Clan Emblem upload issue can someone Help?

Results 1 to 3 of 3
  1. #1
    Valued Member MonkINC is offline
    MemberRank
    Aug 2014 Join Date
    Hong KongLocation
    140Posts

    Clan Emblem upload issue can someone Help?

    So, i was working on Anti-Sql for this. Since html file could have been uploaded for Sql-injection purposes.The issue i'm experiencing with this is that, i can upload emblems just fine, it goes to my database and server emblem folder. However, it fails to upload on my computer side clan/emblem folder. where did i go wrong? any help would be appreciated it.

    PHP Code:
    <?SetTitle("My Gunz! - Upload Clan Emblem");if ($_SESSION['AID'] == ""){    alertbox("Login first!","index.php");    die();    }?><style type="text/css"><!--.Estilo1 {font-weight: bold}--></style>
    <table width="802" height="500" border="0" align="center">  <tr>    <td width="100" align="center" valign="top">      <table width="100" height="10" border="0" cellpadding="0" cellspacing="0">        <tr>          <td height="10" align="center"></td>        </tr>      </table></td>    <td width="160" height="26" align="center" valign="top"><? include"other/leftblock.php" ?></td>    <td width="237" align="center" valign="top"><table width="422" height="724" border="0" align="center" cellpadding="0" cellspacing="0">      <tr>        <td align="center" bgcolor="#2f5374" valign="top"><table width="422" border="0">          <tr>            <td align="left" class="estilo2">              <table width="415" height="40" border="0" cellpadding="0" cellspacing="0">                <tr bgcolor="#000000">                  <td height="10" colspan="2"></td>                  </tr>                <tr>                  <td class="estilo2" width="27"><img src="img/mini_detail.gif" width="27" height="25"></td>                  <td height="30" class="estilo6"><strong>UPLOAD CLAN EMBLEM</strong></td>                </tr>              </table></td>          </tr>          <tr>            <td align="center" class="Estilo1"><? if (isset($_GET['step'])) {    $argv explode('-',$_GET['step']);    settype($argv,'array');     $_GET['step'] = @$argv[0];    $_GET['url'] = @$argv[1];    $_GET['do'] = @$argv[2];    $_GET['mess'] = @$argv[3];}$step = !isset($_GET['step']) ? home $_GET['step'] ;        if ($step == '1') { echo'<FORM METHOD=POST ACTION="index.php?gunz=upload&step=2"><table width="350" border="0" cellspacing="0" cellpadding="0" align="center">    <tr>    <td colspan="2" align="center" class="Estilo1">Log in to upload your clan emblem! (Only Leader)</td>    </tr>  <tr>    <td class="Estilo1" align="left" height="20"></td>    <td class="Estilo1" align="right"></td>  </tr>  <tr>    <td class="Estilo1" align="left">User:</td>    <td class="Estilo1" align="right"><input name="user" type="textfield" class="login"/></td>  </tr>  <tr>    <td class="Estilo1" align="left" height="20"></td>    <td class="Estilo1" align="right"></td>  </tr>  <tr>    <td class="Estilo1" align="left">Password:</td>    <td class="Estilo1" align="right"><input name="pass" type="password" class="login"/></td>  </tr>  <tr>    <td class="Estilo1" align="left" height="20"></td>    <td class="Estilo1" align="right"></td>  </tr>    <tr>    <td colspan="2" align="center" class="Estilo1"><input name="submit" type="submit" value="Login" class="login"/></td>    </tr></table></form> ';  } if ($step == '2') { $user1 clean($_POST['user']);$pass1 clean($_POST['pass']);    if (clean(Array($user1,$pass1)) == TRUE){ $query mssql_query("SELECT AID From Login Where UserID = '$user1' AND Password = '$pass1' ");            while($r mssql_fetch_array($query)){if (mssql_num_rows($query) == 1){                        $query2 mssql_query("SELECT Login.UserID, Login.Password, ClanMember.Grade, Clan.EmblemUrl, Clan.Name, Clan.CLIDFROM ClanMember INNER JOIN                      Clan ON ClanMember.CLID = Clan.CLID INNER JOIN                      Login INNER JOIN                      Character ON Login.AID = Character.AID ON ClanMember.CID = Character.CID Where Login.UserID = '$user1' and Login.Password = '$pass1' and ClanMember.Grade = '1' ");                      if (mssql_num_rows($query2) >= '1'){                      echo '<form enctype="multipart/form-data" action="index.php?gunz=upload&step=done" method="POST">  <p class="estilo1">Select the image:<br><br>    <input name="uploaded" type="file" class="login"/>  </p>  <p><br />    <input type="submit" value="Upload" class="login"/>    </p><select name="clan" class="login">';                            for($i='';$i < @mssql_num_rows($query2);++$i){                            $row = @mssql_fetch_row($query2);                            $ClanName $row[4];                            echo '<option value="'.$row[4].'">';echo $row[4];echo'</option>' ;                            }echo'</select></form>';                            }}else { echo " Something wrong, probably you are not clan leader? ";} }                            }            ;        }      ;    if ($step == 'done') {                       $emblem $_POST['uploaded'] ;    $CLID $_POST['clan'];$target "clan/emblem/";$target $target basename$_FILES['uploaded']['name']) ;$ok=1;if (!($_FILES['uploaded']['size']  > '104000')){//echo "Tu imagen es muy grande!.<br>";$ok=1;if(($_FILES['uploaded']['type'] == "image/jpeg")){ $ok=1;//echo "Error de tipo de imagen.<br>";}if(($_FILES['uploaded']['type'] == "image/PNG")){ $ok=1;//echo "Error de tipo de imagen.<br>";}}else { $ok=0;}
    //

    if ($ok==0){echo "Sorry, the file was not sent!<br />";echo "Please, check the size of your emblem.";}else{if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)){mssql_query ("UPDATE Clan SET EmblemChecksum = EmblemChecksum + 1 WHERE Name = '$CLID'");mssql_query ("UPDATE Clan SET EmblemUrl = 'http://gunzduels.com/".$target."' WHERE Name = '$CLID'");alertbox("Clan Emblem has been uploaded!","index.php");}else{echo "Sorry, this account does not exist or dont have access to upload the emblem.";}}};?></td>          </tr>          <tr>            <td height="5" align="center"></td>          </tr>        </table></td>      </tr>    </table></td>    <td width="190" align="center" valign="top"><? include"other/rightblock.php" ?></td>    <td width="100" align="left" valign="top"><? include"mininew/rightnew.php" ?></td>  </tr></table>


  2. #2
    I am THE DON Joe9099 is offline
    MemberRank
    Jan 2007 Join Date
    England, UkLocation
    3,655Posts

    Re: Clan Emblem upload issue can someone Help?

    Im pretty sure gunz just caches/downloads the emblems from the folder specified in the gunz client system.xml, or when connecting to the server, i actually forgot but it's either both or one of those, so basically it SHOULD be working unless system.xml isn't picking up the correct location (Remember to edit the lines below)



    <EMBLEM_URL>http://127.0.0.1/emblems</EMBLEM_URL>
    <TEMBLEM_URL>http://127.0.0.1/emblems</TEMBLEM_URL>

    THANKS BAI!

  3. #3
    Valued Member MonkINC is offline
    MemberRank
    Aug 2014 Join Date
    Hong KongLocation
    140Posts

    Re: Clan Emblem upload issue can someone Help?

    Quote Originally Posted by Joe9099 View Post
    Im pretty sure gunz just caches/downloads the emblems from the folder specified in the gunz client system.xml, or when connecting to the server, i actually forgot but it's either both or one of those, so basically it SHOULD be working unless system.xml isn't picking up the correct location (Remember to edit the lines below)



    <EMBLEM_URL>http://127.0.0.1/emblems</EMBLEM_URL>
    <TEMBLEM_URL>http://127.0.0.1/emblems</TEMBLEM_URL>

    THANKS BAI!
    That i already know, this is why I'm having hard time. My emblem url is perfectly fine in system.mrs side. You have skype?



Advertisement