Register Page (Email-Referral-Birthday-Capatcha)

This is guide mostly for website tools and code, for example CMS or registration scripts.
There can also be tools.

Moderators: osRose dev team, ospRose dev team, osiRose dev team, Moderators

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby xPrend on Tue Mar 02, 2010 9:03 pm

lmame wrote:Never use addslashes, it's evil ^_^

In combinations with mysql escape not o.0 but in combination with it it's just useless

@choseal
:P you should realy try to inject em it's so funny runnign around with a [gm] name :P give myself acceslevel 300 just to funny for words everybody is like wtf!
Well his code is very messy but you only need real escape no need to double do so you can basicly delete em

i'm wondering why nobody released an Complete register page?
Full secure OOP scripted (Nope i'm not gone make this becaus nobody give respect these days example: viewtopic.php?f=28&t=3889)
User avatar
xPrend
Antares
Antares
 
Posts: 346
Joined: Fri Jul 17, 2009 9:22 am

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby Jorn369 on Fri Mar 05, 2010 12:10 am

lmame wrote:Never use addslashes, it's evil ^_^


There is an other way then ? :? :?:
Do you need a Rose Costum CMS Website .....
I will help you with working on it contact me via pm and i will help you !
Jorn369
Smoulie
Smoulie
 
Posts: 51
Joined: Tue Aug 18, 2009 3:26 pm

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby lmame on Fri Mar 05, 2010 1:02 am

mysql_real_escape_string.
The world is full of love and peace ^_^
Image
User avatar
lmame
Admin
Admin
 
Posts: 8997
Joined: Mon Aug 06, 2007 4:42 pm
Location: July City

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby Choseal on Fri Mar 05, 2010 10:09 am

Jorn369 wrote:
lmame wrote:Never use addslashes, it's evil ^_^


There is an other way then ? :? :?:

We've told you a couple of times now. :roll:

And Xprend, I've tried injections once, on a certain high-ranked server, it gave me some weird results, like:

"Congratulations Choseal"] SET accesslevel = 500 WHERE accountname = Choseal //

Your account has been created!"

-or something along those lines. :lol:
Choseal
Electric Ghost
Electric Ghost
 
Posts: 837
Joined: Fri Jan 09, 2009 6:40 pm

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby xPrend on Fri Mar 05, 2010 6:49 pm

Choseal wrote:
Jorn369 wrote:
lmame wrote:Never use addslashes, it's evil ^_^


There is an other way then ? :? :?:

We've told you a couple of times now. :roll:

And Xprend, I've tried injections once, on a certain high-ranked server, it gave me some weird results, like:

"Congratulations Choseal"] SET accesslevel = 500 WHERE accountname = Choseal //

Your account has been created!"

-or something along those lines. :lol:

Not sure xD abouth this one just check out xD (anyway Evil! :twisted:)
User avatar
xPrend
Antares
Antares
 
Posts: 346
Joined: Fri Jul 17, 2009 9:22 am

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby naruto7 on Wed Mar 28, 2012 12:08 am

i see 1 problem with this code
their is nothing telling it where the database is located like i have my website on 1 server but my database for the game is located on another computer so it needs to know where its sending the account info to so it can be stored in the table
Administrator / Developer of Imperialism Online
Image
http://imperialism.606h.net
User avatar
naruto7
Smoulie
Smoulie
 
Posts: 43
Joined: Thu Mar 15, 2012 1:05 pm

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby Mark on Wed Mar 28, 2012 10:08 am

naruto7 wrote:i see 1 problem with this code
their is nothing telling it where the database is located like i have my website on 1 server but my database for the game is located on another computer so it needs to know where its sending the account info to so it can be stored in the table


Wow talk about a Necro Post or what :D

Anyways, the parts in red are the parts that connect to the database, an existing sql connection would already be in place from the very 1st page ( index.php)

  1. <?php
  2. if(isset($_POST['submit'])) {
  3. if(!$_POST['user'] || !$_POST['pass1'] || !$_POST['pass2']) {
  4. die('You must fill in all of the feilds!!!<BR>');
  5. }
  6. if(!get_magic_quotes_gpc()) {
  7. $user = addslashes($_POST['user']);
  8. $pass = md5($_POST['pass1']);
  9. $email= $_POST['email'];
  10. } else {
  11. $user = $_POST['user'];
  12. $pass = md5($_POST['pass1']);
  13. $email= $_POST['email'];
  14. }
  15. $pass2 = md5($_POST['pass2']);
  16. $user2 = mysql_real_escape_string($user);
  17. $check = mysql_query("SELECT * FROM accounts WHERE username = '$user2'");
  18. $check2 = mysql_num_rows($check);
  19. if($check2 != '0') {
  20. die("Username: '".$user."' is in use!");
  21. }
  22. if($pass != $pass2) {
  23. die('Passwords dont match!');
  24. }
  25. $email2 = mysql_real_escape_string($email);
  26. $check3 = mysql_query("SELECT * FROM accounts WHERE email = '$email2'");
  27. $check4 = mysql_num_rows($check3);
  28. if($check4 != '0') {
  29. die("Email-Adress: '".$email."' is in use!");
  30. }
  31. $pass3 = mysql_real_escape_string($pass);
  32. $ref2 = mysql_real_escape_string($ref);
  33. $insert_member = mysql_query("INSERT INTO accounts (username, password, email, ref) VALUES ('$user2', '$pass3', '$email2', '$ref2' '1')");
  34. if($insert_member) {
  35. echo("<p class='b01'>Registration Complete! <a href=?op=home>Click here</a>");
  36. } else {
  37. echo("<p class='b01'>Registration Failed!</p>");
  38. }}
  39. ?>


Obviously if there any tables missing or required in the sql table itself, then simply add them in so that the script can "dump" the info it needs to into the right place's.

Also I think the line highlighted in blue:
  1. $user =addslashes($_POST['user']);


Should be like this maybe:
  1. $user = mysql_real_escape_string($_POST['user']);
Administrator / Coder for EutopiaRose Online
Image
http://www.eutopiarose.co.uk
User avatar
Mark
Rackie
Rackie
 
Posts: 176
Joined: Tue Dec 13, 2011 8:15 am
Location: Sunny England

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby naruto7 on Wed Mar 28, 2012 11:36 am

i was refering to connection info for it like
user:
pass:
database:
Host:
Administrator / Developer of Imperialism Online
Image
http://imperialism.606h.net
User avatar
naruto7
Smoulie
Smoulie
 
Posts: 43
Joined: Thu Mar 15, 2012 1:05 pm

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby xadet3 on Wed Mar 28, 2012 12:06 pm

There's a dangerous precedent I've been noticing lately since the community died a fair bit, people are expecting things done for them constantly, usually for quite easy things to find out too, you need to learn for yourselves. It's looking to me as if once every knowledgeable person moves on from ROSE, this community will be royally screwed.

If you look at the PHP docs you'll find every thing you need to answer your question, instantly.
xadet3
Pero pero
Pero pero
 
Posts: 727
Joined: Tue Jan 08, 2008 11:51 pm
Location: Norwich, England.

Re: Register Page (Email-Referral-Birthday-Capatcha)

Postby Mark on Wed Mar 28, 2012 1:04 pm

+1 Xadet, I'm getting fed up of having to answer the most basic of things which can be found out, not only through searching on these forums but a simple google search on "how to connect to an sql database using php" would suffice. I mean Common sense does not seem to be prevailing here at all, and yeah like you say, ultimately when the ROSE community becomes Ancient news and is almost gone, anyone searching for knowledge on what to do or how to do it, wont be able to access this on a 1 to 1 communication basis.

I mean fair enough iv'e had my own questions and yeah they may have been basic, but after lots of reading and studying not only forum posts here but using readily available web tools that anyone can access, iv'e learned so much and whats even better is the learning never stops.
Administrator / Coder for EutopiaRose Online
Image
http://www.eutopiarose.co.uk
User avatar
Mark
Rackie
Rackie
 
Posts: 176
Joined: Tue Dec 13, 2011 8:15 am
Location: Sunny England

PreviousNext

Return to PHP / Web Guides, Scripts and tools.

Who is online

Users browsing this forum: No registered users and 10 guests