GrimReaper

No I am not looking for a devopler by no means lay off work told you straight up not looking for free work do most on my own so Pete stfu - - - Updated - - - No I am not looking for a devopler by no means lay off work told you straight up not looking for free work do most on my own so Pete stfu

O ya sorry $100.000 a week

I'm am looking for a devolper who willing to work on Rc egine and UOTS I have legitimate licenses I work 5am to 4:00 i get home around 4:30 I can start paying as of October 7,2015 I will will be doing payment installmens each week on Friday.If interested please text me at 762-207- 8238.I will get back to you on break is as follows 7:00am 9:00 am 11:30 1:00 get of 4:00.

I figured it out.

OK I'm sorry Kyle I'm new here. How do you do that and my apologies.

Now see that ?page=authent in login.php on Line 557 to line 558 I was told the authent page causing this think this in login.php - - - Updated - - - Here login.php file below:   <?php session_start(); include('connect_db.php'); if($_SERVER['REMOTE_ADDR'] == '71.176.221.177') { exit; } ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>U.O.T.S - Login</title> <link rel="shortcut icon" href="images/style/favicon.gif"> <link href="external-2.css" rel="stylesheet" type="text/css"> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery-1.4.2.js"></script> <script type = 'text/javascript'> $(function() { $('#usern').bind('keyup focusout',function() { var val = $(this).val(); var load = 'reg_checks.php?a=username&string='+val; $.get(load, function(data) { $('#un_check').html(data); }); }); $('#passw').focusout(function() { var val = $(this).val(); var load = 'reg_checks.php?a=pass&string='+val; $.get(load, function(data) { $('#pw_check').html(data); }); }); $('#passwc').focusout(function() { var valb = $('#passw').val(); var valc = $(this).val(); if(valb) { if(valb == valc) { data = "<font color = '#33FF00'>Matching</font>"; } else { data = "<font color = 'red'>Not matching</font>"; } } else { data = "<font color = 'red'>Empty-0%</font>"; } $('#pw_checktwo').html(data); }); $('#email').focusout(function() { var val = $(this).val(); var load = 'reg_checks.php?a=email&string='+val; $.get(load, function(data) { $('#em_check').html(data); }); }); $('#captcha').keyup(function() { var val = $(this).val(); if(!val) { $('#cap_check').html("<font color = 'red'>Empty</font>"); } else { $('#cap_check').html(""); } }); }); </script> <meta name="description" content="Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, Starts gangs, Smuggle and produce drugs, Commit crimes, Play the casino, Attack other players, Become a property broker, Buy and sell items and much much more!"> <meta name="keywords" content="TBRPG,MMORPG,University,Of,The,Streets,Com,Game,Gang,Drug,Gun,Violence,Crime,RPG,Free,Text,Based,Attack,Casino,Smuggle,u,o,t,s,UOTS,u.o.t.s" /> </head> <body> <center> <table border = '0' cellspacing = '0' width = '1038px' style = 'margin-top: 3px;'> <tr> <td style = 'height: 75px; background: url(images/css/login/banner-text.png) no-repeat left top;'> </td> </tr> <tr> <td align = 'right' valign = 'top'> <table style = 'height: 70px;' cellspacing = '0'> <tr> <td style = 'width: 28px; background: url(images/css/login/login-area-left.png) no-repeat right top;'> </td> <td style = 'background: url(images/css/login/login-area-x.jpg) repeat-x center top;'> <form action = 'login.php?page=authent' method = 'post'> <table width = '600px' style = 'color: #360000;'> <tr> <td align = 'left'> <b>Username:</b> </td> <td align = 'left'> <input type = 'text' name = 'username' value = '' style = 'background: #a8a8a8;'> </td> <td align = 'left'> <b>Password:</b> </td> <td align = 'left'> <input type = 'password' name = 'pass' value = '' style = 'background: #a8a8a8;'> </td> <td align = 'left'> <input type = 'submit' name = 'login' value = 'Login' style = 'background: #a8a8a8;'> </td> </tr> </table> </form> </td> <td style = 'width: 28px; background: url(images/css/login/login-area-right.png) no-repeat left top;'> </td> </tr> </table> </td> </tr> <tr> <td align = 'left' valign = 'bottom' style = 'height: 55px; background: rgba(64, 64, 64, 0);'> <table width = '100%' height = '35px' style = 'font-weight: 800; color: white;' border = '0'> <tr align = 'center'> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • <a href = 'login.php?page=home' id = 'linkage'>Home page</a> </td> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • <a href = 'login.php?page=register' id = 'linkage'>Register</a> </td> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • <a href = 'login.php?page=forgotpass' id = 'linkage'>Forgot password</a> </td> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • <a href = 'login.php?page=about' id = 'linkage'>About us</a> </td> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • Contact us </td> <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'> • Screenshots </td> </tr> </table> </td> </tr> <tr> <td align = 'left' valign = 'top' style = 'height: 960px; background: url(images/css/login/page-bg.png) no-repeat center top;'> <div style = 'width: 675px; height: 445px; margin-top: 75px; margin-left: 70px; text-align: center; background: rgba(225,225,225,0.4);'> U.O.T.S is copyright © of IceColdCola networks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved. <?php if(!in_array($_GET['page'],array('home','register','code','forgotpass','authent','about'))) { $_GET['page'] = 'home'; } if(!$_GET['page']) { $_GET['page'] = 'home'; } switch($_GET['page']) { case 'home' : home(); break; case 'register' : register(); break; case 'forgotpass' : forgot_pass(); break; case 'code' : code(); break; case 'authent' : authent(); break; case 'about' : about(); break; } ?> </div> </td> </tr> </table> </center> </body> </html> <?php function home() { echo "<h1>Welcome</h1> <center> <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr> <td align = 'center' colspan = '3'> <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i> </td> </tr> <tr> <td align = 'right' width = '60%'> <h3><b>Users online today:</b></h3> </td> <td width = '10%'> </td> <td align = 'left'>"; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= '".(time()-86400)."'"; $totoday = mysql_num_rows(mysql_query($q_ry)); echo "<h3><b>".$totoday."</b></h3>"; echo "</td> </tr> <tr> <td align = 'center' colspan = '3'> <a href = 'login.php?page=register' style = 'color: #360000;'><h2><b>Register now!</b></h2></a> </td> </tr> </table>"; } function about() { echo "<h1>About Us</h1> <center> <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr> <td align = 'center' colspan = '3'> <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i> </td> </tr> </table>"; } function register() { echo "<h1>Register</h1> <center>"; $_GET['ref'] = preg_replace('/[^0-9]/', '', $_GET['ref']); $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']); $game_url = 'http://'.$_SERVER['HTTP_HOST']; $referer = $game_url."/login.php"; $first_half = explode("?", $_SERVER['HTTP_REFERER']); if($first_half[0] == $referer) { if(!$_POST['usern']) { echo "<form action = 'login.php?page=register' method = 'post'> <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr valign = 'bottom'> <td align = 'right' width = '125px'> Username: </td> <td width = '10px'> </td> <td align = 'left'> <input type = 'text' name = 'usern' id = 'usern'> </td> <td width = '150px'> <span id = 'un_check' style = 'font-weight: 800;'><small>0-9, A-Z, _ & - only.</small></span> </td> </tr> <tr valign = 'bottom'> <td align = 'right'> Password: </td> <td width = '10px'> </td> <td align = 'left'> <input type = 'password' name = 'passw' id = 'passw'> </td> <td width = '150px'> <span id = 'pw_check' style = 'font-weight: 800;'></span> </td> </tr> <tr valign = 'bottom'> <td align = 'right'> Repeat password: </td> <td width = '10px'> </td> <td align = 'left'> <input type = 'password' name = 'passwc' id = 'passwc'> </td> <td width = '150px'> <span id = 'pw_checktwo' style = 'font-weight: 800;'></span> </td> </tr> <tr valign = 'bottom'> <td align = 'right'> Gender: </td> <td width = '10px'> </td> <td align = 'left'> <select name = 'sex' style = 'width: 156px;'> <option value = 'male' SELECTED>Male</option> <option value = 'female'>Female</option> </select> </td> <td width = '150px'> </td> </tr> <tr valign = 'bottom'> <td align = 'right'> Email address: </td> <td width = '10px'> </td> <td align = 'left'> <input type = 'text' name = 'email' id = 'email'> </td> <td width = '150px'> <span id = 'em_check' style = 'font-weight: 800;'><small>Email will be verified.</small></span> </td> </tr> <tr valign = 'bottom'> <td align = 'right' valign = 'top'> Captcha: </td> <td width = '10px'> </td> <td align = 'left'> <input type = 'text' name = 'captcha' id = 'captcha'> <img src = 'captcha.php' width = '145px' height = '60px' style = 'margin-top: 6px; margin-left: -2px;'> </td> <td width = '150px'> <span id = 'cap_check' style = 'font-weight: 800;'><small>Captcha will be verified.</small></span> </td> </tr> <tr valign = 'bottom'> <td align = 'right'> </td> <td width = '10px'> </td> <td align = 'left'> </td> <td width = '150px'> <input type = 'submit' name = 'register' value = 'Register' id = 'linkage'> </td> </tr> </table> </form>"; } else { echo "<table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr> <td align = 'center'>"; $back = "<hr>><a href = 'login.php?page=register' style = 'font-weight: 800; cursor: pointer; color: black;'>Try again</a>"; $check_name = check_name(); if($check_name) { echo $check_name.$back; } else { $check_pass = check_pass(); if($check_pass) { echo $check_pass.$back; } else { $check_email = check_email(); if($check_email) { echo $check_email.$back; } else { $_POST['email'] = stripslashes($_POST['email']); $check_cap = check_cap(); if($check_cap) { echo $check_cap.$back; } else { $code = null; $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789'; for($i = 1; $i<=30; $i++) { $rand = rand(0,strlen($chars)-1); $code.=substr($chars, $rand, 1); } $link = 'http://'.$_SERVER['HTTP_HOST']; $link.= '/login.php?page=code&code='.$code; $message = "Hello ".$_POST['usern'].",\n\n Your email address has been used to create an account at university-of-the-streets.com.\n If this was not you please ignore this email, Otherwise click the link below to activate your account.\n\n ".$link; if(!mail($_POST['email'], "Thank you for signing up to U.O.T.S", $message, "From: [email protected]")) { echo "There was an error with your email, Please try again.".$back; } else { $sex = preg_replace('/[^a-z]/', '', $_POST['sex']); if(!in_array($sex, array('male','female'))) { $sex = 'male'; } $usern = preg_replace('/[^0-9a-zA-Z-_]/', '', $_POST['usern']); $pass = $_POST['passw']; $email = strip_tags(stripslashes($_POST['email'])); $ip = $_SERVER['REMOTE_ADDR']; $ref = preg_replace('/[^0-9]/', '', $_GET['ref']); $ref = $ref ? $ref : 0; $sql = "INSERT INTO `tmp_users` VALUES('NULL', '".mysql_real_escape_string($usern)."', '".mysql_real_escape_string(md5($pass))."', '".mysql_real_escape_string($email)."', '".mysql_real_escape_string($sex)."', '".mysql_real_escape_string(time())."', '".mysql_real_escape_string($ip)."', '".mysql_real_escape_string($ref)."', '".mysql_real_escape_string($code)."')"; mysql_query($sql); echo "Thank you for signing up!<br><br> We have sent an email to you<br> You can activate your account here."; } } } } } echo "</td> </tr> </table>"; } } } function forgot_pass() { echo "<h1>Forgot password</h1>"; $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']); $game_url = 'http://'.$_SERVER['HTTP_HOST']; $referer = $game_url."/login.php"; $first_half = explode("?", $_SERVER['HTTP_REFERER']); if($first_half[0] == $referer) { $_POST['email'] = strip_tags(stripslashes($_POST['email'])); echo "<center> <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr> <td align = 'center'>"; if(!$_POST['email']) { echo "Please enter the email address you used to sign up for the account to recover your password.<br><br> <form action = 'login.php?page=forgotpass' method = 'post'> <table width = '100%'> <tr> <td align = 'right'> <b>Email address:</b> <input type = 'text' name = 'email'> </td> </tr> <tr> <td align = 'right'> <input type = 'submit' name = 'continue' value = 'Continue' id = 'linkage'> </td> </tr> </table> </form>"; } else { $sql = "SELECT `usr_id`,`usr_nme` FROM `usr_tbl` WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { echo "The account linked the email address \"".$_POST['email']."\"was not found!"; } else { $u = mysql_fetch_array($sql); $temppass = null; $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789'; for($i = 1; $i<=8; $i++) { $rand = rand(0,strlen($chars)-1); $temppass.=substr($chars, $rand, 1); } $sql = "UPDATE `usr_tbl` SET `usr_pas` = '".mysql_real_escape_string(md5($temppass))."' WHERE `usr_id` = '".mysql_real_escape_string($u['usr_id'])."'"; mysql_query($sql); $message = "Hello ".$u['usr_nme'].",\n\n We have sent you a new password as requested.\n This password should be changed as soon as you login to something you will remember.\n\n ".$temppass; mail($_POST['email'], "Password recovery - U.O.T.S", $message, "From: [email protected]"); echo "An email with a new password has been sent to you<br>Remember to check junk if it does not appear in your inbox!"; } echo "<hr> ><a href = 'login.php?page=forgotpass' id = 'linkage' style = 'color: black;'>Back</a> <hr>"; } echo "</td> </tr> </table>"; } } function code() { echo "<h1>Confirm email</h1>"; $_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']); echo "<center> <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'> <tr> <td align = 'center'>"; if(!$_GET['code']) { echo "Invalid registration code!"; } else { $sql = "SELECT * FROM `tmp_users` WHERE `code` = '".mysql_real_escape_string($_GET['code'])."'"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { echo "Invalid registration code!"; } else { $u = mysql_fetch_array($sql); $sql = "INSERT INTO `usr_tbl` (`usr_nme`,`usr_login`,`usr_pas`,`usr_email`, `usr_sex`,`usr_sign_date`,`usr_sign_ip`) VALUES ('".mysql_real_escape_string($u['tmp_uname'])."', '".mysql_real_escape_string($u['tmp_uname'])."', '".mysql_real_escape_string($u['tmp_pass'])."', '".mysql_real_escape_string($u['tmp_email'])."', '".mysql_real_escape_string($u['tmp_sex'])."', '".mysql_real_escape_string($u['tmp_date'])."', '".mysql_real_escape_string($u['tmp_ip'])."')"; mysql_query($sql); $user_id = mysql_insert_id(); $sql = "INSERT INTO `usr_stats` (`usr_id`) VALUES ('".mysql_real_escape_string($user_id)."')"; mysql_query($sql); $sql = "INSERT INTO `usr_equipped` (`e_userid`) VALUES ('".mysql_real_escape_string($user_id)."')"; mysql_query($sql); $inbox = "Hello ".$u['tmp_uname'].", Welcome to crystal city, Today i will explain your first lessons on becoming a gangster on these streets, Up in the top right you have your missions tab, Click the missions tab and complete the steps i have set for this mission, At the end you will receive a small but worthy reward. If you have any problems don't hesitate to ask a member of staff for help. Staff can be found under the staff link in the city."; inbox_msg($user_id, 3, 'Welcome', $inbox); if($u['tmp_ref']) { $sql = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'"; $sql = mysql_query($sql); if(mysql_num_rows($sql)) { $sql = "INSERT INTO `referers` VALUES ('NULL', '".mysql_real_escape_string($u['tmp_ref'])."', '".mysql_real_escape_string($user_id)."')"; mysql_query($sql); $sql = "UPDATE `usr_tbl` SET `usr_referals` = `usr_referals` + '1' WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'"; mysql_query($sql); $msg = "Thank you for referring ".$u['tmp_uname']."[".$user_id."]!"; in_event($u['tmp_ref'], $msg); } } echo "Thank you for signing up ".$u['tmp_uname']."[".$user_id."]!<br><br> You may now login<br><br> Enjoy!"; $sql = "DELETE FROM `tmp_users` WHERE `tmp_id` = '".mysql_real_escape_string($u['tmp_id'])."'"; mysql_query($sql); } } echo "</td> </tr> </table>"; } function authent() { echo "<h1>Authentication</h1>"; $error = ""; $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>"; $_POST['pass'] = htmlentities(stripslashes($_POST['pass'])); $_POST['username'] = htmlentities(stripslashes($_POST['username'])); if(!$_POST['username'] || !$_POST['pass']) { $error = "Please go back and fill in the form correctly.<br>".$back; } else { $sql = "SELECT `usr_id`,`usr_fed` FROM `usr_tbl` WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."' AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."' LIMIT 1"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { $error = "User not found! Please go back and try again.<br>".$back; } else { $user = mysql_fetch_array($sql); unset($_SESSION['feduser']); if($user['usr_fed'] > time()) { $_SESSION['feduser'] = $user['usr_id']; header('location:fedjail.php'); exit; } else { if($user['usr_fed']) { $sql = "UPDATE `usr_tbl` SET `usr_fed` = '0' WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'"; mysql_query($sql); } } $_SESSION['myid'] = $user['usr_id']; $_SESSION['verified'] = 0; $sql = "UPDATE `usr_tbl` SET `usr_last_login` = '".mysql_real_escape_string(time())."', `usr_lastact` = '".mysql_real_escape_string(time())."' WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'"; mysql_query($sql); $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '5'"; $rtoday = mysql_fetch_array(mysql_query($q_ry)); $rtoday = $rtoday['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-86400)." ORDER BY `usr_lastact` DESC"; $totoday = mysql_num_rows(mysql_query($q_ry)); if($totoday > $rtoday) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '5'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '6'"; $rhour = mysql_fetch_array(mysql_query($q_ry)); $rhour = $rhour['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-3600)." ORDER BY `usr_lastact` DESC"; $tothour = mysql_num_rows(mysql_query($q_ry)); if($tothour > $rhour) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '6'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '7'"; $rnow = mysql_fetch_array(mysql_query($q_ry)); $rnow = $rnow['setting_value']; $q_ry = "SELECT `usr_id`,`usr_lastact` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-900)." ORDER BY `usr_lastact` DESC"; $onl = mysql_num_rows(mysql_query($q_ry)); if($onl > $rnow) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '7'"; mysql_query($sql); } header('location:index.php'); } } if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; } } function add_live($id, $function) { $sql = "SELECT `usr_live` FROM `usr_tbl` WHERE `usr_id` = '".mysql_real_escape_string($id)."'"; $live = mysql_fetch_array(mysql_query($sql)); $live = $live['usr_live']; $live.= $function; $sql = "UPDATE `usr_tbl` SET `usr_live` = '".mysql_real_escape_string($live)."' WHERE `usr_id` = '".mysql_real_escape_string($id)."'"; mysql_query($sql); } function inbox_msg($user, $from, $subj, $mesg) { $sql = "INSERT INTO `usr_msgs` VALUES('NULL', '".mysql_real_escape_string($user)."', '".mysql_real_escape_string($from)."', '".time()."', '".mysql_real_escape_string($subj)."', '".mysql_real_escape_string($mesg)."', 'no')"; mysql_query($sql); add_live($user, "add_msg();"); } function in_event($player, $text) { $text = stripslashes($text); mysql_query("INSERT INTO `usr_events` VALUES('NULL', '".mysql_real_escape_string($player)."', '".time()."', '".mysql_real_escape_string($text)."', 'no')"); add_live($player, "add_event();"); } function check_name() { $username = $_POST['usern']; if(!$username) { return "Username cannot be empty."; } else { if(preg_match('/[^0-9a-zA-Z-_]/', $username)) { return "Invalid characters detected in your username!"; } else { $username = preg_replace('/[^0-9a-zA-Z-_]/', '', $username); if(strlen($username) < '3') { return "Your username is too short!"; } else { if(strlen($username) > '21') { return "Your username is too long."; } else { $sql1 = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_nme` = '".mysql_real_escape_string($username)."' || `usr_login` = '".mysql_real_escape_string($username)."'"; $sql1 = mysql_query($sql1); $sql2 = "SELECT `tmp_id` FROM `tmp_users` WHERE `tmp_uname` = '".mysql_real_escape_string($username)."'"; $sql2 = mysql_query($sql2); if(mysql_num_rows($sql1) || mysql_num_rows($sql2)) { return "This username is already in use."; } else { return 0; } } } } } } function check_pass() { $pass = $_POST['passw']; $passtwo = $_POST['passwc']; if(!$pass || !$passtwo) { return "Password does not match."; } else { if($pass != $passtwo) { return "Password does not match."; } else { return 0; } } } function check_email() { $_POST['email'] = strip_tags(stripslashes($_POST['email'])); if(!$_POST['email']) { return "Email address cannot be empty."; } else { $email = explode("@", $_POST['email']); $check_for_the_dot = explode(".", $email[1]); if(substr_count($_POST['email'], "@") > '1') { return "Invalid email address."; } else { if(!$check_for_the_dot[1]) { return "Invalid email address."; } else { $sql = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '4'"; $bad_url = mysql_fetch_array(mysql_query($sql)); $bad_url = explode(",", $bad_url['setting_value']); if(in_array($email[1], $bad_url)) { return "Disposable email addresses cannot be used."; } else { if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { return "Invalid email address."; } else { $sql = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'"; $sql = mysql_query($sql); $sql2 = "SELECT `tmp_id` FROM `tmp_users` WHERE `tmp_email` = '".mysql_real_escape_string($_POST['email'])."'"; $sql2 = mysql_query($sql2); if(mysql_num_rows($sql) || mysql_num_rows($sql2)) { return "Email address exists."; } else { return 0; } } } } } } } function check_cap() { $cap = $_POST['captcha']; if(!$cap) { return "Captcha cannot be empty."; } else { if($cap != $_SESSION['cap_code']) { return "Captcha did not match."; } else { return 0; } } } ?>

This right <?php session_start(); require_once('connect_db.php'); ?> <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'> <html> <head> <title>U.O.T.S</title> <link rel="shortcut icon" href="images/style/favicon.gif"> <link href="external.css" rel="stylesheet" type="text/css"> </head> <body> <div id="header"> <table width = '989px' height = '430px'> <tr> <td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'> <div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'> <font size = '+3'>100% Free to play!</font><br> <font size = '+1'>Users online today: 0</font><br> <font size = '+1'>Top gang: N/A</font> </div> </td> </tr> </table> </div> <div id="content"> <table class = "loaded" width = "90%"><tr><td align = "center"> <? $error = ""; $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>"; $_POST['pass'] = htmlentities(stripslashes($_POST['pass'])); $_POST['username'] = htmlentities(stripslashes($_POST['username'])); if(!$_POST['username'] || !$_POST['pass']) { $error = "Please go back and fill in the form correctly.<br>".$back; } else { $sql = "SELECT `usr_id`,`usr_fed` FROM `usr_tbl` WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."' AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."' LIMIT 1"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { $error = "User not found! Please go back and try again.<br>".$back; } else { $user = mysql_fetch_array($sql); unset($_SESSION['feduser']); if($user['usr_fed'] > time()) { $_SESSION['feduser'] = $user['usr_id']; header('location:fedjail.php'); exit; } else { if($user['usr_fed']) { $sql = "UPDATE `usr_tbl` SET `usr_fed` = '0' WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'"; mysql_query($sql); } } $_SESSION['myid'] = $user['usr_id']; $_SESSION['verified'] = 0; $sql = "UPDATE `usr_tbl` SET `usr_last_login` = '".mysql_real_escape_string(time())."', `usr_lastact` = '".mysql_real_escape_string(time())."' <?php session_start(); require_once('connect_db.php'); ?> <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'> <html> <head> <title>U.O.T.S</title> <link rel="shortcut icon" href="images/style/favicon.gif"> <link href="external.css" rel="stylesheet" type="text/css"> </head> <body> <div id="header"> <table width = '989px' height = '430px'> <tr> <td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'> <div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'> <font size = '+3'>100% Free to play!</font><br> <font size = '+1'>Users online today: 0</font><br> <font size = '+1'>Top gang: N/A</font> </div> </td> </tr> </table> </div> <div id="content"> <table class = "loaded" width = "90%"><tr><td align = "center"> <? $error = ""; $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>"; $_POST['pass'] = htmlentities(stripslashes($_POST['pass'])); $_POST['username'] = htmlentities(stripslashes($_POST['username'])); if(!$_POST['username'] || !$_POST['pass']) { $error = "Please go back and fill in the form correctly.<br>".$back; } else { $sql = "SELECT `usr_id`,`usr_fed` FROM `usr_tbl` WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."' AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."' LIMIT 1"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { $error = "User not found! Please go back and try again.<br>".$back; } else { $user = mysql_fetch_array($sql); unset($_SESSION['feduser']); if($user['usr_fed'] > time()) { $_SESSION['feduser'] = $user['usr_id']; header('location:fedjail.php'); exit; } else { if($user['usr_fed']) { $sql = "UPDATE `usr_tbl` SET `usr_fed` = '0' WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'"; mysql_query($sql); } } $_SESSION['myid'] = $user['usr_id']; $_SESSION['verified'] = 0; $sql = "UPDATE `usr_tbl` SET `usr_last_login` = '".mysql_real_escape_string(time())."', `usr_lastact` = '".mysql_real_escape_string(time())."' WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'"; mysql_query($sql); $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '5'"; $rtoday = mysql_fetch_array(mysql_query($q_ry)); $rtoday = $rtoday['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-86400)." ORDER BY `usr_lastact` DESC"; $totoday = mysql_num_rows(mysql_query($q_ry)); if($totoday > $rtoday) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '5'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '6'"; $rhour = mysql_fetch_array(mysql_query($q_ry)); $rhour = $rhour['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-3600)." ORDER BY `usr_lastact` DESC"; $tothour = mysql_num_rows(mysql_query($q_ry)); if($tothour > $rhour) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '6'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '7'"; $rnow = mysql_fetch_array(mysql_query($q_ry)); $rnow = $rnow['setting_value']; $q_ry = "SELECT `usr_id`,`usr_lastact` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-900)." ORDER BY `usr_lastact` DESC"; $onl = mysql_num_rows(mysql_query($q_ry)); if($onl > $rnow) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '7'"; mysql_query($sql); } header('location:index.php'); } } if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; } ?> </td></tr></table> </div> <div id="footer"> U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved. </div> </body> </html> mysql_query($sql); $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '5'"; $rtoday = mysql_fetch_array(mysql_query($q_ry)); $rtoday = $rtoday['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-86400)." ORDER BY `usr_lastact` DESC"; $totoday = mysql_num_rows(mysql_query($q_ry)); if($totoday > $rtoday) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '5'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '6'"; $rhour = mysql_fetch_array(mysql_query($q_ry)); $rhour = $rhour['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-3600)." ORDER BY `usr_lastact` DESC"; $tothour = mysql_num_rows(mysql_query($q_ry)); if($tothour > $rhour) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '6'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '7'"; $rnow = mysql_fetch_array(mysql_query($q_ry)); $rnow = $rnow['setting_value']; $q_ry = "SELECT `usr_id`,`usr_lastact` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-900)." ORDER BY `usr_lastact` DESC"; $onl = mysql_num_rows(mysql_query($q_ry)); if($onl > $rnow) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '7'"; mysql_query($sql); } header('location:index.php'); } } if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; } ?> </td></tr></table> </div> <div id="footer"> U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved. </div> </body> </html>   - - - Updated - - - [ATTACH=CONFIG]2192[/ATTACH] - - - Updated - - - So I login and takes me to this http://www.ripcity.x10host.com/login.php?page=authent OK that's where get that pic above and now if take that login.php?page=authent put index.php it takes me into the game

Thank for reply and fix now :)

It's is a legal licensed copy bought of Ice Cold Cola bought both UOTS and Rc Engine from him.

OK when I login it goes to a page that says authenticate OK so then if i go to my URL and take out home.php and put URL.index.php I'm then inside the game.Can someone help me fix this. <?php session_start(); require_once('connect_db.php'); ?> <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'> <html> <head> <title>U.O.T.S</title> <link rel="shortcut icon" href="images/style/favicon.gif"> <link href="external.css" rel="stylesheet" type="text/css"> </head> <body> <div id="header"> <table width = '989px' height = '430px'> <tr> <td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'> <div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'> <font size = '+3'>100% Free to play!</font><br> <font size = '+1'>Users online today: 0</font><br> <font size = '+1'>Top gang: N/A</font> </div> </td> </tr> </table> </div> <div id="content"> <table class = "loaded" width = "90%"><tr><td align = "center"> <? $error = ""; $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>"; $_POST['pass'] = htmlentities(stripslashes($_POST['pass'])); $_POST['username'] = htmlentities(stripslashes($_POST['username'])); if(!$_POST['username'] || !$_POST['pass']) { $error = "Please go back and fill in the form correctly.<br>".$back; } else { $sql = "SELECT `usr_id`,`usr_fed` FROM `usr_tbl` WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."' AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."' LIMIT 1"; $sql = mysql_query($sql); if(!mysql_num_rows($sql)) { $error = "User not found! Please go back and try again.<br>".$back; } else { $user = mysql_fetch_array($sql); unset($_SESSION['feduser']); if($user['usr_fed'] > time()) { $_SESSION['feduser'] = $user['usr_id']; header('location:fedjail.php'); exit; } else { if($user['usr_fed']) { $sql = "UPDATE `usr_tbl` SET `usr_fed` = '0' WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'"; mysql_query($sql); } } $_SESSION['myid'] = $user['usr_id']; $_SESSION['verified'] = 0; $sql = "UPDATE `usr_tbl` SET `usr_last_login` = '".mysql_real_escape_string(time())."', `usr_lastact` = '".mysql_real_escape_string(time())."' WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'"; mysql_query($sql); $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '5'"; $rtoday = mysql_fetch_array(mysql_query($q_ry)); $rtoday = $rtoday['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-86400)." ORDER BY `usr_lastact` DESC"; $totoday = mysql_num_rows(mysql_query($q_ry)); if($totoday > $rtoday) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '5'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '6'"; $rhour = mysql_fetch_array(mysql_query($q_ry)); $rhour = $rhour['setting_value']; $q_ry = "SELECT `usr_id` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-3600)." ORDER BY `usr_lastact` DESC"; $tothour = mysql_num_rows(mysql_query($q_ry)); if($tothour > $rhour) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '6'"; mysql_query($sql); } $q_ry = "SELECT `setting_value` FROM `game_set` WHERE `setting_id` = '7'"; $rnow = mysql_fetch_array(mysql_query($q_ry)); $rnow = $rnow['setting_value']; $q_ry = "SELECT `usr_id`,`usr_lastact` FROM `usr_tbl` WHERE `usr_lastact` >= ".(time()-900)." ORDER BY `usr_lastact` DESC"; $onl = mysql_num_rows(mysql_query($q_ry)); if($onl > $rnow) { $sql = "UPDATE `game_set` SET `setting_value` = `setting_value` + '1' WHERE `setting_id` = '7'"; mysql_query($sql); } header('location:index.php'); } } if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; } ?> </td></tr></table> </div> <div id="footer"> U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved. </div> </body> </html>