bennyh Posted July 29, 2009 Posted July 29, 2009 Hi all, I brought an email validation from a member from here and they think that im installing it wrong and want another $5 for me to install it so i thought i would ask on here first. After users have validated it is not inserting their details into my databases below is my register.php hope you can help :-) <?php session_start(); print "<html> <head> <title>Murder Country</title> <style> body { font-family:Verdana;font-size:9pt;color: red; background-color:black; scrollbar-base-color: red; scrollbar-arrow-color: black; scrollbar-DarkShadow-Color: #000000; } a:visited,a:active,a:hover,a:link { color: red;text-decoration: none; } table,tr,td { font-size:9pt; } img { border:none; } </style> </head> <body>[img=logo.png] "; $ip = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if(file_exists('ipbans/'.$ip)) { die("[b]<font color=red size=+1>Your IP has been banned, there is no way around this.</font>[/b]</body></html>"); } require "mysql.php"; global $c; if($_POST['username']) { $sm=100; if($_POST['promo'] == "Your Promo Code Here") { $sm+=100; } $username=$_POST['username']; $username=str_replace(array("<", ">"), array("<", ">"), $username); $q=mysql_query("SELECT * FROM users WHERE username='{$username}'",$c); if(mysql_num_rows($q)) { print "Username already in use. Choose another."; } else if($_POST['password'] != $_POST['cpassword']) { print "The passwords did not match, go back and try again."; } else { $_POST['ref'] = abs((int) $_POST['ref']); $ip = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; $q=mysql_query("SELECT * FROM users WHERE lastip='$ip' AND userid={$_POST['ref']}",$c); if(mysql_num_rows($q)) { die("No creating referral multies. Bad dog."); } if($_POST['ref']) { $q=mysql_query("SELECT * FROM users WHERE userid={$_POST['ref']}",$c); $r=mysql_fetch_array($q); } mysql_query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), 1, $sm, 2, 2, 1, 12, 12, 100, 100, 5, 5, 100, 100, 9, 'Male', unix_timestamp(), '{$_POST['email']}', -1, '$ip')", $c); $i=mysql_insert_id($c); mysql_query("INSERT INTO userstats VALUES($i, 10, 10, 10, 10, 10)", $c); if($_POST['ref']) { require "global_func.php"; mysql_query("UPDATE users SET crystals=crystals+2 WHERE userid={$_POST['ref']}",$c); event_add($_POST['ref'],"For refering $username to the game, you have earnt 2 valuable crystals!",$c); mysql_query("INSERT INTO referals VALUES('', {$_POST['ref']}, $i, unix_timestamp(),'{$r['lastip']}','$ip')", $c); } print "You have signed up, enjoy the game. > [url='login.php']Login[/url]"; } } else { print "<h3>Murder Country Registration</h3>"; print "<form action=register.php method=post>Username: <input type=text name=username> Password: <input type=password name=password> Confirm Password: <input type=password name=cpassword> Email: <input type=text name=email> Promo Code: <input type=text name=promo> <input type=hidden name=ref value='"; if($_GET['REF']) { print $_GET['REF']; } print "'> <input type=submit value=Submit></form> > [url='login.php']Go Back[/url]"; } print "</body></html>"; ?> Thanks Bennyh Quote
shrek1609 Posted July 30, 2009 Posted July 30, 2009 Re: Help with email validation it won't be in the register file there should be another file but you cant post it if its a paid mod... another thing your register file is not secure... do a search on here for security or you will be hacked... for register find $ip = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; replace with $IP = $_SERVER['REMOTE_ADDR']; you will need to do this in other files too, do a search on here and you will find more info... Quote
bennyh Posted July 30, 2009 Author Posted July 30, 2009 Re: Help with email validation But isn't th register page be the one that has the query to enter into the database? And I have the validate.php but that has no query lines to add users to the database. And I know it paid but the person who I bought it off who I don't want to name said it comes will full support. The reply I got when I said it's not working was the codes are fine so it's your fault. And thanks will look into security bennyh Quote
shrek1609 Posted July 30, 2009 Posted July 30, 2009 Re: Help with email validation But isn't th register page be the one that has the query to enter into the database? And I have the validate.php but that has no query lines to add users to the database. And I know it paid but the person who I bought it off who I don't want to name said it comes will full support. The reply I got when I said it's not working was the codes are fine so it's your fault. And thanks will look into security bennyh the user will be put into the database by register.php before they validate it by email, the problem will be with the validate.php that will update a field in the users to say they have validated... normally changing a 0 to 1 Quote
bennyh Posted July 30, 2009 Author Posted July 30, 2009 Re: Help with email validation The system notices that they have validated it's just not adding them to the database Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.