i use select no in istall.php in cp ran in md5 but the pass 1 and pass 2 is md5.. not change.. sorry bad english
i use select no in istall.php in cp ran in md5 but the pass 1 and pass 2 is md5.. not change.. sorry bad english
remove the md5 php hash on your cp website, edit the php code
how can determine what notepad i can edit??
Last edited by danicazz03; 26-10-11 at 03:16 AM.
look your cp php source code, especialy for registration php source code...
$password = substr(md5($password),0,19);
$password = strtoupper($password);
$sandi = substr(md5($sandi),0,19);
$sandi = strtoupper($sandi);
i remove this?? red??
yup make it like thisOriginally Posted by danicazz03
$password=$password;
$sandi=$sandi;
ok thnx what how to solve the field server gl guidance??
sir im done to do and its successful , but i cant log in on control panel , and i have checked on my data base ,the password that i registered is same .. teh problem i cant log in to the CP
<?
function jump($location)
{
header('Location: '.$location.'');
}
function login()
{
if (isset($_POST["account_login"]))
{
require("config.php");
$accountid = stripslashes($_POST['login']);
$_POST['pass'] = strtoupper(substr(md5($_POST['pass']),0,19));
$passwordid = stripslashes($_POST['pass']);
$accountid = clean_var($accountid);
$passwordid = clean_var($passwordid);
if (($accountid == NULL) || ($passwordid == NULL)) {}
if($muweb['md5'] == 1){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username =? AND UserPass = ?",array($accountid,$passwordid,$accountid)); }
elseif ($muweb['md5'] == 0){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username =? AND UserPass =?",array($accountid,$passwordid)); }
$login_result = $login_check->numrows();
if ($login_result == 0) {}
if ($login_result > 0)
{
$_SESSION['user'] = $accountid;
$_SESSION['pass'] = $passwordid;
jump('index.php');
}
}
if (isset($_POST["logoutaccount"]))
{
unset($_SESSION['user']);
unset($_SESSION['pass']);
jump('index.php');
}
}
function login1()
{
if (isset($_POST["account_login1"]))
{
require("config.php");
$accountid = stripslashes($_POST['login']);
$_POST['pass'] = strtoupper(substr(md5($_POST['pass']),0,19));
$passwordid = stripslashes($_POST['pass']);
$accountid = clean_var($accountid);
$passwordid = clean_var($passwordid);
if (($accountid == NULL) || ($passwordid == NULL)) {}
if($mweb['md5'] == 1){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username =? AND UserPass = ?",array($accountid,$passwordid,$accountid)); }
elseif ($mweb['md5'] == 0){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username =? AND UserPass =?",array($accountid,$passwordid)); }
$login_result = $login_check->numrows();
if ($login_result == 0) {}
if ($login_result > 0)
{
$_SESSION['user'] = $accountid;
$_SESSION['pass'] = $passwordid;
jump('index.php');
}
}
if (isset($_POST["logoutaccount1"]))
{
unset($_SESSION['user']);
unset($_SESSION['pass']);
jump('webshop.php');
}
}
function logincheck()
{
if (isset($_SESSION['pass'])){$pass = stripslashes($_SESSION['pass']);}
if (isset($_SESSION['user']))
{
$login = stripslashes($_SESSION['user']);
{
$pass = clean_Var($pass);
$login = clean_Var($login);
require("config.php");
if($mweb['md5'] == 1){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username = ? AND UserPass = ?",array($login,$pass,$login));}
elseif($mweb['md5'] == 0){
$login_check = $db->Execute("SELECT * FROM UserInfo WHERE Username =? AND UserPass =?",array($login,$pass));}
$login_result = $login_check->numrows();
if ($login_result == 0)
{
unset($_SESSION['user']);
unset($_SESSION['pass']);
jump('index.php');
}
}
}
}
function check_user()
{
if($_GET['op'] == "user" AND (!isset($_SESSION["user"])) || (!isset($_SESSION["pass"])))
{
jump('index.php?op=myaccount');
}
if($_GET['op'] == "myaccount" AND (isset($_SESSION["user"])) || (isset($_SESSION["pass"])))
{
jump('index.php');
}
}
?>
how to change the md5 on this??
problem solve ^_^
^
^
^
that is a code? is it working if either can i copy this ^_^ just only ask hehehe
disable md5 in sql . dbo.Userinfo click design find MD5 then make it 0
1=MD5
0=NON MD5
bro thanks for reply .. but your idea i have already did that, our problem is we need to disable md5 pass in rancp php code, ep6s1 not supported of md5 pass ,correct me if im wrong
yeah turn 1 to 0 to make it non md5 ^_^ hope you like it heheh
if not work in sql try this
1.find $_POST['pass'] = strtoupper(substr(md5($_POST['pass']),0,19)); this and make it this
$_POST['pass'] = strtoupper($_POST['pass']); <-- what is it to make user or accout access in Cp.
2.change this if($mweb['md5'] == 1)
and make it this if($mweb['md5'] == 0)
100% working to me
hope you understand my istruction ^_^
Last edited by grahamtar0z; 05-11-11 at 03:37 PM.
regarding the cp
php source code...
i will only delete the md5 ??? there and put nothing ?
<?
error_reporting(E_ALL ^E_NOTICE ^E_WARNING);
session_start();
header("Cache-control: private");
ob_start();
include ('../../settings.php');
$EnD = mssql_fetch_array(mssql_query("SELECT * FROM $dfsql[db1].dbo.enable_disable"));
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<script type="text/javascript" src="js/jquery-1.2.6.min.js"></script>
<script type="text/javascript" src="js/jquery-ui-personalized-1.5.2.packed.js"></script>
<script type="text/javascript" src="js/sprinkle.js"></script>
<script type="text/javascript" src="../../themes/js/jquery.jgrowl.js"></script>
<?php
// This function tests whether the email address is valid
function isValidEmail($email){
$pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";
if (eregi($pattern, $email)){
return true;
}
else {
return false;
}
}
?>
<link href="reg.css" rel="stylesheet" type="text/css" />
<style type="text/css">
body { font-family: sans-serif; font-size: 0.8em; padding: 20px; }
#result { border: 1px solid green; width: 300px; margin: 0 0 35px 0; padding: 10px 20px; font-weight: bold; }
#change-image { font-size: 0.8em; }
</style>
</head>
<body onload="document.getElementById('captcha-form').focus()">
<div class="reg_content">
<div class="label"><p1>Register</p1><p2> New User</p2></div>
<form name="login" method="post">
<table width="100%">
<tr>
<td align="right"><la>UserName :</la></td>
<td><input name="Username" type="text" class="reg_form" value="<?=$_POST[Username]?>"/></td>
</tr>
<tr>
<td align="right"><la>Password :</la></td>
<td><input name="Password" type="password" class="reg_form" value="<?=$_POST[Password]?>"/></td>
</tr>
<tr>
<td align="right"><la>ReType Password :</la></td>
<td><input name="RePassword" type="password" class="reg_form" value="<?=$_POST[RePassword]?>"/></td>
</tr>
<tr>
<td align="right"><la>Pin Code :</la></td>
<td><input name="Pin" type="password" class="reg_form" value="<?=$_POST[Pin]?>"/></td>
</tr>
<tr>
<td align="right"><la>Email :</la></td>
<td><input name="Email" type="text" class="reg_form" value="<?=$_POST[Email]?>"/></td>
</tr>
<tr>
<td align="right"><la>Secret Question :</la></td>
<td><select name="Question" width="300" class="reg_form">
<option selected="selected" value="">-Select One-</option>
<option value="1" >What is the first name of your favorite uncle?</option>
<option value="2" >Where did you meet your spouse?</option>
<option value="3" >What is your oldest cousin's name?</option>
<option value="4" >What is your youngest child's nickname?</option>
<option value="5" >What is your oldest child's nickname?</option>
<option value="6" >What is the first name of your oldest niece?</option>
<option value="7" >What is the first name of your oldest nephew?</option>
<option value="8" >What is the first name of your favorite aunt?</option>
<option value="9" >Where did you spend your honeymoon?</option>
</select>
</td>
</tr>
<tr>
<td align="right"><la>Secret Answer :</la></td>
<td><input name="Ans" type="text" class="reg_form" value="<?=$_POST[Ans]?>"/></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td colspan="2" align="center">
<input name='__reg_act' type='hidden' value='__reg_act'>
<input type="submit" name="login" id="log_button" Value="Register">
</td>
</tr>
</table>
</form>
<?
if (isset($_POST[__reg_act]))
{
$error = 0;
if ($_POST[Username]==NULL || $_POST[Username]==Username)
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Fill Up Username to continue", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$userid = strlen($_POST[Username]);
$passid = strlen($_POST[Password]);
$pin = strlen($_POST[Pin]);
if (($userid < 4 || $userid > 15)||($passid < 4 || $passid > 12)||($pin < 4 || $pin > 12))
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Password and PinCode is incorrect it must be 4 to 12 and Username 4 to 15", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
if (($_POST[Password]=="Password") || ($_POST[Password]==NULL))
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Fill Up Password to continue", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
}
if ($_POST[Password]!=$_POST[RePassword])
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Password not Match", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$pass = stripslashes($_POST[Password]);
$userid = stripslashes($_POST[Username]);
$pin = strlen($_POST[Pin]);
if(ereg('[^a-zA-Z0-9_.-]', $userid) || ereg('[^a-zA-Z0-9_.]', $pass) || ereg('[^a-zA-Z0-9_.]', $pin))
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Do not use symbols only A-Z,0-9 and Underscore.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
}
if (isValidEmail($_POST['Email'])){
}
else{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Invalid email Address.", {
theme: "error",
speed: "slow",
});</script>';
$email=1;
$error = 1;
exit;
}
$un = strlen($_POST["Email"]);
if ($un < 6 || $un > 32)
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Invalid email Address.", {
theme: "error",
speed: "slow",
});</script>';
$email=1;
$error = 1;
exit;
}
if ($_POST[Question]==NULL)
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Select your secret question.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
if ($_POST[Ans]==NULL)
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Input Secret Answer.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$userid = stripslashes($_POST[Ans]);
if(ereg('[^a-zA-Z0-9_.]', $userid))
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Your Answer must be alphabet.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$un = strlen($_POST[Ans]);
if ($un < 4 || $un > 16)
{
echo'<script>$.jGrowl("<b><u>Register Failed</u></b><br>Your Answer must be 4 to 16 character.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$username_error = "SELECT * FROM $dfsql[db4].dbo.UserInfo WHERE Username = '".$_POST[Username]."' ";
$usernamequery = mssql_query($username_error);
$username = mssql_fetch_array($usernamequery);
if($username)
{
echo'
<script>
$.jGrowl("<b><u>Register Failed</u></b><br>Your Username is already taken.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
$email_error = mssql_query("SELECT * FROM $dfsql[db4].dbo.UserInfo WHERE UserEmail = '".$_POST[Email]."' ");
$emailquery = mssql_fetch_array($email_error);
if($emailquery)
{
echo'
<script>
$.jGrowl("<b><u>Register Failed</u></b><br>Your Email is already taken.", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
if (!empty($_REQUEST['captcha'])) {
if (empty($_SESSION['captcha']) || trim(strtolower($_REQUEST['captcha'])) != $_SESSION['captcha']) {
echo'
<script>
$.jGrowl("<b><u>Register Failed</u></b><br>Please try this code instead", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
else
{
}
$request_captcha = htmlspecialchars($_REQUEST['captcha']);
unset($_SESSION['captcha']);
}
function Random($length=5){
$key = '';
$pattern = "1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM";
for($i=0;$i<$length;$i++){
$key .= $pattern{rand(0,35)};
}
return $key;
}
$vfy = Random(30);
if ($EnD[email_vfy]==1)
{
$to = "$_POST[Email]";
$subject = "Welcome $gamename";
$headers = "From: \r\n";
$headers .= "Reply-To: $gameemail\r\n";
$headers .= "Return-Path: $gameemail\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
$message = '
<style type="text/css">
.container {
background-color: #FFF;
border: thin solid #CCC;
width: 500px;
margin-right: auto;
margin-left: auto;
color: #454545;
font-family: Verdana;
font-size: 11px;
padding-bottom: 10px;
}
.label {
background-color: #333;
font-weight: bold;
margin-bottom: 10px;
color: #FFF;
padding: 3px;
}
.message {
margin: 10px;
}
.links {
text-align: center;
font-family: Arial;
font-size: 16px;
font-weight: bold;
color: #000;
}
</style>
<div class="container">
<div class="label">'.$gamename.'</div>
<div class="message">
Hi! '.$_POST[Username].',
<Br>
<Br>
Your account has been created -- you can now use it to play the game<Br>
<b>Enjoy! Playing </b>
<Br />
<br />
<b>Account Info</b><br />
Username: '.$_POST[Username].'<br>
Password: '.$_POST[Password].'<Br>
PinCode: '.$_POST[Pin].'<Br>
Email: '.$_POST[Email].'<br>
<br>
<div class="links">
<a href="'.$weburl.'/verify.php?vfy='.$vfy.'"><img src="http://121.58.228.76/axel/email/btn.jpg" width="169" height="62" alt="Verify Now!"></div>
</div>
</div>
';
if ( mail($to,$subject,$message,$headers) ) {
if ($error==0)
{
$pass = stripslashes($_POST[Password]);
$userid = stripslashes($_POST[Username]);
$pin = stripslashes($_POST[Pin]);
if ($EnD[md5]==1)
{
$md5pass = strtoupper(substr(md5($pass),0,19));
$md5pin = strtoupper(substr(md5($pin),0,19));
}
else
{
$md5pass = $pass;
$md5pin = $pin;
}
$insert_user = mssql_query("INSERT INTO $dfsql[db4].dbo.UserInfo (UserName,UserID,UserPass,UserPass2,UserEmail,UserSQ,UserSA) VALUES ('".$userid."','".$userid."','".$md5pass."','".$md5pin."','".$_POST[Email]."','".$_POST[Question]."','".$_POST[Ans]."') ");
$insert_Poin = mssql_query("INSERT INTO $dfsql[db1].dbo.Points (UserName,UserPass,Points,VPoints) VALUES ('".$userid."','".$md5pass."','0','0') ");
$insert_vfy = mssql_query("INSERT INTO $dfsql[db1].dbo.Verify (UserName,Email,Code) VALUES ('".$userid."','".$_POST[Email]."','".$vfy."') ");
echo'
<script>
$.jGrowl("<b><u>Register Succcess</u></b><br>Your can now use your account.", {
theme: "success",
speed: "fast",
});</script>';
echo'
<script>
$.jGrowl("<b><u>Check Email</u></b><br>Check your email to verify your account.", {
theme: "",
speed: "slow",
});</script>';
exit;
}
} else {
echo'
<script>
$.jGrowl("<b><u>Register Failed</u></b><br>Server Error please try again", {
theme: "error",
speed: "fast",
});</script>';
$error = 1;
exit;
}
}
else
{
if ($error==0)
{
$pass = stripslashes($_POST[Password]);
$userid = stripslashes($_POST[Username]);
$pin = stripslashes($_POST[Pin]);
if ($EnD[md5]==1)
{
$md5pass = strtoupper(substr(md5($pass),0,19));
$md5pin = strtoupper(substr(md5($pin),0,19));
}
else
{
$md5pass = $pass;
$md5pin = $pin;
}
$insert_user = mssql_query("INSERT INTO $dfsql[db4].dbo.UserInfo (UserName,UserID,UserPass,UserPass2,UserEmail,UserSQ,UserSA) VALUES ('".$userid."','".$userid."','".$md5pass."','".$md5pin."','".$_POST[Email]."','".$_POST[Question]."','".$_POST[Ans]."') ");
$insert_Poin = mssql_query("INSERT INTO $dfsql[db1].dbo.Points (UserName,UserPass) VALUES ('".$userid."','".$md5pass."') ");
echo'
<script>
$.jGrowl("<b><u>Register Succcess</u></b><br>Your can now use your account.", {
theme: "success",
speed: "fast",
});</script>';
exit;
}
}
}
?>
</div>
</form>
</body>
</html>
======================================================================================================
in my SQL
CREATE TABLE [dbo].[UserInfo](
[UserNum] [int] IDENTITY(1,1) NOT NULL,
[UserName] [varchar](20) NOT NULL,
[UserID] [varchar](20) NOT NULL,
[UserPass] [varchar](20) NOT NULL,
[UserPass2] [varchar](20) NOT NULL,
[UserType] [int] NOT NULL,
[UserLoginState] [int] NOT NULL,
[UserAvailable] [int] NULL,
[CreateDate] [datetime] NOT NULL,
[LastLoginDate] [datetime] NOT NULL,
[SGNum] [int] NULL,
[SvrNum] [int] NULL,
[ChaName] [varchar](33) NULL,
[UserBlock] [int] NOT NULL,
[UserBlockDate] [datetime] NOT NULL,
[ChaRemain] [int] NOT NULL,
[ChaTestRemain] [int] NOT NULL,
[PremiumDate] [datetime] NOT NULL,
[ChatBlockDate] [datetime] NOT NULL,
[UserEmail] [varchar](50) NULL,
[UserPoint] [int] NULL,
[Upass] [varchar](50) NULL,
[IpSite] [varchar](50) NULL,
[Donated] [varchar](50) NULL,
[WebLoginState] [varchar](50) NULL,
[last_vote1] [int] NULL,
[last_vote2] [int] NULL,
[last_vote3] [int] NULL,
[last_vote4] [int] NULL,
[last_vote5] [int] NULL,
[last_vote6] [int] NULL,
[date] [datetime] NULL,
[UserAge] [int] NULL,
[OfflineTime] [datetime] NOT NULL,
[GameTime] [datetime] NOT NULL,
[last_vote7] [int] NULL,
[last_vote8] [int] NULL,
[last_vote9] [int] NULL,
[last_vote10] [int] NULL,
[UserIP] [varchar](50) NULL,
[UserLastLoginDate] [datetime] NULL,
[VoteCounts] [int] NOT NULL,
[VipPoints] [smallmoney] NOT NULL,
[VipMem] [int] NOT NULL,
[UserPass1] [varchar](20) NOT NULL,
[VipExpire] [varchar](50) NULL,
[GameTime2] [int] NULL,
[Gametime3] [int] NOT NULL,
[MainCharacter] [varchar](50) NULL,
[AHLoginState] [int] NOT NULL,
[UserPoint2] [int] NULL,
[UserSQ] [varchar](50) NULL,
[UserSA] [varchar](50) NULL,
Reply With Quote