proskater123 Posted August 29, 2008 Share Posted August 29, 2008 I am working on my world of warcraft site and am trying to make a realm status panel. But when I tryed to make it check two different realms it gives me the error Parse error: syntax error, unexpected '=' in E:\htdocs\wow\infusions\realms_status_panel\realms_status_panel.php on line 84 here is the code that I have now. Its not completely done but i stopped here trying to get this error fixed. I need to to pull from two different mysql databases. Settings.php <?php // Db settings this is need to take out how many players are online from db $host='localhost'; $user='REMOVED'; $pass='REMOVED'; $db='character'; $logondb='character2'; // This is for realm 2 $host2='localhost'; $user2='REMOVED'; $pass2='REMOVED'; $db2='character'; $logondb2='character2'; //Text Settings $realmname='Jaboosa'; // Server Name or Realm name if only 1 realm $realmadress='Vgeneration.is-a-geek.com'; //realmlist adress $patch='2.4.3'; // Your Server supported patch $rates='blizzlike'; //server rates //Text Settings $realmname2='Jaboosa 2'; // Server Name or Realm name if only 1 realm $realmadress2='Vgeneration.is-a-geek.com'; //realmlist adress $patch2='2.4.3'; // Your Server supported patch $rates2='blizzlike'; //server rates ?> <?PHP I hardly know anything about php and mysql but I am learning. Thanks for the help. include_once "settings.php"; /*---------------------------------------------------+ | PHP-Fusion 6 Content Management System +----------------------------------------------------+ | Copyright © 2002 - 2006 Nick Jones | http://www.php-fusion.co.uk/ +----------------------------------------------------+ | PHP-Fusion Ascent Realm Status Panel by Thurgood +----------------------------------------------------+ | Tested with Ascent's v1777+ Character DB Structure +----------------------------------------------------+ | Place this code into a folder under Infusionss | Make sure the folder and the filename are identical | then add your panel. +----------------------------------------------------+ | http://emu.game-server-cc/ +----------------------------------------------------+ | Released under the terms & conditions of v2 of the | GNU General Public License. For details refer to | the included gpl.txt file or visit http://gnu.org +----------------------------------------------------*/ if (!defined("IN_FUSION")) { header("Location:../../index.php"); exit; } openside("Realm Status"); $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); $numonline=@mysql_num_rows(mysql_query("SELECT NULL FROM `characters` WHERE `online`='1'")); $accdb=@mysql_num_rows(mysql_query("SELECT * FROM accounts")); $chardb=@mysql_num_rows(mysql_query("SELECT * FROM characters")); $guilddb=@mysql_num_rows(mysql_query("SELECT * FROM guilds")); $arenadb=@mysql_num_rows(mysql_query("SELECT * FROM arenateams")); $abfrage = "SELECT * FROM `characters` WHERE `online`='1'"; $result = mysql_query($abfrage); $rows0 = mysql_num_rows($result); $abfrage1 = "SELECT * FROM `characters` WHERE `race`='1' AND `online`='1'"; $result1 = mysql_query($abfrage1); $rows1 = mysql_num_rows($result1); $abfrage2 = "SELECT * FROM `characters` WHERE `race`='2' AND `online`='1'"; $result2 = mysql_query($abfrage2); $rows2 = mysql_num_rows($result2); $abfrage3 = "SELECT * FROM `characters` WHERE `race`='3' AND `online`='1'"; $result3 = mysql_query($abfrage3); $rows3 = mysql_num_rows($result3); $abfrage4 = "SELECT * FROM `characters` WHERE `race`='4' AND `online`='1'"; $result4 = mysql_query($abfrage4); $rows4 = mysql_num_rows($result4); $abfrage5 = "SELECT * FROM `characters` WHERE `race`='5' AND `online`='1'"; $result5 = mysql_query($abfrage5); $rows5 = mysql_num_rows($result5); $abfrage6 = "SELECT * FROM `characters` WHERE `race`='6' AND `online`='1'"; $result6 = mysql_query($abfrage6); $rows6 = mysql_num_rows($result6); $abfrage7 = "SELECT * FROM `characters` WHERE `race`='7' AND `online`='1'"; $result7 = mysql_query($abfrage7); $rows7 = mysql_num_rows($result7); $abfrage8 = "SELECT * FROM `characters` WHERE `race`='8' AND `online`='1'"; $result8 = mysql_query($abfrage8); $rows8 = mysql_num_rows($result8); $abfrage9 = "SELECT * FROM `characters` WHERE `race`='10' AND `online`='1'"; $result9 = mysql_query($abfrage9); $rows9 = mysql_num_rows($result9); $abfrage10 = "SELECT * FROM `characters` WHERE `race`='11' AND `online`='1'"; $result10 = mysql_query($abfrage10); $rows10 = mysql_num_rows($result10); $horde = $rows2+$rows5+$rows6+$rows8+$rows9; $ally = $rows1+$rows3+$rows4+$rows7+$rows10; mysql_close; //Mysql information for realm 2 conn = mysql_connect($host2,$user2,$pass2) or die(mysql_error()); mysql_select_db($db2) or die(mysql_error()); $numonline2=@mysql_num_rows(mysql_query("SELECT NULL FROM `characters` WHERE `online`='1'")); $accdb2=@mysql_num_rows(mysql_query("SELECT * FROM accounts")); $chardb2=@mysql_num_rows(mysql_query("SELECT * FROM characters")); $guilddb2=@mysql_num_rows(mysql_query("SELECT * FROM guilds")); $arenadb2=@mysql_num_rows(mysql_query("SELECT * FROM arenateams")); //Database Connection information $ip='127.0.0.1'; //IP or DNS of your LOGONSERVER $port1 ='8093'; //WORLD LISTENER PORT - REALM 1 $port2 ='8129'; //WORLD LISTENER PORT - REALM 2 $port3 ='8093'; //WORLD LISTENER PORT - REALM 2 // Lets see if Realm 1 is alive $fp = @fsockopen ($ip,$port1,$errno,$errstr, 0.5); if ($fp) { print "<center></font><p><center><img src='".BASEDIR."images/realm_status/up.png'></center>"; } else {print "<center><img src='".BASEDIR."images/realm_status/down.png'></center>"; } @fclose($fp); $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); mysql_select_db($logondb) or die(mysql_error()); $accdb=@mysql_num_rows(mysql_query("SELECT * FROM accounts")); echo "<b>Online Players: $numonline <br> Alliance : <font color='blue'>$ally</font> Horde : <font color='red'>$horde </font></b><p><b>Name:</b> $realmname<br><b>Realm:</b> $realmadress <br> <b>Patch:</b> $patch<br><b>Rates:</b> $rates <br> <b><br><u>Database Statistics:</u></b><br><b>Accounts: $accdb <br>Characters: $chardb <br>Guilds: $guilddb <br>Arena Teams: $arenadb</b> "; // Lets see if Realm 2 is alive $fp = @fsockopen ($ip,$port2,$errno,$errstr, 0.5); if ($fp) { print "<center></font><p><center><img src='".BASEDIR."images/realm_status/up.png'></center>"; } else {print "<center><img src='".BASEDIR."images/realm_status/down.png'></center>"; } @fclose($fp); $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); mysql_select_db($logondb) or die(mysql_error()); $accdb=@mysql_num_rows(mysql_query("SELECT * FROM accounts")); echo "<b>Online Players: $numonline <br> Alliance : <font color='blue'>$ally</font> Horde : <font color='red'>$horde </font></b><p><b>Name:</b> $realmname2<br><b>Realm:</b> $realmadress2 <br> <b>Patch:</b> $patch2<br><b>Rates:</b> $rates2 <br> <b><br><u>Database Statistics:</u></b><br><br><b><br>Characters: $chardb2 <br>Guilds: $guilddb <br>Arena Teams: $arenadb</b> "; ?> <?php mysql_close; ?> <?php mysql_connect("$db_host", "$db_user","$db_pass"); mysql_select_db("$db_name"); ?> <?php // Leave this line in mysql_close; closeside(); ?> Quote Link to comment Share on other sites More sharing options...
digip Posted August 29, 2008 Share Posted August 29, 2008 O.o see below by Tenzer... Quote Link to comment Share on other sites More sharing options...
Tenzer Posted August 29, 2008 Share Posted August 29, 2008 I suppose that the lower script block is the realms_status_panel.php file, and that the following line is line 84: conn = mysql_connect($host2,$user2,$pass2) or die(mysql_error()); In that case, you are missing a dollar sign in front of "conn" :) Edit: digip, he has added some extra lines in top of the file, so you can't just use the line number directly. Otherwise he would probably have gotten a parse error on the first line stating: "I hardly know anything about php and mysql but I am learning. Thanks for the help." Quote Link to comment Share on other sites More sharing options...
digip Posted August 29, 2008 Share Posted August 29, 2008 I suppose that the lower script block is the realms_status_panel.php file, and that the following line is line 84: conn = mysql_connect($host2,$user2,$pass2) or die(mysql_error()); Comes up in mine as line 87, but anyway, I didn't check the rest of his code for errors, just what was above line 84. Line 29 : $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); Line 87 : conn = mysql_connect($host2,$user2,$pass2) or die(mysql_error()); Line 108 : $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); Line 122 : $conn = mysql_connect($host,$user,$pass) or die(mysql_error()); Good catch. Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 16, 2008 Author Share Posted September 16, 2008 Alright I have another problem. I am trying to add a check box in to change the value of a table to 8 instead of zero. but i keep getting the error: Parse error: syntax error, unexpected T_ELSE in E:\htdocs\hidden\wow\register.php on line 42 The code on the page is the following: <?php /*---------------------------------------------------+ | PHP-Fusion 6 Content Management System +----------------------------------------------------+ | Copyright © 2002 - 2006 Nick Jones | http://www.php-fusion.co.uk/ +----------------------------------------------------+ | Released under the terms & conditions of v2 of the | GNU General Public License. For details refer to | the included gpl.txt file or visit http://gnu.org +----------------------------------------------------*/ require_once "maincore.php"; require_once "subheader.php"; require_once "side_left.php"; include LOCALE.LOCALESET."register.php"; include LOCALE.LOCALESET."user_fields.php"; if (iMEMBER) fallback("index.php"); if ($settings['enable_registration']) { if (isset($activate)) { if (!preg_match("/^[0-9a-z]{32}$/", $activate)) fallback("index.php"); $result = dbquery("SELECT * FROM ".$db_prefix."new_users WHERE user_code='$activate'"); if (dbrows($result) != 0) { $data = dbarray($result); $user_info = unserialize($data['user_info']); $activation = $settings['admin_activation'] == "1" ? "2" : "0"; $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('".$user_info['user_name']."', '".$user_info['user_password']."', '".$user_info['user_email']."', '".$user_info['user_hide_email']."', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '$activation')"); $result = dbquery("DELETE FROM ".$db_prefix."new_users WHERE user_code='$activate'"); opentable($locale['401']); if ($settings['admin_activation'] == "1") { echo "<center><br>\n".$locale['455']."<br><br>\n".$locale['453']."<br><br>\n</center>\n"; } else { echo "<center><br>\n".$locale['455']."<br><br>\n".$locale['452']."<br><br>\n</center>\n"; // Get the TBC settings. if ($AllowTBC && !$ForceTBC) { $HTML.= "<tr><td>Check if TBC:</td><td><input type='checkbox' name='tbc' id='tbc' /></td></tr>"; } $HTML .= "<tr><td></td><td><input type='submit' /></td></tr>"; $HTML .= "</table>"; $HTML .= "</form>"; $HTML .= "</fieldset>"; } else if ($MODE == "submit" && $AllowReg) if ($AllowTBC && !$ForceTBC) { $TBC = htmlspecialchars(preg_replace($search, '', $_POST['tbc']), ENT_QUOTES); { } closetable(); } else { fallback("index.php"); } } else if (isset($_POST['register'])) { $error = ""; $username = stripinput(trim(eregi_replace(" +", " ", $_POST['username']))); $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); $password1 = stripinput(trim(eregi_replace(" +", "", $_POST['password1']))); if ($username == "" || $password1 == "" || $email == "") $error .= $locale['402']."<br>\n"; if (!preg_match("/^[-0-9A-Z_@\s]+$/i", $username)) $error .= $locale['403']."<br>\n"; if (preg_match("/^[0-9A-Z@]{6,20}$/i", $password1)) { if ($password1 != $_POST['password2']) $error .= $locale['404']."<br>\n"; } else { $error .= $locale['405']."<br>\n"; } if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error .= $locale['406']."<br>\n"; } $email_domain = substr(strrchr($email, "@"), 1); $result = dbquery("SELECT * FROM ".$db_prefix."blacklist WHERE blacklist_email='".$email."' OR blacklist_email='$email_domain'"); if (dbrows($result) != 0) $error = $locale['411']."<br>\n"; $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_name='$username'"); if (dbrows($result) != 0) $error = $locale['407']."<br>\n"; $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_email='".$email."'"); if (dbrows($result) != 0) $error = $locale['408']."<br>\n"; if ($settings['email_verification'] == "1") { $result = dbquery("SELECT * FROM ".$db_prefix."new_users"); while ($new_users = dbarray($result)) { $user_info = unserialize($new_users['user_info']); if ($new_users['user_email'] == $email) { $error = $locale['409']."<br>\n"; } if ($user_info['user_name'] == $username) { $error = $locale['407']."<br>\n"; break; } } } if ($settings['display_validation'] == "1") { if (!check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) { $error .= $locale['410']."<br />\n"; } } $user_hide_email = isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1"; if ($settings['email_verification'] == "0") { $user_location = isset($_POST['user_location']) ? stripinput(trim($_POST['user_location'])) : ""; if ($_POST['user_month'] != 0 && $_POST['user_day'] != 0 && $_POST['user_year'] != 0) { $user_birthdate = (isNum($_POST['user_year']) ? $_POST['user_year'] : "0000") ."-".(isNum($_POST['user_month']) ? $_POST['user_month'] : "00") ."-".(isNum($_POST['user_day']) ? $_POST['user_day'] : "00"); } else { $user_birthdate = "0000-00-00"; } $user_aim = isset($_POST['user_aim']) ? stripinput(trim($_POST['user_aim'])) : ""; $user_icq = isset($_POST['user_icq']) ? stripinput(trim($_POST['user_icq'])) : ""; $user_msn = isset($_POST['user_msn']) ? stripinput(trim($_POST['user_msn'])) : ""; $user_yahoo = isset($_POST['user_yahoo']) ? stripinput(trim($_POST['user_yahoo'])) : ""; $user_web = isset($_POST['user_web']) ? stripinput(trim($_POST['user_web'])) : ""; $user_theme = stripinput($_POST['user_theme']); $user_offset = is_numeric($_POST['user_offset']) ? $_POST['user_offset'] : "0"; $user_sig = isset($_POST['user_sig']) ? stripinput(trim($_POST['user_sig'])) : ""; } if ($error == "") { if ($settings['email_verification'] == "1") { require_once INCLUDES."sendmail_include.php"; mt_srand((double)microtime()*1000000); $salt = ""; for ($i=0;$i<=7;$i++) { $salt .= chr(rand(97, 122)); } $user_code = md5($email.$salt); $activation_url = $settings['siteurl']."register.php?activate=".$user_code; if (sendemail($username,$email,$settings['siteusername'],$settings['siteemail'],$locale['449'], $locale['450'].$activation_url)) { $user_info = serialize(array( "user_name" => $username, "user_password" => md5(md5($password1)), "user_email" => $email, "user_hide_email" => isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1" )); $result = dbquery("INSERT INTO ".$db_prefix."new_users (user_code, user_email, user_datestamp, user_info) VALUES('$user_code', '".$email."', '".time()."', '$user_info')"); opentable($locale['400']); echo "<center><br>\n".$locale['454']."<br><br>\n</center>\n"; closetable(); } else { opentable($locale['456']); echo "<center><br>\n".$locale['457']."<br><br>\n</center>\n"; closetable(); } } else { $activation = $settings['admin_activation'] == "1" ? "2" : "0"; $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('$username', '".md5(md5($password1))."', '".$email."', '$user_hide_email', '$user_location', '$user_birthdate', '$user_aim', '$user_icq', '$user_msn', '$user_yahoo', '$user_web', 'Default', '$user_offset', '', '$user_sig', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '0')"); opentable($locale['400']); if ($settings['admin_activation'] == "1") { echo "<center><br>\n".$locale['451']."<br><br>\n".$locale['453']."<br><br>\n</center>\n"; } else { echo "<center><br>\n".$locale['451']."<br><br>\n".$locale['452']."<br><br>\n</center>\n"; } closetable(); //this line make by asicstar and blitztech include_once("includes/connection.php"); $query="INSERT INTO accounts(login,password,email,gm,flags,banned,lastlogin,lastip) VALUES ('".$username."','".$password1."','".$email."',0,8,0,'0000-00-00 00:00:00','".USER_IP."')"; mysql_query($query); @mysql_select_db ("$db_name"); } } else { opentable($locale['456']); echo "<center><br>\n".$locale['458']."<br><br>\n$error<br>\n<a href='".FUSION_SELF."'>".$locale['459']."</a></div></br>\n"; closetable(); } } else { if ($settings['email_verification'] == "0") { $theme_files = makefilelist(THEMES, ".|..", true, "folders"); array_unshift($theme_files, "Default"); $offset_list = ""; for ($i=-13;$i<17;$i++) { if ($i > 0) { $offset="+".$i; } else { $offset=$i; } $offset_list .= "<option".($offset == "0" ? " selected" : "").">$offset</option>\n"; } } opentable($locale['400']); echo "<center><img src='".BASEDIR."images/register.png'></center><center>".$locale['500']."\n"; if ($settings['email_verification'] == "1") echo $locale['501']."\n"; echo $locale['502']; if ($settings['email_verification'] == "1") echo "\n".$locale['503']; echo "</center><br> <table align='center' cellpadding='0' cellspacing='0'> <form name='inputform' method='post' action='".FUSION_SELF."' onSubmit='return ValidateForm(this)'> <tr> <td class='tbl'>".$locale['u001']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='username' maxlength='30' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u002']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='password' name='password1' maxlength='20' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u004']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='password' name='password2' maxlength='20' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u005']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='email' maxlength='100' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u006']."</td> <td class='tbl'><input type='radio' name='user_hide_email' value='1'>".$locale['u007']." <input type='radio' name='user_hide_email' value='0' checked>".$locale['u008']."</td> </tr>\n"; if ($settings['display_validation'] == "1") { echo "<tr>\n<td class='tbl'>".$locale['504']."</td>\n<td class='tbl'>"; echo make_captcha(); echo "</td> </tr> <tr> <td class='tbl'>".$locale['505']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='captcha_code' class='textbox' style='width:100px'></td> </tr>\n"; } if ($settings['email_verification'] == "0") { echo "<tr> <td class='tbl'>".$locale['u009']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='user_location' maxlength='50' class='textbox' style='width:200px;'></td> </tr> jlakkjsdlkajd \n"; } echo "<tr> <td align='center' colspan='2'><br> <input type='submit' name='register' value='".$locale['506']."' class='button'> </td> </tr> </form> </table>"; closetable(); echo "<script language='JavaScript'> function ValidateForm(frm) { if (frm.username.value==\"\") { alert(\"".$locale['550']."\"); return false; } if (frm.password1.value==\"\") { alert(\"".$locale['551']."\"); return false; } if (frm.email.value==\"\") { alert(\"".$locale['552']."\"); return false; } } </script>\n"; } } else { opentable($locale['400']); echo "<center><br>\n".$locale['507']."<br><br>\n</center>\n"; closetable(); } require_once "side_right.php"; require_once "footer.php"; ?> The locale.user_fields looks like this <?php $locale['u001'] = "User Name:"; $locale['u002'] = "Password:"; $locale['u003'] = "New Password:"; $locale['u004'] = "Confirm Password:"; $locale['u005'] = "Email Address:"; $locale['u006'] = "Hide Email?"; $locale['u007'] = " Yes "; $locale['u008'] = " No"; $locale['u009'] = "Location:"; $locale['u010'] = "Birthdate:"; $locale['u011'] = "ICQ#:"; $locale['u012'] = "MSN ID:"; $locale['u013'] = "Yahoo ID:"; $locale['u014'] = "Website URL:"; $locale['u015'] = "Theme:"; $locale['u016'] = "Time Offset:"; $locale['u017'] = "Avatar"; $locale['u018'] = "Click Browse to upload an image"; $locale['u019'] = "Delete"; $locale['u020'] = "Signature:"; $locale['u021'] = "AIM ID:"; $locale['u022'] = "Max. filesize: %s / Max. size: %ux%u pixels"; // Items shown in profiles $locale['u040'] = "Date Joined:"; $locale['u041'] = "Shoutbox Posts:"; $locale['u042'] = "Comments Posted:"; $locale['u043'] = "Forum Posts:"; $locale['u044'] = "Last Visit:"; $locale['u045'] = "Member Status:"; $locale['u046'] = "<img src='".IMAGES."avatar_no.png'>"; $locale['u047'] = "Hidden by Request"; $locale['u048'] = "Not Specified"; $locale['u049'] = "Never"; $locale['u050'] = "IP Address:"; $locale['u051'] = "Email"; $locale['u052'] = "Website"; $locale['u053'] = "PM"; // Profile Options $locale['u060'] = "Send Private Message"; ?> Again I know this might be noobish of what I am trying to do. Before I forget the databse stuff looks like: database: character table: accounts The table looks like this http://jaboosa.is-a-geek.com/accounts.html i need colum "Flags" to be changed to 8 from zero when the box is selected Thanks for any help. I am learning i swear :) Quote Link to comment Share on other sites More sharing options...
Tenzer Posted September 17, 2008 Share Posted September 17, 2008 Look at line 40 in register.php, you end the if statement with the "}" even though you continue to pour in data. The "} else..." part is on line 45, so I guess you should just remove the "}" on line 40. Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 18, 2008 Author Share Posted September 18, 2008 Alright now im getting a Parse error: syntax error, unexpected T_ELSE in E:\htdocs\hidden\wow\register.php on line 51 Im going to guess it is either the " ( " or the " ) " but here is the updated code <?php /*---------------------------------------------------+ | PHP-Fusion 6 Content Management System +----------------------------------------------------+ | Copyright © 2002 - 2006 Nick Jones | http://www.php-fusion.co.uk/ +----------------------------------------------------+ | Released under the terms & conditions of v2 of the | GNU General Public License. For details refer to | the included gpl.txt file or visit http://gnu.org +----------------------------------------------------*/ require_once "maincore.php"; require_once "subheader.php"; require_once "side_left.php"; include LOCALE.LOCALESET."register.php"; include LOCALE.LOCALESET."user_fields.php"; if (iMEMBER) fallback("index.php"); if ($settings['enable_registration']) { if (isset($activate)) { if (!preg_match("/^[0-9a-z]{32}$/", $activate)) fallback("index.php"); $result = dbquery("SELECT * FROM ".$db_prefix."new_users WHERE user_code='$activate'"); if (dbrows($result) != 0) { $data = dbarray($result); $user_info = unserialize($data['user_info']); $activation = $settings['admin_activation'] == "1" ? "2" : "0"; $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('".$user_info['user_name']."', '".$user_info['user_password']."', '".$user_info['user_email']."', '".$user_info['user_hide_email']."', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '$activation')"); $result = dbquery("DELETE FROM ".$db_prefix."new_users WHERE user_code='$activate'"); opentable($locale['401']); if ($settings['admin_activation'] == "1") { echo "<center><br>\n".$locale['455']."<br><br>\n".$locale['453']."<br><br>\n</center>\n"; } else { echo "<center><br>\n".$locale['455']."<br><br>\n".$locale['452']."<br><br>\n</center>\n"; // Get the TBC settings. if ($AllowTBC && !$ForceTBC) { $HTML.= "<tr><td>Check if TBC:</td><td><input type='checkbox' name='tbc' id='tbc' /></td></tr>"; $HTML .= "<tr><td></td><td><input type='submit' /></td></tr>"; } else if ($MODE == "submit" && $AllowReg) if ($AllowTBC && !$ForceTBC) { $TBC = htmlspecialchars(preg_replace($search, '', $_POST['tbc']), ENT_QUOTES); { } closetable(); } else { fallback("index.php"); } } else if (isset($_POST['register'])) { $error = ""; $username = stripinput(trim(eregi_replace(" +", " ", $_POST['username']))); $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); $password1 = stripinput(trim(eregi_replace(" +", "", $_POST['password1']))); if ($username == "" || $password1 == "" || $email == "") $error .= $locale['402']."<br>\n"; if (!preg_match("/^[-0-9A-Z_@\s]+$/i", $username)) $error .= $locale['403']."<br>\n"; if (preg_match("/^[0-9A-Z@]{6,20}$/i", $password1)) { if ($password1 != $_POST['password2']) $error .= $locale['404']."<br>\n"; } else { $error .= $locale['405']."<br>\n"; } if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error .= $locale['406']."<br>\n"; } $email_domain = substr(strrchr($email, "@"), 1); $result = dbquery("SELECT * FROM ".$db_prefix."blacklist WHERE blacklist_email='".$email."' OR blacklist_email='$email_domain'"); if (dbrows($result) != 0) $error = $locale['411']."<br>\n"; $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_name='$username'"); if (dbrows($result) != 0) $error = $locale['407']."<br>\n"; $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_email='".$email."'"); if (dbrows($result) != 0) $error = $locale['408']."<br>\n"; if ($settings['email_verification'] == "1") { $result = dbquery("SELECT * FROM ".$db_prefix."new_users"); while ($new_users = dbarray($result)) { $user_info = unserialize($new_users['user_info']); if ($new_users['user_email'] == $email) { $error = $locale['409']."<br>\n"; } if ($user_info['user_name'] == $username) { $error = $locale['407']."<br>\n"; break; } } } if ($settings['display_validation'] == "1") { if (!check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) { $error .= $locale['410']."<br />\n"; } } $user_hide_email = isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1"; if ($settings['email_verification'] == "0") { $user_location = isset($_POST['user_location']) ? stripinput(trim($_POST['user_location'])) : ""; if ($_POST['user_month'] != 0 && $_POST['user_day'] != 0 && $_POST['user_year'] != 0) { $user_birthdate = (isNum($_POST['user_year']) ? $_POST['user_year'] : "0000") ."-".(isNum($_POST['user_month']) ? $_POST['user_month'] : "00") ."-".(isNum($_POST['user_day']) ? $_POST['user_day'] : "00"); } else { $user_birthdate = "0000-00-00"; } $user_aim = isset($_POST['user_aim']) ? stripinput(trim($_POST['user_aim'])) : ""; $user_icq = isset($_POST['user_icq']) ? stripinput(trim($_POST['user_icq'])) : ""; $user_msn = isset($_POST['user_msn']) ? stripinput(trim($_POST['user_msn'])) : ""; $user_yahoo = isset($_POST['user_yahoo']) ? stripinput(trim($_POST['user_yahoo'])) : ""; $user_web = isset($_POST['user_web']) ? stripinput(trim($_POST['user_web'])) : ""; $user_theme = stripinput($_POST['user_theme']); $user_offset = is_numeric($_POST['user_offset']) ? $_POST['user_offset'] : "0"; $user_sig = isset($_POST['user_sig']) ? stripinput(trim($_POST['user_sig'])) : ""; } if ($error == "") { if ($settings['email_verification'] == "1") { require_once INCLUDES."sendmail_include.php"; mt_srand((double)microtime()*1000000); $salt = ""; for ($i=0;$i<=7;$i++) { $salt .= chr(rand(97, 122)); } $user_code = md5($email.$salt); $activation_url = $settings['siteurl']."register.php?activate=".$user_code; if (sendemail($username,$email,$settings['siteusername'],$settings['siteemail'],$locale['449'], $locale['450'].$activation_url)) { $user_info = serialize(array( "user_name" => $username, "user_password" => md5(md5($password1)), "user_email" => $email, "user_hide_email" => isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1" )); $result = dbquery("INSERT INTO ".$db_prefix."new_users (user_code, user_email, user_datestamp, user_info) VALUES('$user_code', '".$email."', '".time()."', '$user_info')"); opentable($locale['400']); echo "<center><br>\n".$locale['454']."<br><br>\n</center>\n"; closetable(); } else { opentable($locale['456']); echo "<center><br>\n".$locale['457']."<br><br>\n</center>\n"; closetable(); } } else { $activation = $settings['admin_activation'] == "1" ? "2" : "0"; $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('$username', '".md5(md5($password1))."', '".$email."', '$user_hide_email', '$user_location', '$user_birthdate', '$user_aim', '$user_icq', '$user_msn', '$user_yahoo', '$user_web', 'Default', '$user_offset', '', '$user_sig', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '0')"); opentable($locale['400']); if ($settings['admin_activation'] == "1") { echo "<center><br>\n".$locale['451']."<br><br>\n".$locale['453']."<br><br>\n</center>\n"; } else { echo "<center><br>\n".$locale['451']."<br><br>\n".$locale['452']."<br><br>\n</center>\n"; } closetable(); //this line make by asicstar and blitztech include_once("includes/connection.php"); $query="INSERT INTO accounts(login,password,email,gm,flags,banned,lastlogin,lastip) VALUES ('".$username."','".$password1."','".$email."',0,8,0,'0000-00-00 00:00:00','".USER_IP."')"; mysql_query($query); @mysql_select_db ("$db_name"); } } else { opentable($locale['456']); echo "<center><br>\n".$locale['458']."<br><br>\n$error<br>\n<a href='".FUSION_SELF."'>".$locale['459']."</a></div></br>\n"; closetable(); } } else { if ($settings['email_verification'] == "0") { $theme_files = makefilelist(THEMES, ".|..", true, "folders"); array_unshift($theme_files, "Default"); $offset_list = ""; for ($i=-13;$i<17;$i++) { if ($i > 0) { $offset="+".$i; } else { $offset=$i; } $offset_list .= "<option".($offset == "0" ? " selected" : "").">$offset</option>\n"; } } opentable($locale['400']); echo "<center><img src='".BASEDIR."images/register.png'></center><center>".$locale['500']."\n"; if ($settings['email_verification'] == "1") echo $locale['501']."\n"; echo $locale['502']; if ($settings['email_verification'] == "1") echo "\n".$locale['503']; echo "</center><br> <table align='center' cellpadding='0' cellspacing='0'> <form name='inputform' method='post' action='".FUSION_SELF."' onSubmit='return ValidateForm(this)'> <tr> <td class='tbl'>".$locale['u001']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='username' maxlength='30' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u002']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='password' name='password1' maxlength='20' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u004']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='password' name='password2' maxlength='20' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u005']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='email' maxlength='100' class='textbox' style='width:200px;'></td> </tr> <tr> <td class='tbl'>".$locale['u006']."</td> <td class='tbl'><input type='radio' name='user_hide_email' value='1'>".$locale['u007']." <input type='radio' name='user_hide_email' value='0' checked>".$locale['u008']."</td> </tr>\n"; if ($settings['display_validation'] == "1") { echo "<tr>\n<td class='tbl'>".$locale['504']."</td>\n<td class='tbl'>"; echo make_captcha(); echo "</td> </tr> <tr> <td class='tbl'>".$locale['505']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='captcha_code' class='textbox' style='width:100px'></td> </tr>\n"; } if ($settings['email_verification'] == "0") { echo "<tr> <td class='tbl'>".$locale['u009']."<span style='color:#ff0000'>*</span></td> <td class='tbl'><input type='text' name='user_location' maxlength='50' class='textbox' style='width:200px;'></td> </tr> jlakkjsdlkajd \n"; } echo "<tr> <td align='center' colspan='2'><br> <input type='submit' name='register' value='".$locale['506']."' class='button'> </td> </tr> </form> </table>"; closetable(); echo "<script language='JavaScript'> function ValidateForm(frm) { if (frm.username.value==\"\") { alert(\"".$locale['550']."\"); return false; } if (frm.password1.value==\"\") { alert(\"".$locale['551']."\"); return false; } if (frm.email.value==\"\") { alert(\"".$locale['552']."\"); return false; } } </script>\n"; } } else { opentable($locale['400']); echo "<center><br>\n".$locale['507']."<br><br>\n</center>\n"; closetable(); } require_once "side_right.php"; require_once "footer.php"; ?> but when i take out the ( or the ) it says there is an error in line 244 Quote Link to comment Share on other sites More sharing options...
Tenzer Posted September 18, 2008 Share Posted September 18, 2008 The "}" bracket on line 46 looks odd to me, are you sure it should be there? The code is very hard to get a proper overview of, as long as you use that many if statements and when they are nested like that. What editor are you using when coding? If you are using an editor with syntax coloring and which shows linenumbers it really helps out when debugging the code. For Windows I can recommend Notepad++: http://notepad-plus.sf.net/ Quote Link to comment Share on other sites More sharing options...
Deveant Posted September 18, 2008 Share Posted September 18, 2008 ok few errors, Tenzers orignal edit was correct piss off the } But then you have on line; 41 } else if ($MODE == "submit" && $AllowReg) this needs to be appended to; } else if ($MODE == "submit" && $AllowReg){ What you really need to do, if its not already done, is tab out your code, it really does help debugging and reading the code. -- Edit -- Another mistake on lines 44-46, you have $TBC = htmlspecialchars(preg_replace($search, '', $_POST['tbc']), ENT_QUOTES); { } Append to $TBC = htmlspecialchars(preg_replace($search, '', $_POST['tbc']), ENT_QUOTES); } } Quote Link to comment Share on other sites More sharing options...
Tenzer Posted September 18, 2008 Share Posted September 18, 2008 What you really need to do, if its not already done, is tab out your code, it really does help debugging and reading the code. The code is already indented, just look at the code in the code box. It however isn't when copy/pasted from the code box, which can be quite frustrating. Maybe using some kind of pastebin would make it easier with this amount of code? It also features line numbering and syntax highlighting. Quote Link to comment Share on other sites More sharing options...
Steve8x Posted September 19, 2008 Share Posted September 19, 2008 Tenzer it is indented but the IF statements are not nested clearly... Why are people lazy and feel they can't press return to drop down that bracket? ex. if($something) { } instead of if($something){ } I find in both php and c/c++ nesting if statements like this makes code much clearer and easier to read, so you can spot a missing/extra bracket easily and add/remove it... lets see if a paste bin would help... compare paste bin to code tags here: http://pastebin.com/m1590319b <?php $condition = TRUE; $condition2 = FALSE; $condition3 = 99; $value = 99; $condition4 = "do_try"; //$condition4 = "dont_try"; if($condition == TRUE) { if($condition2 == FALSE) { echo "\$condition2 == false"; //this way you know its right when the brackets are parallel to each other } if($condition3 == $value) { if(strcmp($condition4, "dont_try") == 0) { echo "<center><b>"; echo "no matter how deep you go, its clear where the if starts and where it ends\r\n"; echo "even if theres a lot of code in between\r\n"; echo "one thing I like to is line up the I-Beam cursor on the opening bracket \"{\"\r\n"; echo "then scroll down without moving the mouse and it should touch the closing bracket!\r\n"; echo "</b></center>"; } else { echo "<h1>Attempting to create account...</h1>"; $createaccount = "username=ifnesting&email=ifnester@nestifs.com&password1=logmein&user_hide_email=1&user_location=xville&user_month=1&user_day=11&user_year=1969"; $length = strlen($createaccount); $sendstring = "POST /hidden/wow/register.php HTTP/1.1\r\nHost: jaboosa.is-a-geek.com\r\n"; $sendstring .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1\r\n"; $sendstring .= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\n"; $sendstring .= "Accept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\n"; $sendstring .= "connection: keep-alive\r\nReferer: http://jaboosa.is-a-geek.com/index.php\r\nContent-Type: application/x-www-form-urlencoded\r\n"; $sendstring .= "Content-Length: $length\r\n\r\n"; $sendstring .= "$createaccount"; $f = fsockopen("jaboosa.is-a-geek.com", 80, $err1, $err2); if($f) { fwrite($f, $sendstring); echo "<p> sent: <br><b>$sendstring</b>"; while(!feof($f)) { $recvd .= fread($f, 1); } fclose($f); echo "<p> received: <br><b>$recvd</b>"; } } } } ?> lol my attempt at haxing an account... a fail Quote Link to comment Share on other sites More sharing options...
Deveant Posted September 19, 2008 Share Posted September 19, 2008 The code is already indented, just look at the code in the code box. It however isn't when copy/pasted from the code box, which can be quite frustrating. Maybe using some kind of pastebin would make it easier with this amount of code? It also features line numbering and syntax highlighting. Yep my bad, theirs just to much code for one lil box, so i just copy / pasted into dreamweaver. Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 19, 2008 Author Share Posted September 19, 2008 yeah I'm using adobe dream weaver. I can put the original pages in a zip file so you guys can just open them up that way. http://jaboosa.is-a-geek.com/register.zip I moved the site so that its not blocked. the link to get to that register page is: http://jaboosa.is-a-geek.com/wow/register.php Also the resin why you failed at hacking the accounts is because I had the hidden directory blocked. :) but please try not to do anything horrible to the site or anything. Quote Link to comment Share on other sites More sharing options...
CrashandDie Posted September 19, 2008 Share Posted September 19, 2008 It's a bit hard to do any hacking when you're encountering errors all the time... Parse error: syntax error, unexpected T_ELSE in E:\htdocs\wow\register.php on line 48 Quote Link to comment Share on other sites More sharing options...
Deveant Posted September 19, 2008 Share Posted September 19, 2008 It's a bit hard to do any hacking when you're encountering errors all the time... Hes not trying to hack, nor wanting us to hack, but help him with his code. Quote Link to comment Share on other sites More sharing options...
CrashandDie Posted September 21, 2008 Share Posted September 21, 2008 Hes not trying to hack, nor wanting us to hack, but help him with his code. but please try not to do anything horrible to the site or anything. @Deveant: stfu? Quote Link to comment Share on other sites More sharing options...
Deveant Posted September 21, 2008 Share Posted September 21, 2008 @Deveant: stfu? -_-' try reading more than one post? his giving us access to help him get his script working, pointless giving us the script to fix, if we cant test it. He is asking not to fuck over his site. Quote Link to comment Share on other sites More sharing options...
CrashandDie Posted September 21, 2008 Share Posted September 21, 2008 Which was my point all along... Even if we were to have an interest into finding exploits on his website, it doesn't work in the first place... Quote Link to comment Share on other sites More sharing options...
Deveant Posted September 21, 2008 Share Posted September 21, 2008 Ah, ok i kinda get your post now, sorry we get alot of kinda immature people coming to the site, so when i see people with a low post count like yours saying something like that, it seems a lil suss. And the other part is, proskater123 has posted enough information for me to hack his site, and im sure that others have also picked up on that. Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 22, 2008 Author Share Posted September 22, 2008 thanks deveant for understanding what I am trying to do. Plus this is a test server but it would be nice if it worked after this. Quote Link to comment Share on other sites More sharing options...
CrashandDie Posted September 23, 2008 Share Posted September 23, 2008 How about you try recapitulate the whole problem, synthesise what you've achieved, and where the real problems are? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.