| Berzerker |
7th October 2014 15:25 |
I need I have to check the includes if they are linked correct... or I need another compile command...
Does nobody have the Installation.txt ?
Bump: So sorry for double post...
I got that source running now including the announce...
Now I have the problem that I want to make the site open for registration without secret.
Here is the signup.php :
PHP Code:
<?
require_once("include/bittorrent.php");
dbconn();
if(!isset($_GET[secret])){
httperr();
}
$secret = sqlesc($_GET[secret]);
$s = mysql_query("SELECT * FROM invites WHERE secret = $secret") or sqlerr(__FILE__, __LINE__);
if(mysql_num_rows($s) != 1){
stderr("Error","The invite-URL you got there is invalid or already used.");
}
$b = mysql_fetch_array($s);
$email = $b[email];
stdhead("Signup");
?>
<script type="text/javascript" language="JavaScript">
function checkName() {
wantusername = document.getElementById('wantusername').value;
var url = 'checkName.php?wantusername=' + escape(wantusername);
try {
request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e2) {
request = false;
}
}
if (!request && typeof XMLHttpRequest != 'undefined') {
request = new XMLHttpRequest();
}
request.open("GET", url, true);
global_content = wantusername;
request.onreadystatechange = gom;
request.send(null);
}
function gom() {
if (request.readyState == 4) {
if (request.status == 200) {
var response = request.responseText;
document.getElementById("zipResult").innerHTML = response;
if(response.substring(0,20) == '<font color=#cc0000>')
document.reform.submitt.disabled = true;
else if(response.substring(0,20) == '<font color=#33cc33>')
document.reform.submitt.disabled = false;
}
}
}
function testPass()
{
document.getElementById("td0").style.backgroundColor = 'white';
document.getElementById("td1").style.backgroundColor = 'white';
document.getElementById("td2").style.backgroundColor = 'white';
document.getElementById("td3").style.backgroundColor = 'white';
var p = document.getElementById("wantpassword");
if (p.value == "")
{
return;
}
var level = 5
if (!(/[a-zåäö]/.test(p.value) && /[A-ZÅÄÖ]/.test(p.value)))
level -=1;
if (!/[0-9]/.test(p.value))
level -=1;
if (!/[^0-9a-zåäö]/i.test(p.value))
level -=1;;
if (p.value.length < 6)
level -=1;
if (p.value.length < 9)
level -=1;
if(level == 1)
color='red';
else if(level == 2)
color='yellow';
else if(level > 2)
color='green';
for(i = 0; i < level; i++)
{
var cp = document.getElementById("td" + i);
cp.style.backgroundColor = color;
}
}
</script>
<p>
<form method="post" action="takesignup.php" name="reform">
<table border="1" cellspacing=0 cellpadding="10">
<tr><td align="right" class="heading">Username:</td><td align=left><input type="text" size="40" name="wantusername" id="wantusername" onblur="checkName();" />
</td>
<td width="250">
<div id="zipResult"></div></td></tr>
<tr>
<td align="right" class="heading">
Gender
</td>
<td>
<input type=radio name="gender" value=1>Male
<input type=radio name="gender" value=2>Female
<input type=radio name="gender" value=0 checked>None
</td>
<td></td>
</tr>
<tr>
<td align="right" class="heading">
Age
</td>
<td>
<input type="text" name="alder" size=2 MAXLENGTH=2 />
</td>
<td></td>
</tr>
<tr><td align="right" class="heading">Password:</td><td align=left><input type="password" size="40" name="wantpassword" id="wantpassword" onkeyUp="javascript:testPass();" />
</td><td>
Level of security:
<table border=1 cellspacing=0 cellpadding=2 width="200">
<tr>
<td id="td0"> </td>
<td id="td1"> </td>
<td id="td2"> </td>
<td id="td3"> </td>
</tr>
</table>
</td></tr>
<tr><td align="right" class="heading">Repeat password:</td><td align=left><input type="password" size="40" name="passagain" />
</td><td>
</td></tr>
<tr><td align="right" class="heading">Language:</td><td align=left width=200>
<?
echo "<label><input type=radio name=language value=swe checked><img src=/pic/flag/sweden.gif></label>
<label><input type=radio name=language value=eng><img src=/pic/flag/uk.gif></label>
<label><input type=radio name=language value=nor><img src=/pic/flag/norway.gif></label>
<label><input type=radio name=language value=dkk><img src=/pic/flag/denmark.gif></label>
<label><input type=radio name=language value=fin><img src=/pic/flag/finland.gif></label>
<label><input type=radio name=language value=fra><img src=/pic/flag/france.gif></label>
<label><input type=radio name=language value=dut><img src=/pic/flag/netherlands.gif></label>
<label><input type=radio name=language value=ger><img src=/pic/flag/germany.gif></label>";
?>
</td></tr>
<input type=hidden name=invitekod value="<? echo $_GET[secret]; ?>">
<input type=hidden name=email value="<? echo $email; ?>">
<tr><td colspan="3" align="center"><input type=submit value="Sign up!" style='height: 25px' name="submitt" disabled></td></tr>
</table>
</form>
<?
stdfoot();
?>
And the takesignup.php :
PHP Code:
<?
require_once("include/bittorrent.php");
dbconn();
set_time_limit(0);
ignore_user_abort(1);
if (!mkglobal("wantusername:wantpassword:passagain:email:language:invitekod"))
httperr();
function bark($msg) {
stdhead();
stdmsg("Failed!", $msg);
stdfoot();
exit;
}
function validinvitekod($kod)
{
$o = mysql_query("SELECT * FROM invites WHERE secret = '$kod';") or sqlerr(__FILE__, __LINE__);
$b = mysql_num_rows($o);
if($b == 1)
return True;
else
return False;
}
$eh = sqlesc($wantusername);
$count = mysql_query("SELECT * FROM users WHERE username = $eh;") or sqlerr(__FILE__, __LINE__);
if(mysql_num_rows($count)>0)
{
stderr("Error","Username taken.");
}
function validusername($username)
{
if ($username == "")
return false;
// The following characters are allowed in user names
$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < strlen($username); ++$i)
if (strpos($allowedchars, $username[$i]) === false)
return false;
return true;
}
function validatepass($pass)
{
//if((ctype_digit($pass) || ctype_alpha($pass)) && strlen($pass) <7)
//bark("The password must contain both letters and digits.");
if($pass == 'abc123')
bark("Oh please... abc123 is the worst password ever.");
if($pass == 'hejsan')
bark("Oh please... hejsan is the worst password ever.");
if($pass == '123456')
bark("Oh please... 123456 is the worst password ever.");
if($pass == 'password')
bark("Oh please... password is the worst password ever.");
if($pass == 'qwerty')
bark("Oh please... qwerty is the worst password ever.");
if($pass == 'hejhej')
bark("Oh please... hejhej is the worst password ever.");
if($pass == 'bajskorv')
bark("Oh please... bajskorv is the worst password ever.");
if($pass == 'kalle')
bark("Oh please... kalle is the worst password ever.");
if($pass == 'general')
bark("Oh please... general is the worst password ever.");
if (strlen($pass) < 6)
bark("Password too short (atleast 6 chars)");
if (strlen($pass) > 20)
bark("Password too long (maximum 20 chars)");
return true;
}
function isportopen($port)
{
global $HTTP_SERVER_VARS;
$sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1);
if ($sd)
{
fclose($sd);
return true;
}
else
return false;
}
/*
function isproxy()
{
$ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
for ($i = 0; $i < count($ports); ++$i)
if (isportopen($ports[$i])) return true;
return false;
}
*/
if (empty($wantusername) || empty($wantpassword) || empty($email))
bark("Dont leave any fields blank.");
if (strlen($wantusername) > 12)
bark("Username too long. (Max 12 chars)");
if ($wantpassword != $passagain)
bark("Password missmatch.");
if ($wantpassword == $wantusername)
bark("The password cant be the same as the username.");
if (!validusername($wantusername))
bark("Invalid username");
if (!validatepass($wantpassword))
bark("Pick another password...");
if (!validinvitekod($invitekod))
bark("Bad invitecode.");
if (!validemail($email))
bark("That doesn't look like a valid email address.");
// make sure user agrees to everything...
$a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
if ($a[0] != 0)
bark("The e-mail address $email is already in use.");
$wantpasshash = "temp";
$gender = 0+$_POST["gender"];
$alder = 0+$_POST["alder"];
$b = mysql_query("SELECT * FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
$oo = mysql_fetch_array($b);
$inv = $oo[userid];
$ip = $_SERVER["REMOTE_ADDR"];
$passkey = md5($CURUSER['username'].get_date_time().$CURUSER['passhash']);
//$ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, invited_by, added, last_access,byttpass) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey, $inv))) .",'" . get_date_time() . "','" . get_date_time() . "',1)");
$ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, invited_by, language, added, last_access, ip, gender, alder) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey, $inv, $language))) .",'" . get_date_time() . "','" . get_date_time() . "', '$ip', $gender, $alder)");
if (!$ret) {
if (mysql_errno() == 1062)
bark("MySQL fel i skapning av kontot!");
bark("Fel?");
}
$uid = mysql_insert_id();
$msg = sqlesc("The invite sent to {$email} is accepted and he/she choosed [url=/userdetails.php?id={$uid}][b]{$wantusername}[/b][/url] as username.");
$dt = sqlesc(get_date_time());
mysql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(1, $inv, $dt, $msg, 'Invite accepted')") or sqlerr(__FILE__, __LINE__);
$ro = mysql_fetch_array(mysql_query("SELECT added FROM users WHERE id = $uid LIMIT 1"));
$nyhash = md5(md5($wantpassword.$ro["added"])."korvspad1".$wantpassword);
mysql_query("UPDATE users SET passhash = '$nyhash' WHERE id = $uid LIMIT 1;") or sqlerr(__FILE__, __LINE__);
// Ny-Regg-Koll
$ip = $_SERVER["REMOTE_ADDR"];
$iplog = mysql_query("SELECT COUNT(*) FROM iplog WHERE ip = '$ip'") or sqlerr(__FILE__, __LINE__);
$iplog = mysql_fetch_array($iplog);
$host = gethostbyaddr($ip);
$regg = mysql_query("SELECT COUNT(*) FROM inlogg WHERE ip = '$ip'");
$regg = mysql_fetch_array($regg);
$ilog = $iplog[0] + $regg[0];
$level1 = mysql_num_rows(mysql_query("SELECT enabled FROM `inlogg` JOIN users on inlogg.uid = users.id WHERE inlogg.ip = '$ip' AND enabled = 'no'"));
$level2 = mysql_num_rows(mysql_query("SELECT enabled FROM `iplog` JOIN users on iplog.userid = users.id WHERE iplog.ip = '$ip' AND enabled = 'no'"));
if( ($level1+$level2) > 0 )
$level = 1;
else
$level = 0;
mysql_query("INSERT INTO nyregg(userid, datum, ip, hostname, email, log_mail, log_ip, level) VALUES($uid, '".get_date_time()."', '$ip', '$host', '$email', 0, $ilog, $level)") or sqlerr(__FILE__, __LINE__);
// Regg-koll-slut
mysql_query("DELETE FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
$passh = md5($HTTP_SERVER_VARS["REMOTE_ADDR"].$nyhash."hejsan".$HTTP_SERVER_VARS["REMOTE_ADDR"]);
logincookie($uid, $passh);
header("Refresh: 0; url=faq.php");
?>
So the first thing I recognized is in signup this part :
PHP Code:
if(!isset($_GET[secret])){
httperr();
}
$secret = sqlesc($_GET[secret]);
$s = mysql_query("SELECT * FROM invites WHERE secret = $secret") or sqlerr(__FILE__, __LINE__);
if(mysql_num_rows($s) != 1){
stderr("Error","The invite-URL you got there is invalid or already used.");
}
$b = mysql_fetch_array($s);
Then this here :
PHP Code:
<input type=hidden name=invitekod value="<? echo $_GET[secret]; ?>">
And in takesignup.php these parts :
PHP Code:
function validinvitekod($kod)
{
$o = mysql_query("SELECT * FROM invites WHERE secret = '$kod';") or sqlerr(__FILE__, __LINE__);
$b = mysql_num_rows($o);
if($b == 1)
return True;
else
return False;
}
and this :
PHP Code:
if (!validinvitekod($invitekod))
bark("Bad invitecode.");
then this :
PHP Code:
$b = mysql_query("SELECT * FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
$oo = mysql_fetch_array($b);
$inv = $oo[userid];
Also I think we need to remove this :
PHP Code:
$msg = sqlesc("The invite sent to {$email} is accepted and he/she choosed [url=/userdetails.php?id={$uid}][b]{$wantusername}[/b][/url] as username.");
$dt = sqlesc(get_date_time());
mysql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(1, $inv, $dt, $msg, 'Invite accepted')") or sqlerr(__FILE__, __LINE__);
And last but not least this :
PHP Code:
mysql_query("DELETE FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
Lets try if it works if I remove those lines :P
I will repost here it it worked...
Greetz
Bump: // EDIT 2 :
Got it !!!
The script barked with the valid Email so I deactivated it :
Here is the new signup.php and takrsignup.php for use WITHOUT SECRET CODE !!!
signup.php :
PHP Code:
<?
require_once("include/bittorrent.php");
dbconn();
$email = $b[email];
stdhead("Signup");
?>
<script type="text/javascript" language="JavaScript">
function checkName() {
wantusername = document.getElementById('wantusername').value;
var url = 'checkName.php?wantusername=' + escape(wantusername);
try {
request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e2) {
request = false;
}
}
if (!request && typeof XMLHttpRequest != 'undefined') {
request = new XMLHttpRequest();
}
request.open("GET", url, true);
global_content = wantusername;
request.onreadystatechange = gom;
request.send(null);
}
function gom() {
if (request.readyState == 4) {
if (request.status == 200) {
var response = request.responseText;
document.getElementById("zipResult").innerHTML = response;
if(response.substring(0,20) == '<font color=#cc0000>')
document.reform.submitt.disabled = true;
else if(response.substring(0,20) == '<font color=#33cc33>')
document.reform.submitt.disabled = false;
}
}
}
function testPass()
{
document.getElementById("td0").style.backgroundColor = 'white';
document.getElementById("td1").style.backgroundColor = 'white';
document.getElementById("td2").style.backgroundColor = 'white';
document.getElementById("td3").style.backgroundColor = 'white';
var p = document.getElementById("wantpassword");
if (p.value == "")
{
return;
}
var level = 5
if (!(/[a-zåäö]/.test(p.value) && /[A-ZÅÄÖ]/.test(p.value)))
level -=1;
if (!/[0-9]/.test(p.value))
level -=1;
if (!/[^0-9a-zåäö]/i.test(p.value))
level -=1;;
if (p.value.length < 6)
level -=1;
if (p.value.length < 9)
level -=1;
if(level == 1)
color='red';
else if(level == 2)
color='yellow';
else if(level > 2)
color='green';
for(i = 0; i < level; i++)
{
var cp = document.getElementById("td" + i);
cp.style.backgroundColor = color;
}
}
</script>
<p>
<form method="post" action="takesignup.php" name="reform">
<table border="1" cellspacing=0 cellpadding="10">
<tr><td align="right" class="heading">Username:</td><td align=left><input type="text" size="40" name="wantusername" id="wantusername" onblur="checkName();" />
</td>
<td width="250">
<div id="zipResult"></div></td></tr>
<tr>
<td align="right" class="heading">
Gender
</td>
<td>
<input type=radio name="gender" value=1>Male
<input type=radio name="gender" value=2>Female
<input type=radio name="gender" value=0 checked>None
</td>
<td></td>
</tr>
<tr>
<td align="right" class="heading">
Age
</td>
<td>
<input type="text" name="alder" size=2 MAXLENGTH=2 />
</td>
<td></td>
</tr>
<tr valign=top><td align="right" class="heading"><?= _('Email address') ?>:</td><td align=left><input type="text" size="40" name="email" />
<table width=250 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded><font class=small><?= _('The email address must be valid.') ?></td></tr>
</font></td></tr></table>
<tr><td align="right" class="heading">Password:</td><td align=left><input type="password" size="40" name="wantpassword" id="wantpassword" onkeyUp="javascript:testPass();" />
</td><td>
Level of security:
<table border=1 cellspacing=0 cellpadding=2 width="200">
<tr>
<td id="td0"> </td>
<td id="td1"> </td>
<td id="td2"> </td>
<td id="td3"> </td>
</tr>
</table>
</td></tr>
<tr><td align="right" class="heading">Repeat password:</td><td align=left><input type="password" size="40" name="passagain" />
</td><td>
</td></tr>
<tr><td align="right" class="heading">Language:</td><td align=left width=200>
<?
echo "<label><input type=radio name=language value=swe checked><img src=/pic/flag/sweden.gif></label>
<label><input type=radio name=language value=eng><img src=/pic/flag/uk.gif></label>
<label><input type=radio name=language value=nor><img src=/pic/flag/norway.gif></label>
<label><input type=radio name=language value=dkk><img src=/pic/flag/denmark.gif></label>
<label><input type=radio name=language value=fin><img src=/pic/flag/finland.gif></label>
<label><input type=radio name=language value=fra><img src=/pic/flag/france.gif></label>
<label><input type=radio name=language value=dut><img src=/pic/flag/netherlands.gif></label>
<label><input type=radio name=language value=ger><img src=/pic/flag/germany.gif></label>";
?>
</td></tr>
<tr><td colspan="3" align="center"><input type=submit value="Sign up!" style='height: 25px' name="submitt" disabled></td></tr>
</table>
</form>
<?
stdfoot();
?>
takesignup.php :
PHP Code:
<?
require_once("include/bittorrent.php");
dbconn();
set_time_limit(0);
ignore_user_abort(1);
if (!mkglobal("wantusername:wantpassword:passagain:email:language"))
httperr();
function bark($msg) {
stdhead();
stdmsg("Failed!", $msg);
stdfoot();
exit;
}
$eh = sqlesc($wantusername);
$count = mysql_query("SELECT * FROM users WHERE username = $eh;") or sqlerr(__FILE__, __LINE__);
if(mysql_num_rows($count)>0)
{
stderr("Error","Username taken.");
}
function validusername($username)
{
if ($username == "")
return false;
// The following characters are allowed in user names
$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < strlen($username); ++$i)
if (strpos($allowedchars, $username[$i]) === false)
return false;
return true;
}
function validatepass($pass)
{
//if((ctype_digit($pass) || ctype_alpha($pass)) && strlen($pass) <7)
//bark("The password must contain both letters and digits.");
if($pass == 'abc123')
bark("Oh please... abc123 is the worst password ever.");
if($pass == 'hejsan')
bark("Oh please... hejsan is the worst password ever.");
if($pass == '123456')
bark("Oh please... 123456 is the worst password ever.");
if($pass == 'password')
bark("Oh please... password is the worst password ever.");
if($pass == 'qwerty')
bark("Oh please... qwerty is the worst password ever.");
if($pass == 'hejhej')
bark("Oh please... hejhej is the worst password ever.");
if($pass == 'bajskorv')
bark("Oh please... bajskorv is the worst password ever.");
if($pass == 'kalle')
bark("Oh please... kalle is the worst password ever.");
if($pass == 'general')
bark("Oh please... general is the worst password ever.");
if (strlen($pass) < 6)
bark("Password too short (atleast 6 chars)");
if (strlen($pass) > 20)
bark("Password too long (maximum 20 chars)");
return true;
}
function isportopen($port)
{
global $HTTP_SERVER_VARS;
$sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1);
if ($sd)
{
fclose($sd);
return true;
}
else
return false;
}
/*
function isproxy()
{
$ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
for ($i = 0; $i < count($ports); ++$i)
if (isportopen($ports[$i])) return true;
return false;
}
*/
if (empty($wantusername) || empty($wantpassword))
bark("Dont leave any fields blank.");
if (strlen($wantusername) > 12)
bark("Username too long. (Max 12 chars)");
if ($wantpassword != $passagain)
bark("Password missmatch.");
if ($wantpassword == $wantusername)
bark("The password cant be the same as the username.");
if (!validusername($wantusername))
bark("Invalid username");
if (!validatepass($wantpassword))
bark("Pick another password...");
if (!validemail($email))
bark("That doesn't look like a valid email address.");
// make sure user agrees to everything...
$a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
if ($a[0] != 0)
bark("The e-mail address $email is already in use.");
$wantpasshash = "temp";
$gender = 0+$_POST["gender"];
$alder = 0+$_POST["alder"];
$ip = $_SERVER["REMOTE_ADDR"];
$passkey = md5($CURUSER['username'].get_date_time().$CURUSER['passhash']);
//$ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, added, last_access,byttpass) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey))) .",'" . get_date_time() . "','" . get_date_time() . "',1)");
$ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, language, added, last_access, ip, gender, alder) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey, $language))) .",'" . get_date_time() . "','" . get_date_time() . "', '$ip', $gender, $alder)");
if (!$ret) {
if (mysql_errno() == 1062)
bark("MySQL fel i skapning av kontot!");
bark("Fel?");
}
$uid = mysql_insert_id();
$ro = mysql_fetch_array(mysql_query("SELECT added FROM users WHERE id = $uid LIMIT 1"));
$nyhash = md5(md5($wantpassword.$ro["added"])."korvspad1".$wantpassword);
mysql_query("UPDATE users SET passhash = '$nyhash' WHERE id = $uid LIMIT 1;") or sqlerr(__FILE__, __LINE__);
// Ny-Regg-Koll
$ip = $_SERVER["REMOTE_ADDR"];
$iplog = mysql_query("SELECT COUNT(*) FROM iplog WHERE ip = '$ip'") or sqlerr(__FILE__, __LINE__);
$iplog = mysql_fetch_array($iplog);
$host = gethostbyaddr($ip);
$regg = mysql_query("SELECT COUNT(*) FROM inlogg WHERE ip = '$ip'");
$regg = mysql_fetch_array($regg);
$ilog = $iplog[0] + $regg[0];
$level1 = mysql_num_rows(mysql_query("SELECT enabled FROM `inlogg` JOIN users on inlogg.uid = users.id WHERE inlogg.ip = '$ip' AND enabled = 'no'"));
$level2 = mysql_num_rows(mysql_query("SELECT enabled FROM `iplog` JOIN users on iplog.userid = users.id WHERE iplog.ip = '$ip' AND enabled = 'no'"));
if( ($level1+$level2) > 0 )
$level = 1;
else
$level = 0;
mysql_query("INSERT INTO nyregg(userid, datum, ip, hostname, email, log_mail, log_ip, level) VALUES($uid, '".get_date_time()."', '$ip', '$host', '$email', 0, $ilog, $level)") or sqlerr(__FILE__, __LINE__);
// Regg-koll-slut
$passh = md5($HTTP_SERVER_VARS["REMOTE_ADDR"].$nyhash."hejsan".$HTTP_SERVER_VARS["REMOTE_ADDR"]);
logincookie($uid, $passh);
header("Refresh: 0; url=faq.php");
?>
Have fun with it :-) |
