[Release] Simple registration page for official server files (php)

[Chern0byl]

index.php

PHP Code:

<?php
/* Simple registration page for silkroad server, by Chernobyl
 * Settings are at _inc/config.php
 * If you get an mssql connection error, while defining totally correct data
 * Just use older ntwdblib.dll for your webserver
*/
require_once('_inc/security.class.php');
require_once('_inc/config.php');

if(!isset($_POST['submit']))
    {
        echo "<table border='1'>
        <form method='post'>
        <td>Username</td><td><input type='text' name='username' maxlength='16'></td><tr/>
        <td>Password[1]</td><td><input type='password' name='pw1' maxlength='32'></td><tr/>
        <td>Password[2]</td><td><input type='password' name='pw2' maxlength='32'></td><tr/>
        <td></td><td><input type='submit' name='submit' value='Register'></td>
        </form>
                </table>";
    }
    else
    {
                if(is_array($user) == true) $err[] = "Username is array, n00p";
        if(is_array($pass1) == true) $err[] = "Pw1 is array, n00p";
        if(is_array($pass2) == true) $err[] = "Pw2 is array, n00p";
        if(strlen($_POST['username']) < 3) $msg[] = "Username too short";
        if(strlen($_POST['username']) > 16)$msg[] = "Username too long";
        if(strlen($_POST['pw1']) < 6) $msg[] = "Password [1] too short";
        if(strlen($_POST['pw1']) > 32)$msg[] = "Password [1] too long";
        if(strlen($_POST['pw2']) < 6) $msg[] = "Password [2] too short";
        if(strlen($_POST['pw']) > 32) $msg[] = "Password [2] too long";
        if($_POST['pw1'] != $_POST['pw2']) $msg[] = "Passwords are not the same";
        
            $sec = new security();
            
            if($sec->is_secure($_POST['username']) == false) $msg[] = "Username contains forbidden symbols";
            if($sec->is_secure($_POST['pw1']) == false) $msg[] = "Password [1] contains forbidden symbols";
            if($sec->is_secure($_POST['pw2']) == false) $msg[] = "Password [2] contains forbidden symbols";
            
            if(count($msg) > 0)
                {
                    for($i = 0; $i < count($msg); $i++)
                        {
                            echo $msg[$i]."<br/>";
                        }
                        return;
                }
                else
                    {
                        //checking damn mssql stuff
                        $accountExists = mssql_num_rows(mssql_query("select StrUserID from TB_User where StrUserID='$_POST[username]'"));
                            if($accountExists > 0) echo "Account with such username already exists<br/>";
                                else
                                {
                                    $pwd = md5($_POST['pw1']);
                                    mssql_query("insert into TB_User(StrUserID,password,sec_primary,sec_content) values('$_POST[username]','$pwd','3','3')");
                                        echo "Account successfully created<br/>";
                                }
                    }

    }
?>

_inc/security.class.php

PHP Code:

<?php
class security
{
function is_secure($string)
            {
            $pattern = "#[^a-zA-Z0-9_\-]#";
                if(preg_match($pattern,$string)==true)return false;
                        else
                        return true;
                }            
}
?>

_inc/config.php

PHP Code:

<?php

$cfg['sql_host'] = ".\SQLEXPRESS";
$cfg['sql_user'] = "sa";
$cfg['sql_pass'] = "1234";
$cfg['sql_db'] = "SRO_VT_ACCOUNT";


$sqlLink = mssql_connect($cfg[sql_host],$cfg[sql_user],$cfg[sql_pass]);
    if(!$sqlLink) die("MSSQL server is not accessable, why should we try to select database ?");
        else
        {
            mssql_select_db($cfg[sql_db],$sqlLink);
        }
?>

[MentaL]

[Vovi]

This will help much in a short future, thanks for release.

[MarcoTozzi]

Thx! and looking forward for Silk releases >:)

[hatibudak]

nice releases.. i still waiting for email registration too.. for more security feature..

[badibatu]

Thx for relase :)

[AngelShade]

Hope to see these files put in function. Thanks for the release its more then enough.

[whhacker93]

Yeah, thanks alot. You're a legend xD

[versacebg]

Not working blank page .... bug ??? hm ?

[RevoLand]

Not working blank page .... bug ??? hm ?

there is no bug, you can't use mssql_connect with iis server so you need appserv or etc.

[versacebg]

there is no bug, you can't use mssql_connect with iis server so you need appserv or etc.

Aha :D oki doki i will try fix soon :)

[sLiM_XaDy]

Guys use Xamp 1.71 bundle, and download the ntwdblib.dll that Chernobyl uploaded to your apache/bin folder and php folder, it will work correctly, then you can do whatever you want, add more queries to those pages and a template etc...

[Maecko]

the page itself works but if i create a account via that page i cant create a character with that account ingame :D S1030 error

[Unif]

i edit code for work with IIS7+PHP+MSSQL 2008

First : install PHP for IIS 7 from this link
Windows Web App Gallery - Install an App

Second : Download SQL Driver for PHP (Works with apache as well) from this link
Download Details - Microsoft Download Center - Microsoft Drivers for PHP for SQL Server

Once installed and configured correctly...

try to use this

config.php

PHP Code:

<?php

$cfg['sql_host'] = "(local)";
$cfg['sql_user'] = "sa";
$cfg['sql_pass'] = "123456";
$cfg['sql_db'] = "SRO_VT_ACCOUNT";
$cfg ['connInfo'] = array("UID"=>$cfg['sql_user'], 
                    "PWD"=>$cfg['sql_pass'],
                    "Database"=>$cfg['sql_db']);

$sqlLink = sqlsrv_connect($cfg[sql_host], $cfg ['connInfo']);
    if($sqlLink === false)
    {
        die("MSSQL server is not accessable, why should we try to select database ?");
    }
?>

index.php

PHP Code:

<?php
/* Simple registration page for silkroad server, by Chernobyl
 * Settings are at _inc/config.php
 * If you get an mssql connection error, while defining totally correct data
 * Just use older ntwdblib.dll for your webserver
*/
require_once('_inc/security.class.php');
require_once('_inc/config.php');

if(!isset($_POST['submit']))
    {
        echo "<table border='1'>
        <form method='post'>
        <td>Username</td><td><input type='text' name='username' maxlength='16'></td><tr/>
        <td>Password[1]</td><td><input type='password' name='pw1' maxlength='32'></td><tr/>
        <td>Password[2]</td><td><input type='password' name='pw2' maxlength='32'></td><tr/>
        <td></td><td><input type='submit' name='submit' value='Register'></td>
        </form>
                </table>";
    }
    else
    {
        if(strlen($_POST['username']) < 3) $msg[] = "Username too short";
        if(strlen($_POST['username']) > 16)$msg[] = "Username too long";
        if(strlen($_POST['pw1']) < 6) $msg[] = "Password [1] too short";
        if(strlen($_POST['pw1']) > 32)$msg[] = "Password [1] too long";
        if(strlen($_POST['pw2']) < 6) $msg[] = "Password [2] too short";
        if(strlen($_POST['pw']) > 32) $msg[] = "Password [2] too long";
        if($_POST['pw1'] != $_POST['pw2']) $msg[] = "Passwords are not the same";
        
            $sec = new security();
            
            if($sec->is_secure($_POST['username']) == false) $msg[] = "Username contains forbidden symbols";
            if($sec->is_secure($_POST['pw1']) == false) $msg[] = "Password [1] contains forbidden symbols";
            if($sec->is_secure($_POST['pw2']) == false) $msg[] = "Password [2] contains forbidden symbols";
            
            if(count($msg) > 0)
                {
                    for($i = 0; $i < count($msg); $i++)
                        {
                            echo $msg[$i]."<br/>";
                        }
                        return;
                }
                else
                    {
                        //checking damn mssql stuff
                        $accountExists =  sqlsrv_num_rows(sqlsrv_query( $sqlLink, "select StrUserID from TB_User where  StrUserID='$_POST[username]'"));
                            if($accountExists > 0) echo "Account with such username already exists<br/>";
                                else
                                {
                                    $pwd = md5($_POST['pw1']);

                                    // Setup the parameter
                                    $sql_params = "INSERT INTO TB_User(StrUserID,password,sec_primary,sec_content)VALUES(?, ?, ?, ?)";

                                    // Set parameter values.
                                    $params = array($_POST[username], $pwd, 3, 3);

                                    // Execute the query.
                                    $query = sqlsrv_query($sqlLink, $sql_params, $params);
                                    if($query)
                                    {
                                        echo "Account successfully created<br />";
                                    }
                                    else
                                    {
                                        echo "Account can not create!<br />";
                                        die( print_r( sqlsrv_errors(), true));
                                    }

                                    // Release resources.
                                    sqlsrv_free_stmt($query);
                                    sqlsrv_close($sqlLink);
                                }
                    }
    }

sorry for my english grammar. :)

[str8killa]

can you add email 2 this so people can reset there accounts?

[Cha0sBG]

nevermind i found the error