Mysql import/auslese frage

Ammonit · 07/10/2013, 19:11

Code:

<style type="text/css">
body {
padding-top:200px;
font-family:Verdana;
}

</style>
<?php
ini_set('display_errors', 'Off');

function Error($Error)
{
    echo "<br /><br /><br /><br /><br /><br /><center><b><span style='color:#CD0000;'> " . $Error . "</span></b></center>";
}
function ConnectMysql()
{
    include("configs.php");
    $link=mysql_connect("" . $mysql_host . "","" . $mysql_user . "","" . $mysql_pass . "");
    
    if(!$link) {
    echo "Cannot connect to database!";
    }else{
    mysql_select_db("". $mysql_db . "",$link);
    }
}

function register()
{
include('configs.php');

if($core == 1) {
        if(isset($_POST['flags'])) {
        if($_POST['flags'] == "0") {
        $flags = "0";
        }elseif($_POST['flags'] == "8") {
        $flags = "1";
        }elseif($_POST['flags'] == "24") {
        $flags = "2";
        }
        
        }else{ echo '<script type="text/javascript">window.location = "index.php?error=Please select an expansion.";</script>'; exit(); }
        ConnectMysql();
        $user_chars = "#[^a-zA-Z0-9_\-]#";
        
        if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
                echo '<script type="text/javascript">window.location = "index.php?error=You did not enter all the required information.";</script>';
        } else {
                $username = strtoupper($_POST["user"]);
                $password = strtoupper($_POST["password"]);
                if (strlen($username) < 3) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Username is too short.";</script>';
                        exit();
                };
                if (strlen($username) > 30) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Username is too long.";</script>';
                        exit();
                };
                if (strlen($password) < 3) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Password is too short.";</script>';
                        exit();
                };
                if (strlen($password) > 30) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Password is too long.";</script>';
                        exit();
                };
                if (preg_match($user_chars,$username)) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Please only use A-Z and 0-9.";</script>';
                        exit();
                };
                if (preg_match($user_chars,$password)) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Please only use A-Z and 0-9.";</script>';
                        exit();
                };
                $username = mysql_real_escape_string($username);
                $password = mysql_real_escape_string($password);
                $qry = mysql_query("SELECT username FROM account WHERE username = '" . $username . "'");
                if (!$qry) {
                    echo '<script type="text/javascript">window.location = "index.php?error=Error querying database.";</script>';
                    exit();
                };
                if ($existing_username = mysql_fetch_assoc($qry)) {
                        foreach ($existing_username as $key => $value) {
                                $existing_username = $value;
                        };
                };
                $existing_username = strtoupper($existing_username);
                if ($existing_username == strtoupper($_POST['user'])) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Chosen username is already taken!";</script>';
                        exit();
                };
                unset($qry);
                $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
                $register_sql = "INSERT INTO account (username, sha_pass_hash, expansion) VALUES ('" . $username . "','" . $sha_pass_hash . "','" . $flags . "')";
                $qry = mysql_query($register_sql);
                if (!$qry) {
                    echo '<script type="text/javascript">window.location = "index.php?error=Error creating account.";</script>';
                    exit();
                };
                echo '<br /><br /><br /><br /><br /><br /><center><span style="color:#00FFFF;">Your Account was successfully created!<br /></span></center>';
        };

}elseif($core == 2) {

        if(isset($_POST['flags'])) { $flags = "" . $_POST['flags'] . ""; }else{ echo '<script type="text/javascript">window.location = "index.php?error=Please select an expansion.";</script>'; exit(); }
        ConnectMysql();
        $user_chars = "#[^a-zA-Z0-9_\-]#";
        
        if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
                echo '<script type="text/javascript">window.location = "index.php?error=You did not enter all the required information.";</script>';
        } else {
                $username = strtoupper($_POST["user"]);
                $password = strtoupper($_POST["password"]);
                if (strlen($username) < 3) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Username is too short.";</script>';
                        exit();
                };
                if (strlen($username) > 30) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Username is too long.";</script>';
                        exit();
                };
                if (strlen($password) < 3) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Password is too short.";</script>';
                        exit();
                };
                if (strlen($password) > 30) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Password is too long.";</script>';
                        exit();
                };
                if (preg_match($user_chars,$username)) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Please only use A-Z and 0-9.";</script>';
                        exit();
                };
                if (preg_match($user_chars,$password)) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Please only use A-Z and 0-9.";</script>';
                        exit();
                };
                $username = mysql_real_escape_string($username);
                $password = mysql_real_escape_string($password);
                $qry = mysql_query("SELECT login FROM accounts WHERE login = '" . $username . "'");
                if (!$qry) {
                    echo '<script type="text/javascript">window.location = "index.php?error=Error querying database.";</script>';
                    exit();
                };
                if ($existing_username = mysql_fetch_assoc($qry)) {
                        foreach ($existing_username as $key => $value) {
                                $existing_username = $value;
                        };
                };
                $existing_username = strtoupper($existing_username);
                if ($existing_username == strtoupper($_POST['user'])) {
                        echo '<script type="text/javascript">window.location = "index.php?error=Chosen username has already been taken.";</script>';
                        exit();
                };
                unset($qry);
                $register_sql = "INSERT INTO accounts (login, password, flags) VALUES ('" . $username . "','" . $password . "','" . $flags . "')";
                $qry = mysql_query($register_sql);
                if (!$qry) {
                    echo '<script type="text/javascript">window.location = "index.php?error=Error creating account.";</script>';
                    exit();
                };
                echo '<br /><br /><br /><br /><br /><br /><center><span style="color:#00FFFF;">Your account was successfully created!<br /></span></center>';
        };
}
}
?>

Das ist n regi code, werden die profis sofort sehen^^
Ich hätte gerne dass dass das script während des tätigen der "$register_sql" (also eintragen in tabelle "account" aus der "Account" tabelle die spalte "accountId" ausliest mit 1 addiert und in die tabelle "rbac_account_groups" einträgt mit den zusätzlichen spalten "groupId", wert immer 1 und "realmId", wert immer -1.

Wenn mir wer weiterhelfen würde, es wäre obernice - lG

kissein · 07/11/2013, 15:48

Ich habe mir den Quellcode nicht gänzlich angesehen, aber das hier müsste bereits genügen laut der erklärung

Quote:

$register_sql2 = mysql_query("SELECT accountid FROM accounts");
$ids = mysql_num_rows($register_sql2);
$register_sql3 = "INSERT INTO rbac_account_groups (accountid, groupid, realmid) VALUES ($ids + 1 , 1, -1)";

Ammonit · 07/11/2013, 19:25

Quote:

Originally Posted by kissein

Ich habe mir den Quellcode nicht gänzlich angesehen, aber das hier müsste bereits genügen laut der erklärung

Sieht gut aus aber hatte jetzt nicht funktioniert wie ich das eingefügt habe vielleicht kannst du das nochmal in den code eingefügt posten