ArcEmu: Encrypted signup page - Secure - ArcEmu

Jump to content

Toggle shoutbox Lastest Announcements

dfighter  : (07 December 2014 - 12:06 PM) Arcemu is in hibernation mode, please read http://arcemu.org/fo...showtopic=26903
dfighter  : (01 January 2013 - 05:56 PM) Arcemu wishes you all a happy new year!
Hasbro  : (12 September 2012 - 10:01 AM) Please excuse our outage from the web! Our web host had a major malfunction!
dfighter  : (01 September 2012 - 04:05 PM) Since the spam bots just don't want to stop, I've enabled admin verification when registering.
dfighter  : (23 January 2012 - 09:56 PM) Please note that from now on you will need to confirm your email on the wiki in order to edit it!
Hasbro  : (31 December 2011 - 12:50 PM) Happy New Years all!
Navid  : (26 December 2011 - 04:09 AM) Merry Christmas !!!!!! Happy holidays all :)
WAmadeus  : (24 December 2011 - 03:54 PM) Merry Christmas to all!
dfighter  : (24 December 2011 - 11:05 AM) The Arcemu team wishes y'all a Merry Christmukkah!
Hasbro  : (05 October 2011 - 12:53 PM) Looking for web designers for upcoming web related project. If you're interested in designing user interfaces contact me
dfighter  : (02 September 2011 - 03:47 PM) So who here wants vehicles in Arcemu? :P http://arcemu.org/fo...showtopic=25440
Hasbro  : (14 August 2011 - 03:25 PM) Join us on irc, grab an irc client and connect to irc.freenode.net join channel #arcemu /server irc.freenode.net:6667 /join #arcemu
jackpoz  : (03 August 2011 - 05:33 AM) to all Lua Engine (old one) users: please check http://arcemu.org/fo...showtopic=25274
Hasbro  : (20 May 2011 - 05:27 PM) Looking for people experienced with CMake configuration and setup! Contact me asap
Hasbro  : (15 May 2011 - 05:03 PM) ArcEmu is recruiting C++ programmers, contact Hasbro if interested.
paroxysm  : (03 May 2011 - 06:26 PM) Updated luabridge gossip example to describe the whole gossip creation process rather than just how to create menu. Gossip tutorial
paroxysm  : (23 April 2011 - 11:35 AM) Lua writers can refer to the Luabridge Tutorials section in the Wiki to learn how to write gossip code correctly.
Hasbro  : (20 April 2011 - 05:22 PM) Thank you for your continuous contribution of bug reports, we are working on them.
Hasbro  : (17 April 2011 - 03:20 AM) Please consider donating to support our bills. Donations can be sent using PayPal to donations@arcemu.org - Thank you for your support.
paroxysm  : (10 April 2011 - 12:43 AM) Refer to the Luabridge Tutorials section in the Wiki to learn the new syntax of luabridge.
Resize Shouts Area

  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Encrypted signup page - Secure Made by YennZo

#1 User is offline   Hasbro 

  • Project Manager
  • PipPipPipPipPipPipPipPipPip
  • Group: Administrator
  • Posts: 2,526
  • Joined: 07-June 08
  • Gender:Male
  • Location:New York
  • Server OS:Windows

Posted 17 June 2008 - 02:59 PM

	<?php
	   session_start();
	   function reg()
	   {
		  // if user already create an account on this session
		  if($_SERVER['REQUEST_METHOD'] == "POST")
		  {
			 // Connect to db (edit this vars)
			 $conf["host"] = "127.0.0.1";
			 $conf["user"] = "root";
			 $conf["password"] = "";
			 $conf["db"] = "login";
			 $conf["ok"] = "Your account has been created successfuly !";
			 $conf["multi"] = false; // if you allow multi account its true else false (default not allowed)
			 $connect = mysql_connect($conf["host"],$conf["user"],$conf["password"]) or die(mysql_error());
			 mysql_select_db($conf["db"],$connect) or die(mysql_error());
		  
			 // get login, password, email from form
			 $login = !get_magic_quotes_gpc() ? addslashes($_POST['login']) : $_POST['login'];
			 $password = !get_magic_quotes_gpc() ? addslashes($_POST['password']) : $_POST['password'];
			 $email = !get_magic_quotes_gpc() ? addslashes($_POST['email']) : $_POST['email'];
			 $ip = $_SERVER['REMOTE_ADDR'];
			 // comment the 2 next line if you allow multi accounts
			 if(($_SESSION['reg'] || already_reg($ip)) && !$conf["multi"])
				return "<div style='background-color:red; color:white; font-weight:bold;'>Already one accounts on this IP !</div>".form();
						 
			 // check for valid password and login
			 if(!is_str($login) || !is_str($password) || strlen($login) <= 5 || strlen($password) <= 5)
				return "<div style='background-color:red; color:white; font-weight:bold;'>Login or password are invalid !</div>".form();
			 // check for valid email
			 if(!is_email($email))
				return "<div style='background-color:red; color:white; font-weight:bold;'>Invalid email !</div>".form();
			 // create a new var for encrypted_password
			 $sha1pass = sha1(strtoupper($login).":".strtoupper($password));
			 // if query return true its ok else nok and print again the form
			 $sql = "INSERT INTO accounts(login,password,encrypted_password,gm,email,flags,lastip) VALUES('$login','$password','$sha1pass',0,'$email',24,'$ip');";
			 if(mysql_query($sql))
			 {
				mysql_close($connect);   
				$_SESSION['reg'] = true;
				return "<div style='background-color:green; color:white; font-weight:bold;'>".$conf["ok"]."</div>";
			 }
			 switch(mysql_errno())
			 {
				case 1062 :
				   return "<div style='background-color:red; color:white; font-weight:bold;'>This accounts already exist !</div> ".form();
				   break;
			 }
			 return "Mysql Error : ".mysql_errno()."<br />".form();
		  }
		  else
			 return form();
	   }
	   function is_str($str)
	   {
		  return ereg("^[A-Za-z0-9]+$",$str);
	   }
	   function is_email($mail)
	   {
			 $regex='#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$#';
		  if(preg_match($regex,$mail));
		  {
			 $c = mysql_query("SELECT email FROM accounts WHERE email = '$mail';");
			 if(mysql_num_rows($c) == 0)
				return true;
		  }
		  return false;
	   }
	   function already_reg($ip)
	   {
		  $c = mysql_query("SELECT * FROM accounts WHERE lastip = '$ip';");
		  if(mysql_num_rows($c) == 0)
			 return false;
		  return true;
	   }
	   function form()
	   {
		   return '
		  <form action="'.htmlentities($_SERVER['PHP_SELF']).'" method="post">
			 <table>
				<tr><td>Login : (6 chars min) </td><td><input name="login" value="" type="text" style="border:1px dashed #FFFFFF; background-color:#CCCCCC;" /></td></tr>
				<tr><td>Password : (6 chars min) </td><td><input name="password" value="" type="password" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;" /></td></tr>
				<tr><td>Email : </td><td><input name="email" value="" type="text" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;" /></td></tr>
				<tr><td colspan="2" align="center"><input type="submit" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;"/></td></tr>
			 </table>
		  </form>';
	   }
	?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
	<title>Reg page :)</title>
	</head>

	<body style="background-color:#333333; color:#CCCCCC;">
	<?php echo reg(); ?>
	</body>
	</html>


Made by YennZo
1

#2 User is offline   The Heich 

  • Member
  • Pip
  • Group: Members
  • Posts: 38
  • Joined: 07-June 08

Posted 18 June 2008 - 11:21 PM

Wonderful!!! Thanks Hasbro and thank to YennZo.
0

#3 User is offline   Deej 

  • Member
  • Pip
  • Group: Members
  • Posts: 99
  • Joined: 07-June 08

Posted 21 June 2008 - 07:21 PM

So what is the purpose of having the encrypted password column if the unencrypted one is still there? 0.o

Is it up to the admin to get rid of the normal password column eventually? We will eventually standardize the logon structure without the unencrypted column?
0

#4 User is offline   Tyranade 

  • Enthusiast
  • PipPipPip
  • Group: Members
  • Posts: 234
  • Joined: 08-June 08
  • Location:England
  • Interests:Metal and WoW

Posted 28 June 2008 - 07:02 PM

Im getting


Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at D:\webserver\xampp\htdocs\TEST.PHP:1) in D:\webserver\xampp\htdocs\TEST.PHP on line 2

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at D:\webserver\xampp\htdocs\TEST.PHP:1) in D:\webserver\xampp\htdocs\TEST.PHP on line 2

0

#5 User is offline   Kenjiro 

  • Enthusiast
  • PipPipPip
  • Group: Members
  • Posts: 311
  • Joined: 12-June 08
  • Location:Poland

Posted 29 June 2008 - 08:03 AM

Remove all chars before first <?php.
0

#6 User is offline   AJ Henderson 

  • Newbie
  • Group: Members
  • Posts: 1
  • Joined: 22-July 08

Posted 22 July 2008 - 11:03 PM

I am trying to use a derivitive of this code to setup my login creation, however when I try logging in with the user, it says my password is invalid. Is there anything that has to be done other than what is on the lines setting $user, $password and $sha1password to get the correct sha1 encoding in to $sha1password?

UPDATE: So apparently my php is generating the wrong SHA1 value somehow. Running through MySQL's SHA function works fine so I'm just gonna alter my update query to work off of that.

Update2: Never mind, I'm retarded. My password was comming back as an array for some reason and so it was interpretting the password as "Array"
0

#7 User is offline   Kaasie 

  • Member
  • Pip
  • Group: Members
  • Posts: 24
  • Joined: 12-August 08

Posted 15 August 2008 - 08:53 AM

View PostTyranade, on Jun 29 2008, 02:02 AM, said:

Im getting


Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at D:\webserver\xampp\htdocs\TEST.PHP:1) in D:\webserver\xampp\htdocs\TEST.PHP on line 2

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at D:\webserver\xampp\htdocs\TEST.PHP:1) in D:\webserver\xampp\htdocs\TEST.PHP on line 2


In the function delete session_start(); , and put this on the top of your website:

<?
session_start();
?>
0

#8 User is offline   hide 

  • Newbie
  • Group: Members
  • Posts: 5
  • Joined: 09-August 08

Posted 17 August 2008 - 08:58 PM

I'm getting a green blank screen when I submit query :P
0

#9 User is offline   Bryce 

  • Member
  • Pip
  • Group: Members
  • Posts: 36
  • Joined: 11-August 08
  • Location:Beyond Terra

Posted 20 August 2008 - 04:24 PM

I got it to work nicely, but only on localhost, in which i am unable to make public because something is wrong... I put it on my domain, and when i press submit query:

Quote

Warning: mysql_connect() [function.mysql-connect]: Host 'host.xxx.com' is not allowed to connect to this MySQL server in /x/x/public_html/wowsign.php on line 15
Host 'host.xxx.com' is not allowed to connect to this MySQL server


So basically, the MySQL Database is blocking external access? Anyway to fix this?

EDIT: Nevermind, I had to add a user for the database for this. This script is nice, simple and easily editable. I added some other features such as capcha, and data for other tables.
0

#10 User is offline   Exanthos 

  • Enthusiast
  • PipPipPip
  • Group: Members
  • Posts: 195
  • Joined: 21-August 08
  • Location:Seattle, Washington

Posted 04 September 2008 - 10:15 PM

I favor this script more then any other haha, Its simple and easy to use ;)
0

#11 User is offline   Myh 

  • Member
  • Pip
  • Group: Members
  • Posts: 36
  • Joined: 18-June 08
  • Location:Romania

Posted 05 September 2008 - 06:57 AM

How about a forgot/change password script?
WoW-Romania.RO OWNER
www.wow-romania.ro
0

#12 User is offline   Tobii 

  • Member
  • Pip
  • Group: Members
  • Posts: 45
  • Joined: 14-August 08

Posted 02 October 2008 - 01:09 PM

1. How can i change the border so it's doesn't split, but is a line?
2. Can i change the submit button to a picture?

And, thank you.. it fits my website.. :huh:

Now i know i'm not allowed to put big server ads in my sig.
The fun thing is that other people do it.. Oh well..
0

#13 User is offline   KronKa 

  • Member
  • Pip
  • Group: Members
  • Posts: 52
  • Joined: 21-September 08

Posted 02 October 2008 - 04:49 PM

View PostTobii, on Oct 2 2008, 11:09 AM, said:

1. How can i change the border so it's doesn't split, but is a line?
2. Can i change the submit button to a picture?

And, thank you.. it fits my website.. :P


Replace

Quote

<table>
<tr><td>Login : (6 chars min) </td><td><input name="login" value="" type="text" style="border:1px dashed #FFFFFF; background-color:#CCCCCC;" /></td></tr>
<tr><td>Password : (6 chars min) </td><td><input name="password" value="" type="password" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;" /></td></tr>
<tr><td>Email : </td><td><input name="email" value="" type="text" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;" /></td></tr>
<tr><td colspan="2" align="center"><input type="submit" style="border:1px dashed #FFFFFF;background-color:#CCCCCC;"/></td></tr>
</table>



With

			 <table>
				<tr><td>Login : (6 chars min) </td><td><input name="login" value="" type="text" style="border:1px #FFFFFF; background-color:#CCCCCC;" /></td></tr>
				<tr><td>Password : (6 chars min) </td><td><input name="password" value="" type="password" style="border:1px #FFFFFF;background-color:#CCCCCC;" /></td></tr>
				<tr><td>Email : </td><td><input name="email" value="" type="text" style="border:1px #FFFFFF;background-color:#CCCCCC;" /></td></tr>
				<tr><td colspan="2" align="center"><input type="submit" style="border:1px #FFFFFF;background-color:#CCCCCC;"/></td></tr>
			 </table>


For images and that you would need to put
<img src="[IMAGE LOCATION]" border="0px" />
replace the [IMAGE LOCATION] with the location of the image lol of course.

Not sure about Submit Query thing to change it since it comes up as that if you have it type="submit" so yeah. maybe someone else can help you for that one.
-----------------KronKa---
KronKa@live.com
0

#14 User is offline   seg168 

  • Newbie
  • Group: Members
  • Posts: 8
  • Joined: 02-August 08

Posted 14 November 2008 - 02:38 AM

amazing :) ! Thank you Hasbro and YennZo
0

#15 User is offline   BadBull 

  • Member
  • Pip
  • Group: Members
  • Posts: 29
  • Joined: 07-June 08

Posted 25 January 2009 - 05:46 AM

Only thing what that need is dropdown to choice classic, bc or wotlk. :P
Can somebody help me with it?
0

#16 User is offline   Darksoul 

  • Newbie
  • Group: Members
  • Posts: 8
  • Joined: 09-March 09

Posted 15 March 2009 - 06:52 AM

Thanks for the script!.
0

#17 User is offline   dfighter 

  • Titles are overrated
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Administrator
  • Posts: 5,189
  • Joined: 14-June 08
  • IRC:dfighter
  • Gender:Male
  • Server OS:Linux

Posted 15 March 2009 - 05:08 PM

Unless you serve the page over https, the password will still get transmitted unencrypted over the network.
"The demand for free goods is infinite."
0

#18 User is offline   pedwily 

  • Newbie
  • Group: Members
  • Posts: 4
  • Joined: 26-January 09

Posted 09 May 2009 - 12:40 AM

I get "Mysql Error : 1364" for some reason...
0

#19 User is offline   Slic 

  • Member
  • Pip
  • Group: Members
  • Posts: 16
  • Joined: 14-May 09

Posted 14 May 2009 - 09:08 AM

View Postpedwily, on May 9 2009, 06:40 AM, said:

I get "Mysql Error : 1364" for some reason...

Same here...
0

#20 User is offline   chronic 

  • Advanced Member
  • Group: Supporter
  • Posts: 61
  • Joined: 12-August 08
  • Gender:Male

Posted 26 June 2009 - 05:15 AM

I am also getting Mysql Error : 1364
Posted Image
0

Share this topic:


  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users