Junior Spellweaver
- Joined
- Dec 21, 2013
- Messages
- 140
- Reaction score
- 3
I have little to no knowledge on these things so please forgive me >~<
I wanted to limit the amount of registrations each player can have by their IP by 3. I believe it can be bypassed easily, but it's still better than nothing I guess.
My guess is
if that even is correct
Then after that place in the registration page
do whatever.
Registration Page
Is that how it's suppose to be done? If it's not, which part do I change? I believe that is what's needed to check the IP's then count the amount of equivalent IP's.
Thanks in advance!
I wanted to limit the amount of registrations each player can have by their IP by 3. I believe it can be bypassed easily, but it's still better than nothing I guess.
My guess is
Code:
$query=mysql_query("SELECT * FROM accounts WHERE ip='" . mysql_real_escape_string($_POST["ip"]) . "'");
Then after that place in the registration page
Code:
} else if (mysql_num_rows($query) > 3) {
Registration Page
Code:
<?php
if(basename($_SERVER["PHP_SELF"]) == "register.php"){
die("Error 404");
}
?>
<?php
if (isset($_POST['register'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$cpassword = mysql_real_escape_string($_POST['cpassword']);
$email = mysql_real_escape_string($_POST['email']);
$birth = mysql_real_escape_string($_POST['birth']);
$ip = mysql_real_escape_string($_POST['ip']) ;
$ucheck = mysql_query("SELECT * FROM `accounts` WHERE `name`='" . $username . "'") or die(mysql_error());
if ($username == "") {
echo "<div class=\"error\">Please enter in a username.</div>";
} else if (mysql_num_rows($ip) > 3) {
echo "<div class=\"error">Registration limit reached. Please contact an administrator to increase the limit.</div>";
} elseif (mysql_num_rows($ucheck) >= 1) {
echo "<div class=\"error\">Username is already being used.</div>";
} elseif ($password == "") {
echo "<div class=\"error\">Please enter in a password.</div>";
} elseif ($password != $cpassword) {
echo "<div class=\"error\">The passwords do not match.</div>";
} elseif ($email == "") {
echo "<div class=\"error\">Please enter in an email.</div>";
} elseif (strlen($username) < 4) {
echo "<div class=\"error\">Username must be between 4 and 12 characters!</div>";
} elseif (strlen($username) > 12) {
echo "<div class=\"error\">Username must be between 4 and 12 characters!</div>";
} elseif (strlen($password) < 6) {
echo "<div class=\"error\">Password must be between 6 and 12 characters!</div>";
} elseif (strlen($password) > 12) {
echo "<div class=\"error\">Password must be between 6 and 12 characters!</div>";
} elseif (strlen($birth) > 10) {
echo "<div class=\"error\">Please enter in a username.</div>";
} else {
$ia = mysql_query("INSERT INTO `accounts` (`name`,`password`,`birthday`,`email`) VALUES ('" . $username . "','" . sha1($password) . "','" . $birth . "','" . $email . "')") or die(mysql_error());
echo "<div id=\"error\">You are now registered to ".$servername."!</div>";
}
}
?>
<br/>
<form method="POST" action="">
<table width="370" align="center">
<tr>
<td style="float: left;">Username: </td>
<td style="float: right;"><input type="text" name="username" class='tip-fw' title="The maximum lenght is 12 characters." maxlength="12" autocomplete="off" placeholder="Username" required autofocus>
</td>
</tr>
<tr>
<td style="float: left;">Password: </td>
<td style="float: right;"><input type="password" name="password" class='tip-fw' title="Enter a password between 1~12 characters." maxlength="12" placeholder="Password" required></td>
</tr>
<tr>
<td style="float: left;">Comfirm Password: </td>
<td style="float: right;"><input type="password" name="cpassword" class='tip-fw' title="Confirm your password." maxlength="12" placeholder="Comfirm Password" required></td>
</tr>
<tr>
<td style="float: left;">Email: </td>
<td style="float: right;"><input type="text" class='tip-fw' title="Please enter a valid Email Address." name="email" placeholder="Email" required></td>
</tr>
<tr>
<td style="float: left;">Birthday:<br><small>(YYYY-MM-DD)</small> </td>
<td style="float: right;"><input id="datepicker" type="text" maxlength="10" class='tip-fw' title="Ex. 1990/01/30" name="birth" placeholder="Birthday" required></td>
</tr>
<b>reCaptcha:</b>
<div class="g-recaptcha" data-sitekey="6Ld0Sw0TAAAAANGmNu3CmMYQ-WrSYhL97XL3bH9a"></div>
<br/>
</table>
<center><input type="submit" class="button" value="Register" name="register"></center>
</form>
Is that how it's suppose to be done? If it's not, which part do I change? I believe that is what's needed to check the IP's then count the amount of equivalent IP's.
Thanks in advance!
Last edited: