Jump to content

jedigunz

Members
  • Content Count

    96
  • Joined

  • Last visited

Community Reputation

0 Neutral

About jedigunz

  • Rank
    Beginner

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. hmmm ,. this seems interesting,. have you got any of the engine built so far ??
  2.   sure ,.. to be honest this part of this script has not been touched and was working fine before the resend password mod was added,.   if(file_exists('ipbans/'.$IP)) { die("<b><font color=red size=+1>Your IP has been banned, there is no way around this.</font></b></body></html>"); } if($_POST['username']) { if(!valid_email($_POST['email'])) { die("<font color='white'>Sorry, the email is invalid.<br /> ><a href='register.php'<font color='white'>>Back</a>"); } if(strlen($_POST['username']) < 4) { die("<font color='white'>Sorry, the username is too short.<br /> ><a href='register.php'><font color='white'>Back</a>"); } $sm=100;     and im not sure if this was neccesary in the SQL,. i just added it myself you can refer to the resend mod in the link at the top of the page and see what i've added differently to what they have said,. maybe i've added something i didnt need im not sure ,... ALTER TABLE `validating` ADD `squestion` VARCHAR( 255 ) NOT NULL ;
  3. Hello Community maybe you can help or maybe I've overlooked something So i have an email validation mod that was working fine but i've tried to add this reset password mod alongside it Link Below http://old.makewebgames.io/showthre...orget+password the verification email sends fine but im getting this error when it goes to validate.php ,. Sorry the email is invalid ,.. ill describe what i've done below and provide some images to show what i mean. Screens below and a walkthrough of what I've done.   Validate Change I added --- ('{$_POST['squestion']}'), ---- & --- squestion, ---- $db->query("INSERT INTO users (username, login_name, userpass, squestion, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), ('{$_POST['squestion']}'), 1, $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1, '$IP', '$IP')"); $i=$db->insert_id();     also added into validate.php & register.php function QuestionMatch() { sqt1=document.getElementById('sq1').value; sqt2=document.getElementById('sq2').value; if(sqt1 == sqt2) { document.getElementById('squestionresult').innerHTML="<font color='green'>OK</font>"; } else { document.getElementById('squestionresult').innerHTML="<font color='red'>Not Matching</font>"; } } also added into validate.php & register.php <tr> <td>Favourite Colour</td> <td><input type=text id='sq1' name=squestion onkeyup='QuestionMatch();'></td> <td>For Password Reset</td> </tr> <tr> <td>Confirm Favourite Colour</td> <td><input type=text name=csquestion id='sq2' onkeyup='QuestionMatch();'></td> <td><div id='squestionresult'></div></td> </tr> <tr>     Okay now lets move onto what I've changed in the register ,. added -- '{$_POST['squestion']}' , ---   $db->query("INSERT INTO validating VALUES ( '$key' , '$username' , '{$_POST['password']}' , '{$_POST['squestion']}' , '{$_POST['email']}', '{$_POST['promo']}', '{$_POST['gender']}', '{$_POST['ref']}')", $c);     Added this to the email section of the register.php Username: $username Password: {$_POST['password']} Favourite Colour: {$_POST['squestion']}     added this below the password section of the register.php else if($_POST['squestion'] != $_POST['csquestion']) { print "<h1>ERROR! The Questions Dont Match</h1> >Back"; }     SQL's Added,. ALTER TABLE `users` ADD `squestion` VARCHAR( 255 ) NOT NULL ; ALTER TABLE `validating` ADD `squestion` VARCHAR( 255 ) NOT NULL ;
  4. no its really bugging me as well,. would love to have the updated version
  5. cant remember name I used or email or address on that account that's the thing :p,. don't think there's anything you can do for me unless it comes back to me
  6. again I used a fake name with paypal as I was only 13 at the time :p ,. I'm 23 now ,. my names Luke Dunne but think I used James something lool
  7. Kyle I Think I had you on MSN along with ColdBlooded around 8-10 years ago,. I used so many emails and probably kept started and stopped about 30 websites ,. does [email protected] or [email protected] or [email protected] come up at all,. ?? (edited) ,. oh i am php 5 miss typed 4 lool
  8.   So doesn't the new version of mcv2 use Magic Quotes then ?? ,. and also has SQL Injection prevention in place and more stable ??
  9. with the v2 version I've got i have to use PHP-4.2 or PHP-4.3 ,.. as it relies on Magic Quotes and Magic Quotes has been permanent false from PHP-4.4 ,. really annoying to be honest,.. but don't really notice it as i have to use an older version anyway do you own http://nonstopcoding.com/ by the way ??
  10. Fixed It !! this worked in the header.php   -=-=-=-=--=-=-=--=-=-=-=-=-=-=-=-   $hc = $set['hospital_count']; $jc = $set['jail_count']; $ec = $ir['new_events']; $mc = $ir['new_mail']; $ids_checkpost=urldecode($_SERVER['QUERY_STRING']); if(eregi("[\'|'/'\''<'>'*'~'`']",$ids_checkpost) || strstr($ids_checkpost,'union') || strstr($ids_checkpost,'java') || strstr($ids_checkpost,'script') || strstr($ids_checkpost,'substring(') || strstr($ids_checkpost,'ord()')){ $passed=0; echo "<center>What are you trying to do? whatever it is stop it!</center>"; // or blank so they not know they failed.. event_add(3,"<font color=red>".$ir['username']."</font> <b> Tried to use [".$_SERVER['SCRIPT_NAME']."{$ids_checkpost}].. "); exit; }
  11. Thing is with v2 ,. I got the original version maybe around 10 years ago when it first come out,. I no longer have access to the email accounts that it was purchased with lool,. there's a few injections possible like this,. I have no idea about SQL injections and how to prevent them, what would you need to look at maybe i can post it here
  12. Hi Everyone its been a while since I've been on the forums but was hoping someone could help Has anyone got a piece of script to stop this SQL injection ?? cmarket.php?action=buy&ID=1 union all select 1,99999999,0,0 I used to have something that went in the header.php to stop SQL Injections can anyone lend a hand please ?? -JediGunz
  13. well they have been delaying it for years,.. lets be honest,. ive been in contact with Kunal for a fair while and still never seems to release any news,. but for there to be a response from them saying we are doing something gives me a bit of hope that they will finally release some news atleast,. maybe what they've got in place so far,. or something of the sort, they could make themselves a fair fortune from releasing i well made V3,. i just hope they realize that and have something in place for the coding community
  14. [ATTACH=CONFIG]1162[/ATTACH]   Heres what MC-CODE STAFF have sent back as a reply,. so what do you think people ??,. reckon there will be news released after all this time ????   whats your opinions ? :)
  15. im using cronus's facebook login/register mod on my website if you wanna take a look ,.. http://www.modernearth.co.uk
×
×
  • Create New...