KaKaCMS v.3.5.5 TRIAL Frantier's Rolled ON

[frantier123]

Note:Please note that this v3.5.5 is only a trial to test the image verification before v4. You may fix the bugs and post it here if you found any bugs cos I know that image verification will cause alot of bugs.

Update for v4:

-Registration with Image Verification (Hopefully I can fix this bug.)
-Rebirth Ranking (Editing Maxxy's .php script for some reasons)
-Introduce Blue Layouts (Tested and working~)
-GM Apply using Vino144's.
-Character Name Changing (Hopefully, I willl try to fix the bug~)

Update log: v3.5.5 TRIAL

-Trial for Image Verification.

Update log v3.5:

-GM Apply
-FoJ Ranking

Download Link v3.5.5 TRIAL
http://www.mediafire.com/?z3ojtzjdnds

DOwnload Link v3.5:
http://www.mediafire.com/?urwyv2zr8rb

Credits:
Everyone who make the script I used =P

[MentaL]

[thegamer1907]

whats the bug with char name change?

[thegamer1907]

and also image verification? do they both work 100%?

[thegamer1907]

and you should check ur channel.php. it doesnt fit the kakacms's layout and the image is missing

[James Renard]

we need aql for gm apliaction

[Cakemasta]

Nice Job Ill Post my Version Of KaKacmsv3 its awseome and sorta like 3.5 but dif layout


but All in all nice work

[pr0666]

nice work dude =)

[Jusor]

hey, firstly, i like to thank the creator of kakacms v3. it has nice designs n all.. Perhaps i could suggest an interesting addition? I added a shoutbox into my website which looks kinda like this :



ok maybe it sucked with the alignment, but at least it worked. PM me if you'd like this addition or would wanna improve then implement it, i'd give u the files. :)

[nguyenictom]

uhh how can i change the background color?

[frantier123]

You see, whn I implant the verification, you still can create a account without or typing the wrong verification.

[thegamer1907]

thats because u didnt implement the checking of security code in register_do.php

[frantier123]

thats because u didnt implement the checking of security code in register_do.php

I did. Either i implant wrong. i

[thegamer1907]

nope you didnt. this is ur reg_do.php:

Code:

<?php
/* Store user details */
$name = $_POST['name'];
$pass = sha1($_POST['pass']);
$email = $_POST['email'];
$dob = $_POST['dob'];
$vpass = sha1($_POST['vpass']);
include('./config2.php');
$sel = 'SELECT * FROM accounts WHERE name="'.$_POST['name'].'"';
if($name == ""){
echo 'No username filled in.';
exit();
}elseif(mysql_num_rows(mysql_query($sel)) >= 1 ){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>This username does already exists!</center>';
exit();
}elseif($pass == ""){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>No password filled in.</center>';
exit();
}elseif($vpass != $pass){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>The passwords did not match.</center>';
exit();
}else{

$d = 'INSERT INTO accounts (name, password, email, birthday) VALUES ("'.$name.'", "'.$pass.'", "'.$email.'", "'.$dob.'")';
mysql_query($d) OR die (mysql_error());
echo '<link rel=stylesheet href="style.css" type="text/css"><center>Your account has been created, you can now login!</center>';
}
?>

you are missing this, which verifies the code :

Code:

if(strtoupper($_POST['code']) == $_SESSION['code']) {
echo '<script type="text/javascript">alert("Congradulations, You have entered the Security code correctly.")</script>';
} else {
echo '<script type="text/javascript">alert("You have entered a wrong Security code, Please try again!")</script><META HTTP-EQUIV="refresh" CONTENT="0;URL='.$regpage.'">';
exit();
        }

and:

Code:

$code = mysql_real_escape_string(trim($_SESSION['code']));

[thegamer1907]

and just to add on your register do is prone to mysql injections.

you should change the user details lines to:

Code:

$name = mysql_real_escape_string(trim($_POST['name']));
$pass = mysql_real_escape_string(sha1($_POST['pass']));
$email = mysql_real_escape_string(trim($_POST['email']));
$dob = mysql_real_escape_string(trim($_POST['dob']));
$vpass = mysql_real_escape_string(sha1($_POST['vpass'])); 
include('./config2.php');
$code = mysql_real_escape_string(trim($_SESSION['code']));
$sel = 'SELECT * FROM accounts WHERE name="'.$name.'"';

to prevent injection attacks

[nmcybro2]

how do i change the forum link at my homepage? which file shld i look out for? im try to find the file but i cant. any help pls.

[ET240]

How to set the ranking and online page to pages, if i got 200 char. the page will be very long, how to set it in like shows 20 in a page.... etc

[vino104]

it's vino104 ^^ very nice, i like, wawawiewa
and post some screenshots please :D
prefer using photobucket

[frantier123]

nope you didnt. this is ur reg_do.php:

Code:

<?php
/* Store user details */
$name = $_POST['name'];
$pass = sha1($_POST['pass']);
$email = $_POST['email'];
$dob = $_POST['dob'];
$vpass = sha1($_POST['vpass']);
include('./config2.php');
$sel = 'SELECT * FROM accounts WHERE name="'.$_POST['name'].'"';
if($name == ""){
echo 'No username filled in.';
exit();
}elseif(mysql_num_rows(mysql_query($sel)) >= 1 ){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>This username does already exists!</center>';
exit();
}elseif($pass == ""){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>No password filled in.</center>';
exit();
}elseif($vpass != $pass){
echo '<link rel=stylesheet href="style.css" type="text/css"><center>The passwords did not match.</center>';
exit();
}else{

$d = 'INSERT INTO accounts (name, password, email, birthday) VALUES ("'.$name.'", "'.$pass.'", "'.$email.'", "'.$dob.'")';
mysql_query($d) OR die (mysql_error());
echo '<link rel=stylesheet href="style.css" type="text/css"><center>Your account has been created, you can now login!</center>';
}
?>

you are missing this, which verifies the code :

Code:

if(strtoupper($_POST['code']) == $_SESSION['code']) {
echo '<script type="text/javascript">alert("Congradulations, You have entered the Security code correctly.")</script>';
} else {
echo '<script type="text/javascript">alert("You have entered a wrong Security code, Please try again!")</script><META HTTP-EQUIV="refresh" CONTENT="0;URL='.$regpage.'">';
exit();
        }

and:

Code:

$code = mysql_real_escape_string(trim($_SESSION['code']));

and just to add on your register do is prone to mysql injections.

you should change the user details lines to:

Code:

$name = mysql_real_escape_string(trim($_POST['name']));
$pass = mysql_real_escape_string(sha1($_POST['pass']));
$email = mysql_real_escape_string(trim($_POST['email']));
$dob = mysql_real_escape_string(trim($_POST['dob']));
$vpass = mysql_real_escape_string(sha1($_POST['vpass'])); 
include('./config2.php');
$code = mysql_real_escape_string(trim($_SESSION['code']));
$sel = 'SELECT * FROM accounts WHERE name="'.$name.'"';

to prevent injection attacks

Thx, I will try it tmr, now go sleep *yawn*

[frantier123]

Ah-ha! I managed to implant verification but nvr test though...go sleep le *yawn*

pls report if any bugs

p/s: pls change the config etc. I was using my own lolx

[nguyenictom]

how do i change background color?

[Justinxvengance]

hey can you help me out
im using you cms and the pages dont load on there
im hosting with godaddy
check my website out
www.thexelite.net/reg

please help me

[holdenms]

OMG!! u used my Channel Script XD thanks Just 1 thing plzzz give me credit! well u did on the site but not on this tread but idc all ik is that u used it XD ppl enver use my stuff i release

EDIT - Here is the Images In This Rar File if u guys needed it
MEDIAFIRE - RapidShare

[FateJiki]

I need the .SQL script for the GM apply.

[nguyenictom]

so can anyone tell me how to change the background?

[frantier123]

hey can you help me out
im using you cms and the pages dont load on there
im hosting with godaddy
check my website out
www.thexelite.net/reg

please help me

Well, it can load. Did you change the files I called u to change?