|
You last visited: Today at 17:22
Advertisement
WEBSITE_DBF.bak
Discussion on WEBSITE_DBF.bak within the Flyff Private Server forum part of the Flyff category.
01/28/2012, 19:21
|
#1
|
elite*gold: 0 
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
WEBSITE_DBF.bak
Any got the .bak file for WEBSITE_DBF because I need it in my server. I already got it and when I deleted it, I forgot that I don't have the backup for it.
If anyone would help me by giving/sharing the .bak files for it, that would be great.
Thanks,
inteL
|
|
|
|
01/28/2012, 19:34
|
#2
|
elite*gold: 159
Join Date: Sep 2010
Posts: 3,001
Received Thanks: 598
|
I've only this .sql for you...
I don't understund much of Websites and my English is bad 
lG Yasunai
|
|
|
|
|
01/28/2012, 20:31
|
#3
|
ベトナム警察
elite*gold: 0
Join Date: Jan 2012
Posts: 16,498
Received Thanks: 3,525
|
->
|
|
|
|
|
01/28/2012, 21:37
|
#4
|
elite*gold: 0
Join Date: Mar 2008
Posts: 665
Received Thanks: 230
|
create database WEBSITE_DBF;
|
|
|
|
|
01/28/2012, 22:23
|
#5
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Quote:
Originally Posted by Lumi'
-> |
Thanks to all of you guys, especially to Lumi 
Now, my website is working but it has one more problem. (check, below)
Code:
Warning: mssql_query() [function.mssql-query]: message: Invalid object name 'VOTE_TBL'. (severity 16) in C:\xampp\htdocs\*****\vote\class\class.vote.php on line 118
Warning: mssql_query() [function.mssql-query]: Query failed in C:\xampp\htdocs\*****\vote\class\class.vote.php on line 118
Warning: mssql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\*****\vote\class\class.vote.php on line 120
Any help?
|
|
|
|
|
01/28/2012, 22:44
|
#6
|
|
ベトナム警察
elite*gold: 0
Join Date: Jan 2012
Posts: 16,498
Received Thanks: 3,525
|
Write your Vote.php here in it. o.o
|
|
|
|
|
01/28/2012, 22:52
|
#7
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Here, vote.php
Code:
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("[WEB]SQL_Injection.txt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","""); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_COOKIE */
fclose ($fp);
?>
<?php
/*
* Etunia Voting System Lite
* Copyright 2009, Kimmy Andersson.
*
*/
if(isset($_POST['doVote']))
{
include_once("class/class.vote.php");
include_once("inc/inc.class_initiate.php");
include_once("inc/inc.config.php");
$mssqlcon = mssql_connect($mssqlServer, $mssqlUser, $mssqlPass);
$eVoteHEAD = "Error!";
if($_POST['etCharacter'] && $eVote->checkIP() && $eVote->checkCharacter($_POST['etCharacter']))
{
$eVote->removeLog($_POST['etCharacter']);
$itemSendResult = $eVote->sendItem($_POST['etCharacter'], $_POST['etItem']);
if($itemSendResult)
{
$eVoteHEAD = "Link generated!";
$eVoteMSG = "<style type= text/css >
<!--
.style1 {
color: #333333;
font-family: Arial, Helvetica, sans-serif;
}
-->
</style>
</head>
<body>
<table width= 540 border= 0 align= center cellpadding= 0 cellspacing= 0 >
<!--DWLayoutTable-->
<tr>
<td width= 540 height= 88 > </td>
</tr>
<tr>
<td height= 211 valign= top bgcolor= #FFFFCC > <div align= center >
<p> </p>
<p> </p>
<p class= style1 ><span class= style2 ><a href=\"javascript:etOpenVoteWindow()\">Click here</a></span> to open the vote window.<br />
The reward will be sent to you after you voted.<br />
If it doesn't appear however, try relogging. </p>
</div></td>
</tr>
<tr>
<td height= 71 > </td>
</tr>
</table>
</body>";
}
else
$eVoteMSG = "<!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd >
<html xmlns= http://www.w3.org/1999/xhtml >
<head>
<meta http-equiv= Content-Type content= text/html; charset=iso-8859-1 />
<title>Untitled Document</title>
<style type= text/css >
<!--
.style3 {
font-size: 12px;
font-family: Arial, Helvetica, sans-serif;
}
-->
</style>
</head>
<body>
<table width= 540 border= 0 align= center cellpadding= 0 cellspacing= 0 >
<!--DWLayoutTable-->
<tr>
<td width= 540 height= 88 > </td>
</tr>
<tr>
<td height= 111 valign= top bgcolor= #FEBABC > <div align= center >
<p> </p>
<p class= style3 ><strong>Opss!</strong> The character doesn't exist!<br />
Please refresh the browser and try again. </p>
</div></td>
</tr>
<tr>
<td height= 119 > </td>
</tr>
</table>
</body>
</html>
";
}
else
$eVoteMSG = "<!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd >
<html xmlns= http://www.w3.org/1999/xhtml >
<head>
<meta http-equiv= Content-Type content= text/html; charset=iso-8859-1 />
<title>Untitled Document</title>
<style type= text/css >
<!--
.style3 {
font-size: 12px;
font-family: Arial, Helvetica, sans-serif;
}
-->
</style>
</head>
<body>
<table width= 540 border= 0 align= center cellpadding= 0 cellspacing= 0 >
<!--DWLayoutTable-->
<tr>
<td width= 540 height= 88 > </td>
</tr>
<tr>
<td height= 111 valign= top bgcolor= #FEBABC > <div align= center >
<p> </p>
<p class= style3 ><strong>Opss!</strong> Either you left the character field blank, or you are trying to vote from the same <br>
character more than once within 12 hours.Please refresh the browser and try again.</p>
</div></td>
</tr>
<tr>
<td height= 119 > </td>
</tr>
</table>
</body>
</html>
";
echo("<p>{$eVoteHEAD}</p>{$eVoteMSG}");
}
else
{
include_once("vote/inc/inc.config.php");
include_once("vote/class/class.vote.php");
include_once("vote/inc/inc.class_initiate.php");
$mssqlcon = mssql_connect($mssqlServer, $mssqlUser, $mssqlPass);
if($eVote->checkIP())
{
?>
<script src="vote/js/jquery.js"></script>
<script src="vote/js/vote.js"></script>
<div id="et_vbutton" onclick="etLiteGetVoteDialog();" style="background-image: url('vote/images/votenow.png'); text-align: center; width: 250px; height: 150px; position: absolute; top: 0px; right: 20px; cursor: pointer;">
<div id="et_vcharenter" style="background-color: #F8F8F8; margin: 10px auto; width: 200px; height: 100px; text-align: center; display: none;">
Character Name:<br/>
<input type="text" id="etCharField"/><br/>
<select name="etItemField" id="etItemField">
<option value="2">(2500) Pcs- Red Chips</option>
<option value="4">(50) Pcs- Perin</option>
<option value="5">(99) Pcs- Remantis Laccotte</option>
<option value="6">(5) Pcs- Scroll of Velocity</option>
</select><br/>
<input type="submit" id="etCharSubmit" onclick="etLiteDoVoteDialog();" value="VoteNow"/>
</div>
</div>
<?php
}
}
?>
|
|
|
|
|
01/28/2012, 23:02
|
#8
|
|
ベトナム警察
elite*gold: 0
Join Date: Jan 2012
Posts: 16,498
Received Thanks: 3,525
|
I mean class.vote.php ... Sorry. x__X
|
|
|
|
|
01/28/2012, 23:33
|
#9
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Here, class.vote.php
Code:
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$time = date("l dS of F Y h:i:s A");
$script = $_SERVER[PATH_TRANSLATED];
$fp = fopen ("[WEB]SQL_Injection.txt", "a+");
$sql_inject_1 = array(";","'","%",'"'); #Whoth need replace
$sql_inject_2 = array("", "","","""); #To wont replace
$GET_KEY = array_keys($_GET); #array keys from $_GET
$POST_KEY = array_keys($_POST); #array keys from $_POST
$COOKIE_KEY = array_keys($_COOKIE); #array keys from $_COOKIE
/*begin clear $_GET */
for($i=0;$i<count($GET_KEY);$i++)
{
$real_get[$i] = $_GET[$GET_KEY[$i]];
$_GET[$GET_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_GET[$GET_KEY[$i]]));
if($real_get[$i] != $_GET[$GET_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: GET\r\n");
fwrite ($fp, "Value: $real_get[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_GET */
/*begin clear $_POST */
for($i=0;$i<count($POST_KEY);$i++)
{
$real_post[$i] = $_POST[$POST_KEY[$i]];
$_POST[$POST_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_POST[$POST_KEY[$i]]));
if($real_post[$i] != $_POST[$POST_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: POST\r\n");
fwrite ($fp, "Value: $real_post[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_POST */
/*begin clear $_COOKIE */
for($i=0;$i<count($COOKIE_KEY);$i++)
{
$real_cookie[$i] = $_COOKIE[$COOKIE_KEY[$i]];
$_COOKIE[$COOKIE_KEY[$i]] = str_replace($sql_inject_1, $sql_inject_2, HtmlSpecialChars($_COOKIE[$COOKIE_KEY[$i]]));
if($real_cookie[$i] != $_COOKIE[$COOKIE_KEY[$i]])
{
fwrite ($fp, "IP: $ip\r\n");
fwrite ($fp, "Method: COOKIE\r\n");
fwrite ($fp, "Value: $real_cookie[$i]\r\n");
fwrite ($fp, "Script: $script\r\n");
fwrite ($fp, "Time: $time\r\n");
fwrite ($fp, "==================================\r\n");
}
}
/*end clear $_COOKIE */
fclose ($fp);
?>
<?php
/*
* Etunia Voting System Lite
* Copyright 2009, Kimmy Andersson.
*
*/
class ETUNIA_VOTE_LITE
{
private $mssqlExploitArray = array("0x", "DROP", "SELECT", "'", "FROM", "DELETE", "drop", "select", "from", "delete", "--", "#");
private function mssql_escape_string( $inputString )
{
return str_replace($this->mssqlExploitArray, "", $inputString);
}
public function checkCharacter( $etCharacter )
{
global $mssqlAccountDBF;
$etCharacter = $this->mssql_escape_string($etCharacter);
$currentDate = date("mdHi");
mssql_select_db($mssqlAccountDBF);
$sql_string = "SELECT time FROM VOTE_TBL WHERE character='{$etCharacter}';";
$sql_query = mssql_query($sql_string);
if(mssql_num_rows($sql_query) == 0)
return true;
$sql_row = mssql_fetch_row($sql_query);
if(($currentDate - $sql_row[0]) < 1200)
return false;
else
return true;
}
public function checkIP()
{
global $mssqlAccountDBF;
$userIP = $this->mssql_escape_string($_SERVER['REMOTE_ADDR']);
$currentDate = date("mdHi");
mssql_select_db($mssqlAccountDBF);
$sql_string = "SELECT time FROM VOTE_TBL WHERE ip='{$userIP}';";
$sql_query = mssql_query($sql_string);
if(mssql_num_rows($sql_query) == 0)
return true;
$sql_row = mssql_fetch_row($sql_query);
if(($currentDate - $sql_row[0]) < 1200)
return false;
else
return true;
}
public function removeLog( $etCharacter )
{
global $mssqlAccountDBF;
$userIP = $this->mssql_escape_string($_SERVER['REMOTE_ADDR']);
$etCharacter = $this->mssql_escape_string($etCharacter);
mssql_select_db($mssqlAccountDBF);
$sql_string = "DELETE FROM VOTE_TBL WHERE ip='{$userIP}';";
$sql_query = mssql_query($sql_string);
if($sql_query)
return true;
else
return false;
}
public function sendItem( $etCharacter, $m_item)
{
global $mssqlCharacterDBF;
global $voteReward;
$rewardId = $voteReward['itemId'];
$rewardName = $voteReward['itemName'];
$rewardAmount = $voteReward['itemAmount'];
$etCharacter = $this->mssql_escape_string($etCharacter);
mssql_select_db($mssqlCharacterDBF);
$sql_string = "SELECT m_idPlayer FROM CHARACTER_TBL WHERE m_szName = '{$etCharacter}';";
$sql_query = mssql_query($sql_string);
if(mssql_num_rows($sql_query) == 0)
return false;
$sql_row = mssql_fetch_row($sql_query);
$etCharacterId = $sql_row[0];
if( $m_item == 2 )
{
$rewardName = "26460";
$rewardAmount = 2500;
$rewardId = $rewardName;
}
elseif( $m_item == 4)
{
$rewardName = "26456";
$rewardAmount = 50;
$rewardId = $rewardName;
}
elseif( $m_item == 5)
{
$rewardName = "10206";
$rewardAmount = 99;
$rewardId = $rewardName;
}
elseif( $m_item == 6)
{
$rewardName = "10432";
$rewardAmount = 5;
$rewardId = $rewardName;
}
$sql_string = "INSERT INTO ITEM_SEND_TBL([m_idPlayer], [serverindex], [Item_Name], [Item_count], [idSender], [adwItemId0]) VALUES(N'{$etCharacterId}', N'01', N'{$rewardName}', '{$rewardAmount}', N'0000001', '{$rewardId}');";
$sql_query = mssql_query($sql_string);
if($sql_query)
{
$this->logPlayer($etCharacter);
return true;
}
else
return false;
}
private function logPlayer( $etCharacter )
{
global $mssqlAccountDBF;
mssql_select_db($mssqlAccountDBF);
$currentTime = date("mdHi");
$sql_string = "INSERT INTO VOTE_TBL([character], [ip], [time]) VALUES(N'{$etCharacter}', N'{$_SERVER['REMOTE_ADDR']}', N'{$currentTime}');";
$sql_query = mssql_query($sql_string);
}
}
?>
|
|
|
|
|
01/29/2012, 00:00
|
#10
|
|
ベトナム警察
elite*gold: 0
Join Date: Jan 2012
Posts: 16,498
Received Thanks: 3,525
|
Create a new Query and insert this .. ( I dont know if it works )
PHP Code:
USE WEBSITE_DBF
Go
CREATE TABLE [dbo].[VOTE_TBL](
[character] [varchar] (200) NOT NULL,
[ip] [varchar](50) NOT NULL,
[time] [varchar](200) NOT NULL,
)
|
|
|
|
|
01/29/2012, 00:55
|
#11
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Didn't work -.-
|
|
|
|
|
01/29/2012, 01:02
|
#12
|
elite*gold: 0
Join Date: Aug 2005
Posts: 231
Received Thanks: 67
|
maybe this
Code:
USE ACCOUNT_DBF
Go
CREATE TABLE [dbo].[VOTE_TBL](
[character] [varchar] (200) NOT NULL,
[ip] [varchar](50) NOT NULL,
[time] [varchar](200) NOT NULL,
)
|
|
|
|
|
01/29/2012, 09:11
|
#13
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Thanks man, it works 
|
|
|
|
|
02/16/2012, 12:05
|
#14
|
elite*gold: 0
Join Date: Dec 2011
Posts: 166
Received Thanks: 49
|
Sorry i've lost it again. I don't want to make a new thread so I will just give BUMP in this thread.
@topic, if anyone got website_dbf.bat can you please share it to me because I just need it to run my website.
|
|
|
|
All times are GMT +1. The time now is 17:27.
|
|
