cla emblem

Results 1 to 2 of 2
  1. 17-01-13 #1
    Aprodite
    Enthusiast Aprodite is offline
    MemberRank
    Jan 2012 Join Date
    36Posts

    cla emblem

    hello people so I would like to know how to put md5 in clã emblema
    this is my emblem
    PHP Code:
    <? 
    if ($_SESSION['AID'] == ""){
            msgbox("Por Favor logue-se primeiro !","index.php?do=login");
    }

    require_once     "sec.php";
    $action anti_injection($_GET['act']);
    $step anti_injection($_GET['step']);
    $step $_GET['step'];
    if(    $step == "")
    {
            $step 1;
    }
    if (    $step == '1'
    {
    ?>
    <?
    if (isset($_GET['step'])) {
            $argv explode('-',$_GET['step']);
            settype($argv,'array'); 
            $_GET['emblem'] = @$argv[0];
            $_GET['url'] = @$argv[1];
            $_GET['do'] = @$argv[2];
            $_GET['uploaded'] = @$argv[3];
    }
    ?>

    <?
    Function Filtrrar($str){
            $caracters = array("!""from""select""insert""where""show tables""shutdown""update""set"".jpg%00.php"".php");
            $blank "";
    return     str_replace($caracters$blank$str); 
    }
    ?>
    <?php
    //Anti SQL Injection
    $otinane "Just kill yourself already!";

    $input  urldecode($_SERVER['QUERY_STRING']);
    $bads = array('union' 'select' '<script>' 'substring' 'having' '--' 'drop' 'create' 'rename' 'insert' 'load data' 'replace' 'revoke' 'update' 'join' 'kill' 'flush' 'procedure''like' 'order by' 'group by' 'concat' 'group_concat');

    for(    $i=0;$i<=count($bads);$i++)
    {
    $pos strripos($input$bads[$i]);
    if (    $pos) { echo"$otinane"; exit; }
    }
    ?>
    <FORM METHOD=POST ACTION="?do=emblemas&step=2">
    <br />
    <br />
    <center><p> Clã Emblema</p></center>
    <p>Etapa 1/3</p>
    <p>
    Usuário: <input name="user" type="textfield" maxlength="14"/><p>

    Senha: <input name="pass" type="password" maxlength="14" />
    <p>
    <input type="submit" value="Proximo ->" />
    <br />
    </form>

    <?
    }
    if (    $step == "2"
    {

            $user1 anti_injection($_POST['user']);
            $pass1 anti_injection($_POST['pass']);
        if (    valida(Array($user1,$pass1)) == TRUE)
        {
                $query mssql_query("SELECT AID From Login Where UserID = '$user1' AND Password = '$pass1' ");

            if (    mssql_num_rows($query) < 1)
            {
                echo     "<br>login ou senha incorretos!";
            }
            else
            {
                    $query2 mssql_query("SELECT Login.UserID, Login.Password, ClanMember.Grade, Clan.EmblemUrl, Clan.Name, Clan.CLID FROM ClanMember INNER JOIN Clan ON ClanMember.CLID = Clan.CLID INNER JOIN Login INNER JOIN Character ON Login.AID = Character.AID ON ClanMember.CID = Character.CID Where Login.UserID = '$user1' and Login.Password = '$pass1' and ClanMember.Grade = '1' ");
                if (    mssql_num_rows($query2) >= '1')
                { 
                    ?>
    <form enctype="multipart/form-data" action="?do=emblemas&step=done" method="POST">
                        <p><br />
    <center><p>Final Emblema<p></center>
                                            <p>Etapa 2/3</p>
                         <p>Por favor insira o emblema: </p>
                            <input name="uploaded" type="file" />
        </p>
                        <p>
                          <select name="clan">
                            
                                <? 
                                for($i=''$i < @mssql_num_rows($query2); $i++)
                            {
                                    $row = @mssql_fetch_row($query2);
                                    $ClanName $row[4];
                                ?>
                            <option value="<?=$row[4]?>"><?=$row[4]?></option>
                                        <?
                                }
                                ?>
                          </select>
                          <br />
        </p>
                        <p>Você pode fazer upload de imagens 64x64 até 60kb.</p><br />
                          <br />
                          <input type="submit" value="Enviar" /><br />
                          <br />
        </p>
    </form>
                <? 
                    }
                else 
                { 
                    echo     "<p>Você não é o Líder do Clan</p>";
                } 
            }
        }
    }

    if (    $step == "done"
    {                   
            $emblem $_POST['uploaded'] ;
            $CLID $_POST['clan'];
            $target "emblem/";
            $target $target basename$_FILES['uploaded']['name']) ;
            $imagem_nome md5(uniqid(time())) . "." $ext[1];
                $target22 "/emblem/" $imagem_nome;
                $target22 $target22 basename$_FILES['uploaded']['name']) ;
            $ok=1;


            $partes pathinfo$_FILES['uploaded']['name'] );
            $extensao $partes['extension'];

            $extensoes = array('jpg''jpeg''png''gif');

        if(    $_FILES['uploaded']['size']  > "60720")
        {
                $err .= "A imagem é muito larga.<br>";
                $ok 1;
        }

        if( !    in_array(strtolower($extensao), $extensoes) )
        {
                $err .= "<p>Formato de imagem não aceita.</p><br>";
                $ok 1;
        }

        
        if (    $ok == 0)
        {
            echo     "<p>Desculpe, sua imagem não foi aceita.<br />Verifique os erros:</p><br /><br />";
            echo     "$err";
        }
        else
        {
            if(    move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
                {
                    echo     "<p>Seu emblema foi inserido com sucesso.</p><br />";
                        mssql_query("UPDATE Clan SET EmblemChecksum = EmblemChecksum + 1 WHERE Name = '$CLID'");
                        mssql_query("UPDATE Clan SET EmblemUrl = '".$target22."' WHERE Name = '$CLID'");
                }
                else
                {
                    echo     "<p>Desculpe, ocorreu um problema, tente novamente.</p>";
                }
        }
    }

    ?>
    </font>
    : Ott1:
    Reply With Quote Reply With Quote
  2. Check out our sponsor
    cla emblem
  3. 23-01-13 #2
    Korey
    Member Korey is offline
    MemberRank
    Jan 2013 Join Date
    66Posts

    Re: cla emblem

    Quote Originally Posted by Aprodite View Post
    hello people so I would like to know how to put md5 in clã emblema
    this is my emblem
    PHP Code:
    <? 
    if ($_SESSION['AID'] == ""){
            msgbox("Por Favor logue-se primeiro !","index.php?do=login");
    }

    require_once     "sec.php";
    $action anti_injection($_GET['act']);
    $step anti_injection($_GET['step']);
    $step $_GET['step'];
    if(    $step == "")
    {
            $step 1;
    }
    if (    $step == '1'
    {
    ?>
    <?
    if (isset($_GET['step'])) {
            $argv explode('-',$_GET['step']);
            settype($argv,'array'); 
            $_GET['emblem'] = @$argv[0];
            $_GET['url'] = @$argv[1];
            $_GET['do'] = @$argv[2];
            $_GET['uploaded'] = @$argv[3];
    }
    ?>

    <?
    Function Filtrrar($str){
            $caracters = array("!""from""select""insert""where""show tables""shutdown""update""set"".jpg%00.php"".php");
            $blank "";
    return     str_replace($caracters$blank$str); 
    }
    ?>
    <?php
    //Anti SQL Injection
    $otinane "Just kill yourself already!";

    $input  urldecode($_SERVER['QUERY_STRING']);
    $bads = array('union' 'select' '<script>' 'substring' 'having' '--' 'drop' 'create' 'rename' 'insert' 'load data' 'replace' 'revoke' 'update' 'join' 'kill' 'flush' 'procedure''like' 'order by' 'group by' 'concat' 'group_concat');

    for(    $i=0;$i<=count($bads);$i++)
    {
    $pos strripos($input$bads[$i]);
    if (    $pos) { echo"$otinane"; exit; }
    }
    ?>
    <FORM METHOD=POST ACTION="?do=emblemas&amp;step=2">
    <br />
    <br />
    <center><p> Clã Emblema</p></center>
    <p>Etapa 1/3</p>
    <p>
    Usuário: <input name="user" type="textfield" maxlength="14"/><p>

    Senha: <input name="pass" type="password" maxlength="14" />
    <p>
    <input type="submit" value="Proximo ->" />
    <br />
    </form>

    <?
    }
    if (    $step == "2"
    {

            $user1 anti_injection($_POST['user']);
            $pass1 anti_injection($_POST['pass']);
        if (    valida(Array($user1,$pass1)) == TRUE)
        {
                $query mssql_query("SELECT AID From Login Where UserID = '$user1' AND Password = '$pass1' ");

            if (    mssql_num_rows($query) < 1)
            {
                echo     "<br>login ou senha incorretos!";
            }
            else
            {
                    $query2 mssql_query("SELECT Login.UserID, Login.Password, ClanMember.Grade, Clan.EmblemUrl, Clan.Name, Clan.CLID FROM ClanMember INNER JOIN Clan ON ClanMember.CLID = Clan.CLID INNER JOIN Login INNER JOIN Character ON Login.AID = Character.AID ON ClanMember.CID = Character.CID Where Login.UserID = '$user1' and Login.Password = '$pass1' and ClanMember.Grade = '1' ");
                if (    mssql_num_rows($query2) >= '1')
                { 
                    ?>
    <form enctype="multipart/form-data" action="?do=emblemas&amp;step=done" method="POST">
                        <p><br />
    <center><p>Final Emblema<p></center>
                                            <p>Etapa 2/3</p>
                         <p>Por favor insira o emblema: </p>
                            <input name="uploaded" type="file" />
        </p>
                        <p>
                          <select name="clan">
                            
                                <? 
                                for($i=''$i < @mssql_num_rows($query2); $i++)
                            {
                                    $row = @mssql_fetch_row($query2);
                                    $ClanName $row[4];
                                ?>
                            <option value="<?=$row[4]?>"><?=$row[4]?></option>
                                        <?
                                }
                                ?>
                          </select>
                          <br />
        </p>
                        <p>Você pode fazer upload de imagens 64x64 até 60kb.</p><br />
                          <br />
                          <input type="submit" value="Enviar" /><br />
                          <br />
        </p>
    </form>
                <? 
                    }
                else 
                { 
                    echo     "<p>Você não é o Líder do Clan</p>";
                } 
            }
        }
    }

    if (    $step == "done"
    {                   
            $emblem $_POST['uploaded'] ;
            $CLID $_POST['clan'];
            $target "emblem/";
            $target $target basename$_FILES['uploaded']['name']) ;
            $imagem_nome md5(uniqid(time())) . "." $ext[1];
                $target22 "/emblem/" $imagem_nome;
                $target22 $target22 basename$_FILES['uploaded']['name']) ;
            $ok=1;


            $partes pathinfo$_FILES['uploaded']['name'] );
            $extensao $partes['extension'];

            $extensoes = array('jpg''jpeg''png''gif');

        if(    $_FILES['uploaded']['size']  > "60720")
        {
                $err .= "A imagem é muito larga.<br>";
                $ok 1;
        }

        if( !    in_array(strtolower($extensao), $extensoes) )
        {
                $err .= "<p>Formato de imagem não aceita.</p><br>";
                $ok 1;
        }

        
        if (    $ok == 0)
        {
            echo     "<p>Desculpe, sua imagem não foi aceita.<br />Verifique os erros:</p><br /><br />";
            echo     "$err";
        }
        else
        {
            if(    move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
                {
                    echo     "<p>Seu emblema foi inserido com sucesso.</p><br />";
                        mssql_query("UPDATE Clan SET EmblemChecksum = EmblemChecksum + 1 WHERE Name = '$CLID'");
                        mssql_query("UPDATE Clan SET EmblemUrl = '".$target22."' WHERE Name = '$CLID'");
                }
                else
                {
                    echo     "<p>Desculpe, ocorreu um problema, tente novamente.</p>";
                }
        }
    }

    ?>
    </font>
    : Ott1:
    What do you mean by MD5? you mean adding MD5 at the login part?
    If yes follow this tutorial.

    At the :
    Code:
    $user1 = anti_injection($_POST['user']);
$pass1 = anti_injection($_POST['pass']);
    Replace it with this :
    Code:
    $user1 = anti_injection($_POST['user']);
$pass1 = anti_injection($_POST['pass']);
$md5pass = md5($pass1);
    With the :

    Code:
    $query = mssql_query("SELECT AID From Login Where UserID = '$user1' AND Password = '$pass1'
    Replace it with this :

    Code:
    $query = mssql_query("SELECT AID From Login Where UserID = '$user1' AND Password = '$md5pass'
    All the best.
    Korey
    Last edited by Korey; 23-01-13 at 09:49 AM.
    Reply With Quote Reply With Quote


« Previous Thread | Next Thread »

Advertisement