Jump to content
V3ct0r

PKOdev.NET website for Tales of Pirates Server

Recommended Posts

Hello @dragontechi,

 

1) What link did you download PKOdev.NET Webiste?

2) As far as I understand, the miner appeared on different VPS. Are these VPS from the same or different providers? Are you using a reliable hosting provider?

3) What else do you install besides the website?

4) Where did you get the script in your post from?

 

Looks like this script download something from address 45.81.224.130 and send information about your PC to the Telegram bot with token 5086556714:AAF7DbEW7CWKb1GEIy6_inxVlrGJ39JUUBM and chat ID 552691400.

 

I have previously installed the site from the link in the first post, but had no problems. I also searched for some of the keywords in your script using Notepad++ but didn't find anything.

 

Hello @Mesut,

 

You need configure SMTP settings in the file inc.config.php:

	// SMTP settings (email) 
	'smtp' => array(
		
		// Login (e-mail)
		'login' => '',
		
		// Password
		'password' => '',
		
		// SMTP server host
		'host' => 'smtp.gmail.com',
		
		// SMTP server port
		'port' => '465',

	),

 

  • Like 1

Share this post


Link to post
Share on other sites

thk u vector but im getting this error massage from this field on php file 

 

 

Warning: A non-numeric value encountered in C:\xampp\htdocs\pages\account\inc.restore.php on line 168
 

Namnlös.png

 

script in php line 168

$hash = md5($name + time());

Edited by Mesut

Share this post


Link to post
Share on other sites
8 hours ago, Mesut said:

thk u vector but im getting this error massage from this field on php file 

 

 

Warning: A non-numeric value encountered in C:\xampp\htdocs\pages\account\inc.restore.php on line 168
 

Namnlös.png

 

script in php line 168

$hash = md5($name + time());

Try to replace it to:

 $hash = md5($name . time());

 

time() method might also need to be casted to string before concatenation.

  • Thanks 1

Share this post


Link to post
Share on other sites

This particular warning is shown due to you using a plus sign rather than a dot to concatenate strings. PHP uses dots to do that (inherited from Pearl), this behaviour can be tested using a PHP compiler. I have attached two screenshots of me running tests using different PHP compilers (versions 7 and 8).

 

Using version 7 outputs the warning that you see, now if you upgrade to version 8 then the developers have explicitly converted this warning into an exception, so the code will not work (running this code on php < 7 should not show any errors, which could lead to invalid application logic behaviour).

6ABBC2EE-1322-4A7B-BE68-D5E8C52562AC.jpeg

13310FA6-13C9-4C3E-B430-C31253D3B57D.jpeg

FB502A00-8CAE-4594-B99D-DB5D680BB410.jpeg

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
On 9/6/2021 at 9:20 AM, V3ct0r said:

Thank you!

Can you help me solving this?


Deprecated: Creation of dynamic property Smarty_Internal_Template::$compiled is deprecated in C:\xampp\htdocs\lib\smarty\sysplugins\smarty_internal_template.php on line 612


Line 612 =                 $this->$property_name = $value;

 

Block of code:

 

    public function __set($property_name, $value)

    {

        switch ($property_name) {

            case 'compiled':

            case 'cached':

            case 'compiler':

                $this->$property_name = $value;

                return;

            default:

                // Smarty property ?

                if (property_exists($this->smarty, $property_name)) {

                    $this->smarty->$property_name = $value;

                    return;

                }

        }

        throw new SmartyException("invalid template property '$property_name'.");

    }

 

Share this post


Link to post
Share on other sites

Hello @filipe,

 

what is your version of PHP? Looks like it is PHP 8.x, in which dynamic properties are deprecated.

 

But this website was developed and should be used with PHP version 7.x.


Share this post


Link to post
Share on other sites

Ao abrir o Stall do web site!

Estou recebendo esse erro

 

Parse error: syntax error, unexpected ')' in C:\xampp\htdocs\class\stallclient\class.stallclient.php on line 168

 

image.png.beef063ad2fbb3463bbd0299e9d79d34.png

 

Não sei onde encontrar a Key nesse arquivo StallServer.cfg não tenho ele!

 

image.png.90828231855eaa6675455fca8107e541.png

 

 

image.png

Share this post


Link to post
Share on other sites

@V3ct0r hi there the site is all up and running linking to my databases all fine but it wont send the email?

 

I removed the captcha and have setup my smtp details but it doesnt send any email when using Forgot Password?

 

EDIT:

 

Fixed the captcha and captcha all working.

 

But emails not sending. Not sure why

 

EDIT x2:

 

Disabled the SSL in the phpmailer. that sorted it. its sending fine now

Edited by SolidusZA

Share this post


Link to post
Share on other sites

Hello @SolidusZA,

 

Sorry for the late reply, maybe it will help someone else:

 

1) File \pages\inc.register.php, line ~87:

if (!preg_match('|^[A-Z0-9]+$|i', $password))

2) File  \pages\account\inc.changepass.php, line ~50:

if ( ($length < 5 || $length > 15) || !preg_match('|^[A-Z0-9]+$|i', $old_password) )

line ~72:

if(!preg_match('|^[A-Z0-9]+$|i', $new_password))

3) File \pages\account\inc.login.php, line ~455:

!preg_match('|^[A-Z0-9]+$|i', $password) )

 

All you need to do is modify the regular expression (|^[A-Z0-9]+$|i) for your requirements.

 

 

P.S. It is a bad design, I should have written a separate function for validating passwords.


Share this post


Link to post
Share on other sites

Hello @R95,

 

Log in using any GM account.

  • Thanks 1

Share this post


Link to post
Share on other sites

Thank you so much! Well I have 1 more question V3ctor. The Original Password doesnt show in AccountServer DataBase when someone registers only the hashed passwords shows...

23.02.2024_10.24.53_REC.png

Share this post


Link to post
Share on other sites
On 2/23/2024 at 10:26 AM, R95 said:

Thank you so much! Well I have 1 more question V3ctor. The Original Password doesnt show in AccountServer DataBase when someone registers only the hashed passwords shows...

23.02.2024_10.24.53_REC.png

Hello @R95,

 

This is how it should be for safety reasons. Passwords should not be stored in clear text in the database; their hashes (MD5) are stored instead of passwords. If someone hacks your database, they won't be able to find out your players' passwords.


Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...