[Help]Warning in gm panel

I have GM panel and i have warning when i tried something how I can fix it :

Results:
Warning: mssql_query() [function.mssql-query]: message: Conversion failed when converting the varchar value 'asfsaf' to data type int. (severity 16) in C:\AppServ\www\modcp\ecuentas.php on line 206

Warning: mssql_query() [function.mssql-query]: Query failed in C:\AppServ\www\modcp\ecuentas.php on line 206

Warning: mssql_num_rows(): supplied argument is not a valid MS SQL-result resource in C:\AppServ\www\modcp\ecuentas.php on line 207
AID dosent exist

Thanks

Bump!
Help please!

php script bugz. post source

What?>@

are u noob ? he says php script bugz. post source u gotta post the source of ur php dude ur so a dumbass sorry :/

ecuentas.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Fox GunZ Panel : By Emisand</title>
<style type="text/css">
<!--
body,td,th {
color: #3b3131;
}
body {
background-color: #DDDDDD;
}
input {
border: 1px solid #A0A0A4;
color: #808080;
background: #2A3F55;
font-family: Verdana, Arial, Serif;
font-size: 10pt;
text-decoration:inherit
}
-->
</style></head>

<body>
<p><b><font face="Arial">Account Controls</font></b><?php require 'config.php';
function anti_injection($sql)
{
$sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql);

return $sql;
}

// Verificar Campos Vazios

function valida($campos){
foreach($campos as $c){
if(empty($c)){
echo "Complete all textboxs.";
return false;
}else{
return true;
}
}
}
?>
</p>
<table width="980" border="0" bordercolor="#2B60DE">
<tr>
<td style="border-style: solid; border-width: 2px"><font face="Arial"><em><strong>Register New Account</strong></em></td>
</tr>
<tr>
<td><FORM METHOD=POST ACTION="<?php require 'config.php'; echo $_SERVER['PHP_SELF']; ?>?act=register">
User:
<input name="user" type="text" id="user" />
Password:
<input name="pass" type="text" id="pass" />
<input type="submit" name="Submitreg" value="Create Account" />
</form>
</td>
</tr>
<tr>
<td>Results: <?php require 'config.php';
if ($_GET['act'] == 'register')
{
$user = anti_injection($_POST['user']);
$pass = anti_injection($_POST['pass']);
if (valida(Array($user,$pass)) == true)
{
$query = mssql_query("SELECT * FROM Account WHERE UserID='$user'");
if(mssql_num_rows($query)>=1){
echo "Account already exists!";
} else {
$sql = mssql_query("INSERT INTO Account (UserID, Password, UGradeID) VALUES ('$user', '$pass', '0')");
$log = "
The user has registered itself $user";
$ip = $_SERVER['REMOTE_ADDR'];
$fecha = date("d-m-y - H:i:s");
$fileb = fopen("log.txt","r");
$escrito= fread($fileb,1000000);
$file = fopen("log.txt","w+");
$total= "$fecha - $ip: $log
\n\n$escrito";
fwrite($file,$total, 1000000);
fclose($fileb);
fclose($file);
echo "Account: $user Password: $pass";

}
}
}
?></td>
</tr>
</table>
<table width="980" border="0" bordercolor="#2B60DE">
<tr>
<td style="border-style: solid; border-width: 2px"><font face="Arial"><em><strong>Get Account Name by AID</strong></em></td>
</tr>
<tr>
<td><FORM METHOD=POST ACTION="<?php require 'config.php'; echo $_SERVER['PHP_SELF']; ?>?act=getname">
AID:
<input name="personaje" type="text" id="personaje" />
<input type="submit" name="Submit97" value="Find!" />
</form>
</td>
</tr>
<tr>
<td>Results: <?php require 'config.php';
if ($_GET['act'] == 'getname')
{
$pj = anti_injection($_POST['personaje']);
if (valida(Array($pj)) == true)
{
$query = mssql_query("SELECT * FROM Character WHERE Name='$pj'");
if(mssql_num_rows($query)<1){
echo "AID dosent exist";
} else {
$data = mssql_fetch_assoc($query);
$aid = $data['AID'];
$query2 = mssql_query("SELECT * FROM Account WHERE AID='$aid'");
$data2 = mssql_fetch_assoc($query2);
$name = $data2['UserID'];
$log = "Se ha obtenido el nombre de cuenta del pj $pj que es $name";
$ip = $_SERVER['REMOTE_ADDR'];
$fecha = date("d-m-y - H:i:s");
$fileb = fopen("log.txt","r");
$escrito= fread($fileb,1000000);
$file = fopen("log.txt","w+");
$total= "$fecha - $ip: $log
\n\n$escrito";
fwrite($file,$total, 1000000);
fclose($fileb);
fclose($file);
echo "
The Name of account of $pj is $name ";
}
}
}
?></td>
</tr>
</table>
<table width="980" border="0" bordercolor="#2B60DE">

<tr>
<td style="border-style: solid; border-width: 2px"><font face="Arial"><em><strong>Ban Character Account</strong></em></td>
</tr>
<tr>
<td bordercolor="#FF6633"><FORM METHOD=POST ACTION="<?php echo $_SERVER['PHP_SELF']; ?>?act=banchar">
Character:
<input name="char" type="text" id="char" />
<input type="submit" name="SubmitBan" value="Submit Ban" />
</form> </td>
</tr>
<tr>
<td width="730" bordercolor="#FF6633">Results:
<?php
if ($_GET['act'] == 'banchar')
{
$char = anti_injection($_POST['char']);
if (valida(Array($char)) == true)
{
$query = mssql_query("SELECT * FROM Character WHERE Name='$char'");
if(mssql_num_rows($query)<1){
echo "Character Dosent Exist";
} else {
$data = mssql_fetch_assoc($query);
$aid = $data['AID'];
$query2 = mssql_query("UPDATE Account SET UGradeID='253' WHERE AID='$aid'");
$log = "La cuenta del character $char ha sido baneada.";
$ip = $_SERVER['REMOTE_ADDR'];
$fecha = date("d-m-y - H:i ");
$fileb = fopen("log.txt","r");
$escrito= fread($fileb,1000000);
$file = fopen("log.txt","w+");
$total= "$fecha - $ip: $log
\n\n$escrito";
fwrite($file,$total, 1000000);
fclose($fileb);
fclose($file);
echo "Account of $char is banned!";
}
}
}
?></td>
</tr>
</table>
<table width="980" border="0" bordercolor="#2B60DE">
<tr>
<td style="border-style: solid; border-width: 2px"><font face="Arial"><em><strong>Ban Account by AID</strong></em></td>
</tr>
<tr>
<td bordercolor="#2B60DE"><FORM METHOD=POST ACTION="<?php echo $_SERVER['PHP_SELF']; ?>?act=banaid">
AID:
<input name="aid" type="text" id="aid" />
<input type="submit" name="SubmitBan" value="Ban" />
</form> </td>
</tr>
<tr>
<td width="730" bordercolor="#2B60DE">Results:
<?php
if ($_GET['act'] == 'banaid')
{
$aid = anti_injection($_POST['aid']);
if (valida(Array($aid)) == true)
{
$query = mssql_query("SELECT * FROM Account WHERE AID='$aid'");
if(mssql_num_rows($query)<1){
echo "AID dosent exist";
} else {
$query2 = mssql_query("UPDATE Account SET UGradeID='253' WHERE AID='$aid'");
$log = "AID $aid ha sido baneada.";
$ip = $_SERVER['REMOTE_ADDR'];
$fecha = date("d-m-y - H:i ");
$fileb = fopen("log.txt","r");
$escrito= fread($fileb,1000000);
$file = fopen("log.txt","w+");
$total= "$fecha - $ip: $log
\n\n$escrito";
fwrite($file,$total, 1000000);
fclose($fileb);
fclose($file);
echo "AID $aid is banned.";
}
}
}
?></td>
</tr>
</table>
</body>

</html>

eh. lul. script seems is ok. u entered wrong parameters. U supposed to enter digits instead 'asfsaf' if u wanted to search by Account ID. u entered text and got datatype conflict.
u can change on line 203
$aid = anti_injection($_POST['aid']);
to
$aid = (int)anti_injection($_POST['aid']);
u will not get error even if u enter text then. if u will enter "blabla23" it will find info on 23 rd account.
RTFM b4 using any CPs next time.
good luck ;)

Thanks Girbicid I will try it =)

Haha lol You Have So Many Problems Ron xD

I know...

Girbicid pro phper =DD

Quote:

---

Originally Posted by rodanio14

Girbicid pro phper =DD

---

All I See iis that u spam in topic's calling other people fuckers , noobs , stupid and other shit. have some respect here..Help this kid....wait i forgot u don't know shit about gunz servers.

Hahahahaha.

Yeah.

Owell Back On Topic....

Need Anymore Help In Anythign Ron?

If You Do Add My Msn sexy-fire-slash@hotmail.com

mine says

Deprecated: Call-time pass-by-reference has been deprecated in C:\AppServ\www\GMCP\ajax\sql.php on line 23

the code is

Code:

---

while( $this->temp = odbc_fetch_into ( $this->result , & $this->counter )){

---

Failure bump......