Hi
PyePT Administration Panel ~ Login
this is one example of account management i have the XPT account managment but i cant configure it =)
i need one good less Sandurr
please
Hi
PyePT Administration Panel ~ Login
this is one example of account management i have the XPT account managment but i cant configure it =)
i need one good less Sandurr
please
I'm writing one right now
Completely done... none of that single username and single password registration... It will have email fields and everything lol
Prevent account creation spammage lol
Aside from that I have to figure out the ranking heh then I'll release it, maybe =p
It's taken a bit to get it all right since I'm not too good with php=>mssql. Few things are a bit tricky
In this case I believe he means account management such as 100% skills, setting hair model, resetting location, managing clans etc etc all in one CP.
I have to learn how to gather info from the userdata files then resave them back, but yah once I learn all dat I'll try and add those in lolOriginally Posted by SiK
Clans I can do but the rest of that requires userdata stuff so it will take some time lol
I suppose at the point I might be able to add in a cash shop... Cash shops make any game awesome lol. Automatic donation item to inventory =p
But it will be a while before I'm done, if I ever get done lol
**Edit**
**Edit2**
Nvm, Operz files aren't complete lol
I'll be coding them myself =p
use the xpt control panel, its written in php and works great :)
I don't think the SQL inject vulnerable scripts in that CP were ever fixed, if your going to use them I suggest correcting them first before your standing around one day with all of your tables dropped.
MSSQL is easy to hack in if the account have a full permission Example SYSADMIN better use a normal account with permission read write + disable the SQL from sending data to client.
To avoid your SQL database to have tables Dropped or columns wiped off with a read and write permission do the following
1) Limit the number of inputs in the user field
Limit the number of inputs in the Pass field
2) Encrypt the data in your SQL table
Enable SQL to log connections of failed login attempts to SQL server
Backup regularly
Make sure that your asp scripts at least have some commands to filter out the SQL injection commands such as Drop and others can be found on Google
---------------
Using sanders clan system risk's your database
1) the methods that is posted on forums how to enable multi manager is wrong, by that method all what you are doing is enable TCP connections to MSSQL to be done, people will be able to type in account SA and a brute forcer to get pass then login and remove even the backup disk's on your system.
2) it will cause an ODBC not to work properly
Ways to avoid this
1) Block the ports used for the Multi manager (might not make it work haven’t used it yet but already tested how it is easy to access via MSSQL manager)
2) Put a very long no meaning passwords
3) make sure you have script to filter out injection attacks
did u end it?
Just finished the registration part lol
I had to learn odbc in php ^_^
So the connection is secure, there's just a few checks I need to put on it then it will be done.
Next I'll do password retrieval via email and reset via email
Then onto clan managing
Then to working with the datafiles and reading those =p
nice guy
^^
now next pass 100% skills ^^
They're kinda sorta messy lol and not too user friendly aside from connection settings. I'm thinking of running it all from one page so you only have to download one page and it will do everything you want, that or make a complete cms and touch up on my php skills beforehand to make it a bit more professional lol
**Edit**
Welllll looks like my funder can't pay for this coming month, so I'm dropping the project.
I'll finish the reg script and release it along with the db mods lol
Which may or may not mess up the server
Last edited by Wh005h; 21-04-07 at 03:51 AM.
Reply With Quote![[Request] Account manager in php](http://ragezone.com/hyper728.png)