Jump to content
V3ct0r

Registration script with rankings

Recommended Posts

В 02.05.2016в17:27, DangThao сказал:

Nice @V3ct0r, i will try to do a design for this lovely simple website =D. Can u add forgot password too?

Hello! Ok, I will add forgot password soon

  • Like 1

Share this post


Link to post
Share on other sites
9 hours ago, V3ct0r said:

Hello! Ok, I will add forgot password soon

That forgot password is really a problem for TOP/PKO/KOP PS. Its nice to have the forgot password here and there xD.

Share this post


Link to post
Share on other sites

Could someone create a guide how to configure this web page on free ftp server with database on local computer? When I type my local IP in config.php file and upload everything to free ftp I still got only the blank page..

Share this post


Link to post
Share on other sites

WARNING!

SQL INJECTION VULNERABILITY!

 

index.php

if ((eregi("[^a-z0-9_-]", $login)) || (eregi("[^a-z0-9_-]", $pass)) ) {

eregi is deprecated. Null byte vulnerability.

 

$email = $_POST['email'];
do_query("INSERT INTO account_login (name,password,originalPassword,email) VALUES ('$login','$encr_pass','$pass', '$email')","AccountServer");

$email is not validated

  • Like 1

Share this post


Link to post
Share on other sites
В 06.07.2016 в 14:38, V3ct0r сказал:

WARNING!

SQL INJECTION VULNERABILITY!

 

index.php


if ((eregi("[^a-z0-9_-]", $login)) || (eregi("[^a-z0-9_-]", $pass)) ) {

eregi is deprecated. Null byte vulnerability.

 


$email = $_POST['email'];
do_query("INSERT INTO account_login (name,password,originalPassword,email) VALUES ('$login','$encr_pass','$pass', '$email')","AccountServer");

$email is not validated

fixed

  • Like 1

Share this post


Link to post
Share on other sites

where to extract the file...in what folder..in xamp or what..if in xamp..what folder..or just put registration in xamp folder..

Share this post


Link to post
Share on other sites
12 hours ago, SD13 said:

where to extract the file...in what folder..in xamp or what..if in xamp..what folder..or just put registration in xamp folder..

htdocs folder in xampp or apache htdocs in zend.

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, novich said:

76f80ea4bd.png

not working

 

This scripts are programmed to work with mssql extension, which is no longer supported in newer versions of PHP.
Download an old version of XAMPP or install ZEND following this guide: 

 

Edited by Faller
  • Like 1

Share this post


Link to post
Share on other sites
20 часов назад, Faller сказал:

 

This scripts are programmed to work with mssql extension, which is no longer supported in newer versions of PHP.
Download an old version of XAMPP or install ZEND following this guide: 

 

Thanks. I tried the old versions of xampp - for some reason the Apache does not start at all, it also crashes. I tried zend 8.0.2, at 127.0.0.1 - downloading some empty file "downloaded" 

Share this post


Link to post
Share on other sites

Hi, haven't tested if registration works with this edits, but to avoid the deprecated mssql_connect() you can edit this line in `index.php`:

Edited: changed all calls to mssql_* functions, this should work for you:


 

Spoiler

 

Replace in index.php:


<?php

session_start();
include 'config.php';
include 'functions.php';
if(!@include 'lang/'.$config['other']['lang'].'.php')
	die('Не найдена языковая библиотека <b>'.$config['other']['lang'].'</b>./Not found language library <b>'.$config['other']['lang'].'.</b');
$serverName = $config['db']['host'];
$connectionInfo = array(
	"UID" => $config['db']['user'],
	"PWD" => $config['db']['password']
);
$conn = sqlsrv_connect( $serverName, $connectionInfo);


if(isset($_POST['reg'])) {
	if(empty($_POST['login'])) $page = "<span class=\"error\">".$lang_error1."</span>".$page;
	else if(empty($_POST['password'])) $page = "<span class=\"error\">".$lang_error2."</span>".$page;
	else if(empty($_POST['password2'])) $page = "<span class=\"error\">".$lang_error3."</span>".$page;
	else if(empty($_POST['email'])) $page = "<span class=\"error\">".$lang_error4."</span>".$page;
	else if(empty($_POST['email2'])) $page = "<span class=\"error\">".$lang_error5."</span>".$page;
	else {
		if($_POST['password'] == $_POST['password2']) {
			$login = $_POST['login'];
			$pass = $_POST['password'];
			$email = $_POST['email'];
			
			if ((preg_match("/[^a-z0-9_-]/", $login)) || (preg_match("/[^a-z0-9_-]/", $pass)) ) {
				$page = "<span class=\"error\">".$lang_error6."</span>".$page;
			} else {
				if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
					if(strlen($login) > 4 && strlen($pass) > 4) {
						if(strlen($login) < 16 && strlen($pass) < 16)
						{
							$sql=("SELECT * FROM accountserver.dbo.account_login WHERE name='$login'");
							$params = array();
							$options =  array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
							$stmt = sqlsrv_query( $conn, $sql , $params, $options );
							$row_count = sqlsrv_num_rows( $stmt );
							if( $row_count > 0) $page = "<span class=\"error\">".$lang_error7."</span>".$page;
							else if($_SESSION['captcha_keystring'] != htmlentities($_POST['captcha'])) $page .= "<span class=\"error\">".$lang_error8."</span>";
							else {
								if($email == $_POST['email2'])
								{
									if(strlen($email) < 26)
									{
										$encr_pass = strtoupper(md5($pass));
										$sql=("INSERT INTO accountserver.dbo.account_login (name,password,originalPassword,email) VALUES ('$login','$encr_pass','$pass', '$email')");
										$params = array();
										$options =  array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
										sqlsrv_query( $conn, $sql , $params, $options );
										$page = "<span class=\"complete\">".$lang_complete."</span>";
									}
									else $page = "<span class=\"error\">".$lang_error13."</span>";
								}
								else
								{
									$page = "<span class=\"error\">".$lang_error9."</span>";
								}
							}
						}
						else $page = "<span class=\"error\">".$lang_error12."</span>".$page;
					} else $page = "<span class=\"error\">".$lang_error10."</span>".$page;
				} else $page = "<span class=\"error\">".$lang_error14."</span>".$page;
			}
		} else $page = "<span class=\"error\">".$lang_error11."</span>".$page;
	}
	
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<meta http-equiv="Expires" content="Mon, 26 Jul 1997 05:00:00 GMT" /> 
<meta http-equiv="Pragma" content="no-cache" /> 
<title><?php echo $config['server']['name']." - ".$lang_register; ?></title>
	<style type="text/css">
		*{padding: 0; margin: 0;}
		body {font: 12px/18px Arial, Tahoma, Verdana, sans-serif;background: #9de7fb;}
		#title{background-image: url(./img/title.png); width: 651px; height: 80px; text-align: center; padding-top: 25px; font-size: 30px; font-weight: bold; margin: 0 auto; margin-top: 15px;font-family:'Monotype Corsiva';}
		#button-register{width: 222px;height: 78px;display: block;background: url(./img/button-register-<?php echo $config['other']['lang'];?>.png) no-repeat;}	
		#button-register:hover{background-position: 100% -78px;}
		#button-clear{width: 222px;height: 78px;display: block;background: url(./img/button-clear-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		#button-clear:hover{background-position: 100% -78px;}
		#image {border: 2px dotted;}
		.label{float: right;padding-right: 5px;font-weight: bold;font-size: 15px;}
		.edit1 {width: 180px;height: 33px;font-size: 20px;border:none;background: url(./img/edit1.png) 0 0 no-repeat;padding:1px 15px 1px 15px;outline: none;}
		.edit2 {width: 126px;height:33px;border:none;font-size: 20px;background:url(./img/edit2.png) 0 0 no-repeat;padding:1px 15px 1px 15px;outline: none;}
		.error{color: #ff0000}
		.complete{color: #008000;}
		#menu{height: auto; wigth: 100%; padding: 5px;  background:url(./img/grad.jpg) repeat-x #c0c0c0;}
		#main_form{height: auto; width: 450px; margin: 0 auto;}
		
		.button-top_exp{height:26px;width:121px;display:block; background:url(./img/topexp-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		.button-top_exp:hover{background-position: 100% -26px;}
		.button-top_exp_selected{height:26px;width:121px;display:block; background:url(./img/topexp-<?php echo $config['other']['lang'];?>.png) no-repeat;background-position: 100% -52px;}

		.button-top_gold{height:26px;width:121px;display:block;background:url(./img/topgold-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		.button-top_gold:hover{background-position: 100% -26px;}
		.button-top_gold_selected{height:26px;width:121px;display:block;background:url(./img/topgold-<?php echo $config['other']['lang'];?>.png) no-repeat;background-position: 100% -52px;}
		
		.button-register_menu{height:26px;width:121px;display:block;background:url(./img/register-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		.button-register_menu:hover{background-position: 100% -26px;}
		.button-register_menu_selected{height:26px;width:121px;display:block;background:url(./img/register-<?php echo $config['other']['lang'];?>.png) no-repeat;background-position:100% -52px;}
		
		.button-top_guild{height:26px;width:121px;display:block;background:url(./img/topguild-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		.button-top_guild:hover{background-position:100% -26px;}
		.button-top_guild_selected{height:26px;width:121px;display:block;background:url(./img/topguild-<?php echo $config['other']['lang'];?>.png) no-repeat;background-position:100% -26px;}
		
		.button-statistic_menu{height:26px;width:121px;display:block;background:url(./img/stats-<?php echo $config['other']['lang'];?>.png) no-repeat;}
		.button-statistic_menu:hover{background-position: 100% -26px;}
		.button-statistic_menu_selected{height:26px;width:121px;display:block;background:url(./img/stats-<?php echo $config['other']['lang'];?>.png) no-repeat;background-position: 100% -52px;}
	</style>
</head>

<body>
	<div id="menu">
		<table>
			<tr>
				<th><a href="index.php" class="button-register_menu_selected"></a></th>
				<th><a href="top.php?rank=exp" class="button-top_exp"></a></th>
				<th><a href="top.php?rank=gold" class="button-top_gold"></a></th>
				<th><a href="top.php?rank=guild" class="button-top_guild"></a></th>
				<!--<th><a href="statistics.php" class="button-statistic_menu"></a></th> *-->
			</tr>
		</table>
	</div>
	
	<div id="title"><?php echo $config['server']['name']?></div>
	<div id="main_form">
		<table>
			<form action="<?php echo htmlentities($_SERVER['PHP_SELF'])?>" method="POST" name="main_form">
				<input type="hidden" name="reg" value="reg">
				
					<tr><th colspan="2"><?php if(isset($_POST['reg'])) echo $page; else echo '&nbsp;';?></th></tr>
					<tr><td><span class="label" id="label1"><?php echo $lang_login; ?>:</span></td><td><input type="text" name="login" class="edit1" onClick="document.getElementById('label1').style.color='#6f98cd';" onBlur="document.getElementById('label1').style.color='#000'" id="Edit1" maxlength="15" /></td></tr>
					<tr><td><span class="label" id="label2"><?php echo $lang_password; ?>:</span></td><td><input type="password" name="password" class="edit1" onClick="document.getElementById('label2').style.color='#6f98cd'" onBlur="document.getElementById('label2').style.color='#000'" maxlength="15" /></td></tr>
					<tr><td><span class="label" id="label3"><?php echo $lang_repassword; ?>:</span></td><td><input type="password" name="password2" class="edit1" onClick="document.getElementById('label3').style.color='#6f98cd'" onBlur="document.getElementById('label3').style.color='#000'" maxlength="15" /></td></tr>
					<tr><td><span class="label" id="label4"><?php echo $lang_email; ?>:</span></td><td><input type="text" name="email" class="edit1" onClick="document.getElementById('label4').style.color='#6f98cd'" onBlur="document.getElementById('label4').style.color='#000'" maxlength="25" /></td></tr>
					<tr><td><span class="label" id="label5"><?php echo $lang_reemail ?>:</span></td><td><input type="text" name="email2"  class="edit1" onClick="document.getElementById('label5').style.color='#6f98cd'" onBlur="document.getElementById('label5').style.color='#000'" maxlength="25" /></td></tr>
					<tr><th colspan="2" id="label6"><?php echo $lang_code; ?>:</th></tr>
					<tr><th colspan="2"><img src="kcaptcha/?<?php echo session_name()?>=<?php echo session_id()?>" id="image"></th></tr>
					<tr><th colspan="2"><input type="text" name="captcha" class="edit2" onClick="document.getElementById('label6').style.color='#6f98cd';document.getElementById('image').style.border='2px dotted #6f98cd';" onBlur="document.getElementById('label6').style.color='#000';document.getElementById('image').style.border='2px dotted #000';" style="text-align: center;" maxlength="6" /></th></tr>
					<tr><td><a href="#" onClick="main_form.submit();" id="button-register"></a></td><td><a href="#"  onClick="main_form.reset()" id="button-clear"></a></td></tr>
				
			</form>
			<?php if($config['other']['show_strong']){?>
				<tr>
					<td>
					<?php
						$sql = "SELECT TOP 1 g.guild_id, c.cha_name, c.icon, c.degree, c.job, CASE WHEN (c.exp < 0) THEN (c.exp+4294967296) ELSE c.exp END AS exp, CASE WHEN (g.guild_id = 0) THEN '-' ELSE guild_name END AS guild_name FROM gamedb.dbo.character AS c LEFT JOIN gamedb.dbo.account AS a ON (a.act_id = c.act_id) LEFT JOIN gamedb.dbo.guild AS g ON ((c.guild_id = g.guild_id) AND (c.guild_stat = 0)) WHERE (ISNULL(c.deldate,0) = 0 AND (a.gm = 0)) ORDER BY CASE WHEN (c.exp < 0) THEN (c.exp+4294967296) ELSE c.exp END DESC";
						$params = array();
						$options =  array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
						$stmt = sqlsrv_query( $conn, $sql , $params, $options );
						$row_count = sqlsrv_num_rows( $stmt );
						
						if( $row_count > 0)
						{
							$character = mssql_fetch_array($result);
							
							$picture = getCharPicture((int)$character['icon'], $character['job']);
							$picture = (file_exists('img/chars/'.$picture)) ? $picture : 'unknown.gif';	
					?>
						<table style="margin-top: 15px;">
						  <tr><th colspan="2" style="text-align: left;"><?php echo $lang_strong;?></th><tr>
						  <tr><td rowspan="5" width="76" height="96"><img src="img/chars/<?php echo $picture; ?>" alt="<?php echo $picture; ?>" /></td><td style="border-bottom: 1px dotted #000;"><?php echo $character['cha_name']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;"><?php echo $character['degree']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;"><?php echo $character['job']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;" valign="top"><?php echo $character['guild_name']; ?></td></tr>
						  <tr><td valign="top">&nbsp;</td></tr>
						</table>
					<?php 
						}
						else
						{
							echo '<img src="img/none.jpg" alt="'.$lang_nostrong.'" style="margin-top: 15px;">';
							echo '<p><b>'.$lang_nostrong.'</b></p>';
						}
					?>
					</td>
					<td>
					<?php
						$sql = "SELECT TOP 1 g.guild_id, c.gd, c.cha_name, c.icon, c.job, CASE WHEN (g.guild_id = 0) THEN '-' ELSE guild_name END AS guild_name FROM gamedb.dbo.character AS c LEFT JOIN gamedb.dbo.account AS a ON (a.act_id = c.act_id) LEFT JOIN gamedb.dbo.guild AS g ON ((c.guild_id = g.guild_id) AND (c.guild_stat = 0)) WHERE (ISNULL(c.deldate,0) = 0 AND (a.gm = 0)) ORDER BY gd DESC";
						$params = array();
						$options =  array( "Scrollable" => SQLSRV_CURSOR_KEYSET );
						$stmt = sqlsrv_query( $conn, $sql , $params, $options );
						$row_count = sqlsrv_num_rows( $stmt );
						if( $row_count > 0)
						{
							$character = mssql_fetch_array($result);
							
							$picture = getCharPicture((int)$character['icon'], $character['job']);
							$picture = (file_exists('img/chars/'.$picture)) ? $picture : 'unknown.gif';	
					?>
						<table align="right" style="margin-top: 15px; text-align: left;">
						  <tr><th colspan="2"><?php echo $lang_rich;?></th><tr>
						  <tr><td rowspan="5" width="76" height="96"><img src="img/chars/<?php echo $picture; ?>" alt="<?php echo $picture; ?>" /></td><td style="border-bottom: 1px dotted #000;"><?php echo $character['cha_name']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;"><?php echo $character['gd']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;"><?php echo $character['job']; ?></td></tr>
						  <tr><td style="border-bottom: 1px dotted #000;"><?php echo $character['guild_name']; ?></td></tr>
						  <tr><td valign="top">&nbsp;</td></tr>
						</table>
					<?php 
						}
						else
						{
							echo '<img src="img/none.jpg" alt="'.$lang_norich.'" style="margin-top: 15px;">';
							echo '<p><b>'.$lang_norich.'</b></p>';
						}
					?>
					</td>
				</tr>
			<?php }?>
			</table>
	</div>

</body>
</html>


 

 

For me the captcha image did not work and did not have time to check it, so I just commented out line 41: "else if($_SESSION['captcha_keystring']"

 

This only makes work the registration, to have rankings work you change the mssql_ functions with the respective sqlsrv_ functions. Hope this can help

Edited by SoundX
Corrected suggestion that wont work
  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×