[PHPretro]Staff apps V3.1[safely coded]

Well , hello RZ . Staff apps v3 by me wasnt really safely coded , so here it is V3.1 !
I think you do not need screenies because it is all the same as v3 just re-coded ?

Kk, staff_apps.start.php :

PHP Code:

---

<?php 
/*-----------------------------------------------*\
| Staff Applications V3 coded by StronGCoder      |
| Staff Applications V3.1 re-coded by StronGCoder |
+-------------------------------------------------+
| Do not argue in the thread , this is a release  |
\*-----------------------------------------------*/

require_once('./includes/core.php'); 
require_once('./includes/session.php'); 
$data = new me_sql; 
$lang->addLocale("home.me"); 

$page['id'] = "appsv3"; 
$page['name'] = "Staff Applications V3"; 
$page['bodyid'] = ""; 
$page['cat'] = "community"; 
require_once('./templates/community_header.php'); 
?> 

<div id="container"> 
    <div id="content"> 
    <div id="column1" class="column"> 
                <div class="habblet-container "> 
                        <div class="cbb clearfix pixellightblue "> 

                            <h2 class="title">Staff Applications</span> 
                            </h2> 
<form action="staff_apps.sent.php" method="post"> 
<img src="http://www.habborator.org/badges/badges/ADM.gif" align="left"><img src="http://www.habborator.org/badges/badges/ADM.gif" align="right"></a> 
<br><center><b>Name</b><br>  
<input type="text" name="name"> 
<br><br> 
<b>Username</b><br> 
<input type="text" name="username"><br> 
<br> 
<b>Age</b><br> 
<input type="text-number" name="age"><br> 
<br> 
<b>Email</b><br> 
<input type="email" name="email"><br><br> 
<b>I am applying for ...</b><br> 
<input type="text" name="rank"><br> 
<br> 
<b>Country</b><br> 
<input type="text" name="country"><br><br> 
<b>Users you can bring on ?</b><br> 
<input type="text-numer" name="users_can_bring_on"><br><br> 
<b>Why do you want join the team ?</b> 
<textarea rows="5" cols="50" name="why_u_want_join"> 
</textarea><br><br> 
<b>Why can you improve ?</b> 
<textarea rows="5" cols="50" name="improve"> 
</textarea> 
<br><br> 
<input type="submit" value="Submit"> 
</form> 

</div></div></div> 

    <div id="column2" class="column"> 
                <div class="habblet-container "> 
                        <div class="cbb clearfix pixeldarkblue "> 

                            <h2 class="title">Did i spent ?</span> 
                            </h2> 
<center>We wish you best luck in your application . We will alert you in the hotel , site or email if you spent .<br>Thank you for using our form</center> 
</div></div></div> 
<?php require_once('./templates/community_footer.php');

---

staff_apps.done.php :

PHP Code:

---

<?php 
//heres the query
$sql="INSERT INTO staff_applications_v3 (name, username, age, email, applyfor, country, users_can_bring, why_u_want_join, improve) 
VALUES 
('$_POST[name]','$_POST[username]','$_POST[age]','$_POST[email]','$_POST[rank]','$_POST[country]','$_POST[users_can_bring_on]','$_POST[why_u_want_join]','$_POST[improve]')"; 
?> 

<?php 
/* 
/*-----------------------------------------------*\
| Staff Applications V3 coded by StronGCoder      |
| Staff Applications V3.1 re-coded by StronGCoder |
+-------------------------------------------------+
| Do not argue in the thread , this is a release  |
\*-----------------------------------------------*/



require_once('./includes/core.php'); 
require_once('./includes/session.php'); 
$data = new me_sql; 
$lang->addLocale("home.me"); 

$page['id'] = "appsv3"; 
$page['name'] = "Staff Applications V3"; 
$page['bodyid'] = ""; 
$page['cat'] = "community"; 
require_once('./templates/community_header.php'); 
mysql_query("$sql");
?> 

<div id="container"> 
    <div id="content"> 
    <div id="column1" class="column"> 
                <div class="habblet-container "> 
                        <div class="cbb clearfix pixellightblue "> 

                            <h2 class="title">Sent</span> 
                            </h2> 
<center>Your application at <?php ECHO SHORTNAME; ?> hotel has sent successfully . Please check back later , we will alert you in email , site or hotel if you got your rank .</center> 
</div></div></div> 
<?php require_once('./templates/community_footer.php'); ?>

---

insert to your database :

PHP Code:

---

CREATE TABLE staff_applications_v3 
( 
name varchar(1000), 
username varchar(1000), 
age int, 
email varchar(1000), 
applyfor varchar(1000), 
country varchar(1000), 
users_can_bring int, 
why_u_want_join varchar(10000), 
improve varchar(10000) 
) 


---

goes to housekeeping folder : appsv3.php :

PHP Code:

---

<?php 
/* 

/*-----------------------------------------------*\
| Staff Applications V3 coded by StronGCoder      |
| Staff Applications V3.1 re-coded by StronGCoder |
+-------------------------------------------------+
| Do not argue in the thread , this is a release  |
\*-----------------------------------------------*/



$page['dir'] = '\housekeeping'; 
$page['housekeeping'] = true; 
$page['rank'] = 6; //changed rank to moderator
require_once('../includes/core.php'); 
require_once('./includes/hksession.php'); 
$lang->addLocale("housekeeping.bans"); 
$data = new housekeeping_sql; 

$page['name'] = Staff Applications V3; 
$page['category'] = "users"; 
require_once('./templates/housekeeping_header.php'); 
?> 
<body> 
<?php 
$result = mysql_query("SELECT * FROM staff_applications_v3"); 

echo "<style type=text/css> 
table,th,td 
{ 
border:1px solid red; 
} 
</style> 
<style type=text/css> 
table, td, th 
{ 
border:1px solid black; 
} 
th 
{ 
background-color:white; 
color:black; 
} 
</style> 
<style type=text/css> 
h1 
{ 
background-color:white; 
} 
</style> 
<table border='1'> 
<tr> 
<th>Name</th> 
<th>Username</th> 
<th>Age</th> 
<th>Email</th> 
<th>Applying for ...</th> 
<th>Country</th> 
<th>Users can bring on :</th> 
<th>He wants to join team because :</th> 
<th>Can improve those things:</th> 


</tr>"; 
?> 

<?php 

while($row = mysql_fetch_array($result)) 
  { 

 echo "<tr>"; 
  echo "<style type=text/css> 
table,th,td 
{ 
border:1px solid red; 
} 
</style> 
<style type=text/css> 
table, td, th 
{ 
border:1px solid black; 
} 
th 
{ 
background-color:white; 
color:black; 
} 
</style> 
<style type=text/css> 
h1 
{ 
background-color:white; 
} 
</style><td> " . $row['name'] . "</td>"; 
  echo "<td>" . $row['username'] . "</td>"; 
  echo "<td>" . $row['age'] . " </td>"; 
  echo "<td>" . $row['email'] . " </td>"; 
  echo "<td>" . $row['applyfor'] . " </td>"; 
  echo "<td>" . $row['country'] . " </td>"; 
  echo "<td>" . $row['users_can_bring'] . " </td>"; 
  echo "<td>" . $row['why_u_want_join'] . " </td>"; 
  echo "<td>" . $row['improve'] . " </td>"; 

   
  echo "</tr>"; 
  } 
echo "</table>"; 
mysql_close($con); 
?> 
</body> 
</html> 


<?php require_once('./templates/housekeeping_footer.php'); ?>

---

My old account was StronGCoder - so this is coded by me , and also re-coded , so credits goes to me and Yifan Lu.

Please do not comment saying : this is all the same , yeah this is all the same but now your hotel will be projected using this and your SQL wont be public.

Thanks!

StronGCoder:rolleyes:

screen?

screen please...
but it looks nice ;)

Grr..
Arnii

Yeah, any screens?

And i thought the v3 version was the last release? :o

if u can read : I think you do not need screenies because it is all the same as v3 just re-coded ? , its all the same as V3 , the file is just got off sql injections (protected) !

$PEjump2
Yer , this is all the same , just re-coded (protected)

Quote:

---

Originally Posted by StrongFaith

if u can read : I think you do not need screenies because it is all the same as v3 just re-coded ? , its all the same as V3 , the file is just got off sql injections (protected) !

$PEjump2
Yer , this is all the same , just re-coded (protected)

---------- Post added at 05:27 AM ---------- Previous post was at 05:26 AM ----------

if u can read : I think you do not need screenies because it is all the same as v3 just re-coded ? , its all the same as V3 , the file is just got off sql injections (protected) !

$PEjump2
Yer , this is all the same , just re-coded (protected)

---

I want a screen!

okay lemme eat , then ill take it!

Attachment 82689
here it is , is not ALL same like this , it has staff badge image and not these colours , dats becuz i changed it a bit for my hotel!

Call this secure? Don't you just wanna add strip_tags($_POST['name']);
To block <b>, <marquee>, <script> tags :D

provide a screenie please?

there is one..
http://forum.ragezone.com/attachment...d-untitled.png

---------- Post added at 12:44 PM ---------- Previous post was at 12:43 PM ----------

there is one..
http://forum.ragezone.com/attachment...d-untitled.png

Thanks, taking a look now

Strong, YOUR SO PATHETIC EVERY THEME I USE U COPY IT LIKE GIVE IT UP. U WILL NEVER BE LIKE ME. YEAH I SAID IT U ALWAYS COPY MY THEME I USED THE BLUE U COPY THE HC U COPY AND THE PAGE IS BEAT UP. Soz for flame Rz, And Fyi this still is Exploitable u cant code safely can u... 2/10

Quote:

---

Originally Posted by GrandCoder

Strong, YOUR SO PATHETIC EVERY THEME I USE U COPY IT LIKE GIVE IT UP. U WILL NEVER BE LIKE ME. YEAH I SAID IT U ALWAYS COPY MY THEME I USED THE BLUE U COPY THE HC U COPY AND THE PAGE IS BEAT UP. Soz for flame Rz, And Fyi this still is Exploitable u cant code safely can u... 2/10

---

So True.

ur opinions ! ur changing ur words grand everytime we fight on msn..

---------- Post added at 04:45 AM ---------- Previous post was at 04:44 AM ----------

i didnt copy u , i liked it , and i done it ! whats problem with u m8 ?