need help fixing this php script

Yesideez · December 8, 2008

premiso, I was just about to say the exact same thing!

gevans · December 8, 2008

Just for your information COOKIES are not a safe way of handling user login system. They can easily be changed and taken advantage of to hack into systems. I'd strongly recommend going down the SESSION route, far more secure.

Jiraiya · December 8, 2008

ok then here are the 3 scripts

login script

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: player.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=http://narutotalesofthesannin.com/join.php>Click To Sign Up</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the members area
header("Location: player.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?> 




</body>
</html>

fighting script

session_start();

if(!isset($_GET['NPC']))
   {
echo "1";
   echo "You have not selected a NPC to fight! Please select one from below <br><br>";

   $NPCS = mysql_query("SELECT * FROM `npc`");
   while($Show = mysql_fetch_array($NPCS))
      {
      echo "<a href=\"Attack.php?NPC={$Show['npcname']}\">{$Show['npcname']}</a><br>";
      }
   exit();
   }

$NPC = mysql_real_escape_string($_GET['NPC']);

echo "<a href=\"Attack.php?NPC=" . $NPC . "&Action=Attack\">Attack</a><br>
<a href=\"Attack.php?NPC=" . $NPC . "&Action=Run\">Run</a><br>";

$username = $_COOKIE['ID_my_site'];

if(isset($_COOKIE['NPC']))
   {
echo "2";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);
   $UserH = $_COOKIE['health'];
   $UserA = $UserS['skill'];
   $UserA *= .1;

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   $NPCH = $_COOKIE['NPCH'];
   $NPCA = $NPCS['dmg'];
   $NPCA *= .1;
   $NPCX = $NPCS['skillgained'];

   $NPCH -= $UserA;

   if($NPCH <= 0)
      {
      echo "You win and have gained " . $NPCX . " skill";

      $UserA = $UserS['skill'] + $NPCX;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_COOKIE['NPC']);

      exit();
      }

   setcookie('NPCH', $NPCH, 2400);

   $UserH -= $NPCA;

   if($UserH <= 0)
      {
      echo "You have lost";

      $UserA = $UserA * .95;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_COOKIE['NPC']);

      exit();
      }

   setcookie('health', $UserH, 2400);
   }
else
   {
echo "3";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   
   setcookie('NPC', $NPC, 2400);
   setcookie('health', $UserS['health'], 2400);
   setcookie('skill', $UserS['skill'], 2400);
   setcookie('NPCH', $NPCS['health'], 2400);
   }

?>


</body>
</html>

here is the profile script

echo $_COOKIE['ID_my_site'];

?> to. <br>Naruto:Tales Of The Sannin.<br><br><img src='http://i246.photobucket.com/albums/gg97/frogjam/vizardavatar.gif' height='300'></center<br>









<br>


<?php

// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("members") or die(mysql_error());


$username = $_COOKIE['ID_my_site']; 
$sql = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

   while($row = mysql_fetch_array($sql)) {

                    echo "Name:".$row['username']."<br/>";
                    echo "Level:".$row['level']."<br/>";
                    echo "Health:".$row['health']."<br/>";
                    echo "Skill:".$row['skill']."<br/>";
                    echo "Chakra:".$row['chakra']."<br/>";
                    echo "Rank:".$row['rank']."<br/>";
                    echo "Kills:".$row['kills']."<br/>";
                    echo "Kekkei Genkai:".$row['bloodline']."<br/>";
                    echo "Location:".$row['location']."<br/>";
                    echo "Village:".$row['village']."<br/>";
                    // Then just carry on
  
        }
?>



<br>




<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBIWjpEn88rvxnYAlnbvC5ssV7ygIF3bmeRM65Oyp8rjKgjSEgd/1Yi+/1nz8hfPq/uDcDO1arCxl+kNuughppbSmxUx8UJDUZrCZJUsrC2C01G4/jswyy0ZXGGn6pL2uUeRmCVNF8EKJDeQ1jf2SvE1bGL/FHrtNNWqfNaYpktITELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIlbCsX1VLJTeAgaA6KpDzL4lVHRNwMSU0ryu/orS2nxwIgSin1mq9ovOzqEFwei9Uutj91TMVMSjRHwCmSylnp4la+XJ2HKbeS8rATiDIjivZ3BrTw3EocKwyaATwRbEe0JxmoMdxR311lMC5SyB0jNAaH1PmKk2ZEoqj8hFQPmEzivOrGDpvW6XcigdV0dOfzB2zGqXEAcFrXYRpp7OSf0lEkx1sQChvOMzmoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDgxMTE1MDUwMzUxWjAjBgkqhkiG9w0BCQQxFgQUrVxXwsTog4BXfG1BfSOmsiKGvZcwDQYJKoZIhvcNAQEBBQAEgYA5HecmaobIMi4AbduQEBv3QrKVKvNU0vAM8h590++trknYDT3i7xHitj3IVeSH6eocEi+0v5WCzfRV2seOF2NFeDPMGFMCE5YH/vFF3oC/zQ+bkYTNWX2bYuX12GLhW/ggqx01XcqkhfqugQrxa1Ff5NnJOp+DNZF4vuclXHJjLA==-----END PKCS7-----
">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

</ul>

</td>
</tr>
<tr><td id="foot1">|  <a href="#top">t o p</a>  |</td></tr>
<tr><td id="foot2" colspan="2"> </td></tr>
</table>



</body>
</html>

Yesideez · December 8, 2008

I'm attacking the loginscript now...

Yesideez · December 8, 2008

I'm thinking this isn't everything as it didn't start with the opening tag for start of PHP code...

<?php
//Checks if there is a login cookie
if(isset($_SESSION['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_SESSION['ID_my_site'];
$pass = $_SESSION['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: player.php");
exit;
}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=http://narutotalesofthesannin.com/join.php>Click To Sign Up</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
$_SESION['ID_my_site',$_POST['username']; // EDITED
$_SESSION['Key_my_site',$_POST['pass']; // EDITED

//then redirect them to the members area
header("Location: player.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>




</body>
</html>

Jiraiya · December 8, 2008

i think all i left out was the connect to database code

Yesideez · December 8, 2008

Fighting script...

<?php
session_start();

if(!isset($_GET['NPC']))
   {
echo "1";
   echo "You have not selected a NPC to fight! Please select one from below <br><br>";

   $NPCS = mysql_query("SELECT * FROM `npc`");
   while($Show = mysql_fetch_array($NPCS))
      {
      echo "<a href=\"Attack.php?NPC={$Show['npcname']}\">{$Show['npcname']}</a><br>";
      }
   exit();
   }

$NPC = mysql_real_escape_string($_GET['NPC']);

echo "<a href=\"Attack.php?NPC=" . $NPC . "&Action=Attack\">Attack</a><br>
<a href=\"Attack.php?NPC=" . $NPC . "&Action=Run\">Run</a><br>";

$username = $_SESSION['ID_my_site'];

if(isset($_SESSION['NPC']))
   {
echo "2";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);
   $UserH = $_SESSION['health'];
   $UserA = $UserS['skill'];
   $UserA *= .1;

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   $NPCH = $_SESSION['NPCH'];
   $NPCA = $NPCS['dmg'];
   $NPCA *= .1;
   $NPCX = $NPCS['skillgained'];

   $NPCH -= $UserA;

   if($NPCH <= 0)
      {
      echo "You win and have gained " . $NPCX . " skill";

      $UserA = $UserS['skill'] + $NPCX;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_SESSION['NPC']);

      exit();
      }

   $_SESSION['NPCH']=$NPCH;

   $UserH -= $NPCA;

   if($UserH <= 0)
      {
      echo "You have lost";

      $UserA = $UserA * .95;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_SESSION['NPC']);

      exit();
      }

   $_SESSION['health']=$UserH;
   }
else
   {
echo "3";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   
   $_SESSION['NPC']=$NPC;
   $_SESSION['health']=$UserS['health'];
   $_SESSION['skill']=$UserS['skill'];
   $_SESSION['NPCH']=$UserS['health'];
   }

?>


</body>
</html>

premiso · December 8, 2008

<?php
session_start();

if(!isset($_GET['NPC']))
   {
   echo "You have not selected a NPC to fight! Please select one from below <br><br>";

   $NPCS = mysql_query("SELECT * FROM `npc`");
   while($Show = mysql_fetch_array($NPCS))
      {
      echo "<a href=\"Attack.php?NPC={$Show['npcname']}\">{$Show['npcname']}</a><br>";
      }
   exit();
   }

$NPC = mysql_real_escape_string($_GET['NPC']);

echo "<a href=\"Attack.php?NPC=" . $NPC . "&Action=Attack\">Attack</a><br>
<a href=\"Attack.php?NPC=" . $NPC . "&Action=Run\">Run</a><br>";

$username = $_SESSION['ID_my_site'];

if(isset($_SESSION['NPC']))
   {
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);
   $UserH = $_SESSION['health'];
   $UserA = $UserS['skill'];
   $UserA *= .1;

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   $NPCH = $_COOKIE['NPCH'];
   $NPCA = $NPCS['dmg'];
   $NPCA *= .1;
   $NPCX = $NPCS['skillgained'];

   $NPCH -= $UserA;

   if($NPCH <= 0)
      {
      echo "You win and have gained " . $NPCX . " skill";

      $UserA = $UserS['skill'] + $NPCX;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_SESSION['NPC']);

      exit();
      }

   $_SESSION['NPCH'] = $NPCH;

   $UserH -= $NPCA;

   if($UserH <= 0)
      {
      echo "You have lost";

      $UserA = $UserA * .95;

      mysql_query("UPDATE `users`
      SET skill='$UserA'
      WHERE username='$username'");

      unset($_SESSION['NPC']);

      exit();
      }

   $_SESSION['health'] = $UserH;
   }
else
   {
echo "3";
   $UserSQuery = mysql_query("SELECT * FROM `users` WHERE username='$username'");
   $UserS = mysql_fetch_array($UserSQuery);

   $NPCSQuery = mysql_query("SELECT * FROM `npc` WHERE npcname='$NPC'");
   $NPCS = mysql_fetch_array($NPCSQuery);
   
   $_SESSION['NPC'] = $NPC;
   $_SESSION['health'] = $UserS['health'];
   $_SESSION['skill'] = $UserS['skill'];
   $_SESSION['NPCH'] = $NPCS['health'];
   }

?>


</body>
</html>

There is the fighting script corrected.

Yesideez · December 8, 2008

Profile script...

<?php
echo $_SESSION['ID_my_site'];

?> to. <br>Naruto:Tales Of The Sannin.<br><br><img src='http://i246.photobucket.com/albums/gg97/frogjam/vizardavatar.gif' height='300'></center<br>









<br>


<?php

// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("members") or die(mysql_error());


$username = $_SESSION['ID_my_site']; 
$sql = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

   while($row = mysql_fetch_array($sql)) {

                    echo "Name:".$row['username']."<br/>";
                    echo "Level:".$row['level']."<br/>";
                    echo "Health:".$row['health']."<br/>";
                    echo "Skill:".$row['skill']."<br/>";
                    echo "Chakra:".$row['chakra']."<br/>";
                    echo "Rank:".$row['rank']."<br/>";
                    echo "Kills:".$row['kills']."<br/>";
                    echo "Kekkei Genkai:".$row['bloodline']."<br/>";
                    echo "Location:".$row['location']."<br/>";
                    echo "Village:".$row['village']."<br/>";
                    // Then just carry on
  
        }
?>



<br>




<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBIWjpEn88rvxnYAlnbvC5ssV7ygIF3bmeRM65Oyp8rjKgjSEgd/1Yi+/1nz8hfPq/uDcDO1arCxl+kNuughppbSmxUx8UJDUZrCZJUsrC2C01G4/jswyy0ZXGGn6pL2uUeRmCVNF8EKJDeQ1jf2SvE1bGL/FHrtNNWqfNaYpktITELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIlbCsX1VLJTeAgaA6KpDzL4lVHRNwMSU0ryu/orS2nxwIgSin1mq9ovOzqEFwei9Uutj91TMVMSjRHwCmSylnp4la+XJ2HKbeS8rATiDIjivZ3BrTw3EocKwyaATwRbEe0JxmoMdxR311lMC5SyB0jNAaH1PmKk2ZEoqj8hFQPmEzivOrGDpvW6XcigdV0dOfzB2zGqXEAcFrXYRpp7OSf0lEkx1sQChvOMzmoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDgxMTE1MDUwMzUxWjAjBgkqhkiG9w0BCQQxFgQUrVxXwsTog4BXfG1BfSOmsiKGvZcwDQYJKoZIhvcNAQEBBQAEgYA5HecmaobIMi4AbduQEBv3QrKVKvNU0vAM8h590++trknYDT3i7xHitj3IVeSH6eocEi+0v5WCzfRV2seOF2NFeDPMGFMCE5YH/vFF3oC/zQ+bkYTNWX2bYuX12GLhW/ggqx01XcqkhfqugQrxa1Ff5NnJOp+DNZF4vuclXHJjLA==-----END PKCS7-----
">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

</ul>

</td>
</tr>
<tr><td id="foot1">|  <a href="#top">t o p</a>  |</td></tr>
<tr><td id="foot2" colspan="2"> </td></tr>
</table>



</body>
</html>

Jiraiya · December 8, 2008

all my pages that i used the session scripts on have become blank pages

premiso · December 8, 2008

A modification to the profile:

<?php
session_start(); 
echo $_SESSION['ID_my_site'];

?> to. <br>Naruto:Tales Of The Sannin.<br><br><img src='http://i246.photobucket.com/albums/gg97/frogjam/vizardavatar.gif' height='300'></center<br>









<br>


<?php

// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("members") or die(mysql_error());


$username = $_SESSION['ID_my_site']; 
$sql = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());

   while($row = mysql_fetch_array($sql)) {

                    echo "Name:".$row['username']."<br/>";
                    echo "Level:".$row['level']."<br/>";
                    echo "Health:".$row['health']."<br/>";
                    echo "Skill:".$row['skill']."<br/>";
                    echo "Chakra:".$row['chakra']."<br/>";
                    echo "Rank:".$row['rank']."<br/>";
                    echo "Kills:".$row['kills']."<br/>";
                    echo "Kekkei Genkai:".$row['bloodline']."<br/>";
                    echo "Location:".$row['location']."<br/>";
                    echo "Village:".$row['village']."<br/>";
                    // Then just carry on
  
        }
?>



<br>




<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBIWjpEn88rvxnYAlnbvC5ssV7ygIF3bmeRM65Oyp8rjKgjSEgd/1Yi+/1nz8hfPq/uDcDO1arCxl+kNuughppbSmxUx8UJDUZrCZJUsrC2C01G4/jswyy0ZXGGn6pL2uUeRmCVNF8EKJDeQ1jf2SvE1bGL/FHrtNNWqfNaYpktITELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIlbCsX1VLJTeAgaA6KpDzL4lVHRNwMSU0ryu/orS2nxwIgSin1mq9ovOzqEFwei9Uutj91TMVMSjRHwCmSylnp4la+XJ2HKbeS8rATiDIjivZ3BrTw3EocKwyaATwRbEe0JxmoMdxR311lMC5SyB0jNAaH1PmKk2ZEoqj8hFQPmEzivOrGDpvW6XcigdV0dOfzB2zGqXEAcFrXYRpp7OSf0lEkx1sQChvOMzmoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDgxMTE1MDUwMzUxWjAjBgkqhkiG9w0BCQQxFgQUrVxXwsTog4BXfG1BfSOmsiKGvZcwDQYJKoZIhvcNAQEBBQAEgYA5HecmaobIMi4AbduQEBv3QrKVKvNU0vAM8h590++trknYDT3i7xHitj3IVeSH6eocEi+0v5WCzfRV2seOF2NFeDPMGFMCE5YH/vFF3oC/zQ+bkYTNWX2bYuX12GLhW/ggqx01XcqkhfqugQrxa1Ff5NnJOp+DNZF4vuclXHJjLA==-----END PKCS7-----
">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

</ul>

</td>
</tr>
<tr><td id="foot1">|  <a href="#top">t o p</a>  |</td></tr>
<tr><td id="foot2" colspan="2"> </td></tr>
</table>



</body>
</html>

As for the blank pages, that code switched shouldnt have caused that, put the following at the top of your scripts:

error_reporting(E_ALL);
ini_set("display_errors", 1);

To make sure any errors are shown.

Yesideez · December 8, 2008

btw you will need to "log in" again to initialise the session variables you're now using.

Jiraiya · December 8, 2008

the log in page just keeps bringing me to the profile page

Yesideez · December 8, 2008

Can you post the link to the login page please?

Jiraiya · December 8, 2008

narutotalesofthesannin.com

Yesideez · December 8, 2008

I get the login page appear just fine - have you tried logging in?

Jiraiya · December 8, 2008

i ended up putting the cookies back because the sessions didnt seem to work for me

Yesideez · December 8, 2008

No worries.

I advise reading up on session variables when you have a few minutes so you can switch over at your own leisure.

Sign In

need help fixing this php script

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information