Independent
24-01-2008, 10:41 PM
<?php
session_start();
$host = "localhost";
$user = "REMOVED";
$pass = "REMOVED";
$db = "REMOVED";
$ms = mysql_connect($host, $user, $pass);
if(!$ms) { echo "Error connecting to database.\n"; }
mysql_select_db($db);
if($_GET['login'] == "login") {
$user1_post = addslashes($_POST["username_post"]);
$pass1_post = addslashes($_POST["password_post"]);
$pass1_post = ($pass1_post);
if($user1_post == "" or $pass1_post == "") { echo "<center>
<table style=\"BORDER-COLLAPSE: collapse\" borderColor=\"#ffaaaa\" width=\"50%\" bgColor=\"#ffdddd\" border=\"1\" id=\"table1\">
<tr>
<td align=\"middle\"><font size=\"2\" face=\"Verdana\"><b>Login Error:</b><br>
<br>
<font size=\"1\">Unfortunatley, you have entered an incorrect username or
password.<br>
<br>
Please, Click one of the following links:<br>
<font color=\"black\"><a href=\"index.php\">Login again</a><br>
</font><a href=\"<A href="http://HabboMedia.net\"><font">http://HabboMedia.net\"><font color=\"black\">Return to
HabboMedia</font></a><br>
<br>
HabboMedia© Copyright 2006</font></font></td>
</tr>
</table>
</center>"; exit; }
list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));
list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));
if($user1_post == "$user" and $pass1_post == "$pass") {
$sql = mysql_query("SELECT * FROM `staff` WHERE username='$user' AND password='$pass'");
if(mysql_num_rows($sql)!= 1) { exit; }
$result = mysql_fetch_array($sql);
$_SESSION['session_username'] = $result['username'];
$_SESSION['session_level'] = $result['level'];
$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];
echo "Please wait, you are being redirected.<meta http-equiv=\"refresh\" content=\"0;url=user.php\">";
exit;
} else { echo "<center>
<table style=\"BORDER-COLLAPSE: collapse\" borderColor=\"#ffaaaa\" width=\"50%\" bgColor=\"#ffdddd\" border=\"1\" id=\"table1\">
<tr>
<td align=\"middle\"><font size=\"2\" face=\"Verdana\"><b>Login Error:</b><br>
<br>
<font size=\"1\">You have entered an incorrect password.<br>
<br>
Please, Click one of the following links:<br>
<font color=\"black\"><a href=\"index.php\">Login again</a><br>
</font><a href=\"<A href="http://HabboMedia.net\"><font">http://HabboMedia.net\"><font color=\"black\">Return to
HabboMedia</font></a><br>
<br>
HabboMedia.net© Copyright 2006</font></font></td>
</tr>
</table>
</center>"; }
} else { ?>
<body bgcolor="#F45000" bgproperties="fixed" style="background-image: url('http://images.habbohotel.co.uk/c_images//backgrounds/HC_royal.gif')">
<p align="center">
</p>
<center>
<div align="center">
<table width="329" height="3" style="border-collapse: collapse" cellpadding="0" cellspacing="0" id="table2">
<tr>
<td width="330" height="11" align="center">
</td>
</tr>
<tr>
<td align="center" width="400" background="hk_middle.gif" height="342">
<form action="<?php echo "$PHP_SELF"; ?>?login=login" method="POST">
<font size="1" face="Verdana"><br>
<br>
</font><table border="0" id="table3" width="252" height="87">
<tr>
<td>
<tr>
<td>
<p align="right"><b><font size="1" face="Verdana">Username:</font></b></td>
<td>
<p align="center">
<span style="font-size: 10px"><font face="Verdana">
<input class="boarder" size="25" name="username_post" style="float: left; border: 1px dashed #000000"></font></span></td>
</tr>
<tr>
<td>
<font face="Verdana"><span style="font-size: 10px; font-weight: 700">PIN</span></font></td>
<td>
<font face="Verdana" style="font-size: 10px"> <img width="175" src="securityimage.php"><br><input name="security_try" type="text" id="security_try" size="25" maxlength="25" style="border: 1px dashed #000000"></font></td>
</tr>
<tr>
<td>
<p align="center"><font size="1" face="Verdana"><b>Password:</b></font></td>
<td>
<p align="center"><font face="Verdana" size="1" color="#FFFFFF">
<span style="font-size: 10px"><font face="Verdana">
<input type="password" name="password_post" size="25" style="border-style:dashed; border-width:1px; float: left"></font></span></font></td>
</tr>
<font face="Verdana"><span style="font-size: 10px">
<br>
</span></font>
</table>
<span style="font-size: 10px"><font face="Verdana">
<br><input type="submit" value="Send" class="submit" />
</font></span>
<p><font face="Verdana" size="1" color="black"><b>This area is for HabboMedia staff only!</b></font></p>
</form></td>
</tr>
</table>
</div>
<p align="center"> </p>
<?php } ?>
Right, I need someones help making the image verification script work, I think I have to include something from signup_demo.php (Code listed below)
<?php
//Define function to insert security image
function insertSecurityImage($inputname) {
$refid = md5(mktime()*rand());
$insertstr = "<img src=\"securityimage.php?refid=".$refid."\" alt=\"Security Image\">\n
<input type=\"hidden\" name=\"".$inputname."\" value=\"".$refid."\">";
echo($insertstr);
}
//Define function to check security image confirmation
function checkSecurityImage($referenceid, $enteredvalue) {
$referenceid = mysql_escape_string($referenceid);
$enteredvalue = mysql_escape_string($enteredvalue);
$tempQuery = mysql_query("SELECT ID FROM security_images WHERE
referenceid='".$referenceid."' AND hiddentext='".$enteredvalue."'");
if (mysql_num_rows($tempQuery)!=0) {
return true;
} else {
return false;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Signup Demo</title>
</head>
<body>
<?php
if (isset($HTTP_POST_VARS["name"]) && isset($HTTP_POST_VARS["security_try"])) {
//Connect to database
mysql_connect("localhost", "REMOVED", "REMOVED") or die(mysql_error());
mysql_select_db("REMOVED");
//Set variables, and call checkSecurityImage
$security_refid = $HTTP_POST_VARS["security_refid"];
$security_try = $HTTP_POST_VARS["security_try"];
$checkSecurity = checkSecurityImage($security_refid, $security_try);
//Depending on result, tell user entered value was correct or incorrect
if ($checkSecurity) {
$validnot = "correct";
} else {
$validnot = "incorrect";
}
//Write output F
echo("<b>You entered this as the security text:</b><br>\n
".$security_try."<br>\n
This is ".$validnot.".<br>\n
-------------------------------<br><br>\n
");
}
?>
<form name="signupform" method="post" action="<?=$_SERVER["PHP_SELF"]?>">
Please sign up for our website:
<br>
<br>
Name:
<input name="name" type="text" id="name">
<br>
<? insertSecurityImage("security_refid") ?>
<br>
Enter what you see:
<input name="security_try" type="text" id="security_try" size="20" maxlength="10">
(can't see? try reloading page)
<br>
<br>
<input type="submit" name="Submit" value="Signup!">
</body>
</html>
Any help pls? (its the same one that Clubhabbo and Hffm use)
http://www.php-mysql-tutorial.com/user-authentication/image-verification.php
If that link may help, idk. It didnt for me
The image displays but, idk how to put it in the form so it makes sure your typing a correct code
session_start();
$host = "localhost";
$user = "REMOVED";
$pass = "REMOVED";
$db = "REMOVED";
$ms = mysql_connect($host, $user, $pass);
if(!$ms) { echo "Error connecting to database.\n"; }
mysql_select_db($db);
if($_GET['login'] == "login") {
$user1_post = addslashes($_POST["username_post"]);
$pass1_post = addslashes($_POST["password_post"]);
$pass1_post = ($pass1_post);
if($user1_post == "" or $pass1_post == "") { echo "<center>
<table style=\"BORDER-COLLAPSE: collapse\" borderColor=\"#ffaaaa\" width=\"50%\" bgColor=\"#ffdddd\" border=\"1\" id=\"table1\">
<tr>
<td align=\"middle\"><font size=\"2\" face=\"Verdana\"><b>Login Error:</b><br>
<br>
<font size=\"1\">Unfortunatley, you have entered an incorrect username or
password.<br>
<br>
Please, Click one of the following links:<br>
<font color=\"black\"><a href=\"index.php\">Login again</a><br>
</font><a href=\"<A href="http://HabboMedia.net\"><font">http://HabboMedia.net\"><font color=\"black\">Return to
HabboMedia</font></a><br>
<br>
HabboMedia© Copyright 2006</font></font></td>
</tr>
</table>
</center>"; exit; }
list($user) = mysql_fetch_array(mysql_query("SELECT `username` FROM `staff` WHERE username='$user1_post'"));
list($pass) = mysql_fetch_array(mysql_query("SELECT `password` FROM `staff` WHERE password='$pass1_post'"));
if($user1_post == "$user" and $pass1_post == "$pass") {
$sql = mysql_query("SELECT * FROM `staff` WHERE username='$user' AND password='$pass'");
if(mysql_num_rows($sql)!= 1) { exit; }
$result = mysql_fetch_array($sql);
$_SESSION['session_username'] = $result['username'];
$_SESSION['session_level'] = $result['level'];
$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];
echo "Please wait, you are being redirected.<meta http-equiv=\"refresh\" content=\"0;url=user.php\">";
exit;
} else { echo "<center>
<table style=\"BORDER-COLLAPSE: collapse\" borderColor=\"#ffaaaa\" width=\"50%\" bgColor=\"#ffdddd\" border=\"1\" id=\"table1\">
<tr>
<td align=\"middle\"><font size=\"2\" face=\"Verdana\"><b>Login Error:</b><br>
<br>
<font size=\"1\">You have entered an incorrect password.<br>
<br>
Please, Click one of the following links:<br>
<font color=\"black\"><a href=\"index.php\">Login again</a><br>
</font><a href=\"<A href="http://HabboMedia.net\"><font">http://HabboMedia.net\"><font color=\"black\">Return to
HabboMedia</font></a><br>
<br>
HabboMedia.net© Copyright 2006</font></font></td>
</tr>
</table>
</center>"; }
} else { ?>
<body bgcolor="#F45000" bgproperties="fixed" style="background-image: url('http://images.habbohotel.co.uk/c_images//backgrounds/HC_royal.gif')">
<p align="center">
</p>
<center>
<div align="center">
<table width="329" height="3" style="border-collapse: collapse" cellpadding="0" cellspacing="0" id="table2">
<tr>
<td width="330" height="11" align="center">
</td>
</tr>
<tr>
<td align="center" width="400" background="hk_middle.gif" height="342">
<form action="<?php echo "$PHP_SELF"; ?>?login=login" method="POST">
<font size="1" face="Verdana"><br>
<br>
</font><table border="0" id="table3" width="252" height="87">
<tr>
<td>
<tr>
<td>
<p align="right"><b><font size="1" face="Verdana">Username:</font></b></td>
<td>
<p align="center">
<span style="font-size: 10px"><font face="Verdana">
<input class="boarder" size="25" name="username_post" style="float: left; border: 1px dashed #000000"></font></span></td>
</tr>
<tr>
<td>
<font face="Verdana"><span style="font-size: 10px; font-weight: 700">PIN</span></font></td>
<td>
<font face="Verdana" style="font-size: 10px"> <img width="175" src="securityimage.php"><br><input name="security_try" type="text" id="security_try" size="25" maxlength="25" style="border: 1px dashed #000000"></font></td>
</tr>
<tr>
<td>
<p align="center"><font size="1" face="Verdana"><b>Password:</b></font></td>
<td>
<p align="center"><font face="Verdana" size="1" color="#FFFFFF">
<span style="font-size: 10px"><font face="Verdana">
<input type="password" name="password_post" size="25" style="border-style:dashed; border-width:1px; float: left"></font></span></font></td>
</tr>
<font face="Verdana"><span style="font-size: 10px">
<br>
</span></font>
</table>
<span style="font-size: 10px"><font face="Verdana">
<br><input type="submit" value="Send" class="submit" />
</font></span>
<p><font face="Verdana" size="1" color="black"><b>This area is for HabboMedia staff only!</b></font></p>
</form></td>
</tr>
</table>
</div>
<p align="center"> </p>
<?php } ?>
Right, I need someones help making the image verification script work, I think I have to include something from signup_demo.php (Code listed below)
<?php
//Define function to insert security image
function insertSecurityImage($inputname) {
$refid = md5(mktime()*rand());
$insertstr = "<img src=\"securityimage.php?refid=".$refid."\" alt=\"Security Image\">\n
<input type=\"hidden\" name=\"".$inputname."\" value=\"".$refid."\">";
echo($insertstr);
}
//Define function to check security image confirmation
function checkSecurityImage($referenceid, $enteredvalue) {
$referenceid = mysql_escape_string($referenceid);
$enteredvalue = mysql_escape_string($enteredvalue);
$tempQuery = mysql_query("SELECT ID FROM security_images WHERE
referenceid='".$referenceid."' AND hiddentext='".$enteredvalue."'");
if (mysql_num_rows($tempQuery)!=0) {
return true;
} else {
return false;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Signup Demo</title>
</head>
<body>
<?php
if (isset($HTTP_POST_VARS["name"]) && isset($HTTP_POST_VARS["security_try"])) {
//Connect to database
mysql_connect("localhost", "REMOVED", "REMOVED") or die(mysql_error());
mysql_select_db("REMOVED");
//Set variables, and call checkSecurityImage
$security_refid = $HTTP_POST_VARS["security_refid"];
$security_try = $HTTP_POST_VARS["security_try"];
$checkSecurity = checkSecurityImage($security_refid, $security_try);
//Depending on result, tell user entered value was correct or incorrect
if ($checkSecurity) {
$validnot = "correct";
} else {
$validnot = "incorrect";
}
//Write output F
echo("<b>You entered this as the security text:</b><br>\n
".$security_try."<br>\n
This is ".$validnot.".<br>\n
-------------------------------<br><br>\n
");
}
?>
<form name="signupform" method="post" action="<?=$_SERVER["PHP_SELF"]?>">
Please sign up for our website:
<br>
<br>
Name:
<input name="name" type="text" id="name">
<br>
<? insertSecurityImage("security_refid") ?>
<br>
Enter what you see:
<input name="security_try" type="text" id="security_try" size="20" maxlength="10">
(can't see? try reloading page)
<br>
<br>
<input type="submit" name="Submit" value="Signup!">
</body>
</html>
Any help pls? (its the same one that Clubhabbo and Hffm use)
http://www.php-mysql-tutorial.com/user-authentication/image-verification.php
If that link may help, idk. It didnt for me
The image displays but, idk how to put it in the form so it makes sure your typing a correct code