database probleem

zigzag · 4 April 2009

hallo ik mis een paar stukken van mijn database kunnen jullie mij even helpen ik post de scripts van wat ik denk te missen

PHP

<?php
  $UPDATE_DB                                            = 1;
  $OMNILOG                                                      = 1;
  include("_include-config.php");


if(isset($_POST['login'],$_POST['pass'])) {




if($_POST['login'] == '' OR $_POST['pass'] == ''){
print <<<ENDHTML
<title>[(Donworld)]</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
</head>
<body style="background: #b0c4dd ; margin: 0px;">
<table width=100%>
<tr><td class="subTitle"><b>Login</b></td></tr>
<tr><td class="mainTxt">
<table>
<tr><td width=40><img src="images/fout.png" border=0></td><td align="left"><b>Er is een fout opgetreden.<br><br></td></tr>
<tr><td width=40></td><td align="left"><b>Het is genoodzaakt om je gebruikersnaam en je wachtwoord in te vullen.</td></tr>
<tr><td width=40></td><td align="left"><i>Indien je het wachtwoord niet meer weet kan je altijd je wachtwoord opvragen.<br><br></td></tr>




</table>
</td></tr>
ENDHTML;
exit;
}




    $dbres                              = mysql_query("SELECT `login`,`activated` FROM `users` WHERE `login`='{$_POST['login']}' AND `pass`=MD5('{$_POST['pass']}')");
    if(($data = mysql_fetch_object($dbres)) && $data->activated == 1) {
      $validate                         = md5(rand(0,1000));


      mysql_query("REPLACE INTO `online`(`time`,`login`,`IP`,`validate`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$data->login}','$validate')");
      mysql_query("UPDATE `users` SET `online`=NOW() WHERE `login`='{$data->login}'");
      $_SESSION['login']                = $data->login;
      $_SESSION['IP']                   = $_SERVER['REMOTE_ADDR'];
      $dbres                            = mysql_query("SELECT *,UNIX_TIMESTAMP(`signup`) AS `signup` FROM `users` WHERE `login`='{$_SESSION['login']}'");
      $_SESSION['data']                 = mysql_fetch_object($dbres);
        mysql_query("UPDATE `users` SET `pagina`='Login' WHERE `login`='{$data->login}'");
  mysql_query("UPDATE `users` SET `online`=NOW() WHERE `login`='{$data->login}'");
    }
  }
  else if($_GET['x'] == "logout") {
  
    mysql_query("DELETE FROM `online` WHERE `login`='{$_COOKIE['login']}' AND `validate`='{$_COOKIE['validate']}' AND `IP`='{$_SERVER['REMOTE_ADDR']}'");


    unset($_SESSION['login']);
    unset($_SESSION['IP']);
    unset($_SESSION['data']);
  }




?>
<html>




<head>
<title>Donworld.nl</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
<body style="background: #b0c4dd ; margin: 0px;">
</head>




<body style="background: #b0c4dd ; margin: 0px;">
<table align="center" width=100%>
<?php
if($_GET['x'] == "logout2"){
print <<<ENDHTML
<script language="javascript">setTimeout('parent.window.location.reload()',0)</script>
ENDHTML;
}


  if($_GET['x'] == "logout")
     print <<<ENDHTML
<meta http-equiv=Refresh content=0;url=index.php>
ENDHTML;
  else if($_GET['x'] == "lostpass") {
    print "  <tr><td class="subTitle"><b>Wachtwoord vergeten</b></td></tr>n";


    print <<<ENDHTML
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class=MainTxt align=left width=30%> <img src="images/logo.jpg" title="Meld je snel aan, en start je cariere als crimineel.."> </td>
<td class=MainTxt align=left width=70%>
Wie vergeet nou zijn pass :O <br>
Maar niet getreurt, je kan je pass altijd weer laten resetten.<br>
</td>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class="tussen" width="100%" colspan="4"><big><center> </big></center></td></tr>
</table>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class=MainTxt colspan=3>
<form method="post">


<img src=images/sig1.jpg width="16" height="16"> <font color=#00ff00><b>Jou spelnaam.</b></font> <br>
<input type="text" name="login" maxlength="16" value=""><br><br>


<img src=images/sig3.jpg width="16" height="16"> <font color=#00ff00><b>Jou e-mail.</b></font><br>
<input type="text" name="email" maxlength="30" value=""><br><br>


       <input type="submit" value="En resetten maar!" style="width: 100"><br>


</form></table></td></tr>
ENDHTML;


if(isset($_GET['id'],$_GET['code'])) {
$dbres                            = mysql_query("SELECT `login` FROM `temp` WHERE `id`='{$_GET['id']}' AND `code`='{$_GET['code']}' AND `area`='lostpass'");
if($data = mysql_fetch_object($dbres)) {
$dbres                          = mysql_query("SELECT `login`,`email` FROM `users` WHERE `login`='{$data->login}'");
$data                           = mysql_fetch_object($dbres);


$newpass                        = rand(100000,999999);
mysql_query("UPDATE `users` SET `pass`=MD5('$newpass') WHERE `login`='{$data->login}'");
mysql_query("DELETE FROM `temp` WHERE `id`='{$_GET['id']}'");
mail($data->email,"Don password","Je wachtwoord is succesvol gereset


je kan nu inloggen met: $newpass
Let er wel op dat dit een tijdelijk wachtwoord is.
Ga dus snel naar configuratiescherm toe en verrander daar je wachtwoord naar een eigen keuze.


Greetz Donworld crew


Voor verdere informatie:
Check: www.donworld.nl
Check: [email protected]


","From: Donworld <[email protected]>n");
print <<<ENDHTML
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class=MainTxt colspan=3><font color=#00ff00><b><big>Je nieuwe wachtwoord is ge-emailed naar {$data->email}<br><br>LET OP: ook deze e-mail kan in je ongewenste post komen.
ENDHTML;
exit;
}
}
else if(isset($_POST['email'],$_POST['login'])) {
$dbres                            = mysql_query("SELECT `login`,`email` FROM `users` WHERE `login`='{$_POST['login']}' AND `email`='{$_POST['email']}'AND `activated`=1");
if($data = mysql_fetch_object($dbres)) {
$code                           = rand(100000,999999);
mysql_query("INSERT INTO `temp`(`login`,`code`,`area`,`time`) values('{$data->login}',$code,'lostpass',NOW())");
$id                             = mysql_insert_id();
$IP                        = $_SERVER['REMOTE_ADDR'];
mail($data->email,"Don password","Er is een aanvraag binnengekomen door ip: $IP


Deze grbuiker wilt zijn/haar pass resetten om te kunnen inloggen
Heb jij geen reset aangevraagt, negeeer deze e-mail dan




Heb jij wel een reset aangevraagt, klik dan op deze link:nhttp://www.donworld.nl/login.php?x=lostpass&id=$id&code=$code


Greetz Donworld crew 


Voor verdere informatie:
Check: www.donworld.nl
Check: [email protected]
","From: Donworld <[email protected]>n");


print <<<ENDHTML
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class=MainTxt colspan=3>
<font color=#00ff00><b><big>Aanvraag met succes!<br><br>In je e-mail staat de link om je pass te resetten<br>
Let op: De meeste hotmail accounts houden Donworld tegen, kijk dus ook in je ongewenste post.
</td>
ENDHTML;
exit;
}
else
print <<<ENDHTML
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr><td class=MainTxt colspan=3>
<font color=#00ff00><b><big>Er is geen gebruiker met die login en e-mail.
</td>
ENDHTML;
exit;
}


}
else if($data) {
if($data->activated == 0){
 print "  <tr><td class="mainTxt"></td></tr><meta http-equiv=Refresh content=0;url=activeren.php>n";
exit;
}








else
print <<<ENDHTML
<script language="javascript">setTimeout('parent.window.location.reload()',0)</script></td></tr>
ENDHTML;
}
else {
if(isset($_POST['login'],$_POST['pass']))
print <<<ENDHTML
<title>[(Donworld)]</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
</head>
<body style="background: #b0c4dd ; margin: 0px;">
<table width=100%>
<tr><td class="subTitle"><b>Login</b></td></tr>
<tr><td class="mainTxt">
<table>
<tr><td width=40><img src="images/fout.png" border=0></td><td align="left"><b>Er is een fout opgetreden.<br><br></td></tr>
<tr><td width=40></td><td align="left"><b>De combinatie tussen de gebruikersnaam en het wachtwoord komt niet overeen.</td></tr>
<tr><td width=40></td><td align="left"><i>Indien je het wachtwoord niet meer weet kan je altijd je wachtwoord opvragen.<br><br></td></tr>


</table>
</td></tr>
ENDHTML;
  }


?>
</table>


</body>
<script>
<!--
if (window.Event)
  document.captureEvents(Event.MOUSEUP);
function nocontextmenu()
{
event.cancelBubble = true
event.returnValue = false;
  return false;
}
function norightclick(e)
{
if (window.Event)
{
  if (e.which == 2 || e.which == 3)
   return false;
}
else
  if (event.button == 2 || event.button == 3)
  {
   event.cancelBubble = true
   event.returnValue = false;
   return false;
  }
}
document.oncontextmenu = nocontextmenu;
document.onmousedown = norightclick;
//-->
</script>
<script language="javascript">
function click() {if (event.button==2) {
alert('© Copyright, Donworld.nl')
}}document.onmousedown=click</script>


</html>

Toon Meer

Laeresh · 4 April 2009

post je _include-config.php eens ?

zigzag · 4 April 2009

hier boven staat include_config

Darsstar · 4 April 2009

emhe...
wat dacht je van het volgende idee:
NIET DUBBELPOSTEN!!!

je kunt het heel simpel in 1 bericht zetten hoor...
*gaat mod functies gebruiken*

EDIT:
whoops!
verkeerde post verwijderd...
foutje!
bewerk je vorige wil je?

zigzag · 4 April 2009

PHP

<?php


$passwordthatmustbesecret         = "pass";
$hostthatmustbesecret             = "localhost";
$usernamethatmustbesecret         = "usernaam";
$databasethatmustbesecret         = "database naam";


  if(!(@mysql_connect("$hostthatmustbesecret","$usernamethatmustbesecret","$passwordthatmustbesecret") && @mysql_select_db("$databasethatmustbesecret"))) {
print <<<ENDHTML
<html>
<head>
<title>[( Donworld )]</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
</head>
<body style="background: #b0c4dd ; margin: 0px;">
<table width=100%>
<tr><td class="subTitle"><b>Session</b></td></tr>
<tr><td class="mainTxt">
Sorry voor het ongemak.
 <br><br>
Greetz, Donworld Crew.       <br><br>
Copyright 2007 - 2008 www.donworld.nl - Alle Rechten Voorbehouden
</td></tr>
</table>
</body>
</html>
ENDHTML;
exit;
}
session_start();
include("ban.php");
include("_include-funcs.php");
if(isset($_SESSION['login'])) {


$dbresonline        = mysql_query("SELECT `id` FROM `users` WHERE UNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(`online`) < 600");
$onlinemembersnu    = mysql_num_rows($dbresonline);
$dbresonlinemeest   = mysql_query("SELECT `meestonline` FROM `sitesettings`");
$membersonlinemeest = mysql_fetch_object($dbresonlinemeest);


if($onlinemembersnu > $membersonlinemeest->meestonline){
$date = date("Y-m-d H:i:s");
mysql_query("UPDATE `sitesettings` SET `datum`='$date'");
mysql_query("UPDATE `sitesettings` SET `meestonline`=$onlinemembersnu");
}




  if(((count($_POST) > 0 && !isset($_POST['omnilog'])) || ($_POST['omnilog'] == 1 && count($_GET) > 1)) && isset($OMNILOG)) {
    $forwardedFor                       = ($_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['HTTP_CLIENT_IP'];
    $forwardedFor                       = preg_replace('/, .+/','',$forwardedFor);
    $postVars                           = addslashes(var_export($_POST,TRUE));
    if($postVars == "array (n)" || (count($_POST) == 1 && isset($_POST['omnilog'])))
      $postVars                         = "";
    $getVars                            = addslashes(var_export($_GET,TRUE));
    if($getVars == "array (n)")
      $getVars                          = "";
    mysql_query("INSERT INTO `omnilog` VALUES(NOW(),'{$data->login}','{$_SERVER['REMOTE_ADDR']}','$forwardedFor','{$_SERVER['PHP_SELF']}','$postVars','$getVars')");
  }








if($data->resetten ==1){
print <<<ENDHTML
<html>
<head>
</head>
<title>Donworld</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
<body style="background: 000000 ; margin: 0px;">
<center>
<img src="images/reset2.jpg" height="100%" width="100%" border=0>
<script>
<!--
if (window.Event)
  document.captureEvents(Event.MOUSEUP);
function nocontextmenu()
{
event.cancelBubble = true
event.returnValue = false;
  return false;
}
function norightclick(e)
{
if (window.Event)
{
  if (e.which == 2 || e.which == 3)
   return false;
}
else
  if (event.button == 2 || event.button == 3)
  {
   event.cancelBubble = true
   event.returnValue = false;
   return false;
  }
}
document.oncontextmenu = nocontextmenu;
document.onmousedown = norightclick;
//-->
</script>
</body>
<script language="javascript">
function click() {if (event.button==2) {
alert('© Copyright, Donworld')
}}document.onmousedown=click</script>
</html>
ENDHTML;
exit;
}




$dbres  = mysql_query("SELECT *,UNIX_TIMESTAMP(`signup`) AS `signup`,UNIX_TIMESTAMP(`online`) AS `online` FROM `users` WHERE `login`='{$_SESSION['login']}'");
$data   = mysql_fetch_object($dbres);








  foreach($_POST as $key => $value) {
    if(gettype($_POST[$key]) == "array")
      foreach($_POST[$key] as $key2 => $value2)
        $_POST[$key][$key2]             = addslashes($_POST[$key][$key2]);
    else
      $_POST[$key]                      = addslashes($_POST[$key]);
  }
  foreach($_GET as $key => $value) {
    if(gettype($_GET[$key]) == "array")
      foreach($_GET[$key] as $key2 => $value2)
        $_GET[$key][$key2]              = addslashes($_GET[$key][$key2]);
    else
      $_GET[$key]                       = addslashes($_GET[$key]);
  }
  foreach($_COOKIE as $key => $value) {
    if(gettype($_COOKIE[$key]) == "array")
      foreach($_COOKIE[$key] as $key2 => $value2)
        $_COOKIE[$key][$key2]           = addslashes($_COOKIE[$key][$key2]);
    else
      $_COOKIE[$key]                    = addslashes($_COOKIE[$key]);
  }


 }












?>

Toon Meer

dit is include_config terug

Laeresh · 4 April 2009

dubbel posten houd in meerdere berichten van jezelf achter mekaar ( dus ook 2 ) of onnodig posts zetten, je had beter je eerste post kunnen bewerken omdat die toch onnodig is en daar dan je config in kunnen zetten.

zigzag · 4 April 2009

hazo ik dacht dat dubbel posten was 2 keer hetzelfde (c)

Graag advies voor mijn website

DNS update Directadmin

PC probleem

Let op Vimexx klanten

wie kan mij helpen met Security aanscherpen voor nmijn website

Ik ben op zoek naar een goede hosting

App bouwer gezocht

4G met USB Dongle - windows 11 Chrome of Firefox - browser probleem

Xenforo buckaroo plugin

300+ Nieuwe domeinnamen Maart 2024

Actieve crime

database probleem

Participate now!

ING Nederland streeft naar ondersteuning van Google Pay tegen eind februari

Het Belang van Standaardisatie

De Revolutionaire Rol van IT in Alzheimeronderzoek

Functioneel ontwerp

Access Control List implementatie in PHP/MySQL - deel 1/2

Access Control List implementatie in PHP/MySQL - deel 2/2

Delen