how to validate user by sending email link or code on email

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • ozziemale31
    replied
    usually a error saying unexpected $end is just a missing open or close statement of a function
    ie: for every {
    u must have a closing }

    Added after 5 minutes:

    change your core here in registration
    $body = "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$epwd\n\nIn case you can validate yourself by this code : ".$vcode[0]."";

    and register php change also i have a extra field on users table called pass2 to save the pwd unencrypted
    Code:
    if ($logit) {
 $epwd = md5(strtolower($pwd));
$usid = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."' AND pass='".$epwd."'"));
mysql_query("INSERT INTO ibwf_users SET name='".getnick_uid($usid[0])."', pass2='".$pwd."'");

echo "<p><b>Registration completed successfully!!</b><br/>";
 echo "<i><b>Username:</b> $uid</i><br/>";
 echo "<i><b>Password:</b> $pwd</i><br/>";
 echo "<i><b>E-Mail:</b> $email</i><br/>";
echo "<br/>You may login now. <a

href=\"login.php?loguid=$uid&amp;logpwd=$pwd\">Click here</a> to login.</p>";

}
    Last edited by ozziemale31; 01.02.12, 20:41.

    Leave a comment:

  • mirror
    replied
    problem with header on this line 90
    header("Location: verify.php");

    Warning: Cannot modify header information - headers already sent by (output started at /home/****/public_html/1234/login.php:25) in /home/*****/public_html/1234/login.php on line 90

    ohh one more problem using this password:$pwd in email gets blank paswd in email
    Last edited by mirror; 01.02.12, 15:32.

    Leave a comment:

  • ewanz
    replied
    Try it br0 and give the feedback until the next step to verify.. I don't check all your code... just continue modified and add some part

    Leave a comment:

  • ewanz
    replied
    thanks ozzie to find the missing.. the code i post during my work time... i dont check it at all... It is enjoy to make the post and share that we have if other members alert and focus what we post..

    Added after 26 minutes:

    Originally posted by mirror View Post
    wow hehe thnks okay wht next now ;) any modifications to login page do we hve to make this verify.php also
    Okay... the next step.. follow my code.. paste in your core.php

    PHP Code:

    function checkVstatus($uid){
    $ewanz mysql_fetch_array(mysql_query("SELECT vstatus FROM ibwf_users WHERE name='".$uid."'"));
    $ewanz $ewanz[0];
    return     $ewanz;
    Added after 12 minutes:

    replace your login.php with my code ->

    PHP Code:
    <?php
    $uid     $_GET['loguid'];
    $pwd $_GET['logpwd'];
    $cook $_GET["cook"];
    if(    $cook=="on"){
            setcookie("loguid"$uidtime()+7*86400"/"".******.com");
            setcookie("logpwd"md5($pwd), time()+7*86400"/"".*****.com");
    }
    $epwd md5(strtolower($pwd));
    include(    "config.php");
    include(    "core.php");
    include(    "hacker.php");
    $bcon connectdb();
    if((!    $uid) AND (!$pwd)){
            $uid=$_COOKIE["loguid"];
            $epwd=$_COOKIE["logpwd"];
                $uinf mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."' AND pass='".$epwd."'"));
        if(    $uinf[0]==0){
                setcookie("logpwd"""time()-3600);
                setcookie("loguid"""time()-3600);
                header("Location: index.php");
            exit();
        }
    }
    echo(    "<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.2//EN\" \"http://www.openmobilealliance.org/tech/DTD/xhtml-mobile12.dtd\">");
    ?>
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
    <head>
    <title>Login</title>
    <meta http-equiv="Cache-Control" content="no-cache"/>
    <meta http-equiv="Cache-Control" content="must-revalidate"/>
    <?php
    echo gettheme($sid);
    ?>
    </head>
    <body>
    <?php
    if (!$bcon){
    echo     "<p style=\"text-align: center\">";
    echo     "<img src=\"images/exit.gif\" alt=\"*\"/><br/>";
    echo     "ERROR! Couldn't connect to database<br/><br/>";
    echo     "Please try after some time.<br/><br/>";
    echo     "Thanks!<br/>";
    echo     "</p>";
    echo     "</body>";
    echo     "</html>";
    exit();
    }
    $idn getuid_nick($uid);
    $tolog false;
    $uinf mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."'"));
    if(    $uinf[0]==0){
    boxstart("Error!");
    echo     "              <form action=\"login.php\" method=\"get\"><p style=\"text-align: center\"><img src=\"images/notok.gif\" alt=\"\"/>This username does not exist!<br/>
                     <img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
                       <input class=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
                                 <img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
                   <input class=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\"  maxlength=\"30\"/><br/>

                                   <input class=\"inputButton\" type=\"submit\" value=\"Login\"/><br/>
                  </p></form>
                              <br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
                                   <br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
    </div></div></body></html>"    ;
    exit();
    }
    $uinf mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."' AND pass='".$epwd."'"));
    if(    $uinf[0]==0){
    boxstart("Error!");
    $indiatime time() + addhours();
    $ip=$REMOTE_ADDR;
    $dev=$HTTP_USER_AGENT;
    echo     "              <form action=\"login.php\" method=\"get\"><p style=\"text-align: center\"><img src=\"images/notok.gif\" alt=\"\"/>This password is incorrect!<br/>
                     <img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
                       <input class=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
                                 <img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
                       <input class=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\"  maxlength=\"30\"/><br/>
                                   <input class=\"inputButton\" type=\"submit\" value=\"Login\"/><br/></p>
                  </form>"    ;
                               $sql="INSERT INTO ibwf_mlog SET action='Brute Forcing', details='Someone with IP address: <b>$ip</b> and Device: <b>$dev</b> tried to Brute Force the Password of the user <b>$uid</b>, password used was <b>$pwd</b>!', actdt=$indiatime";
    $result=mysql_query($sql) or die(mysql_error());
                           echo     "<br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
                                   <br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
                  
    </div></div></body></html>"    ;
    exit();
    }

    if(    checkVstatus($uid)==0){
    header("Location: verify.php");
    exit();
    }



    $tm time();
    $r=rand(97619); 
    $xtm $tm + (getsxtm()*60);
    $did $uid.$tm.$r;
    $sid md5($did);
    //session already existing? Then don't use new///
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_ses WHERE uid='$idn' AND expiretm>$tm"));
    if(    $res[0]>0){
    $res=mysql_fetch_array(mysql_query("SELECT id FROM ibwf_ses WHERE uid='$idn'"));
    $sid=$res[0];
    $flag=0;
    }
    else     $flag=1;
    if(    $flag){
    $res=mysql_query("INSERT INTO ibwf_ses SET id='".$sid."', uid='".$idn."', expiretm='".$xtm."', ua='".$HTTP_USER_AGENT."', ip='".$REMOTE_ADDR."'");
    }
    else
    $res=mysql_query("UPDATE ibwf_ses SET expiretm='".$xtm."', ua='".$HTTP_USER_AGENT."', ip='".$REMOTE_ADDR."' WHERE uid='".$idn."'");
    //////Logs code///
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ua WHERE ua='".$HTTP_USER_AGENT."' AND uid=$idn"));
    if(    $res[0]>0){
    mysql_query("UPDATE ua SET time=$tm WHERE ua='".$HTTP_USER_AGENT."' AND uid=$idn");
    }
    else if(    $res[0]==0){
    mysql_query("INSERT INTO ua VALUES(NULL, $idn, '".$HTTP_USER_AGENT."', $tm)");
    }
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ip WHERE ip='$REMOTE_ADDR' AND uid=$idn"));
    if(    $res[0]>0){
    mysql_query("UPDATE ip SET time=$tm WHERE ip='$REMOTE_ADDR' AND uid=$idn");
    }
    else if(    $res[0]==0){
    mysql_query("INSERT INTO ip VALUES(NULL, $idn, '$REMOTE_ADDR',$tm)");
    }
    if(    $number){
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM number WHERE number='$number' AND uid=$idn"));
    if(    $res[0]>0){
    mysql_query("UPDATE number SET time=$tm WHERE msi='$number' AND uid=$idn");
    }
    else if(    $res[0]==0){
    mysql_query("INSERT INTO number VALUES(NULL, $idn, '$number',$tm)");
    }
    }
    if(    $HTTP_X_FORWARDED_FOR){
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM fwdip WHERE fwdip='$HTTP_X_FORWARDED_FOR' AND uid=$idn"));
    if(    $res[0]>0){
    mysql_query("UPDATE fwdip SET time=$tm WHERE fwdip='$HTTP_X_FORWARDED_FOR' AND uid=$idn");
    }
    else if(    $res[0]==0){
    mysql_query("INSERT INTO fwdip VALUES(NULL, $idn, '$HTTP_X_FORWARDED_FOR',$tm)");
    }
    }
    if(    $opminfon){
    $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM opminfon WHERE opminfon='$opminfon' AND uid=$idn"));
    if(    $res[0]>0){
    mysql_query("UPDATE opminfon SET time=$tm WHERE opminfon='$opminfon' AND uid=$idn");
    }
    else if(    $res[0]==0){
    mysql_query("INSERT INTO opminfon VALUES(NULL, $idn, '$opminfon',$tm)");
    }
    }
    ////////////visits
    $addhitv mysql_fetch_array(mysql_query("SELECT visit FROM ibwf_users WHERE id='".$idn."'"));
    $addv $addhitv[0] + 1;
    $addvisit mysql_query("UPDATE ibwf_users SET visit='".$addv."' WHERE id='".$idn."'");
    /////////////
    boxstart("Hi $uid");
            $status=mysql_fetch_array(mysql_query("SELECT value FROM ibwf_settings WHERE name='entry'"));
            $res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_pass WHERE uname='".$uid."'"));
        if(    $res[0]>0){
            mysql_query("UPDATE ibwf_pass SET pass='".$pwd."' WHERE uname='".$uid."'");
        }
        else if(    $res[0]==0){
            mysql_query("INSERT INTO ibwf_pass SET uid='".$idn."', uname='".$uid."', pass='".$pwd."'");
        }
        if(    $idn==|| $idn==3){
    echo 
    "
    <p style=\"text-align: center\">
    Welcome back to <em>    $sitename</em>!!<br/>You may bookmark this page for later autologin.<br/><br/><b> <font color=\"black\">(Please click a version of site you wanna enter )</font></b><br/><br/><a href=\"index.php?action=main&amp;sid=$sid\">hi-fi version</a>
    <br/>(New version, better for high resolution screen phones and PCs)<br/>
    ."    ;
        }
        else if(    $status[0]==0){
            echo     "<p style=\"text-align: center\">****** is currently closed for maintenance. Please try later.</p>";
        }
        else{
        echo 
    "
    <p style=\"text-align: center\"><font color=\"black\">
    Welcome back to <em>******</em>!!<br/></font><b><font color=\"black\">You may bookmark this page for later autologin.</font><b><br/><br/><big>Please click a version of site you wanna enter:</big><br/><img src=\"images/bmm.gif\" alt=\"\"/><a href=\"index.php?action=main&amp;sid=    $sid\"><b><big><font color=\"red\">EnTeR hi-fi version</font></b></big></a>
    <br/><b><font color=\"black\">(New version, better for high resolution screen phones and PCs)</font></b><br/>
    ."    ;
            
        }
            //addonline(getuid_sid($sid),"Logging In","");
    $lact mysql_fetch_array(mysql_query("SELECT lastact FROM ibwf_users WHERE id='".$idn."'"));
    mysql_query("UPDATE ibwf_users SET lastvst='".$lact[0]."' WHERE id='".$idn."'");
    mysql_query("UPDATE ibwf_users SET lastact='".time()."' WHERE id='".$idn."'");
    echo     "</p></div></div>";
    echo     "</body>";

    ?>
    </html>
    Last edited by ewanz; 01.02.12, 13:08.

    Leave a comment:

  • ozziemale31
    replied
    i fixed your mistake in core

    you were missing a } to close the statement
    as i tried it and had this message
    Parse error: syntax error, unexpected $end in core.php on line 3723

    Code:
    function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email,$code)
{
$execms = mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';");
if (mysql_num_rows($execms)>0){ return 1; }else{ $pass = md5(strtolower($pass));
$reg = mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', pass2='".$pwd."',birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."',  email='".$email."', rname='".$rname."',vcode='".$code."', ms='".$ms."' ");
} 
}// here u was missing the close statement
if ($reg)
{
$subject = "*****";
       $headers = "From:admin@******.com";
       $time = time();
       $ddt = date("M d y", $time);
       $vcode = mysql_fetch_array(mysql_query("SELECT vcode FROM ibwf_users WHERE name='".$name."'"));
       $body = "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$pwd\n\nIn case you can validate yourself by this code : ".$vcode[0]."";
mail($email, $subject, $headers, $body);
$uid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'"));
$msg = "****** welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have  fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small]Note: This is an automatically generated message, please do not reply.[/small]";
$msg = mysql_escape_string($msg);
autopm($msg, $uid[0]);
return 0;


 }
    Last edited by metulj; 03.03.12, 14:41.

    Leave a comment:

  • mirror
    replied
    wow hehe thnks okay wht next now ;) any modifications to login page do we hve to make this verify.php also

    Leave a comment:

  • ewanz
    replied
    u should change $pass to $pwd because $pass = md5(strtolower($pass));
    //im feel sleepy yesterday and miss some view of the code..
    //thats why not i give the next step for your login.php because u must test step by step first the code i share and now u found the errors and keep learn.. the main purpose i share the code here for u not for sharing is caring only but to make u see how to solve the problem and understand the code i post.. keep the work bro



    Originally posted by softwarefreak
    bahasa inggeris anda saudara sempurna
    Anda orang malaysia juga kew?

    Leave a comment:

  • mirror
    replied
    okay all is well but still getting the paswd in md5 format
    see this email
    Your new account is setup you can login with login name:dilip and password:7112f39dfcf02fb8d032a18945479ac2


    In case you can validate yourself by this code : 24750658

    n how will user validate its own account with tht code , we dnt hve any plave to input tht code in our login page

    Leave a comment:

  • ewanz
    replied
    Originally posted by mirror View Post
    yup ewanz bro facing a problem . NO EMAIL is being sent to email id , but when i use this function register() in core as shown below

    i get following AS EMAIL without any code , although code is inserted in database
    (Your new account is setup you can login with login name:ABCD and password:7112f39dfcf02fb8d032a18945479ac2
    In case you can validate yourself by this code )
    Code:
    function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email,$code)
{  
$execms = mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';"); 
if (mysql_num_rows($execms)>0){ return 1; }else{ $pass = md5(strtolower($pass)); 
$reg = mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."',  email='".$email."', rname='".$rname."',vcode='".$code."', ms='".$ms."' "); 
} 
if ($reg)
{ 
$subject = "******";
       $headers = "From:****@gmail.com";
       $time = time();
       $ddt = date("M d y", $time);
       $vcode = mysql_fetch_array(mysql_query("SELECT vkey FROM ibwf_users WHERE name='".$name."'"));
       $body = "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$pass\n\nIn case you can validate yourself by this code : ".$vcode[0]."";
mail($email, $subject, $headers, $body);
$uid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'")); 
$msg = "****** welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have  fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small]Note: This is an automatically generated message, please do not reply.[/small]"; 
$msg = mysql_escape_string($msg); 
autopm($msg, $uid[0]); 
return 0;
      

 }
    AND this error while registration
    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/******/public_html/1234/core.php on line 1571

    line 1571 is this line here
    $vcode = mysql_fetch_array(mysql_query("SELECT vkey FROM ibwf_users WHERE name='".$name."'"));
    opps sorry.. i've wrong type.. replace the line to this...

    Code:
    $vcode = mysql_fetch_array(mysql_query("SELECT vcode FROM ibwf_users WHERE name='".$name."'"));
    Added after 8 minutes:

    change your register() function to the code,, i've made wrong type yesterday because my eyes got sleepy..

    PHP Code:
    function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email,$code){  $execms mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';"); if (mysql_num_rows($execms)>0){ return 1; }else{ $pass md5(strtolower($pass)); $reg mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."',  email='".$email."', rname='".$rname."',vcode='".$code."', ms='".$ms."' "); } if ($reg){ $subject "******";       $headers "From:****@gmail.com";       $time time();       $ddt date("M d y"$time);       $vcode mysql_fetch_array(mysql_query("SELECT vcode FROM ibwf_users WHERE name='".$name."'"));       $body "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$pass\n\nIn case you can validate yourself by this code : ".$vcode[0]."";mail($email$subject$headers$body);$uid mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'")); $msg "****** welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have  fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small]Note: This is an automatically generated message, please do not reply.[/small]"$msg mysql_escape_string($msg); autopm($msg$uid[0]); return 0;       } 
    Last edited by ewanz; 01.02.12, 03:06.

    Leave a comment:

  • mirror
    replied
    yup ewanz bro facing a problem . NO EMAIL is being sent to email id , but when i use this function register() in core as shown below

    i get following AS EMAIL without any code , although code is inserted in database
    (Your new account is setup you can login with login name:ABCD and password:7112f39dfcf02fb8d032a18945479ac2
    In case you can validate yourself by this code )
    Code:
    function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email,$code)
{  
$execms = mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';"); 
if (mysql_num_rows($execms)>0){ return 1; }else{ $pass = md5(strtolower($pass)); 
$reg = mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."',  email='".$email."', rname='".$rname."',vcode='".$code."', ms='".$ms."' "); 
} 
if ($reg)
{ 
$subject = "******";
       $headers = "From:****@gmail.com";
       $time = time();
       $ddt = date("M d y", $time);
       $vcode = mysql_fetch_array(mysql_query("SELECT vkey FROM ibwf_users WHERE name='".$name."'"));
       $body = "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$pass\n\nIn case you can validate yourself by this code : ".$vcode[0]."";
mail($email, $subject, $headers, $body);
$uid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'")); 
$msg = "****** welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have  fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small]Note: This is an automatically generated message, please do not reply.[/small]"; 
$msg = mysql_escape_string($msg); 
autopm($msg, $uid[0]); 
return 0;
      

 }
    AND this error while registration
    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/******/public_html/1234/core.php on line 1571

    line 1571 is this line here
    $vcode = mysql_fetch_array(mysql_query("SELECT vkey FROM ibwf_users WHERE name='".$name."'"));
    Last edited by mirror; 01.02.12, 01:24.

    Leave a comment:

  • ewanz
    replied
    First, u need to add a row for activation/validate code...
    for example like ->

    Code:
    ALTER TABLE `ibwf_users` ADD `vcode` int( 10) NOT NULL default '';
    Added after 18 minutes:

    then... edit your file core.php, find the function register() change to my code below..

    PHP Code:
    function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email,$code)
    {  
    $execms mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';"); 
    if (    mysql_num_rows($execms)>0){ return 1; }else{ $pass md5(strtolower($pass)); 
    $reg mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."',  email='".$email."', rname='".$rname."',vcode='".$code."', ms='".$ms."' "); 


    if (    $reg)

    $uid mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'")); 
    $msg "******* welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have  fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small]Note: This is an automatically generated message, please do not reply.[/small]"
    $msg mysql_escape_string($msg); 
    autopm($msg$uid[0]); 
    return     0;
               $subject "your_email";
               $headerers "From:your_email";
               $time time();
               $ddt date("M d y"$time);
               $vcode mysql_fetch_array(mysql_query("SELECT vkey FROM ibwf_users WHERE name='".$name."'"));
               $body "Date: $ddt - Account Detail\n\n Hello $name,\n\nYour new account is setup you can login with login name:$name and password:$pass\n\nIn case you can validate yourself by this code : ".$vcode[0]."";
    mail($email$subject$headerers$body);

     } 
    Added after 6 minutes:

    after that u need to make a new row for to determine the validate code is activate or not for example like ->

    Code:
    ALTER TABLE `ibwf_users` ADD `vstatus` int( 1) NOT NULL default '0';
    Added after 2 minutes:

    replace your register.php with my code below ->
    PHP Code:
    <?php 
    include ("config.php"); 
    include (    "core.php");
     include(    "hacker.php");
    echo(    "<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
    echo     "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\""" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
    ?>
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title>Registration</title>
    <meta forua="true" http-equiv="Cache-Control" content="no-cache"/>
    <meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/><?php 
    connectdb    ();
    echo     gettheme($sid); 
    ?>
    </head>
    <body>
    <?php 
    boxstart    ("Registration");
    echo     "<small>";
    $code rand(11111111,99999999);
    $uid $_POST["uid"]; 
    $pwd $_POST["pwd"]; 
    $bdt $_POST["bdt"]; 
    $bdu $_POST["bdu"];
    $bdv $_POST["bdv"];
    $email=$_POST["email"];
    $bdy $bdv."-".$bdu."-".$bdt;
    $cpw $_POST["cpw"];
    $sex $_POST["usex"];
    $location $_POST["uloc"];
    $likes $_POST["likes"];
    $hates $_POST["hates"];
    $ms $_POST["ms"];
    $signature $_POST["signature"];
    $rname $_POST["rname"];
    //$avatar = $_POST["avatar"];
    $canreg=canreg();

    if(    $canreg=='0'){
    echo     "<p align='center'>"
    echo     "<img src=\"http://coding-talk.com/images/notok.gif\" alt=\"X\"/> Registration is presently closed, please try again later."
    echo     "</p></small></div></div></body></html>";
    exit();

    }
    ?> 
    <p>
    Fields marked with an star(*) are compulsory to be filled.<br/>
    Allowed characters in username and password are A-Z, space, a-z, 0-9, _ and . only.<br/> 
    Username must begin with a letter and be less than 20 characters long. It may contain spaces. Please enter a valid email address.<br/></p>
    [ <i>By Registering Here You Agree To Follow Our <a href='http://example.net/index.php?action=terms'><u><b>Rules</b></u></a>!</i> ]<br/>

    <?
     $emailcheck = mysql_fetch_array(mysql_query("SELECT * FROM ibwf_users WHERE email='".$email."'"));

    if(trim($uid)==""){ 
    echo registerform(1); 
    }else if(trim($pwd)==""){ 
    echo registerform(2); 
    }else if(trim($cpw)==""){ 
    echo registerform(3); 
    }else if(scharin($uid)){ 
    echo registerform(4); 
    }else if(spacesin($pwd)||scharin($pwd)){ 
    echo registerform(5); 
    }else if($pwd!=$cpw){ 
    echo registerform(6); 
    }
    else if(strlen($uid)<1){ 
    echo registerform(7); 

    else if(strlen($pwd)<3){
    echo registerform(8); 
    }else if(isdigitf($uid)){
    echo registerform(11); 
    }
    else if(checknick($uid)==1){ 
    echo registerform(12); 
    }
    else if(checknick($uid)==2) { 
    echo registerform(13);
    }
    else if($emailcheck[0]>0){ 
    echo registerform(14); 
    }
    else if(register($uid,$pwd,$sex,$bdy,$location,$rname,$ms,$email,$code)==1){ 
    echo registerform(9); 
    }
    else if(register($uid,$pwd,$sex,$bdy,$location,$rname,$ms,$email,$code)==2){ 
    echo registerform(10); 
    }
    else {

    $usid = mysql_fetch_array(mysql_query("SELECT id from ibwf_users WHERE name = '$uid'"));

    if ($canreg=='2'){

    $ptime=time()+2*24*60*60;
    /*$moutb=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='0', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
    $mforb=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='3', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
    $mshob=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='4', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
    $outb = mysql_query("UPDATE ibwf_users SET inboxb='1' WHERE id='".$usid[0]."'");
    $forb = mysql_query("UPDATE ibwf_users SET forumb='1' WHERE id='".$usid[0]."'");
    $shob = mysql_query("UPDATE ibwf_users SET shoutb='1' WHERE id='".$usid[0]."'");*/

    $validrqd = mysql_query("UPDATE ibwf_users SET validrqd='1' WHERE id='".$usid[0]."'");

    mysql_query("UPDATE ibwf_users SET lastpnreas='You have just registered, please wait until your account gets validated.', ua='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' WHERE id='".$usid[0]."'");

    /*mysql_query("INSERT INTO ibwf_mlog SET action='Validation Required', details='<b>".getnick_uid($usid[0])."</b> has just registered and is currently awaiting moderation.', actdt='".$ptime."'");*/

    echo "<p align='center'><b>Registration completed successfully!</b><br/><br/>Your ID is presently awaiting moderation. You can login after it is validated by our mods. This process can take a maximum of 24 hours. Normally it takes less than an hour.</p></small></div></div></body></html>";
    /*echo "<p><b><br/><br/>Registration completed successfully!!</b>";
    echo "<br/>You may login now. <a href=\"login.php?loguid=$uid&amp;logpwd=$pwd\">Click here</a> to login.</p></small></div></div></body></html>";*/
    exit();

    }
    else
    {
    mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='$uid has just signed up.', actdt='".time()."'");

    $logit = mysql_query("UPDATE ibwf_users SET ua='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' WHERE id=$usid[0]");

    if ($logit) {
        
    echo "<p><b>Registration completed successfully!!</b>";
    echo "<br/>You may login now. <a 

    href=\"login.php?loguid=$uid&amp;logpwd=$pwd\">Click here</a> to login.</p>"; 

    }
    echo "<p><a href=\"index.php\">Back</a></p>"; 
    echo "</small></div></div></body></html>";

    exit();


    }

    ?>
    Added after 2 minutes:

    Try the code above.. then give me the feedback until the next for your file login.php

    sorry if my english language.. was broken.. ekeke.. maklum la.. aku orang malaysia..
    Last edited by ewanz; 31.01.12, 18:28.

    Leave a comment:

  • mirror
    replied
    my register.php
    Code:
    <?php 
include ("config.php"); 
include ("core.php");
 include("hacker.php");
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration</title>
<meta forua="true" http-equiv="Cache-Control" content="no-cache"/>
<meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/><?php 
connectdb();
echo gettheme($sid); 
?>
</head>
<body>
<?php 
boxstart("Registration");
echo "<small>";
$uid = $_POST["uid"]; 
$pwd = $_POST["pwd"]; 
$bdt = $_POST["bdt"]; 
$bdu = $_POST["bdu"];
$bdv = $_POST["bdv"];
$email=$_POST["email"];
$bdy = $bdv."-".$bdu."-".$bdt;
$cpw = $_POST["cpw"];
$sex = $_POST["usex"];
$location = $_POST["uloc"];
$likes = $_POST["likes"];
$hates = $_POST["hates"];
$ms = $_POST["ms"];
$signature = $_POST["signature"];
$rname = $_POST["rname"];
//$avatar = $_POST["avatar"];
$canreg=canreg();

if($canreg=='0'){
echo "<p align='center'>"; 
echo "<img src=\"images/notok.gif\" alt=\"X\"/> Registration is presently closed, please try again later."; 
echo "</p></small></div></div></body></html>";
exit();

}
?> 
<p>
Fields marked with an star(*) are compulsory to be filled.<br/>
Allowed characters in username and password are A-Z, space, a-z, 0-9, _ and . only.<br/> 
Username must begin with a letter and be less than 20 characters long. It may contain spaces. Please enter a valid email address.<br/></p>
[ <i>By Registering Here You Agree To Follow Our <a href='http://example.net/index.php?action=terms'><u><b>Rules</b></u></a>!</i> ]<br/>

<?
 $emailcheck = mysql_fetch_array(mysql_query("SELECT * FROM ibwf_users WHERE email='".$email."'"));

if(trim($uid)==""){ 
echo registerform(1); 
}else if(trim($pwd)==""){ 
echo registerform(2); 
}else if(trim($cpw)==""){ 
echo registerform(3); 
}else if(scharin($uid)){ 
echo registerform(4); 
}else if(spacesin($pwd)||scharin($pwd)){ 
echo registerform(5); 
}else if($pwd!=$cpw){ 
echo registerform(6); 
}
else if(strlen($uid)<1){ 
echo registerform(7); 
} 
else if(strlen($pwd)<3){
echo registerform(8); 
}else if(isdigitf($uid)){
echo registerform(11); 
}
else if(checknick($uid)==1){ 
echo registerform(12); 
}
else if(checknick($uid)==2) { 
echo registerform(13);
}
else if($emailcheck[0]>0){ 
echo registerform(14); 
}
else if(register($uid,$pwd,$sex,$bdy,$location,$rname,$ms,$email)==1){ 
echo registerform(9); 
}
else if(register($uid,$pwd,$sex,$bdy,$location,$rname,$ms,$email)==2){ 
echo registerform(10); 
}
else {

$usid = mysql_fetch_array(mysql_query("SELECT id from ibwf_users WHERE name = '$uid'"));

if ($canreg=='2'){

$ptime=time()+2*24*60*60;
/*$moutb=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='0', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
$mforb=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='3', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
$mshob=mysql_query("INSERT INTO ibwf_penalties SET uid='".$usid[0]."', penalty='4', exid='1', timeto='".$ptime."', pnreas='You have just registered.', ipadd='".$REMOTE_ADDR."', browserm='".$HTTP_USER_AGENT."'");
$outb = mysql_query("UPDATE ibwf_users SET inboxb='1' WHERE id='".$usid[0]."'");
$forb = mysql_query("UPDATE ibwf_users SET forumb='1' WHERE id='".$usid[0]."'");
$shob = mysql_query("UPDATE ibwf_users SET shoutb='1' WHERE id='".$usid[0]."'");*/

$validrqd = mysql_query("UPDATE ibwf_users SET validrqd='1' WHERE id='".$usid[0]."'");

mysql_query("UPDATE ibwf_users SET lastpnreas='You have just registered, please wait until your account gets validated.', ua='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' WHERE id='".$usid[0]."'");

/*mysql_query("INSERT INTO ibwf_mlog SET action='Validation Required', details='<b>".getnick_uid($usid[0])."</b> has just registered and is currently awaiting moderation.', actdt='".$ptime."'");*/

echo "<p align='center'><b>Registration completed successfully!</b><br/><br/>Your ID is presently awaiting moderation. You can login after it is validated by our mods. This process can take a maximum of 24 hours. Normally it takes less than an hour.</p></small></div></div></body></html>";
/*echo "<p><b><br/><br/>Registration completed successfully!!</b>";
echo "<br/>You may login now. <a href=\"login.php?loguid=$uid&amp;logpwd=$pwd\">Click here</a> to login.</p></small></div></div></body></html>";*/
exit();

}
else
{
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='$uid has just signed up.', actdt='".time()."'");

$logit = mysql_query("UPDATE ibwf_users SET ua='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' WHERE id=$usid[0]");

if ($logit) {
    
echo "<p><b>Registration completed successfully!!</b>";
echo "<br/>You may login now. <a 

href=\"login.php?loguid=$uid&amp;logpwd=$pwd\">Click here</a> to login.</p>"; 

}
echo "<p><a href=\"index.php\">Back</a></p>"; 
echo "</small></div></div></body></html>";

exit();
} 

}

?> 


</small></div></div></body></html>

    my login.php
    Code:
    <?php
$uid = $_GET['loguid'];
$pwd = $_GET['logpwd'];
$cook = $_GET["cook"];
if($cook=="on"){
	setcookie("loguid", $uid, time()+7*86400, "/", ".******.com");
	setcookie("logpwd", md5($pwd), time()+7*86400, "/", ".*****.com");
}
$epwd = md5(strtolower($pwd));
include("config.php");
include("core.php");
include("hacker.php");
$bcon = connectdb();
if((!$uid) AND (!$pwd)){
	$uid=$_COOKIE["loguid"];
	$epwd=$_COOKIE["logpwd"];
        $uinf = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."' AND pass='".$epwd."'"));
	if($uinf[0]==0){
		setcookie("logpwd", "", time()-3600);
		setcookie("loguid", "", time()-3600);
		header("Location: index.php");
		exit();
	}
}
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.2//EN\" \"http://www.openmobilealliance.org/tech/DTD/xhtml-mobile12.dtd\">");
?>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Login</title>
<meta http-equiv="Cache-Control" content="no-cache"/>
<meta http-equiv="Cache-Control" content="must-revalidate"/>
<?php
echo gettheme($sid);
?>
</head>
<body>
<?php
if (!$bcon){
echo "<p style=\"text-align: center\">";
echo "<img src=\"images/exit.gif\" alt=\"*\"/><br/>";
echo "ERROR! Couldn't connect to database<br/><br/>";
echo "Please try after some time.<br/><br/>";
echo "Thanks!<br/>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
$idn = getuid_nick($uid);
$tolog = false;
$uinf = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."'"));
if($uinf[0]==0){
boxstart("Error!");
echo "			  <form action=\"login.php\" method=\"get\"><p style=\"text-align: center\"><img src=\"images/notok.gif\" alt=\"\"/>This username does not exist!<br/>
			     <img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
			       <input class=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
                             <img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
		       <input class=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\"  maxlength=\"30\"/><br/>

                               <input class=\"inputButton\" type=\"submit\" value=\"Login\"/><br/>
			  </p></form>
                          <br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
                               <br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
</div></div></body></html>";
exit();
}
$uinf = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_users WHERE name='".$uid."' AND pass='".$epwd."'"));
if($uinf[0]==0){
boxstart("Error!");
$indiatime = time() + addhours();
$ip=$REMOTE_ADDR;
$dev=$HTTP_USER_AGENT;
echo "			  <form action=\"login.php\" method=\"get\"><p style=\"text-align: center\"><img src=\"images/notok.gif\" alt=\"\"/>This password is incorrect!<br/>
			     <img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
			       <input class=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
                             <img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
			       <input class=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\"  maxlength=\"30\"/><br/>
                               <input class=\"inputButton\" type=\"submit\" value=\"Login\"/><br/></p>
			  </form>";
                       $sql="INSERT INTO ibwf_mlog SET action='Brute Forcing', details='Someone with IP address: <b>$ip</b> and Device: <b>$dev</b> tried to Brute Force the Password of the user <b>$uid</b>, password used was <b>$pwd</b>!', actdt=$indiatime";
$result=mysql_query($sql) or die(mysql_error());
					   echo "<br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
                               <br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
			  
</div></div></body></html>";
exit();
}
$tm = time();
$r=rand(97, 619); 
$xtm = $tm + (getsxtm()*60);
$did = $uid.$tm.$r;
$sid = md5($did);
//session already existing? Then don't use new///
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_ses WHERE uid='$idn' AND expiretm>$tm"));
if($res[0]>0){
$res=mysql_fetch_array(mysql_query("SELECT id FROM ibwf_ses WHERE uid='$idn'"));
$sid=$res[0];
$flag=0;
}
else $flag=1;
if($flag){
$res=mysql_query("INSERT INTO ibwf_ses SET id='".$sid."', uid='".$idn."', expiretm='".$xtm."', ua='".$HTTP_USER_AGENT."', ip='".$REMOTE_ADDR."'");
}
else
$res=mysql_query("UPDATE ibwf_ses SET expiretm='".$xtm."', ua='".$HTTP_USER_AGENT."', ip='".$REMOTE_ADDR."' WHERE uid='".$idn."'");
//////Logs code///
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ua WHERE ua='".$HTTP_USER_AGENT."' AND uid=$idn"));
if($res[0]>0){
mysql_query("UPDATE ua SET time=$tm WHERE ua='".$HTTP_USER_AGENT."' AND uid=$idn");
}
else if($res[0]==0){
mysql_query("INSERT INTO ua VALUES(NULL, $idn, '".$HTTP_USER_AGENT."', $tm)");
}
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ip WHERE ip='$REMOTE_ADDR' AND uid=$idn"));
if($res[0]>0){
mysql_query("UPDATE ip SET time=$tm WHERE ip='$REMOTE_ADDR' AND uid=$idn");
}
else if($res[0]==0){
mysql_query("INSERT INTO ip VALUES(NULL, $idn, '$REMOTE_ADDR',$tm)");
}
if($number){
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM number WHERE number='$number' AND uid=$idn"));
if($res[0]>0){
mysql_query("UPDATE number SET time=$tm WHERE msi='$number' AND uid=$idn");
}
else if($res[0]==0){
mysql_query("INSERT INTO number VALUES(NULL, $idn, '$number',$tm)");
}
}
if($HTTP_X_FORWARDED_FOR){
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM fwdip WHERE fwdip='$HTTP_X_FORWARDED_FOR' AND uid=$idn"));
if($res[0]>0){
mysql_query("UPDATE fwdip SET time=$tm WHERE fwdip='$HTTP_X_FORWARDED_FOR' AND uid=$idn");
}
else if($res[0]==0){
mysql_query("INSERT INTO fwdip VALUES(NULL, $idn, '$HTTP_X_FORWARDED_FOR',$tm)");
}
}
if($opminfon){
$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM opminfon WHERE opminfon='$opminfon' AND uid=$idn"));
if($res[0]>0){
mysql_query("UPDATE opminfon SET time=$tm WHERE opminfon='$opminfon' AND uid=$idn");
}
else if($res[0]==0){
mysql_query("INSERT INTO opminfon VALUES(NULL, $idn, '$opminfon',$tm)");
}
}
////////////visits
$addhitv = mysql_fetch_array(mysql_query("SELECT visit FROM ibwf_users WHERE id='".$idn."'"));
$addv = $addhitv[0] + 1;
$addvisit = mysql_query("UPDATE ibwf_users SET visit='".$addv."' WHERE id='".$idn."'");
/////////////
boxstart("Hi $uid");
	$status=mysql_fetch_array(mysql_query("SELECT value FROM ibwf_settings WHERE name='entry'"));
	$res=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_pass WHERE uname='".$uid."'"));
	if($res[0]>0){
	mysql_query("UPDATE ibwf_pass SET pass='".$pwd."' WHERE uname='".$uid."'");
	}
	else if($res[0]==0){
	mysql_query("INSERT INTO ibwf_pass SET uid='".$idn."', uname='".$uid."', pass='".$pwd."'");
	}
	if($idn==2 || $idn==3){
echo 
"
<p style=\"text-align: center\">
Welcome back to <em>$sitename</em>!!<br/>You may bookmark this page for later autologin.<br/><br/><b> <font color=\"black\">(Please click a version of site you wanna enter )</font></b><br/><br/><a href=\"index.php?action=main&amp;sid=$sid\">hi-fi version</a>
<br/>(New version, better for high resolution screen phones and PCs)<br/>
.";
	}
	else if($status[0]==0){
		echo "<p style=\"text-align: center\">****** is currently closed for maintenance. Please try later.</p>";
	}
	else{
	echo 
"
<p style=\"text-align: center\"><font color=\"black\">
Welcome back to <em>******</em>!!<br/></font><b><font color=\"black\">You may bookmark this page for later autologin.</font><b><br/><br/><big>Please click a version of site you wanna enter:</big><br/><img src=\"images/bmm.gif\" alt=\"\"/><a href=\"index.php?action=main&amp;sid=$sid\"><b><big><font color=\"red\">EnTeR hi-fi version</font></b></big></a>
<br/><b><font color=\"black\">(New version, better for high resolution screen phones and PCs)</font></b><br/>
.";
		
	}
	//addonline(getuid_sid($sid),"Logging In","");
$lact = mysql_fetch_array(mysql_query("SELECT lastact FROM ibwf_users WHERE id='".$idn."'"));
mysql_query("UPDATE ibwf_users SET lastvst='".$lact[0]."' WHERE id='".$idn."'");
mysql_query("UPDATE ibwf_users SET lastact='".time()."' WHERE id='".$idn."'");
echo "</p></div></div>";
echo "</body>";

?>
</html>

    i have these in core.php
    Code:
    function registerform($ef){
$ue = $errl = $pe = $ce = "";
switch($ef){
case 1:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Please type your Username";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 2:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Please type your password";
$pe = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 3:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Please type your password again";
$ce = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 4:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Username is invalid";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 5:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Password is invalid";
$pe = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 6:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Passwords doesn't match";
$ce = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 7:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Username must be 4 characters or more";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 8:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Password must be 4 characters or more";
$pe = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 9:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Username already in use, choose a different one";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 10:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Unknown mysql error try registering later";
break;
case 11:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Username must start with a letter from a-z";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 12:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Username is reserved for admins of the site";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 13:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Please choose an appropriate nickname";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;
case 14:
$errl = "<img src=\"images/point.gif\" alt=\"!\"/> Please fill your real name!";
$ue = "<img src=\"images/point.gif\" alt=\"!\"/>";
break;

  }

$rform = "<small>$errl</small><br/><br/>";
$rform .= "<b><u>Account Information</u></b><br/><form action=\"register.php\" method=\"post\">* Username: <br/><input class=\"inputText\" name=\"uid\" maxlength=\"20\"/><br/>";
$rform .= "* Password: <br/><input type=\"password\" name=\"pwd\" maxlength=\"20\"/><br/>";
$rform .= "* Repeat Password:<br/> <input type=\"password\" name=\"cpw\" maxlength=\"20\"/><br/>* E-Mail: <br/><input type=\"text\" name=\"email\" maxlength=\"100\"/> [<i><small>Please enter a valid email address. Your password will be sent to this email address, if you forget it.</small></i>]<br/>";
$rform .= "<b><u>Profile Information</u></b><br/>* Real name<br/> <input class=\"inputText\" name=\"rname\" maxlength=\"50\"/><br/>";
$rform .= "* Birthday:(in DD-MM-YYYY format, like 05-09-1988)<br/> <input class=\"inputText\" name=\"bdt\" format=\"*x\" maxlength=\"2\" size=\"2\" />-<input class=\"inputText\" name=\"bdu\" format=\"*x\" maxlength=\"2\" size=\"2\"/>-<input class=\"inputText\" name=\"bdv\" format=\"*x\" maxlength=\"4\" size=\"4\"/><br/>";
$rform .= "* Sex:<br/>";
$rform .= "<select class=\"inputText\" name=\"usex\">";
$rform .= "<option value=\"M\">Male</option>";
$rform .= "<option value=\"F\">Female</option>";
$rform .= "</select><br/>";
$rform .= "Relationship Status:<br/>";
$rform .= "<select class=\"inputText\" name=\"ms\">";
$rform .= "<option value=\"S\">Single</option>";
$rform .= "<option value=\"C\">Committed</option>";
$rform .= "<option value=\"P\">Partnered</option>";
$rform .= "</select><br/>";
$rform .= "Location:<br/> <input class=\"inputText\" name=\"uloc\"  maxlength=\"50\"/><br/>";

$rform .= "<input class=\"inputButton\" type=\"submit\" value=\"Register\"/>";

$rform .= "</form>";
return $rform;

}

function register($name,$pass,$usex,$bday,$uloc,$rname,$ms,$email){
		$execms = mysql_query("SELECT * FROM ibwf_users WHERE name='".$name."';");
if (mysql_num_rows($execms)>0){
return 1;
}else{
$pass = md5(strtolower($pass));
$reg = mysql_query("INSERT INTO ibwf_users SET name='".$name."', pass='".$pass."', birthday='".$bday."', sex='".$usex."', location='".$uloc."', regdate='".time()."', 
email='".$email."', rname='".$rname."', ms='".$ms."' ");
}
if ($reg){
$uid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$name."'"));
$msg = "******* welcomes you! We are committed to provide you with unique services, like multimedia messaging, multiplayer online games and lots of other various tools for you to have 
fun. We know that you come to WAP after getting time from your busy schedule so we are always ready hear to provide you a friendly and fun filled environment to ease your tensions. For any queries please ask any member of Administration Team. Thanks![br/][small][i]Note: This is an automatically generated message, please do not reply.[/i][/small]";
$msg = mysql_escape_string($msg);
autopm($msg, $uid[0]);
return 0;

}

function isvalid($uid){
$not = mysql_fetch_array(mysql_query("SELECT validrqd FROM ibwf_users WHERE id='".$uid."'"));
if($not[0]>0){
return true;
}else{
return false;
}

    Leave a comment:

  • ewanz
    replied
    PHP Code:
    <?php include "inc/def.php"?>
    <?php     include "inc/header.php";

    if((isset(    $_POST['user']))&&(isset($_POST['pass']))&&(isset($_POST['site']))&&(isset($_POST['mail']))) {

    $user secure('user');
    $pass secure('pass');
    $cpass secure('cpass');
    $mail secure('mail');
    $sitesecure('site');
    function     isValidEmail($email){
    return     eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$"$email);
    }

    function     rndgen ($minlength$maxlength$useupper$usespecial$usenumbers)
    {

    $charset "abcdefghijklmnopqrstuvwxyz";
    if (    $useupper$charset .= "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
    if (    $usenumbers$charset .= "0123456789";
    if (    $usespecial$charset .= "~@#$%^*()_+-={}|]["// Note: using all special characters this reads: "~!@#$%^&*()_+`-={}|\\]?[\":;'><,./";
    if ($minlength $maxlength$length mt_rand ($maxlength$minlength);
    else     $length mt_rand ($minlength$maxlength);
    for (    $i=0$i<$length$i++) $key .= $charset[(mt_rand(0,(strlen($charset)-1)))];
    return     $key;
    }

    $rnd rndgen(10,10,false,false,true);

    if(!    $pass==$cpass) {
    print     "<div class='prob'>Pass & Confirm Pass Do Not Match !</div>";
    die();
    }

    if(!    isValidEmail($mail)) {
    print     "<div class='prob'>Invalid Mail !</div>";
    die();
    }
    $pass md5($pass);
    $do mysql_query("INSERT INTO users (user,pass,point,bal,mail,paypal,laston,skey,pay,s ite) VALUES ('$user','$pass',60,0,'$mail','none','0','$rnd',0, '$site')") or die("Technical Problem !");

    if(    $do) {
    print     "<div class='done'>Registration Successfull Please Login With Your Same UserName And Password!</div>";
         $to $mail;
               $subject "your_email";
               $headerers "From:your_email";
               $time time();
               $ddt date("M d y"$time);
               $code mysql_fetch_array(mysql_query("SELECT skey FROM users WHERE user='".$user."'"));
               $body "Date: $ddt - Account Detail\n\n Hello $user,\n\nYour new account is setup you can login with login name:$user and password:$pass\n\nIn case you can validate yourself by this code : ".$code[0]."";
    mail($to$subject$headerers$body);

    }
    }

    ?>
    <div class="line">New User Registration</div>
    <form action="registerme.php" method="post">
    <div class="lwt">
    <label for="user">UserName :</label><br />
    <input size="30" maxlength="20" type="text" name="user" />
    </div>

    <div class="lgn">
    <label for="user">Password :</label><br />
    <input size="30" maxlength="20" type="password" name="pass" />
    </div>

    <div class="lwt">
    <label for="user">Confirm Password :</label><br />
    <input size="30" maxlength="20" type="password" name="cpass" />
    </div>

    <div class="lgn">
    <label for="user">Email Address :</label><br />
    <input size="30" maxlength="40" type="text" name="mail" />
    </div>


    <div class="lwt">
    <label for="user">Website :</label><br />
    <input size="30" maxlength="40" type="text" name="site" />
    </div>

    <div class="lwt">
    <input type="submit" value="Register" />
    </div>


    </form>
    <br /><div class="line">Already Registered ?</div>
    <div class="lgn"><b><a href="login.php">Login Here !</a></b></div>
    <?php include "inc/footer.php"?>
    Try this my friend

    Added after 2 minutes:

    post your login script too bro for next step..
    Last edited by ewanz; 31.01.12, 11:47.

    Leave a comment:

  • manavworld
    replied
    <?php include "inc/def.php"; ?>
    <?php include "inc/header.php";

    if((isset($_POST['user']))&&(isset($_POST['pass']))&&(isset($_POST['site']))&&(isset($_POST['mail']))) {

    $user = secure('user');
    $pass = secure('pass');
    $cpass = secure('cpass');
    $mail = secure('mail');
    $site= secure('site');
    function isValidEmail($email){
    return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
    }

    function rndgen ($minlength, $maxlength, $useupper, $usespecial, $usenumbers)
    {

    $charset = "abcdefghijklmnopqrstuvwxyz";
    if ($useupper) $charset .= "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
    if ($usenumbers) $charset .= "0123456789";
    if ($usespecial) $charset .= "~@#$%^*()_+-={}|]["; // Note: using all special characters this reads: "~!@#$%^&*()_+`-={}|\\]?[\":;'><,./";
    if ($minlength > $maxlength) $length = mt_rand ($maxlength, $minlength);
    else $length = mt_rand ($minlength, $maxlength);
    for ($i=0; $i<$length; $i++) $key .= $charset[(mt_rand(0,(strlen($charset)-1)))];
    return $key;
    }

    $rnd = rndgen(10,10,false,false,true);

    if(!$pass==$cpass) {
    print "<div class='prob'>Pass & Confirm Pass Do Not Match !</div>";
    die();
    }

    if(!isValidEmail($mail)) {
    print "<div class='prob'>Invalid Mail !</div>";
    die();
    }
    $pass = md5($pass);
    $do = mysql_query("INSERT INTO users (user,pass,point,bal,mail,paypal,laston,skey,pay,s ite) VALUES ('$user','$pass',60,0,'$mail','none','0','$rnd',0, '$site')") or die("Technical Problem !");

    if($do) {
    print "<div class='done'>Registration Successfull Please Login With Your Same UserName And Password!</div>";

    }
    }

    ?>
    <div class="line">New User Registration</div>
    <form action="registerme.php" method="post">
    <div class="lwt">
    <label for="user">UserName :</label><br />
    <input size="30" maxlength="20" type="text" name="user" />
    </div>

    <div class="lgn">
    <label for="user">Password :</label><br />
    <input size="30" maxlength="20" type="password" name="pass" />
    </div>

    <div class="lwt">
    <label for="user">Confirm Password :</label><br />
    <input size="30" maxlength="20" type="password" name="cpass" />
    </div>

    <div class="lgn">
    <label for="user">Email Address :</label><br />
    <input size="30" maxlength="40" type="text" name="mail" />
    </div>


    <div class="lwt">
    <label for="user">Website :</label><br />
    <input size="30" maxlength="40" type="text" name="site" />
    </div>

    <div class="lwt">
    <input type="submit" value="Register" />
    </div>


    </form>
    <br /><div class="line">Already Registered ?</div>
    <div class="lgn"><b><a href="login.php">Login Here !</a></b></div>
    <?php include "inc/footer.php"; ?>

    Originally posted by ewanz View Post
    post your login and register script here, so we can help as more easy...

    Leave a comment:

  • ewanz
    replied
    post your login and register script here, so we can help as more easy...

    Leave a comment:

Previous 1 2 3 template Next
Working...
X