11-27-2017, 04:10 PM
During my editing of script and trying to add own flare to the site I ran into an issue with script randomly appearing now this is in a test section does not have the install on it but I am not sure if that is what is causing the issue or not here is what my code currently looks like wondering if there is a little issue that I have that could be causing the issue.
<!DOCTYPE html>
<?php
/*
UserSpice 4
An Open Source PHP User Management System
by the UserSpice Team at http://UserSpice.com
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// error_reporting(E_ALL);
// ini_set('display_errors', 1);
ini_set("allow_url_fopen", 1);
if(isset($_SESSION)){session_destroy();}
?>
<?php require_once 'init.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
<?php
$settingsQ = $db->query("SELECT * FROM settings");
$settings = $settingsQ->first();
$error_message = '';
if (@$_REQUEST['err']) $error_message = $_REQUEST['err']; // allow redirects to display a message
$reCaptchaValid=FALSE;
if (Input::exists()) {
$token = Input::get('csrf');
if(!Token::check($token)){
die('Token doesn\'t match!');
}
//Check to see if recaptcha is enabled
if($settings->recaptcha == 1){
require_once 'includes/recaptcha.config.php';
//reCAPTCHA 2.0 check
$response = null;
// check secret key
$reCaptcha = new ReCaptcha($privatekey);
// if submitted check response
if ($_POST["g-recaptcha-response"]) {
$response = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"],$_POST["g-recaptcha-response"]);
}
if ($response != null && $response->success) {
$reCaptchaValid=TRUE;
}else{
$reCaptchaValid=FALSE;
$error_message .= 'Please check the reCaptcha.';
}
}else{
$reCaptchaValid=TRUE;
}
if($reCaptchaValid || $settings->recaptcha == 0){ //if recaptcha valid or recaptcha disabled
$validate = new Validate();
$validation = $validate->check($_POST, array(
'username' => array('display' => 'Username','required' => true),
'password' => array('display' => 'Password', 'required' => true)));
if ($validation->passed()) {
//Log user in
$remember = (Input::get('remember') === 'on') ? true : false;
$user = new User();
$login = $user->loginEmail(Input::get('username'), trim(Input::get('password')), $remember);
if ($login) {
# if user was attempting to get to a page before login, go there
$dest = sanitizedDest('dest');
if (!empty($dest)) {
Redirect::to($dest);
} elseif (file_exists($abs_us_root.$us_url_root.'usersc/scripts/custom_login_script.php')) {
# if site has custom login script, use it
# Note that the custom_login_script.php normally contains a Redirect::to() call
require_once $abs_us_root.$us_url_root.'usersc/scripts/custom_login_script.php';
} else {
if (($dest = Config::get('homepage')) ||
($dest = 'account.php')) {
#echo "DEBUG: dest=$dest<br />\n";
#die;
Redirect::to($dest);
}
}
} else {
$error_message .= 'Log in failed. Please check your username and password and try again.';
}
} else{
$error_message .= '
}
}
}
if (empty($dest = sanitizedDest('dest'))) {
$dest = '';
}
?>
<html>
<head>
<meta charset="UTF-8">
<title>AbsolutAire DASHBOARD</title>
<link rel="stylesheet" href="assets/css/style.css">
</head>
<body>
<hgroup>
<h1>AbsolutAire DASHBOARD</h1>
</hgroup>
<form name="login" class="form-signin" action="login.php" method="post">
<h2 class="form-signin-heading"></i> <?=lang("SIGNIN_TITLE","");?></h2>
<input type="hidden" name="dest" value="<?= $dest ?>" />
<div class="form-group">
<input class="form-control" type="text" name="username" id="username" placeholder="Username/Email" required autofocus>
</div>
<div class="form-group">
<input type="password" class="form-control" name="password" id="password" placeholder="Password" required autocomplete="off">
</div>
<div class="form-group">
<div class="form-group">
</div>
<input type="hidden" name="csrf" value="<?=Token::generate(); ?>">
<button class="submit btn btn-primary" type="submit"><i class="fa fa-sign-in"></i> <?=lang("SIGNIN_BUTTONTEXT","");?>Sign In</button>
</form>
</body>
</html>
<!-- footers -->
<?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
<!-- Place any per-page javascript here -->
<script src="assets/js/index.js"></script>
<?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>
<!DOCTYPE html>
<?php
/*
UserSpice 4
An Open Source PHP User Management System
by the UserSpice Team at http://UserSpice.com
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// error_reporting(E_ALL);
// ini_set('display_errors', 1);
ini_set("allow_url_fopen", 1);
if(isset($_SESSION)){session_destroy();}
?>
<?php require_once 'init.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
<?php
$settingsQ = $db->query("SELECT * FROM settings");
$settings = $settingsQ->first();
$error_message = '';
if (@$_REQUEST['err']) $error_message = $_REQUEST['err']; // allow redirects to display a message
$reCaptchaValid=FALSE;
if (Input::exists()) {
$token = Input::get('csrf');
if(!Token::check($token)){
die('Token doesn\'t match!');
}
//Check to see if recaptcha is enabled
if($settings->recaptcha == 1){
require_once 'includes/recaptcha.config.php';
//reCAPTCHA 2.0 check
$response = null;
// check secret key
$reCaptcha = new ReCaptcha($privatekey);
// if submitted check response
if ($_POST["g-recaptcha-response"]) {
$response = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"],$_POST["g-recaptcha-response"]);
}
if ($response != null && $response->success) {
$reCaptchaValid=TRUE;
}else{
$reCaptchaValid=FALSE;
$error_message .= 'Please check the reCaptcha.';
}
}else{
$reCaptchaValid=TRUE;
}
if($reCaptchaValid || $settings->recaptcha == 0){ //if recaptcha valid or recaptcha disabled
$validate = new Validate();
$validation = $validate->check($_POST, array(
'username' => array('display' => 'Username','required' => true),
'password' => array('display' => 'Password', 'required' => true)));
if ($validation->passed()) {
//Log user in
$remember = (Input::get('remember') === 'on') ? true : false;
$user = new User();
$login = $user->loginEmail(Input::get('username'), trim(Input::get('password')), $remember);
if ($login) {
# if user was attempting to get to a page before login, go there
$dest = sanitizedDest('dest');
if (!empty($dest)) {
Redirect::to($dest);
} elseif (file_exists($abs_us_root.$us_url_root.'usersc/scripts/custom_login_script.php')) {
# if site has custom login script, use it
# Note that the custom_login_script.php normally contains a Redirect::to() call
require_once $abs_us_root.$us_url_root.'usersc/scripts/custom_login_script.php';
} else {
if (($dest = Config::get('homepage')) ||
($dest = 'account.php')) {
#echo "DEBUG: dest=$dest<br />\n";
#die;
Redirect::to($dest);
}
}
} else {
$error_message .= 'Log in failed. Please check your username and password and try again.';
}
} else{
$error_message .= '
-
';
foreach ($validation->errors() as $error) {
$error_message .= '
- ' . $error . '';
}
$error_message .= '
}
}
}
if (empty($dest = sanitizedDest('dest'))) {
$dest = '';
}
?>
<html>
<head>
<meta charset="UTF-8">
<title>AbsolutAire DASHBOARD</title>
<link rel="stylesheet" href="assets/css/style.css">
</head>
<body>
<hgroup>
<h1>AbsolutAire DASHBOARD</h1>
</hgroup>
<form name="login" class="form-signin" action="login.php" method="post">
<h2 class="form-signin-heading"></i> <?=lang("SIGNIN_TITLE","");?></h2>
<input type="hidden" name="dest" value="<?= $dest ?>" />
<div class="form-group">
<input class="form-control" type="text" name="username" id="username" placeholder="Username/Email" required autofocus>
</div>
<div class="form-group">
<input type="password" class="form-control" name="password" id="password" placeholder="Password" required autocomplete="off">
</div>
<div class="form-group">
<div class="form-group">
</div>
<input type="hidden" name="csrf" value="<?=Token::generate(); ?>">
<button class="submit btn btn-primary" type="submit"><i class="fa fa-sign-in"></i> <?=lang("SIGNIN_BUTTONTEXT","");?>Sign In</button>
</form>
</body>
</html>
<!-- footers -->
<?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
<!-- Place any per-page javascript here -->
<script src="assets/js/index.js"></script>
<?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>
