Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > TBDev
Reply
  #1  
Old 25th January 2014, 01:11
theilya2 theilya2 is offline
Senior Member
 
Join Date: Sep 2012
Israel
Posts: 25
Default Login/After signup problem
Hello
i have some strange problems
1. part of people after registration trying to login and they get the error
"username or password incorrect" but thats correct i tryed too and i get this error and sometimes i check in db if they users are there and i didnt see them

2. again part of people have access to login and when they clicks on the navbar or some torrent page they thrown to the login page


i will be happy if someone take a look inside the files


login.php
PHP Code:
<?php
/*
+------------------------------------------------
|   TBDev.net BitTorrent Tracker PHP
|   =============================================
|   by CoLdFuSiOn
|   (c) 2003 - 2009 TBDev.Net
|   http://www.tbdev.net
|   =============================================
|   svn: http://sourceforge.net/projects/tbdevnet/
|   Licence Info: GPL
+------------------------------------------------
|   $Date$
|   $Revision$
|   $Author$
|   $URL$
+------------------------------------------------
*/
require_once "include/bittorrent.php" ;

    
ini_set('session.use_trans_sid''0');

    
$lang array_mergeload_language('global'), load_language('login') );
    
    
// Begin the session
    
session_start();
    
/*if (isset($_SESSION['captcha_time']))
    (time() - $_SESSION['captcha_time'] < 10) ? exit("{$lang['login_spam']}") : NULL;*/

    
$HTMLOUT '';

    unset(
$returnto);
    
/*if (!empty($_GET["returnto"])) {
      $returnto = $_GET["returnto"];
      if (!isset($_GET["nowarn"])) 
      {
        $HTMLOUT .= "<h1>{$lang['login_not_logged_in']}</h1>\n";
        $HTMLOUT .= "{$lang['login_error']}";
      }
    }*/


    /*$HTMLOUT .= "<script type='text/javascript' src='captcha/captcha.js'></script>

    <form method='post' action='takelogin.php'>
    <p>Note: You need cookies enabled to log in.</p>
    <table border='0' cellpadding='5'>
      <tr>
        <td class='rowhead'>{$lang['login_username']}</td>
        <td align='left'><input type='text' size='40' name='username' /></td>
      </tr>
      <tr>
        <td class='rowhead'>{$lang['login_password']}</td>
        <td align='left'><input type='password' size='40' name='password' /></td>
      </tr>
    <!--<tr><td class='rowhead'>{$lang['login_duration']}</td><td align='left'><input type='checkbox' name='logout' value='yes' checked='checked' />{$lang['login_15mins']}</td></tr>-->
      <tr>
        <td>&nbsp;</td>
        <td>
          <div id='captchaimage'>
          <a href='login.php' onclick=\"refreshimg(); return false;\" title='{$lang['login_refresh']}'>
          <img class='cimage' src='captcha/GD_Security_image.php?".TIME_NOW."' alt='{$lang['login_captcha']}' />
          </a>
          </div>
         </td>
      </tr>
      <tr>
          <td class='rowhead'>{$lang['login_pin']}</td>
          <td>
            <input type='text' maxlength='6' name='captcha' id='captcha' onblur='check(); return false;'/>
          </td>
      </tr>
      <tr>
        <td colspan='2' align='center'>
          <input type='submit' value='{$lang['login_login']}' class='btn' />
        </td>
      </tr>
    </table>";*/

    
if (isset($_GET["error"]) && !empty($_GET["error"]))
    {
        
$error strip_tags(htmlspecialchars($_GET["error"]));
        if (
$error == 1
            
$error "שם משתמש או סיסמא אינם תקינים";
        elseif (
$error == 2)
            
$error "חשבונך באתר בוטל!";
    }
    
    
$HTMLOUT .= "<script type='text/javascript' src='captcha/captcha.js'></script>
        <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
        \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
        
        <html dir='rtl' xmlns='http://www.w3.org/1999/xhtml'>
        <head>

            <meta name='generator' content='TBDev.net' />
            <meta http-equiv='Content-Language' content='he-il' />
            <meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
            
            <title>DownLand :: Log In</title>
            <link rel='stylesheet' href='
{$TBDEV['stylesheet']}' type='text/css' />
            <script type='text/javascript' src='./scripts/jquery-1.10.2.js'></script>
            <script type='text/javascript' src='./scripts/scripts.js'></script>
                        
            <script type='text/javascript' src='./scripts/java_klappe.js'></script>
            <script type='text/javascript' src='/lightbox/js/jquery-1.10.2.min.js'></script>
            <script type='text/javascript' src='/lightbox/js/lightbox-2.6.min.js'></script>
            <link type='text/css' rel='stylesheet' href='/lightbox/css/lightbox.css' />
        </head>
            <body style='background-image: url(images/topbg.jpg); overflow: hidden'>
                <form method='post' action='takelogin.php'>
                <div id='loginblock'>
                 <table>
                  <tr>
                   <td><input type='text' name='username' placeholder='שם משתמש' autocomplete='off' /></td>
                  </tr>
                  <tr>
                   <td><input type='password' name='password' placeholder='סיסמא' /></td>
                  </tr>
                  <tr>
                   <td style='padding-top: 5px'>
                    <div id='captchaimage'>
                    <a href='login.php' onclick=\"refreshimg(); return false;\" title='
{$lang['login_refresh']}'>
                    <img src='captcha/GD_Security_image.php?"
.TIME_NOW."' alt='{$lang['login_captcha']}' />
                    </a>
                    </div>
                   </td>
                  </tr>
                  <tr>
                   <td><input style='text-transform: uppercase;' maxlength='6' type='text' name='captcha' id='captcha' onblur='check(); return false;' placeholder='קוד אבטחה' autocomplete='off' /></td>
                  </tr>
                  <tr>
                   <td><input type='submit' value='התחבר' /></td>
                  </tr>
                 </table>
                </div>
                </form>
            </body>
        </html>
        "
;

    
/*if (isset($returnto))
      $HTMLOUT .= "<input type='hidden' name='returnto' value='" . htmlentities($returnto) . "' />\n";*/


    /*$HTMLOUT .= "</form>
    {$lang['login_signup']}";*/


    
print $HTMLOUT stdfoot("login");
    
//print stdhead("{$lang['login_login_btn']}") . $HTMLOUT . stdfoot();

?>
takelogin.php
PHP Code:
<?php
/*
+------------------------------------------------
|   TBDev.net BitTorrent Tracker PHP
|   =============================================
|   by CoLdFuSiOn
|   (c) 2003 - 2009 TBDev.Net
|   http://www.tbdev.net
|   =============================================
|   svn: http://sourceforge.net/projects/tbdevnet/
|   Licence Info: GPL
+------------------------------------------------
|   $Date$
|   $Revision$
|   $Author$
|   $URL$
+------------------------------------------------
*/
require_once 'include/bittorrent.php';
require_once 
"include/password_functions.php";

    if (!
mkglobal('username:password:captcha'))
      die();
      
    
session_start();
      if(empty(
$captcha) || $_SESSION['captcha_id'] != strtoupper($captcha)){
          
header('Location: login.php');
          exit();
    }

    
dbconn();
    
    
$lang array_mergeload_language('global'), load_language('takelogin') );


    
$res mysql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = " sqlesc($username) . " AND status = 'confirmed'");
    
$row mysql_fetch_assoc($res);

    if (!
$row)
      
stderr($lang['tlogin_failed'], 'שם משתמש או סיסמא אינם נכונים<br /><br /><a class=\'a\' href=\'login.php\'>חזור</a>'"login");
    
    if (
$row['passhash'] != make_passhash$row['secret'], md5($password) ) )
    
//if ($row['passhash'] != md5($row['secret'] . $password))
      
stderr($lang['tlogin_failed'], 'שם משתמש או סיסמא אינם נכונים<br /><br /><a class=\'a\' href=\'login.php\'>חזור</a>'"login");

    if (
$row['enabled'] == 'no')
      
stderr($lang['tlogin_failed'], "חשבונך באתר מבוטל""login");

    
//logincookie($row['id'], $row['passhash']);
    
$passh md5($row["passhash"].$_SERVER["REMOTE_ADDR"]);
    
logincookie($row["id"], $passh);


//$returnto = str_replace('&amp;', '&', htmlspecialchars($_POST['returnto']));
//$returnto = $_POST['returnto'];
    //if (!empty($returnto))
      //header("Location: ".$returnto);
    //else
      
header("Location: {$TBDEV['baseurl']}/my.php");

?>
signup.php
PHP Code:
<?php
/*
+------------------------------------------------
|   TBDev.net BitTorrent Tracker PHP
|   =============================================
|   by CoLdFuSiOn
|   (c) 2003 - 2009 TBDev.Net
|   http://www.tbdev.net
|   =============================================
|   svn: http://sourceforge.net/projects/tbdevnet/
|   Licence Info: GPL
+------------------------------------------------
|   $Date$
|   $Revision$
|   $Author$
|   $URL$
+------------------------------------------------
*/
require_once "include/bittorrent.php";
require_once 
ROOT_PATH."/cache/timezones.php";

dbconn();
    
    if( isset(
$CURUSER) )
      exit();
    
    
ini_set('session.use_trans_sid''0');

    
$lang array_mergeload_language('global'), load_language('signup') );
    
    if(!
$TBDEV['openreg'])
            
stderr('Sorry''ההרשמה לאתר דורשת הזמנה!'"login");
    
    
// Begin the session
    
session_start();
    
/*if (isset($_SESSION['captcha_time']))
    (time() - $_SESSION['captcha_time'] < 10) ? exit($lang['captcha_spam']) : NULL;*/
    
    
$HTMLOUT '';
    
    
$res mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE____LINE__);
    
$arr mysql_fetch_row($res);
    if (
$arr[0] >= $TBDEV['maxusers'])
      
stderr($lang['stderr_errorhead'], sprintf($lang['stderr_ulimit'], $TBDEV['maxusers']));

    
// TIMEZONE STUFF
        
$offset = (string)$TBDEV['time_offset'];
        
        
$time_select "<select name='user_timezone'>";
        
        foreach( 
$TZ as $off => $words )
        {
          if ( 
preg_match("/^time_(-?[\d\.]+)$/"$off$match))
          {
            
$time_select .= $match[1] == $offset "<option value='{$match[1]}' selected='selected'>$words</option>\n" "<option value='{$match[1]}'>$words</option>\n";
          }
        }
        
        
$time_select .= "</select>";
    
// TIMEZONE END
        
    


    
$thistime time();
    
    
$HTMLOUT .= "<script type='text/javascript' src='captcha/captcha.js'></script>
        <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
        \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
        
        <html dir='rtl' xmlns='http://www.w3.org/1999/xhtml'>
        <head>

            <meta name='generator' content='TBDev.net' />
            <meta http-equiv='Content-Language' content='he-il' />
            <meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
            
            <title>DownLand :: Log In</title>
            <link rel='stylesheet' href='
{$TBDEV['stylesheet']}' type='text/css' />
            <script type='text/javascript' src='./scripts/jquery-1.10.2.js'></script>
            <script type='text/javascript' src='./scripts/scripts.js'></script>
                        
            <script type='text/javascript' src='./scripts/java_klappe.js'></script>
            <script type='text/javascript' src='/lightbox/js/jquery-1.10.2.min.js'></script>
            <script type='text/javascript' src='/lightbox/js/lightbox-2.6.min.js'></script>
            <link type='text/css' rel='stylesheet' href='/lightbox/css/lightbox.css' />
        </head>
            <body style='background-image: url(images/topbg.jpg); overflow: hidden'>

    <form method='post' action='takesignup.php' style='padding: 10%'>
    <div id='loginblock' style='margin-top: 0'>
    <table>
    <tr><td><input type='text'  name='wantusername' placeholder='שם משתמש' autocomplete='off' /></td></tr>
    <tr><td><input type='password'  name='wantpassword' placeholder='סיסמא' autocomplete='off' /></td></tr>
    <tr><td><input type='password'  name='passagain' placeholder='סיסמא בשנית' autocomplete='off' /></td></tr>
    <tr valign='top'><td><input type='text'  name='email' placeholder='אימייל' autocomplete='off' /></td></tr>
    <!--<tr><td align='left'>
{$time_select}</td></tr>-->
      <tr>
        <td>
          <div id='captchaimage'>
          <a href='signup.php' onclick=\"refreshimg(); return false;\" title='
{$lang['captcha_refresh']}'>
          <img class='cimage' src='captcha/GD_Security_image.php?
$thistime' alt='{$lang['captcha_image_alt']}' />
          </a>
          </div>
         </td>
      </tr>
      <tr>
          <td>
            <input style='text-transform: uppercase;' type='text' maxlength='6' name='captcha' id='captcha' onblur='check(); return false;' autocomplete='off' />
          </td>
      </tr>
    <tr><td style='padding:3px 0 5px 0'>
    <input type='hidden' name='rulesverify' value='yes' />
    <input type='checkbox' name='faqverify' value='yes' id='faqv' /> <label for='faqv' style='color: white; font-size: 13px'>אני מתחייב לקרוא את השו\"ת</label>
    <input type='hidden' name='ageverify' value='yes' />
    </td></tr>
    <tr>
    <td align='center'><input type='hidden' name='user_timezone' value='2' /><input type='submit' value='
{$lang['signup_btn']}' /></td></tr>
    </table>
    </div>
    </form>
    </body>
    </html>"
;
    
/*    $HTMLOUT .= "<script type='text/javascript' src='captcha/captcha.js'></script>
        <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
        \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
        
        <html dir='rtl' xmlns='http://www.w3.org/1999/xhtml'>
        <head>

            <meta name='generator' content='TBDev.net' />
            <meta http-equiv='Content-Language' content='he-il' />
            <meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
            
            <title>DownLand :: Log In</title>
            <link rel='stylesheet' href='{$TBDEV['stylesheet']}' type='text/css' />
            <script type='text/javascript' src='./scripts/jquery-1.10.2.js'></script>
            <script type='text/javascript' src='./scripts/scripts.js'></script>
                        
            <script type='text/javascript' src='./scripts/java_klappe.js'></script>
            <script type='text/javascript' src='/lightbox/js/jquery-1.10.2.min.js'></script>
            <script type='text/javascript' src='/lightbox/js/lightbox-2.6.min.js'></script>
            <link type='text/css' rel='stylesheet' href='/lightbox/css/lightbox.css' />
        </head>
            <body style='background-image: url(images/topbg.jpg); overflow: hidden'>
                <form method='post' action='takelogin.php' style='padding: 10%'>
                <div id='loginblock' style='margin-top: 0'>
                 <table>
                  <tr>
                   <td><input type='text' name='wantusername' placeholder='שם משתמש' autocomplete='off' /></td>
                  </tr>
                  <tr>
                   <td><input type='password' name='wantpassword' placeholder='סיסמא' /></td>
                  </tr>
                  <tr>
                   <td><input type='password' name='passagain' placeholder='הסיסמא בשנית' /></td>
                  </tr>
                  <tr>
                   <td><input type='text' name='email' placeholder='אימייל' /></td>
                  </tr>
                  <tr>
                   <td style='padding-top: 5px'>
                    <div id='captchaimage'>
                    <a href='login.php' onclick=\"refreshimg(); return false;\" title='{$lang['captcha_refresh']}'>
                    <img src='captcha/GD_Security_image.php?".TIME_NOW."' alt='{$lang['captcha_image_alt']}' />
                    </a>
                    </div>
                   </td>
                  </tr>
                  <tr>
                   <td><input style='text-transform: uppercase;' maxlength='6' type='text' name='captcha' id='captcha' onblur='check(); return false;' placeholder='קוד אבטחה' autocomplete='off' /></td>
                  </tr>
                  <tr>
                   <td><input type='hidden' name='user_timezone' value='2' />
                   <input type='submit' value='הרשם' /></td>
                  </tr>
                 </table>
                </div>
                </form>
            </body>
        </html>
        ";*/


    
print $HTMLOUT stdfoot("login");

?>
takesignup.php
PHP Code:
<?php
/*
+------------------------------------------------
|   TBDev.net BitTorrent Tracker PHP
|   =============================================
|   by CoLdFuSiOn
|   (c) 2003 - 2009 TBDev.Net
|   http://www.tbdev.net
|   =============================================
|   svn: http://sourceforge.net/projects/tbdevnet/
|   Licence Info: GPL
+------------------------------------------------
|   $Date$
|   $Revision$
|   $Author$
|   $URL$
+------------------------------------------------
*/

require_once "include/bittorrent.php";
require_once 
"include/password_functions.php";

dbconn();

    
$lang array_mergeload_language('global'), load_language('takesignup') );
    
    
$res mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE____LINE__);
    
$arr mysql_fetch_row($res);
    
    if (
$arr[0] >= $TBDEV['maxusers'])
      
stderr($lang['takesignup_error'], $lang['takesignup_limit']);

//if (!mkglobal("wantusername:wantpassword:passagain:email:captcha"))
//    die();
    
foreach( array('wantusername','wantpassword','passagain','email','captcha') as $x )
    {
      if( !isset(
$_POST$x ]) )
      {
        
stderr($lang['takesignup_user_error'], $lang['takesignup_form_data']);
      }
      
      ${
$x} = $_POST$x ];
    }

    
session_start();
    
    if(empty(
$captcha) || $_SESSION['captcha_id'] != strtoupper($captcha))
    {
        
header('Location: signup.php');
        exit();
    }


function 
validusername($username)
  {
    global 
$lang;
    
    if (
$username == "")
      return 
false;
    
    
$namelength strlen($username);
    
    if( (
$namelength 3) OR ($namelength 32) )
    {
      
stderr($lang['takesignup_user_error'], $lang['takesignup_username_length']);
    }
    
// The following characters are allowed in user names
    
$allowedchars $lang['takesignup_allowed_chars'];
    
    for (
$i 0$i $namelength; ++$i)
    {
      if (
strpos($allowedchars$username[$i]) === false)
        return 
false;
    }
    
    return 
true;
  }
/*
function isportopen($port)
{
    $sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
    if ($sd)
    {
        fclose($sd);
        return true;
    }
    else
        return false;
}

function isproxy()
{
    $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
    for ($i = 0; $i < count($ports); ++$i)
        if (isportopen($ports[$i])) return true;
    return false;
}
*/
    
if (empty($wantusername) || empty($wantpassword) || empty($email))
      
stderr($lang['takesignup_user_error'], $lang['takesignup_blank']);
    
    if (
$wantpassword != $passagain)
      
stderr($lang['takesignup_user_error'], $lang['takesignup_nomatch']);

    if (
strlen($wantpassword) < 6)
      
stderr($lang['takesignup_user_error'], $lang['takesignup_pass_short']);

    if (
strlen($wantpassword) > 40)
      
stderr($lang['takesignup_user_error'], $lang['takesignup_pass_long']);

    if (
$wantpassword == $wantusername)
      
stderr($lang['takesignup_user_error'], $lang['takesignup_same']);

    if (!
validemail($email))
      
stderr($lang['takesignup_user_error'], $lang['takesignup_validemail']);

    if (!
validusername($wantusername))
      
stderr($lang['takesignup_user_error'], $lang['takesignup_invalidname']);

    
// make sure user agrees to everything...
    
if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
      
stderr($lang['takesignup_failed'], $lang['takesignup_qualify']);

    
// check if email addy is already in use
    
$a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
    if (
$a[0] != 0)
      
stderr($lang['takesignup_user_error'], $lang['takesignup_email_used']);

    
// TIMEZONE STUFF
    
if(isset($_POST["user_timezone"]) && preg_match('#^\-?\d{1,2}(?:\.\d{1,2})?$#'$_POST['user_timezone']))
    {
    
$time_offset sqlesc($_POST['user_timezone']);
    }
    else
    { 
$time_offset = isset($TBDEV['time_offset']) ? sqlesc($TBDEV['time_offset']) : '0'; }
    
// have a stab at getting dst parameter?
    
$dst_in_use localtime(time() + ($time_offset 3600), true);
    
// TIMEZONE STUFF END

    
$secret mksecret();
    
$wantpasshash make_passhash$secretmd5($wantpassword) );
    
$editsecret = ( !$arr[0] ? "" make_passhash_login_key() );

    
$ret mysql_query("INSERT INTO users (username, passhash, secret, editsecret, email, status, ". (!$arr[0]?"class, ":"") ."added, time_offset, dst_in_use) VALUES (" .
        
implode(","array_map("sqlesc", array($wantusername$wantpasshash$secret$editsecret$email, (!$arr[0]?'confirmed':'pending')))).
        
", ". (!$arr[0]?UC_SYSOP.", ":""). ""time() ." , $time_offset{$dst_in_use['tm_isdst']})");

    if (!
$ret
    {
      if (
mysql_errno() == 1062)
        
stderr($lang['takesignup_user_error'], $lang['takesignup_user_exists']);
      
stderr($lang['takesignup_user_error'], $lang['takesignup_fatal_error']);
    }

    
$id mysql_insert_id();

//write_log("User account $id ($wantusername) was created");

    
$psecret $editsecret//md5($editsecret);

    
$body str_replace(array('<#SITENAME#>''<#USEREMAIL#>''<#IP_ADDRESS#>''<#REG_LINK#>'),
                        array(
$TBDEV['site_name'], $email$_SERVER['REMOTE_ADDR'], "{$TBDEV['baseurl']}/confirm.php?id=$id&secret=$psecret"),
                        
$lang['takesignup_email_body']);

    if(
$arr[0])
      
mail($email"{$TBDEV['site_name']} {$lang['takesignup_confirm']}"$body"{$lang['takesignup_from']} {$TBDEV['site_email']}");
    else 
      
logincookie($id$wantpasshash);

    
header("Refresh: 0; url=ok.php?type=". (!$arr[0]?"sysop":("signup&email=" urlencode($email))));

?>
Reply With Quote
  #2  
Old 29th October 2014, 23:23
WhyMe WhyMe is offline
Banned
 
Join Date: Apr 2014
P2P
Posts: 160
Question
Now it as nothing to with the above files have you set a cooke on domain in config

PHP Code:
$whatever['cookie_prefix'] = '#cookie_prefix'// This allows you to have multiple trackers, eg for demos, testing etc.
$whatever['cookie_path'] = '#cookie_path'// ATTENTION: You should never need this unless the above applies eg: /tbdev
$whatever['cookie_domain'] = '#cookie_domain'// set to eg: .somedomain.com or is subdomain set to: .sub.somedomain.com
$whatever['domain'] = '#domain'
Reply With Quote
Reply

Tags
login or after , problem , signup

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 18:39. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.