here are my scripts
login
Expand|Select|Wrap|Line Numbers
- <?php
- include 'dbc.php';
- $full_name = mysql_real_escape_string($_POST['email']);
- if ($_POST['Submit']=='Login')
- {
- $md5pass = md5($_POST['pwd']);
- $sql = "SELECT id,full_name FROM users WHERE
- full_name = '$full_name.easehosting.co.uk' AND
- user_pwd = '$md5pass' AND user_activated='1'";
- $result = mysql_query($sql) or die (mysql_error());
- $num = mysql_num_rows($result);
- if ( $num != 0 ) {
- session_start();
- list($user_id,$full_name) = mysql_fetch_row($result);
- $_SESSION['user']= $full_name;
- if (isset($_GET['ret']) && !empty($_GET['ret']))
- {
- header("Location: $_GET[ret]");
- } else
- {
- header("Location: /~$full_name/index.php");
- }
- //echo "Logged in...";
- exit();
- }
- header("Location: invalid.html");
- //echo "Error:";
- exit();
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- session_start();
- include ('dbc.php');
- if ($_POST['Submit'] == 'Register')
- {
- if (strlen($_POST['email']) < 5)
- {
- die ("Incorrect email. Please enter valid email address..");
- }
- if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) )
- {
- //die ("Password does not match");
- die("ERROR: Password does not match or empty..");
- }
- if (strcmp(md5($_POST['user_code']),$_SESSION['ckey']))
- {
- die("Invalid code entered. Please enter the correct code as shown in the Image");
- }
- $rs_duplicates = mysql_query("select id from users where full_name='$_POST[full_name].easehosting.co.uk'");
- $duplicates = mysql_num_rows($rs_duplicates);
- if ($duplicates > 0)
- {
- //die ("ERROR: Account already exists.");
- header("Location: register.php?msg=ERROR: Account already exists..");
- exit();
- }
- $md5pass = md5($_POST['pass2']);
- $activ_code = rand(1000,9999);
- $server = $_SERVER['HTTP_HOST'];
- $host = ereg_replace('www.','',$server);
- mysql_query("INSERT INTO users
- (`user_email`,`user_pwd`,`country`,`joined`,`activation_code`,`full_name`)
- VALUES
- ('$_POST[email]','$md5pass','$_POST[country]',now(),'$activ_code','$_POST[full_name].easehosting.co.uk')") or die(mysql_error());
- mkdir ("/var/www/hosts/$_POST[full_name].easehosting.co.uk", 0700);
- mkdir ("/var/www/hosts/$_POST[full_name].easehosting.co.uk/docs", 0700);
- mkdir ("/var/www/hosts/$_POST[full_name].easehosting.co.uk/CGI-BIN");
- copy("/var/www/hosts/template/dbc.php","/var/www/hosts/$_POST[full_name].easehosting.co.uk/dbc.php");
- copy("/var/www/hosts/template/index.php","/var/www/hosts/$_POST[full_name].easehosting.co.uk/index.php");
- copy("/var/www/hosts/template/manage.php","/var/www/hosts/$_POST[full_name].easehosting.co.uk/manage.php");
- copy("/var/www/hosts/template/docs/index.html","/var/www/hosts/$_POST[full_name].easehosting.co.uk/docs/index.html");
- $file = fopen("/var/named/chroot/etc/named.conf", "a");
- fwrite($file,"
- zone '$_POST[full_name].easehosting.co.uk' {\n type master;\n file '/var/named/$_POST[full_name].easehosting.co.uk.hosts';\n };");
- fclose($file);
- $message =
- "Thank you $_POST[full_name] for registering an account with $server. Here are your login details...\n\n
- ########################################################################### \n
- Your login name is: $_POST[full_name] \n
- Your domain name is: http://$_POST[full_name].easehosting.co.uk\n
- This email is to confirm that you have created an account with $server\n
- you can now login at http://www.easehosting.co.uk/login.html
- ########################################################################### \n
- Thank you. This is an automated response. PLEASE DO NOT REPLY.
- ";
- mail($_POST['email'] , "Login details", $message,
- "From: \"Auto-Response\" <notifications@$host>\r\n" .
- "X-Mailer: PHP/" . phpversion());
- unset($_SESSION['ckey']);
- echo("Thank you $_POST[full_name], Registration was Successful! Your domain name is $_POST[full_name].easehosting.co.uk\n you can now login at www.easehosting.co.uk...");
- exit;
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- include 'dbc.php';
- if ($_POST['Submit']=='Send')
- {
- $host = $_SERVER['HTTP_HOST'];
- $rs_search = mysql_query("select user_email from users where user_email='$_POST[email]'");
- $user_count = mysql_num_rows($rs_search);
- if ($user_count != 0)
- {
- $newpwd = rand(1000,9999);
- $host = $_SERVER['HTTP_HOST'];
- $newmd5pwd = md5($newpwd);
- mysql_query("UPDATE users set user_pwd='$newmd5pwd' where user_email='$_POST[email]'");
- $message =
- "You have requested new login details from $host. Here are the login details...\n\n
- User login: $_POST[full_name] \n
- Password: $newpwd \n
- ____________________________________________
- *** LOGIN ***** \n
- To Login: http://$host/login.php \n\n
- _____________________________________________
- Thank you. This is an automated response. PLEASE DO NOT REPLY.
- ";
- mail($_POST['email'], "New Login Details", $message,
- "From: \"Auto-Response\" <robot@$host>\r\n" .
- "X-Mailer: PHP/" . phpversion());
- die("Thank you. New Login details has been sent to your email address");
- } else die("Account with given email does not exist");
- }
- ?>
oliver