Better sql page script
3 posters
Page 1 of 1
Better sql page script
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title><?=$servername?> Register Page : </title>
<link rel="icon" href="favicon.ico">
<style type="text/css">
</style>
<style type="text/css">
img { behavior: url("pngfix.htc"); }
</style>
</head>
<?php
/*
This Register Page Was Written By WizKid
This Anti Sql Injection Was Written By gWX0
This Anti Right Click Was Written By Kyuma
All Rights Reserved. Any Support Can Be Requested Via RageZone.
You'Re Allowed To Edit This Script And Modify The Template.
HowEver, You Are NOT Allowed To Remove And/Or Edit Our [ Wizkid , Kyuma And gWX0 ] CopyRight.
Removing This CopyRight Will Be Your Death.
*/
//Edit To Fit YOUR Requirements.
$servername = "Your Gunz Name Here";
$accounttable = "Account";
$logintable = "Login";
//Edit These Variables. If Not, No Register Page For You. (Or You'Re Fux Pro With The Same Login As Me.)
$host = "Your Host Here Example --> Kyuma09\SQLEXPRESS";
$user = "sa";
$pass = "Your sa Account Password";
$dbname = "GunzDB";
$connect = odbc_connect("Driver={SQL Server};Server={$host}; Database={$dbname}", $user, $pass) or die("Can't connect the MSSQL server.");
function antisql ( $sql ) {
return ( str_replace( "'", "''", $sql ) );
}
//My Favorite Function. Get The Fuck Off. (Nothing Personally :].)
function gtfo($wut) {
echo "<center><table width='500' cellpadding='5' cellspacing='0' border='0' style='border: 1px ;'>
<tr>
<td align=center width='100%' style='border-bottom: 1px solid black;'><b><?=$servername?> Register Page : </b></td>
</tr>
<tr>
<td width='100%'><center>$wut</center></td>
</tr>
</table>";
die();
}
//Check E-Mail Function. This To Prevent Fake E-Mails. (Remember The Time YOU Doing That?)
function checkemail($address) {
list($local, $host) = explode("@", $address);
$pattern_local = "^([0-9a-z]*([-|_]?[0-9a-z]+)*)(([-|_]?)\.([-|_]?)[0-9a-z]*([-|_]?[0-9a-z]+)+)*([-|_]?)$";
$pattern_host = "^([0-9a-z]+([-]?[0-9a-z]+)*)(([-]?)\.([-]?)[0-9a-z]*([-]?[0-9a-z]+)+)*\.[a-z]{2,4}$";
$match_local = eregi($pattern_local, $local);
$match_host = eregi($pattern_host, $host);
if($match_local && $match_host) {
return 1;
}
else {
return 0;
}
}
//The Num_rows() Function For ODBC Since The Default One Always Returns -1.
Function num_rows(&$rid) {
//We Can Try It At Least, Right?
$num= odbc_num_rows($rid);
if ($num >= 0) {
return $num;
}
if (!odbc_fetch_row($rid, 1)) {
odbc_fetch_row($rid, 0);
return 0;
}
if (!odbc_fetch_row($rid, 2)) {
odbc_fetch_row($rid, 0);
return 1;
}
$lo= 2;
$hi= 8192000;
while ($lo < ($hi - 1)) {
$mid= (int)(($hi + $lo) / 2);
if (odbc_fetch_row($rid, $mid)) {
$lo= $mid;
} else {
$hi= $mid;
}
}
$num= $lo;
odbc_fetch_row($rid, 0);
return $num;
}
?>
<html>
<head>
<title><?=$servername?> Register Page : </title>
</head>
<body>
<center>
<?php
//Oh Well. Let's Create The Variable $ip To Start With.
$ip = antisql($_SERVER['REMOTE_ADDR']);
/*
An Extra Feature. This Is NOT Enabled Before You Remove This + The Comment Thingy's.
To Ban 1 IP It Will Be:
if ($ip == "xxxxxx")
{
gtfo("Your IP Is BANNED!.");
}
For Multiple IP's, Use This Way:
if ($ip == "xxxxxx" OR $ip == "xxxxxx")
{
gtfo("Your IP Is BANNED!.");
}
*/
//Get The AID Out Of The Login Table (Defined At The Top Of This File) Where LastIP Is The Visitors IP.
$query1 = odbc_exec($connect,"SELECT AID FROM $logintable WHERE LastIP = '$ip'");
//UnderStable For The Real People. Editing This Without Knowledge Will Be The Death Of Your Register Page.
$i=1;
while (odbc_fetch_row($query1, $i)){
$aid = odbc_result($query1, 'AID');
$query2 = odbc_exec($connect,"SELECT UGradeID FROM $accounttable WHERE AID = '$aid'");
odbc_fetch_row($query2);
$ugradeid = odbc_result($query2, 1);
if ($ugradeid == "253")
{
//Get The Fuck Off.
gtfo("You Have One Or More Accounts Banned Here. You'Re Not Welcome Anymore.");
}
$i++;
}
//The Doreg Part.
if (isset($_GET['act']) AND $_GET['act'] == "doreg")
{
//Check For Any Shit.
if (!is_numeric($_POST['age']) OR !checkemail($_POST['email']) OR empty($_POST['username']) OR empty($_POST['password']) OR empty($_POST['email']) OR empty($_POST['name']) OR empty($_POST['age']))
{
gtfo("You'Re Not Funny.");
}
//Check If The User ID Exists Already.
$query1 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
$count1 = num_rows($query1);
if ($count1 >= 1)
{
gtfo("User ID In Use.");
}
//Check If The E-Mail Is In Use.
$query2 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE Email = '" . antisql($_POST['email']) . "'");
$count2 = num_rows($query2);
if ($count2 >= 1)
{
gtfo("E-Mail Address In Use.");
}
//Regdate
$regdate = date("Y-m-d H:i:s");
//Time For The Real Work. Editing This Will Be The End Of Your Register Page.
$query3 = odbc_exec($connect, "INSERT INTO $accounttable (UserID, UGradeID, PGradeID, RegDate, Email, Age, Name) VALUES ('".antisql($_POST['username'])."', '0', '0', '$regdate', '".antisql($_POST['email'])."', '".antisql($_POST['age'])."', '".antisql($_POST['name'])."')");
$query4 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
odbc_fetch_row($query4);
$aid = odbc_result($query4, 1);
//If No Results Comes Back. (Registration Failed.)
if (!$aid)
{
gtfo("Something Happened. Please Report This Bug At <?=$servername?> Forums!");
}
odbc_exec($connect, "INSERT INTO $logintable (UserID, AID, Password) VALUES ('".antisql($_POST['username'])."', '$aid', '".antisql($_POST['password'])."')");
//When Everything Is Done, show The User ID And The Password To The Visitor.
//IF YOU WANT U CAN EDIT THE $_POST[password] AND PUT **************** FOR HIDE THE PASSWORD!.
gtfo("Your <?=$servername?> Account Has Been Created. ! <br><br>
Your User ID : $_POST[username]<br>
Your Password : $_POST[password]<br><br>
Have Fun At $servername ! ");
}
//Here The Party Begins. Feel Free To Edit This.
echo "<table width='350'>
<form action='" . $_SERVER['PHP_SELF'] . "?act=doreg' method='POST'>
<b><?=$servername?> Register Page : </b><br><br>
<tr>
<td width='50%'><b>Your User ID : </b></td>
<td width='50%'><input type='text' name='username'></td>
</tr>
<tr>
<td width='50%'><b>Your Password : </b></td>
<td width='50%'><input type='password' name='password'></td>
</tr>
<tr>
<td width='50%'><b>Your E-Mail : </b></td>
<td width='50%'><input type='text' name='email'></td>
</tr>
<tr>
<td width='50%'><b>Your Name : </b></td>
<td width='50%'><input type='text' name='name'></td>
</tr>
<tr>
<td width='50%'><b>Your Age : </b></td>
<td width='50%'><input type='text' name='age'></td>
</tr>
<tr>
<td width='50%'><b></b></td>
<td width='50%'><input type='submit' value='Register An <?=$servername?> Account'></td>
</tr>
</table>";
?>
<br>
<!-- No You Cant Remove It. -->
<font size="3">Copyright 2009~2010 WizKid , Kyuma And gWX0 - <?=$servername?> </font>
<!-- See? -->
</center>
</body>
</html></div>
</select>
</form>
</table>
</div>
</body>
</html>
<head>
<script language="JavaScript"> <!--
// No RightClick Script v.0.5
// (C) 2009~2010 Kyuma
// Kyuma09@hotmail.com Or kyuma@legendarygamerz.com
// Don't Delete This Header!
var message="Get The Fuck Off"; // Message For The Alert Box
// Don't Edit Below!
function click(e) {
if (document.all) {
if (event.button == 2) {
alert(message);
return false;
}
}
if (document.layers) {
if (e.which == 3) {
alert(message);
return false;
}
}
}
if (document.layers) {
document.captureEvents(Event.MOUSEDOWN);
}
document.onmousedown=click;
// --> </script>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title><?=$servername?> Register Page : </title>
<link rel="icon" href="favicon.ico">
<style type="text/css">
</style>
<style type="text/css">
img { behavior: url("pngfix.htc"); }
</style>
</head>
<?php
/*
This Register Page Was Written By WizKid
This Anti Sql Injection Was Written By gWX0
This Anti Right Click Was Written By Kyuma
All Rights Reserved. Any Support Can Be Requested Via RageZone.
You'Re Allowed To Edit This Script And Modify The Template.
HowEver, You Are NOT Allowed To Remove And/Or Edit Our [ Wizkid , Kyuma And gWX0 ] CopyRight.
Removing This CopyRight Will Be Your Death.
*/
//Edit To Fit YOUR Requirements.
$servername = "Your Gunz Name Here";
$accounttable = "Account";
$logintable = "Login";
//Edit These Variables. If Not, No Register Page For You. (Or You'Re Fux Pro With The Same Login As Me.)
$host = "Your Host Here Example --> Kyuma09\SQLEXPRESS";
$user = "sa";
$pass = "Your sa Account Password";
$dbname = "GunzDB";
$connect = odbc_connect("Driver={SQL Server};Server={$host}; Database={$dbname}", $user, $pass) or die("Can't connect the MSSQL server.");
function antisql ( $sql ) {
return ( str_replace( "'", "''", $sql ) );
}
//My Favorite Function. Get The Fuck Off. (Nothing Personally :].)
function gtfo($wut) {
echo "<center><table width='500' cellpadding='5' cellspacing='0' border='0' style='border: 1px ;'>
<tr>
<td align=center width='100%' style='border-bottom: 1px solid black;'><b><?=$servername?> Register Page : </b></td>
</tr>
<tr>
<td width='100%'><center>$wut</center></td>
</tr>
</table>";
die();
}
//Check E-Mail Function. This To Prevent Fake E-Mails. (Remember The Time YOU Doing That?)
function checkemail($address) {
list($local, $host) = explode("@", $address);
$pattern_local = "^([0-9a-z]*([-|_]?[0-9a-z]+)*)(([-|_]?)\.([-|_]?)[0-9a-z]*([-|_]?[0-9a-z]+)+)*([-|_]?)$";
$pattern_host = "^([0-9a-z]+([-]?[0-9a-z]+)*)(([-]?)\.([-]?)[0-9a-z]*([-]?[0-9a-z]+)+)*\.[a-z]{2,4}$";
$match_local = eregi($pattern_local, $local);
$match_host = eregi($pattern_host, $host);
if($match_local && $match_host) {
return 1;
}
else {
return 0;
}
}
//The Num_rows() Function For ODBC Since The Default One Always Returns -1.
Function num_rows(&$rid) {
//We Can Try It At Least, Right?
$num= odbc_num_rows($rid);
if ($num >= 0) {
return $num;
}
if (!odbc_fetch_row($rid, 1)) {
odbc_fetch_row($rid, 0);
return 0;
}
if (!odbc_fetch_row($rid, 2)) {
odbc_fetch_row($rid, 0);
return 1;
}
$lo= 2;
$hi= 8192000;
while ($lo < ($hi - 1)) {
$mid= (int)(($hi + $lo) / 2);
if (odbc_fetch_row($rid, $mid)) {
$lo= $mid;
} else {
$hi= $mid;
}
}
$num= $lo;
odbc_fetch_row($rid, 0);
return $num;
}
?>
<html>
<head>
<title><?=$servername?> Register Page : </title>
</head>
<body>
<center>
<?php
//Oh Well. Let's Create The Variable $ip To Start With.
$ip = antisql($_SERVER['REMOTE_ADDR']);
/*
An Extra Feature. This Is NOT Enabled Before You Remove This + The Comment Thingy's.
To Ban 1 IP It Will Be:
if ($ip == "xxxxxx")
{
gtfo("Your IP Is BANNED!.");
}
For Multiple IP's, Use This Way:
if ($ip == "xxxxxx" OR $ip == "xxxxxx")
{
gtfo("Your IP Is BANNED!.");
}
*/
//Get The AID Out Of The Login Table (Defined At The Top Of This File) Where LastIP Is The Visitors IP.
$query1 = odbc_exec($connect,"SELECT AID FROM $logintable WHERE LastIP = '$ip'");
//UnderStable For The Real People. Editing This Without Knowledge Will Be The Death Of Your Register Page.
$i=1;
while (odbc_fetch_row($query1, $i)){
$aid = odbc_result($query1, 'AID');
$query2 = odbc_exec($connect,"SELECT UGradeID FROM $accounttable WHERE AID = '$aid'");
odbc_fetch_row($query2);
$ugradeid = odbc_result($query2, 1);
if ($ugradeid == "253")
{
//Get The Fuck Off.
gtfo("You Have One Or More Accounts Banned Here. You'Re Not Welcome Anymore.");
}
$i++;
}
//The Doreg Part.
if (isset($_GET['act']) AND $_GET['act'] == "doreg")
{
//Check For Any Shit.
if (!is_numeric($_POST['age']) OR !checkemail($_POST['email']) OR empty($_POST['username']) OR empty($_POST['password']) OR empty($_POST['email']) OR empty($_POST['name']) OR empty($_POST['age']))
{
gtfo("You'Re Not Funny.");
}
//Check If The User ID Exists Already.
$query1 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
$count1 = num_rows($query1);
if ($count1 >= 1)
{
gtfo("User ID In Use.");
}
//Check If The E-Mail Is In Use.
$query2 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE Email = '" . antisql($_POST['email']) . "'");
$count2 = num_rows($query2);
if ($count2 >= 1)
{
gtfo("E-Mail Address In Use.");
}
//Regdate
$regdate = date("Y-m-d H:i:s");
//Time For The Real Work. Editing This Will Be The End Of Your Register Page.
$query3 = odbc_exec($connect, "INSERT INTO $accounttable (UserID, UGradeID, PGradeID, RegDate, Email, Age, Name) VALUES ('".antisql($_POST['username'])."', '0', '0', '$regdate', '".antisql($_POST['email'])."', '".antisql($_POST['age'])."', '".antisql($_POST['name'])."')");
$query4 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
odbc_fetch_row($query4);
$aid = odbc_result($query4, 1);
//If No Results Comes Back. (Registration Failed.)
if (!$aid)
{
gtfo("Something Happened. Please Report This Bug At <?=$servername?> Forums!");
}
odbc_exec($connect, "INSERT INTO $logintable (UserID, AID, Password) VALUES ('".antisql($_POST['username'])."', '$aid', '".antisql($_POST['password'])."')");
//When Everything Is Done, show The User ID And The Password To The Visitor.
//IF YOU WANT U CAN EDIT THE $_POST[password] AND PUT **************** FOR HIDE THE PASSWORD!.
gtfo("Your <?=$servername?> Account Has Been Created. ! <br><br>
Your User ID : $_POST[username]<br>
Your Password : $_POST[password]<br><br>
Have Fun At $servername ! ");
}
//Here The Party Begins. Feel Free To Edit This.
echo "<table width='350'>
<form action='" . $_SERVER['PHP_SELF'] . "?act=doreg' method='POST'>
<b><?=$servername?> Register Page : </b><br><br>
<tr>
<td width='50%'><b>Your User ID : </b></td>
<td width='50%'><input type='text' name='username'></td>
</tr>
<tr>
<td width='50%'><b>Your Password : </b></td>
<td width='50%'><input type='password' name='password'></td>
</tr>
<tr>
<td width='50%'><b>Your E-Mail : </b></td>
<td width='50%'><input type='text' name='email'></td>
</tr>
<tr>
<td width='50%'><b>Your Name : </b></td>
<td width='50%'><input type='text' name='name'></td>
</tr>
<tr>
<td width='50%'><b>Your Age : </b></td>
<td width='50%'><input type='text' name='age'></td>
</tr>
<tr>
<td width='50%'><b></b></td>
<td width='50%'><input type='submit' value='Register An <?=$servername?> Account'></td>
</tr>
</table>";
?>
<br>
<!-- No You Cant Remove It. -->
<font size="3">Copyright 2009~2010 WizKid , Kyuma And gWX0 - <?=$servername?> </font>
<!-- See? -->
</center>
</body>
</html></div>
</select>
</form>
</table>
</div>
</body>
</html>
<head>
<script language="JavaScript"> <!--
// No RightClick Script v.0.5
// (C) 2009~2010 Kyuma
// Kyuma09@hotmail.com Or kyuma@legendarygamerz.com
// Don't Delete This Header!
var message="Get The Fuck Off"; // Message For The Alert Box
// Don't Edit Below!
function click(e) {
if (document.all) {
if (event.button == 2) {
alert(message);
return false;
}
}
if (document.layers) {
if (e.which == 3) {
alert(message);
return false;
}
}
}
if (document.layers) {
document.captureEvents(Event.MOUSEDOWN);
}
document.onmousedown=click;
// --> </script>
Antoni- Posts : 53
Points : 78
Sl Rep : 3
Join date : 2010-04-07
Age : 28
Location : Brookyln, new york 11230
Re: Better sql page script
Thats the anti sql register page.
Antoni- Posts : 53
Points : 78
Sl Rep : 3
Join date : 2010-04-07
Age : 28
Location : Brookyln, new york 11230
Re: Better sql page script
I dont get it you double post you're leeched copyed and pasted stuff?
Azer- Posts : 27
Points : 29
Sl Rep : -2
Join date : 2010-04-05
Location : In you'r mums underwear ;)
Re: Better sql page script
another leeched thing and double posting cmon owners no one else is aloud to do this y shud he be aloud
{M}ichael- Posts : 99
Points : 120
Sl Rep : -10
Join date : 2010-04-05
Re: Better sql page script
Azer wrote:I dont get it you double post you're leeched copyed and pasted stuff?
Friend made it not me so stfu azer your bad.
Antoni- Posts : 53
Points : 78
Sl Rep : 3
Join date : 2010-04-07
Age : 28
Location : Brookyln, new york 11230
Re: Better sql page script
then say your friend made it cuz there looks like ure trying to take credit for it and nice for getting it
{M}ichael- Posts : 99
Points : 120
Sl Rep : -10
Join date : 2010-04-05
Re: Better sql page script
Antoni wrote:Azer wrote:I dont get it you double post you're leeched copyed and pasted stuff?
Friend made it not me so stfu azer your bad.
So it's leeched you dident make it therefore it's not you're work.
Azer- Posts : 27
Points : 29
Sl Rep : -2
Join date : 2010-04-05
Location : In you'r mums underwear ;)
Re: Better sql page script
Azer wrote:Antoni wrote:Azer wrote:I dont get it you double post you're leeched copyed and pasted stuff?
Friend made it not me so stfu azer your bad.
So it's leeched you dident make it therefore it's not you're work.
I can code my own to busy at the moment.
Antoni- Posts : 53
Points : 78
Sl Rep : 3
Join date : 2010-04-07
Age : 28
Location : Brookyln, new york 11230
Re: Better sql page script
Antoni wrote:Azer wrote:Antoni wrote:Azer wrote:I dont get it you double post you're leeched copyed and pasted stuff?
Friend made it not me so stfu azer your bad.
So it's leeched you dident make it therefore it's not you're work.
I can code my own to busy at the moment.
Ok fair enough you got any work i can see??
Like weps and clothes :
Azer- Posts : 27
Points : 29
Sl Rep : -2
Join date : 2010-04-05
Location : In you'r mums underwear ;)
Re: Better sql page script
Azer wrote:Antoni wrote:Azer wrote:Antoni wrote:Azer wrote:I dont get it you double post you're leeched copyed and pasted stuff?
Friend made it not me so stfu azer your bad.
So it's leeched you dident make it therefore it's not you're work.
I can code my own to busy at the moment.
Ok fair enough you got any work i can see??
Like weps and clothes :
All on my laptop sorry.
Antoni- Posts : 53
Points : 78
Sl Rep : 3
Join date : 2010-04-07
Age : 28
Location : Brookyln, new york 11230
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|