Syed Posted July 17, 2012 Posted July 17, 2012 editprofile.php how can I make the script so that no one can hack the game, and could you xplain to me so I know how to keep a lookout for the codes in future? <? session_start(); include_once "includes/db_connect.php"; include_once"includes/functions.php"; logincheck(); $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username'"); $fetch=mysql_fetch_object($query); $query1=mysql_query("SELECT * FROM user_info WHERE username='$username'"); $user=mysql_fetch_object($query1); if (($_POST['change_password']) && ($_POST['current_password']) && ($_POST['new_password']) && ($_POST['verify_password'])){ $current_password=mysql_real_escape_string($_POST['current_password']); $new_password=mysql_real_escape_string($_POST['new_password']); $verify_password=mysql_real_escape_string($_POST['verify_password']); if ($current_password == $fetch->password && $new_password == $verify_password){ mysql_query("UPDATE users SET password='$new_password' WHERE username='$username'"); echo "Your password has successfully been changed."; session_destroy(); echo "<script language=\"javascript\"> top.document.location.reload(); </script>"; }else{ echo "<b><center><font color=red>Your password could not be changed. Please try again with the right details!</font></b></center>"; } } if ($_POST['change_email']){ $new_email=addslashes(strip_tags($_POST['new_email'])); mysql_query("UPDATE users SET email='$new_email' WHERE username='$username'"); echo "Your email has successfully been changed to $new_email."; } if (($_POST['change_quote']) && ($_POST['replyMessage'])){ $quote=strip_tags($_POST['replyMessage']); mysql_query("UPDATE users SET quote=\"$quote\" WHERE username=\"$username\""); echo "Your profile has been updated."; } if ($_POST['profilecolour']){ $profcolour=addslashes(strip_tags($_POST['hexvalue'])); mysql_query("UPDATE users SET profcolour=\"$profcolour\" WHERE username=\"$username\""); echo "Your profile colour has been changed to $profcolour."; } if (strip_tags($_POST['change_gender'])){ $genderc=addslashes(strip_tags($_POST['genderc'])); if($genderc == "0" || $genderc == "1" || $genderc == "Unknown"){ mysql_query("UPDATE users SET hidecrime='$genderc' WHERE username='$username'"); echo"You have changed your profile."; }else{ echo"You can't have that gender."; }} ?> <? session_start(); include_once "includes/db_connect.php"; include_once"includes/functions.php"; logincheck(); $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username'"); $fetch=mysql_fetch_object($query); $query1=mysql_query("SELECT * FROM user_info WHERE username='$username'"); $user=mysql_fetch_object($query1); if (($_POST['change_password']) && ($_POST['current_password']) && ($_POST['new_password']) && ($_POST['verify_password'])){ $current_password=mysql_real_escape_string($_POST['current_password']); $new_password=mysql_real_escape_string($_POST['new_password']); $verify_password=mysql_real_escape_string($_POST['verify_password']); if ($current_password == $fetch->password && $new_password == $verify_password){ mysql_query("UPDATE users SET password='$new_password' WHERE username='$username'"); echo "Your password has successfully been changed."; }else{ echo "<b><center><font color=red>Your password could not be changed. Please try again with the right details!</font></b></center>"; if ($_POST['preferences']){ $hidec=strip_tags($_POST['hidec']); mysql_query("UPDATE users SET hidecrime='$hidec' WHERE username='$username'"); echo "You have changed your Profile."; } } } if (strip_tags($_POST['change_avatar'])){ $new_avatar=addslashes(strip_tags($_POST['new_avatar'])); echo"You have changed your Avatar."; mysql_query("UPDATE users SET avatar='$new_avatar' WHERE username='$username'"); if ($_POST['change_email']){ $new_email=addslashes(strip_tags($_POST['new_email'])); mysql_query("UPDATE users SET email='$new_email' WHERE username='$username'"); echo "Your email has successfully been changed to $new_email."; }} ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <title>Edit Profile</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <script type="text/javascript" src="../AJS/jquery.js"></script> <script type="text/javascript" src="../AJS/thickbox.js"></script> <link rel="stylesheet" href="stlye.css" type="text/css" media="screen" /> <script type="text/javascript" src="jscolor.js"></script> <script language="javascript" type="text/javascript"> function emoticon(text) { var txtarea = document.tehform.replyMessage; text = ' ' + text + ' '; if (txtarea.createTextRange && txtarea.caretPos) { var caretPos = txtarea.caretPos; caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? caretPos.text + text + ' ' : caretPos.text + text; txtarea.focus(); } else { txtarea.value += text; txtarea.focus(); } } </script> <style type="text/css"> <!-- .hexfield {font-size:10pt; font-family:verdana, arial, helvetica; font-weight:bold; color:#808080; border-style:solid; border-color:#000000; border-width:1px; background-color:#FFFFFF; } .style2 {font-size: 10px} .style3 {color: #000000} --> </style> </head> <center> <p> </p> <table width='600' align='center' cellpadding="2" cellspacing='0' class="table"> <tr> <td width="49%" class='header' height="22"><div align="center"><b><u>Edit Quote</u></b> </div></td> </tr> <tr> <td height="358" valign="top" > <form action="" method="post" name="tehform" id="tehform"> <div align="center"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="55%" align="center"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="80"><div align="center"> <table width='100%' cellpadding='2' cellspacing='2' > <tr> <td width="20%" align="center" ><a href='#reply' class="style1" onclick="return emoticon('[b] TEXT HERE [/b]')">BOLD TEXT</a></td> <td width='20%' align='center' ><a href='#reply' class="style2" onclick="return emoticon('[i] TEXT HERE [/i]')">ITALIC TEXT</a></td> <td width='20%' align='center' ><a href='#reply' class="style3" onclick="return emoticon('[u] TEXT HERE [/u]')"><u>UNDERLINED TEXT</u></a></td> <td width='20%' align='center' ><a href='#reply' class="style3" onclick="return emoticon('[img= IMAGE URL HERE ]')">IMAGE</a></td> </tr> <tr> <td colspan='11' align='center' ><a href='#reply' onclick="return emoticon(':twisted:')"><img src="/Smiles/icon_twisted.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':roll:')"><img src=" /Smiles/icon_rolleyes.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':evil:')"></a> <a href='#reply' onclick="return emoticon(':twisted:')"></a> <a href='#reply' onclick="return emoticon(':exclaim:')"><img src=" /Smiles/icon_exclaim.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':roll:')"></a> <a href='#reply' onclick="return emoticon(';)')"><img src=" /Smiles/icon_wink.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':question:')"><img src=" /Smiles/icon_question.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(';)')"></a> <a href='#reply' onclick="return emoticon(':)')"><img src=" /Smiles/icon_smile.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':(')"><img src=" /Smiles/icon_sad.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':o')"><img src=" /Smiles/icon_surprised.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':eek:')"><img src=" /Smiles/icon_eek.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':eek:')"></a> <a href='#reply' onclick="return emoticon(':idea:')"><img src=" /Smiles/icon_idea.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':redface:')"><img src=" /Smiles/icon_redface.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':P')"></a> <a href='#reply' onclick="return emoticon(':cry:')"><img src=" /Smiles/icon_cry.gif" alt="a" width="15" height="15" border="0" /></a><a href='#reply' onclick="return emoticon(':redface:')"></a> <a href='#reply' onclick="return emoticon(':evil:')"><img src=" /Smiles/icon_evil.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':arrow:')"><img src=" /Smiles/icon_arrow.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':mrgreen:')"><img src=" /Smiles/icon_mrgreen.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':D')"><img src=" /Smiles/icon_biggrin.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':S')"><img src=" /Smiles/icon_confused.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':S')"></a> <a href='#reply' onclick="return emoticon(':cool:')"><img src=" /Smiles/icon_cool.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':cool:')"></a> <a href='#reply' onclick="return emoticon(':lol:')"><img src=" /Smiles/icon_lol.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':lol:')"></a> <a href='#reply' onclick="return emoticon(':mad:')"><img src=" /Smiles/icon_mad.gif" alt="a" width="15" height="15" border="0" /></a> <a href='#reply' onclick="return emoticon(':P')"><img src=" /Smiles/icon_razz.gif" alt="a" width="15" height="15" border="0" /></a><a href='#reply' onclick="return emoticon(':mrblue:')"><img src=" /Smiles/icon_mrblue.gif" alt="a" width="15" height="15" border="0" /></a><a href='#reply' onclick="return emoticon(':mrorange:')"><img src=" /Smiles/icon_mrorange.gif" alt="a" width="15" height="15" border="0" /></a><a href='#reply' onclick="return emoticon(':mrgrey:')"><img src=" /Smiles/icon_mrgrey.gif" alt="a" width="15" height="15" border="0" /></a><a href='#reply' onclick="return emoticon(':edevil:')"><img src=" /Smiles/icon_devil.gif" alt="a" width="30" height="52" border="0" /></a></td> </tr> </table> <br> <br> </div></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="71%" align="center"><textarea id='replyMessage' name='replyMessage' class='textb' style='width: 100%; height: 200px'><?php echo "$fetch->quote"; ?></textarea></textarea></td> </tr> </table> <input name='change_quote' type='submit' class="button" value='Update Profile' /></td> </tr> </table> <p><a href="profile.php?viewuser=<?php echo "$username"; ?>">View Your Profile</a></p> </div> </form></td> </tr> </table> <br> <table width='600' align='center' cellpadding="2" cellspacing='0' class="table"> <tr> <td width="49%" class='header' height="22"><div align="center"><strong>Account Settings</strong></div></td> </tr> <tr> <td height="520"><form action="" method="post" name="form1"> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td width="49%" height="39" align="center"><p align="center">Current Password: <input name='current_password' type='password' class="textbox" size='15' /> </td> </tr> <tr> <td height="40" align="center">New Password: <input name='new_password' type='password' class="textbox" size='15' /></td> </tr> <tr> <td height="42" align="center">Verify New Password: <input name='verify_password' type='password' class="textbox" size='15' /></td> </tr> <tr> <td height="43" align="center"><input name="change_password" type="submit" class="button" value="Change Pass!"></td> </tr> <tr> <td height="43" align="center">Change Email: <input name='new_email' type='text' class="textbox" value="<?php echo "$fetch->email"; ?>" size='40' maxlength='40' /></td> </tr> <tr> <td height="36" align="center"><input name="change_email" type="submit" class="button" value="Change Email!"></td> </tr> <tr></tr> <tr></tr> <tr> <td align="center">Profile Colour : <br> <input name='hexvalue' type='text' class="color" value="<?php echo"$fetch->profcolour";?>" size="6"> <br></td> </tr> <tr> <td align="center"><input name='profilecolour' type='submit' class="button" value='Profile Colour' /></td> </tr> <? if ($fetch->hidecrime == "0"){ $selected = " selected"; }else{ $selected = ""; } if ($fetch->hidecrime == "1"){ $selected1 = " selected"; }else{ $selected1 = ""; } ?> <tr class="table"> <td><div align="center">Change Avatar</div></td> </tr> <tr class="table"> <td height="22"><div align="center">Avatar: <input name='new_avatar' type='text' class="textbox" value="<?php echo "$fetch->avatar"; ?>" size='60' maxlength='100' /> </div></td> </tr> <tr class="table"> <td height="22"><div align="center"> <input name="change_avatar" type="submit" class="button" value="Update"> </div></td> </tr> </table> </form> </td> </tr> </table> </center> <p> </p> </html> Quote
KyleMassacre Posted July 17, 2012 Posted July 17, 2012 Well for one its not a script its a plethera of codes. You need to sanitize your inputs and out puts. I myself am no security expert what so ever I pay people to do it for me so if your unsure how there are plenty of people that do. Rumor has it mysql_real_escape_string() works pretty good for some of those things Quote
Djkanna Posted July 17, 2012 Posted July 17, 2012 http://phpsec.org/library/ http://phpsec.org/projects/guide/ Should help somewhat. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.