Jump to content
MakeWebGames

Problem with the authenticate.php for UTOS


GrimReaper

Recommended Posts

OK when I login it goes to a page that says authenticate OK so then if i go to my URL and take out home.php and put URL.index.php I'm then inside the game.Can someone help me fix this.

<?php
session_start();
require_once('connect_db.php');
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html>
<head>
<title>U.O.T.S</title>
<link rel="shortcut icon" href="images/style/favicon.gif">
<link href="external.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="header">
<table width = '989px' height = '430px'>
<tr>
<td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'>
<div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'>
<font size = '+3'>100% Free to play!</font><br>
<font size = '+1'>Users online today: 0</font><br>
<font size = '+1'>Top gang: N/A</font>
</div>
</td>
</tr>
</table>
</div>
<div id="content">
<table class = "loaded" width = "90%"><tr><td align = "center">
<?
$error = "";
$back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>";
$_POST['pass'] = htmlentities(stripslashes($_POST['pass']));
$_POST['username'] = htmlentities(stripslashes($_POST['username']));
if(!$_POST['username'] || !$_POST['pass']) {
$error = "Please go back and fill in the form correctly.<br>".$back;
}
else {
$sql = "SELECT `usr_id`,`usr_fed`
FROM `usr_tbl`
WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."'
AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."'
LIMIT 1";
$sql = mysql_query($sql);
if(!mysql_num_rows($sql)) {
$error = "User not found! Please go back and try again.<br>".$back;
}
else
{
$user = mysql_fetch_array($sql);
unset($_SESSION['feduser']);
if($user['usr_fed'] > time()) {
$_SESSION['feduser'] = $user['usr_id'];
header('location:fedjail.php');
exit;
}
else
{
if($user['usr_fed']) {
$sql = "UPDATE `usr_tbl`
SET `usr_fed` = '0'
WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";
mysql_query($sql);
}
}
$_SESSION['myid'] = $user['usr_id'];
$_SESSION['verified'] = 0;
$sql = "UPDATE `usr_tbl`
SET `usr_last_login` = '".mysql_real_escape_string(time())."',
`usr_lastact` = '".mysql_real_escape_string(time())."'
WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'";
mysql_query($sql);


$q_ry = "SELECT `setting_value`
FROM `game_set`
WHERE `setting_id` = '5'";
$rtoday = mysql_fetch_array(mysql_query($q_ry));
$rtoday = $rtoday['setting_value'];
$q_ry = "SELECT `usr_id`
FROM `usr_tbl`
WHERE `usr_lastact` >= ".(time()-86400)."
ORDER BY `usr_lastact` DESC";
$totoday = mysql_num_rows(mysql_query($q_ry));
if($totoday > $rtoday) {
$sql = "UPDATE `game_set`
SET `setting_value` = `setting_value` + '1'
WHERE `setting_id` = '5'";
mysql_query($sql);
}
$q_ry = "SELECT `setting_value`
FROM `game_set`
WHERE `setting_id` = '6'";
$rhour = mysql_fetch_array(mysql_query($q_ry));
$rhour = $rhour['setting_value'];
$q_ry = "SELECT `usr_id`
FROM `usr_tbl`
WHERE `usr_lastact` >= ".(time()-3600)."
ORDER BY `usr_lastact` DESC";
$tothour = mysql_num_rows(mysql_query($q_ry));
if($tothour > $rhour) {
$sql = "UPDATE `game_set`
SET `setting_value` = `setting_value` + '1'
WHERE `setting_id` = '6'";
mysql_query($sql);
}
$q_ry = "SELECT `setting_value`
FROM `game_set`
WHERE `setting_id` = '7'";
$rnow = mysql_fetch_array(mysql_query($q_ry));
$rnow = $rnow['setting_value'];
$q_ry = "SELECT `usr_id`,`usr_lastact`
FROM `usr_tbl`
WHERE `usr_lastact` >= ".(time()-900)."
ORDER BY `usr_lastact` DESC";
$onl = mysql_num_rows(mysql_query($q_ry));
if($onl > $rnow) {
$sql = "UPDATE `game_set`
SET `setting_value` = `setting_value` + '1'
WHERE `setting_id` = '7'";
mysql_query($sql);
}

header('location:index.php');
}
}
if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; }
?>
</td></tr></table>
</div>
<div id="footer">
U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved.
</div>
</body>
</html>
Edited by GrimReaper
Link to comment
Share on other sites

First thing I'd do is change this -

WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";

To this -

WHERE `usr_id` = '".base64_decode(urlencode(base64_encode(mysql_real_escape_string(intval(strip_tags(htmlentities(htmlspecialchars(md5($user[‘usr_id’])))))))));."'";

CaptainQuack is right. This code:

WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";

Is not only a security problem, but it's probably stopping your login script from working correctly. The "usr_id" is an important variable that you need to protect, simply using mysql_real_escape_string() will not fix the issue or secure your site. CaptainQuack's code will work.

  • Like 2
Link to comment
Share on other sites

This right

<?php
session_start();
require_once('connect_db.php');
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html>
<head>
   <title>U.O.T.S</title>
   <link rel="shortcut icon" href="images/style/favicon.gif">
   <link href="external.css" rel="stylesheet" type="text/css">
</head>
<body>
   <div id="header">
      <table width = '989px' height = '430px'>
         <tr>
            <td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'>
            <div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'>
               <font size = '+3'>100% Free to play!</font><br>
               <font size = '+1'>Users online today: 0</font><br>
               <font size = '+1'>Top gang: N/A</font>
            </div>
            </td>
         </tr>
      </table>
   </div>
   <div id="content">
   <table class = "loaded" width = "90%"><tr><td align = "center">
<?
   $error = "";
   $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>";
   $_POST['pass'] = htmlentities(stripslashes($_POST['pass']));
   $_POST['username'] = htmlentities(stripslashes($_POST['username']));
   if(!$_POST['username'] || !$_POST['pass']) {
      $error = "Please go back and fill in the form correctly.<br>".$back;
   }
   else {
   $sql = "SELECT `usr_id`,`usr_fed`
           FROM `usr_tbl`
           WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."'
           AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."'
           LIMIT 1";
   $sql = mysql_query($sql);
   if(!mysql_num_rows($sql)) {
   $error = "User not found! Please go back and try again.<br>".$back;
   }
   else
      {
      $user = mysql_fetch_array($sql);
      unset($_SESSION['feduser']);
      if($user['usr_fed'] > time()) {
      $_SESSION['feduser'] = $user['usr_id'];
      header('location:fedjail.php');
      exit;
      }
      else
         {
            if($user['usr_fed']) {
               $sql = "UPDATE `usr_tbl`
                       SET `usr_fed` = '0'
                       WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";
               mysql_query($sql);
            }
         }
      $_SESSION['myid'] = $user['usr_id'];
      $_SESSION['verified'] = 0;
      $sql = "UPDATE `usr_tbl`
              SET `usr_last_login` = '".mysql_real_escape_string(time())."',
                  `usr_lastact` = '".mysql_real_escape_string(time())."'
              <?php
session_start();
require_once('connect_db.php');
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html>
<head>
   <title>U.O.T.S</title>
   <link rel="shortcut icon" href="images/style/favicon.gif">
   <link href="external.css" rel="stylesheet" type="text/css">
</head>
<body>
   <div id="header">
      <table width = '989px' height = '430px'>
         <tr>
            <td align = 'left' valign = 'bottom' style = 'color:white; font-weight:800;'>
            <div style = 'background: url(images/css/bg-banner.png) repeat-y left bottom;'>
               <font size = '+3'>100% Free to play!</font><br>
               <font size = '+1'>Users online today: 0</font><br>
               <font size = '+1'>Top gang: N/A</font>
            </div>
            </td>
         </tr>
      </table>
   </div>
   <div id="content">
   <table class = "loaded" width = "90%"><tr><td align = "center">
<?
   $error = "";
   $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>";
   $_POST['pass'] = htmlentities(stripslashes($_POST['pass']));
   $_POST['username'] = htmlentities(stripslashes($_POST['username']));
   if(!$_POST['username'] || !$_POST['pass']) {
      $error = "Please go back and fill in the form correctly.<br>".$back;
   }
   else {
   $sql = "SELECT `usr_id`,`usr_fed`
           FROM `usr_tbl`
           WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."'
           AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."'
           LIMIT 1";
   $sql = mysql_query($sql);
   if(!mysql_num_rows($sql)) {
   $error = "User not found! Please go back and try again.<br>".$back;
   }
   else
      {
      $user = mysql_fetch_array($sql);
      unset($_SESSION['feduser']);
      if($user['usr_fed'] > time()) {
      $_SESSION['feduser'] = $user['usr_id'];
      header('location:fedjail.php');
      exit;
      }
      else
         {
            if($user['usr_fed']) {
               $sql = "UPDATE `usr_tbl`
                       SET `usr_fed` = '0'
                       WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";
               mysql_query($sql);
            }
         }
      $_SESSION['myid'] = $user['usr_id'];
      $_SESSION['verified'] = 0;
      $sql = "UPDATE `usr_tbl`
              SET `usr_last_login` = '".mysql_real_escape_string(time())."',
                  `usr_lastact` = '".mysql_real_escape_string(time())."'
              WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'";
      mysql_query($sql);


      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '5'";
      $rtoday = mysql_fetch_array(mysql_query($q_ry));
      $rtoday = $rtoday['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-86400)."
               ORDER BY `usr_lastact` DESC";
      $totoday = mysql_num_rows(mysql_query($q_ry));
      if($totoday > $rtoday) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '5'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '6'";
      $rhour = mysql_fetch_array(mysql_query($q_ry));
      $rhour = $rhour['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-3600)."
               ORDER BY `usr_lastact` DESC";
      $tothour = mysql_num_rows(mysql_query($q_ry));
      if($tothour > $rhour) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '6'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '7'";
      $rnow = mysql_fetch_array(mysql_query($q_ry));
      $rnow = $rnow['setting_value'];
      $q_ry = "SELECT `usr_id`,`usr_lastact`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-900)."
               ORDER BY `usr_lastact` DESC";
      $onl = mysql_num_rows(mysql_query($q_ry));
      if($onl > $rnow) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '7'";
         mysql_query($sql);
      }

      header('location:index.php');
      }
   }
   if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; }
?>
   </td></tr></table>
   </div>
   <div id="footer">
      U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved.
   </div>
</body>
</html>
      mysql_query($sql);


      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '5'";
      $rtoday = mysql_fetch_array(mysql_query($q_ry));
      $rtoday = $rtoday['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-86400)."
               ORDER BY `usr_lastact` DESC";
      $totoday = mysql_num_rows(mysql_query($q_ry));
      if($totoday > $rtoday) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '5'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '6'";
      $rhour = mysql_fetch_array(mysql_query($q_ry));
      $rhour = $rhour['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-3600)."
               ORDER BY `usr_lastact` DESC";
      $tothour = mysql_num_rows(mysql_query($q_ry));
      if($tothour > $rhour) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '6'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '7'";
      $rnow = mysql_fetch_array(mysql_query($q_ry));
      $rnow = $rnow['setting_value'];
      $q_ry = "SELECT `usr_id`,`usr_lastact`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-900)."
               ORDER BY `usr_lastact` DESC";
      $onl = mysql_num_rows(mysql_query($q_ry));
      if($onl > $rnow) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '7'";
         mysql_query($sql);
      }

      header('location:index.php');
      }
   }
   if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; }
?>
   </td></tr></table>
   </div>
   <div id="footer">
      U.O.T.S is copyright © of IceColdCola netwroks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved.
   </div>
</body>
</html>

 

- - - Updated - - -

[ATTACH=CONFIG]2192[/ATTACH]

- - - Updated - - -

So I login and takes me to this http://www.ripcity.x10host.com/login.php?page=authent

OK that's where get that pic above and now if take that login.php?page=authent put index.php it takes me into the game

Screenshot_2015-09-15-08-59-10.thumb.png.160611f9b860c10c946b2ca316fa6633.png

Edited by KyleMassacre
Added code tags
Link to comment
Share on other sites

Now see that ?page=authent in login.php on Line 557 to line 558 I was told the authent page causing this think this in login.php

- - - Updated - - -

Here login.php file below:

 

<?php
session_start();
include('connect_db.php');
if($_SERVER['REMOTE_ADDR'] == '71.176.221.177') {
exit;
}
?>
<!DOCTYPE html> 
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>U.O.T.S - Login</title>
   <link rel="shortcut icon" href="images/style/favicon.gif">
   <link href="external-2.css" rel="stylesheet" type="text/css">
   <script type="text/javascript" src="js/jquery.js"></script>
   <script type="text/javascript" src="js/jquery-1.4.2.js"></script>
<script type = 'text/javascript'>
$(function() {
  $('#usern').bind('keyup focusout',function() {
     var val = $(this).val();
     var load = 'reg_checks.php?a=username&string='+val;
     $.get(load, function(data) {
        $('#un_check').html(data);
     });
  });
  $('#passw').focusout(function() {
     var val = $(this).val();
     var load = 'reg_checks.php?a=pass&string='+val;
     $.get(load, function(data) {
        $('#pw_check').html(data);
     });
  });
  $('#passwc').focusout(function() {
     var valb = $('#passw').val();
     var valc = $(this).val();
     if(valb) {
        if(valb == valc) {
           data = "<font color = '#33FF00'>Matching</font>";
        }
        else {
           data = "<font color = 'red'>Not matching</font>";
        }
     }
     else
        {
           data = "<font color = 'red'>Empty-0%</font>";
        }
     $('#pw_checktwo').html(data);
  });
  $('#email').focusout(function() {
     var val = $(this).val();
     var load = 'reg_checks.php?a=email&string='+val;
     $.get(load, function(data) {
        $('#em_check').html(data);
     });
  });
  $('#captcha').keyup(function() {
     var val = $(this).val();
     if(!val) {
        $('#cap_check').html("<font color = 'red'>Empty</font>");
     }
     else
        {
           $('#cap_check').html("");
        }
  });
});
</script>
   <meta name="description" content="Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, Starts gangs, Smuggle and produce drugs, Commit crimes, Play the casino, Attack other players, Become a property broker, Buy and sell items and much much more!">
   <meta name="keywords" content="TBRPG,MMORPG,University,Of,The,Streets,Com,Game,Gang,Drug,Gun,Violence,Crime,RPG,Free,Text,Based,Attack,Casino,Smuggle,u,o,t,s,UOTS,u.o.t.s" />
</head>
<body>
   <center>
   <table border = '0' cellspacing = '0' width = '1038px' style = 'margin-top: 3px;'>
      <tr>
         <td style = 'height: 75px; background: url(images/css/login/banner-text.png) no-repeat left top;'>
         </td>
      </tr>
      <tr>
         <td align = 'right' valign = 'top'>
            <table style = 'height: 70px;' cellspacing = '0'>
               <tr>
                  <td style = 'width: 28px; background: url(images/css/login/login-area-left.png) no-repeat right top;'>
                  </td>
                  <td style = 'background: url(images/css/login/login-area-x.jpg) repeat-x center top;'>
                     <form action = 'login.php?page=authent' method = 'post'>
                     <table width = '600px' style = 'color: #360000;'>
                        <tr>
                           <td align = 'left'>
                              <b>Username:</b>
                           </td>
                           <td align = 'left'>
                              <input type = 'text' name = 'username' value = '' style = 'background: #a8a8a8;'>
                           </td>
                           <td align = 'left'>
                              <b>Password:</b> 
                           </td>
                           <td align = 'left'>
                              <input type = 'password' name = 'pass' value = '' style = 'background: #a8a8a8;'>
                           </td>
                           <td align = 'left'>
                              <input type = 'submit' name = 'login' value = 'Login' style = 'background: #a8a8a8;'>
                           </td>
                        </tr>
                     </table>
                     </form>
                  </td>
                  <td style = 'width: 28px; background: url(images/css/login/login-area-right.png) no-repeat left top;'>
                  </td>
               </tr>
            </table>
         </td>
      </tr>
      <tr>
         <td align = 'left' valign = 'bottom' style = 'height: 55px; background: rgba(64, 64, 64, 0);'>
            <table width = '100%' height = '35px' style = 'font-weight: 800; color: white;' border = '0'>
               <tr align = 'center'>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • <a href = 'login.php?page=home' id = 'linkage'>Home page</a>
                  </td>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • <a href = 'login.php?page=register' id = 'linkage'>Register</a>
                  </td>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • <a href = 'login.php?page=forgotpass' id = 'linkage'>Forgot password</a>
                  </td>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • <a href = 'login.php?page=about' id = 'linkage'>About us</a>
                  </td>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • Contact us
                  </td>
                  <td width = '16%' style = 'background: url(images/css/login/login-buttons.png) no-repeat center center;'>
                     • Screenshots
                  </td>
               </tr>
            </table>
         </td>
      </tr>
      <tr>
         <td align = 'left' valign = 'top' style = 'height: 960px; background: url(images/css/login/page-bg.png) no-repeat center top;'>
            <div style = 'width: 675px; height: 445px; margin-top: 75px; margin-left: 70px; text-align: center; background: rgba(225,225,225,0.4);'>
            U.O.T.S is copyright © of IceColdCola networks 2012<?php if(date("Y")>'2012') { echo "-".date("Y"); } ?>, All rights reserved.
<?php
if(!in_array($_GET['page'],array('home','register','code','forgotpass','authent','about'))) { $_GET['page'] = 'home'; }
if(!$_GET['page']) {
  $_GET['page'] = 'home';
}
switch($_GET['page']) {
case 'home' : home(); break;
case 'register' : register(); break;
case 'forgotpass' : forgot_pass(); break;
case 'code' : code(); break;
case 'authent' : authent(); break;
case 'about' : about(); break;
}
?>
            </div>
         </td>
      </tr>
   </table>
   </center>
</body>
</html>

<?php
function home() {
  echo "<h1>Welcome</h1>
        <center>
        <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
           <tr>
              <td align = 'center' colspan = '3'>
                 <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i>
              </td>
           </tr>
           <tr>
              <td align = 'right' width = '60%'>
                 <h3><b>Users online today:</b></h3>
              </td>
              <td width = '10%'>
              </td>
              <td align = 'left'>";
                 $q_ry = "SELECT `usr_id`
                          FROM `usr_tbl`
                          WHERE `usr_lastact` >= '".(time()-86400)."'";
                 $totoday = mysql_num_rows(mysql_query($q_ry));
                 echo "<h3><b>".$totoday."</b></h3>";
              echo "</td>
           </tr>
           <tr>
              <td align = 'center' colspan = '3'>
                 <a href = 'login.php?page=register' style = 'color: #360000;'><h2><b>Register now!</b></h2></a>
              </td>
           </tr>
        </table>";
}
function about() {
  echo "<h1>About Us</h1>
        <center>
        <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
           <tr>
              <td align = 'center' colspan = '3'>
                 <i><b>Play University Of The Streets FREE - A live updating text based crime game. No download required and no plug in essential, start gangs, smuggle and produce drugs, commit crimes, play the casino, attack other players, become a property broker, buy and sell items, take part in a turf battle and much much more!</b></i>
              </td>
           </tr>
        </table>";
}
function register() {
  echo "<h1>Register</h1>
        <center>";
$_GET['ref'] = preg_replace('/[^0-9]/', '', $_GET['ref']);
$_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
$game_url = 'http://'.$_SERVER['HTTP_HOST'];
$referer = $game_url."/login.php";
$first_half = explode("?", $_SERVER['HTTP_REFERER']);
if($first_half[0] == $referer)
{
  if(!$_POST['usern']) {
     echo "<form action = 'login.php?page=register' method = 'post'>
           <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
              <tr valign = 'bottom'>
                 <td align = 'right' width = '125px'>
                    Username:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <input type = 'text' name = 'usern' id = 'usern'>
                 </td>
                 <td width = '150px'>
                    <span id = 'un_check' style = 'font-weight: 800;'><small>0-9, A-Z, _ & - only.</small></span>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right'>
                    Password:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <input type = 'password' name = 'passw' id = 'passw'>
                 </td>
                 <td width = '150px'>
                    <span id = 'pw_check' style = 'font-weight: 800;'></span>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right'>
                    Repeat password:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <input type = 'password' name = 'passwc' id = 'passwc'>
                 </td>
                 <td width = '150px'>
                    <span id = 'pw_checktwo' style = 'font-weight: 800;'></span>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right'>
                    Gender:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <select name = 'sex' style = 'width: 156px;'>
                       <option value = 'male' SELECTED>Male</option>
                       <option value = 'female'>Female</option>
                    </select>
                 </td>
                 <td width = '150px'>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right'>
                    Email address:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <input type = 'text' name = 'email' id = 'email'>
                 </td>
                 <td width = '150px'>
                    <span id = 'em_check' style = 'font-weight: 800;'><small>Email will be verified.</small></span>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right' valign = 'top'>
                    Captcha:
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                    <input type = 'text' name = 'captcha' id = 'captcha'>
                    <img src = 'captcha.php' width = '145px' height = '60px' style = 'margin-top: 6px; margin-left: -2px;'>
                 </td>
                 <td width = '150px'>
                    <span id = 'cap_check' style = 'font-weight: 800;'><small>Captcha will be verified.</small></span>
                 </td>
              </tr>
              <tr valign = 'bottom'>
                 <td align = 'right'>
                 </td>
                 <td width = '10px'>
                 </td>
                 <td align = 'left'>
                 </td>
                 <td width = '150px'>
                    <input type = 'submit' name = 'register' value = 'Register' id = 'linkage'>
                 </td>
              </tr>
           </table>
           </form>";
  }
  else
     {
     echo "<table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
              <tr>
                 <td align = 'center'>";
        $back = "<hr>><a href = 'login.php?page=register' style = 'font-weight: 800; cursor: pointer; color: black;'>Try again</a>";
        $check_name = check_name();
        if($check_name) {
           echo $check_name.$back;
        }
        else
           {
              $check_pass = check_pass();
              if($check_pass) {
                 echo $check_pass.$back;
              }
              else
                 {
                    $check_email = check_email();
                    if($check_email) {
                       echo $check_email.$back;
                    }
                    else
                       {
                          $_POST['email'] = stripslashes($_POST['email']);
                          $check_cap = check_cap();
                          if($check_cap) {
                             echo $check_cap.$back;
                          }
                          else
                             {
                                $code = null;
                                $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789'; 
                                for($i = 1; $i<=30; $i++) {
                                   $rand = rand(0,strlen($chars)-1);
                                   $code.=substr($chars, $rand, 1);
                                }
                                $link = 'http://'.$_SERVER['HTTP_HOST'];
                                $link.= '/login.php?page=code&code='.$code;
                                $message = "Hello ".$_POST['usern'].",\n\n
                                            Your email address has been used to create an account at university-of-the-streets.com.\n
                                            If this was not you please ignore this email, Otherwise click the link below to activate your account.\n\n
                                            ".$link;
                                if(!mail($_POST['email'], "Thank you for signing up to U.O.T.S", $message, "From: [email protected]"))
                                {
                                   echo "There was an error with your email, Please try again.".$back;
                                }
                                else
                                   {
                                      $sex = preg_replace('/[^a-z]/', '', $_POST['sex']);
                                      if(!in_array($sex, array('male','female'))) {
                                         $sex = 'male';
                                      }
                                      $usern = preg_replace('/[^0-9a-zA-Z-_]/', '', $_POST['usern']);
                                      $pass = $_POST['passw'];
                                      $email = strip_tags(stripslashes($_POST['email']));
                                      $ip = $_SERVER['REMOTE_ADDR'];
                                      $ref = preg_replace('/[^0-9]/', '', $_GET['ref']);
                                      $ref = $ref ? $ref : 0;
                                      $sql = "INSERT INTO `tmp_users`
                                              VALUES('NULL',
                                                     '".mysql_real_escape_string($usern)."',
                                                     '".mysql_real_escape_string(md5($pass))."',
                                                     '".mysql_real_escape_string($email)."',
                                                     '".mysql_real_escape_string($sex)."',
                                                     '".mysql_real_escape_string(time())."',
                                                     '".mysql_real_escape_string($ip)."',
                                                     '".mysql_real_escape_string($ref)."',
                                                     '".mysql_real_escape_string($code)."')";
                                      mysql_query($sql);
                                      echo "Thank you for signing up!<br><br>
                                            We have sent an email to you<br>
                                            You can activate your account here.";
                                   }
                             }
                       }
                 }
           }
           echo "</td>
              </tr>
           </table>";
     }
}
}


function forgot_pass() {
  echo "<h1>Forgot password</h1>";
$_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
$game_url = 'http://'.$_SERVER['HTTP_HOST'];
$referer = $game_url."/login.php";
$first_half = explode("?", $_SERVER['HTTP_REFERER']);
if($first_half[0] == $referer)
{
$_POST['email'] = strip_tags(stripslashes($_POST['email']));
     echo "<center>
           <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
              <tr>
                 <td align = 'center'>";
  if(!$_POST['email']) {
     echo "Please enter the email address you used to sign up for the account to recover your password.<br><br>
           <form action = 'login.php?page=forgotpass' method = 'post'>
           <table width = '100%'>
              <tr>
                 <td align = 'right'>
                    <b>Email address:</b> <input type = 'text' name = 'email'>
                 </td>
              </tr>
              <tr>
                 <td align = 'right'>
                    <input type = 'submit' name = 'continue' value = 'Continue' id = 'linkage'>
                 </td>
              </tr>
           </table>
           </form>";
  }
  else
     {
        $sql = "SELECT `usr_id`,`usr_nme`
                FROM `usr_tbl`
                WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'";
        $sql = mysql_query($sql);
        if(!mysql_num_rows($sql)) {
           echo "The account linked the email address \"".$_POST['email']."\"was not found!";
        }
        else
           {
                                $u = mysql_fetch_array($sql);
                                $temppass = null;
                                $chars = 'ABCDEFGHIJKLMOPQRSTUVXWYZ0123456789'; 
                                for($i = 1; $i<=8; $i++) {
                                   $rand = rand(0,strlen($chars)-1);
                                   $temppass.=substr($chars, $rand, 1);
                                }
                                $sql = "UPDATE `usr_tbl`
                                        SET `usr_pas` = '".mysql_real_escape_string(md5($temppass))."'
                                        WHERE `usr_id` = '".mysql_real_escape_string($u['usr_id'])."'";
                                mysql_query($sql);
                                $message = "Hello ".$u['usr_nme'].",\n\n
                                            We have sent you a new password as requested.\n
                                            This password should be changed as soon as you login to something you will remember.\n\n
                                            ".$temppass;
                                mail($_POST['email'], "Password recovery - U.O.T.S", $message, "From: [email protected]");
                                echo "An email with a new password has been sent to you<br>Remember to check junk if it does not appear in your inbox!";
           }
        echo "<hr>
                 ><a href = 'login.php?page=forgotpass' id = 'linkage' style = 'color: black;'>Back</a>
              <hr>";
     }
                 echo "</td>
              </tr>
           </table>";
}
}


function code() {
  echo "<h1>Confirm email</h1>";
$_GET['code'] = preg_replace('/[^0-9A-Z]/', '', $_GET['code']);
     echo "<center>
           <table width = '500px' style = 'background: rgba(225,225,225,0.7); border: solid 1px black;'>
              <tr>
                 <td align = 'center'>";
                 if(!$_GET['code']) {
                    echo "Invalid registration code!";
                 }
                 else
                    {
                       $sql = "SELECT *
                               FROM `tmp_users`
                               WHERE `code` = '".mysql_real_escape_string($_GET['code'])."'";
                       $sql = mysql_query($sql);
                       if(!mysql_num_rows($sql)) {
                          echo "Invalid registration code!";
                       }
                       else
                          {
                             $u = mysql_fetch_array($sql);
                             $sql = "INSERT INTO `usr_tbl` (`usr_nme`,`usr_login`,`usr_pas`,`usr_email`,
                                                            `usr_sex`,`usr_sign_date`,`usr_sign_ip`)
                                     VALUES ('".mysql_real_escape_string($u['tmp_uname'])."',
                                             '".mysql_real_escape_string($u['tmp_uname'])."',
                                             '".mysql_real_escape_string($u['tmp_pass'])."',
                                             '".mysql_real_escape_string($u['tmp_email'])."',
                                             '".mysql_real_escape_string($u['tmp_sex'])."',
                                             '".mysql_real_escape_string($u['tmp_date'])."',
                                             '".mysql_real_escape_string($u['tmp_ip'])."')";
                             mysql_query($sql);
                             $user_id = mysql_insert_id();
                             $sql = "INSERT INTO `usr_stats` (`usr_id`)
                                     VALUES ('".mysql_real_escape_string($user_id)."')";
                             mysql_query($sql);
                             $sql = "INSERT INTO `usr_equipped` (`e_userid`)
                                     VALUES ('".mysql_real_escape_string($user_id)."')";
                             mysql_query($sql);
                             $inbox = "Hello ".$u['tmp_uname'].", Welcome to crystal city, Today i will explain your first lessons on becoming a gangster on these streets, Up in the top right you have your missions tab, Click the missions tab and complete the steps i have set for this mission, At the end you will receive a small but worthy reward. If you have any problems don't hesitate to ask a member of staff for help. Staff can be found under the staff link in the city.";
                             inbox_msg($user_id, 3, 'Welcome', $inbox);
                             if($u['tmp_ref']) {
                             $sql = "SELECT `usr_id`
                                     FROM `usr_tbl`
                                     WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
                             $sql = mysql_query($sql);
                                if(mysql_num_rows($sql)) {
                                   $sql = "INSERT INTO `referers`
                                           VALUES ('NULL',
                                                   '".mysql_real_escape_string($u['tmp_ref'])."',
                                                   '".mysql_real_escape_string($user_id)."')";
                                   mysql_query($sql);
                                   $sql = "UPDATE `usr_tbl`
                                           SET `usr_referals` = `usr_referals` + '1'
                                           WHERE `usr_id` = '".mysql_real_escape_string($u['tmp_ref'])."'";
                                   mysql_query($sql);
                                   $msg = "Thank you for referring ".$u['tmp_uname']."[".$user_id."]!";
                                   in_event($u['tmp_ref'], $msg);
                                }
                             }
                             echo "Thank you for signing up ".$u['tmp_uname']."[".$user_id."]!<br><br>
                                   You may now login<br><br>
                                   Enjoy!";
                             $sql = "DELETE FROM `tmp_users`
                                     WHERE `tmp_id` = '".mysql_real_escape_string($u['tmp_id'])."'";
                             mysql_query($sql);
                          }
                    }
                 echo "</td>
              </tr>
           </table>";
}


function authent() {
   echo "<h1>Authentication</h1>";
   $error = "";
   $back = "> <a href = 'login.php'><font color = 'red'>Back</font></a>";
   $_POST['pass'] = htmlentities(stripslashes($_POST['pass']));
   $_POST['username'] = htmlentities(stripslashes($_POST['username']));
   if(!$_POST['username'] || !$_POST['pass']) {
      $error = "Please go back and fill in the form correctly.<br>".$back;
   }
   else {
   $sql = "SELECT `usr_id`,`usr_fed`
           FROM `usr_tbl`
           WHERE `usr_login` = '".mysql_real_escape_string($_POST['username'])."'
           AND `usr_pas` = '".mysql_real_escape_string(md5($_POST['pass']))."'
           LIMIT 1";
   $sql = mysql_query($sql);
   if(!mysql_num_rows($sql)) {
   $error = "User not found! Please go back and try again.<br>".$back;
   }
   else
      {
      $user = mysql_fetch_array($sql);
      unset($_SESSION['feduser']);
      if($user['usr_fed'] > time()) {
      $_SESSION['feduser'] = $user['usr_id'];
      header('location:fedjail.php');
      exit;
      }
      else
         {
            if($user['usr_fed']) {
               $sql = "UPDATE `usr_tbl`
                       SET `usr_fed` = '0'
                       WHERE `usr_id` = '".mysql_real_escape_string($user['usr_id'])."'";
               mysql_query($sql);
            }
         }
      $_SESSION['myid'] = $user['usr_id'];
      $_SESSION['verified'] = 0;
      $sql = "UPDATE `usr_tbl`
              SET `usr_last_login` = '".mysql_real_escape_string(time())."',
                  `usr_lastact` = '".mysql_real_escape_string(time())."'
              WHERE `usr_id` = '".mysql_real_escape_string($_SESSION['myid'])."'";
      mysql_query($sql);


      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '5'";
      $rtoday = mysql_fetch_array(mysql_query($q_ry));
      $rtoday = $rtoday['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-86400)."
               ORDER BY `usr_lastact` DESC";
      $totoday = mysql_num_rows(mysql_query($q_ry));
      if($totoday > $rtoday) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '5'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '6'";
      $rhour = mysql_fetch_array(mysql_query($q_ry));
      $rhour = $rhour['setting_value'];
      $q_ry = "SELECT `usr_id`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-3600)."
               ORDER BY `usr_lastact` DESC";
      $tothour = mysql_num_rows(mysql_query($q_ry));
      if($tothour > $rhour) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '6'";
         mysql_query($sql);
      }
      $q_ry = "SELECT `setting_value`
               FROM `game_set`
               WHERE `setting_id` = '7'";
      $rnow = mysql_fetch_array(mysql_query($q_ry));
      $rnow = $rnow['setting_value'];
      $q_ry = "SELECT `usr_id`,`usr_lastact`
               FROM `usr_tbl`
               WHERE `usr_lastact` >= ".(time()-900)."
               ORDER BY `usr_lastact` DESC";
      $onl = mysql_num_rows(mysql_query($q_ry));
      if($onl > $rnow) {
         $sql = "UPDATE `game_set`
                 SET `setting_value` = `setting_value` + '1'
                 WHERE `setting_id` = '7'";
         mysql_query($sql);
      }

      header('location:index.php');
      }
   }
   if($error != '') { echo "<font color = 'red'><b>".$error."</b></font>"; }
}

function add_live($id, $function) {
  $sql = "SELECT `usr_live`
          FROM `usr_tbl`
          WHERE `usr_id` = '".mysql_real_escape_string($id)."'";
  $live = mysql_fetch_array(mysql_query($sql));
  $live = $live['usr_live'];
  $live.= $function;
  $sql = "UPDATE `usr_tbl`
          SET `usr_live` = '".mysql_real_escape_string($live)."'
          WHERE `usr_id` = '".mysql_real_escape_string($id)."'";
  mysql_query($sql);
}
function inbox_msg($user, $from, $subj, $mesg) {
$sql = "INSERT INTO `usr_msgs`
       VALUES('NULL',
              '".mysql_real_escape_string($user)."',
              '".mysql_real_escape_string($from)."',
              '".time()."',
              '".mysql_real_escape_string($subj)."',
              '".mysql_real_escape_string($mesg)."',
              'no')";
mysql_query($sql);
add_live($user, "add_msg();");
}
function in_event($player, $text) {
  $text = stripslashes($text);
  mysql_query("INSERT INTO `usr_events`
               VALUES('NULL', 
                      '".mysql_real_escape_string($player)."',
                      '".time()."',
                      '".mysql_real_escape_string($text)."',
                      'no')");
  add_live($player, "add_event();");
}


function check_name() {
  $username = $_POST['usern'];
  if(!$username) {
     return "Username cannot be empty.";
  }
  else
     {
        if(preg_match('/[^0-9a-zA-Z-_]/', $username)) 
        { 
           return "Invalid characters detected in your username!";
        }
        else
           {
              $username = preg_replace('/[^0-9a-zA-Z-_]/', '', $username);
              if(strlen($username) < '3') {
                 return "Your username is too short!";
              }
              else
                 {
                    if(strlen($username) > '21') {
                       return "Your username is too long.";
                    }
                    else
                       {
                          $sql1 = "SELECT `usr_id`
                                  FROM `usr_tbl`
                                  WHERE `usr_nme` = '".mysql_real_escape_string($username)."' ||
                                        `usr_login` = '".mysql_real_escape_string($username)."'";
                          $sql1 = mysql_query($sql1);
                          $sql2 = "SELECT `tmp_id`
                                  FROM `tmp_users`
                                  WHERE `tmp_uname` = '".mysql_real_escape_string($username)."'";
                          $sql2 = mysql_query($sql2);
                          if(mysql_num_rows($sql1) || mysql_num_rows($sql2)) {
                             return "This username is already in use.";
                          }
                          else
                             {
                                return 0;
                             }
                       }
                 }
           }
     }
}
function check_pass() {
  $pass = $_POST['passw'];
  $passtwo = $_POST['passwc'];
  if(!$pass || !$passtwo) {
     return "Password does not match.";
  }
  else
     {
        if($pass != $passtwo) 
        { 
           return "Password does not match.";
        }
        else
           {
              return 0;
           }
     }
}
function check_email() {
  $_POST['email'] = strip_tags(stripslashes($_POST['email']));
  if(!$_POST['email']) 
  { 
     return "Email address cannot be empty.";
  }
  else
     {
     $email = explode("@", $_POST['email']);
     $check_for_the_dot = explode(".", $email[1]);
     if(substr_count($_POST['email'], "@") > '1')
     { 
        return "Invalid email address.";
     }
     else
        {
           if(!$check_for_the_dot[1])
           { 
              return "Invalid email address.";
           }
           else
              {
                 $sql = "SELECT `setting_value`
                         FROM `game_set`
                         WHERE `setting_id` = '4'";
                 $bad_url = mysql_fetch_array(mysql_query($sql));
                 $bad_url = explode(",", $bad_url['setting_value']);
                 if(in_array($email[1], $bad_url)) {
                    return "Disposable email addresses cannot be used.";
                 }
                 else
                    {
                       if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
                       { 
                          return "Invalid email address.";
                       }
                       else
                          {
                             $sql = "SELECT `usr_id`
                                     FROM `usr_tbl`
                                     WHERE `usr_email` = '".mysql_real_escape_string($_POST['email'])."'";
                             $sql = mysql_query($sql);
                             $sql2 = "SELECT `tmp_id`
                                     FROM `tmp_users`
                                     WHERE `tmp_email` = '".mysql_real_escape_string($_POST['email'])."'";
                             $sql2 = mysql_query($sql2);
                             if(mysql_num_rows($sql) || mysql_num_rows($sql2)) 
                             { 
                                return "Email address exists.";
                             }
                             else
                                {
                                   return 0;
                                }
                          }
                    }
              }
        }
   }
}
function check_cap() {
  $cap = $_POST['captcha'];
  if(!$cap) {
     return "Captcha cannot be empty.";
  }
  else
     {
        if($cap != $_SESSION['cap_code']) 
        { 
           return "Captcha did not match.";
        }
        else
           {
              return 0;
           }
     }
}
?>
Edited by KyleMassacre
More code tags
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...