WARNING:  Do not give your username+password to anyone else.
Do not give your username+password to apps or web sites.
A monitoring app or web site will ONLY need your username+API key.
You can setup an API key from the 'Account'->'User Settings' menu page after you login.
Your miner password should be 'x' and must not use your login password.
"; $pg .= makeForm('')."
User:  Pass:  
"; $pg .= '

or choose one:

'; $pg .= '
'; $pg .= '

Login

'; if (isset($data['data']['error'])) $pg .= "
".$data['data']['error']." - please try again

"; $pg .= makeForm(''); $pg .= "
Username:
Password:
*2nd Authentication:
* Leave blank if you haven't enabled it
 
"; $pg.= '
'; $pg .= '

Register

'; if (isset($data['data']['error'])) $pg .= "
".$data['data']['error']." - please try again

"; $pg .= makeForm(''); $pg .= "
Username:
Email:
Password:
Retype Password:
 

* All fields are required
Your Username can't be a BTC address

Note: your username is upper/lowercase sensitive,
and you must also have upper/lowercase correct on all your miners

" . passrequires() . "
"; $pg.= '
'; $pg .= '

Password Reset

'; $pg .= makeForm(''); $pg .= "
Username:
Email:
 

If you enter the details correctly,
an Email will be sent to you to let you reset your password
"; $pg .= '
'; return $pg; } # function doreg2($data) { if (isset($data['data']['user'])) $user = htmlspecialchars($data['data']['user']); else $user = ''; $pg = '

Registered

'; // $pg .= '
You will receive an email shortly to verify your account'; $pg .= '
Your account is registered and ready to mine.'; $pg .= '
Choose your own worker names in cgminer.'; $pg .= '
Worker names must start with your username and a dot or an underscore'; $pg .= "
e.g. ${user}_worker1 or ${user}.worker7"; return $pg; } # function try_reg($info, $page, $menu, $name, $u) { $disallow = array('/kano/i', '/pool/i', '/kolivas/i'); $user = getparam('user', false); $mail = trim(getparam('mail', false)); $pass = getparam('pass', false); $pass2 = getparam('pass2', false); $data = array(); if (nuem($user)) $data['user'] = ''; else $data['user'] = $user; if (nuem($mail)) $data['mail'] = ''; else $data['mail'] = $mail; $ok = true; if (nuem($user) || nuem($mail) || nuem($pass) || nuem($pass2)) $ok = false; else { if (stripos($mail, 'hotmail') !== false) { $ok = false; $data['error'] = "hotmail not allowed"; } if (safepass($pass) !== true) { $ok = false; $data['error'] = "Password is unsafe"; } elseif ($pass2 != $pass) { $ok = false; $data['error'] = "Passwords don't match"; } $orig = $user; $user = loginStr($orig); if ($user != $orig) { $ok = false; $data['error'] = "Username cannot include '.', '_', '/' or Tab"; $data['user'] = $user; } } if ($ok === true) { foreach ($disallow as $patt) if (preg_match($patt, $user) === 1) { $ok = false; $data['error'] = 'Disallowed username'; break; } } if ($ok === true) { $ans = userReg($user, $mail, $pass); if ($ans['STATUS'] == 'ok') gopage($info, $data, 'doreg2', $page, $menu, $name, $u, true, true, false); else $data['error'] = "Invalid username, password or email address"; } gopage($info, $data, 'doregres', $page, $menu, $name, $u, true, true, false); } # function doreset2($data) { $user = $data['data']['user']; $email = $data['data']['email']; $emailinfo = getOpts($user, emailOptList()); if ($emailinfo['STATUS'] != 'ok') syserror(); $ans = getAtts($user, 'KLastReset.dateexp'); if ($ans['STATUS'] != 'ok') syserror(); // If the last attempt hasn't expired don't do anything but show a fake msg if (!isset($ans['KLastReset.dateexp']) || $ans['KLastReset.dateexp'] == 'Y') { // This line $code = isn't an attempt at security - // it's simply to ensure the username is readable when we get it back $code = bin2hex($data['data']['user']). '_'; // A code that's large enough to not be worth guessing $ran = $ans['STAMP'].$user.$email.rand(100000000,999999999); $hash = hash('md4', $ran); $ans = setAtts($user, array('ua_KReset.str' => $hash, 'ua_KReset.date' => 'now+3600', 'ua_LastReset.date' => 'now+3600')); if ($ans['STATUS'] != 'ok') syserror(); $ok = passReset($email, $code.$hash, zeip(), $emailinfo); if ($ok === false) syserror(); } $pg = '

Reset Sent

'; $pg .= '
An Email has been sent that will allow you to'; $pg .= '
reset your password.'; $pg .= '
If you got your username or email address wrong,'; $pg .= '
you wont get the email.'; return $pg; } # function try_reset($info, $page, $menu, $name, $u) { $user = getparam('user', false); $mail = trim(getparam('mail', false)); $data = array(); if (!nuem($user)) $user = loginStr($user); if (!nuem($user) && !nuem($mail)) { $ans = userSettings($user); if ($ans['STATUS'] == 'ok' && isset($ans['email']) && $ans['email'] == $mail) { $data = array('user' => $user, 'email' => $mail); gopage($info, $data, 'doreset2', $page, $menu, $name, $u, true, true, false); } } gopage($info, $data, 'doregres', $page, $menu, $name, $u, true, true, false); } # function show_reg($info, $page, $menu, $name, $u) { // Slow this right down usleep(1000000); $reg = getparam('Register', false); if ($reg !== NULL) try_reg($info, $page, $menu, $name, $u); else try_reset($info, $page, $menu, $name, $u); } # ?>