Flyff Silver Theme 1.1a

[Imanso]

Flyff Silver Theme 1.1a​

First say hi for everyone in ragezone.com this is my first release after left ragezone for 1 years tt1: my english is not strong so please don't rampage to me.


it's simple php.

SIMPLE SYSTEM IN THIS WEBSITE
- Register Page
- Ranking
- Itemshop
- News System
- Slide picture system


User CP
- edit password
- edit delete character password
- edit exit guild time

Admin CP
- ADD / EDIT NEWS
- ADD / EDIT ITEMSHOP
- ADD / EDIT ITEM SLIDE

It's Thai so you can translate by google. (not much)


How to install
1.Modify ACCOUNT_TBL and add new column
- email varchar(50)
- registerdate varchar(50)
- cash int(11)
2.open database.sql and execute it.

FEATURE
- News Design
- Gift system [ in item mall ]
- Own guild web-board
- Penya Shop Online
- VP-Point Shop (Bonus point after you buy some item in itemshop)
- Reborn System (can edit limit reborn,level to reborn, level after reborn, class after reborn)
- Ticket System
- Player Profiles Blog Page [Player can Design they own profiles]
- Add more Ajax/HTML5 system

i try to sell it before but i think i want to release it :8:

Download :

You must be registered to see links

Report bug here.

i'm not a professional php coder it's simple php script so the source is not clean so try to do by your safe ;p

credit
100% lmanso

By.lmanso
Thank you


V.2 Preview...

 

[audisbroder]

The website looks nice, but the problem for (me) is the fonts. The Arial font looks perfect on websites.
Anyways,
8/10!

 

[ShadowDragon]

Um, the title of this thread should be renamed to Flyff Silver Website 1.1a. When I read Theme, I was thinking in-game theme.

Other than that, the website doesn't look half bad (from what I can tell on that tiny screenshot).

 

[BrainWay]

It looks good but the Screen in this Post is realy small do you release the Psd.datei from the Pictures ? Thx now

and sry for my bad english

 

[Matt Clarke]

You must be registered to see links

- Top Part

You must be registered to see links

- Middle Part

You must be registered to see links

- Bottom Part.

I already got rid of some errors. The Remote Address in the Config file should be:

$ip = $_SERVER['REMOTE_ADDR'];

NOT

$ip= $REMOTE_ADDR;

 

[Imanso]

CC Thank for Report.

 

[Marvinoo]

awesome!

great job!

8/10

 

[tworatz]

Got this error
Notice: Undefined variable: cols in C:\wamp\www\shopimg.php on line 8

i dont know what letters are missing on cols ?

 

[raventh1984]

Its only an notice. Not an big deal. Its not defined properly.

It can do no harm whats so ever.
If you find it annoying then put above it.
$cols = '';

 

[tworatz]

Thanks Raventh that really FIX my problem got so many errors on page and im noob when it comes to scripting if not to much to ask need your help to make this website to work been working on this for 3 days now kinda resolved some errors but still have lots of them unable to fix
really appreciate your help and im doin this for my kids playing with them on the server i created and want their friends to play with and need this website for registration but till now registration still not working maybe im too old for this lolz...
really need help on registration page no errors but no account is registered on server really dont know why??? and how to make it simple just have ( Username, password , repeat password, email )dont like the pin and verify
ERRORS :
Notice: Undefined index: a in C:\wamp\www\register.php on line 282
Notice: Undefined index: account in C:\wamp\www\register.php on line 6


thank you so much for your help and of course to Ragezone

 

[vesim809]

buy.php

$selectitem = "SELECT * FROM shop_tbl WHERE item_id = '".$_GET['a']."'";

login.php

$ss = "SELECT * FROM ACCOUNT_TBL WHERE account = '".$_POST['account']."' and password = '$pass'";

news.php

$news = "SELECT * FROM news_tbl WHERE id = '".$_GET['id']."'";
$newsa = "SELECT * FROM news_tbl WHERE id = '".$_GET['id']."'";

register.php

$user = "SELECT * FROM ACCOUNT_TBL WHERE account = '".$_POST['account']."'";
$insert1 = "INSERT INTO ACCOUNT_TBL(account, password, isuse, member, id_no1, id_no2, realname, email, registerdate) VALUES ('".$_POST['account']."', '$md5ss', 'T', 'A', 'a00000', '".$_POST['id_no2']."', '', '".$_POST['email']."".$_POST['select']."', '$date')";
$insert2 = "INSERT INTO ACCOUNT_TBL_DETAIL(account, gamecode, tester, m_chLoginAuthority, regdate, BlockTime, EndTime, WebTime, isuse) VALUES ('".$_POST['account']."', 'A000', '2', 'F', '$time', '20060101', '20501231', '20060101', 'T')";

shop.php

$character = "SELECT * FROM CHARACTER_TBL WHERE m_szName = '".$_POST['select']."'";

shopde.php

$shopde = "SELECT * FROM shop_tbl WHERE item_id = '".$_GET['id']."'";

user.php

$updateaccount = "UPDATE ACCOUNT_TBL set password = '$md52', id_no2 = '".$_POST['id_no2']."', email = '".$_POST['email']."' WHERE account = '$account'";
$chpassde = "UPDATE ACCOUNT_TBL set id_no2 = '".$_POST['id_no2']."' WHERE account = '$account'";
$updateguild = "UPDATE CHARACTER_TBL set m_tGuildMember = '' WHERE m_szName = '".$_POST['list']."'";

admin/home.php

$login = "SELECT * FROM admin_tbl WHERE username = '".$_POST['username']."' and password = '".$_POST['password']."'";
$news = "INSERT INTO news_tbl(title,description,category,date) VALUES('".$_POST['title']."','".$_POST['text']."','".$_POST['category']."','$date')";
$getnews = "SELECT * FROM news_tbl WHERE id = '".$_GET['id']."'";
$updatenews = "UPDATE news_tbl SET title = '".$_POST['title']."', description = '".$_POST['text']."', category = '".$_POST['category']."' WHERE id = '".$editnfetch['id']."'";
$addslider = "INSERT INTO sliders_tbl(name,images,link) VALUES('".$_POST['name']."','".$_POST['images']."','".$_POST['link']."')";
$getslider = "SELECT * FROM sliders_tbl WHERE id = '".$_GET['id']."'";
$updatesliders = "UPDATE sliders_tbl SET name = '".$_POST['name']."', images = '".$_POST['images']."',link = '".$_POST['link']."' WHERE id = '".$_POST['id']."'";
$updatemalls = "UPDATE shop_tbl SET item_id = '".$_POST['item_id']."', item_name = '".$_POST['item_name']."', item_description = '".$_POST['item_description']."', item_count = '".$_POST['item_count']."', item_Ability = '".$_POST['item_Ability']."', img_type = '".$_POST['img_type']."', price = '".$_POST['price']."', promotion = '".$_POST['promotion']."', catagory = '".$_POST['catalog']."' WHERE id = '".$_POST['id']."'";
$insertmall = "INSERT INTO shop_tbl(item_id,item_name,item_description,item_count,item_Ability,img_type,price,promotion,catagory) VALUES('".$_POST['item_id']."','".$_POST['item_name']."','".$_POST['item_description']."','".$_POST['item_count']."','".$_POST['item_Ability']."','".$_POST['img_type']."','".$_POST['price']."','".$_POST['promotion']."','".$_POST['catalog']."')";

END
Count : 21
SQL Injection?

 

[raventh1984]

No poop .

Btw if you only need an register script. then take an look here at my script.

Spoiler

<?php
//Configuration Settings
ini_set('display_errors', 1); //Show Errors 0 = off, 1 = on
error_reporting(E_ALL);

// SQL Data
define('MSSQL_HOST', ''); // MsSQL Host
define('MSSQL_USER', ''); // MsSQL Username
define('MSSQL_PASS', ''); // MsSQL Password

//Setting the Salt
$salt = '';

//Connecting to mssql
$connect = mssql_connect(MSSQL_HOST, MSSQL_USER, MSSQL_PASS);
if(!$connect)
{
//If the connection is not succes then show the error.
echo 'There is an problem with the query:'.mssql_get_last_message().'';
}
else
{
//If there are no error messages then proceed.
$db = mssql_select_db("ACCOUNT_DBF"); //Database Selecting
if(!$db)
{
//If the script can't connect to the database show an error
echo 'There is an problem with connecting to the database '.mssql_get_last_message().'';
}
else
{
//If there is no error then proceed//

//Here we gonna add an function to prevend mssql_injection
function mssql_escape_string($string) {
$replaced_string = str_replace("'", "''", $string);
return $replaced_string;
}

//Here is the check if the user has submitted the Form.
If($_SERVER['REQUEST_METHOD'] == "POST")
{
if(isset($_POST['reg']))
{
//Checking if the fields are not empty//
if($_POST['account'] == "" || $_POST['pass'] == "" || $_POST['pass2'] == "" || $_POST['reg_email'] == "")
{
$notice = '<font color="red">You are required to fill in all the fields</font>';
}
elseif($_POST['pass'] != $_POST['pass2'])
{
$notice = '<font color="red">Your passwords don\'t match!</font>';
}

else
{
//Here we are going to see if the account name is already been taken//
$sql = "SELECT * FROM ACCOUNT_TBL WHERE account = '".mssql_escape_string($_POST['account'])."'";
if(!$res = mssql_query($sql))
{
//If there is something wrong with the connection show error!//
echo 'There is an error while selecting the account from ACCOUNT_TBL '.mssql_get_last_message().'';
}
else
{
if(mssql_num_rows($res) > 0)
{
$notice = '<font color="red">This account name is already been taken!.<br />Please provide an different Account name!.</font>';
}
else
{
//If there is no other user known then proceed//

//Getting all the info into ACCOUNT_TBL//
$sql_ins = "INSERT INTO [ACCOUNT_TBL]
(account,
password,
isuse,
member,
id_no1,
id_no2,
realname,
reload,
OldPassword,
TempPassword,
cash
)values(
'".mssql_escape_string($_POST['account'])."',
'".mssql_escape_string(md5($salt.$_POST['pass']))."',
'T',
'A',
NULL,
0,
'P',
NULL,
0,
NULL,
0)";
if(!$res_ins = mssql_query($sql_ins))
{
//If there is an error then show it
echo 'You have an error with the query to insert an account. '.mssql_get_last_message().'';
}
else
{
$sql_ins2 =
"INSERT INTO [ACCOUNT_TBL_DETAIL]
(account,
gamecode,
tester,
m_chLoginAuthority,
regdate,
BlockTime,
EndTime,
WebTime,
isuse,
secession,
email)
VALUES
('".mssql_escape_string(strtolower($_POST['account']))."',
'A000',
'2',
'F',
'".mssql_escape_string(date('Ymd H:i:s'))."',
'20010101',
'20990101',
'20050101',
'O',
NULL,
'".mssql_escape_string($_POST['reg_email'])."')";
if(!$res_ins2 = mssql_query($sql_ins2))
{
//If there is an error then show it
echo 'You have an error with the query to insert an account. '.mssql_get_last_message().'';
}
else
{
//If there are no errors then proceed//
$notice = '<font color="green">Your account has been created!</font>';
}
}
}
}
}
}
}

//Here comes the form//
echo '
<form method="post" action="">
<table width="100%">
<tr>
<td>Account name:</td>
<td><input type="text" name="account" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="pass" /></td>
</tr>
<tr>
<td>Repeat Password:</td>
<td><input type="password" name="pass2" /></td>
</tr>
<tr>
<td>Email address:</td>
<td><input type="text" name="reg_email" /></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="reg" value="Register" />
</tr>
</table>
</form>';

//Cheking if the notice is set//
if(isset($notice))
{
echo $notice;
}
}
}
?>

 

[vesim809]

@delete

 

[vesim809]

@delete

 

[tworatz]

Raventh Thank you so much all fixed your really good !!
One last Question ? how can i make it online im using wamp and DUC v4.0.1 with no ip already configured port forwarding on my router tried port: 80 and other port even run test port 80 from wamp it say Port 80 not actually in used

thanks again raventh and to ragezone.......

 

[raventh1984]

I don't know anything about DUC.

But if you open the port inside your router to your intern ip adrress then it should work fine.
If not check these things

1.Check if port 80 is open in your firewall if not then open it.
2. Open the port in your router and tell the router that it needs to go to your intern ip adress.
3. Check if its open on this site

You must be registered to see links

 

[Airofgone]

ok am getting this
Fatal error: Call to undefined function mssql_connect() in C:\xampp\htdocs\index.php on line 4

line 4 looks like this
mssql_connect("$mssql_host","$mssql_user","$mssql_pass") or die("Cannon connect to Server Please contact $adminemail");
can some one help me?

 

[tworatz]

I don't know anything about DUC.

But if you open the port inside your router to your intern ip adrress then it should work fine.
If not check these things

1.Check if port 80 is open in your firewall if not then open it.
2. Open the port in your router and tell the router that it needs to go to your intern ip adress.
3. Check if its open on this site

You must be registered to see links

Aready did port forwarding on my netgear router
but when i check if the port is open on

You must be registered to see links

here is the result
Scanning ports on 180.191.xx.xx


180.191.xx.xx isn't responding on port 80 (http).
really dont know why ??
I use DUC from no-ip.org because i have dynamic IP
thanks raventh for the reply

 

[raventh1984]

Did you open up port 80 in the firewall?
And is the apache server running.

 

[DjAirofgone]

wow 1 week no help!!!