Diantonix Posted March 22, 2011 Share Posted March 22, 2011 Config: <?php $port = "3306"; $host = ""; $user = ""; $pass = ""; $characters = ""; $auth = ""; $cod = 'utf8'; ?> Register <?php $realmd = array( 'db_host'=> 'localhost', // Host IP 'db_username' => 'root', // Database login-name 'db_password' => 'mangos', // Database login-pass 'db_name_realm'=> 'realmd', // Database name of realm ); function check_for_symbols($string) { $len=strlen($string); $allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; for($i=0;$i<$len;$i++)if(!strstr($allowed_chars,$string[$i])) return TRUE; return FALSE; } function sha_password($user,$pass) { $user = strtoupper($user); $pass = strtoupper($pass); return SHA1($user.':'.$pass); } if ($realmd[db_host] != "" && $realmd[db_username] != "" && $realmd[db_password] != "" && $realmd[db_name_realm] != "") { $new_connect = mysql_connect($realmd[db_host],$realmd[db_username],$realmd[db_password]); if ($new_connect) $selectdb = mysql_select_db($realmd[db_name_realm],$new_connect); else { echo "Could NOT connect to db: Configs (Name/Pass/Port/IP) are incorrect"; die; } if ($new_connect && !$selectdb) { echo "Could NOT connect to db: Database does not exist!"; die; } if ($_POST['registration']) { $username = $_POST['username']; $password = sha_password($username,$_POST['password']); $expansionnumber = $_POST['expansion']; $check_username = mysql_query("SELECT username FROM `account` WHERE username='$username'"); if ($username == "") { echo "Field username is empty!"; } else if ($password == "") { echo "Field password is empty!"; } else if (check_for_symbols($_POST[password]) == TRUE) { echo "Error with creating account: password has invalid symbols in it."; } else if (check_for_symbols($username) == TRUE) { echo "Error with creating account: username has invalid symbols in it."; } else if (mysql_num_rows($check_username) != 0) { echo "Error with creating account: name is already in use."; } else { $username = mysql_real_escape_string($username); mysql_query("INSERT INTO account (username,sha_pass_hash,expansion) VALUES ('$username','$password','$expansionnumber')"); if (mysql_error) echo mysql_errno($new_connect) . ": " . mysql_error($new_connect). "\n"; else { echo "Account created."; mysql_close($new_connect); } } } else { ?> <html> <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST"> Username <input type="text" name="username"> Password <input type="password" name="password"> Expansion Selection<select name="expansion"> <option value="1">Vanilla</option> <option value="2">TBC</option> <option value="3">WotLK</option> </select> <input type="submit" name="registration"> </form> </html> <?php } } else echo "Config file either not present or connection variables are empty"; ?> Top honor: <?php include ("config.php"); $connect = mysql_connect($host,$user,$pass) OR DIE("'Can't connect with $host"); mysql_select_db($characters,$connect) or die(mysql_error()); $result = mysql_query("SELECT * FROM `characters` ORDER BY `totalKills` DESC LIMIT 0 , 100 "); ?> <font color=#000000> <table align=center cellpadding="0" cellspacing="0" border="1" width=100%> <thead> <td width="4%"><center>Nº</center></td> <td width="16%"><center>Character Name</center></td> <td width="4%"><center>level</center></td> <td width="5%"><center>Honor</center></td> <td width="4%"><center>Kills</center></td> </thead> <tbody> <?php while($rows = mysql_fetch_object($result)) { $i++; $name = $rows->name; $level = $rows->level; $Total_Kills = $rows->totalKills; $Total_Honor = $rows->totalHonorPoints; echo " <tr> <td><center>",$i,"</center></td> <td><i>",$name,"</i></td> <td><center>",$level,"</center></td> <td><center>",$Total_Honor,"</center></td> <td><center>",$Total_Kills,"</center></td> </tr>"; } mysql_close($characters); ?> Arena Top: <html> <head> <title>Top Arena</title> <style> body { background: #000000; color: #8f7e4b; font: 10pt tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; margin: 0px 0px 0px 0px; padding: 0px; text-align: center; } a:link { color: #d4c8a2; text-decoration: none; } a:visited { color: #d4c8a2; text-decoration: none; } a:hover, a:active { color: #FFFFFF; text-decoration: none; } </style> </head> <body> <? include ("config.php"); $j=1; $teamType = array( '2' => '2x2', '3' => '3x3', '5' => '5x5' ); $connect = mysql_connect($host,$user,$pass) OR DIE("'Can't connect with $host"); mysql_select_db($characters,$connect) or die(mysql_error()); mysql_query("SET NAMES '$cod'"); if(!isset($_GET['guid'])){ $sql = mysql_query("SELECT * FROM `arena_team` ORDER by `name`"); echo "<center><table border=1 width=70%> <tr> <td>Team Name</td> <td align=center>Command Type</td> <td align=center><center>Team Leader</center></td> <td>Faction</td> <td align=center>Rating</td> </tr>"; while ($row = mysql_fetch_array($sql)){ $query_num = mysql_query("SELECT COUNT(*) FROM `arena_team_member` WHERE `arenateamid`='$row[arenateamid]'"); $gleader = "SELECT name,race FROM `characters` WHERE `guid`='$row[captainguid]'"; $myrow = mysql_fetch_array(mysql_query($gleader)); $top = mysql_query("SELECT * FROM `arena_team_stats` WHERE `arenateamid`='$row[arenateamid]'"); $toprow = mysql_fetch_array($top); if($myrow['race']=="1" or $myrow['race']=="3" or $myrow['race']=="4" or $myrow['race']=="7" or $myrow['race']=="11"){ $faction = "alliance"; }else{ $faction = "horde";} echo " <tr> <td > <p style='padding-left: 5px'><a href='?guid=".$row[arenateamid]."' >".$row['name']."</a></p> </td> <td align=center><center>".$teamType[$row['type']]."</center></td> <td><a href=".$wowd."/index.php?player=".$row[captainguid].">".$myrow['name']."</a></td> <td align=center><center><img src=images/".$faction.".gif title=".$faction."></center></td> <td align=right><p style='padding-right: 8px'>".$toprow['rating']."</p></td></tr>"; } echo "</table></center><br><br>"; } if (@$_GET['guid'] ) { $name = "SELECT * FROM `arena_team` WHERE `arenateamid`='$_GET[guid]'"; $nrow = mysql_fetch_array(mysql_query($name)); $top = "SELECT * FROM `arena_team_stats` WHERE `arenateamid`='$_GET[guid]'"; $trow = mysql_fetch_array(mysql_query($top)); $member = "SELECT * FROM `arena_team_member` WHERE `arenateamid`='$_GET[guid]'"; $mrow = mysql_fetch_array(mysql_query($member)); $sql = mysql_query("SELECT * FROM `characters`, `arena_team_member` WHERE `characters`.`guid`=`arena_team_member`.`guid` and `arenateamid` = '".$_GET["guid"]."' "); $row = mysql_fetch_array($sql); $data = explode(' ',$row['data']); $lvl = $data[$ver]; $gender = dechex($data[36]); $gender = str_pad($gender,8, 0, STR_PAD_LEFT); $gender = $gender{3}; $guid = $row['guid']; $race = $row['race']; $class = $row['class']; $online = $row['online']; $j=1; echo "<center> <table border=0 width=60%> <tr> <td> <table border=1 width=100%> <tr><td>Team Name</td><td >".$nrow['name']."</td></tr> <tr><td>Rating</td><td >".$trow['rating']."</td></tr> <tr><td>Command Type</td><td >".$teamType[$nrow['type']]."</td></tr> <tr><td colspan=2 >Statistics of the Week</td></tr> <tr><td>Played: ".$trow['games']."</td><td >Won: ".$trow['wins']."</td></tr> <tr><td colspan=2 >Stats</td></tr> <tr><td>Played: ".$trow['played']."</td><td >Won: ".$trow['wins2']."</td></tr> </table> "; echo "<table border=1 width=100%> <tr> <td align=center>#</td> <td align=center>Nombre del Jugador</td> <td align=center>lvl</td> <td align=center>Raza</td> <td align=center>Clase</td> <td align=center>Game of the Week</td> <td align=center>Won week</td> <td align=center>Games for the season</td> <td align=center>Won season</td> <td align=center>Personal rating</td> <td align=center>Online</td> </tr> "; echo "<tr> <td valign=center width=3%>$j</td> <td align=center valign=center width=20%><a href='/wow/wowd/?player=".$guid."' style='color: #ff9900; font-family : Geneva; text-decoration : none;'>".$row[name]."</a></td> <td width=20 align=center valign=center>$lvl</td> <td align=center valign=center width=7%><img src=images/race/".$race."-".$gender.".gif></td> <td align=center valign=center width=7%><img src=images/class/$class.gif></td> <td align=center width=20%>".$mrow['played_week']."</td> <td valign=center width=20%>".$mrow['wons_week']."</td> <td valign=center width=10%>".$mrow['played_season']."</td> <td valign=center width=10%>".$mrow['wons_season']."</td> <td valign=center width=10%>".$mrow['personal_rating']."</td> <td valign=center width=10%><center><img src='images/status/".$online.".gif' height='18' width='18'></center></td> </tr> "; echo "</table></td></tr></table></center><br><br><br>"; echo "<table border=1><tr><td><a href='index.php'>Index</a></td></tr></table>"; } ?> </body> </html> Uptime Server: <?php require_once ( 'config.php'); mysql_connect($host, $user, $pass) or die ("Can't connect with $host"); mysql_selectdb ("$auth"); $sql = mysql_query ("SELECT * FROM $auth.`uptime` ORDER BY `starttime` DESC LIMIT 1"); $uptime_results = mysql_fetch_array($sql); if ($uptime_results['uptime'] > 86400) { $uptime = round(($uptime_results['uptime'] / 24 / 60 / 60),2)." Days"; } elseif($uptime_results['uptime'] > 3600) { $uptime = round(($uptime_results['uptime'] / 60 / 60),2)." Hours"; } else { $uptime = round(($uptime_results['uptime'] / 60),2)." Min"; } echo "Uptime:$uptime <br>"; ?> Recover Password: <?php /* Very important! You need to run SQL update! ALTER TABLE `account` ADD `reset_password` VARCHAR( 50 ) NOT NULL; */ /*Config*/ require_once ( 'config.php'); $conn = mysql_connect($host, $user, $pass, $realmd) or die('Connection failed: ' . mysql_error()); $config = array( 'path_to_thisfile' => 'http://www.fantasywow.es/lol/ownage/wow/pass_recovery.php', // Example: http://mysite.com/lol/ownage/wow/ 'email_from' => 'webmaster@fantasywow.es', // Who should the email be sent from ? 'email_subject' => 'Recupera tu contraseña!', // Subject of the mail ?? ); function sha_password($user,$pass){ $user = strtoupper($user); $pass = strtoupper($pass); return SHA1($user.':'.$pass); } function random_string($counts){ $str = "abcdefghijklmnopqrstuvwxyz";//Count 0-25 for($i=0;$i<$counts;$i++){ if ($o == 1){ $output .= rand(0,9); $o = 0; }else{ $o++; $output .= $str[rand(0,25)]; } } return $output; } $realmd_bc_new_connect = mysql_connect($realmd[db_host],$realmd[db_username],$realmd[db_password]); $selectdb = mysql_select_db($realmd[db_name],$realmd_bc_new_connect); if ($_GET[h] && $_GET[h] != '' && $_GET[h] != '0'){ $output_random_pass = random_string(10); $query = mysql_query("SELECT username FROM `account` WHERE reset_password='$_GET[h]'"); $res = mysql_fetch_array($query); if (mysql_num_rows($query) == 1){ echo "Hi $res[username], Your password is: $output_random_pass. Please change your password fast as possible."; $pass_hash = sha_password($res[username],$output_random_pass); mysql_query("UPDATE `account` SET sha_pass_hash='$pass_hash' WHERE reset_password='$_GET[h]'"); mysql_query("UPDATE `account` SET reset_password='' WHERE username='$res[username]'"); }else{ echo "Error."; } }else{ ?> <?php //this is where user fill in and send by email if ($_POST[password_takeback]){ $check_security = mysql_query("SELECT id FROM `account` WHERE username='$_POST[username]' AND email='$_POST'"); if (isset($_POST['username']) && isset($_POST['email']) && mysql_num_rows($check_security) == 1){ $rand = random_string(40); mysql_query("UPDATE `account` SET reset_password='$rand' WHERE username='$_POST[username]'"); $to = $_POST["email"]; $from = "From: $config[email_from]"; $subject = $config[email_subject]; $message= "Hi $_POST[username], you have submitted a password recovery on our site. IF YOU DIDNT SUBMIT A PASSWORD REQUEST JUST DELETE THIS MAIL!. Please follow this link to complete the operation: $config[path_to_thisfile]?h=$rand"; mail($to, $subject, $message, $from); // This work if you have configured your php.ini file to send email, !on linux its default. echo "An Email has been sent to you, please follow the email to complete the process."; }else{ echo "Incorrect details, Please be sure that you submitted right Email and Username to your account"; } }else{ ?> <form action="<?php echo $_SERVER[PHP_SELF]; ?>" method="POST"> Tu Email: <input type="text" name="email"> Tu Usuario: <input type="text" name="username"> <input name="password_takeback" type="submit" value="Recuperar Contraseña"> </form> <?php } }// End GET ?> 2c2: <?php // MySQL //Añadir el fondo deseado echo "<body background='./imagenes/fondo.jpg' text='white'>"; $WoWHostname = ""; // MySQL server address $WoWUsername = ""; // MySQL username $WoWPassword = ""; // MySQL password $CharacterDatabase = ''; // TC characters database $RealmDatabase = ''; // TC relamd database $WorldDatabase = ''; // TC world database $CharacterDatabaseEncoding = 'utf8'; // database character encoding /* */ // DO NOT EDIT BELOW HERE IF YOU DON'T KNOW WHAT IT IS!!! $WoWconn = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword) or die('Connection failed: ' . mysql_error()); mysql_select_db($CharacterDatabase, $WoWconn) or die('Select DB failed: ' . mysql_error()); $sql = "SELECT * FROM `characters` WHERE `online` = 1 ORDER BY `name`"; $result = mysql_query($sql, $WoWconn) or die('Query failed: ' . mysql_error()); $count = 0; ?> <?php // 5º parte $link = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword); $db_selected = mysql_select_db($CharacterDatabase, $link); $sql = "SELECT `arena_team`.`name`, `arena_team`.`arenateamid`, `arena_team_stats`.`arenateamid`, `arena_team_stats`.`rating` FROM $CharacterDatabase.`arena_team`, $CharacterDatabase.`arena_team_stats` WHERE `arena_team_stats`.`arenateamid` = `arena_team`.`arenateamid` AND `arena_team`.`type` = '2' ORDER BY `arena_team_stats`.`rating` DESC LIMIT 30"; //Comando de rankin arenas 2c2 top10 $result = mysql_query($sql); if (!$result) { die('Invalid query: ' . mysql_error()); // en caso de error... } mysql_close($link); //Cerrar comando de rankin 2c2 $row = mysql_fetch_row($result); $i=1; echo "<br><br><br>"; echo "<h2>Rankin 2c2</h2>"; echo "<br>"; echo "<table border=0><tr><td>"; echo "<h4>Nombre del grupo</h4></td><td><h4>Puntos de grupo</h4></td></tr>"; while ($row != NULL) // Si hay algun resultado => proceder / ningun resultado => nada { echo "<tr><td>"; echo $row[0]; echo "</td><td>"; echo $row[3]; echo "</td></tr>"; $row = mysql_fetch_row($result); } echo "</table>"; // Fin parte 5 // Funciona: ?> 3c3: <?php // MySQL //Añadir el fondo deseado echo "<body background='./imagenes/fondo.jpg' text='white'>"; $WoWHostname = ""; // MySQL server address $WoWUsername = ""; // MySQL username $WoWPassword = ""; // MySQL password $CharacterDatabase = ''; // TC characters database $RealmDatabase = ''; // TC relamd database $WorldDatabase = ''; // TC world database $CharacterDatabaseEncoding = 'utf8'; // database character encoding /* */ // DO NOT EDIT BELOW HERE IF YOU DON'T KNOW WHAT IT IS!!! $WoWconn = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword) or die('Connection failed: ' . mysql_error()); mysql_select_db($CharacterDatabase, $WoWconn) or die('Select DB failed: ' . mysql_error()); $sql = "SELECT * FROM `characters` WHERE `online` = 1 ORDER BY `name`"; $result = mysql_query($sql, $WoWconn) or die('Query failed: ' . mysql_error()); $count = 0; ?> <?php // 5º parte $link = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword); $db_selected = mysql_select_db($CharacterDatabase, $link); $sql = "SELECT `arena_team`.`name`, `arena_team`.`arenateamid`, `arena_team_stats`.`arenateamid`, `arena_team_stats`.`rating` FROM $CharacterDatabase.`arena_team`, $CharacterDatabase.`arena_team_stats` WHERE `arena_team_stats`.`arenateamid` = `arena_team`.`arenateamid` AND `arena_team`.`type` = '3' ORDER BY `arena_team_stats`.`rating` DESC LIMIT 30"; //Comando de rankin arenas 2c2 top10 $result = mysql_query($sql); if (!$result) { die('Invalid query: ' . mysql_error()); // en caso de error... } mysql_close($link); //Cerrar comando de rankin 2c2 $row = mysql_fetch_row($result); $i=1; echo "<br><br><br>"; echo "<h2>Rankin 3c3</h2>"; echo "<br>"; echo "<table border=0><tr><td>"; echo "<h4>Nombre del grupo</h4></td><td><h4>Puntos de grupo</h4></td></tr>"; while ($row != NULL) // Si hay algun resultado => proceder / ningun resultado => nada { echo "<tr><td>"; echo $row[0]; echo "</td><td>"; echo $row[3]; echo "</td></tr>"; $row = mysql_fetch_row($result); } echo "</table>"; // Fin parte 5 // Funciona: ?> 5c5: <?php // MySQL //Añadir el fondo deseado echo "<body background='./imagenes/fondo.jpg' text='white'>"; $WoWHostname = ""; // MySQL server address $WoWUsername = ""; // MySQL username $WoWPassword = ""; // MySQL password $CharacterDatabase = ''; // TC characters database $RealmDatabase = ''; // TC relamd database $WorldDatabase = ''; // TC world database $CharacterDatabaseEncoding = 'utf8'; // database character encoding /* */ // DO NOT EDIT BELOW HERE IF YOU DON'T KNOW WHAT IT IS!!! $WoWconn = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword) or die('Connection failed: ' . mysql_error()); mysql_select_db($CharacterDatabase, $WoWconn) or die('Select DB failed: ' . mysql_error()); $sql = "SELECT * FROM `characters` WHERE `online` = 1 ORDER BY `name`"; $result = mysql_query($sql, $WoWconn) or die('Query failed: ' . mysql_error()); $count = 0; ?> <?php // 5º parte $link = mysql_connect($WoWHostname, $WoWUsername, $WoWPassword); $db_selected = mysql_select_db($CharacterDatabase, $link); $sql = "SELECT `arena_team`.`name`, `arena_team`.`arenateamid`, `arena_team_stats`.`arenateamid`, `arena_team_stats`.`rating` FROM $CharacterDatabase.`arena_team`, $CharacterDatabase.`arena_team_stats` WHERE `arena_team_stats`.`arenateamid` = `arena_team`.`arenateamid` AND `arena_team`.`type` = '5' ORDER BY `arena_team_stats`.`rating` DESC LIMIT 30"; //Comando de rankin arenas 2c2 top10 $result = mysql_query($sql); if (!$result) { die('Invalid query: ' . mysql_error()); // en caso de error... } mysql_close($link); //Cerrar comando de rankin 2c2 $row = mysql_fetch_row($result); $i=1; echo "<br><br><br>"; echo "<h2>Rankin 5c5</h2>"; echo "<br>"; echo "<table border=0><tr><td>"; echo "<h4>Nombre del grupo</h4></td><td><h4>Puntos de grupo</h4></td></tr>"; while ($row != NULL) // Si hay algun resultado => proceder / ningun resultado => nada { echo "<tr><td>"; echo $row[0]; echo "</td><td>"; echo $row[3]; echo "</td></tr>"; $row = mysql_fetch_row($result); } echo "</table>"; // Fin parte 5 // Funciona: ?> Palabola and sanctum32 2 Quote Link to comment Share on other sites More sharing options...
Admin/Master Developers SkyFire Posted March 25, 2011 Admin/Master Developers Share Posted March 25, 2011 hmmz. Copy/Paste from trinity's forum. How nice. Wheres the original author info and source link? Quote Link to comment Share on other sites More sharing options...
Diantonix Posted March 26, 2011 Author Share Posted March 26, 2011 The author I am as you can see, if not put the credits. Quote Link to comment Share on other sites More sharing options...
Brainstorm Posted March 28, 2011 Share Posted March 28, 2011 The origins is http://mangoswebv3.googlecode.com/files/MangosWeb_3.0.1.zip it seems to be the one i suggested to be converted to work for SkyFire. Quote Link to comment Share on other sites More sharing options...
Orophix Posted April 8, 2011 Share Posted April 8, 2011 what's mean to be here? $characters = ""; $auth = ""; and 'db_name_realm'=> 'realmd', Quote Link to comment Share on other sites More sharing options...
junx Posted April 8, 2011 Share Posted April 8, 2011 $characters = ""; //where your wow characters database is, most likely characters or char $auth = ""; //where your wow accounts database is, most likely auth 'db_name_realm'=> 'realmd', //looks like your wow accounts database.., again most like auth Quote Link to comment Share on other sites More sharing options...
sanctum32 Posted April 13, 2011 Share Posted April 13, 2011 Here is my edited registration script additions: * added email and passwords checks * changed position, aligned it to center * moved config array to config.php * solved nasty thing, when on successful registration page returns 0: * added another security from sql injections (it has two security checks) config.php <?php $server_ip = "127.0.0.1"; // Server ip $port = "3306"; // Mysql port $host = "127.0.0.1"; // Mysql host $user = "user"; // Mysql username $pass = "paswd"; // Mysql password $characters = "characters_db"; // Characters database $auth = "auth_db"; // Auth/realm server $server_name = "WoW private server"; ?> register.php <?php require_once('config.php'); function check_for_symbols($string) { $len=strlen($string); $allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; for($i=0;$i<$len;$i++)if(!strstr($allowed_chars,$string[$i])) return TRUE; return FALSE; } function sha_password($user,$pass) { $user = strtoupper($user); $pass = strtoupper($pass); return SHA1($user.':'.$pass); } if ($host != "" && $user != "" && $pass != "" && $auth != "") { $new_connect = mysql_connect($host,$user,$pass); if ($new_connect) $selectdb = mysql_select_db($auth,$new_connect); else { echo "Could NOT connect to db: Configs (Name/Pass/Port/IP) are incorrect"; die; } if ($new_connect && !$selectdb) { echo "Could NOT connect to db: Database does not exist!"; die; } if ($_POST['registration']) { // Main functions $username = $_POST['username']; $password = sha_password($username,$_POST['password']); $password2 = sha_password($username,$_POST['password2']); $expansionnumber = $_POST['expansion']; $email = $_POST['email']; // Existing data checks to avoid dublicate accounts or other errors $check_username = mysql_query("SELECT `username` FROM `account` WHERE username='$username'"); $check_email = mysql_query("SELECT `email` FROM `account` WHERE `email`='$email'"); // Main checks if ($username == "") { echo "Field username is empty!"; } else if ($password == "") { echo "Field password is empty!"; } else if ($email == "") { echo "Field email is empty!"; } else if (mysql_num_rows($check_email) != NULL) { echo "Email is already used"; } else if (check_for_symbols($_POST[password]) == TRUE) { echo "Error with creating account: password has invalid symbols in it."; } else if (check_for_symbols($username) == TRUE) { echo "Error with creating account: username has invalid symbols in it."; } else if (mysql_num_rows($check_username) != NULL) { echo "Error with creating account: name is already in use."; } else if ($password != $password2) { echo "Passwords not matches!"; } else { $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $expansionnumber = mysql_real_escape_string($expansionnumber); // adding it anyway $email = mysql_real_escape_string($email); mysql_query("INSERT INTO account (username, sha_pass_hash, expansion, email) VALUES ('$username','$password','$expansionnumber','$email')"); echo "Account created."; } } else { ?> <html> <head> <?php echo "<title>$server_name</title>"; ?> </head> <body> <center> <big>Registration</big> <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST"> <table border="0" width="290px"> <tr> <td>Username</td> <td><input type="text" name="username"/></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password"/></td> </tr> <tr> <td>Retype Password</td> <td><input type="password" name="password2"/></td> </tr> <tr> <td>Email</td> <td><input type="email" name="email"/></td> </tr> </table> Expansion Selection <select name="expansion"> <option value="0">Classic</option> <option value="1">The Burning Crusade</option> <option value="2">Wrath of the Lich King</option> <option value="3">Cataclysm</option> </select><br /> <input alt="Register" type="submit" name="registration"/> </form> </center> </body> </html> <?php } } ?> Quote Link to comment Share on other sites More sharing options...
ginezes Posted August 15, 2011 Share Posted August 15, 2011 thx, scripts working very good! Quote Link to comment Share on other sites More sharing options...
Emtec Posted August 25, 2011 Share Posted August 25, 2011 function check_for_symbols($string) { $len=strlen($string); $allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; for($i=0;$i<$len;$i++)if(!strstr($allowed_chars,$string[$i])) return TRUE; return FALSE; } to: function check_for_symbols($string) { if(preg_replace("([^A-Za-z0-9])", "", $string) != $string) return false; return true; } function sha_password($user,$pass) { $user = strtoupper($user); $pass = strtoupper($pass); return SHA1($user.':'.$pass); } small clean up: function sha_password($user,$pass) { return sha1(strtoupper($user.':'.$pass)); } if ($host != "" && $user != "" && $pass != "" && $auth != "") to: if(!empty($host) AND !empty($user) AND !empty($pass) AND !empty($auth)) <?php $server_ip = "127.0.0.1"; // Server ip to: <?php error_reporting(0); $server_ip = "127.0.0.1"; // Server ip if ($username == "") { echo "Field username is empty!"; } else if ($password == "") { echo "Field password is empty!"; } else if ($email == "") { echo "Field email is empty!"; } else if (mysql_num_rows($check_email) != NULL) { echo "Email is already used"; } else if (check_for_symbols($_POST[password]) == TRUE) { echo "Error with creating account: password has invalid symbols in it."; } else if (check_for_symbols($username) == TRUE) { echo "Error with creating account: username has invalid symbols in it."; } else if (mysql_num_rows($check_username) != NULL) { echo "Error with creating account: name is already in use."; } else if ($password != $password2) { echo "Passwords not matches!"; } change to: if (empty($username)) $err[] = "Field username is empty!"; if (empty($password) or empty($password2)) $err[] = "Field password is empty!"; if (empty($email)) $err[] = "Field email is empty!"; if (mysql_num_rows($check_email) /* not need 0 = false */ != NULL) $err[] = "Email is already used"; // Password can have all chars, in db is in sha1 //elseif (check_for_symbols($_POST[password]) == TRUE) //{ // echo "Error with creating account: password has invalid symbols in it."; //} if (check_for_symbols($username) == TRUE) $err[] = "Error with creating account: username has invalid symbols in it."; if (mysql_num_rows($check_username) != NULL) $err[] = "Error with creating account: name is already in use."; if ($password != $password2) $err[] = "Passwords not matches!"; if(isset($err) and is_array($err)) { echo "<ul>"; foreach($err as $i => $var) { echo "<li>{$var}</li>"; } echo "</ul>"; exit; } Code written on fast, no tested. Small clean up Quote Link to comment Share on other sites More sharing options...
Marqin Posted September 4, 2011 Share Posted September 4, 2011 Why don't use just sha1(strtoupper($username . ": ". $_POST['password'])); instead of function sha_password($user,$pass) and don't compare new $password and $password2 but just $_POST['password'] and $_POST['password2'] ? Quote Link to comment Share on other sites More sharing options...
sanctum32 Posted October 3, 2011 Share Posted October 3, 2011 error_reporting(0); $server_ip = "127.0.0.1"; // Server ip this is bad idea... all errors or warnings are important, for example, here is similar thing, like as to drive with broken car. in php here same symbols of and and if operators and = && or = || Quote Link to comment Share on other sites More sharing options...
alexw0w Posted October 15, 2011 Share Posted October 15, 2011 thank you very much, helped me a lot of these codes Quote Link to comment Share on other sites More sharing options...
regenx Posted April 26, 2012 Share Posted April 26, 2012 And for login? Someone can share a login script for both WOTLK and Cataclysm (I mean for expansion 2 and 3). Thank you. For Login script you just need to connect to auth, right? Who can help me? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.