["lastname"]; + +$firstname= $row["firstname"]; + +$phone= $row["phone"]; + +$notes= $row["notes"]; + +$email= $row["email"]; + +$permissions= $row["permissions"]; + +$email_sub = substr($email, 0, 50); + + + +} + + + + + +echo""; + + + + + + ?> + +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ID + +
Username + +
Password + +
Lastname + + + +
Firstname + + + +
Phone + + + +
Email + + + +
Permissions + + + +
Notes

+ + + +

+ +

+ + + +

+ +

 

+ +

Delete User

+ +
+ +

+ + + +

 

+ +

+ + + +

+ +

 

+ +

 

+ +
+ +

+ +
+ +
+ +
+ +
+ + + + + diff --git a/register/edit_user_save.php b/register/edit_user_save.php index 616bc96..6810928 100644 --- a/register/edit_user_save.php +++ b/register/edit_user_save.php @@ -1,80 +1,160 @@ - - - - - - -AMS Agent Index - - - - - - - -
- Edit User
-
-
-
-
-

Admin Index | Traffic Report| Logout

- - - - - -
Your changes have been made sucessfully." ); -} -else -{ -die( "Trouble saving information to the database: " . mysqli_error() ); -} - - - - - - ?> -
- - -
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + + + + +
+ + Edit User
+ +
+ +
+ +
+ +
+ +

Admin Index | Traffic Report| Logout

+ + + + + + + + + + + +
Your changes have been made sucessfully." ); + +} + +else + +{ + +die( "Trouble saving information to the database: " . mysqli_error() ); + +} + + + + + + + + + + + + ?> + +
+ + + + + +
+ +
+ +
+ +
+ + + + + diff --git a/register/email_password.php b/register/email_password.php index 9dcc9a8..9ec2b8e 100644 --- a/register/email_password.php +++ b/register/email_password.php @@ -1,54 +1,108 @@ - - - - -Untitled Document - - - - - - - -
- -
- -
- -
-
- Reset Password Via Email

-
-
-
-
-
-
Email Address Associated with this account
-
- - -
-
-

- -

-

I remember now. Back to Login

-

-

 

-

 

-

- -
-
-
- -
-


-

-
-
-
-
- - + + + + + + + + +Untitled Document + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ +
+ + Reset Password Via Email

+ +
+ +
+ +
+ +
+ +
+ +
Email Address Associated with this account
+ +
+ + + + + +
+ +
+ +

+ + + +

+ +

I remember now. Back to Login

+ +

+ +

 

+ +

 

+ +

+ + + +
+ +
+ +
+ + + +
+ +


+ +

+ +
+ +
+ +
+ +
+ + + + + diff --git a/register/email_password_sender.php b/register/email_password_sender.php index 9bd66a1..ce63278 100644 --- a/register/email_password_sender.php +++ b/register/email_password_sender.php @@ -1,72 +1,144 @@ -Sorry but we don't have that email in our system. Please try again. Thank you!"); - -}else{ - - //comes from config which pulls from /inc - $email_body = $forgot_password_email; -} - -$from = $from_email; -$reply_to = $reply_to_email; -$return_path = $return_path_email; - -$to = $email; - -$subject = $forgot_password_email_subject; - -//***attaches view tracker to link tracked code*** - CCC -$mailbody= "$email_body"; - -//____________________________Begin Multipart Mail Sender -//add From: header -$headers = "From:$from\nReply-to:$reply_to\nReturn-path:$return_path\nJobID:$date\n"; - -//specify MIME version 1.0 -$headers .= "MIME-Version: 1.0\n"; - -//unique boundary -$boundary = uniqid("HTMLDEMO8656856"); - -//tell e-mail client this e-mail contains//alternate versions -$headers.="X-Priority: 3\n"; -$headers.="Content-Type: multipart/alternative; boundary=\"".$boundary."\"\n"; -$headers.="Content-Transfer-Encoding: 7bit\n"; - -//message to people with clients who don't -//understand MIME -$headers .= "This is a MIME encoded message.\n\n"; - -//plain text version of message -$headers .= "--$boundary\n" . - "Content-Type: text/plain; charset=ISO-8859-1\r\n" . - "Content-Transfer-Encoding: base64\n\n"; -$headers .= chunk_split(base64_encode("$mailbody")); - -//HTML version of message -$headers .= "--$boundary\n" . - "Content-Type: text/html; charset=ISO-8859-1\n" . - "Content-Transfer-Encoding: base64\n\n"; -$headers .= chunk_split(base64_encode("$mailbody")); - -//send message - -If (mail("$to", "$subject", "", $headers)) -{ -echo"An account verification link has been sent to $email. This link will allow you to reset your password

Emails may take up to 10 minutes to arrive. Check your spam folder also and whitelist this site if you find our message there. Thanks! -Back to login
"; -} -?> +Sorry but we don't have that email in our system. Please try again. Thank you!"); + + + +}else{ + + + + //comes from config which pulls from /inc + + $email_body = $forgot_password_email; + +} + + + +$from = $from_email; + +$reply_to = $reply_to_email; + +$return_path = $return_path_email; + + + +$to = $email; + + + +$subject = $forgot_password_email_subject; + + + +//***attaches view tracker to link tracked code*** - CCC + +$mailbody= "$email_body"; + + + +//____________________________Begin Multipart Mail Sender + +//add From: header + +$headers = "From:$from\nReply-to:$reply_to\nReturn-path:$return_path\nJobID:$date\n"; + + + +//specify MIME version 1.0 + +$headers .= "MIME-Version: 1.0\n"; + + + +//unique boundary + +$boundary = uniqid("HTMLDEMO8656856"); + + + +//tell e-mail client this e-mail contains//alternate versions + +$headers.="X-Priority: 3\n"; + +$headers.="Content-Type: multipart/alternative; boundary=\"".$boundary."\"\n"; + +$headers.="Content-Transfer-Encoding: 7bit\n"; + + + +//message to people with clients who don't + +//understand MIME + +$headers .= "This is a MIME encoded message.\n\n"; + + + +//plain text version of message + +$headers .= "--$boundary\n" . + + "Content-Type: text/plain; charset=ISO-8859-1\r\n" . + + "Content-Transfer-Encoding: base64\n\n"; + +$headers .= chunk_split(base64_encode("$mailbody")); + + + +//HTML version of message + +$headers .= "--$boundary\n" . + + "Content-Type: text/html; charset=ISO-8859-1\n" . + + "Content-Transfer-Encoding: base64\n\n"; + +$headers .= chunk_split(base64_encode("$mailbody")); + + + +//send message + + + +If (mail("$to", "$subject", "", $headers)) + +{ + +echo"An account verification link has been sent to $email. This link will allow you to reset your password

Emails may take up to 10 minutes to arrive. Check your spam folder also and whitelist this site if you find our message there. Thanks! + +Back to login
"; + +} + +?> + diff --git a/register/email_sent.php b/register/email_sent.php index a8fea5d..d3e6c2c 100644 --- a/register/email_sent.php +++ b/register/email_sent.php @@ -1,25 +1,50 @@ -"; - -// If result matches $myusername and $mypassword, table row must be 1 row - -if($count==0){ - -{ - -echo"Sorry but we don't have that email in our system. Please try again. Thank you!" - -} - -?> +"; + + + +// If result matches $myusername and $mypassword, table row must be 1 row + + + +if($count==0){ + + + +{ + + + +echo"Sorry but we don't have that email in our system. Please try again. Thank you!" + + + +} + + + +?> + diff --git a/register/include_menu.php b/register/include_menu.php index d6d1b4d..7546a05 100644 --- a/register/include_menu.php +++ b/register/include_menu.php @@ -1 +1,2 @@ -Admin Index | Logout +Admin Index | Logout + diff --git a/register/linktick.php b/register/linktick.php index 917dfcb..d257b0b 100644 --- a/register/linktick.php +++ b/register/linktick.php @@ -1,41 +1,82 @@ - $max))) - return FALSE; - return $string; -} - - - $site = $_REQUEST['site']; - $site = sanitize_paranoid_string($site); - - //Time & Date - $date = date ('m/d/y g:i a'); - - //IP Address - $ip = $_SERVER['REMOTE_ADDR']; - - $type = "link"; - - $query = "INSERT INTO `traffic` (`date`,`ip`,`link`,`notes`,`site`,`type`) - VALUES ( '$date','$ip','$link','$notes','$site','$type')"; - - // save the info to the database - $results = mysqli_query( $query ); - -$url = str_replace("316AMPERSAND316","&","$link"); - -//echo "URL: $url"; - -header ("Location: $url"); - - -?> + $max))) + + return FALSE; + + return $string; + +} + + + + + + $site = $_REQUEST['site']; + + $site = sanitize_paranoid_string($site); + + + + //Time & Date + + $date = date ('m/d/y g:i a'); + + + + //IP Address + + $ip = $_SERVER['REMOTE_ADDR']; + + + + $type = "link"; + + + + $query = "INSERT INTO `traffic` (`date`,`ip`,`link`,`notes`,`site`,`type`) + + VALUES ( '$date','$ip','$link','$notes','$site','$type')"; + + + + // save the info to the database + + $results = mysqli_query( $query ); + + + +$url = str_replace("316AMPERSAND316","&","$link"); + + + +//echo "URL: $url"; + + + +header ("Location: $url"); + + + + + +?> + diff --git a/register/login.php b/register/login.php index 35fbd8f..7896f65 100644 --- a/register/login.php +++ b/register/login.php @@ -1,63 +1,126 @@ - - - - -Untitled Document - - - - - - - -
-

-
- -
- -
-
- BasicLogin

-
-
-
-
-
-
Username
-
- - -
-
-
-
Password
-
- - -
-
-
- -

- -

-

Create a new account

-

Forgot Password / Change Password

-

 

-

 

-

- -
-
-
- -
-


-

-
-
-
-
- - + + + + + + + + +Untitled Document + + + + + + + + + + + + + + + +
+ +

+ +
+ + + +
+ + + +
+ +
+ + BasicLogin

+ +
+ +
+ +
+ +
+ +
+ +
Username
+ +
+ + + + + +
+ +
+ +
+ +
Password
+ +
+ + + + + +
+ +
+ +
+ + + +

+ + + +

+ +

Create a new account

+ +

Forgot Password / Change Password

+ +

 

+ +

 

+ +

+ + + +
+ +
+ +
+ + + +
+ +


+ +

+ +
+ +
+ +
+ +
+ + + + + diff --git a/register/login_failed.php b/register/login_failed.php index efd0e1f..1a98063 100644 --- a/register/login_failed.php +++ b/register/login_failed.php @@ -1,23 +1,46 @@ - - - - -Untitled Document - - - - - - - -
-


-
- Wrong Username / Password combination.
-
- Please try again. Thanks!

-


-

-
- - + + + + + + + + +Untitled Document + + + + + + + + + + + + + + + +
+ +


+ +
+ + Wrong Username / Password combination.
+ +
+ + Please try again. Thanks!

+ +


+ +

+ +
+ + + + + diff --git a/register/logout.php b/register/logout.php index a012290..8cc599b 100644 --- a/register/logout.php +++ b/register/logout.php @@ -1,19 +1,38 @@ - - - -


- You are now logged out
-
- Return to Login

+ + + + + + +


+ + You are now logged out
+ +
+ + Return to Login

+ diff --git a/register/master_inc.php b/register/master_inc.php index 9cba333..6827517 100644 --- a/register/master_inc.php +++ b/register/master_inc.php @@ -1,13 +1,25 @@ - \ No newline at end of file diff --git a/register/readme.php b/register/readme.php index 3e05a12..3462ef5 100644 --- a/register/readme.php +++ b/register/readme.php @@ -1,59 +1,118 @@ - - - - -Basic Login Readme - - - -
-

Basic Login is a basic PHP login script that can be downloaded used and modified under the general user public license provisions.  This is not a PHP login script for a government institution or fortune 500 company as it uses standard encryption and cookie based user identification that a determined hacker might exploit.  It is, however, perfect for a standard website that would benefit from a basic PHP to MySQL login script that is easy to deploy and uses standard methods of restricting access and granting permissions.

-

After writing countless PHP login scripts using various combinations of standard components tailored to the needs of the sites for which they were designed, I got wise and distilled the elements that I used most frequently into a basic application that can be easily uploaded and deployed on any project I was working on.  While there are no grand inventions happening here, Basic Login should do what you need it to do right out of the gate.  Features, functions and components are as follows:

-

PHP to MySQL structure
- Password encryption
- Email forgotten password hint
- Email password change/ recreation
- New user account creation with error handling
- User permission level control
- User login routing by permission on login
- Central configuration file
- Administrative user management report
- First user gets admin permissions

-

Using Basic Login is easy:

-
    -
  1. Download Basic Login files
  2. -
  3. Unzip Basic Login files
  4. -
  5. Upload Basic Login files to a directory of your choice
  6. -
  7. Create users table in MySQL:
    - Just run this query or cut and paste the following code into the SQL window of phpmyadmin or an equivalent MySQL control panel:
  8. -
-

CREATE TABLE `users` (
-  `id` int(11) NOT NULL auto_increment,
-  `username` varchar(50) NOT NULL default '',
-  `password` varchar(150) NOT NULL default '',
-  `password_hint` varchar(255) NOT NULL default '',
-  `lastname` varchar(50) NOT NULL default '',
-  `firstname` varchar(50) NOT NULL default '',
-  `email` varchar(100) NOT NULL default '',
-  `phone` varchar(50) NOT NULL default '',
-  `address1` varchar(100) NOT NULL default '',
-  `address2` varchar(100) NOT NULL default '',
-  `city` varchar(80) NOT NULL default '',
-  `state` varchar(20) NOT NULL default '',
-  `zip` varchar(20) NOT NULL default '',
-  `country` varchar(50) NOT NULL default '',
-  `url` varchar(125) NOT NULL default '',
-  `permissions` varchar(20) NOT NULL default '1',
-  PRIMARY KEY  (`id`)
-)        

-
    -
  1. Open login_config.php and set the configuration values as desired
  2. -
  3. Add your first account.  It will be configured as the administrator by default. 
  4. -
  5. Put pages behind the security framework < ? include "auth_check_header"; ?> at the very top of any pages that are for members only. Make sure they are in the same directory as the Basic Login files.
  6. -
  7. Happy coding!
  8. -
-

 

-

 

-
- - + + + + + + + + +Basic Login Readme + + + + + + + +
+ +

Basic Login is a basic PHP login script that can be downloaded used and modified under the general user public license provisions.  This is not a PHP login script for a government institution or fortune 500 company as it uses standard encryption and cookie based user identification that a determined hacker might exploit.  It is, however, perfect for a standard website that would benefit from a basic PHP to MySQL login script that is easy to deploy and uses standard methods of restricting access and granting permissions.

+ +

After writing countless PHP login scripts using various combinations of standard components tailored to the needs of the sites for which they were designed, I got wise and distilled the elements that I used most frequently into a basic application that can be easily uploaded and deployed on any project I was working on.  While there are no grand inventions happening here, Basic Login should do what you need it to do right out of the gate.  Features, functions and components are as follows:

+ +

PHP to MySQL structure
+ + Password encryption
+ + Email forgotten password hint
+ + Email password change/ recreation
+ + New user account creation with error handling
+ + User permission level control
+ + User login routing by permission on login
+ + Central configuration file
+ + Administrative user management report
+ + First user gets admin permissions

+ +

Using Basic Login is easy:

+ +
    + +
  1. Download Basic Login files
  2. + +
  3. Unzip Basic Login files
  4. + +
  5. Upload Basic Login files to a directory of your choice
  6. + +
  7. Create users table in MySQL:
    + + Just run this query or cut and paste the following code into the SQL window of phpmyadmin or an equivalent MySQL control panel:
  8. + +
+ +

CREATE TABLE `users` (
+ +  `id` int(11) NOT NULL auto_increment,
+ +  `username` varchar(50) NOT NULL default '',
+ +  `password` varchar(150) NOT NULL default '',
+ +  `password_hint` varchar(255) NOT NULL default '',
+ +  `lastname` varchar(50) NOT NULL default '',
+ +  `firstname` varchar(50) NOT NULL default '',
+ +  `email` varchar(100) NOT NULL default '',
+ +  `phone` varchar(50) NOT NULL default '',
+ +  `address1` varchar(100) NOT NULL default '',
+ +  `address2` varchar(100) NOT NULL default '',
+ +  `city` varchar(80) NOT NULL default '',
+ +  `state` varchar(20) NOT NULL default '',
+ +  `zip` varchar(20) NOT NULL default '',
+ +  `country` varchar(50) NOT NULL default '',
+ +  `url` varchar(125) NOT NULL default '',
+ +  `permissions` varchar(20) NOT NULL default '1',
+ +  PRIMARY KEY  (`id`)
+ +)        

+ +
    + +
  1. Open login_config.php and set the configuration values as desired
  2. + +
  3. Add your first account.  It will be configured as the administrator by default. 
  4. + +
  5. Put pages behind the security framework < ? include "auth_check_header"; ?> at the very top of any pages that are for members only. Make sure they are in the same directory as the Basic Login files.
  6. + +
  7. Happy coding!
  8. + +
+ +

 

+ +

 

+ +
+ + + + + diff --git a/register/reset_password.php b/register/reset_password.php index ee04482..4aac08e 100644 --- a/register/reset_password.php +++ b/register/reset_password.php @@ -1,123 +1,246 @@ -An encrypted temporary password has been assigned. Choose a new password in the form below:
" ); -} -else -{ -die( "Trouble saving information to the database:

" . mysqli_error() ); -} - - -?> -
-

Password Reset

-
- - - - - - - -
Username - - - -
- - - - - - - -
New Password - -
- - - - - - - - - - - -
Confirm New Password - -
New Password Hint - -
-

- -

-
-

- -

-

 

-
+An encrypted temporary password has been assigned. Choose a new password in the form below:
" ); + +} + +else + +{ + +die( "Trouble saving information to the database:

" . mysqli_error() ); + +} + + + + + +?> + +
+ +

Password Reset

+ +
+ + + + + + + + + + + + + + + +
Username + + + + + + + +
+ + + + + + + + + + + + + + + +
New Password + + + +
+ + + + + + + + + + + + + + + + + + + + + + + +
Confirm New Password + + + +
New Password Hint + + + +
+ +

+ + + +

+ +
+ +

+ + + +

+ +

 

+ +
+ diff --git a/register/reset_password_save.php b/register/reset_password_save.php index 539b85f..67d455b 100644 --- a/register/reset_password_save.php +++ b/register/reset_password_save.php @@ -1,40 +1,80 @@ -email = $email | username = $username
"; - -$query = "UPDATE `users` SET `password`='$cleanpw', `password_hint`='$password_hint' WHERE `email`='$email'"; - -// save the info to the database -$results = mysqli_query( $query ); - -// print out the results -if( $results ) - -{ echo( "Your changes have been made sucessfully.

Back to Login
" ); -} -else -{ -die( "Trouble saving information to the database: " . mysqli_error() ); -} - -} -else -{ -echo"Your new passwords do not match. Please try again"; -} - -?> +email = $email | username = $username
"; + + + +$query = "UPDATE `users` SET `password`='$cleanpw', `password_hint`='$password_hint' WHERE `email`='$email'"; + + + +// save the info to the database + +$results = mysqli_query( $query ); + + + +// print out the results + +if( $results ) + + + +{ echo( "Your changes have been made sucessfully.

Back to Login
" ); + +} + +else + +{ + +die( "Trouble saving information to the database: " . mysqli_error() ); + +} + + + +} + +else + +{ + +echo"Your new passwords do not match. Please try again"; + +} + + + +?> + diff --git a/register/router.php b/register/router.php index 102210d..b8ee3ba 100644 --- a/register/router.php +++ b/register/router.php @@ -1,61 +1,121 @@ - \ No newline at end of file diff --git a/register/sample_page.php b/register/sample_page.php index cbd3dbb..0b5d000 100644 --- a/register/sample_page.php +++ b/register/sample_page.php @@ -1,33 +1,66 @@ - - - - - - -AMS Agent Index - - - - - - - -
-

 

-

Sample Page -

-

You are logged in and can see content for which you are authorized

-

Log out

-
-
-
-
-
- - + + + + + + + + + + + + +AMS Agent Index + + + + + + + + + + + + + + + +
+ +

 

+ +

Sample Page + +

+ +

You are logged in and can see content for which you are authorized

+ +

Log out

+ +
+ +
+ +
+ +
+ +
+ + + + + diff --git a/register/traffic.php b/register/traffic.php index 528a4bc..e928f87 100644 --- a/register/traffic.php +++ b/register/traffic.php @@ -1,202 +1,404 @@ - - - - - - - - - - - -Basic Login - Download a free basic PHP Login Script - - - - - - - -
-

BasicLogin.com -
top bar
-
- - - -
- -
- - - - - -
- -
-
- -   - -
-

Sort By: ID | IP | Date | Site | Type

- - - - -
- "; - -If($criteria_url==''){$criteria="id";}else{$criteria=$criteria_url;} - -//echo "Criteria:$criteria
"; - - -$var = $_REQUEST['var']; - -$sql = "select * from traffic WHERE `id` LIKE \"%$var%\" OR `site` LIKE \"%$var%\" OR `type` LIKE \"%$var%\" OR `date` LIKE \"%$var%\" OR `ip` LIKE \"%$var%\" OR `link` LIKE \"%$var%\" OR `page` LIKE \"%$var%\"order by `$criteria` desc"; - - - $numresults=mysqli_query($sql); - $numrows=mysqli_num_rows($numresults); - - echo"Results: $numrows
"; - - if (empty($s)) { - $s=0; - } - -// get results - $query .= " limit $s,$limit"; - -// get results - $result = mysqli_query($query) or die("Couldn't execute query"); - - -// now you can display the results returned - while ($row= mysqli_fetch_array($result)) { - - $id= $row["id"]; - $ip= $row["ip"]; - $date = $row["date"]; - $site = $row["site"]; - $type= $row["type"]; - $link_raw= $row["link"]; - $page= $row["page"]; - $link=nicetrim($link_raw); - - - -echo "$id | $ip | $date | $site | $type | $page $link

"; - -} - -$currPage = (($s/$limit) + 1); - -//break before paging - echo "
"; - - // next we need to do the links to other results - if ($s>=1) { // bypass PREV link if s is 0 - $prevs=($s-$limit); - print " << - Prev 100  "; - } - -// calculate number of pages needing links - $pages=intval($numrows/$limit); - -// $pages now contains int of pages needed unless there is a remainder from division - - if ($numrows%$limit) { - // has remainder so add one page - $pages++; - } - -// check to see if last page - if (!((($s+$limit)/$limit)==$pages) && $pages!=1) { - - // not last page so give NEXT link - $news=$s+$limit; - - echo " Next 100 >>"; - } - -$a = $s + ($limit) ; - if ($a > $numrows) { $a = $numrows ; } - $b = $s + 1 ; - -?> -
-

  -

-
-
-

 

-
bottom bar
- -

-

 

-


-
-

-
- - - + + + + + + + + + + + + + + + + + + + + + + +Basic Login - Download a free basic PHP Login Script + + + + + + + + + + + + + + + +
+ +

BasicLogin.com + +
top bar
+ +
+ + + + + + + +
+ + + +
+ + + + + + + + + + + +
+ +
Admin Index
+ +
+ +
+ +
+ +
+ + + +   + + + +
+ +

Sort By: ID | IP | Date | Site | Type

+ + + + + + + + + +
+ + "; + + + +If($criteria_url==''){$criteria="id";}else{$criteria=$criteria_url;} + + + +//echo "Criteria:$criteria
"; + + + + + +$var = $_REQUEST['var']; + + + +$sql = "select * from traffic WHERE `id` LIKE \"%$var%\" OR `site` LIKE \"%$var%\" OR `type` LIKE \"%$var%\" OR `date` LIKE \"%$var%\" OR `ip` LIKE \"%$var%\" OR `link` LIKE \"%$var%\" OR `page` LIKE \"%$var%\"order by `$criteria` desc"; + + + + + + $numresults=mysqli_query($sql); + + $numrows=mysqli_num_rows($numresults); + + + + echo"Results: $numrows
"; + + + + if (empty($s)) { + + $s=0; + + } + + + +// get results + + $query .= " limit $s,$limit"; + + + +// get results + + $result = mysqli_query($query) or die("Couldn't execute query"); + + + + + +// now you can display the results returned + + while ($row= mysqli_fetch_array($result)) { + + + + $id= $row["id"]; + + $ip= $row["ip"]; + + $date = $row["date"]; + + $site = $row["site"]; + + $type= $row["type"]; + + $link_raw= $row["link"]; + + $page= $row["page"]; + + $link=nicetrim($link_raw); + + + + + + + +echo "$id | $ip | $date | $site | $type | $page $link

"; + + + +} + + + +$currPage = (($s/$limit) + 1); + + + +//break before paging + + echo "
"; + + + + // next we need to do the links to other results + + if ($s>=1) { // bypass PREV link if s is 0 + + $prevs=($s-$limit); + + print " << + + Prev 100  "; + + } + + + +// calculate number of pages needing links + + $pages=intval($numrows/$limit); + + + +// $pages now contains int of pages needed unless there is a remainder from division + + + + if ($numrows%$limit) { + + // has remainder so add one page + + $pages++; + + } + + + +// check to see if last page + + if (!((($s+$limit)/$limit)==$pages) && $pages!=1) { + + + + // not last page so give NEXT link + + $news=$s+$limit; + + + + echo " Next 100 >>"; + + } + + + +$a = $s + ($limit) ; + + if ($a > $numrows) { $a = $numrows ; } + + $b = $s + 1 ; + + + +?> + +
+ +

  + +

+ +
+ +
+ +

 

+ +
bottom bar
+ + + +

+ +

 

+ +


+ +
+ +

+ +
+ + + + + + + diff --git a/register/user_add.form.php b/register/user_add.form.php index 8ae82a9..d5bf56f 100644 --- a/register/user_add.form.php +++ b/register/user_add.form.php @@ -1,9 +1,18 @@ -
-
-
-
- -
- +
+ +
+ +
+ +
+ + + +
+ + + diff --git a/register/user_add.php b/register/user_add.php index 9965209..cfc20a5 100644 --- a/register/user_add.php +++ b/register/user_add.php @@ -1,17 +1,34 @@ - - - - - + + + + + + + + + + diff --git a/register/user_add_errors.php b/register/user_add_errors.php index 780730e..420783d 100644 --- a/register/user_add_errors.php +++ b/register/user_add_errors.php @@ -1,56 +1,112 @@ - - - -"; - echo "That username is too short. Please make it more than 4 characters.

"; - echo "
"; - } - - if($username_already_in_use==104) { - echo ""; - echo "That username is already in use. Please try again or log in to your existing account.

"; //
"; - echo "
"; - } - - if($email_already_in_use==104) { - echo ""; - echo "That email is already in use. That probably means you have an existing account. Log in or reset your password

"; - echo "
"; - } - - if($pw_insecure==104){ - echo ""; - echo "Your Password is not formatted correctly. Please choose a password that is between 4 and 20 characters and has at least 1 uppercase letter, one lower case letter and one number I.E. Hello23.

"; - echo "
"; - } - - if($bad_email==104){ - echo ""; - echo "Your email does not appear to be valid"; - echo "

"; - } - - - ?>
- -

- -

-

 

- + + + + + + +"; + + echo "That username is too short. Please make it more than 4 characters.

"; + + echo ""; + + } + + + + if($username_already_in_use==104) { + + echo ""; + + echo "That username is already in use. Please try again or log in to your existing account.

"; //
"; + + echo ""; + + } + + + + if($email_already_in_use==104) { + + echo ""; + + echo "That email is already in use. That probably means you have an existing account. Log in or reset your password

"; + + echo "
"; + + } + + + + if($pw_insecure==104){ + + echo ""; + + echo "Your Password is not formatted correctly. Please choose a password that is between 4 and 20 characters and has at least 1 uppercase letter, one lower case letter and one number I.E. Hello23.

"; + + echo "
"; + + } + + + + if($bad_email==104){ + + echo ""; + + echo "Your email does not appear to be valid"; + + echo "

"; + + } + + + + + + ?> + + + + + + + +

+ + + +

+ +

 

+ + + diff --git a/register/user_add_sso.php b/register/user_add_sso.php index a94d7b3..551afb2 100644 --- a/register/user_add_sso.php +++ b/register/user_add_sso.php @@ -1,55 +1,109 @@ -authenticate( $username ); - - // grab the user profile - $user_profile = $adapter->getUserProfile(); - - // a) Does user with "xxx" = identifier exist? - // -> Yes, then login as user - - // b) Does email of user exist? - // -> No, then create new user - - // c) Does email of user exist? - // -> Yes, ask for regular login. Preset email = login - - $provider_uid = $user_profile->identifier; - $email = $user_profile->email; - $first_name = $user_profile->firstName; - $last_name = $user_profile->lastName; - $display_name = $user_profile->displayName; - $website_url = $user_profile->webSiteURL; - $profile_url = $user_profile->profileURL; - $password = rand( ) ; # for the password we generate something random - - echo $provider_uid."
"; - echo $email; - } - catch( Exception $e ){ - // Display the recived error - switch( $e->getCode() ){ - case 0 : $error = "Unspecified error."; break; - case 1 : $error = "Hybriauth configuration error."; break; - case 2 : $error = "Provider not properly configured."; break; - case 3 : $error = "Unknown or disabled provider."; break; - case 4 : $error = "Missing provider application credentials."; break; - case 5 : $error = "Authentification failed. The user has canceled the authentication or the provider refused the connection."; break; - case 6 : $error = "User profile request failed. Most likely the user is not connected to the provider and he should to authenticate again."; - $adapter->logout(); - break; - case 7 : $error = "User not connected to the provider."; - $adapter->logout(); - break; - } - } +authenticate( $username ); + + + + // grab the user profile + + $user_profile = $adapter->getUserProfile(); + + + + // a) Does user with "xxx" = identifier exist? + + // -> Yes, then login as user + + + + // b) Does email of user exist? + + // -> No, then create new user + + + + // c) Does email of user exist? + + // -> Yes, ask for regular login. Preset email = login + + + + $provider_uid = $user_profile->identifier; + + $email = $user_profile->email; + + $first_name = $user_profile->firstName; + + $last_name = $user_profile->lastName; + + $display_name = $user_profile->displayName; + + $website_url = $user_profile->webSiteURL; + + $profile_url = $user_profile->profileURL; + + $password = rand( ) ; # for the password we generate something random + + + + echo $provider_uid."
"; + + echo $email; + + } + + catch( Exception $e ){ + + // Display the recived error + + switch( $e->getCode() ){ + + case 0 : $error = "Unspecified error."; break; + + case 1 : $error = "Hybriauth configuration error."; break; + + case 2 : $error = "Provider not properly configured."; break; + + case 3 : $error = "Unknown or disabled provider."; break; + + case 4 : $error = "Missing provider application credentials."; break; + + case 5 : $error = "Authentification failed. The user has canceled the authentication or the provider refused the connection."; break; + + case 6 : $error = "User profile request failed. Most likely the user is not connected to the provider and he should to authenticate again."; + + $adapter->logout(); + + break; + + case 7 : $error = "User not connected to the provider."; + + $adapter->logout(); + + break; + + } + + } + ?> \ No newline at end of file -- 2.20.1