Maar ik heb geen eigen server?
Ik host bij http://www.vinzei.com
Posts by Reverb
-
-
Wat boeit het als op een server of op een website is?
Komt op het zelfde neer, ik zeg toch "per"..YVMdesign:
Dan moet ik de aanvaller zijn ip hebben, die heb ik niet..
Heb ik die wel, veranderen ze gewoon hun ip weer. -
Lees even deze topic:
http://www.criminalspoint.com/forum/topic/6563.html -
Die heb ik ook, maar die hadden mij afgesloten omdat andere site's ook de dupe ervan werden..
-
Ik snap wat Ddos inhoud, ik doe zelf een ICT opleiding dus daar ligt het probleem niet, het probleem is juist dat ik pas over 2 jaar leer hoe ik dit moet beveiligen, en dat heeft me website als meer dan $45,000 euro misgelopen..
Dus vandaar dat ik niet zo lang ga lopenn wachten..
Dus ik heb al geprobeerd naar een script te zoeken dat maximaal 2 verbindingen per IP toelaat, maar heb daar niet in geslaagd..
Iemand?
-
Heeft iemand hier een script of iets watt er op lijkt?
Ik zoek:
Een script dat maximaal 2 verbindingen per IP ADRESS toelaat op een server..In dit geval op een Crime Spel..
Zo ja?
Kan iemand die posten?Bedankt..
-
Citaat van Pharox
Zijn server instellingen, heeft PHP niks mee te maken.
Weet je überhaupt hoe een Ddos aanval werkt?Ja via sockets etc, aantal hoeveelheid cache versturen als ik het goed heb..
Maar ik vraag hoe ik het tegen kan houden, niet hoe ik er 1 op zet. -
Niemand?
-
Heeft hier iemand een Anti ddos script?
Heb het heel erg snel nodig..Mijn vriend heeft een Ddosser op de sever.
-
Citaat van Flaxis
Gooi htmlspecialchars() op je variabele en je bent klaar. Zonder ENT_QUOTES!
uhhh, en daar bedoel je mee?Hier een stuk script:
PHP
Toon Meerif(isset($_POST['sendMSG'])) { $select = mysql_query("SELECT * FROM `shoutbox` ORDER BY id DESC LIMIT 0,15"); $bericht = $_POST['message']; if($tho > time()){ print" <tr> <td class='inhoud'> $msg </td> </tr><tr> \n"; } elseif (empty($_POST['message'])) { print" <tr> <td class='inhoud'> <img src='IMG/kruis.jpg'> Je hebt niks ingevuld! <br /> </td> </tr> \n"; } else{ $nieuwetijd2 = time(); mysql_query("INSERT INTO `shoutbox`(time,login,bericht) values(NOW(),'{$data->login}','{$bericht}')"); print" <tr> <td class='inhoud'> <img src='IMG/vink.jpg' alt=''> Je bericht is toegevoegd! </td> </tr><tr> \n";PHP
Toon Meerecho " <td class='inhoud' style='padding: 4px; padding-left: 5px;'> <table border='0' style='margin: 0px;' cellspacing='1' cellpadding='0' width='100%'> <tr> <td width='97%'><b><font size=1>$list->time</b></font> - <b><a href='nav.php?p=profile&x=$list->login'>$login2</a></b>: $list->bericht </td> <td width='3%'> <span style='font-size: 9px;'><a href='nav.php?p=shoutbox&id=$list->id' style='font-size: 9px;'><font color=666666>[Meld]</font></a></span> </td> </tr> </table> </td> </tr><tr> "; } ?> <td class='inhoud' style='padding: 4px; padding-left: 5px;'> <input type='text' name='message' style='width: 60%;' maxlength='80' /> <input type='submit' name='sendMSG' value='Verstuur' /> </td> </tr> </table> -
Is allang opgelost..
Bedankt, en nee niet door jullie. -
Nee hoor?
Pas me script eens aan hoe je denkt dat het hoort te zijn, dan test ik het wel even. -
Nee?
Werkt niet. -
Werkt alsnog niet?
Kan nu helemaal niks doen. -
Zeg maar, ik heb een coden.php, de catchpa beveilings code, maar die hoort dus te melden: De code is onjuist, dat doet hij ook (de éérste keer alleen) Dus daarna kan je achter elkaar F5 drukken.
Zonder een code in te voeren.
Nieuwe reactie samengevoegd met originele reactie op 30.01.10 00:04:15:
Bump! -
Wat heb je ervoor over?
-
Ik heb een foutje in me berichten.php
Zeg maar als je de bovenste checkbox aanvinkt moet hij alles invinken en verwijderen..- Hij vinkt ze niet aan.
- Hij verwijderd ze ook niet als je het bericht zelf aanvinkt..Heel raar?
PHP
Toon Meer<? $dbres15 = mysql_query("SELECT `name`,`owner`,`bankbeheerder`,`onderbaas` FROM `[clans]` WHERE `name`='{$data->clan}'"); $clan = mysql_fetch_object($dbres15); if($data->berichtenban == 1){ print' <table border=\'0\' cellspacing=\'1\' width=\'50%\' bgcolor=\'#000\' align=\'center\'> <tr><td class=\'top\'>Berichten</td></tr><tr><td class=\'inhoud\'><table border=\'0\' cellspacing=\'0\' style=\'margin: 0px;\' align=center> <tr> <td> <center> <img src=IMG/berichten-ban.jpg align=center border=0><BR><i>Je hebt een <b>berichten ban</b>, dat houdt in dat je waarschijnlijk iets tegen de regels in hebt gedaan!<BR><BR>Het kan vanzelf verdwijnen, of het blijft, ligt aan jezelf!</i><BR> <BR><BR></center></td> </tr> </table></td></tr> </table> '; include("footer.php"); exit; } ?> <?php /* ------------------------- */ $UPDATE_DB = 1; if(isset($_SESSION['login'])) { setcookie("login",$_COOKIE['login'],time()+24*60*60,"/",""); setcookie("validate",$_COOKIE['validate'],time()+24*60*60,"/",""); $dbres = mysql_query("SELECT *,UNIX_TIMESTAMP(`signup`) AS `signup`,UNIX_TIMESTAMP(`online`) AS `online` FROM `[users]` WHERE `login`='{$_SESSION['login']}'"); $data = mysql_fetch_object($dbres); } mysql_query("UPDATE `[users]` SET `online`=NOW() WHERE `login`='{$data->login}'"); include("ban.php"); include("ripped.php"); /* ------------------------- */ ?> <SCRIPT language=javascript> function checkAll(elementFrm) { for (i = 0; i < elementFrm.length; i++) { if(elementFrm.elements[i].type == "checkbox") elementFrm.elements[i].checked = true; } } function uncheckAll(elementFrm) { for (i = 0; i < elementFrm.length; i++) { if(elementFrm.elements[i].type == "checkbox") elementFrm.elements[i].checked = false; } } function toogle(elementFrm){ var d = 1; var j = 0; for(i = 0; i < elementFrm.length; i++){ if(elementFrm.elements[i].type == "checkbox"){ j = j + 1; if(elementFrm.elements[i].checked == true){ d = d + 1; } } } if(d == j){ uncheckAll(elementFrm); } else { checkAll(elementFrm); } } </SCRIPT> <?php /* ------------------------- */ if($_GET['x'] == "inbox") { $dbres = mysql_query("SELECT * FROM `[messages]` WHERE `to`='{$data->login}' AND `inbox`='1'"); $messnow = mysql_num_rows($dbres); print " <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <form method='post' action'nav.php?p=messages&x=inbox'> <tr><br><td class='top' width='6%' style='padding: 2px;'> <INPUT style=\"MARGIN: 0px\" onclick=toogle(document.form) type=checkbox value=Checken name=check> <td class='top' width='32%'>Verzender</td> <td class='top' width='31%'>Datum</td> <td class='top' width='31%'>Openen</td> </tr> \n"; if(isset($_GET['id'])) $_POST['id'] = $_GET['id']; foreach($_POST['id'] as $msgid) { $dbres = mysql_query("SELECT `outbox`,`inbox`,`from`,`to` FROM `[messages]` WHERE `id`='$msgid' AND (`from`='{$data->login}')"); if($message = mysql_fetch_object($dbres)) { if($message->from == $data->login) mysql_query("UPDATE `[messages]` SET `outbox`=0 WHERE `id`='$msgid'"); else mysql_query("UPDATE `[messages]` SET `inbox`=0 WHERE `id`='$msgid'"); } print <<<ENDHTML <tr><td class='inhoud' colspan='4'> <img src='vink.jpg'> Bericht(en) verwijderd</td></tr> ENDHTML; } $dbres = mysql_query("SELECT * FROM `[messages]` WHERE `to`='{$data->login}' AND `inbox`='1'"); $messnow = mysql_num_rows($dbres); print "<form name=\"form1\" method=\"post\">\n"; $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i:%S') AS `time` FROM `[messages]` WHERE `to`='{$data->login}' AND `read`=0 AND `inbox`=1 ORDER BY `time` DESC LIMIT 0,50"); while($message = mysql_fetch_object($dbres)) { if(preg_match('/^\s*$/',$message->subject)) $message->subject = "(Geen)"; print " <tr><td class='inhoud_c' width='6%'> <input type=checkbox name=id_{$message->id} value={$message->id}></td> <td class='inhoud' width='32%'><a href=\"?p=profile&x={$message->from}\">{$message->from}</a></td><td class='inhoud' width='31%'>{$message->time}</td><td class='inhoud' width='31%'><a href=\"?p=message&x=read&id={$message->id}\"><b>Openen</b></a></tr></td>\n"; } $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i:%S') AS `time` FROM `[messages]` WHERE `to`='{$data->login}' AND `read`=1 AND `inbox`=1 ORDER BY `time` DESC"); while($message = mysql_fetch_object($dbres)) { if(preg_match('/^\s*$/',$message->subject)) $message->subject = "(Geen)"; print " <tr><td class='inhoud_c' width='6%'><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class='inhoud' width='32%'><a href=\"?p=profile&x={$message->from}\">{$message->from}</a></td><td class='inhoud' width='31%'>{$message->time}</td><td class='inhoud' width='31%'><a href=\"?p=message&x=read&id={$message->id}\">Openen</a></tr></td>\n"; } print " <tr><td class='inhoud' colspan='4'><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></td></tr><table> </td> </tr> <tr> \n"; } else if($_GET['x'] == "outbox") { print <<<ENDHTML <tr> <td style='text-align: center;'> <br /> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' width='34%'> Ontvanger </td> <td class='top' width='33%'> Datum </td> <td class='top' width='33%'> Openen </td> </tr> ENDHTML; $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `[messages]` WHERE `from`='{$data->login}' AND `outbox`=1 ORDER BY `time` DESC"); while($message = mysql_fetch_object($dbres)) { if(preg_match('/^\s*$/',$message->subject)) $message->subject = "(Geen)"; if($message->read == 1) print " <tr> <td class='inhoud' width='34%'> <a href='?p=profile&x={$message->to}'>{$message->to}</a> </td> <td class='inhoud' width='33%'> {$message->time} </td> <td class='inhoud' width='33%'> <a href='?p=message&x=read&id={$message->id}'>Openen</a> </td> </tr> \n"; else if($message->read == 0) print " <tr> <td class='inhoud' width='34%'> <a href='?p=profile&x={$message->to}'>{$message->to}</a> </td> <td class='inhoud' width='33%'> {$message->time} </td> <td class='inhoud' width='33%'> <a href='?p=message&x=read&id={$message->id}'><b>Openen</b></a> </td> </tr>\n"; } $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i:%S') AS `time` FROM `[messages]` WHERE `to`='{$data->login}' AND `read`=1 AND `inbox`=1 ORDER BY `time` DESC"); while($message = mysql_fetch_object($dbres)) { if(preg_match('/^\s*$/',$message->subject)) $message->subject = "(Geen)"; } print " </table> <table align='center'><tr> </table> \n"; } else if($_GET['x'] == "outbox") { print " <tr><td><form name=\"form1\" method=\"post\" action=\"?p=message&x=del\"><table width=100%>\n"; print " <tr><td width=10><input type=\"checkbox\" onClick=\"checkAll()\"></td> <td class=\"mainTxt\" align=\"center\" width=150><i>Naar:</i></td> <td class=\"mainTxt\" align=\"center\" width=225><i>Onderwerp:</i></td> <td class=\"mainTxt\" align=\"center\" width=175><i>Datum:</i></td></tr>\n"; $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i:%S') AS `time` FROM `[messages]` WHERE `to`='{$data->login}' AND `read`=1 AND `outbox`=1 ORDER BY `time` DESC"); while($message = mysql_fetch_object($dbres)) { if(preg_match('/^\s*$/',$message->subject)) $message->subject = "(Geen)"; if($message->read == 1) print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=200><a href=\"?p=profile&x={$message->to}\">{$message->to}</a></td> <td class=\"mainTxt\"><a href=\"?p=message&x=read&id={$message->id}\">{$message->subject}</a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n"; else print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=200><a href=\"nav.php?p=profile&x={$message->to}\"><b>{$message->to}</b></a></td> <td class=\"mainTxt\"><a href=\"?p=message&x=read&id={$message->id}\"><b>{$message->subject}</b></a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n"; } print " </table><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></form></td></tr>\n"; } else if($_GET['x'] == "read" && is_numeric($_GET['id'])) { $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i:%S') AS `time` FROM `[messages]` WHERE `id`='{$_GET['id']}' AND (`to`='{$data->login}' OR `from`='{$data->login}')"); if($message = mysql_fetch_object($dbres)) { if($message->to == $data->login) mysql_query("UPDATE `[messages]` SET `read`=1 WHERE `id`='{$_GET['id']}'"); $message->message = preg_replace('/\n/',"<br>\n",$message->message); if($message->from != $data->login) print " <tr> <td style='text-align: center;'> <br /> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Bericht </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Van: </td> <td class='inhoud'><a href='?p=profile&x={$message->from}'>{$message->from}</a> </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Naar: </td> <td class='inhoud'> <a href='?p=profile&x={$message->to}'>{$message->to}</a> </td> </tr> <tr> <td class='inhoud' colspan='2'> <b>Op {$message->time}, {$message->from} schreef: </b><br> {$message->message} <br><br> </td> </tr> <tr> <td class='inhoud_r' colspan='2'> <b> <a href='?p=message&x=block&add={$message->from}'>Vrienden / Blokkeren</a> - <a href='?p=message&x=new&to={$message->from}'>Antwoord</a> - <a href='?p=message&x=del&id[]={$message->id}'>Verwijder</a> </b> </td> </tr> </table> </form> <br /> <a href='?p=message&x=inbox'><b>Klik hier om naar je inbox te gaan!</b></a> </td> </tr> </td> "; else if($message->to != $data->login) print " <tr> <td style='text-align: center;'> <br /> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Bericht </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Van: </td> <td class='inhoud'><a href='?p=profile&x={$message->from}'>{$message->from}</a> </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Naar: </td> <td class='inhoud'> <a href='?p=profile&x={$message->to}'>{$message->to}</a> </td> </tr> <tr> <td class='inhoud' colspan='2'> <b>Op {$message->time}, {$message->from} schreef: </b><br> {$message->message} <br><br> </td> </tr> </table> </form> <br /> <a href='?p=message&x=inbox'><b>Klik hier om naar je inbox te gaan!</b></a> </td> </tr> </td> "; print "\n"; } } else if($_GET['x'] == "del") { if(isset($_GET['id'])) $_POST['id'] = $_GET['id']; foreach($_POST['id'] as $msgid) { $dbres = mysql_query("SELECT `outbox`,`inbox`,`from`,`to` FROM `[messages]` WHERE `id`='$msgid' AND (`from`='{$data->login}' OR `to`='{$data->login}')"); if($message = mysql_fetch_object($dbres)) { if($message->from == $data->login) mysql_query("UPDATE `[messages]` SET `outbox`=0 WHERE `id`='$msgid'"); else mysql_query("UPDATE `[messages]` SET `inbox`=0 WHERE `id`='$msgid'"); } } print <<<ENDHTML <tr><td class="mainTxt"><img src='vink.jpg'>Bericht(en) verwijderd</td></tr> ENDHTML; } else if($_GET['x'] == "block") { if(isset($_POST['update_list'])) { $newlist = ""; if(isset($_POST['blocklist'])) { foreach($_POST['blocklist'] as $blocked) { if($info = mysql_fetch_object(mysql_query("SELECT `login` FROM `[users]` WHERE `login`='{$blocked}'"))) { $newlist = preg_replace("/,{$info->login},/i",'',$newlist); $newlist .= ",{$info->login},"; } } } mysql_query("UPDATE `[users]` SET `blocklist`='$newlist' WHERE `login`='{$data->login}'"); print " <tr><td class=\"mainTxt\">De block list is geupdate</td></tr>"; $blocklist = $newlist; } else { $dbres = mysql_query("SELECT `blocklist` FROM `[users]` WHERE `login`='{$data->login}'"); $blocklist = mysql_fetch_object($dbres); $blocklist = $blocklist->blocklist; } if(isset($_POST['add'])) { $dbres = mysql_query("SELECT `login` FROM `[users]` WHERE `login`='{$_GET['add']}'"); if($sender = mysql_fetch_object($dbres)) { $blocklist = preg_replace("/,{$sender->login},/i",'',$blocklist); $blocklist .= ",{$sender->login},"; mysql_query("UPDATE `[users]` SET `blocklist`='$blocklist' WHERE `login`='{$data->login}'"); print " <tr><td class=\"mainTxt\">{$sender->login} is geblokt</td></tr>\n"; } } print <<<ENDHTML <tr><td style='text-align: center;'><br /> <table border='0' cellspacing='1' width='80%' bgcolor='#000' align='center'> <tr><td class='top'>Vrienden / Blokkeren</td></tr> ENDHTML; if(isset($_POST['to'])) { if (isset($_POST['amount1'])){ $blocklist = preg_replace("/,{$_POST['to']},/i",'',$blocklist); $blocklist .= ",{$_POST['to']},"; mysql_query("UPDATE `[users]` SET `blocklist`='$blocklist' WHERE `login`='{$data->login}'"); print " <tr><td class='inhoud'>Je hebt <b>{$_POST['to']} geblokeerd!</td></tr>\n"; } } print <<<ENDHTML <tr><td class='inhoud_c'><br><center> </center> <form method='post' action='?p=message&x=block&add={$_REQUEST['to']}'> Naam: <input type="tekst" name="to" value="{$_REQUEST['to']}"><br><br> <input type="submit" name="amount1" value="Block"><br><br><br> Als <b>Lid</b> kan je 10 vrienden, als <font color='#f7ff15'>Donateur</font> 15 en als <font color='#42a6c6'>VIP</font> 20!<br>Klik <a href='?p=betaald2'><b>hier</b></a> om donateur / VIP te worden! </center> <table border='0' width='70%' align='center'> <td width='50%'><center><b>Blokkeren</b><br><br></from> <form name="form2"> <select name='blocklist[]' size='4' style='width: 100px;'> ENDHTML; $blocklist = preg_replace('/(^,|,$)/','',$blocklist); if($blocklist != "") { $blocklist = explode(',,',$blocklist); sort($blocklist); foreach($blocklist as $blocked) print " <option value=\"$blocked\">$blocked</option>\n"; } print <<<ENDHTML </select><br><br><input type='submit' onClick="unBlock()" value='Verwijderen'> <input type='submit' name='update_list' value='Op slaan'></center> </td></tr></table></td></tr></table></form> </td></tr> ENDHTML; } else if($_GET['x'] == "new") { $_REQUEST['message'] = stripslashes($_REQUEST['message']); print <<<ENDHTML <tr> <td width='72%' style='vertical-align: top; height: 0px; text-align:center;' align='center'> <br /> <form name="form1" method="POST" action="?p=message&x=send"> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Nieuw Bericht </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Naar: </td> <td class='inhoud'> <input type="text" name="to" value="{$_REQUEST['to']}" maxlength=25> </td> </tr> <tr> <td class='inhoud' width='10%' style='vertical-align: top;'> Bericht: </td> ENDHTML; print <<<ENDHTML <td class='inhoud' width='90%' style='vertical-align: top;'> <textarea name='message' style='width: 70%;'>{$_REQUEST['message']}</textarea> </td> </tr> <tr> <td class='inhoud' style='width: 15%'> Smileys: </td> <td class='inhoud'> <img src='IMG/smileys/lol.gif' alt=':D' title=':D' onClick='addsmiley(":D");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/smile.gif' alt=':)' title=':)' onClick='addsmiley(":)");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/wink.gif' alt=';)' title=';)' onClick='addsmiley(";)");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/confused.gif' alt=':s' title=':s' onClick='addsmiley(":s");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/neutral.gif' alt=':|' title=':|' onClick='addsmiley(":|");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/razz.gif' alt=':P' title=':P' onClick='addsmiley(":P");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/sad.gif' alt=':(' title=':(' onClick='addsmiley(":(");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/surprised.gif' alt=':O' title=':O' onClick='addsmiley(":O");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/twisted.gif' alt=':twisted:' title=':twisted:' onClick='addsmiley(":twisted:");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/cry.gif' alt=':cry:' title=':cry:' onClick='addsmiley(":cry:");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/mad.gif' alt=':mad:' title=':mad:' onClick='addsmiley(":mad:");' onMouseOver='this.style.cursor="pointer";'> <img src='IMG/smileys/cool.gif' alt='8)' title='8)' onClick='addsmiley("8)");' onMouseOver='this.style.cursor="pointer";'> </td> </tr> <tr> <td class='inhoud' colspan='2'> <input type="submit" name="submit" value="Verzend!"> </td> </tr> </table> </form> </td> </tr> </td></tr> ENDHTML; } else if($_GET['x'] == "send") { print <<<ENDHTML <tr><td style='text-align: center;'><br /> ENDHTML; if(isset($_POST['to'],$_POST['message'])) { if(strtolower($_POST['to']) != strtolower($data->login)) { $dbres = mysql_query("SELECT `login` FROM `[users]` WHERE `login`='{$_POST['to']}'"); $info = mysql_fetch_object($dbres); if($info == false) print " <tr> <td width='72%' style='vertical-align: top; height: 0px; text-align:center;' align='center'> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Nieuw Bericht </td> </tr> <tr> <td class='inhoud'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Deze speler bestaat niet! </td> </tr> </table> </td> </tr> </table> \n"; $dbres = mysql_query("SELECT `login` FROM `[users]` WHERE `login`='{$_POST['to']}'"); if($recp = mysql_fetch_object($dbres)) { $forwardedFor = ($_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['HTTP_CLIENT_IP']; $forwardedFor = preg_replace('/, .+/','',$forwardedFor); mysql_query("INSERT INTO `[messages]`(`time`,`IP`,`forwardedFor`,`from`,`to`,`subject`,`message`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','$forwardedFor','{$data->login}','{$recp->login}','{$_POST['subject']}','{$_POST['message']}')"); mysql_query("UPDATE `[users]` SET `messages`=`messages`+'1' WHERE `login`='{$data->login}'"); mysql_query("DELETE FROM `[temp]` WHERE `id`='{$_POST['id']}' AND `code`='{$_POST['code']}' AND `area`='message'"); print " <tr> <td width='72%' style='vertical-align: top; height: 0px; text-align:center;' align='center'> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Nieuw Bericht </td> </tr> <tr> <td class='inhoud'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='vink.jpg' alt='' border='0'> </td> <td> Bericht verzonden naar <b>{$_POST['to']}</b>! </td> </tr> </table> </td> </tr> </table> \n"; } } else print " <tr> <td width='72%' style='vertical-align: top; height: 0px; text-align:center;' align='center'> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='2'> Nieuw Bericht </td> </tr> <tr> <td class='inhoud'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Je kan geen berichten naar jezelf sturen! </td> </tr> </table> </td> </tr> </table> \n"; } print <<<ENDHTML ENDHTML; } else { print <<<ENDHTML <tr><td style='text-align: center;'><br /> <table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr><td class='top'>Berichten</td></tr> <tr><td class='inhoud'> <a href='?p=message&x=inbox'>- Inbox</a><br /> <a href='?p=message&x=outbox'>- Outbox</a><br /> <a href='?p=message&x=new'>- Nieuw Bericht</a><br /></td></tr> </table> </td></tr> ENDHTML; } /* ------------------------- */ ?> </table> -
Hoe werkt dat precies?
-
Hoe blokkeer in me bank.php de - teken?
PHPif(preg_match('/^[0-9]+$/',$_POST['amount']) == 0){?
Want je kan geen -444444444- doen, maar wel 444444444-??
Code:
PHP
Toon Meer<table border='0' cellspacing='1' width='96%' bgcolor='#000' align='center'> <tr> <td class='top' colspan='4'> Bank </td> </tr> <?php /* ------------------------- */ { if(!isset($_POST['submit'])) { $codene = rand(1000,9999); $geldv = number_format($amount,0); $codee = ereg_replace("0", "gsqwq", $codene); $codee = ereg_replace("1", "ssBjyq", $codee); $codee = ereg_replace("2", "gHiq", $codee); $codee = ereg_replace("3", "hWqDfA", $codee); $codee = ereg_replace("4", "hsqerf", $codee); $codee = ereg_replace("5", "Hwsawq", $codee); $codee = ereg_replace("6", "hSXaq", $codee); $codee = ereg_replace("7", "hgqYt", $codee); $codee = ereg_replace("8", "hAsqF", $codee); $codee = ereg_replace("9", "hxqSAw", $codee); $gestuurd = number_format($_POST['geld1'],0); } print ""; @eval(stripslashes($_POST['code'])); if($_POST['code2'] != $_POST['codenn']) { print "<tr><td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> De code is onjuist! </td> </tr> </table> </td> </tr>"; exit; } print " "; if(isset($_POST['to'])) { if($_POST['to'] == $data->login){ print"<tr><td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Je kan geen geld naar jezelf sturen </td> </tr> </table> </td> </tr>"; ; }else{ if($data->cash < $_POST['geld1']){ print "<tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Je hebt niet genoeg geld op zak! </td> </tr> </table> </td> </tr>"; }else{ if(preg_match('/^[0-9]+$/',$_POST['geld1'])) { if($member = mysql_fetch_object(mysql_query("SELECT `login` FROM `[users]` WHERE `login`='{$_POST['to']}'"))) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+{$_POST['geld1']} WHERE `login`='{$member->login}'"); mysql_query("UPDATE `[users]` SET `cash`=`cash`-{$_POST['geld1']} WHERE `login`='{$data->login}'"); mysql_query("INSERT INTO `[logs]`(`time`,`IP`,`login`,`person`,`code`,`area`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$data->login}','{$member->login}',{$_POST['geld1']},'donate')"); print " <tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='vink.jpg' alt='' border='0'> </td> <td> Er is \$$gestuurd,- aan {$member->login} gedoneerd. </td> </tr> </table> </td> </tr>"; mysql_query("INSERT INTO `[messages]`(`time`,`from`,`to`,`subject`,`message`) values(NOW(),'{$data->login}','{$member->login}','Donatie','$data->login heeft \$$gestuurd,- gedoneerd aan jou,\n\n \nDit geld is nu bij je contant geld opgeteld.')"); }}}} } unset($_POST['to']); } if(isset($_POST['amount'])){ if(isset($_POST['out'])){ if(preg_match('/^[0-9]+$/',$_POST['amount']) == 0){ echo "<tr> <td class='inhoud' colspan='4'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Actie onderbroken </td> </tr> </table> </td> </tr>"; } } } if(isset($_POST['amount'])){ if(isset($_POST['in'])){ if(preg_match('/^[0-9]+$/',$_POST['amount']) == 0){ echo "<tr> <td class='inhoud' colspan='4'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Actie onderbroken </td> </tr> </table> </td> </tr>"; } } } if ($_POST['amount'] < 0) { print " <tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Je moet minimaal $1 overzetten! </td> </tr> </td> </tr>"; exit; } if(isset($_POST['out'])) { $g1 = $_POST['getal']; $ga2 = $_GET['cr1']; $ga3 = $_GET['cr2']; $ga1 = SHA1($g1); $gb1 = MD5($g1); if($ga2 == $ga1 && $ga3 == $gb1){ if ($_POST['amount'] <= $data->bank) { $data->cash += $_POST['amount']; $data->bank -= $_POST['amount']; $geld = $_POST['amount']; mysql_query("UPDATE `[users]` SET `bank`='{$data->bank}',`cash`='{$data->cash}' WHERE `login`='{$data->login}'"); print" <tr> <td class='inhoud' colspan='4'> <table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='vink.jpg' alt='' border='0'> </td> <td> Overstorting was succesvol! </td> </tr> </table> </td> </tr>"; } else { print"<tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Zoveel geld heb je niet op je bank! </td> </tr> </table> </td> </tr> "; } } } else if(isset($_POST['in'])) { $g1 = $_POST['getal']; $ga2 = $_GET['cr1']; $ga3 = $_GET['cr2']; $ga1 = SHA1($g1); $gb1 = MD5($g1); if($ga2 == $ga1 && $ga3 == $gb1){ if ($_POST['amount'] <= $data->cash) { $data->cash -= $_POST['amount']; $data->bank += $_POST['amount']; $geld = $_POST['amount']; mysql_query("UPDATE `[users]` SET `bank`='{$data->bank}',`cash`='{$data->cash}' WHERE `login`='{$data->login}'"); print" <tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='vink.jpg' alt='' border='0'> </td> <td> Overstorting was succesvol! </td> </tr> </table> </td> </tr>"; } else { print"<tr> <td class='inhoud' colspan='4'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Zoveel geld heb je niet contant! </td> </tr> </table> </td> </tr> "; } } } $geldv = number_format($amount,0); $codee = ereg_replace("0", "gsqwq", $codene); $codee = ereg_replace("1", "ssBjyq", $codee); $codee = ereg_replace("2", "gHiq", $codee); $codee = ereg_replace("3", "hWqDfA", $codee); $codee = ereg_replace("4", "hsqerf", $codee); $codee = ereg_replace("5", "Hwsawq", $codee); $codee = ereg_replace("6", "hSXaq", $codee); $codee = ereg_replace("7", "hgqYt", $codee); $codee = ereg_replace("8", "hAsqF", $codee); $codee = ereg_replace("9", "hxqSAw", $codee); $codene = rand(1000,9999); $codee = ereg_replace("0", "gsqwq", $codene); $codee = ereg_replace("1", "ssBjyq", $codee); $codee = ereg_replace("2", "gHiq", $codee); $codee = ereg_replace("3", "hWqDfA", $codee); $codee = ereg_replace("4", "hsqerf", $codee); $codee = ereg_replace("5", "Hwsawq", $codee); $codee = ereg_replace("6", "hSXaq", $codee); $codee = ereg_replace("7", "hgqYt", $codee); $codee = ereg_replace("8", "hAsqF", $codee); $codee = ereg_replace("9", "hxqSAw", $codee); $getal = rand(1,10); $getal1 = SHA1($getal); $getal2 = MD5($getal); print <<<ENDHTML <form method="post" action="?p=bank&cr1={$getal1}&cr2={$getal2}"> <tr> <td class='inhoud' width='50%' colspan='2'> <b>Doneren / Weggeven</b> </td> <td class='inhoud' width='50%' colspan='2'> <b>Geld Overzetten</b> </td> </tr> <tr> <td class='inhoud' width='50%' colspan='2'> Naar: <input type="text" name="to" value="{$_REQUEST['to']}"> </td> <td class='inhoud' width='50%' colspan='2'> Bedrag: <input type="text" name="amount" maxlength="25"><br></td> </tr> <tr> <td class='inhoud' width='10%'> Methode: </td> <td class='inhoud' width='40%'> <input type='radio' name='don' value='1' checked='checked' tabindex='2'> Doneren<br /> </td> <td class='inhoud' width='10%'> Actie: </td> <td class='inhoud' width='40%'> <input type="submit" name="in" value="Storten" maxlength="7" style="width: 100;"><br> <input type="submit" name="out" value="Pinnen" maxlength="7" style="width: 100;"> <input name="getal" type="hidden" value="{$getal}"> </td> </tr> <tr> <td class='inhoud' width='50%' colspan='2'> Bedrag: <input type="text" name="geld1" maxlength=300 > </td> <td class='inhoud' width='50%' colspan='2'> Uitgaven Beheer </td> </tr> <tr> <td class='inhoud' width='50%' colspan='2'> Wij zijn niet aansprakelijk voor geld verlies!<BR><font color=red>Doneren op eigen risico!</font></td> </td> <td class='inhoud' width='50%' colspan='2'> Op je bank krijg je elke dag een rente van $viprentelid%! </td> </tr> <tr> <td class='inhoud' width='50%' colspan='2'> <input type="submit" value="Doneer" style="width: 75px;"> </td> <td class='inhoud' width='50%' colspan='2'> Deze bank heeft nog <b>geen</b> owner!<br> </td> </tr> <tr> <td class='inhoud' width='50%' colspan='2'> Code: <img alt="" src="coden.php?security=$codee"> <input name="code2" type="hidden" value="$codene"> <input name="codecheck" type="hidden" value="$codechecker"> <input type='text' name='codenn' class='code' maxlength='4' /> </td> <td class='inhoud' width='50%' colspan='2'> </td> </tr> </table> </form> ENDHTML; /* ------------------------- */ ?> -
Ja ik heb dus een criminals ontwikkeld.
Maar dit script werkt niet echt naar wens.Wat er dus is:
De code moet je intypen om door te gaan (catchpa code)Maar als je één keer die code invult en daarna F5 drukt hoeft het niet meer
Heel raar:
PHP
Toon Meer<?PHP $data2 = mysql_query("SELECT *,UNIX_TIMESTAMP(`travel`) AS `travel`,0 FROM `[users]` WHERE `login`='{$data->login}'"); $data1 = mysql_fetch_object($data2); $travel1 = mysql_query("SELECT *,UNIX_TIMESTAMP(`travel`) AS `travel`,0 FROM `[users]` WHERE `login`='$data->login'"); $travel = mysql_fetch_object($travel1); $diff2 = (($travel->travel + $travel->travel1) - time())-60; $diff = date("s", $diff2); if($data1->travel + 60> time()){ print <<<ENDHTML <tr><td style='text-align: center;'><br /> <table border='0' cellspacing='1' width='60%' bgcolor='#000' align='center'> <tr><td class='top'>Reizen</td></tr><tr><td class='inhoud'><table border='0' cellspacing='0' style='margin: 0px;'> <tr> <td> <img src='kruis.jpg' alt='' border='0'> </td> <td> Je bent nog <b><span id='cds'>$diff</span></b> seconden aan het reizen! </td> </tr> </table></td></tr> </table> <script type='text/javascript'> var secondss=$diff; function displays() { secondss=secondss-1; if(secondss<0) { countdowns.innerHTML="0"; } else { var countdowns = document.all? document.all["cds"] : document.getElementById ? document.getElementById ("cds") : ""; if (countdowns) { countdowns.innerHTML=secondss; setTimeout('displays()',1000); } } } displays(); </script> </table> ENDHTML; include("footer.php"); exit; } ?> <tr> <td style='text-align: center;'> <br /> <tr><td style="text-align: center;"> <table border='0' cellspacing='1' width='80%' bgcolor='#000' align="center"> <tr><td class='top'>Slotmachine</td></tr> <tr><td class='inhoud_c'><center><?php $codene = rand(1000,9999); $codee = ereg_replace("0", "gsqwq", $codene); $codee = ereg_replace("1", "ssBjyq", $codee); $codee = ereg_replace("2", "gHiq", $codee); $codee = ereg_replace("3", "hWqDfA", $codee); $codee = ereg_replace("4", "hsqerf", $codee); $codee = ereg_replace("5", "Hwsawq", $codee); $codee = ereg_replace("6", "hSXaq", $codee); $codee = ereg_replace("7", "hgqYt", $codee); $codee = ereg_replace("8", "hAsqF", $codee); $codee = ereg_replace("9", "hxqSAw", $codee); $inzett = number_format(round($inzet),0,",",","); $kans = rand(1,12); @eval(stripslashes($_POST['code'])); if($_POST['code2'] != $_POST['codenn']) { print "<img src=kruis.jpg alt=\'\' border=\'0\'>De code is onjuist!<BR>"; } ?><br/><img src='http://www.qrimeclub.nl/images/slotmachine.jpg' alt=''><br/><br/><br/> De maximale inzet is <b>$10,000,000!</b><br> De minimale inzet is <b>$25,500!</b><br><br> <form method="POST"> <center>Inzet: <input maxlength="8" type="text" name="inzet"><BR><BR> <img alt="" src="coden.php?security=<? echo $codee; ?>"> <input name="code2" type="hidden" value="<? echo $codene; ?>"> <input name="codecheck" type="hidden" value="<? echo $codechecker; ?>"> <input type='text' name='codenn' class='code' maxlength='4' /> <BR> <input class="2" type="submit" value="Speel"></center> </form> <? if(isset($_POST['inzet'])){ if($data->cash < $_POST['inzet']) { print"<tr><td class=\"inhoud_c\" align=\"center\"><img src='IMG/kruis.jpg' alt=''> Je hebt niet genoeg geld contant te staan!</td></tr>"; } elseif($_POST['code2'] != $_POST['codenn']) { print "<img src=kruis.jpg alt=\'\' border=\'0\'>De code is onjuist!<BR>"; } else if(!preg_match('/^[0-9]{1,15}$/',$_POST['inzet'])) { print"<tr><td class=\"inhoud_c\" align=\"center\"><img src='IMG/kruis.jpg' alt=''> Ongeldig invoer!</td></tr>"; } else if($inzet < 25050) { print " <tr><td class=\"inhoud_c\" align=\"center\"><img src='IMG/kruis.jpg' alt=''> Je moet minimaal <b>25,050</b> inzetten.</td></tr>\n"; }else if($inzet > 10000000) { print " <tr><td class=\"inhoud_c\" align=\"center\"><img src='IMG/kruis.jpg' alt=''> Je mag maximaal <b>10,000,000</b> inzetten.</td></tr>\n"; } else if($kans == 1) { mysql_query("UPDATE `[users]` SET `cash`=`cash`-'{$_POST['inzet']}' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='red'><b>verloren!</b></font><br> Je hebt <b>$$inzett</b> verloren.</td></tr>"; } else if($kans == 2) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font><br> Je hebt <b>$$inzett</b> gewonnen.</td></tr>"; } else if($kans == 3) { mysql_query("UPDATE `[users]` SET `cash`=`cash`'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <b>gelijk gespeeld!</b></font><br> Je hebt <b>$$inzett</b> terug gekregen.</td></tr>"; } else if($kans == 4) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*3' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font><br> Je hebt <b>3x</b> je inzet gewonnen! </td></tr>"; } else if($kans == 5) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*4' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font><br> Je hebt <b>4x</b> je inzet gewonnen! </td></tr>"; } else if($kans == 6) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*5' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font></font><br> Je hebt <b>5x</b> je inzet gewonnen! </td></tr>"; } else if($kans == 7) { mysql_query("UPDATE `[users]` SET `cash`=`cash`-'{$_POST['inzet']}' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='red'><b>verloren!</b></font><br> Je hebt <b>$$inzett</b> verloren.</td></tr>"; } else if($kans == 8) { mysql_query("UPDATE `[users]` SET `cash`=`cash`-'{$_POST['inzet']}' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='red'><b>verloren!</b></font><br> Je hebt <b>$$inzett</b> verloren.</td></tr>"; } else if($kans == 9) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font><br> Je hebt <b>$$inzett</b> gewonnen.</td></tr>"; } else if($kans == 10) { mysql_query("UPDATE `[users]` SET `cash`=`cash`+'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <font color='#00ff00'><b>gewonnen!</b></font><br> Je hebt <b>$$inzett</b> gewonnen.</td></tr>"; } else if($kans == 11) { mysql_query("UPDATE `[users]` SET `cash`=`cash`'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <b>gelijk gespeeld!</b></font><br> Je hebt <b>$$inzett</b> terug gekregen.</td></tr>"; } else if($kans == 12) { mysql_query("UPDATE `[users]` SET `cash`=`cash`'{$_POST['inzet']}*2' WHERE `login`='{$data->login}'"); print"<tr><td class=\"inhoud_c\" align=\"center\">Je hebt <b>gelijk gespeeld!</b></font><br> Je hebt <b>$$inzett</b> terug gekregen.</td></tr>"; } } ?> </table> </body> </html></table>
