new lava base

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    new lava base

    ok here ive started a lava base so there basicly nothing in just register and login then main page but the problem are ive main a head.php page and all the coding that came ontop before the actions start are in there so now the site dnt want to display

    Demo

    so anyone that have a fix post it here after and also any security measurements post here

    Added after 18 minutes:

    what are wrong here
    head.php
    Code:
    <?php
session_name("PHPSESSID");
session_start();
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">";
echo "<link rel=\"StyleSheet\" type=\"text/css\" href=\"style.css\" />";
echo "<meta http-equiv=\"Cache-Control\" content=\"must-revalidate\" />\n";
echo "<meta http-equiv=\"Cache-Control\" content=\"no-cache\" />\n";
echo "<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n";
echo "<head><title>CodeGeekz</title>";
?>

<?php
include("config.php");
include("core.php");

$bcon = connectdb();
$uid = getuid_sid($sid);
if (!$bcon)
{
echo "<p align=\"center\">";
echo "<div class=\"navItem4\">";
echo "<img src=\"images/exit.gif\" alt=\"*\"/><br/>";
echo "DATABASE are out of order<br/><br/>";
echo "Sorry for the down time <br/><br/>";
echo "<b>Be Back Soon</b>";
echo "</p></div>";
exit();
}
$brws = explode("/",$_SERVER['HTTP_USER_AGENT']);
$ubr = $brws[0];
$uip = getip();
$act = $_GET["act"];
$sid = $_SESSION['sid'];
$page = $_GET["page"];
$who = $_GET["who"];
cleardata();
if(isipbanned($uip,$ubr))
{
if(!isshield(getuid_sid($sid)))
{
echo "<p align=\"center\">";
echo "<div class=\"navItem4\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "Your ip are Blocked<br/>";
echo "<br/>";
echo "Contact the owner to ask to come back thank you....<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT  timeto FROM penalties WHERE  penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));
//echo mysql_error();
$remain =  $banto[0] - (time() - $timeadjust) ;
$rmsg = gettimemsg($remain);
echo "Time to unblock the IP: $rmsg<br/><br/>";
echo "</p></div>";
echo "<p>";
echo "<form action=\"enter.php\" method=\"get\">";
echo "Username:<br/> <input name=\"loguid\" format=\"*x\" size=\"8\" maxlength=\"30\"/><br/>";
echo "Password:<br/> <input type=\"password\" name=\"logpwd\" size=\"8\" maxlength=\"30\"/><br/>";
echo "<input type=\"submit\" value=\"Login\"/>";
echo "</form>";
echo "</p>";
exit();
      }
    }
if(($act != "") && ($act!="terms"))
{
$uid = getuid_sid($sid);
if((islogged($sid)==false)||($uid==0))
    {
echo "<p align=\"center\">";
echo "<div class=\"navItem4\">";
echo "You arn't login!!!!<br/>";
echo "Or ur session have expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p></div>";
exit();
    }
}
//echo isbanned($uid);
if(isbanned($uid))
    {
echo "<p align=\"center\">";
echo "<div class=\"navItem4\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM members WHERE id='".$uid."'"));
$remain = $banto[0]- (time() - $timeadjust) ;
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "Ban Reason: $banres[0]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p></div>";
exit();
}
$res = mysql_query("UPDATE members SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");
?>
    index.php
    Code:
    <?php
include("head.php");
/////////////////////////Main Page Here
  
echo "<p align=\"center\">";
echo "<small>";
echo "<div class=\"navItem1\">";
echo "This is our newest script<br/>";
echo "<small>";
$onu = getnumonline() + 0;
echo "Members Inside: $onu<br/>";
$norm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM members"));
echo "Registered Members: <b>$norm[0]</b><br/><br/>";
echo "</small>";
echo "</small>";
echo "</p></div>";
echo "<p>";
echo "<div class=\"navItem4\">";
echo "<form method=\"get\" action=\"enter.php\">";
echo "<small>UserName:</small> <input name=\"loguid\" format=\"*x\" maxlength=\"30\"/><br/>";
echo "<small>Password:</small> <input type=\"password\" name=\"logpwd\"  maxlength=\"30\"/><br/>";
echo "<input type=\"submit\" name=\"Submit\" value=\"Log In\"/><br/>";
echo "</form>";
echo "</p></div>";
echo "<p>";
echo "</p>";
echo "<div class=\"navItem1\">";
echo "Not registered yet?<br/>";
echo "<a href=\"register.php?act=register\">Sign Up</a><br/><br/>";
echo "<p align=\"center\">";
echo "<small>";
echo "&#169; $stitle 2013";
echo "</small>";
echo "</p></div>";
exit();
?>
    Attached Files
    Last edited by riderz; 19.01.13, 20:34.
    ________________
    Jacques
    jacques@gw-designs.co.za
    http://coding.biz.tm
    Come join and lets make it a place to learn all the noobies how to code
    __________________

    NEVER FORGET TO CLICK THE TANX BUTTON IF U LIKE WHAT IM SHARING OR HELPING WITH
    Tags: None
    #2
    one of the well known holes here:
    PHP Code:
    $brws explode("/",$_SERVER['HTTP_USER_AGENT']); 

    Comment

      #3
      PHP Code:
      $act $_GET["act"];
      $page $_GET["page"];
      $who $_GET["who"]; 
      ? not good ?

      i'd rather use
      PHP Code:
      @$whatever mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['whatever']))); 
      It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
      ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ ⓐⓡⓔ ⓐⓑⓛⓔ ⓣⓞ ⓗⓔⓐⓡ !
      ιη тнєσяу, тнє ρяα¢тι¢є ιѕ α яєѕυℓт σƒ тнє тнєσяу, вυт ιη ρяα¢тι¢є ιѕ тнє σρρσѕιтє.
      キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!

      Comment

        #4
        anyone that can help me on head.php please got a big error there it cause my site to show a blank page
        ________________
        Jacques
        jacques@gw-designs.co.za
        http://coding.biz.tm
        Come join and lets make it a place to learn all the noobies how to code
        __________________

        NEVER FORGET TO CLICK THE TANX BUTTON IF U LIKE WHAT IM SHARING OR HELPING WITH

        Comment

          #5
          try putting:
          PHP Code:
          error_reporting  (E_ALL);
          ini_set ('display_errors'true); 
          on the top of the page and it will tell you where the error is.

          Comment

            #6
            you have no closing head tag or any body tags just a quick glance.
            Creator of
            Epix.Mobi

            Keep an Eye on us Big things coming soon!!!!
            Need something for your site hit me up here
            http://coding-talk.com/forum/main-fo...r-your-wapsite

            Comment

              #7
              i added proper html opening and closing tags, put the head tags in correct place etc etc.
              and the problem still existed for him.

              the strangest part was even after i had corrected the html when trying to view the page source of the file it would still only show the html up to the opening <body> tag then a blank page too on page source. its a strange problem, we also found out the site only appeared using google chrome,

              opera, firefox, ie8 all failed at parsing the html.

              very strange.
              <?php
              include ('Ghost');
              if ($Post == true) {
              echo '

              sigpic
              alt='coding-talk.com!!' />';
              echo 'Sharing Is Caring!';
              } else {
              echo '

              alt='the username GHOST has been comprimised!' />';
              echo 'OMG SOMEBODY HELP ME!!';
              }
              ?>

              Comment

                #8
                Remove exit; from head.php
                Mobile chat, iphone chat, android chat, chat, rooms http://www.aiochat.com

                Comment

                  #9
                  you are missing the function getip()

                  Comment

                    #10
                    thank you something else got the index fine now but for some reason my main.php dont want to show ive even copied my content from head.php to main.php to see if i get it right
                    ________________
                    Jacques
                    jacques@gw-designs.co.za
                    http://coding.biz.tm
                    Come join and lets make it a place to learn all the noobies how to code
                    __________________

                    NEVER FORGET TO CLICK THE TANX BUTTON IF U LIKE WHAT IM SHARING OR HELPING WITH

                    Comment

                      #11
                      i found the closing tag is missing !

                      Comment

                        #12
                        Ok we got it fixed up so demo can be viewed now
                        ________________
                        Jacques
                        jacques@gw-designs.co.za
                        http://coding.biz.tm
                        Come join and lets make it a place to learn all the noobies how to code
                        __________________

                        NEVER FORGET TO CLICK THE TANX BUTTON IF U LIKE WHAT IM SHARING OR HELPING WITH

                        Comment

                        Previous template Next
                        Working...
                        X