gurpreet Posted October 14, 2011 Share Posted October 14, 2011 (edited) My basic set up is this: The user registers and they get sent a validation link, and their info gets put into the table 'validating' The user clicks the validation link in their email and they get a confirmation message and their info gets put into the users table. However, I'm trying to make it so once they have received their confirmation and their account has been created, then they should be auto-logged in and redirected to the game. This is what I got: <?php include "config.php"; global $_CONFIG; define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $set=array(); $settq=$db->query("SELECT * FROM settings"); while($r=$db->fetch_row($settq)) { $set[$r['conf_name']]=$r['conf_value']; } $token = ctype_alnum($_GET['token']); $q = mysql_query("SELECT * FROM validating WHERE vdID='$token'"); $key = mysql_fetch_object($q); $q2 = mysql_query("SELECT username FROM users WHERE username='{$key->username}'"); $key2 = mysql_fetch_object($q2); ?> <script language="JavaScript"> <!-- function getCookieVal (offset) { var endstr = document.cookie.indexOf (";", offset); if (endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } function GetCookie (name) { var arg = name + "="; var alen = arg.length; var clen = document.cookie.length; var i = 0; while (i < clen) { var j = i + alen; if (document.cookie.substring(i, j) == arg) return getCookieVal (j); i = document.cookie.indexOf(" ", i) + 1; if (i == 0) break; } return null; } function SetCookie (name,value,expires,path,domain,secure) { document.cookie = name + "=" + escape (value) + ((expires) ? "; expires=" + expires.toGMTString() : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); } function DeleteCookie (name,path,domain) { if (GetCookie(name)) { document.cookie = name + "=" + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; } } // --> </script> <script language="JavaScript"> var usr; var pw; var sv; function getme() { usr = <?php $key->username ?>; pw = <?php $key->password ?>; sv = document.login.save; if (GetCookie('player') != null) { usr.value = GetCookie('username') pw.value = GetCookie('password') if (GetCookie('save') == 'true') { sv[0].checked = true; } } } function saveme() { if (sv[0].checked) { expdate = new Date(); expdate.setTime(expdate.getTime()+(365 * 24 * 60 * 60 * 1000)); SetCookie('username', usr.value, expdate); SetCookie('password', pw.value, expdate); SetCookie('save', 'true', expdate); } if (sv[1].checked) { DeleteCookie('username'); DeleteCookie('password'); DeleteCookie('save'); } } </script> <?php print <<<EOF <head> <title>Death-Wars Validation</title> <style type="text/css"> <!-- body { background-color:#170000; margin-top: 0px; margin-bottom: 0px; font-family:calibri, helvetica, arial, geneva, sans-serif;font-size:18px;color: white; font-variant: small-caps; scrollbar-base-color: #005B70; scrollbar-arrow-color: #F3960B; scrollbar-DarkShadow-Color: #000000; } </style> </head> EOF; $IP = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); if(file_exists('ipbans/'.$IP)) { die("<b><font color=red size=+1>Your IP has been banned, there is no way around this.</font></b></body></html>"); } if(!$_GET['token']) { die("You have not supplied a valid link to a validation page. Please go back to your e-mail and check your link."); } $money = 1000; //Base Starting Cash $crystals = 20; //Base Starting Crystals $donor = 3; //Base Starting Donor Days if(isset($key->promo)) { $code = $key->promo; $q = mysql_query("SELECT * FROM promo WHERE code = '$code'"); $promo = mysql_fetch_array($q); $money = ($promo['cash']) ? $money + $promo['cash'] : $money; $crystals = ($promo['crystals']) ? $crystals + $promo['crystals'] : $crystals; $donor = ($promo['donor']) ? $donor + $promo['donor'] : $donor; } if($key->vdID != $token) { die("You have followed an invalid link. Please go back to your email and make sure you have the correct validation link."); } else if($key->username == $key2->username) { die("This account has already been verified. Please <a href='login.php'>Login</a> to use your account"); } { $salt = '********'; $password = $key->password; $salted_hash = hash("sha512", ($salt . $password)); $db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES ('{$key->username}', '{$key->username}', '$salted_hash', 1, $money, $crystals, $donor, 1, 100, 12, 100, 100, 5, 5, 100, 100, 1, '{$key->gender}', unix_timestamp(), '{$key->email}', -1, '$IP', '$IP')");$i=mysql_insert_id($c); $db->query("INSERT INTO userstats VALUES($i, 10, 10, 10, 10, 10)"); $db->query("DELETE FROM validating WHERE vdID='{$_GET['token']}'"); if($_POST['ref']) { require "global_func.php"; $db->query("UPDATE users SET crystals=crystals+2 WHERE userid={$_POST['ref']}"); event_add($_POST['ref'],"For refering $username to the game, you have earnt 2 valuable crystals!",$c); $db->query("INSERT INTO referals VALUES('', {$_POST['ref']}, $i, unix_timestamp(),'{$r['lastip']}','$IP')"); } print "You have signed up, enjoy the game.<br>"; ?> <meta HTTP-EQUIV="REFRESH" content="1; url=welcome.php"> <?php } ?> However, I can't get it to work. They do not get logged in and the $q2 on line 24 gives out a non-object error. Also I do not get auto logged in even if I get past this error. Could I get any help because I'm rubbish at cookies and that kind of stuff P.S - Line 21 the ctype_alnum messes up my page, when I remove that part it works properly. Am I using it wrong? Edited October 14, 2011 by gurpreet Typo Quote Link to comment Share on other sites More sharing options...
gurpreet Posted October 15, 2011 Author Share Posted October 15, 2011 Bump Msg2short Quote Link to comment Share on other sites More sharing options...
Ishraq Posted October 15, 2011 Share Posted October 15, 2011 Have you tried header: location Quote Link to comment Share on other sites More sharing options...
gurpreet Posted October 16, 2011 Author Share Posted October 16, 2011 Ouch I thought I had 1 or 2 problems with this script, I'll send over the table structure. Thanks for those points, I'll look into those as much as possible. Could you elaborate on your data limitation part? Thanks for your time Quote Link to comment Share on other sites More sharing options...
Danny696 Posted October 16, 2011 Share Posted October 16, 2011 Wow, these guys are going on abit, you havent set any sessions, which mccodes needs. Try $_SESSION['loggedin'] = 1; $_SESSION['userid'] = $i; Not that hard :) Quote Link to comment Share on other sites More sharing options...
gurpreet Posted October 16, 2011 Author Share Posted October 16, 2011 Create a php page with the following code: <?php for ($i = 0; $i < 1000000000; $i++) { echo $i; } ?> Copy and paste that whole page of numbers into a url of get data - depending on what is having to parse it, you may just have a problem Edit I got sole custody of my boy today, so give me time to get him into bed etc, then I will write you a page. Alright thanks Wow, these guys are going on abit, you havent set any sessions, which mccodes needs. Try $_SESSION['loggedin'] = 1; $_SESSION['userid'] = $i; Not that hard :) So none of that JS is needed? Would this work as it should? <?php include "config.php"; global $_CONFIG; define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $set=array(); $settq=$db->query("SELECT * FROM settings"); while($r=$db->fetch_row($settq)) { $set[$r['conf_name']]=$r['conf_value']; } $token = ctype_alnum($_GET['token']); $q = mysql_query("SELECT * FROM validating WHERE vdID='$token'"); $key = mysql_fetch_object($q); $q2 = mysql_query("SELECT username FROM users WHERE username='{$key->username}'"); $key2 = mysql_fetch_object($q2); print <<<EOF <head> <title>Death-Wars Validation</title> <style type="text/css"> <!-- body { background-color:#170000; margin-top: 0px; margin-bottom: 0px; font-family:calibri, helvetica, arial, geneva, sans-serif;font-size:18px;color: white; font-variant: small-caps; scrollbar-base-color: #005B70; scrollbar-arrow-color: #F3960B; scrollbar-DarkShadow-Color: #000000; } </style> </head> EOF; $IP = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); if(file_exists('ipbans/'.$IP)) { die("<font color=red size=+1>Your IP has been banned, there is no way around this.</font>"); } if(!$_GET['token']) { die("You have not supplied a valid link to a validation page. Please go back to your e-mail and check your link."); } $money = 1000; //Base Starting Cash $crystals = 20; //Base Starting Crystals $donor = 3; //Base Starting Donor Days if(isset($key->promo)) { $code = $key->promo; $q = mysql_query("SELECT * FROM promo WHERE code = '$code'"); $promo = mysql_fetch_array($q); $money = ($promo['cash']) ? $money + $promo['cash'] : $money; $crystals = ($promo['crystals']) ? $crystals + $promo['crystals'] : $crystals; $donor = ($promo['donor']) ? $donor + $promo['donor'] : $donor; } if($key->vdID != $token) { die("You have followed an invalid link. Please go back to your email and make sure you have the correct validation link."); } else if($key->username == $key2->username) { die("This account has already been verified. Please <a href='login.php'>Login</a> to use your account"); } { $salt = 'skyline'; $password = $key->password; $salted_hash = hash("sha512", ($salt . $password)); $uq=$db->query("SELECT userid FROM users WHERE login_name='{$_POST['username']}' AND `userpass`='{$salted_hash}'"); $mem=$db->fetch_row($uq); $db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES ('{$key->username}', '{$key->username}', '$salted_hash', 1, $money, $crystals, $donor, 1, 100, 12, 100, 100, 5, 5, 100, 100, 1, '{$key->gender}', unix_timestamp(), '{$key->email}', -1, '$IP', '$IP')");$i=mysql_insert_id($c); $db->query("INSERT INTO userstats VALUES($i, 10, 10, 10, 10, 10)"); $db->query("DELETE FROM validating WHERE vdID='{$_GET['token']}'"); if($_POST['ref']) { require "global_func.php"; $db->query("UPDATE users SET crystals=crystals+2 WHERE userid={$_POST['ref']}"); event_add($_POST['ref'],"For refering $username to the game, you have earnt 2 valuable crystals!",$c); $db->query("INSERT INTO referals VALUES('', {$_POST['ref']}, $i, unix_timestamp(),'{$r['lastip']}','$IP')"); } print "You have signed up, enjoy the game.<br>"; $_SESSION['loggedin'] = 1; $_SESSION['userid'] = $mem['userid']; header('Location: welcome.php'); } ?> Quote Link to comment Share on other sites More sharing options...
Danny696 Posted October 16, 2011 Share Posted October 16, 2011 The JS is just some bull**** that mccodes added to make themselves look good. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.