--[-- install.php --]--

[code]<?
	if($_POST['submit'])
	{
		$username = addslashes($_POST['username']);
		$password = addslashes($_POST['password']);
		$md5 = md5($password);
		$email = addslashes($_POST['email']);
		
		if($username == "" || $password == "")
		{
			echo "Niet alles ingevuld...<br><br><a href=\"javascript:history.back(-1)\">Terug</a>";
		}
		
		else
		{
			include("config.php");

			mysql_query("DROP TABLE IF EXISTS `inlogsysteem`");
			mysql_query("
				CREATE TABLE `inlogsysteem` (
  					`id` int(8) NOT NULL auto_increment,
  					`username` varchar(40) NOT NULL,
  					`password` varchar(40) NOT NULL,
  					`email` varchar(255) NOT NULL,
  					`status` char(1) NOT NULL,
  					PRIMARY KEY  (`id`)
				) TYPE=MyISAM
			");
			mysql_query("INSERT INTO `inlogsysteem` (`id`,`username`,`password`,`email`,`status`) VALUES ('','".$username."','".$md5."','".$email."','a')");
			
			header("Location: index.php");
		}
	}
	
	else
	{
?>

<html>

<head>
	<title>Install</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
	<p>
		Maak EERST een config.php aan zoals hieronder:<br><br>
		&lt;?				<br>
		ob_start();			<br>
		session_start();	<br>
		mysql_connect(&quot;localhost&quot;,&quot;USERNAME&quot;,&quot;PASSWORD&quot;);	<br>
		mysql_select_db(&quot;DATABASE&quot;);<br>
		?&gt;<br>
    </p>
	<p>Daarna pas dit hieronder:</p>

	<table border="0" cellspacing="0" cellpadding="0">
		<form action="<? $_SERVER['PHP_SELF'] ?>" method="post">
			<tr>
				<td><b>Logingegevens Admin</b></td>
				<td>&nbsp;</td>
			</tr>
			<tr>
				<td>Admin naam:</td>
				<td><input type="text" name="username"></td>
			</tr>
			<tr>
				<td>Admin password:</td>
				<td><input type="password" name="password"></td>
			</tr>
			<tr>
				<td>Admin email:</td>
				<td><input type="text" name="email"></td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td align="right"><input type="submit" name="submit" value="Installeer!"></td>
			</tr>
		</form>
	</table>
</body>

</html>

<?
	}
ob_end_flush();
?>[/code]


--[-- admin.php --]--

[code]<?
	include("beveiliging-a.php");
?>
<html>

<head>
	<title>Admin</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
		<p>Welkom bij het ControlPanel voor de Administrator</p>
		<p>
			<b>Uitleg Statussen:</b><br>
			Status 'a' = Administratorrechten<br>
			Status 'm' = Moderator<br>
			Status 'n' = Normale member<br>
		</p>
	
<?

function afk_str($string, $lengte)
{
	return strlen($string) > $lengte ? substr($string, 0, $lengte).'..' : $string;
}

function home()
{
	$sql = "SELECT * FROM `inlogsysteem`";
	$query = mysql_query($sql);
	
	echo "
	<table border=\"0\" cellpadding=\"1\" cellspacing=\"0\" width=\"700\">
	<tr>
		<td><b>ID</b></td><td><b>Username</b></td><td><b>Email</b></td><td><b>Status/Rank</b></td><td>&nbsp;</td><td>&nbsp;</td>
	</tr>
	<tr>
		<td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td>
	</tr>
	";
	
	while($rij = mysql_fetch_assoc($query))
	{
		echo "
			<tr>
				<td>".$rij['id']."</td><td>".$rij['username']."</td><td><a href=\"mailto:".$rij['email']."\" title=\"".$rij['email']."\">".afk_str($rij['email'],30)."</td><td>".$rij['status']."</td>";
				
				if($rij['status'] == "a")
				{
					echo "<td>&nbsp;</td>";
				}
				
				else
				{
					echo "<td><a href=\"?action=deluser&id=".$rij['id']."&rank=".$rij['status']."\" style=\"color:#FF0000;\">Delete Member</a></td>";
				}
				
				echo "<td><a href=\"?action=wijzig_status&id=".$rij['id']."&rank=".$rij['status']."\">Wijzig Rank</a></td>";
		echo "</tr>";
	}
	
	echo "</table>";
}

function wijzig_status()
{
	$id = $_GET['id'];
	$rank = $_GET['rank'];
	
	if($_POST['wijzig'])
	{
		$sql = "UPDATE `inlogsysteem` SET `status` = '".$_POST['status']."' WHERE `id` = '".$id."'";
		mysql_query($sql) or die(mysql_error());
		header("Location: admin.php");
	}
	
	else
	{
		echo "<form action=\"\" method=\"post\">";
		echo "Je hebt de member met ID nr. ".$id." en<br> als rank ".ucfirst($rank)." geselecteerd<br><br>";
		echo "Rank <select name=\"status\" style=\"width:50px;\">
						<option value=\"".$rank."\">&nbsp;</option>
						<option value=\"a\">a</option>
						<option value=\"m\">m</option>
						<option value=\"n\">n</option>
					</select><br>
		";
		echo "<input type=\"submit\" name=\"wijzig\" value=\"Wijzig Rank\">";
		echo "</form>";
	}
}

function deluser()
{
	$id = $_GET['id'];
	$rank = $_GET['rank'];
	
	if($rank == "a" || $id == "1")
	{
		echo "
		<script>
			window.alert('De Admin kan niet verwijderd worden');
			window.location = 'admin.php';
		</script>
		";
	}
	
	else
	{
		mysql_query("DELETE FROM `inlogsysteem` WHERE `id` = '".$id."'");
		
		header("Location: ".$_SERVER['PHP_SELF']."");
	}
}
	
switch($_GET['action'])
{
	case "wijzig_status";
		wijzig_status();
	break;
	
	case "deluser";
		deluser();
	break;
	
	case "wijzig_pass";
		wijzig_pass();
	break;
	
	default;
		home();
	break;
}
?>
</body>

</html>
<?
ob_end_flush();
?>[/code]


--[-- beveiliging-a.php --]--

[code]<?
include("config.php");

if($_SESSION['login'] !== "1")
{
	header("Location: login.php");
}
elseif($_SESSION['login'] == "1" && $_SESSION['status'] !== "a")
{
	header("Location: errors.php?p=geen_admin");
}
?>[/code]


--[-- beveiliging-m.php --]--

[code]<?
include("config.php");

if($_SESSION['login'] !== "1")
{
	header("Location: login.php");
}
elseif($_SESSION['login'] == "1" && $_SESSION['status'] !== "m")
{
	if($_SESSION['login'] == "1" && $_SESSION['status'] !== "a")
	{
		header("Location: errors.php?p=geen_moderator");
	}
}
?>[/code]


--[-- beveilging-n.php --]--

[code]<?
include("config.php");

if($_SESSION['login'] !== "1")
{
	header("Location: login.php");
}
?>[/code]


--[-- errors.php --]--

[code]<?
if($_GET['p'] == "geen_admin")
{
?>
<html>

<head>
	<title>Error!</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
 <p>Je hebt geen Admin-account</p>
 <p>&nbsp;</p>
 <p>Klik <a href="login.php">hier</a> om naar de loginpagina te gaan</p>
</body>

</html>
<?
}
if($_GET['p'] == "geen_moderator")
{
?>
<html>

<head>
	<title>Error!</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
 <p>Je hebt geen Moderator- of Adminaccount</p>
 <p>&nbsp;</p>
 <p>Klik <a href="login.php">hier</a> om naar de loginpagina te gaan</p>
</body>

</html>
<?
}
?>[/code]


--[-- index.php --]--

[code]<html>

<head>
	<title>LoginSysteem V1.01</title>
	<link rel="stylesheet" type="text/css" href="style.css">
	<meta http-equiv="refresh" content="4; url=login.php">
</head>

<body>
	<p align="left">Momentje... Je wordt doorgestuurd naar de Login pagina</p>
	<?
	if(file_exists("install.php"))
	{
		echo "Heb je het systeem al geinstalleerd? Zo niet, <a href=\"install.php\">Installeer Nu!</a>";
	}
	else
	{
		echo"";
	}
	?>
</body>

</html>[/code]


--[-- ledenlijst.php --]--

[code]<?
	include("beveiliging-n.php");
?>
<html>

<head>
	<title>Ledenlijst</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
	<p><b>De Ledenlijst</b></p>
	<table border="0" cellpadding="1" cellspacing="0" width="70%">
		<tr>
			<td>Username</td>
			<td>Rank</td>
		</tr>
		<tr>
			<td>&nbsp;</td>
			<td>&nbsp;</td>
		</tr>
		<?
			$query = mysql_query("SELECT * FROM `inlogsysteem`");

			while($rij = mysql_fetch_assoc($query))
			{
				echo "
				<tr>
					<td>".ucfirst($rij['username'])."</td>
					<td>";
					if($rij['status'] == "a") { echo "<span style=\"color:#F00000;\"><b>Admin</b></span>"; }
					if($rij['status'] == "m") { echo "<span style=\"color:#102030;\"><b>Moderator</b></span>"; }
					if($rij['status'] == "n") { echo "Normale Member"; }
				echo "</td>
				</tr>
				";
			}
		?>
	</table>
</body>

</html>[/code]


--[-- login.php --]--

[code]<?
	include("config.php");
?>
<html>

<head>
	<title>Login</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>
<?
if($_GET['p'] == "uitloggen")
{
	$_SESSION = array();
	header("Location: ".$_SERVER['PHP_SELF']."");
}

elseif($_GET['p'] == "wijzig_pass")
{
	if($_POST['wijzig_pass'])
	{
		if(strlen($_POST['password']) < 6 || strlen($_POST['password']) > 40)
		{
			echo "<b><i>Het wachtwoord is minder als 6 of meer als 40 tekens</i></b><br><br>";
			echo "Klik <a href=\"javascript:history.back(-1)\">hier</a> om terug te gaan";
		}
		
		else
		{
			$sql = "UPDATE `inlogsysteem` SET `password` = '".md5($_POST['password'])."' WHERE `id` = '".$_SESSION['id']."'";
			mysql_query($sql);
			header("Location: ".$_SERVER['PHP_SELF']."");
		}
	}
	
	else
	{
		echo "<table border=\"0\" cellpadding=\"1\" cellspacing=\"0\">";
		echo "<form action=\"\" method=\"post\">";
		echo "<a href=\"".$_SERVER['PHP_SELF']."\">Terug</a><br><br>";
		echo "
			<tr>
				<td>Nieuwe Password</td>
				<td><input type=\"password\" name=\"password\"></td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td align=\"right\"><input type=\"submit\" name=\"wijzig_pass\" value=\"Wijzig!\"></td>
			</tr>
		";
		echo "</form>";
		echo "</table>";
		echo "<span style=\"font-size:8pt;\">* Niet op 'Enter' drukken maar<br> met de muis klikken op 'Wijzig!'</span>";

	}
}

elseif($_SESSION['login'] == "1" && $_SESSION['status'] == "a")
{
	echo "Welkom ".ucfirst($_SESSION['naam'])." !<br><br>";
	echo "[Admin]<br><br>";
	echo "<a href=\"admin.php\" target=\"_blank\">Admin Locatie</a><br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=wijzig_pass\">Wijzig Password</a><br><br>";
	echo "<a href=\"ledenlijst.php\"><b>Ledenlijst</b><br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=uitloggen\">Uitloggen</a>";
}

elseif($_SESSION['login'] == "1" && $_SESSION['status'] == "m")
{
	echo "Welkom ".ucfirst($_SESSION['naam'])." !<br><br>";
	echo "[Moderator]<br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=wijzig_pass\">Wijzig Password</a><br><br>";
	echo "<a href=\"ledenlijst.php\"><b>Ledenlijst</b><br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=uitloggen\">Uitloggen</a>";
}

elseif($_SESSION['login'] == "1" && $_SESSION['status'] == "n")
{
	echo "Welkom ".ucfirst($_SESSION['naam'])." !<br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=wijzig_pass\">Wijzig Password</a><br><br>";
	echo "<a href=\"ledenlijst.php\"><b>Ledenlijst</b><br><br>";
	echo "<a href=\"".$_SERVER['PHP_SELF']."?p=uitloggen\">Uitloggen</a>";
}

else
{

if($_POST['login'])
{
	$username = addslashes($_POST['username']);
	$md5_ww = md5($_POST['password']);
	$sql = "SELECT * FROM `inlogsysteem` WHERE `username` = '".$username."' AND `password` = '".$md5_ww."'";
	$query = mysql_query($sql);
	
	if(mysql_num_rows($query) == 1)
	{
		$username = addslashes($_POST['username']);
		$md5_ww = md5($_POST['password']);
		$statussql = "SELECT * FROM `inlogsysteem` WHERE `username` = '".$username."' AND `password` = '".$md5_ww."'";
		$statusquery = mysql_query($statussql);
		$status = mysql_fetch_assoc($statusquery);
		
			if($status['status'] == "n")
			{
				$_SESSION['login'] = "1";
				$_SESSION['status'] = "n";
				$_SESSION['naam'] = $username;
				$_SESSION['id'] = $status['id'];
			}
			
			elseif($status['status'] == "m")
			{
				$_SESSION['login'] = "1";
				$_SESSION['status'] = "m";
				$_SESSION['naam'] = $username;
				$_SESSION['id'] = $status['id'];
			}

			elseif($status['status'] == "a")
			{
				$_SESSION['login'] = "1";
				$_SESSION['status'] = "a";
				$_SESSION['naam'] = $username;
				$_SESSION['id'] = $status['id'];
			}
		
		header("Location: ".$_SERVER['PHP_SELF']."");
	}

	else
	{
		echo "Gebruikersnaam en/of wachtwoord verkeerd<br><br>";
	}
}
	echo "
	<table border=\"0\">
	<form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
	<tr>
		<td>Username</td>
		<td><input type=\"text\" name=\"username\" size=\"15\"></td>
	</tr>
	<tr>	
		<td>Password</td>
		<td><input type=\"password\" name=\"password\" size=\"15\"></td>
	</tr>
	<tr>
		<td align=\"right\"><input type=\"button\" name=\"registreer\" value=\"Registreer!\" onClick=\"window.open('registreer.php','Registreer_Popup','width=250,height=300,scrollbars=yes')\"></td>
		<td align=\"right\"><input type=\"submit\" name=\"login\" value=\"Login!\"></td>
	</tr>
	</form>
	</table>
	";
}
ob_end_flush();
?>[/code]


--[-- registreer.php --]--

[code]<?
	include("config.php");
?>
<html>

<head>
	<title>Registreer</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>
<?
function check_mail($email)
{
	$email_host = explode("@",$email);
	$email_host = $email_host['1'];
	$email_domein = gethostbyname($email_host);
	
	if($email_domein !== $email_host && eregi("^[0-9a-z]([-_.~]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,4}$",$email))
	{
		$geldig = 1;
	}
	
	return $geldig;
}

if($_POST['registreer'])
{
	$username_query = mysql_query("SELECT * FROM `inlogsysteem` WHERE `username` = '".addslashes($_POST['username'])."'");
	$email_query = mysql_query("SELECT * FROM `inlogsysteem` WHERE `email` = '".addslashes($_POST['email'])."'");
	$check_email = check_mail($_POST['email']);
	if($_POST['username'] == "" || $_POST['password'] == "" || $_POST['password2'] == "" || $_POST['email'] == "" || $_POST['password'] !== $_POST['password2'] || mysql_num_rows($username_query) >= 1 || mysql_num_rows($email_query) >= 1 || $check_email !== 1 || strlen($_POST['password']) < 6 || strlen($_POST['username']) < 6 || strlen($_POST['password']) > 40 || strlen($_POST['username']) > 40)
	{
		echo "<a href=\"javascript:history.back(-1)\">Terug</a><br><br>";
		
		echo "<ol>";
		
		if($_POST['username'] == "")
		{
			echo "<li>Bij <b>USERNAME</b> is niks ingevuld</li>";
		}
		if($_POST['password'] == "")
		{
			echo "<li>Bij <b>PASSWORD</b> is niks ingevuld</li>";
		}
		if($_POST['password2'] == "")
		{
			echo "<li>Bij <b>PASSWORD [Bevestiging]</b> is niks ingevuld</li>";
		}
		if($_POST['email'] == "")
		{
			echo "<li>Bij <b>EMAIL</b> is niks ingevuld</li>";
		}
		if($_POST['password'] !== $_POST['password2'])
		{
			echo "<li>De <b>PASSWORDS</b> zijn niet gelijk</li>";
		}
		if(mysql_num_rows($username_query) >= 1)
		{
			echo "<li>De <b>USERNAME</b> is al in gebruik</li>";
		}
		if(mysql_num_rows($email_query) >= 1)
		{
			echo "<li>De <b>EMAIL</b> is al geregistreerd</li>";
		}
		if($check_email !== 1)
		{
			echo "<li>Geen geldige <b>EMAIL</b> ingevuld</li>";
		}
		if(strlen($_POST['password']) < 6)
		{
			echo "<li><b>PASSWORD</b> is minder dan 6 tekens</li>";
		}
		if(strlen($_POST['username']) < 6)
		{
			echo "<li><b>USERNAME</b> is minder dan 6 tekens</li>";
		}
		if(strlen($_POST['password']) > 40)
		{
			echo "<li><b>PASSWORD</b> is meer dan 40 tekens</li>";
		}
		if(strlen($_POST['username']) > 40)
		{
			echo "<li><b>USERNAME</b> is meer dan 40 tekens</li>";
		}
		
		echo "</ol>";
	}
	
	else
	{
		$username = addslashes($_POST['username']);
		$md5_ww = md5($_POST['password']);
		$email = addslashes($_POST['email']);
		$status = "n";
		mysql_query("INSERT INTO `inlogsysteem` (`username`, `password`, `email`, `status`) VALUES ('".$username."','".$md5_ww."','".$email."','".$status."')");
		
		echo "
			Je kunt nu inloggen
			<br><br><br><br>
			<a href='javascript:window.close()'>Sluit venster</a>
		";
	}
}

else
{
	echo "
	<table border=\"0\">
		<form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
			<tr>
				<td>Username</td>
				<td><input type=\"text\" name=\"username\" size=\"15\"></td>
			</tr>
			<tr>
				<td>Password</td>
				<td><input type=\"password\" name=\"password\" size=\"15\"></td>
			</tr>
			<tr>
				<td>Password [Bevestiging]</td>
				<td><input type=\"password\" name=\"password2\" size=\"15\"></td>
			</tr>
			<tr>
				<td>Email</td>
				<td><input type=\"text\" name=\"email\" size=\"15\"></td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td align=\"right\"><input type=\"submit\" name=\"registreer\" value=\"Registreer!\"></td>
			</tr>
		</form>
	</table><br>
	<span style=\"font-size:8pt;\">* Username en Password mogen beiden niet minder als 6 en niet meer als 40 karakters bevatten.</span><br><br>
	<span style=\"font-size:8pt;\">** Alle velden dienen ingevuld te worden!</span>
	";
}
ob_end_flush();
?>[/code]


--[-- wachtwoord-vergeten.php --]--

[code]<?
	include("config.php");
?>
<html>

<head>
	<title>Wachtwoord vergeten</title>
	<link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
<?
function generator()
{
	$karakters = array_merge(range('a','z'),range('A','Z'),range(0,9));
	shuffle($karakters);
	$karakters = implode('',$karakters);
	return substr($karakters,0,12);
}

if($_POST['generate'])
{
	if($_POST['username'] !== "" || $_POST['email'] !== "")
	{
		$query = mysql_query("SELECT `id` FROM `inlogsysteem` WHERE `email` = '".addslashes($_POST['email'])."' AND `username` = '".addslashes($_POST['username'])."'");
		
		if(mysql_num_rows($query) == 1)
		{
			$password = generator();
			mail($_POST['email'],"Nieuw Password",$password,"From: LoginSysteem V1.1 <combeetjuh@gmail.com>");
			
			$sql = "UPDATE `inlogsysteem` SET `password` = '".md5($password)."' WHERE `email` = '".addslashes($_POST['email'])."'";
			mysql_query($sql);
			
			echo "Check je Emailbox voor het nieuwe password, je kan inloggen met dit password en daarna kan je het password wijzigen als je ingelogd bent<br><br>Klik <a href=\"login.php\">hier</a> om naar de Loginpagina te gaan";
		}
		
		else
		{
			echo "Username hoort niet bij Email<br><br><a href=\"javascript:history.back(-1)\">Terug</a>";
		}
	}
	
	else
	{
		echo "Niet alles ingevuld<br><br><a href=\"javascript:history.back(-1)\">Terug</a>";
	}
}

else
{
?>
<table border="0" cellpadding="1" cellspacing="0">
	<form action="<? $_SERVER['PHP_SELF'] ?>" method="post">
		<tr>
			<td>Email:</td>
			<td><input type="text" name="email"></td>
		</tr>
		<tr>
			<td>Username:</td>
			<td><input type="text" name="username"></td>
		</tr>
		<tr>
			<td>&nbsp;</td>
			<td align="right"><input type="submit" name="generate" value="Maak nieuw password!" style="width:170px;"></td>
		</tr>
	</form>
</table>
<?
}
?>
</body>

</html>[/code]


--[-- style.css --]--

[code]/* LoginSysteem V1.1 */

body {
	background-color:#FFFFFF;
	font-family:Tahoma, Arial, sans-serif;
	font-size:10pt;
	color:#666666;
	text-decoration:none;
}

input, textarea, select {
	background-color:#FFFFFF;
	border:1px solid #DEDEDE;
	font-family:Tahoma, Arial, sans-serif;
	font-size:10pt;
	color:#666666;
	text-decoration:none;
}

td {
	font-family:Tahoma, Arial, sans-serif;
	font-size:10pt;
	color:#666666;
	text-decoration:none;
}

a:link,a:visited,a:active {
	color:#666666;
	text-decoration:underline;
}

a:hover {
	color:#000099;
	text-decoration:none;
}[/code]