[Release]LoginServer login.php api

[Alin1337]

Below you`ll find the Login API , it will stop users from logging in with any password (merely just a fix), also the password is stored in MD5 form in Passphrase field in DNMembership.Accounts

<?php 
define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "dbUserPassHere");

$id = $_POST['id']; 
$pass = $_POST['password']; 

if(isset($id) && isset($pass)) {
mssql_connect(DB_HOST,DB_USER,DB_PASSWORD); 
mssql_select_db("DNMembership"); //ip .. others 
$exists = mssql_query("Select AccountID from Accounts where AccountName='$id'");
    
    if(mssql_num_rows($exists) > 0)
    {

    $login = mssql_query("Select AccountID from Accounts where AccountName='$id' and Passphrase=0x$pass");
        
        if(mssql_num_rows($login) > 0) { 
            echo "S000"; //all ok
        }else{
            echo "E203"; //incorrect password
        }
    }else{
    echo "E202"; //account does not exist
    }

}

?>

Also here is a small script that i used in website for account creation.

$SQL->select("DNMembership");
$SQL->query("insert into dbo.Accounts (AccountName,Passphrase,AccountLevelCode,SecondAuthFailCount,SecondAuthCode,SecondAuthLockFlag,CharacterCreateLimit,CharacterMaxCount,RegisterDate,PublisherCode) values ('$user',CONVERT(BINARY(20),HashBytes('MD5', '$pass'),2),0,0,1,'false',4,8,GETDATE(),0)");

I don't see very much development around here ,developers get out of your caves and share with the community.

 

[snkdemon]

nice share

 

[okarve0007]

umhhh...

Hi thank you for shared this i stupid don't understand.

this can fix gtdn 7 class Login verification . and can create assasin class.

Thank you Master

 

[noriel]

Hello is this solved this problem?

Where should I put that login.php code.

I only have login.kreon.php at c:\xampp\htdocs\dn

 

[Alin1337]

Replace all code from login.kreon.php with the code above.
Also you need to have password in field Passphrase , look at the script for creating accounts I given above.

 

[noriel]

Then where should I put this code?

$SQL->select("DNMembership");
$SQL->query("insert into dbo.Accounts (AccountName,Passphrase,AccountLevelCode,SecondAuthFailCount,SecondAuthCode,SecondAuthLockFlag,CharacterCreateLimit,CharacterMaxCount,RegisterDate,PublisherCode) values ('$user',CONVERT(BINARY(20),HashBytes('MD5', '$pass'),2),0,0,1,'false',4,8,GETDATE(),0)");

Sorry for the question I am still newbie.
Looking forward to be a developer if it helps me.

insert into dbo.Accounts (AccountName,Passphrase,AccountLevelCode,SecondAuthFailCount,SecondAuthCode,SecondAuthLockFlag,CharacterCreateLimit,CharacterMaxCount,RegisterDate,PublisherCode) values ('admin',CONVERT(BINARY(20),HashBytes('MD5', 'pasword'),2),100,0,1,'false',4,8,GETDATE(),0)

I tried to use this in the new query of DNMembership but when I tried to login.. the login become disabled and I wait to long for nothing.

Notice: Use of undefined constant DB_HOST - assumed 'DB_HOST' in C:\xampp\htdocs\dn\login.kreon.php on line 2
Notice: Use of undefined constant DB_USER - assumed 'DB_USER' in C:\xampp\htdocs\dn\login.kreon.php on line 3
Notice: Use of undefined constant DB_PASSWORD - assumed 'DB_PASSWORD' in C:\xampp\htdocs\dn\login.kreon.php on line 4
Notice: Undefined index: id in C:\xampp\htdocs\dn\login.kreon.php on line 6
Notice: Undefined index: password in C:\xampp\htdocs\dn\login.kreon.php on line 7

when I check http://127.0.0.1/dn/login.kreon.php there is an error. what should be the problem?

define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "qorhvk!@#");

Notice: Use of undefined constant DB_HOST - assumed 'DB_HOST' in C:\xampp\htdocs\dn\login.kreon.php on line 2
Notice: Use of undefined constant DB_USER - assumed 'DB_USER' in C:\xampp\htdocs\dn\login.kreon.php on line 3
Notice: Use of undefined constant DB_PASSWORD - assumed 'DB_PASSWORD' in C:\xampp\htdocs\dn\login.kreon.php on line 4
Notice: Undefined index: id in C:\xampp\htdocs\dn\login.kreon.php on line 6
Notice: Undefined index: password in C:\xampp\htdocs\dn\login.kreon.php on line 7

when I check

You must be registered to see links

there is an error. what should be the problem?

define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "qorhvk!@#");

Do we really need to use binary? or we can also update the table to varchar and password still works if that happens?

 

[Alin1337]

add

error_reporting(0);

on login.php after

<?php

 

[noriel]

<?php error_reporting(0);
define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "qorhvk!@#");

$id = $_POST['id'];
$pass = $_POST['password'];

if(isset($id) && isset($pass)) {
mssql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mssql_select_db("DNMembership"); //ip .. others
$exists = mssql_query("Select AccountID from Accounts where AccountName='$id'");

if(mssql_num_rows($exists) > 0)
{

$login = mssql_query("Select AccountID from Accounts where AccountName='$id' and Passphrase=0x$pass");

if(mssql_num_rows($login) > 0) {
echo "S000"; //all ok
}else{
echo "E203"; //incorrect password
}
}else{
echo "E202"; //account does not exist
}

}

?>

I did what you say but I still got Invalid Request even I login the correct or wrong password.

You must be registered to see links

Is this binary date on red circle is normal?

 

[Alin1337]

Yes it is , add this one too

ini_set('display_errors', 'Off');

 

[noriel]

On what part should I add?

<?php error_reporting(0);
define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "qorhvk!@#");

$id = $_POST['id'];
$pass = $_POST['password'];

if(isset($id) && isset($pass)) {
mssql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mssql_select_db("DNMembership"); //ip .. others
$exists = mssql_query("Select AccountID from Accounts where AccountName='$id'");

if(mssql_num_rows($exists) > 0)
{

$login = mssql_query("Select AccountID from Accounts where AccountName='$id' and Passphrase=0x$pass");

if(mssql_num_rows($login) > 0) {
echo "S000"; //all ok
}else{
echo "E203"; //incorrect password
}
}else{
echo "E202"; //account does not exist
}

}
ini_set('display_errors', 'Off');
?>

same Invalid Request when I add it below.

 

[Alin1337]

those 2 codes , add them at line 2!!! before define...

 

[noriel]

Sorry I am stupid but I already solved the "Invalid request" problem.
I just retored the clean db again and use this code below.

<?php echo "S000"; ?>

When I use this codes:

<?php
error_reporting(0);
ini_set('display_errors', 'Off');

define(DB_HOST, "127.0.0.1");
define(DB_USER, "DragonNest");
define(DB_PASSWORD, "qorhvk!@#");

$id = $_POST['id'];
$pass = $_POST['password'];

if(isset($id) && isset($pass)) {
mssql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mssql_select_db("DNMembership"); //ip .. others
$exists = mssql_query("Select AccountID from Accounts where AccountName='$id'");

if(mssql_num_rows($exists) > 0)
{

$login = mssql_query("Select AccountID from Accounts where AccountName='$id' and Passphrase=0x$pass");

if(mssql_num_rows($login) > 0) {
echo "S000"; //all ok
}else{
echo "E203"; //incorrect password
}
}else{
echo "E202"; //account does not exist
}

}

?>

this code is diff I still get "Invalid request" if I used this.

Now my problem is when I tried to login to the channel. It's stuck and says "Unable to connect to the database".
Thank you for your help and I hope you can still help me on this problem.

 

[izzycshulze1766]

Where is Administration forum.ragezone.com ??

Can I contact Administration? It is important. Thank.

 

[rochey]

hello i i am trying this but not know why not working the id can still log in