Php Scripting

[twiggy345]

hey everyone, i have done some searching on here and google, and just cant seem to find the answer im looking for. I am learning to be a dev and help with a PW server, But i am having a hard time with sending stuff thru the mail from a php script, Like vote coins, Not cubi , but coins that can be spent ingame. If any one would Help me. But pls, I am trying to learn so if u could explain it to me rather then upload something that i dont really need id appreciate it.


P.s. Thank u everyone that has released the tuts on here. They are helping me greatly....

[MentaL]

[das7002]

I did make a php API that I've been using myself but I don't feel confident to release as it isn't quite that stable and has caused services to crash a bit... It does kind of sort of work but until I get it perfected it's not leaving my computer.

You could do it in jsp though, just take a look at GetItem or SendMail plugins for pwAdmin

[twiggy345]

I have looked at it and dont really understand it but i will look at it some more and try to grasp what the codes doing with the info. Thanks

[nofxpunkerbrian]

Before learning the coding area you should design how you want it done, once its designed you only need to then sit and write it out.

This is how my mail system works for Donations:
- User Selects an item
- User Selects character they want the item sending to
- User confirms
- Item is sent

So then now to break it down:
- You will need 2 Tables in SQL (Purchased Table & Items Table)
- Items table will hold all the item information including the octets it takes to generate the item
- Purchased table will hold all the purchase information
- Mail Function can be created by a Java Servlet so then link it to a php script and obviously have it do all the checks
- Java Servlet will read the purchased table get the UID of the Item and which player it is sending to it will then generate the item send it to the user and mark this ID as sent
- User then receives the item and everything is recorded.

[twiggy345]

I was wondering if anyone can assist me on this. I want to combine two things first one was Visads release. But was Reworked by anyhylus

Reworked by me :D aded time restriction 1 vote / 12 h :D LINK

Also i would like to take Ronnys send mail (pwadmin addon)

And add it to this vote script so that when a player votes they will recieve a item ingame to purchase things with. But i Do not know enough about scripting and php to add the 2 together. if anyone would be willing to help and show me what I need to do i would appreaciate it. The script that anyhylus reworked already retrieves login info. I need to add get ID function then have send mail app get id and the item i have setup for use is 26131. So any help on this would be Greatly appreciated. as i have spent several hours looking and researching on google = php. but am having issues finding all the info that i will require to program this function.

[das7002]

I was wondering if anyone can assist me on this. I want to combine two things first one was Visads release. But was Reworked by anyhylus




Also i would like to take Ronnys send mail (pwadmin addon)

And add it to this vote script so that when a player votes they will recieve a item ingame to purchase things with. But i Do not know enough about scripting and php to add the 2 together. if anyone would be willing to help and show me what I need to do i would appreaciate it. The script that anyhylus reworked already retrieves login info. I need to add get ID function then have send mail app get id and the item i have setup for use is 26131. So any help on this would be Greatly appreciated. as i have spent several hours looking and researching on google = php. but am having issues finding all the info that i will require to program this function.

Since as you have said you do not know enough about php/jsp to do that yet I HIGHLY recommend you at the very least learn some more basics. Take a look at the many, many, many programming videos available on Youtube if you don't feel like reading for weeks to get it all. Programming is a very nice skill to have but being any good at it takes months, and years to be great.

If you practice enough you'll figure it all out, us just giving you the code doesn't help you

[twiggy345]

I have basic knowledge of the php and all, I can create the vote no problem.
I have googled till my fingers went numb trying to find how to add the mail function to the script. I have looked back and forth at the pwadmin code and back and forth in a way to figure it out. All im asking for is a little bump in the right direction. Im not asking for a handout just some assistance.

---------- Post added at 05:27 AM ---------- Previous post was at 04:44 AM ----------

this is an error that i have that im trying to work thru. could someone please help me understand what it is telling me?
"\n"; $userIp = (isset($_SERVER['REMOTE_ADDR']) && ($_SERVER['REMOTE_ADDR'] != "")) ? $_SERVER['REMOTE_ADDR'] : "Unknown"; $actualTime = date(DATE_FORMAT); $logEntry = "[ ]
\n"; if (!file_exists(LOG_FILE)) { $logFile = fopen(LOG_FILE,"w"); fwrite($logFile, $logfileHeader); } else { $logFile = fopen(LOG_FILE,"a"); } fwrite($logFile,$logEntry); fclose($logFile); ?>
DATE NAME EMAIL IP
$actualTime $Name $Email $userIp

[Goodlookinguy]

this is an error that i have that im trying to work thru. could someone please help me understand what it is telling me?
"\n"; $userIp = (isset($_SERVER['REMOTE_ADDR']) && ($_SERVER['REMOTE_ADDR'] != "")) ? $_SERVER['REMOTE_ADDR'] : "Unknown"; $actualTime = date(DATE_FORMAT); $logEntry = "[ ]
\n"; if (!file_exists(LOG_FILE)) { $logFile = fopen(LOG_FILE,"w"); fwrite($logFile, $logfileHeader); } else { $logFile = fopen(LOG_FILE,"a"); } fwrite($logFile,$logEntry); fclose($logFile); ?>
DATE NAME EMAIL IP
$actualTime $Name $Email $userIp

What do you mean by error? Syntax or logical? What is that mess of code and text above, is it a sliver of the full code? Do you have the actual full page of code for that matter, 'cause that bit above isn't telling us anything useful.

[twiggy345]

"\n"; $userIp = (isset($_SERVER['REMOTE_ADDR']) && ($_SERVER['REMOTE_ADDR'] != "")) ? $_SERVER['REMOTE_ADDR'] : "Unknown"; $actualTime = date(DATE_FORMAT); $logEntry = "[ ]
\n"; if (!file_exists(LOG_FILE)) { $logFile = fopen(LOG_FILE,"w"); fwrite($logFile, $logfileHeader); } else { $logFile = fopen(LOG_FILE,"a"); } fwrite($logFile,$logEntry); fclose($logFile); ?>
DATE NAME EMAIL IP
$actualTime $Name $Email $userIp





when i try to login to the database using the script i am using i get all that at the bottom of the page. Im assuming that its an error becuase it isnt on the page Prior to voting, although it changes pages after the login. If its not an error, then why is it showing up on the bottom of the webpage? And yes it is part of the code. but i dont know why its showing up on the webpage its supposed to be hidden.





Edit: Ok, i found that it was a syntax error. I didnt know how to fix i just deleted it. Its the part that writes to a log file.

[twiggy345]

would someone pls tell me why i am not getting a login text box with this code. In Dreamweaver it shows that the text box is there and the Submit button. But when i load it to the webpage its not. I just get a blank page.



<?require(;refreward.php;); ?>
<?
session_name("MyLogin");
session_start();
session_destroy();

if($_GET['login'] == "failed") {
print $_GET['cause'];
}
?>
<form name="login_form" method="post" action="log.php?action=login">
<p>Login:
<input type="text" name="user"><BR>
</p>
<blockquote>
<blockquote>
<p>
<input type="submit">

[das7002]

would someone pls tell me why i am not getting a login text box with this code. In Dreamweaver it shows that the text box is there and the Submit button. But when i load it to the webpage its not. I just get a blank page.



<?require(;refreward.php;); ?>
<?
session_name("MyLogin");
session_start();
session_destroy();

if($_GET['login'] == "failed") {
print $_GET['cause'];
}
?>
<form name="login_form" method="post" action="log.php?action=login">
<p>Login:
<input type="text" name="user"><BR>
</p>
<blockquote>
<blockquote>
<p>
<input type="submit">

Syntax for require is

Code:

require "file.php";

OR

Code:

require("file.php");

Why are you destroying the session immediately after creating it?
You are obviously missing the rest of the form... as there is no </form>

Dreamweaver is nice and all but it doesn't exactly make very nice code all the time, if you want the code to work do not rely on WYSIWYG editors. HTML isn't hard and manually writing it you are more familiar with where errors could be...

[Goodlookinguy]

There are multiple things that came across as wrong when I looked at your script. First, everything das7002 wrote, second appears to be what you were trying to do with the incoming GET data.

Fixed main things, and noted about other things

PHP Code:

<?php
error_reporting(E_ALL & ~E_NOTICE);
header("Content-Type: text/html");

require_once("refreward.php");

session_name("MyLogin");
session_start();

// isset() isn't used, which means this should throw a NOTICE if error_reporting was set to display a NOTICE.
if($_GET['login'] == "failed") {
  // Use echo, print has extra unnecessary overhead
  echo $_GET['cause']; // This is vulnerable code
  // Use htmlentities($_GET['cause'],ENT_QUOTES);
  // or, to be honest, just don't do this at all!
}
?>
<form method="post" action="log.php?action=login">
  <p>Login:
  <input type="text" name="user" /><br />
  </p>
  <blockquote>
    <p>
      <input type="submit" />
    </p>
  </blockquote>
</form>

You might want to refrain from creating a login system if you don't understand php very well. Or even HTML for that matter.

------
If you really need to do this, you can PM me and I can give my contact info for an IM program. My actual job is writing php web apps. And, most of the time, is just writing the security portions for them. Since server security is my expertise. And you really seem like you need someone who knows what they're doing, otherwise you'll be exploited in a heartbeat.

[LikeTears]

Hey, some edit's

Not coded anything in 3 months though maybe i'm rusty :/

Code:

<?php
error_reporting(E_ALL & ~E_NOTICE);
header("Content-Type: text/html");

require_once("refreward.php");

session_name("MyLogin");
session_start();

// isset() isn't used, which means this should throw a NOTICE if error_reporting was set to display a NOTICE.
if($_POST['login'] == "failed") { //$_GET[''] ermm GET shouldn't be used on logins. It desplys in the URL
  // Use echo, print has extra unnecessary overhead
  echo $_GET['cause']; // This is vulnerable code
  // Use htmlentities($_GET['cause'],ENT_QUOTES);
  // or, to be honest, just don't do this at all!
}
// comment for line below, your using method POST but using GET in the code.
?>
<form method="post" action="log.php">
  <p>Login:
  <input type="text" name="user" /><br />
  </p>
  <blockquote>
    <p>
      <input type="submit" />
    </p>
  </blockquote>
</form>

I've never worked with a this script before. I cant see the included/required files or thier content.

But hope that cleared something up, if not sorry :O

May have made a mistake but im only human-ish :)


BIG EDIT: Fail on my part..

Seen your post again and noticed I changed the form :O oops

[Goodlookinguy]

In the last 2-days I've written like 700+ lines of code for a new php-based PW API for twiggy345. I wouldn't worry about this thread anymore. twiggy345 will likely release my code when I give it to him.

---
LikeTears: I should note that the GET method can be used to invoke the specific action you wish to take on the next page. While I have no idea what the code was aiming at, the "action=login" means that the page he was sending it to, was told to perform whatever if ($_GET['action'] == "login") told it to do. So retrieving the GET command was fine, it only wanted to see if, when the header redirected to that page, that $_GET['login'] == "failed" or "?login=failed".