admin/38527-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Autosave: 20260217-234438

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-17 23:44:38 +00:00
parent 5dff56179a
commit fcda68cf07
5 changed files with 73 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/pasted-20260217-232157-017555a6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
assets/pasted-20260217-232953-088c1965.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

69
auth/register.php
View File

@ -1,4 +1,7 @@
<?php <?php
header("Cache-Control: no-cache, no-store, must-revalidate");
header("Pragma: no-cache");
header("Expires: 0");
require_once __DIR__ . '/session.php'; require_once __DIR__ . '/session.php';
$error = ''; $error = '';
@ -6,23 +9,50 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? ''; $username = $_POST['username'] ?? '';
$email = $_POST['email'] ?? ''; $email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? ''; $password = $_POST['password'] ?? '';
$inviteCode = $_POST['invite_code'] ?? '';
if ($username && $email && $password) { if ($username && $email && $password) {
$hash = password_hash($password, PASSWORD_DEFAULT); // Strict invite code validation (Private by default)
try { $requireInvite = true;
$stmt = db()->prepare("INSERT INTO users (username, display_name, email, password_hash) VALUES (?, ?, ?, ?)"); if (defined('REQUIRE_INVITE_CODE')) {
$stmt->execute([$username, $username, $email, $hash]); $requireInvite = REQUIRE_INVITE_CODE;
$userId = db()->lastInsertId(); }
// Add to default server if ($requireInvite) {
$stmt = db()->prepare("INSERT IGNORE INTO server_members (server_id, user_id) VALUES (1, ?)"); if (empty($inviteCode)) {
$stmt->execute([$userId]); $error = "An invitation code is required to register.";
} else {
$stmt = db()->prepare("SELECT id FROM servers WHERE invite_code = ?");
$stmt->execute([$inviteCode]);
$server = $stmt->fetch();
if (!$server) {
$error = "Invalid invitation code.";
}
}
}
$_SESSION['user_id'] = $userId; if (!$error) {
header('Location: ../index.php'); $hash = password_hash($password, PASSWORD_DEFAULT);
exit; try {
} catch (Exception $e) { $stmt = db()->prepare("INSERT INTO users (username, display_name, email, password_hash) VALUES (?, ?, ?, ?)");
$error = "Registration failed: " . $e->getMessage(); $stmt->execute([$username, $username, $email, $hash]);
$userId = db()->lastInsertId();
// Add to default server or the one from invite code
$serverId = 1; // Default
if (isset($server) && $server) {
$serverId = $server['id'];
}
$stmt = db()->prepare("INSERT IGNORE INTO server_members (server_id, user_id) VALUES (?, ?)");
$stmt->execute([$serverId, $userId]);
$_SESSION['user_id'] = $userId;
header('Location: ../index.php');
exit;
} catch (Exception $e) {
$error = "Registration failed: " . $e->getMessage();
}
} }
} else { } else {
$error = "Please fill all fields."; $error = "Please fill all fields.";
@ -48,13 +78,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
.auth-footer a { color: #00a8fc; text-decoration: none; } .auth-footer a { color: #00a8fc; text-decoration: none; }
</style> </style>
</head> </head>
<body> <body><h1 style="color:red; background:yellow; text-align:center; padding:20px; z-index:9999; position:relative;">TEST: IF YOU SEE THIS, THE PAGE IS UPDATED</h1>
<div class="auth-card"> <div class="auth-card">
<h3 class="text-center mb-4">Create an account</h3> <h3 class="text-center mb-4">Create an account</h3>
<?php if($error): ?> <?php if($error): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div> <div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?> <?php endif; ?>
<form method="POST"> <form method="POST">
<!-- MOVE INVITE CODE TO TOP -->
<div class="mb-3" style="border: 2px solid #5865f2; padding: 15px; border-radius: 8px; margin-bottom: 25px; background: rgba(88, 101, 242, 0.1);">
<label class="form-label" style="color: #fff !important; font-size: 16px;">Invite Code (Required to Join)</label>
<div class="small mb-1" style="color: #00a8fc !important; font-weight: bold;">This application is private. Please enter your code.</div>
<input type="text" name="invite_code" class="form-control" placeholder="Enter code here" required style="border: 2px solid #5865f2; font-size: 18px;">
</div>
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Username</label> <label class="form-label">Username</label>
<input type="text" name="username" class="form-control" required> <input type="text" name="username" class="form-control" required>
@ -67,7 +104,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<label class="form-label">Password</label> <label class="form-label">Password</label>
<input type="password" name="password" class="form-control" required> <input type="password" name="password" class="form-control" required>
</div> </div>
<button type="submit" class="btn btn-blurple">Continue</button> <button type="submit" class="btn btn-blurple">Continue</button>
<div class="text-center mt-2" style="color: #4e5058; font-size: 10px;">Version: <?php echo time(); ?></div>
<div class="auth-footer"> <div class="auth-footer">
Already have an account? <a href="login.php">Login</a> Already have an account? <a href="login.php">Login</a>
</div> </div>

3
db/config.php
View File

@ -5,6 +5,9 @@ define('DB_NAME', 'app_38443');
define('DB_USER', 'app_38443'); define('DB_USER', 'app_38443');
define('DB_PASS', '888f6481-a87b-421a-a4bd-c80fa3c5a57b'); define('DB_PASS', '888f6481-a87b-421a-a4bd-c80fa3c5a57b');
// Registration settings
define('REQUIRE_INVITE_CODE', true); // Set to true to make registration private, false for public
function db() { function db() {
static $pdo; static $pdo;
if (!$pdo) { if (!$pdo) {

14
requests.log
View File

@ -647,3 +647,17 @@
2026-02-17 19:20:01 - GET /?fl_project=38527 - POST: [] 2026-02-17 19:20:01 - GET /?fl_project=38527 - POST: []
2026-02-17 20:01:09 - GET / - POST: [] 2026-02-17 20:01:09 - GET / - POST: []
2026-02-17 20:15:23 - GET /?fl_project=38527 - POST: [] 2026-02-17 20:15:23 - GET /?fl_project=38527 - POST: []
2026-02-17 20:53:22 - GET / - POST: []
2026-02-17 23:02:47 - GET /?fl_project=38527 - POST: []
2026-02-17 23:06:00 - GET /?fl_project=38527 - POST: []
2026-02-17 23:09:01 - GET /?fl_project=38527 - POST: []
2026-02-17 23:13:51 - GET /?fl_project=38527 - POST: []
2026-02-17 23:16:33 - GET /?fl_project=38527 - POST: []
2026-02-17 23:21:30 - GET /?fl_project=38527 - POST: []
2026-02-17 23:23:30 - GET /?fl_project=38527 - POST: []
2026-02-17 23:26:01 - GET /?fl_project=38527 - POST: []
2026-02-17 23:27:10 - GET /?fl_project=38527 - POST: []
2026-02-17 23:30:39 - GET /?fl_project=38527 - POST: []
2026-02-17 23:34:19 - GET /?fl_project=38527 - POST: []
2026-02-17 23:43:17 - GET /?fl_project=38527 - POST: []
2026-02-17 23:44:16 - GET /?fl_project=38527 - POST: []