Jump to content
MakeWebGames

Help with index file


NRP91

Recommended Posts

<?php 
ob_start();
include_once("config.php");
include_once("connect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Welcome.</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
background-color: #222222;
}
-->
</style></head>

<body OnLoad="document.login.mail.focus();">
<table width="800" border="0" align="center" cellspacing="0">

 <tr>
   <td><table border="0" align="left" cellspacing="2">
     <tr>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='index.php'">[url="index.php"]Login.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='register.php'">[url="register.php"]Register.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='forgot.php'">[url="forgot.php"]Forgot Password.[/url]</td>
	<td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='screenshots.php'">[url="screenshots.php"]Screenshots.[/url]</td>
	<td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='http://www.gangsterlegends.com/sale/index.php'">[url="http://www.gangsterlegends.com/sale/index.php"]Script Shop.[/url]</td>
       </tr>
   </table></td>
 </tr>
 <tr>
   <td height="250" align="center" valign="middle">

Your Banner. </p>
   </td>
 </tr>
 <tr>
   <td align="center" valign="bottom"><form action="" method="post" name="login" id="login">
<?php

if(isset($_SESSION['user_id'])) {
// if already logged in.
session_unset();
session_destroy(); 

echo "You have been logged out.";

}

if(isset($_POST['submit'])) {

$sql = "SELECT status,admins_ip FROM sitestats WHERE id='1'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$page_status = htmlspecialchars($row->status);
$page_status_array = explode("-", $page_status);
$admins_ip = htmlspecialchars($row->admins_ip);
$admin_ip_array = explode("-", $admins_ip);

if(!empty($page_status_array[31]) and !in_array($_SERVER['REMOTE_ADDR'], $admin_ip_array)){
echo htmlspecialchars(stripslashes($page_status_array[31]));
}else{

if(!preg_match("/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$/i", $_POST['mail'])) {
echo "Invalid Password / Username combination.";
}else{

$query = "SELECT password,id,login_ip,login_count FROM login WHERE mail='".mysql_real_escape_string($_POST['mail'])."'"; 
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);

if(empty($row['id'])){
echo "Invalid Password / Username combination.";
}else{

if($row['login_count'] >= 5 ){
echo "You have tried 5 or more false combinations you can reclaim your account with the forgot password option.";
}else{

if(md5($_POST['pass']) != $row['password']){
echo "Invalid Password / Username combination.";

$update_login = mysql_query("UPDATE login SET login_count=login_count+'1' WHERE mail='".mysql_real_escape_string($_POST['mail'])."'")
or die(mysql_error());

}else{

	if(empty($row['login_ip'])){
	$row['login_ip'] = $_SERVER['REMOTE_ADDR'];
	}else{

	$ip_information = explode("-", $row['login_ip']);

	if (in_array($_SERVER['REMOTE_ADDR'], $ip_information)) {	
	$row['login_ip'] = $row['login_ip'];
	}else{	
	$row['login_ip'] = $row['login_ip']."-".$_SERVER['REMOTE_ADDR'];
	}
	}

$_SESSION['user_id'] = $row['id'];

$result = mysql_query("UPDATE login SET userip='".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."',login_ip='".mysql_real_escape_string($row['login_ip'])."',login_count='0' WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'")
or die(mysql_error());

header("Location: news.php");

}// count check.
}// id check.
}// password check.
}// mail check.
}// disabled check.
}// if isset submit.

?>
     <table width="450" border="0" align="center" cellspacing="0">
       <tr>
         <td align="right" class="style1"><label>Email: </label></td>
         <td width="150" align="center"><input name="mail" type="text" class="entryfield" id="mail" style='width: 95%;'/></td>
         <td width="60" align="right" class="style1"><label>Password: </label></td>
         <td width="150" align="center"><input name="pass" type="password" class="entryfield" id="pass" style='width: 95%; ' maxlength="20"/></td>
       </tr>
       <tr>
         <td height="35" colspan="4" align="center"><table width="100" border="0" cellspacing="0">
             <tr>
               <td align="center"><input name="submit" type="submit" class="button" value="Login." onFocus="if(this.blur)this.blur()" style="background-color:#222222;"/></td>
             </tr>
         </table></td>
       </tr>
     </table>
   </form></td>
 </tr>
</table>
<center>
|| © [url]www.criminal-society.net[/url] || 
</center>
</body>
</html>

 

Added tags - Spud.

Link to comment
Share on other sites

Try adding the output_bufferer's printing function at the end of the PHP block segment.

 

<?php 
ob_start();
include_once("config.php");
include_once("connect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Welcome.</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
   background-color: #222222;
}
-->
</style></head>

<body OnLoad="document.login.mail.focus();">
<table width="800" border="0" align="center" cellspacing="0">

 <tr>
   <td><table border="0" align="left" cellspacing="2">
     <tr>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='index.php'">[url="index.php"]Login.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='register.php'">[url="register.php"]Register.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='forgot.php'">[url="forgot.php"]Forgot Password.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='screenshots.php'">[url="screenshots.php"]Screenshots.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='http://www.gangsterlegends.com/sale/index.php'">[url="http://www.gangsterlegends.com/sale/index.php"]Script Shop.[/url]</td>
       </tr>
   </table></td>
 </tr>
 <tr>
   <td height="250" align="center" valign="middle">

Your Banner. </p>
   </td>
 </tr>
 <tr>
   <td align="center" valign="bottom"><form action="" method="post" name="login" id="login">
<?php

if(isset($_SESSION['user_id'])) {
// if already logged in.
session_unset();
session_destroy(); 

echo "You have been logged out.";

}

if(isset($_POST['submit'])) {

$sql = "SELECT status,admins_ip FROM sitestats WHERE id='1'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$page_status = htmlspecialchars($row->status);
$page_status_array = explode("-", $page_status);
$admins_ip = htmlspecialchars($row->admins_ip);
$admin_ip_array = explode("-", $admins_ip);

if(!empty($page_status_array[31]) and !in_array($_SERVER['REMOTE_ADDR'], $admin_ip_array)){
echo htmlspecialchars(stripslashes($page_status_array[31]));
}else{

if(!preg_match("/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$/i", $_POST['mail'])) {
echo "Invalid Password / Username combination.";
}else{

$query = "SELECT password,id,login_ip,login_count FROM login WHERE mail='".mysql_real_escape_string($_POST['mail'])."'"; 
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);

if(empty($row['id'])){
echo "Invalid Password / Username combination.";
}else{

if($row['login_count'] >= 5 ){
echo "You have tried 5 or more false combinations you can reclaim your account with the forgot password option.";
}else{

if(md5($_POST['pass']) != $row['password']){
echo "Invalid Password / Username combination.";

$update_login = mysql_query("UPDATE login SET login_count=login_count+'1' WHERE mail='".mysql_real_escape_string($_POST['mail'])."'")
or die(mysql_error());

}else{

       if(empty($row['login_ip'])){
       $row['login_ip'] = $_SERVER['REMOTE_ADDR'];
       }else{

       $ip_information = explode("-", $row['login_ip']);

       if (in_array($_SERVER['REMOTE_ADDR'], $ip_information)) {    
       $row['login_ip'] = $row['login_ip'];
       }else{    
       $row['login_ip'] = $row['login_ip']."-".$_SERVER['REMOTE_ADDR'];
       }
       }

$_SESSION['user_id'] = $row['id'];

$result = mysql_query("UPDATE login SET userip='".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."',login_ip='".mysql_real_escape_string($row['login_ip'])."',login_count='0' WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'")
or die(mysql_error());

header("Location: news.php");

}// count check.
}// id check.
}// password check.
}// mail check.
}// disabled check.
}// if isset submit.


// output bufferer output
ob_flush();
?>
     <table width="450" border="0" align="center" cellspacing="0">
       <tr>
         <td align="right" class="style1"><label>Email: </label></td>
         <td width="150" align="center"><input name="mail" type="text" class="entryfield" id="mail" style='width: 95%;'/></td>
         <td width="60" align="right" class="style1"><label>Password: </label></td>
         <td width="150" align="center"><input name="pass" type="password" class="entryfield" id="pass" style='width: 95%; ' maxlength="20"/></td>
       </tr>
       <tr>
         <td height="35" colspan="4" align="center"><table width="100" border="0" cellspacing="0">
             <tr>
               <td align="center"><input name="submit" type="submit" class="button" value="Login." onFocus="if(this.blur)this.blur()" style="background-color:#222222;"/></td>
             </tr>
         </table></td>
       </tr>
     </table>
   </form></td>
 </tr>
</table>
<center>
|| © [url]www.criminal-society.net[/url] || 
</center>
</body>
</html>
Link to comment
Share on other sites

On second though review, there is no opening form tag.

Try...

<?php 
ob_start();
include_once("config.php");
include_once("connect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Welcome.</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
   background-color: #222222;
}
-->
</style></head>

<body OnLoad="document.login.mail.focus();">
<table width="800" border="0" align="center" cellspacing="0">

 <tr>
   <td><table border="0" align="left" cellspacing="2">
     <tr>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='index.php'">[url="index.php"]Login.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='register.php'">[url="register.php"]Register.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='forgot.php'">[url="forgot.php"]Forgot Password.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='screenshots.php'">[url="screenshots.php"]Screenshots.[/url]</td>
       <td class="off" onmouseover="this.className='on'" onmouseout="this.className='off'" onclick="location.href='http://www.gangsterlegends.com/sale/index.php'">[url="http://www.gangsterlegends.com/sale/index.php"]Script Shop.[/url]</td>
       </tr>
   </table></td>
 </tr>
 <tr>
   <td height="250" align="center" valign="middle">

Your Banner. </p>
   </td>
 </tr>
 <tr>
   <td align="center" valign="bottom"><form action="" method="post" name="login" id="login">
<?php

if(isset($_SESSION['user_id'])) {
// if already logged in.
session_unset();
session_destroy(); 

echo "You have been logged out.";

}

if(isset($_POST['submit'])) {

$sql = "SELECT status,admins_ip FROM sitestats WHERE id='1'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$page_status = htmlspecialchars($row->status);
$page_status_array = explode("-", $page_status);
$admins_ip = htmlspecialchars($row->admins_ip);
$admin_ip_array = explode("-", $admins_ip);

if(!empty($page_status_array[31]) and !in_array($_SERVER['REMOTE_ADDR'], $admin_ip_array)){
echo htmlspecialchars(stripslashes($page_status_array[31]));
}else{

if(!preg_match("/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$/i", $_POST['mail'])) {
echo "Invalid Password / Username combination.";
}else{

$query = "SELECT password,id,login_ip,login_count FROM login WHERE mail='".mysql_real_escape_string($_POST['mail'])."'"; 
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);

if(empty($row['id'])){
echo "Invalid Password / Username combination.";
}else{

if($row['login_count'] >= 5 ){
echo "You have tried 5 or more false combinations you can reclaim your account with the forgot password option.";
}else{

if(md5($_POST['pass']) != $row['password']){
echo "Invalid Password / Username combination.";

$update_login = mysql_query("UPDATE login SET login_count=login_count+'1' WHERE mail='".mysql_real_escape_string($_POST['mail'])."'")
or die(mysql_error());

}else{

       if(empty($row['login_ip'])){
       $row['login_ip'] = $_SERVER['REMOTE_ADDR'];
       }else{

       $ip_information = explode("-", $row['login_ip']);

       if (in_array($_SERVER['REMOTE_ADDR'], $ip_information)) {    
       $row['login_ip'] = $row['login_ip'];
       }else{    
       $row['login_ip'] = $row['login_ip']."-".$_SERVER['REMOTE_ADDR'];
       }
       }

$_SESSION['user_id'] = $row['id'];

$result = mysql_query("UPDATE login SET userip='".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."',login_ip='".mysql_real_escape_string($row['login_ip'])."',login_count='0' WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'")
or die(mysql_error());

header("Location: news.php");

}// count check.
}// id check.
}// password check.
}// mail check.
}// disabled check.
}// if isset submit.


// output bufferer output
ob_flush();
?>
   <form method="post" action="index.php">
     <table width="450" border="0" align="center" cellspacing="0">
       <tr>
         <td align="right" class="style1"><label>Email: </label></td>
         <td width="150" align="center"><input name="mail" type="text" class="entryfield" id="mail" style='width: 95%;'/></td>
         <td width="60" align="right" class="style1"><label>Password: </label></td>
         <td width="150" align="center"><input name="pass" type="password" class="entryfield" id="pass" style='width: 95%; ' maxlength="20"/></td>
       </tr>
       <tr>
         <td height="35" colspan="4" align="center"><table width="100" border="0" cellspacing="0">
             <tr>
               <td align="center"><input name="submit" type="submit" class="button" value="Login." onFocus="if(this.blur)this.blur()" style="background-color:#222222;"/></td>
             </tr>
         </table></td>
       </tr>
     </table>
   </form></td>
 </tr>
</table>
<center>
|| © [url]www.criminal-society.net[/url] || 
</center>
</body>
</html>
Link to comment
Share on other sites

  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...