Register for your free account! | Forgot your password?

Go Back   elitepvpers > MMORPGs > Rappelz > Rappelz Private Server
You last visited: Today at 20:51

  • Please register to post and access all features, it's quick, easy and FREE!

 

[RELEASE]Advanced Registration Script (ASP.NET)

Reply
 
Old   #1
 
elite*gold: 0
Join Date: Oct 2010
Posts: 2,557
Received Thanks: 2,411
[RELEASE]Advanced Registration Script (ASP.NET)

This script was actually never going to be released and probably die on my HDD as I am primarily a PHP coder not a ASP.NET coder. But due to some pushing from friends and Tatsuya stickying the wrong Regi thread I have decided w/ permission of Xijezu to release this.

Some Info:
Code:
- This script uses ASP.NET (required)
- This script uses .NET 4.0 Integrated (required)
- This script uses IIS(Internet Information Services) 7.5+ (required)
A couple warnings:
Code:
[B][SIZE="3"][COLOR="red"]- I will NOT be held responsible for your failure to implement or use this script correctly.

- I will NOT be held responsible for your failure to adapt and properly secure your server at ANY point in time.

- I will NOT provide support for this release (It's pretty self-explanatory)[/COLOR][/SIZE][/B]
Features:
Code:
- Non-Standard Age, Email inputs (Was going to add ip but never did)

- Automatic Errors (No more click "Create" to get "Passwords Do Not Match" or "Symbols Detected in Password" These errors are displayed under "Log" and until corrected the create button is unclickable.

- All Field Escaped 

- All Field are Symbol Sensitive (They will know if you're entering in symbols)
Credits:
Code:
<!-- 
Original Script By: Xijezu
Age, Email Inputs, Field Escaping, Error Checking By: iSmokeDrow
-->
Screenshot:

You must register and activate your account in order to view images.

How-To-Use:
Code:
Create a new folder in your website e.g. /register/ or /regi/ and place all files inside of this folder, using your favorite text-editor load the web.config file and change the info between REGISTERSCRIPT - CONFIG and REGISTERSCRIPT - CONFIG - END:

[code]
  <!--- - - - - - - - - - - - - - - - - - - - -  REGISTERSCRIPT - CONFIG - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  <add key="sDbIP" value="localhost" />           <!-- Your Server-IP or SQL-Instanz: e.g. (local)\RAPPELZ, 127.0.0.1, localhost [...] -->
  <add key="sDbDatabase" value="Auth" />          <!-- Your Auth-Database (usually Auth) -->
  <add key="sDbUser" value="sa" />                <!-- Your SQL-Username (usually sa) -->
  <add key="sDbPassword" value="password" />      <!-- Your SQL-Password -->
  <add key="bUseWindowsLogin" value="1" />        <!-- If you want to create a connection without using Username & Password (ONLY WORKS LOCAL!), set this to 1, else set it to 0-->
  <add key="sMD5Key" value="2011" />              <!-- Your MD5-Key. Default is 2011 -->
  <!-- - - - - - - - - - - - - - - - - - - - -  REGISTERSCRIPT - CONFIG - END - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  -->
Now save the web.config file with the information updates and you should have a working Advanced Registration Script.
[/code]

If you are incapable of making such a simple thing work, unable to google how to make such a simple thing work. Don't even think you can ask me how to make it work, if you enjoyed or found this post useful. Be a sport, click thanks.
Attached Files
File Type: rar advanced_asp_regiscript.rar (1.33 MB, 1244 views)



ismokedrow is offline  
Thanks
14 Users
Old   #2
 
elite*gold: 0
Join Date: Dec 2012
Posts: 102
Received Thanks: 4
nice !

btw is there a way to insert a Ip bann function? like you said in the previous topic Ip adress will be insert into the ip_field and a limit account creator so any person is allowed to make max 3 accounts , this is because people will create unlimited accounts so you can't stop them if you bann their current account.

it should be very usefull to any private server out there not having this secured option


Mslolita is offline  
Old   #3
 
elite*gold: 0
Join Date: Jun 2011
Posts: 73
Received Thanks: 37
Actually everybody can simply use a Proxy to change/hide his IP , what makes an IP-Bann useless. Although many People have dynamic IP Addresses, meaning their IP-Address changes daily. So your Bann would only work for 1 Day and the poor Guy getting this IP is banned from registering...

I would recommed you using Cookies to ban them ( Okay, i know, everyone knows how to delete Cookies too, but it's better then IP Banning :P )


@ismokedrow
Nice Script,
(sorry i don't know ASP that good, maybe i'm wrong )
Isn't there a little Security Issue?
Code:
SqlDataReader dr = new SqlCommand(string.Format("SELECT login_name FROM Accounts WHERE login_name = '{0}'", tbUser.Text), sqlConn).ExecuteReader();
In this Command you simply insert the Username while some Lines later
Code:
 if (CheckInput(tbUser.Text) && CheckInput(tbPass.Text) && CheckInput(tbPassConf.Text) && CheckInput(tbAge.Text))
                    {
                        if (CheckLength(tbUser.Text) && CheckLength(tbPass.Text))
                        {
you start to verify it.

Means when i insert a nice Username like this ') GO DROP DATABASE Telecaster GO --
your Telecaster DB says Goodbye forever :P
Yeah normally your Client-Side should prevent this, but it shouldn't be too hard bypassing this.

Your Turtle
Turtlefight is offline  
Old   #4
 
elite*gold: 0
Join Date: Aug 2011
Posts: 535
Received Thanks: 231
Quote:
- All Field are Symbol Sensitive (They will know if you're entering in symbols)
...


marekrndr is offline  
Old   #5
 
elite*gold: 0
Join Date: Oct 2010
Posts: 2,557
Received Thanks: 2,411
He is technically right, but let me point something out to your turtle:

Quote:
Originally Posted by ismokedrow
- I will NOT be held responsible for your failure to adapt and properly secure your server at ANY point in time.
This script isn't mean't for noobs, if you don't know how to fix it then leave it alone. I do not personally use this script and only released it for a friend.



Unless you're offering a way of fixing the vulnerability and or releasing a fixed version; please refrain from posting in this thread. Thank you.
ismokedrow is offline  
Old   #6
 
elite*gold: 0
Join Date: Sep 2008
Posts: 1,570
Received Thanks: 1,154
Quote:
Originally Posted by Turtlefight View Post
Actually everybody can simply use a Proxy to change/hide his IP , what makes an IP-Bann useless. Although many People have dynamic IP Addresses, meaning their IP-Address changes daily. So your Bann would only work for 1 Day and the poor Guy getting this IP is banned from registering...

I would recommed you using Cookies to ban them ( Okay, i know, everyone knows how to delete Cookies too, but it's better then IP Banning :P )


@ismokedrow
Nice Script,
(sorry i don't know ASP that good, maybe i'm wrong )
Isn't there a little Security Issue?
Code:
SqlDataReader dr = new SqlCommand(string.Format("SELECT login_name FROM Accounts WHERE login_name = '{0}'", tbUser.Text), sqlConn).ExecuteReader();
In this Command you simply insert the Username while some Lines later
Code:
 if (CheckInput(tbUser.Text) && CheckInput(tbPass.Text) && CheckInput(tbPassConf.Text) && CheckInput(tbAge.Text))
                    {
                        if (CheckLength(tbUser.Text) && CheckLength(tbPass.Text))
                        {
you start to verify it.

Means when i insert a nice Username like this ') GO DROP DATABASE Telecaster GO --
your Telecaster DB says Goodbye forever :P
Yeah normally your Client-Side should prevent this, but it shouldn't be too hard bypassing this.

Your Turtle
This won't happen if the user which is executing the query don't have the rights to do something like this^^ This user is only supposed to insert data into the account table. Normally this user shouldn't be able to do something else...

Everyone providing an user with full rights or something like this in the web.config is an idiot and should close his server directly^^
c1ph3r is offline  
Old   #7
 
elite*gold: 0
Join Date: Feb 2012
Posts: 11
Received Thanks: 0
i did as u written but when i open the page

i see the files of regi file

im using xampp 1.8
.....
slman890 is offline  
Old   #8
 
elite*gold: 0
Join Date: Oct 2010
Posts: 2,557
Received Thanks: 2,411
Quote:
Originally Posted by slman890 View Post
i did as u written but when i open the page

i see the files of regi file

im using xampp 1.8
.....
I think you need to read the first post again.
ismokedrow is offline  
Old   #9
 
elite*gold: 0
Join Date: Feb 2012
Posts: 11
Received Thanks: 0
Quote:
Originally Posted by ismokedrow View Post
I think you need to read the first post again.

thnx

i did every thing u posted

u may mean these post:

<!--- - - - - - - - - - - - - - - - - - - - - REGISTERSCRIPT - CONFIG - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<add key="sDbIP" value="localhost" /> <!-- Your Server-IP or SQL-Instanz: e.g. (local)\RAPPELZ, 127.0.0.1, localhost [...] -->
<add key="sDbDatabase" value="Auth" /> <!-- Your Auth-Database (usually Auth) -->
<add key="sDbUser" value="sa" /> <!-- Your SQL-Username (usually sa) -->
<add key="sDbPassword" value="password" /> <!-- Your SQL-Password -->
<add key="bUseWindowsLogin" value="1" /> <!-- If you want to create a connection without using Username & Password (ONLY WORKS LOCAL!), set this to 1, else set it to 0-->
<add key="sMD5Key" value="2011" /> <!-- Your MD5-Key. Default is 2011 -->
<!-- - - - - - - - - - - - - - - - - - - - - REGISTERSCRIPT - CONFIG - END - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->


these post:

<add key="sDbIP" value="localhost" />

am i need only ip for db?

or ip and pc name?

frankly i did all of them but no banafet
slman890 is offline  
Old   #10
 
elite*gold: 0
Join Date: Oct 2010
Posts: 2,557
Received Thanks: 2,411
I mean reading that this script will only work on IIS
ismokedrow is offline  
Old   #11
 
elite*gold: 0
Join Date: Jul 2012
Posts: 231
Received Thanks: 65
Thanks drow for this script it is realy helpful and it worked with iis 8 express
eziorav is offline  
Old   #12
 
elite*gold: 0
Join Date: Feb 2012
Posts: 11
Received Thanks: 0
Quote:
Originally Posted by ismokedrow View Post
I mean reading that this script will only work on IIS
i've pv server at France and the os is w7

then i put files on C:\xampp\htdocs\regi

and change it to my pv server info<<< as u syed

then :

You must register and activate your account in order to view images.

im using Apache if that problem so how can i change it to iis

slman890 is offline  
Old   #13
 
elite*gold: 0
Join Date: Jul 2012
Posts: 231
Received Thanks: 65
Quote:
Originally Posted by slman890 View Post
i've pv server at France and the os is w7

then i put files on C:\xampp\htdocs\regi

and change it to my pv server info<<< as u syed

then :

You must register and activate your account in order to view images.

im using Apache if that problem so how can i change it to iis

He told you to use iis not xampp
the way how to install u can find it in google
eziorav is offline  
Old   #14
 
elite*gold: 0
Join Date: Feb 2012
Posts: 11
Received Thanks: 0
Quote:
Originally Posted by eziorav View Post
He told you to use iis not xampp
the way how to install u can find it in google
oh!

thnks man i got it
slman890 is offline  
Old   #15
 
elite*gold: 0
Join Date: Feb 2012
Posts: 11
Received Thanks: 0
frankly we want something enplane that

video or URL for it

thank u


slman890 is offline  
Reply



« Previous Thread | Next Thread »

Similar Threads
[RELEASE] Secure PHP Web Registration Script
This is technically obsolete now, and I'd recommend using my newer script instead. This is a secure registration script meant for Shaiya private...
206 Replies - Shaiya PServer Guides & Releases
[ADVANCED] Registration Script / SQLSRV
-- Forewarning -- The following is in no way shape or form intended for the use of beginners and requires basic and intermediate skill levels to...
30 Replies - Rappelz Private Server
[release] Advanced register script
hi all time for the second advanced release this is a register script but with email verification the script itself can work with 2 databases...
9 Replies - EO PServer Hosting
[RELEASE]Registration Script (ENG)
I just created this registration script so enjoy. Unlike the others that are posted around, this one is built from the ground up by me. Enjoy and...
12 Replies - Dekaron Private Server



All times are GMT +2. The time now is 20:51.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy
Copyright ©2017 elitepvpers All Rights Reserved.