$error"; } else { $error = ""; } $form = "

Log Into Your Store

Username


Password

"; return $form; } //Login Form function fpwForm($error=""){ if ($error != "") { $error = "$error"; } else { $error = ""; } $form = "

Send A New Password

Email Address

"; return $form; } //CREATE RANDOM PASSWORD function createRandomPassword() { $chars = "abcdefghijkmnopqrstuvwxyz023456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; srand((double)microtime()*1000000); $i = 0; $pass = '' ; while ($i <= 7) { $num = rand() % 33; $tmp = substr($chars, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } //CHECK EMAIL function checkEmail(){ global $email; if(preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i',$email)){ $d = new DB; $adminEmail = $this->getControlSettings("email"); $headers = 'From: '.$adminEmail. "\r\n" . 'Reply-To: '.$adminEmail . "\r\n" . 'X-Mailer: PHP/' . phpversion(); if($adminEmail == $email){ $randPass = $this->createRandomPassword(); $d->q("UPDATE options set password='".md5($randPass)."'"); $message = ' Dear Admin, Your Details Are As Follows: Username: '.$this->getControlSettings("username").' Password: '.$randPass.' Please Change Your Password When You Login To Ensure Security. This Is An Automated Message From Your BANS Control Panel.'; mail($adminEmail,"Forgot Password",$message,$headers); return "Password Has Been Sent"; } else { $message = ' Dear Admin, Someone From The Email Address '.$email.' Tried To Retrieve Your Password. This Is An Automated Message From Your BANS Control Panel.'; mail($adminEmail,"Forgot Password",$message,$headers); return "Infomation Incorrect"; } } else { return "Infomation Incorrect"; } } //SECURITY function logged($false=""){ if($false == ""){ $d = new DB; $said = isset($_SESSION[SES_1]['AdminID']) ? $_SESSION[SES_1]['AdminID'] :""; $d->q("SELECT id FROM options WHERE id = '".$said."'"); if ($d->nr()) { $d1 = new DB; $d1->q("SELECT id FROM options WHERE id = '".$_SESSION[SES_1]['AdminID']."' AND username = '".$_SESSION[SES_1]['AdminName']."'"); if($d1->nr()){ $d1->nx(); if ($d1->fn('id') == $said) { $_SESSION[SES_1]['SUPERCONTROL'] = md5(ADMIN_CODE); $d->close(); $d1->close(); return true; } else { if (isset($_SESSION[SES_1])) { unset($_SESSION[SES_1]['SUPERCONTROL']); unset($_SESSION[SES_1]['AdminID']); unset($_SESSION[SES_1]['AdminName']); } return false; } }else { if (isset($_SESSION[SES_1])) { unset($_SESSION[SES_1]['SUPERCONTROL']); unset($_SESSION[SES_1]['AdminID']); unset($_SESSION[SES_1]['AdminName']); } return false; } } else { if (isset($_SESSION[SES_1])) { unset($_SESSION[SES_1]['SUPERCONTROL']); unset($_SESSION[SES_1]['AdminID']); unset($_SESSION[SES_1]['AdminName']); } return false; } } else { if (isset($_SESSION[SES_1])) { unset($_SESSION[SES_1]['SUPERCONTROL']); unset($_SESSION[SES_1]['AdminID']); unset($_SESSION[SES_1]['AdminName']); session_destroy(); } return false; } } //LOGOUT function logout(){ unset($_SESSION[SES_1]['SUPERCONTROL']); unset($_SESSION[SES_1]['AdminID']); unset($_SESSION[SES_1]['AdminName']); session_destroy(); } //CHECK LOGIN function checkLogin($username,$password) { $pass = md5($password); $d = new DB; $d->q("SELECT * FROM options WHERE username='$username' AND password='$pass'"); if($d->nr()){ $d->nx(); if (!$d->fn('id')) { return false; } $_SESSION[SES_1]['SUPERCONTROL'] = md5(ADMIN_CODE); $_SESSION[SES_1]['AdminID'] = $d->fn('id'); $_SESSION[SES_1]['AdminName'] = $username; return true; } else{ return false; } } // MAIN function mainPage($middle){ $form = $this->basicTemplate(); // $form = str_replace("[MENU]",$this->navigation(),$form); $form = str_replace("[MIDDLE]",$middle,$form); return $form; } // ADMIN LOGIN function adminLogin($error=""){ $form = $this->loginTemplate($error); $form = str_replace("[MIDDLE]",$this->loginForm($error),$form); return $form; } //BASIC TEMPLATE function basicTemplate(){ $form = "[MIDDLE]"; return $form; } //LOGIN TEMPLATE function LoginTemplate(){ $form = "
[MIDDLE]
"; return $form; } //SITE HEADER function siteHeader(){ include("admin-header.php"); } //SITE FOOTER function siteFooter(){ include("admin-footer.php"); } //HEADER function header(){ $form = '
'; return $form; } //FOOTER function footer(){ $form = '
'; return $form; } //CHECK FOR MAGIC QUOTES function cleanInput($var){ if (! get_magic_quotes_gpc()) { $var = addslashes($var); } else { $var = $var; } return $var; } //ADMIN INFO function adminInfo($error=""){ if ($error !="") { $error = "$error"; } $d = new DB; $d->q("SELECT * FROM control"); $d->nx(); $form = "$error
  Admin Information
"; $form .=""; $form .=""; $form .=""; $form .="
"; $form .=$this->formStart("admin.php?action=adminInfoNow","post"); $form .="
Username:".$this->formField("text","username","",$d->fn('username'))."
Password:".$this->formField("text","password","")."
Confirm Password:".$this->formField("text","conpassword","")."
Admin Email:".$this->formField("text","adminEmail","",$d->fn('email'))."
Bounce Email:".$this->formField("text","bounce","",$d->fn('bounce'))."
".$this->formSubmit("submit","Update Admin Info")."
".$this->formEnd()."
"; return $form; } //EDIT SUBSCRIBER NOW function adminInfoNow(){ global $username,$password,$conpassword,$adminEmail,$bounce; if($password != $conpassword || $password =="" && $conpassword == ""){ $password = ""; } elseif($password == $conpassword && $password !="" && $conpassword !="") { $password = ",password='".md5($password)."'"; } $d = new DB; $d->q("UPDATE control SET username='$username',email='$adminEmail',bounce='$bounce'$password"); return "UPDATED"; } function getControlSettings($arg){ $d = new DB; $d->q("SELECT $arg FROM options"); if($d->nr()){ $d->nx(); return $d->fn($arg); } } } ?>