[Homepage]Release Guild Rejoin Script

05/21/2011 17:25 ~Blackout~#1

Hallo Community,

da ich hier noch kein Guild Rejoin Script gefunden habe
m�chte ich nun eins Releasen.
Das Guild Rejoin Script beinhaltet einmal die ausf�hrung selber,
und eine Anti Sql Injection dazu f�r die Sicherheit.

Guildrejoin.php

Spoiler

Quote:

<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("GuildRejoin.txt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","""); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}

/*end clear $_COOKIE */
fclose ($fp);
?>
<?php
if(isset($_POST['submit5'])){
$char = $_POST['charname'];
$link = @mssql_connect("SQLEXPRESS", "sa", "PASSWORT") or die ("Down ?");
$db = @mssql_select_db('CHARACTER_01_DBF') or die ("Down?");
$query = mssql_query("SELECT m_szName FROM CHARACTER_TBL WHERE m_szName = '$char'");
$result = mssql_fetch_row($query);

if($char =='') {$error1 = '<font color="red">Please type in all the description fields.</font>';}
else if ($result[0] != $char) {$error1 = '<font color="red">There is no character called "'.$char.'".</font>';}
else { mssql_query("UPDATE CHARACTER_TBL SET m_tGuildMember = '' WHERE m_szName = '$char'");
$error1 = '<font color="green">Your Rejoin Time has been successfully reset</font>';}
mssql_close();}
echo ''.$error1;
?>

<center><form action="index.php" method="post"><br />
  <label style="">Charactername:</label>  <input type="text" name="charname" /> <br />
 <input style="" type="submit" name="submit5" value="Reset Character" /></center>

</form>

lg.

05/22/2011 00:11 Trafalgar�Law#2

#Added to Signatur

Wenn es dir nichts ausmacht. ^^

05/22/2011 03:01 kenzy93#3

its protected from sql injections?

05/22/2011 06:58 Jay Niize#4

Quote:

Originally Posted by kenzy93

its protected from sql injections?

Quote:

<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("GuildRejoin.txt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","""); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}

/*end clear $_COOKIE */
fclose ($fp);
?>
<?php
if(isset($_POST['submit5'])){
$char = $_POST['charname'];
$link = @mssql_connect("SQLEXPRESS", "sa", "PASSWORT") or die ("Down ?");
$db = @mssql_select_db('CHARACTER_01_DBF') or die ("Down?");
$query = mssql_query("SELECT m_szName FROM CHARACTER_TBL WHERE m_szName = '$char'");
$result = mssql_fetch_row($query);

if($char =='') {$error1 = '<font color="red">Please type in all the description fields.</font>';}
else if ($result[0] != $char) {$error1 = '<font color="red">There is no character called "'.$char.'".</font>';}
else { mssql_query("UPDATE CHARACTER_TBL SET m_tGuildMember = '' WHERE m_szName = '$char'");
$error1 = '<font color="green">Your Rejoin Time has been successfully reset</font>';}
mssql_close();}
echo ''.$error1;
?>

<center><form action="index.php" method="post"><br />
  <label style="">Charactername:</label>  <input type="text" name="charname" /> <br />
 <input style="" type="submit" name="submit5" value="Reset Character" /></center>

</form>

Yes!

05/22/2011 08:42 trashee09#5

Quote:

Originally Posted by ~Blackout~

Hallo Community,

da ich hier noch kein Guild Rejoin Script gefunden habe
m�chte ich nun eins Releasen.
Das Guild Rejoin Script beinhaltet einmal die ausf�hrung selber,
und eine Anti Sql Injection dazu f�r die Sicherheit.

Guildrejoin.php

[SPOILER]

lg.

thank you for this :handsdown:

05/22/2011 12:21 HellofDarkness#6

also klappt aufjedenfall :D

07/24/2011 18:52 .::*[D][A][N][I]*::.#7

hat sich gekl�rt

08/02/2011 01:57 .Nestea�#8

ehm mal ne kleine frage kann mir mal einer sagen was und wo ich was einsetzen muss damit das klappt ?

08/02/2011 02:36 ~Product~#9

Quote:

Originally Posted by SushixD

ehm mal ne kleine frage kann mir mal einer sagen was und wo ich was einsetzen muss damit das klappt ?

Quote:

else { mssql_query("UPDATE CHARACTER_TBL SET m_tGuildMember = '...' WHERE m_szName = '$char'");

das rot makierte da muss das rein mit dem von z.B einen frisch erstellen vaggi die daten aus der db also character_tbl^^

08/02/2011 03:04 .Nestea�#10

Geht irgendwie nicht . :X

08/02/2011 03:17 .SnoX#11

Brauchs zwar selber nicht aber supii release. :D

01/14/2013 18:11 Marv!n#12

Auch, wenn es uralt ist und ich damit wissentlich Threadleichensch�ndung betreibe: Dankesch�n f�r den AntiSQL-Teil. Habe weder Zeit noch gro�artig Lust, die paar Zeilen aus dem Ged�chtnis zu rekonstruieren.

01/14/2013 18:38 Marc~#13

Kann man immermal gebrauchen.

[Only registered and activated users can see links. Click Here To Register...]