S KOM 1002289 Appendix3

(1)

A3. Source Code

1. Jawab 1

<!DOCTYPE html> <?php

include_once("../../koneksi.php"); session_start();S

$nama = $_SESSION['nama']; $nis = $_SESSION['nis']; $status = $_SESSION['status']; ?>

(2)

<link

href="http://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic" rel="stylesheet" type="text/css">

</head>

<div class="navbar-header page-scroll">

<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span>

</div>

(3)

<a href="../"><i class="fa fa-home"></i>Kembali</a> </li>

</ul> </div>

</div>

</nav>

<div class="col-lg-12"> <h3>Hasil Nilai Pretest</h3> <?php

if(isset($_POST['submit'])){

$pilihan=$_POST["pilihan"]; $id_soal=$_POST["id"]; $jumlah=$_POST['jumlah']; $score=0;

$benar=0; $salah=0; $kosong=0;

(4)

//id nomor soal $nomor=$id_soal[$i];

//jika user tidak memilih jawaban if (empty($pilihan[$nomor])){

$kosong++; }else{

//jawaban dari user

$jawaban=$pilihan[$nomor];

//cocokan jawaban user dengan jawaban di database $query=mysql_query("select * from soal where id_soal='$nomor' and jawaban_benar='$jawaban'");

$cek=mysql_num_rows($query); if($cek){

//jika jawaban cocok (benar) $benar++; }else{

//jika salah $salah++; }

}

$score = $benar*5; }

(5)

<td width="12%"><font color="#00000">Benar</font></td><td

width="88%"><font color="#000000">= <?php echo $benar;?> soal x 5 point</font></td>

</tr> <tr>

<td><font color="#000000">Salah</font></td><td><font color="#000000">= <?php echo $salah;?> soal </font></td>

</tr> <tr>

<td><font color="#000000">Kosong</font></td><td><font color="#000000">= <?php echo $kosong;?> soal </font></td>

</tr> <tr>

<td><font color="#000000"><b>Nilai Pretest</b></td><td>= <b><?php echo $score;?></b></font></td>

</tr> </table>

<p></p>

<?php

$query=mysql_query("INSERT INTO nilai VALUES (null, '$nis', '$score',0,'1',null)");

(6)

</form></center> </div>

</div> </div>

</header> </body>

(7)

Jawab 2

<!DOCTYPE html> <?php

include_once("../../koneksi.php"); session_start();

$nama = $_SESSION['nama']; $nis = $_SESSION['nis']; $status = $_SESSION['status']; ?>

(8)

<link

href="http://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic" rel="stylesheet" type="text/css">

</head>

<div class="navbar-header page-scroll">

<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span>

</div>

(9)

<a href="../"><i class="fa fa-home"></i>Kembali</a> </li>

</ul> </div>

</div>

</nav>

<div class="col-lg-12"> <h3>Hasil Nilai Posttest</h3> <?php

if(isset($_POST['submit'])){

$pilihan=$_POST["pilihan"]; $id_soal=$_POST["id"]; $jumlah=$_POST['jumlah']; $score=0;

$benar=0; $salah=0; $kosong=0;

(10)

//id nomor soal $nomor=$id_soal[$i];

//jika user tidak memilih jawaban if (empty($pilihan[$nomor])){

$kosong++; }else{

//jawaban dari user

$jawaban=$pilihan[$nomor];

//cocokan jawaban user dengan jawaban di database $query=mysql_query("select * from soal where id_soal='$nomor' and

jawaban_benar='$jawaban'");

$cek=mysql_num_rows($query);

if($cek){

//jika jawaban cocok (benar) $benar++; }else{

//jika salah $salah++; }

}

(11)

} }

<td width="12%"><font color="#00000">Benar</font></td><td

width="88%"><font color="#000000">= <?php echo $benar;?> soal x 5 point</font></td>

</tr>

<tr <td><font

color="#000000">Salah</font></td><td><font color="#000000">= <?php echo $salah;?> soal </font></td>

</tr>

<tr> <td><font

color="#000000">Kosong</font></td><td><font color="#000000">= <?php echo $kosong;?> soal </font></td>

</tr> <tr>

<td><font color="#000000"><b>Nilai Pretest</b></td><td>= <b><?php echo $score;?></b></font></td>

</tr> </table>

<p></p>

<?php $query=mysql_query("UPDATE nilai SET posttest='$score' , status_posttest='1' where nis='$nis'");

(12)

</form></center> </div>

</div> </div>

</header> </body>

2. Shoutbox

<html>

</html>

3. Index

<!DOCTYPE html> <?php

include_once("../koneksi.php"); session_start();

if(isset($_SESSION['nama'])||($_SESSION['nis'])||($_SESSION['status'])){ $nama = $_SESSION['nama'];

$nis = $_SESSION['nis']; $status = $_SESSION['status']; }

(13)

<head>

<title>Multimedia Pembelajaran</title>

<link

href="http://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic" rel="stylesheet" type="text/css">

<!--[if lt IE 9]>

(14)

<script

src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script> <script

src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script> <![endif]-->

</head>

<div class="navbar-header page-scroll">

<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span>

</div>

(15)

<a href="#portfolio">Materi</a> </li>

<li class="page-scroll"> <a href="#nilai">Nilai</a> </li>

<a href="#contact">Saran</a> </li>

<a href="../forum/index.php" target="_blank">Forum</a> </li>

<li class="icon-bar"> <a href="../logout.php">LogOut</a> </li>

</ul> </div>

</div>

</nav>

(16)

<header>

<span class="name">Jaringan Komputer</span> <hr class="star-light">

<span class="skills">Topologi Jaringan - Konsep Jaringan - Piranti Jaringan</span>

</br> </br> <?php

$q="SELECT * FROM nilai WHERE nis='$nis'"; $query=mysql_query($q);

$fetch=mysql_fetch_array($query);

if($fetch['status_pretest']==0){ ?>

<a href="ujian/pretest.php" class="btn btn-lg btn-outline"> <i class="fa fa-book"> </i> PreTest!

<?php

}else{ ?>

(17)

<a href="ujian/pretest.php" class="btn btn-lg btn-outline" disabled="disabled"> <i class="fa fa-book"> </i> Anda Sudah Melakukan PreTest

<?php } ?> </a> </div> </div>

</div> </div> </header>

<section id="portfolio"> <div class="container"> <div class="row">

<div class="col-lg-12 text-center"> <h2>Materi</h2>

</div>

(18)

</div>

</div>

</div>

</div>

(19)

</div>

</div> </div>

<i class="fa fa-search-plus"></i> Click to Start Google Search </a>

</div> </div>

</section>

<div class="col-lg-12 text-center"> <h2>Nilai</h2>

(20)

<p align='center'> <font color="#000000"> <h3> HASIL NILAI PRE TEST</h3></font></br>

<?php

$query=mysql_query("select pretest from nilai where nis='$nis'"); $row = mysql_fetch_array($query);

$pretest = $row['pretest']; ?>

</p> </div>

<p align='center'> <font color="#000000"> <h3> HASIL NILAI POST TEST</h3></font></br>

<?php

$query1=mysql_query("select posttest from nilai where nis='$nis'");

$row1 = mysql_fetch_array($query1); $posttest = $row1['posttest']; ?>

(21)

</div>

<div class="col-lg-8 col-lg-offset-2 text-center"> <?php

$q="SELECT * FROM nilai WHERE nis='$nis'"; $query=mysql_query($q);

$fetch=mysql_fetch_array($query);

if($fetch['status_posttest']==0 && $fetch['status_pretest']==0){ ?>

<i class="fa fa-book"> </i>Anda Belum Melakukan Pre Test! <?php

}else if($fetch['status_posttest']==0 && $fetch['status_pretest']==1){ ?>

<a href="ujian/posttest.php" class="btn btn-lg btn-outline"> <i class="fa fa-book"> </i>Post Test!

<?php

}else{ ?>

<a href="ujian/pretest.php" class="btn btn-lg btn-outline" disabled="disabled"> <i class="fa fa-book"> </i> Anda Sudah Melakukan Post Test

<?php } ?>

(22)

</a>

</div> </div>

</div> </section>

<section id="contact"> <div class="container"> <div class="row">

<div class="col-lg-12 text-center"> <h2>Saran Pengembangan</h2> <hr class="star-primary"> </div>

</div>

<!-- To configure the contact form email address, go to

mail/contact_me.php and update the email address in the PHP file on line 19. -->

(23)

</div> </div>

<label>Email Address</label>

</div>

<label>Phone Number</label>

</div>

(24)

<label>Message</label>

<textarea rows="5" class="form-control" placeholder="Message" id="message" required data-validation-required-message="Please enter a

message."></textarea>

</div> <br>

</div> </div> </form> </div> </div> </div> </section>

(25)

<h3>Location</h3>

<p>Jl. Setiabudhi No. 229<br>Bandung, Jawa Barat</p> </div>

<div class="footer-col col-md-4"> <h3>Social Media</h3>

</li> <li>

<li>

</li> </ul> </div>

<div class="footer-col col-md-4"> <h3>About Developer</h3>

<p>Mahasiswa yang melakukan penelitian di Departemen <a

href="http://cs.upi.edu" target="_blank">Pendidikan Ilmu Komputer UPI</a>.</p> </div>

(26)

</div> </div>

</div> </div> </div> </footer>

<div class="scroll-top page-scroll visible-xs visible-sm">

</a> </div>

(27)

</div> </div>

<p> Close </p> </div>

<h2>Jaringan Dasar</h2> <hr class="star-primary">

<li>Sumber:

<strong><a href="www.vedcmalang.com">Sumber Materi</a>

</strong> </li>

<li>Tanggal:

<strong><a href="#">5 September 2015</a> </strong>

</li> <li>Email: <strong><a

(28)

</strong> </li>

</ul>

<button type="button" class="btn btn-default" data-dismiss="modal"><i class="fa fa-times"></i> Close</button> </div>

</div> </div> </div> </div> </div>

</div>

<p>Close</p> </div>

(29)

<h2>Rangkuman Materi</h2> <hr class="star-primary">

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Konsep Dasar Jaringan Komputer</a> </strong>

</li>

<li>Sumber: <strong><a href="#">Modul Sekolah</a>

</strong> </li>

</ul>

</br>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Topologi Jaringan</a> </strong>

</li>

<li>Sumber: <strong><a href="#">Modul Sekolah</a>

(30)

</strong> </li>

</ul>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Perangkat Keras Jaringan</a> </strong>

</li>

<li>Sumber: <strong><a href="#">Modul Sekolah</a>

</strong> </li>

</ul>

<button type="button" class="btn btn-default" data-dismiss="modal"><i class="fa fa-times"></i> Close</button> </div>

</div> </div> </div> </div> </div>

(31)

</div> <p>Close</p> </div>

<h2>Video Materi</h2> <hr class="star-primary">

<p>

</video> </p>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Tutorial Jaringan Dasar</a> </strong>

(32)

</li>

<li>Tanggal:

<strong><a href="http://startbootstrap.com">10 Agustus 2015</a>

</strong> </li>

<li>Source:

<strong><a href="http://youtube.com">Youtube</a> </strong>

</li> </ul>

</br> <p>

</video> </p>

<li>Judul: <strong><a href="#">Pengenalan perangkat jaringan komputer dan fungsinya</a>

</strong> </li>

<li>Tanggal:

(33)

</li> <li>Source: <strong><a

href="https://www.youtube.com/watch?v=oSnw5gUqYDU">Youtube</a> </strong>

</li> </ul>

</br> <p> <video width="100%" height="100%" controls="controls"> <source src="doc/vid/2_pp_cs.mp4" type="video/mp4">

</video> </p>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Peer to Peer vs Client Server</a> </strong>

</li>

<li>Tanggal:

<strong><a href="http://startbootstrap.com">10 Agustus 2015</a> </strong>

</li> <li>Source:

<strong><a href="http://youtube.com">Youtube</a> </strong>

(34)

</li> </ul>

</br> <p> <video width="100%" height="100%" controls="controls"> <source src="doc/vid/3_bus.mp4" type="video/mp4">

</video> </p>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Topologi Bus</a> </strong>

</li>

<li>Tanggal:

<strong><a href="http://startbootstrap.com">10 Agustus 2015</a>

</strong> </li>

<li>Source:

<strong><a href="http://youtube.com">Youtube</a> </strong>

</li> </ul>

</br> <p>

(35)

</video> </p>

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Topologi Ring</a> </strong>

</li>

<li>Tanggal:

<strong><a href="http://startbootstrap.com">10 Agustus 2015</a>

</strong> </li>

<li>Source:

<strong><a href="http://youtube.com">Youtube</a> </strong>

</li> </ul>

</br> <p>

</video> </p>

(36)

<ul class="list-inline item-details"> <li>Judul:

<strong><a href="#">Topologi Star</a> </strong>

</li>

<li>Tanggal:

<strong><a href="http://startbootstrap.com">10 Agustus 2015</a>

</strong> </li>

<li>Source:

<strong><a href="http://youtube.com">Youtube</a> </strong>

</li> </ul>

<button type="button" class="btn btn-default" data-dismiss="modal"><i class="fa fa-times"></i> Close</button>

</div> </div> </div> </div> </div> </div>

(37)

<script src="js/freelancer.js"></script> </body>

</html>

4. Preetest

<!DOCTYPE html> <?php

include_once("../../koneksi.php"); session_start();

$nama = $_SESSION['nama']; $nis = $_SESSION['nis']; $status = $_SESSION['status']; ?>

(38)

<head>

<link

href="http://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic" rel="stylesheet" type="text/css">

</head>

(39)

<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span>

</button>

</div>

</ul> </div>

</div>

</nav>

</br></br></br></br></br><center><h1>Selamat mengerjakan Pretest !</h1></center>

<?php

(40)

$num=mysql_num_rows($sudah); if($num==0){

$hasil=mysql_query("select * from soal limit 30"); $jumlah=mysql_num_rows($hasil);

$urut=0;

while($row = mysql_fetch_array($hasil)){ $id=$row["id_soal"];

$soal=$row["soal"];

$jawaban_a=$row["jawaban_a"]; $jawaban_b=$row["jawaban_b"]; $jawaban_c=$row["jawaban_c"]; $jawaban_d=$row["jawaban_d"]; $jawaban_e=$row["jawaban_e"];

$jawaban_benar=$row["jawaban_benar"];

(41)

<tr>

<td height="21"> </td> <td><input name="pilihan[<?php echo $id; ?>]" type="radio" value="A"> a.&nbsp<?php echo "$jawaban_a";?> </td>

</tr> <tr>

<td><input name="pilihan[<?php echo $id; ?>]" type="radio" value="B"> b.&nbsp<?php echo "$jawaban_b";?> </td>

</tr> <tr>

<td> </td> <td><input name="pilihan[<?php echo $id; ?>]" type="radio" value="C"> c.&nbsp<?php echo "$jawaban_c";?> </td>

</tr> <tr>

<td> </td> <td><input name="pilihan[<?php echo $id; ?>]" type="radio" value="D"> d.&nbsp<?php echo "$jawaban_d";?> </td>

</tr> <tr>

<td> </td> <td><input name="pilihan[<?php echo $id; ?>]" type="radio" value="E"> e.&nbsp<?php echo "$jawaban_e";?> </td>

</tr> </table>

(42)

<?php } }else{

header('location:../'); }

<tr>

</tr> </form> </div>

</div> </div>

</body> </html>

5. Daftar

<!DOCTYPE html> <?php

include_once("koneksi.php"); session_start();

if (isset($_POST['submit'])){ $nis = $_POST['nis'];

(43)

$nama = $_POST['nama'];

$password = $_POST['password'];

$q1 = mysql_query("SELECT nis from siswa WHERE nis='$nis'"); $f1 = mysql_fetch_array($q1);

$n1 = mysql_num_rows($q1); if ($n1 == 1){

$warning="Username sudah terdaftar!"; }else{

$query1 = mysql_query("INSERT INTO siswa (nis, nama, password) values ('$nis','$nama','$password')");

if(mysql_affected_rows()!=0){ header('location:index.php'); }else{

$warning="Data anda tidak tersimpan!"; }

} }

<title>Multimedia Pembelajaran</title>

(44)

src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script> <script type="text/javascript" src="scripts/bootstrap.min.js"></script> <script type="text/javascript" src="scripts/jquery.cloneposition.js"></script>

<!--[if lt IE 9]>

<![endif]--> <!--[if lte IE 9]>

(45)

</div>

<h2 class="sign-in">Mendaftar</h2> <small class="muted">Isilah data dengan baik</small>

</span> <input class="input-large" id="username" name="nis" size="16" type="text" placeholder="Username/NIS" required /></div>

(46)

<a class="btn-link pull-left" href="index.php" id="login">Sudah mendaftar?</a> <button class="btn btn-large btn-inverse pull-right" type="submit" id="submit" name="submit">Daftar</button>

</div>

<?php if (isset($warning)): ?>

<?php echo $warning;?>

</div> <?php endif;?>

(47)

</center> </font>

</form> </div>

</div> </div>

</div>

</div> </body> </html>

6. Freelance.css

/*!

* Start Bootstrap - Freelancer Bootstrap Theme (http://startbootstrap.com) * Code licensed under the Apache License v2.0.

* For details, see http://www.apache.org/licenses/LICENSE-2.0. */

body {

overflow-x: hidden; }

p {

font-size: 20px; }

p.small {

font-size: 16px; }

(48)

a, a:hover, a:focus, a:active, a.active { outline: 0; color: #18bc9c; }

h1, h2, h3, h4, h5, h6 {

text-transform: uppercase;

font-family: Montserrat,"Helvetica Neue",Helvetica,Arial,sans-serif; font-weight: 700;

}

hr.star-light, hr.star-primary {

margin: 25px auto 30px; padding: 0;

max-width: 250px; border: 0;

border-top: solid 5px; text-align: center; }

hr.star-light:after, hr.star-primary:after { content: "\f005"; display: inline-block; position: relative; top: -.8em;

padding: 0 .25em;

font-family: FontAwesome; font-size: 2em;

(49)

hr.star-light {

border-color: #fff; }

hr.star-light:after { color: #fff;

background-color: #18bc9c; }

hr.star-primary {

border-color: #2c3e50; }

hr.star-primary:after { color: #2c3e50;

background-color: #fff; }

.img-centered {

margin: -1px 154px; position: absolute; }

header {

text-align: center; color: #fff;

background: #18bc9c; }

header .container { padding-top: 100px; padding-bottom: 50px; }

header img { display: block; margin: 0 auto 20px; }

header .intro-text .name { display: block;

(50)

font-family: Montserrat,"Helvetica Neue",Helvetica,Arial,sans-serif; font-size: 2em;

font-weight: 700; }

header .intro-text .skills { font-size: 1.25em; font-weight: 300; }

@media(min-width:768px) { header .container {

padding-top: 200px; padding-bottom: 100px; }

header .intro-text .name { font-size: 4.75em; }

header .intro-text .skills { font-size: 1.75em; }

}

@media(min-width:768px) { .navbar-fixed-top {

padding: 25px 0;

-webkit-transition: padding .3s; -moz-transition: padding .3s; transition: padding .3s; }

.navbar-fixed-top .navbar-brand { font-size: 2em;

-webkit-transition: all .3s; -moz-transition: all .3s; transition: all .3s; }

.navbar-fixed-top.navbar-shrink { padding: 10px 0;

(51)

}

.navbar-fixed-top.navbar-shrink .navbar-brand { font-size: 1.5em;

} }

.navbar {

text-transform: uppercase;

font-family: Montserrat,"Helvetica Neue",Helvetica,Arial,sans-serif; font-weight: 700;

}

.navbar a:focus { outline: 0; }

.navbar .navbar-nav { letter-spacing: 1px; }

.navbar .navbar-nav li a:focus { outline: 0;

}

.navbar-default, .navbar-inverse { border: 0; }

section {

padding: 100px 0; }

section h2 { margin: 0; font-size: 3em; }

section.success { color: #fff;

(52)

}

section.success a, section.success a:hover, section.success a:focus, section.success a:active, section.success a.active { outline: 0;

color: #2c3e50; }

@media(max-width:767px) { section {

padding: 75px 0; }

section.first {

padding-top: 75px; }

}

#portfolio .portfolio-item { right: 0;

margin: 0 0 15px; }

#portfolio .portfolio-item .portfolio-link { display: block;

position: relative; margin: 0 auto; max-width: 400px; }

#portfolio .portfolio-item .portfolio-link .caption { position: absolute;

width: 100%; height: 100%; opacity: 0;

background: rgba(24,188,156,.9); -webkit-transition: all ease .5s; -moz-transition: all ease .5s; transition: all ease .5s;

(53)

}

#portfolio .portfolio-item .portfolio-link .caption:hover { opacity: 1;

}

#portfolio .portfolio-item .portfolio-link .caption .caption-content { position: absolute;

top: 50%; width: 100%; height: 20px; margin-top: -12px; text-align: center; font-size: 20px; color: #fff; }

#portfolio .portfolio-item .portfolio-link .caption .caption-content i { margin-top: -12px;

}

#portfolio .portfolio-item .portfolio-link .caption .caption-content h3, #portfolio .portfolio-item .portfolio-link .caption .caption-content h4 { margin: 0;

}

#portfolio * { z-index: 2; }

@media(min-width:767px) { #portfolio .portfolio-item { margin: 0 0 30px; }

}

.btn-outline {

margin-top: 15px; border: solid 2px #fff; font-size: 20px; color: #fff; background: 0 0;

(54)

transition: all .3s ease-in-out; }

.btn-outline:hover, .btn-outline:focus, .btn-outline:active, .btn-outline.active { border: solid 2px #fff; color: #18bc9c; background: #fff; }

.floating-label-form-group { position: relative;

margin-bottom: 0; padding-bottom: .5em;

border-bottom: 1px solid #eee; }

.floating-label-form-group input, .floating-label-form-group textarea { z-index: 1;

position: relative; padding-right: 0; padding-left: 0; border: 0; border-radius: 0; font-size: 1.5em; background: 0 0;

box-shadow: none!important; resize: none;

}

.floating-label-form-group label { display: block;

z-index: 0; position: relative; top: 2em;

margin: 0; font-size: .85em;

line-height: 1.764705882em; vertical-align: middle;

(55)

vertical-align: baseline; opacity: 0;

-webkit-transition: top .3s ease,opacity .3s ease; -moz-transition: top .3s ease,opacity .3s ease; -ms-transition: top .3s ease,opacity .3s ease; transition: top .3s ease,opacity .3s ease; }

.floating-label-form-group::not(:first-child) { padding-left: 14px;

border-left: 1px solid #eee; }

.floating-label-form-group-with-value label { top: 0;

opacity: 1; }

.floating-label-form-group-with-focus label { color: #18bc9c;

}

form .row:first-child .floating-label-form-group { border-top: 1px solid #eee;

} footer { color: #fff; }

footer h3 {

margin-bottom: 30px; }

footer .footer-above { padding-top: 50px;

background-color: #2c3e50; }

footer .footer-col { margin-bottom: 50px; }

(56)

footer .footer-below { padding: 25px 0;

background-color: #233140; }

.btn-social {

display: inline-block; width: 50px;

height: 50px;

border: 2px solid #fff; border-radius: 100%; text-align: center; font-size: 20px; line-height: 45px; }

.btn:focus, .btn:active, .btn.active { outline: 0; }

.scroll-top { z-index: 1049; position: fixed; right: 2%; bottom: 2%; width: 50px; height: 50px; }

.scroll-top .btn { width: 50px; height: 50px;

border-radius: 100%; font-size: 20px; line-height: 28px; }

.scroll-top .btn:focus { outline: 0;

(57)

}

.portfolio-modal .modal-content { padding: 100px 0;

min-height: 100%; border: 0;

border-radius: 0; text-align: center;

background-clip: border-box; -webkit-box-shadow: none; box-shadow: none;

}

.portfolio-modal .modal-content h2 { margin: 0;

font-size: 2em; }

.portfolio-modal .modal-content img { margin-bottom: 30px;

}

.portfolio-modal .modal-content .item-details { margin: 30px 0;

}

.portfolio-modal .close-modal { position: absolute;

top: 25px; right: 25px; width: 75px; height: 75px;

background-color: transparent; cursor: pointer;

}

.portfolio-modal .close-modal:hover { opacity: .3;

}

.portfolio-modal .close-modal .lr { z-index: 1051;

(58)

width: 10px; height: 75px; margin-left: 35px; background-color: red;

-webkit-transform: rotate(45deg); -ms-transform: rotate(45deg); transform: rotate(45deg); }

.portfolio-modal .close-modal .lr .rl { z-index: 1052;

width: 10px; height: 75px;

background-color: red;

-webkit-transform: rotate(90deg); -ms-transform: rotate(90deg); transform: rotate(90deg); }

.portfolio-modal .modal-backdrop { display: none;

opacity: 0; }

7. Index.php

<?php /**

* Simple Machines Forum (SMF) *

* @package SMF

* @license http://www.simplemachines.org/about/smf/license.php BSD *

* @version 2.0.11 */

/* This, as you have probably guessed, is the crux on which SMF functions.

Everything should start here, so all the setup and security is done properly. The most interesting part of this file is the action array in the smf_main() function. It is formatted as so:

(59)

'action-in-url' => array('Source-File.php', 'FunctionToCall'), Then, you can access the FunctionToCall() function from Source-File.php

with the URL index.php?action=action-in-url. Relatively simple, no? */

$forum_version = 'SMF 2.0.11'; @ini_set('memory_limit', '128M'); // Get everything started up... define('SMF', 1);

if (function_exists('set_magic_quotes_runtime')) @set_magic_quotes_runtime(0);

error_reporting(defined('E_STRICT') ? E_ALL | E_STRICT : E_ALL); $time_start = microtime();

// This makes it so headers can be sent! ob_start();

// Do some cleaning, just in case.

foreach (array('db_character_set', 'cachedir') as $variable) if (isset($GLOBALS[$variable]))

unset($GLOBALS[$variable], $GLOBALS[$variable]); // Load the settings...

require_once(dirname(__FILE__) . '/Settings.php'); // Make absolutely sure the cache directory is defined.

if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache'))

$cachedir = $boarddir . '/cache'; // And important includes.

require_once($sourcedir . '/QueryString.php'); require_once($sourcedir . '/Subs.php');

require_once($sourcedir . '/Errors.php'); require_once($sourcedir . '/Load.php'); require_once($sourcedir . '/Security.php'); // Using an pre-PHP 5.1 version?

(60)

if (@version_compare(PHP_VERSION, '5.1') == -1) require_once($sourcedir . '/Subs-Compat.php');

// If $maintenance is set specifically to 2, then we're upgrading or something. if (!empty($maintenance) && $maintenance == 2)

db_fatal_error();

// Create a variable to store some SMF specific functions in. $smcFunc = array();

// Initate the database connection and define some database functions to use. loadDatabase();

// Load the settings from the settings table, and perform operations like optimizing.

reloadSettings();

// Clean the request variables, add slashes, etc. cleanRequest();

$context = array();

// Seed the random generator.

if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69) smf_seed_generator();

// Before we get carried away, are we doing a scheduled task? If so save CPU cycles by jumping out!

if (isset($_GET['scheduled'])) {

require_once($sourcedir . '/ScheduledTasks.php'); AutoTask();

}

// Check if compressed output is enabled, supported, and not already being done.

if (!empty($modSettings['enableCompressedOutput']) && !headers_sent()) {

// If zlib is being used, turn off output compression. if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler' ||

@version_compare(PHP_VERSION, '4.2.0') == -1)

$modSettings['enableCompressedOutput'] = '0'; else

(61)

{

ob_end_clean();

ob_start('ob_gzhandler'); }

}

// Emit some headers for some modicum of protection against nasties. if (!headers_sent())

{

// Future versions will make some of this configurable. This is primarily a 'safe' configuration for most cases for now.

header('X-Frame-Options: SAMEORIGIN'); header('X-XSS-Protection: 1');

header('X-Content-Type-Options: nosniff'); }

// Register an error handler. set_error_handler('error_handler');

// Start the session. (assuming it hasn't already been.) loadSession();

// Determine if this is using WAP, WAP2, or imode. Technically, we should check that wap comes before application/xhtml or text/html, but this doesn't work in practice as much as it should.

if (isset($_REQUEST['wap']) || isset($_REQUEST['wap2']) || isset($_REQUEST['imode']))

unset($_SESSION['nowap']); elseif (isset($_REQUEST['nowap'])) $_SESSION['nowap'] = true; elseif (!isset($_SESSION['nowap'])) {

if (isset($_SERVER['HTTP_ACCEPT']) &&

strpos($_SERVER['HTTP_ACCEPT'], 'application/vnd.wap.xhtml+xml') !== false)

$_REQUEST['wap2'] = 1;

elseif (isset($_SERVER['HTTP_ACCEPT']) &&

strpos($_SERVER['HTTP_ACCEPT'], 'text/vnd.wap.wml') !== false) {

if (strpos($_SERVER['HTTP_USER_AGENT'], 'DoCoMo/') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'portalmmm/') !== false)

(62)

$_REQUEST['imode'] = 1; else

$_REQUEST['wap'] = 1; }

}

if (!defined('WIRELESS'))

define('WIRELESS', isset($_REQUEST['wap']) || isset($_REQUEST['wap2']) || isset($_REQUEST['imode'])); // Some settings and headers are different for wireless protocols. if (WIRELESS)

{

define('WIRELESS_PROTOCOL', isset($_REQUEST['wap']) ? 'wap' : (isset($_REQUEST['wap2']) ? 'wap2' : (isset($_REQUEST['imode']) ? 'imode' : '')));

// Some cellphones can't handle output compression... $modSettings['enableCompressedOutput'] = '0'; // !!! Do we want these hard coded?

$modSettings['defaultMaxMessages'] = 5; $modSettings['defaultMaxTopics'] = 9; // Wireless protocol header.

if (WIRELESS_PROTOCOL == 'wap')

header('Content-Type: text/vnd.wap.wml'); }

// Restore post data if we are revalidating OpenID. if (isset($_GET['openid_restore_post']) &&

!empty($_SESSION['openid']['saved_data'][$_GET['openid_restore_post']]['p ost']) && empty($_POST))

{

$_POST =

$_SESSION['openid']['saved_data'][$_GET['openid_restore_post']]['post']; unset($_SESSION['openid']['saved_data'][$_GET['openid_restore_pos t']]);

}

// What function shall we execute? (done like this for memory's sake.) call_user_func(smf_main());

(63)

// Call obExit specially; we're coming from the main area ;). obExit(null, null, true);

// The main controlling function. function smf_main()

{

global $modSettings, $settings, $user_info, $board, $topic, $board_info, $maintenance, $sourcedir;

// Special case: session keep-alive, output a transparent pixel. if (isset($_GET['action']) && $_GET['action'] == 'keepalive') {

header('Content-Type: image/gif');

die("\x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00\x00\x0 0\x00\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00\x00\x2C\x00\x00\x00\x00\ x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");

}

// Load the user's cookie (or set as guest) and load their settings. loadUserSettings();

// Load the current board's information. loadBoard();

// Load the current user's permissions. loadPermissions();

// Attachments don't require the entire theme to be loaded. if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach' && (!empty($modSettings['allow_guestAccess']) && $user_info['is_guest']))

detectBrowser();

// Load the current theme. (note that ?theme=1 will also work, may be used for guest theming.)

else

loadTheme();

// Check if the user should be disallowed access. is_not_banned();

(64)

// If we are in a topic and don't have permission to approve it then duck out now.

if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] !=

$board_info['cur_topic_starter'] || $user_info['is_guest'])) fatal_lang_error('not_a_topic', false);

// Do some logging, unless this is an attachment, avatar, toggle of editor buttons, theme option, XML feed etc.

if (empty($_REQUEST['action']) || !in_array($_REQUEST['action'], array('dlattach', 'findmember', 'jseditor', 'jsoption', 'requestmembers', 'smstats', '.xml', 'xmlhttp', 'verificationcode', 'viewquery', 'viewsmfile')))

{

// Log this user as online. writeLog();

// Track forum statistics and hits...? if (!empty($modSettings['hitStats']))

trackStats(array('hits' => '+')); }

// Is the forum in maintenance mode? (doesn't apply to administrators.) if (!empty($maintenance) && !allowedTo('admin_forum'))

{

// You can only login.... otherwise, you're getting the "maintenance mode" display.

if (isset($_REQUEST['action']) && ($_REQUEST['action'] == 'login2' || $_REQUEST['action'] == 'logout'))

{

require_once($sourcedir . '/LogInOut.php');

return $_REQUEST['action'] == 'login2' ? 'Login2' : 'Logout';

}

// Don't even try it, sonny. else

{

require_once($sourcedir . '/Subs-Auth.php'); return 'InMaintenance';

} }

// If guest access is off, a guest can only do one of the very few following actions.

(65)

elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) ||

!in_array($_REQUEST['action'], array('coppa', 'login', 'login2', 'register', 'register2', 'reminder', 'activate', 'help', 'smstats', 'mailq', 'verificationcode', 'openidreturn'))))

{

require_once($sourcedir . '/Subs-Auth.php'); return 'KickGuest';

}

elseif (empty($_REQUEST['action'])) {

// Action and board are both empty... BoardIndex! if (empty($board) && empty($topic))

{

require_once($sourcedir . '/BoardIndex.php'); return 'BoardIndex';

}

// Topic is empty, and action is empty.... MessageIndex! elseif (empty($topic))

{

require_once($sourcedir . '/MessageIndex.php'); return 'MessageIndex';

}

// Board is not empty... topic is not empty... action is empty.. Display!

else {

require_once($sourcedir . '/Display.php'); return 'Display';

} }

// Here's the monstrous $_REQUEST['action'] array - $_REQUEST['action'] => array($file, $function).

$actionArray = array(

'activate' => array('Register.php', 'Activate'), 'admin' => array('Admin.php', 'AdminMain'), 'announce' => array('Post.php', 'AnnounceTopic'), 'attachapprove' => array('ManageAttachments.php', 'ApproveAttach'),

'buddy' => array('Subs-Members.php', 'BuddyListToggle'), 'calendar' => array('Calendar.php', 'CalendarMain'),

(66)

'clock' => array('Calendar.php', 'clock'),

'collapse' => array('BoardIndex.php', 'CollapseCategory'), 'coppa' => array('Register.php', 'CoppaForm'),

'credits' => array('Who.php', 'Credits'),

'deletemsg' => array('RemoveTopic.php', 'DeleteMessage'), 'display' => array('Display.php', 'Display'),

'dlattach' => array('Display.php', 'Download'), 'editpoll' => array('Poll.php', 'EditPoll'), 'editpoll2' => array('Poll.php', 'EditPoll2'),

'emailuser' => array('SendTopic.php', 'EmailUser'), 'findmember' => array('Subs-Auth.php', 'JSMembers'), 'groups' => array('Groups.php', 'Groups'),

'help' => array('Help.php', 'ShowHelp'),

'helpadmin' => array('Help.php', 'ShowAdminHelp'), 'im' => array('PersonalMessage.php', 'MessageMain'), 'jseditor' => array('Subs-Editor.php', 'EditorMain'), 'jsmodify' => array('Post.php', 'JavaScriptModify'), 'jsoption' => array('Themes.php', 'SetJavaScript'), 'lock' => array('LockTopic.php', 'LockTopic'), 'lockvoting' => array('Poll.php', 'LockVoting'), 'login' => array('LogInOut.php', 'Login'), 'login2' => array('LogInOut.php', 'Login2'), 'logout' => array('LogInOut.php', 'Logout'),

'markasread' => array('Subs-Boards.php', 'MarkRead'), 'mergetopics' => array('SplitTopics.php', 'MergeTopics'), 'mlist' => array('Memberlist.php', 'Memberlist'),

'moderate' => array('ModerationCenter.php', 'ModerationMain'),

'modifycat' => array('ManageBoards.php', 'ModifyCat'), 'modifykarma' => array('Karma.php', 'ModifyKarma'), 'movetopic' => array('MoveTopic.php', 'MoveTopic'), 'movetopic2' => array('MoveTopic.php', 'MoveTopic2'), 'notify' => array('Notify.php', 'Notify'),

'notifyboard' => array('Notify.php', 'BoardNotify'), 'openidreturn' => array('Subs-OpenID.php',

'smf_openID_return'),

'pm' => array('PersonalMessage.php', 'MessageMain'), 'post' => array('Post.php', 'Post'),

'post2' => array('Post.php', 'Post2'),

'printpage' => array('Printpage.php', 'PrintTopic'), 'profile' => array('Profile.php', 'ModifyProfile'), 'quotefast' => array('Post.php', 'QuoteFast'),

(67)

'quickmod' => array('MessageIndex.php', 'QuickModeration'), 'quickmod2' => array('Display.php',

'QuickInTopicModeration'),

'recent' => array('Recent.php', 'RecentPosts'), 'register' => array('Register.php', 'Register'), 'register2' => array('Register.php', 'Register2'), 'reminder' => array('Reminder.php', 'RemindMe'), 'removepoll' => array('Poll.php', 'RemovePoll'),

'removetopic2' => array('RemoveTopic.php', 'RemoveTopic2'), 'reporttm' => array('SendTopic.php', 'ReportToModerator'), 'requestmembers' => array('Subs-Auth.php',

'RequestMembers'),

'restoretopic' => array('RemoveTopic.php', 'RestoreTopic'), 'search' => array('Search.php', 'PlushSearch1'),

'search2' => array('Search.php', 'PlushSearch2'), 'sendtopic' => array('SendTopic.php', 'EmailUser'), 'smstats' => array('Stats.php', 'SMStats'),

'suggest' => array('Subs-Editor.php', 'AutoSuggestHandler'), 'spellcheck' => array('Subs-Post.php', 'SpellCheck'),

'splittopics' => array('SplitTopics.php', 'SplitTopics'), 'stats' => array('Stats.php', 'DisplayStats'),

'sticky' => array('LockTopic.php', 'Sticky'), 'theme' => array('Themes.php', 'ThemesMain'), 'trackip' => array('Profile-View.php', 'trackIP'),

'about:mozilla' => array('Karma.php', 'BookOfUnknown'), 'about:unknown' => array('Karma.php', 'BookOfUnknown'), 'unread' => array('Recent.php', 'UnreadTopics'),

'unreadreplies' => array('Recent.php', 'UnreadTopics'),

'verificationcode' => array('Register.php', 'VerificationCode'), 'viewprofile' => array('Profile.php', 'ModifyProfile'),

'vote' => array('Poll.php', 'Vote'),

'viewquery' => array('ViewQuery.php', 'ViewQuery'), 'viewsmfile' => array('Admin.php', 'DisplayAdminFile'), 'who' => array('Who.php', 'Who'),

'.xml' => array('News.php', 'ShowXmlFeed'), 'xmlhttp' => array('Xml.php', 'XMLhttpMain'), );

// Allow modifying $actionArray easily.

(68)

// Get the function and file to include - if it's not there, do the board index.

if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']]))

{

// Catch the action with the theme? if (!empty($settings['catch_action'])) {

require_once($sourcedir . '/Themes.php'); return 'WrapAction';

}

// Fall through to the board index then... require_once($sourcedir . '/BoardIndex.php'); return 'BoardIndex';

}

// Otherwise, it was set - so let's go to that action. require_once($sourcedir . '/' .

$actionArray[$_REQUEST['action']][0]);

return $actionArray[$_REQUEST['action']][1]; }

8. Register

<?php /**

* Simple Machines Forum (SMF) *

* @package SMF

* @license http://www.simplemachines.org/about/smf/license.php BSD *

* @version 2.0.7 */

if (!defined('SMF'))

(69)

/* This file has two main jobs, but they really are one. It registers new members, and it helps the administrator moderate member

registrations.

Similarly, it handles account activation as well. void Register()

// !!! void Register2()

// !!! void Activate()

// !!! void CoppaForm()

// !!!

void VerificationCode()

// Show the verification code or let it hear. void RegisterCheckUsername()

// !!! */

// Begin the registration process.

function Register($reg_errors = array()) {

global $txt, $boarddir, $context, $settings, $modSettings, $user_info; global $language, $scripturl, $smcFunc, $sourcedir, $smcFunc, $cur_profile;

// Is this an incoming AJAX check?

if (isset($_GET['sa']) && $_GET['sa'] == 'usernamecheck') return RegisterCheckUsername();

// Check if the administrator has it disabled.

if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 3)

(70)

// If this user is an admin - redirect them to the admin registration page.

if (allowedTo('moderate_forum') && !$user_info['is_guest']) redirectexit('action=admin;area=regcenter;sa=register');

// You are not a guest, so you are a member - and members don't get to register twice!

elseif (empty($user_info['is_guest'])) redirectexit();

loadLanguage('Login'); loadTemplate('Register');

// Do we need them to agree to the registration agreement, first? $context['require_agreement'] =

!empty($modSettings['requireAgreement']);

$context['registration_passed_agreement'] = !empty($_SESSION['registration_agreed']);

$context['show_coppa'] = !empty($modSettings['coppaAge']); // Under age restrictions?

if ($context['show_coppa']) {

$context['skip_coppa'] = false; $context['coppa_agree_above'] =

sprintf($txt['agreement_agree_coppa_above'], $modSettings['coppaAge']); $context['coppa_agree_below'] =

sprintf($txt['agreement_agree_coppa_below'], $modSettings['coppaAge']); }

// What step are we at?

$current_step = isset($_REQUEST['step']) ? (int) $_REQUEST['step'] : ($context['require_agreement'] ? 1 : 2);

// Does this user agree to the registation agreement?

if ($current_step == 1 && (isset($_POST['accept_agreement']) || isset($_POST['accept_agreement_coppa'])))

{

$context['registration_passed_agreement'] = $_SESSION['registration_agreed'] = true;

$current_step = 2;

(71)

if ($context['show_coppa']) {

$_SESSION['skip_coppa'] = !empty($_POST['accept_agreement']);

// Are they saying they're under age, while under age registration is disabled?

if (empty($modSettings['coppaType']) && empty($_SESSION['skip_coppa']))

{

loadLanguage('Login');

fatal_lang_error('under_age_registration_prohibited', false, array($modSettings['coppaAge']));

} }

}

// Make sure they don't squeeze through without agreeing. elseif ($current_step > 1 && $context['require_agreement'] && !$context['registration_passed_agreement'])

$current_step = 1; // Show the user the right form.

$context['sub_template'] = $current_step == 1 ? 'registration_agreement' : 'registration_form';

$context['page_title'] = $current_step == 1 ? $txt['registration_agreement'] : $txt['registration_form'];

// Add the register chain to the link tree. $context['linktree'][] = array(

'url' => $scripturl . '?action=register', 'name' => $txt['register'],

);

// If you have to agree to the agreement, it needs to be fetched from the file.

if ($context['require_agreement']) {

// Have we got a localized one?

if (file_exists($boarddir . '/agreement.' . $user_info['language'] . '.txt'))

(72)

$context['agreement'] =

parse_bbc(file_get_contents($boarddir . '/agreement.' . $user_info['language'] . '.txt'), true, 'agreement_' . $user_info['language']);

elseif (file_exists($boarddir . '/agreement.txt')) $context['agreement'] =

parse_bbc(file_get_contents($boarddir . '/agreement.txt'), true, 'agreement'); else

$context['agreement'] = ''; }

if (!empty($modSettings['userLanguage'])) {

$selectedLanguage = empty($_SESSION['language']) ? $language : $_SESSION['language'];

// Do we have any languages? if (empty($context['languages']))

getLanguages();

// Try to find our selected language.

foreach ($context['languages'] as $key => $lang) {

$context['languages'][$key]['name'] = strtr($lang['name'], array('-utf8' => ''));

// Found it!

if ($selectedLanguage == $lang['filename'])

$context['languages'][$key]['selected'] = true; }

}

// Any custom fields we want filled in? require_once($sourcedir . '/Profile.php'); loadCustomFields(0, 'register');

// Or any standard ones?

if (!empty($modSettings['registration_fields'])) {

require_once($sourcedir . '/Profile-Modify.php'); // Setup some important context.

(73)

loadTemplate('Profile');

$context['user']['is_owner'] = true;

// Here, and here only, emulate the permissions the user would have to do this.

$user_info['permissions'] =

array_merge($user_info['permissions'], array('profile_account_own', 'profile_extra_own'));

$reg_fields = explode(',', $modSettings['registration_fields']); // We might have had some submissions on this front - go check.

foreach ($reg_fields as $field) if (isset($_POST[$field]))

$cur_profile[$field] = $smcFunc['htmlspecialchars']($_POST[$field]);

// Load all the fields in question. setupProfileContext($reg_fields); }

// Generate a visual verification code to make sure the user is no bot. if (!empty($modSettings['reg_verification']))

{

require_once($sourcedir . '/Subs-Editor.php'); $verificationOptions = array(

'id' => 'register', );

$context['visual_verification'] = create_control_verification($verificationOptions);

$context['visual_verification_id'] = $verificationOptions['id']; }

// Otherwise we have nothing to show. else

$context['visual_verification'] = false; // Are they coming from an OpenID login attempt? if (!empty($_SESSION['openid']['verified']) && !empty($_SESSION['openid']['openid_uri']))

{

(1)

SELECT last_login

FROM {db_prefix}members

WHERE id_member = {int:id_member} AND last_login = 0',

array(

'id_member' => $user_info['id'], )

);

if ($smcFunc['db_num_rows']($request) == 1) $_SESSION['first_login'] = true; else

unset($_SESSION['first_login']); $smcFunc['db_free_result']($request); // You've logged in, haven't you?

updateMemberData($user_info['id'], array('last_login' => time(), 'member_ip' => $user_info['ip'], 'member_ip2' =>

$_SERVER['BAN_CHECK_IP']));

// Get rid of the online entry for that old guest.... $smcFunc['db_query']('', '

DELETE FROM {db_prefix}log_online WHERE session = {string:session}', array(

'session' => 'ip' . $user_info['ip'], )

);

$_SESSION['log_time'] = 0;

// Just log you back out if it's in maintenance mode and you AREN'T an admin.

if (empty($maintenance) || allowedTo('admin_forum')) redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);

else

redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);

}

// Log the user out.

function Logout($internal = false, $redirect = true) {

(2)

global $sourcedir, $user_info, $user_settings, $context, $modSettings, $smcFunc;

// Make sure they aren't being auto-logged out. if (!$internal)

checkSession('get');

require_once($sourcedir . '/Subs-Auth.php'); if (isset($_SESSION['pack_ftp']))

$_SESSION['pack_ftp'] = null;

// They cannot be open ID verified any longer. if (isset($_SESSION['openid']))

unset($_SESSION['openid']); // It won't be first login anymore. unset($_SESSION['first_login']); // Just ensure they aren't a guest! if (!$user_info['is_guest']) {

// Pass the logout information to integrations. call_integration_hook('integrate_logout', array($user_settings['member_name']));

// If you log out, you aren't online anymore :P. $smcFunc['db_query']('', '

DELETE FROM {db_prefix}log_online WHERE id_member = {int:current_member}', array(

'current_member' => $user_info['id'], )

); }

$_SESSION['log_time'] = 0;

// Empty the cookie! (set it in the past, and for id_member = 0) setLoginCookie(-3600, 0);

(3)

session_destroy();

if (!empty($user_info['id']))

updateMemberData($user_info['id'], array('password_salt' => substr(md5(mt_rand()), 0, 4)));

// Off to the merry board index we go! if ($redirect)

{

if (empty($_SESSION['logout_url']))

redirectexit('', $context['server']['needs_login_fix']); else

{

$temp = $_SESSION['logout_url']; unset($_SESSION['logout_url']); redirectexit($temp,

$context['server']['needs_login_fix']); }

} }

// MD5 Encryption used for older passwords. function md5_hmac($data, $key)

{

$key = str_pad(strlen($key) <= 64 ? $key : pack('H*', md5($key)), 64, chr(0x00));

return md5(($key ^ str_repeat(chr(0x5c), 64)) . pack('H*', md5(($key ^ str_repeat(chr(0x36), 64)) . $data)));

}

// Special encryption used by phpBB3.

function phpBB3_password_check($passwd, $passwd_hash) {

// Too long or too short?

if (strlen($passwd_hash) != 34) return;

// Range of characters allowed. $range =

'./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr stuvwxyz';

(4)

// Tests

$strpos = strpos($range, $passwd_hash[3]); $count = 1 << $strpos;

$count2 = $count;

$salt = substr($passwd_hash, 4, 8); // Things are done differently for PHP 5.

if (@version_compare(PHP_VERSION, '5') >= 0) {

$hash = md5($salt . $passwd, true); for (; $count != 0; --$count)

$hash = md5($hash . $passwd, true); }

else {

$hash = pack('H*', md5($salt . $passwd)); for (; $count != 0; --$count)

$hash = pack('H*', md5($hash . $passwd)); }

$output = substr($passwd_hash, 0, 12); $i = 0;

while ($i < 16) {

$value = ord($hash[$i++]);

$output .= $range[$value & 0x3f]; if ($i < 16)

$value |= ord($hash[$i]) << 8; $output .= $range[($value >> 6) & 0x3f]; if ($i++ >= 16)

break; if ($i < 16)

$value |= ord($hash[$i]) << 16; $output .= $range[($value >> 12) & 0x3f]; if ($i++ >= 16)

(5)

$output .= $range[($value >> 18) & 0x3f]; }

// Return now. return $output; }

// This protects against brute force attacks on a member's password. Importantly even if the password was right we DON'T TELL THEM! function validatePasswordFlood($id_member, $password_flood_value = false, $was_correct = false)

{

global $smcFunc, $cookiename, $sourcedir;

// As this is only brute protection, we allow 5 attempts every 10 seconds.

// Destroy any session or cookie data about this member, as they validated wrong.

require_once($sourcedir . '/Subs-Auth.php'); setLoginCookie(-3600, 0);

if (isset($_SESSION['login_' . $cookiename])) unset($_SESSION['login_' . $cookiename]); // We need a member!

if (!$id_member) {

// Redirect back! redirectexit();

// Probably not needed, but still make sure... fatal_lang_error('no_access', false);

}

// Right, have we got a flood value? if ($password_flood_value !== false)

@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);

// Timestamp or number of tries invalid?

(6)

{

$number_tries = 0; $time_stamp = time(); }

// They've failed logging in already if (!empty($number_tries))

{

// Give them less chances if they failed before $number_tries = $time_stamp < time() - 20 ? 2 : $number_tries;

// They are trying too fast, make them wait longer if ($time_stamp < time() - 10)

$time_stamp = time(); }

$number_tries++; // Broken the law? if ($number_tries > 5)

fatal_lang_error('login_threshold_brute_fail', 'critical');

// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!

updateMemberData($id_member, array('passwd_flood' =>

$was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries)); }

S KOM 1002289 Appendix3

A3. Source Code

1.

Jawab 1

Jawab 2

2.

Shoutbox

3.

Index

8.

Register

Parts

Dokumen yang terkait

S SEJ 0808180 Appendix3

S KOM 1002289 Abstract

S KOM 1002289 Table of Content

S KOM 1002289 Chapter1

S KOM 1002289 Chapter3

S KOM 1002289 Chapter5

S KOM 1002289 Bibliography

S KOM 1002289 Appendix1

S KOM 1002289 Appendix2

S KOM 1205997 Appendix3

Dukungan

Links

S KOM 1002289 Appendix3

A3. Source Code

1.

Jawab 1

Jawab 2

2.

Shoutbox

3.

Index

8.

Register

Parts

Dokumen yang terkait

S SEJ 0808180 Appendix3

S KOM 1002289 Abstract

S KOM 1002289 Table of Content

S KOM 1002289 Chapter1

S KOM 1002289 Chapter3

S KOM 1002289 Chapter5

S KOM 1002289 Bibliography

S KOM 1002289 Appendix1

S KOM 1002289 Appendix2

S KOM 1205997 Appendix3

Dokumen yang Anda mencari sudah siap untuk unduhkan