how do i stop them from registering 3thousand names in seconds?they flooding the forum someone help me and when the staff create a club they able to login with that staff name someone help me stop all this
-
-
how they able to login with staff name?
only way is they knows ur staff passwords or u did not put logs text safe with password or somebody is stealing ur sessions.sigpic
WANT GOOD CHEAP HOSTING WITH 99% UPTIME? THEN PM ME FOR DETAILS!! -
how would they steal session if i stop all php file to work in avatar?Comment
-
put that in register.php ...
it works nice ... its from a romanian lava edit:PPHP Code:$actime = mysql_fetch_array(mysql_query("SELECT regdate FROM lib3rtymrc_users WHERE browserm='".$ubr."' ORDER BY regdate DESC LIMIT 1"));
$timeout = $actime[0] + (3*60);
if(time()<$timeout)
{
$tm = time();
$ramas = $timeout - $tm;
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"X\"/><br/><small>Un user cu un browser similar cu al dumneavoastra tocmai s-a inregistrat pe site<br/>Ne pare rau dar va ve-ti putea creea un cont nou peste <b>$ramas secunde</b></small><br/>";
echo "</p>";
}else{
# ANTI FLOOD BROWSER #2
$brwsu = explode("$_SERVER",$HTTP_USER_AGENT);
$ubr = $brwsu[0];
$actime = mysql_fetch_array(mysql_query("SELECT regdate FROM lib3rtymrc_users WHERE browserm='".$ubr."' ORDER BY regdate DESC LIMIT 1"));
$timeout = $actime[0] + (3*60);
if(time()<$timeout)
{
$tm = time();
$ramas = $timeout - $tm;
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"X\"/><br/><small>Un user cu un browser similar cu al dumneavoastra tocmai s-a inregistrat pe site<br/>Va puteti creea un cont nou peste <b>$ramas secunde</b></small><br/>";
echo "</p>";
}else{
# ANTIFLOOD IP
$uip = getip();
$actime = mysql_fetch_array(mysql_query("SELECT regdate FROM lib3rtymrc_users WHERE ipadd='".$uip."' ORDER BY regdate DESC LIMIT 1"));
$timeout = $actime[0] + (10*60);
if(time()<$timeout)
{
$tm = time();
$ramas = $timeout - $tm;
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"X\"/><br/><small>Un user cu un IP similar cu al dumneavoastra tocmai s-a inregistrat pe site<br/>Reveniti peste <b>$ramas secunde</b></small><br/>";
echo "</p>";
}else{
//register forms ...
}
Last edited by i0nutzxp; 31.08.10, 15:34.<?php unlink('World/Europe/Romania.country'); ?>Comment
-
hope it work gonna try it nowComment
-
to stop session hack is not only to stop php file in avatar.Originally posted by kenrickx View Postsigpic
WANT GOOD CHEAP HOSTING WITH 99% UPTIME? THEN PM ME FOR DETAILS!!Comment
-
it error my register.php
Parse error: syntax error, unexpected $end in /home/yeah/public_html/blaablaabla.com/register.php on line 180
thats the error i get am using wapdesire edit and which other way to stop session hacking?Last edited by kenrickx; 31.08.10, 16:01.Comment
-
For session hack u must use ur own images ( dont steal ) , for download vault files + gallery files make a file down.php with the code :
edit urserlf ...PHP Code:<?PHP
$fid = (int)$_GET['file_id'];
$select = mysql_fetch_assoc(mysql_query("SELECT url FROM table WHERE id='".$fid."'"));
header("Location: {$select['url']}");
?>
//////// kenrickx
one of : { } ( ) is in + or in - ....simple to repairLast edited by i0nutzxp; 31.08.10, 16:20.<?php unlink('World/Europe/Romania.country'); ?>Comment
-
LEARN PHP!!!!!!!!!!!!!!!!!!!!!!!!
You have been given the answer to the problem:
you have got the line number:Originally posted by i0nutzxp View Post
Stop being lazy and work it out yourself its not hard!Originally posted by kenrickx View Post
Added after 9 minutes:
and if your really stuck and cant fix problems like this then open your php.ini file and set:
that will fix most Parse error: syntax error, unexpected $end problemsPHP Code:short_open_tag = On
Last edited by something else; 31.08.10, 20:35.Comment
-
i dont think thatOriginally posted by something else View Post
will solve much of errors...PHP Code:Short_open_tag = On
it'll just allowe you to use
instead more correctPHP Code:<?
.......
?>
PHP Code:<?php
.......
?>キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ â“â“¡â“” â“ⓑⓛⓔ ⓣⓞ â“—â“”â“â“¡ !
ιη тнєσÑу, тнє ÏÑα¢тι¢є ιѕ α Ñєѕυℓт σƒ тнє тнєσÑу, вυт ιη ÏÑα¢тι¢є ιѕ тнє σÏÏσѕιтє.Comment
-
Im think It also allows you to have open statements which are not closed properly eg:Originally posted by metulj View Post
well i have read it works and seen many people saying it works but i have never tested it myselfPHP Code:if($something){
print 'yes';
else{
print 'no';
}
Added after 3 minutes:
You can read many pages here saying it works: Parse error: syntax error, unexpected $end Short_open_tag = On - Google SearchLast edited by something else; 03.10.10, 16:13.Comment
-
thats all true...Originally posted by something else View PostIm think It also allows you to have open statements which are not closed properly eg:
well i have read it works and seen many people saying it works but i have never tested it myselfPHP Code:if($something){
print 'yes';
else{
print 'no';
}
Added after 3 minutes:
You can read many pages here saying it works: Parse error: syntax error, unexpected $end Short_open_tag = On - Google Search
but just
is basicly open tag for ASP...PHP Code:<?...
and many servers doesnt support it by default anymore...
so it's kind a bad practice to use it i guess...
also it may happen that document started with
will be parsed as XML document..PHP Code:<?...キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ â“â“¡â“” â“ⓑⓛⓔ ⓣⓞ â“—â“”â“â“¡ !
ιη тнєσÑу, тнє ÏÑα¢тι¢є ιѕ α Ñєѕυℓт σƒ тнє тнєσÑу, вυт ιη ÏÑα¢тι¢є ιѕ тнє σÏÏσѕιтє.Comment
-
sorry if mistaken but i think asp tags are like <% not <?Comment
-
Whatever! Yal saying junk. Help the kid, kids. Yo kenrick bin a minute. Its catchphrase, i know u hate me. Anyway just use a captcha library in ur registration. That simple. And for the petty sid theft...stick to php sessions. Ive noticed just a few here knw how to grab that or run csrf requests (and thats sad).Comment
Comment