Best leden van criminalspoint
Ik zie nergens een forum staan over hulp met scripts dus plaats ik hem hier maar 
Ik heb nog 1 probleempje met mijn belsysteem 
Het probleem zit hier ik krijg na het bellen een echo: hacking attempt
Bron hiervan. Config.php
PHP
<?php
if(!defined("INSIDE")){
die("attemp hacking");
}
$dbsettings = Array(
"server" => "localhost",
"user" => "",
"pass" => "",
"name" => "",
"prefix" => "RageOnline_", // DO NOT MODIFY!!
"secretword" => "Rageonline_11"); // DO NOT MODIFY!!
?>Pay.php
PHP
<?
session_start();
error_reporting(E_ALL);
?><html>
<head>
<title>Betaalpagina</title>
<style type="text/css">
body { margin: 10px; }
body,th,td,p { font:small "Trebuchet MS",Verdana,Arial,Sans-serif; }
a { color: black; }
a:visited { color: black; }
</style>
</head>
<body>
<div align="center">
<h2>Betaalpagina</h2>
Hier moet uiteraard uw website layout komen....<br />Het betaalscherm is slechts de code die u hieronder vind.<br />
<br />
<br />
<div style="background-color: #f2f2f2; border: 1px solid silver; width: 350px; padding: 6px;">
<?
require('classes/class.micropayment-mollie.php');
$m = new micropayment();
$m->setPartnerID(1001); # change this to your partner ID
if (isset($_GET['c']) and is_numeric($_GET['c'])) $m->setCountry($_GET['c']);
$m->setAmount(0.90); # Set payment amount to € 0,50
if (isset($_GET['action']) and $_GET['action'] == 'check' and isset($_SESSION['servicenumber']) and isset($_SESSION['paycode']) and $_SESSION['servicenumber'] and $_SESSION['paycode']) {
/* user posted a paymentcheck, so below we'll check if the servicenumber and the paycode is fully payed */
$m->setServicenumber($_SESSION['servicenumber']);
$m->setPaycode($_SESSION['paycode']);
$m->checkPayment();
if ($m->payed) {
include("config.php");
$login=$user['name'];
mysql_query("UPDATE `DMQYXalout_users` SET `rpg_points`=`rpg_points`+ 2000 WHERE `name`='$login'");
echo '<b>Bedankt voor je betaling</b><br />
De betaling is succesvol gelukt!';
}
else {
# payment is not (fully) done, send the user back to the payment-screen
echo '<font color=red><b>Betaling is niet afgerond,<br />volg de onderstaande instructies!</b></font><br /><br />';
}
}
if (!$m->payed) {
/* Below we include the payment-screen, because no payment is received (yet) */
include('includes/include.paymentscreen.php');
}
?>
</div>
</div>
</body>
</html>Dit zit erin hier gaat het om:
PHP
if ($m->payed) {
include("config.php");
$login=$user['name'];
mysql_query("UPDATE `DMQYXalout_users` SET `rpg_points`=`rpg_points`+ 2000 WHERE `name`='$login'");andere gedeelte van belsysteem (ik denk niet relevant) :
PHP
<?php
/*
=======================================================================
File : pay.php
Author : Mollie B.V.
Version : 1.1 (Oct 2007)
More information? Go to www.mollie.nl
========================================================================
*/
/* below we'll fetch the payment information to present it to the user
in case user is sent back to this payment-screen because payment failed,
we don't need to refetch a new servicenumber and paycode, how smart ;-) */
if ($m->servicenumber and $m->paycode) {
$gotpayinfo = true;
} else {
$gotpayinfo = $m->getPayInfo();
}
if ($gotpayinfo) {
$cur = '';
if ($m->currency == 'eur') {
$cur = '€'; # €;
} elseif ($m->currency == 'dollar') {
$cur = '$';
} elseif ($m->currency == 'gbp') {
$cur = '£'; # £;
}
$_SESSION['servicenumber'] = $m->servicenumber;
$_SESSION['paycode'] = $m->paycode;
# landen keuze
?>
<small>Kies land voor de betaling:</small><br />
<table>
<tr>
<td><a href="./pay.php?c=31"><img src="./images/flag-31.gif" width="20" height="12" border="" alt="flag 31" style="border: 1px solid black" /></a></td>
<td><a href="./pay.php?c=31">Nederland</a></td>
<td width="10"> </td>
<td><a href="./pay.php?c=32"><img src="./images/flag-32.gif" width="20" height="12" border="" alt="flag 31" style="border: 1px solid black" /></a></td>
<td><a href="./pay.php?c=32">België</a></td>
</tr>
</table>
<br />
<?
echo 'Om ' . $cur . number_format($m->amount, 2, ',', '.') . ' af te rekenen moet je het volgende doen:<br /><br />';
echo '<font size="4"><b>Bel ' . $m->servicenumber . '</b></font><br />';
echo '<small>';
if ($m->mode == 'ppc') {
echo $cur . number_format($m->costpercall, 2, ',', '.') .' per gesprek';
} elseif ($m->mode == 'ppm') {
echo $cur . number_format($m->costperminute, 2, ',', '.') .' per minuut, c.a. ' . $m->duration . ' seconden';
# place an iframe for live display of the payment-progress ?
}
echo '</small>';
echo '<br />';
echo 'en toets de volgende code in: <font size="4"><b>' . $m->paycode . '</b></font><br /><br />';
echo '<form method="get" action="./pay.php">
<input type="hidden" name="action" value="check" />
<input type="submit" value="Klik hier na het betalen!">
</form>';
} else {
echo 'Kon betaalinformatie niet ophalen.';
}
?>Wat vergeet ik aan pay.php toe te voegen waardoor hij config.php zijn werk laat doen???
Srry dat ik dit jullie moet vragen maar ik weet het echt niet (en ja ik heb gegoogled :P)
Alvast bedankt
Lars