Hey,
A friend wanted this done so he could switch back to UberCMS from Phoenix, but he had issues because of the UberHash and the SSO.
NOTE: YOU MAY NEED SOME TABLES FROM UBERDB.
So here we are, firstly replace your current Uber index.php to:
PHP Code:
<?php
/*=======================================================================
| UberCMS - Advanced Website and Content Management System for uberEmu
| #######################################################################
| Copyright (c) 2010, Roy 'Meth0d' and updates by Matthew 'MDK'
| http://www.meth0d.org & http://www.sulake.biz
| #######################################################################
| This program is free software: you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation, either version 3 of the License, or
| (at your option) any later version.
| #######################################################################
| This program is distributed in the hope that it will be useful,
| but WITHOUT ANY WARRANTY; without even the implied warranty of
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
| GNU General Public License for more details.
\======================================================================*/
require_once "global.php";
if (LOGGED_IN)
{
header("Location: " . WWW . "/me");
exit;
}
$tpl->Init();
$tpl->SetParam('page_title', 'Create your avatar, decorate your room, chat and make new friends.');
$tpl->SetParam('credentials_username', '');
$tpl->AddGeneric('head-init');
$tpl->AddIncludeSet('frontpage');
$tpl->WriteIncludeFiles();
$tpl->AddGeneric('head-overrides-fp');
$tpl->AddGeneric('head-bottom');
$frontpage = new Template('page-fp');
$frontpage->SetParam('login_result', '');
if (isset($_POST['credentials_username']) && isset($_POST['credentials_password']))
{
$frontpage->SetParam('credentials_username', $_POST['credentials_username']);
$credUser = $_POST['credentials_username'];
$credPass = md5($_POST['credentials_password']);
$errors = array();
if (strlen($_POST['credentials_username']) < 1)
{
$errors[] = "Please enter your username";
}
if (strlen($_POST['credentials_password']) < 1)
{
$errors[] = "Please enter your password";
}
if (count($errors) == 0)
{
if ($users->ValidateUser($credUser, $credPass))
{
if (isset($_POST['page']))
{
$reqPage = filter($_POST['page']);
$pos = strrpos($reqPage, WWW);
if ($pos === false || $pos != 0)
{
die("<b>Security warning!</b> A malicious request was detected that tried redirecting you to an external site. Please proceed with caution, this may have been an attempt to steal your login details. <a href='" . WWW . "'>Return to site</a>");
}
else
{
$_SESSION['page-redirect'] = $reqPage;
}
}
$_SESSION['UBER_USER_N'] = $users->GetUserVar($users->Name2id($credUser), 'username');
$_SESSION['UBER_USER_H'] = $credPass;
if (isset($_POST['_login_remember_me']))
{
$_SESSION['set_cookies'] = true;
}
header("Location: " . WWW . "/security_check");
exit;
}
else
{
$errors[] = "Incorrect password";
}
}
if (count($errors) > 0)
{
$loginResult = '<div class="action-error flash-message"><div class="rounded"><ul>';
foreach ($errors as $err)
{
$loginResult .= '<li>' . $err . '</li>';
}
$loginResult .= '</ul></div></div>';
$frontpage->SetParam('login_result', $loginResult);
}
}
$tpl->AddTemplate($frontpage);
$tpl->AddGeneric('footer');
$tpl->Output();
?>
Now replace your current register.php to this (so it doesn't UberHash any passwords).
PHP Code:
<?php
/*=======================================================================
| UberCMS - Advanced Website and Content Management System for uberEmu
| #######################################################################
| Copyright (c) 2010, Roy 'Meth0d' and updates by Matthew 'MDK'
| http://www.meth0d.org & http://www.sulake.biz
| #######################################################################
| This program is free software: you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation, either version 3 of the License, or
| (at your option) any later version.
| #######################################################################
| This program is distributed in the hope that it will be useful,
| but WITHOUT ANY WARRANTY; without even the implied warranty of
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
| GNU General Public License for more details.
\======================================================================*/
require_once "global.php";
require_once "inc/recaptchalib.php";
if (LOGGED_IN)
{
header("Location: " . WWW . "/me");
exit;
}
$tpl->SetParam('error-messages-holder', '');
$tpl->SetParam('post-name', '');
$tpl->SetParam('post-pass', '');
$tpl->SetParam('post-tos-check', '');
$tpl->SetParam('post-mail', '');
if (isset($_GET['doSubmit']))
{
if (isset($_POST['checkNameOnly']) && $_POST['checkNameOnly'] == 'true')
{
$name = $_POST['bean_avatarName'];
echo ' <div class="field field-habbo-name">
<label for="habbo-name">Username</label>
<input type="text" id="habbo-name" size="32" value="' . clean($name) . '" name="bean.avatarName" class="text-field" maxlength="32"/>
<a href="#" class="new-button" id="check-name-btn"><b>Check</b><i></i></a>
<input type="submit" name="checkNameOnly" id="check-name" value="Check"/>
<div id="name-suggestions">';
if ($users->IsNameTaken($name))
{
echo '<div class="taken"><p>Sorry, the name <strong>' . clean($name) . '</strong> is taken!</p></div>';
}
else if ($users->IsNameBlocked($name))
{
echo '<div class="taken"><p>Sorry, that name is reserved or disallowed.</p></div>';
}
else if (!$users->IsValidName($name))
{
echo '<div class="taken"><p>Sorry, that name is invalid. Your name can contain lowercase, uppercase letters, and numbers.</p></div>';
}
else
{
echo '<div class="available"><p>The name <strong>' . clean($name) . '</strong> is available.</p></div>';
}
echo ' </div>
<p class="help">Your name can contain lowercase and uppercase letters and numbers.</p>
</div>';
exit;
}
else if (isset($_POST['bean_avatarName']))
{
$registerErrors = Array();
$name = $_POST['bean_avatarName'];
$password = $_POST['bean_password'];
$password2 = $_POST['bean_retypedPassword'];
$email = $_POST['bean_email'];
$dob_day = $_POST['bean_day'];
$dob_month = $_POST['bean_month'];
$dob_year = $_POST['bean_year'];
//$lang = $_POST['bean_lang'];
$tpl->SetParam('post-name', $name);
$tpl->SetParam('post-pass', $password);
$tpl->SetParam('post-mail', $email);
if (strlen($name) < 1 || strlen($name) > 32)
{
$registerErrors[] = "Your username must be 1 - 32 characters in length.";
}
if ($users->IsNameTaken($name))
{
$registerErrors[] = "Sorry, that name is taken.";
}
else if ($users->IsNameBlocked($name))
{
$registerErrors[] = "Sorry, that name is reserved or disallowed.";
}
else if (!$users->IsValidName($name))
{
$registerErrors[] = "Sorry, that name is invalid. Your name can contain lowercase, uppercase letters, and numbers.";
}
if (strlen($password) < 6)
{
$registerErrors[] = "Your password must be at least 6 characters long.";
}
if ($password != $password2)
{
$registerErrors[] = "Your passwords do not match. Please try again.";
}
if (!$users->IsValidEmail($email))
{
$registerErrors[] = "Invalid e-mail address.";
}
if (!is_numeric($dob_day) || !is_numeric($dob_month) || !is_numeric($dob_year) || $dob_day <= 0 || $dob_day > 31 ||
$dob_month <= 0 || $dob_month > 12 || $dob_year < 1900 || $dob_year > 2010)
{
$registerErrors[] = "Please enter a valid date of birth.";
}
if (!isset($_POST['bean_tos']) || $_POST['bean_tos'] != "accept")
{
$registerErrors[] = "You need to accept the Rules and Terms and Conditions to create an account.";
}
else
{
$tpl->SetParam('post-tos-check', 'checked');
}
/*if (strtolower($lang) != "yes, i will speak english" && strtolower($lang) != "yes, i will speak english.")
{
$registerErrors[] = "You must verify you will speak English to create an account.";
}*/
$resp = recaptcha_check_answer ('6Le-aQoAAAAAAKaqhlUT0lAQbjqokPqmj0F1uvQm', $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid)
{
$registerErrors[] = "Invalid captcha code.";
}
if (count($registerErrors) <= 0)
{
// Add user
$users->add($name, md5($password), $email, 1, 'hr-165-45.hd-207-9.ch-255-64.lg-275-64.sh-305-64', 'M');
// Log user in
$_SESSION['SHOW_WELCOME'] = true;
$_SESSION['UBER_USER_N'] = $name;
$_SESSION['UBER_USER_H'] = md5($password);
// Redirect user to welcome page
header("Location: /register/welcome");
exit;
}
else
{
$errResult = '<div class="error-messages-holder">
<h3>Please fix the following problems and resubmit the form.</h3>
<ul>';
foreach ($registerErrors as $err)
{
$errResult .= '<li><p class="error-message">' . $err . '</p></li>';
}
$errResult .= '</ul></div>';
$tpl->SetParam('error-messages-holder', $errResult);
}
}
}
$tpl->Init();
$tpl->AddGeneric('head-init');
$tpl->AddIncludeSet('register');
$tpl->WriteIncludeFiles();
$tpl->AddGeneric('head-bottom');
$tpl->AddGeneric('page-register');
$tpl->AddGeneric('footer');
$tpl->SetParam('recaptcha_html', recaptcha_get_html("6Le-aQoAAAAAABnHRzXH_W-9-vx4B8oSP3_L5tb0"));
$tpl->SetParam('page_title', 'Register your account!');
$tpl->Output();
?>
And finally replace your current page-client.php with this;
PHP Code:
<?php
$rand1 = rand(100000, 999999);
$rand2 = rand(10000, 99999);
$rand3 = rand(10000, 99999);
$rand4 = rand(10000, 99999);
$rand5 = rand(10000, 99999);
$rand6 = rand(1, 9);
$ticket = "ST-".$rand1."-".$rand2.$rand3."-".$rand4.$rand5."-otaku-".$rand6;
$username = $_SESSION['UBER_USER_N'];
$query = mysql_query("UPDATE users SET auth_ticket = '$ticket' WHERE username = '$username'");
$query = mysql_query("UPDATE users SET ip_last = '".$_SERVER['REMOTE_ADDR']."' WHERE username = '$username'");
?>
<body id="client" class="flashclient">
<script type="text/javascript">
var habboDefaultClientPopupUrl = "%www%/client";
</script>
<noscript>
<meta http-equiv="refresh" content="0;url=%www%/client/nojs" />
</noscript>
<script type="text/javascript">
FlashExternalInterface.loginLogEnabled = true;
FlashExternalInterface.logLoginStep("web.view.start");
if (top == self) {
FlashHabboClient.cacheCheck();
}
var flashvars = {
"client.allow.cross.domain" : "1",
"client.notify.cross.domain" : "0",
"connection.info.host" : "127.0.0.1",
"connection.info.port" : "30000",
"site.url" : "%www%",
"url.prefix" : "%www%",
"client.reload.url" : "%www%/account/reauthenticate?page=/flash_client",
"client.fatal.error.url" : "%www%/flash_client_error",
"client.connection.failed.url" : "%www%/client_connection_failed",
"external.hash" : "",
"external.variables.txt" : "http://64.186.134.48/gamedata/external_variables/1.txt",
"external.texts.txt" : "http://64.186.134.48/gamedata/external_flash_texts/1.txt",
"use.sso.ticket" : "1",
<?php
if ($forwardType > 0)
{
echo ' "forward.type" : "' . $forwardType . '",' . LB;
echo ' "forward.id" : "' . $forwardId . '",' . LB;
}
?>
"sso.ticket" : "<?php echo $ticket; ?>",
"processlog.enabled" : "0",
"account_id" : "0",
"client.starting" : "Welcome to Habbo, powered by UberCMS!",
"flash.client.url" : "http://64.186.134.48/gordon/RELEASE63-31911-31885-201103031054_04afc0571359f527bb305734c3b22878/",
"user.hash" : "",
"facebook.user" : "0",
"has.identity" : "0",
"flash.client.origin" : "popup"
};
var params = {
"base" : "http://64.186.134.48/gordon/RELEASE63-31911-31885-201103031054_04afc0571359f527bb305734c3b22878/",
"allowScriptAccess" : "always",
"menu" : "false"
};
if (!(HabbletLoader.needsFlashKbWorkaround())) {
params["wmode"] = "opaque";
}
var clientUrl = "http://64.186.134.48/gordon/RELEASE63-31911-31885-201103031054_04afc0571359f527bb305734c3b22878/Habbo.swf";
try {
if (swfobject.getFlashPlayerVersion().major <= 9) {
clientUrl = "http://64.186.134.48/gordon/RELEASE63-31911-31885-201103031054_04afc0571359f527bb305734c3b22878/Habbo.swf";
}
} catch(e) {}
swfobject.embedSWF(clientUrl, "flash-container", "100%", "100%", "9.0.115", "http://images.habbo.com/habboweb/%web_build%/web-gallery/flash/expressInstall.swf", flashvars, params);
</script>
<div id="overlay"></div>
<div id="client-ui" >
<div id="flash-wrapper">
<div id="flash-container">
<div id="content" style="width: 400px; margin: 20px auto 0 auto; display: none">
<div class="cbb clearfix">
<h2 class="title">Please install Adobe Flash Player.</h2>
<div class="box-content">
<p>You can install and download Adobe Flash Player here: <a href="http://get.adobe.com/flashplayer/">Install flash player</a>. More instructions for installation can be found here: <a href="http://www.adobe.com/products/flashplayer/productinfo/instructions/">More information</a></p>
<p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://images.habbo.com/habboweb/45_0061af58e257a7c6b931c91f771b4483/2/web-gallery/v2/images/client/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p>
</div>
</div>
</div>
<script type="text/javascript">
$('content').show();
</script>
<noscript>
<div style="width: 400px; margin: 20px auto 0 auto; text-align: center">
<p>If you are not automatically redirected, please <a href="/client/nojs">click here</a></p>
</div>
</noscript>
</div>
</div>
<div id="content" class="client-content"></div>
</div>
<div style="display: none">
<div id="habboCountUpdateTarget">
%hotel_status%
</div>
<script language="JavaScript" type="text/javascript">
setTimeout(function() {
HabboCounter.init(600);
}, 20000);
</script>
</div>
<script type="text/javascript">
RightClick.init("flash-wrapper", "flash-container");
</script>
</body>
</html>
- Cheers, have fun ;]
Originally Posted by Jontycat
