bridge
Scris: 14-Aug-2006, 13:41:42
Am un script de logare facut de altcineva @Zero si am incercat sa il fac in asa fel incat sa se foloseasca si pe site si po forum acelasi user. Nu am reusit. Ma puteti ajuta?
Scriptul original arata asa:
alter.php
connect.php
setup.php
index.php
create.php
confirmation.php
1) se modifica datele din connect.php si din create.php (la smtp -eu folosesc inmail)
2) se uploadeaza fisierele
3)se creaza baza de date accesand fisierul setup.php si se acceseaza o singura data fisierul alter.php (nu stiu de ce asa a scris de unde l-am luat) apoi se sterg amvele.
4) trebuie sa te ocupi de partea de design
5) totul e gata
Eu nu ma prea pricep la php si am incercat sa modific numai connect.php si index.php care arata asa.
connect.php
index.php
Dar nu vrea sa mearga. Imi spune "Autentificare eronata". Nu stiu ce sa fac.
Ajutati-ma pls.
Scriptul original arata asa:
alter.php
Cod: Selectaţi tot
<?
$host = "localhost";
$user = "user_xhost_ro";
$pass = "parola";
$dbase = "user_xhost_ro";
$table = "users";
?>
Cod: Selectaţi tot
<?
include "connect.php";
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
@mysql_query("ALTER TABLE ".$table." ADD activated TINYINT DEFAULT '0' NOT NULL",$connection);
@mysql_query("UPDATE ".$table." SET activated=1",$connection);
@mysql_close($connection);
?>
Cod: Selectaţi tot
<?
include "connect.php";
if (isset($_POST['action']) && $_POST['action'] == 'reset') {
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
@mysql_query("DROP TABLE IF EXISTS ".$table,$connection);
@mysql_query("CREATE TABLE ".$table." (id SMALLINT(5) AUTO_INCREMENT PRIMARY KEY, username VARCHAR(45) NOT NULL, password TEXT NOT NULL, email VARCHAR(45) NOT NULL) TYPE=MyISAM",$connection);
}
?>
<html>
<head>
</head>
<body>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="hidden" name="action" value="reset">
<input type="submit" name="Submit" value="create / reset database">
</form>
</body>
</html>
Cod: Selectaţi tot
<?
session_start();
include "connect.php";
function check_account($username, $password) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT id FROM ".$table." WHERE username='".$username."' and password='".MD5($password)."' and activated=1",$connection);
if (@mysql_num_rows($query) != 0) {
return true;
} else {
return false;
}
@mysql_close($connection);
}
function account_email($username) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT email FROM ".$table." WHERE username='".$username."'",$connection);
$result= @mysql_fetch_array($query);
return $result['email'];
@mysql_close($connection);
}
if (!isset($_SESSION['auth'])) {
$_SESSION['auth'] = "logout";
}
if ((isset($_POST['action'])) && ($_POST['action'] == "login")) {
if (check_account(strip_tags($_POST['username']),strip_tags($_POST['password']))) {
$_SESSION['auth'] = "login";
$_SESSION['account']['username'] = strip_tags($_POST['username']);
$_SESSION['account']['email'] = account_email(strip_tags($_POST['username']));
} else {
echo "<span style=\"color: #FF0000\">Autentificare eronata !</span><br><br>";
}
}
if ((isset($_POST['action'])) && ($_POST['action'] == "logout")) {
$_SESSION['auth'] = "logout";
}
?>
<html>
<head>
</head>
<body>
<?
if ($_SESSION['auth'] == "logout") {
?>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
Username <input type="text" name="username"><br />
Password <input type="password" name="password"><br /><br />
<a href="create.php">register</a><br /><br />
<input type="hidden" name="action" value="login">
<input type="submit" name="Submit" value="login">
</form>
<?
} elseif ($_SESSION['auth'] == "login") {
echo "Username: ".$_SESSION['account']['username']."<br>";
echo "e-Mail: <span style=\"color: #FF0000;\">".$_SESSION['account']['email']."</span><br><br>";
?>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="hidden" name="action" value="logout">
<input type="submit" name="Submit" value="logout">
</form>
<?
}
?>
</body>
</html>
Cod: Selectaţi tot
<?
include "connect.php";
function getmicrotime(){
list($usec, $sec) = explode(" ",microtime());
return ((float)$usec + (float)$sec);
};
function valid_mail($email) {
if (!ereg("[^@]{1,64}@[^@]{1,255}", $email)) {
return false;
}
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
return false;
}
}
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false;
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
function check_account($username,$email) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT id FROM ".$table." WHERE username='".$username."' OR email='".$email."'");
if (@mysql_num_rows($query) == 0) {
return true;
} else {
return false;
}
@mysql_close($connection);
}
function create_account($username, $password, $email) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
$tstamp = getmicrotime();
$primary = $_SERVER[REMOTE_ADDR];
$ffd = $_SERVER[HTTP_X_FORWARDED_FOR];
$secondary = explode(",", $ffd);
$ip = strlen($ffd) > 0 ? $secondary[0] : $primary;
@mysql_select_db($dbase);
@mysql_query("INSERT INTO ".$table." VALUES ('','".$username."','".MD5($password)."','".$email."','".$ip."','".$tstamp."','0')",$connection);
@mysql_close($connection);
}
function send_confirmation($password,$email) {
$account_addr = "contultau.xhost.ro"; // trebuie modificat cu adresa contului tau de pe xhost (fara prefix si/sau sufix)
$account_mail = "contutau@xhost.ro"; // trebuie modificat cu adresa de email a contului tau de pe xhost
$account_pass = "parola"; // trebuie modificat cu parola contului tau de pe xhost
$email_subject = "Activare cont ...";
$email_body = "Pentru activarea contului va trebui sa apasati pe link-ul de mai jos sau sa-l copiati si accesati in browser-ul dumneavoastra:"."\r\n"."\r\n";
$email_body .= "http://".$account_addr."/confirmation.php?id=".md5($password)."\r\n"."\r\n";
$email_body .= "Va multumim,"."\r\n";
$email_body .= "Echipa";
require_once("/allowrun/smtp.php");
smtpmail("localhost", 25, $account_mail, $account_pass, $account_mail, $email, $email_subject, $email_body);
}
if ((isset($_POST['action'])) && ($_POST['action'] == "create")) {
$_email_ = strip_tags($_POST['email']);
$_username_ = strip_tags($_POST['username']);
$_password_ = strip_tags($_POST['password']);
if (valid_mail($_email_)) {
if (check_account($_username_,$_email_)) {
create_account($_username_,$_password_,$_email_);
send_confirmation($_password_,$_email_);
echo "Contul a fost creat cu succes. Pentru a finaliza inregistrarea va rugam accesati link-ul de confirmare trimis pe adresa dumneavoastra de e-mail.<br><br>";
echo "<a href=\"index.php\">login</a>";
exit;
} else {
echo "Eroare: <span style=\"color: #FF0000\">Exista deja un utilizator cu acest nume sau aceasta adresa de e-Mail !</span><br><br>";
}
} else {
echo "Eroare: <span style=\"color: #FF0000\">Adresa de e-Mail nu este valida !</span><br><br>";
}
}
?>
<html>
<head>
</head>
<body>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
Username <input type="text" name="username"><br />
Password <input type="password" name="password"><br />
e-Mail <input type="text" name="email"><br /><br />
<input type="hidden" name="action" value="create">
<input type="submit" name="Submit" value="create">
</form>
</body>
</html>
Cod: Selectaţi tot
function check_account($username, $password) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT id FROM ".$table." WHERE username='".$username."' and password='".MD5($password)."' and activated=1",$connection);
if (@mysql_num_rows($query) != 0) {
return true;
} else {
return false;
}
@mysql_close($connection);
}
2) se uploadeaza fisierele
3)se creaza baza de date accesand fisierul setup.php si se acceseaza o singura data fisierul alter.php (nu stiu de ce asa a scris de unde l-am luat) apoi se sterg amvele.
4) trebuie sa te ocupi de partea de design
5) totul e gata
Eu nu ma prea pricep la php si am incercat sa modific numai connect.php si index.php care arata asa.
connect.php
Cod: Selectaţi tot
<?
$host = "localhost";
$user = "user_xhost_ro";
$pass = "parola";
$dbase = "user_xhost_ro";
$table = "phpbb_users";
?>
Cod: Selectaţi tot
<?
session_start();
include "new_user/connect.php";
function check_account($username, $user_password) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT id FROM ".$table." WHERE username='".$username."' and password='".MD5($user_password)."' and user_active=1",$connection);
if (@mysql_num_rows($query) != 0) {
return true;
} else {
return false;
}
@mysql_close($connection);
}
function account_details($username) {
global $host, $user, $pass, $dbase, $table;
$connection = @mysql_connect($host,$user,$pass);
@mysql_select_db($dbase);
$query = @mysql_query("SELECT * FROM ".$table." WHERE username='".$username."'",$connection);
$result= @mysql_fetch_array($query);
$_SESSION['account']['username'] = $result['username'];
$_SESSION['account']['user_email'] = $result['user_email'];
$_SESSION['account']['tstamp'] = date('d.m.Y | H:i:s',$result['user_regdate']);
@mysql_close($connection);
}
if (!isset($_SESSION['auth'])) {
$_SESSION['auth'] = "logout";
}
if ($_SESSION['auth'] == "login") {
header("Location: ".$user_file);
}
if ((isset($_POST['action'])) && ($_POST['action'] == "login")) {
if (check_account(strip_tags($_POST['username']),strip_tags($_POST['password']))) {
$_SESSION['auth'] = "login";
account_details(strip_tags($_POST['username']));
header("Location: ".$user_file);
} else {
echo "<span style=\"color: #FF0000\">Autentificare eronata !</span><br><br>";
}
}
if ((isset($_POST['action'])) && ($_POST['action'] == "logout")) {
$_SESSION['auth'] = "logout";
}
?>
<html>
<head>
</head>
<body>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
Username <input type="text" name="username"><br />
Password <input type="password" name="password"><br /><br />
<a href="new_user/create.php">register</a><br /><br />
<input type="hidden" name="action" value="login">
<input type="submit" name="Submit" value="login">
</form>
</body>
</html>
Dar nu vrea sa mearga. Imi spune "Autentificare eronata". Nu stiu ce sa fac.
Ajutati-ma pls.