Trying to Put 4 seperate PHP scripts into a tabbed page, help anyone?

Charlie9809 · January 14, 2009

Hi, Im not great with PHP but im up for the challenge of this. As stated it the subject, im trying to put 4 serperate/different php scripts into a single page, like this DEMO i made. The fact is I know I cant just copy and paste each script into the corresponding tab content div, and i have know idea how to do this, if someone could shed some light on this that would be great. The scripts are downloadable here:

scripts.zip - 273.5 Kb

If you need more info, please post

Cheers

Charlie

dawsba · January 14, 2009

dosnt look to difficult,

your layout would probably be

shared resources : ie session_start, config.php, JS etc

styling

processing

div -> 1st script {remove include link as this will cause loop}

div -> 2nd

/* best practise to keep your page tidy is to include the pages with the divs with include not copy n paste */

etc etc

footer

aschk · January 14, 2009

I think you're confusing fancy html & javascript with actual PHP.

What you see there is facilitated by javascript tabbing. Each tab just contains a form, each of which posts to a different PHP processing page.

Unless of course you're looking to do something different like dynamically build the html page from outputs from 4 different PHP scripts?

Charlie9809 · January 14, 2009

No im not trying to do this dynamically .

OK, what im understanding at the moment is that this is easily done. But the hiccup is my knowledge of PHP, dawsba's reply:

shared resources : ie session_start, config.php, JS etc
styling

processing

div -> 1st script {remove include link as this will cause loop}

div -> 2nd

/* best practise to keep your page tidy is to include the pages with the divs with include not copy n paste */

etc etc

footer

makes a bit of sense to me but still dosent help me as, once again, my knowledge of PHP isnt great. If dawsba's asnwer can be explain in (may I say) "Noob" (although I dont consider myself a noob as I have a bit of experience) terms that would be a great help.

Charlie

aschk · January 14, 2009

So you're saying that you don't need PHP to build that tabbed page, which is what I thought.

So just create an html page with 4 tabs in it. What's the problem. What is it you're trying to do?

You seem to be confused between where PHP resides and what the client sees. PHP is server-side not client-side. So it processes things that you ask it to (by calling a script name), but doesn't necessarily present any output.

Charlie9809 · January 14, 2009

ok well these are the four scripts i want to implement into the page> http://tester.comoj.com/acctest/test_01/

dawsba · January 14, 2009

now in each of the divs below put your code once, remove the include config from them and the session starts, place that at the top of the script, some tweaking may be required

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<script language="javascript" type="text/javascript">
function showhide(id)
{
for(i=1;i<=4;i++){document.getElementById('tab'+i).style.display='none';}
document.getElementById('tab'+id).style.display='block';
}
</script>
<div id="page">
<div id="tabs">
<ul><li><a href="#" onclick="showhide(1)">Tab1</a></li><li><a href="#" onclick="showhide(2)">Tab2</a></li><li><a href="#" onclick="showhide(3)">Tab3</a></li><li><a href="#" onclick="showhide(4)">Tab4</a></li></ul>
</div>
<div id="tab1" style="display:none; width:100%; height:600px;"><? for($j=0;$j<=64;$j++){echo rand(100,999)."<br>";} ?>
</div>
<div id="tab2" style="display:none; width:100%; height:600px;"><? phpinfo(); ?>
</div>
<div id="tab3" style="display:none; width:100%; height:600px;"><? echo base64_encode($_SERVER['PHP_SELF']); ?>
</div>
<div id="tab4" style="display:none; width:100%; height:600px;">Whos yer pappy 
</div>
</div>
</body>
</html>

Charlie9809 · January 16, 2009

dawsba, can u give me an example with one of the scripts with ehat u mean by "remove the include config from them and the session starts, place that at the top of the script" i know what u mean when u say "remove the include config", but i dont understand anything else. using your example above could u put in this script:

<?php

include 'config.php';

error_reporting(E_ALL ^ E_NOTICE);

if(!session_id())
    session_start();

$msg = Array();
$error = Array();

function addUser(){
    global $db, $config, $msg, $error;
    if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
        // Insert you code for processing the form here, e.g emailing the submission, entering it into a database. <br>
        $msg[] = 'Security code accepted!';
        unset($_SESSION['security_code']);
    } else {
        // Insert your code for showing an error message here<br>
        $error[] = 'Error, You have provided an invalid security code!';
    }
    
    # Valid Email: [email protected]
    $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';
    # Valid String: abc123
    $pattern_string='^[0-9a-zA-Z]';
    
    if (empty($_POST['alogin'])) $error[] = 'Error, You forgot to enter an account name!';
    if (empty($_POST['apassword'][0]) || empty($_POST['password'][1])) $error[] = 'Error, You forgot to enter a password!';
    if ($_POST['apassword'][0] !== $_POST['password'][1]) $error[] = 'Password does not match!';
    if (empty($_POST['aemail']) || !ereg($pattern_email, $_POST['email'])) $error[] = 'Please fill in a valid email adress!';
    if (!empty($error)) return false;
    
    # Extra Checks - To enable uncomment the following
    #define("STRING_CHECK", 1);
    
    if(defined("STRING_CHECK"))
    {
        if (!ereg($pattern_string, $_POST['alogin'])) $error[] = 'Error, Your account name contains invalid letters!';
        if (!ereg($pattern_string, $_POST['apassword'][1])) $error[] = 'Error, Your password contains invalid letters!';
        if (!empty($error)) return false;
    }
    
    # Gather Password & IP
    # $encrypted_password = sha1($_POST['password'][1]);
    $encrypted_password = sha1(strtoupper($_POST['alogin']).":".strtoupper($_POST['apassword'][1]));
    $ip = $_SERVER['REMOTE_ADDR'];
    
    # Connect to database
    $db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
    if (!$db) return $error[] = 'Database: '.mysql_error();
    if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();

    # Check make sure user isnt ipbanned 
    $BanCheck = mysql_query("SELECT * FROM ipbans WHERE ip = '$ip' || ip = '$ip/32' LIMIT 1");
    $ban = mysql_num_rows($BanCheck);
    if ($ban == 1) { return $error[] = 'You Have Been Banned From This Server'; }
    
    # Check account limit for IP address
    if($config['MaxIPs'] > 0)
    {
        $UserCheck = mysql_query("SELECT * FROM accounts WHERE lastip = '$ip'");
        if (mysql_num_rows($UserCheck) >= $config['MaxIPs']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts</b></font>';
    }

    # Check username is not in use already
    $query = "SELECT `acct` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['alogin'])."' LIMIT 1";
    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    if (mysql_num_rows($res) > 0) return $error[] = 'Username already in use.';

    # Check account limit for email
    if($config['MaxEmails'] > 0)
    {
        $email = "SELECT `acct` FROM `accounts` WHERE `email` = '".mysql_real_escape_string($_POST['aemail'])."'";
        $re = mysql_query($email, $db);
        if (!$re) return $error[] = 'Database: '.mysql_error();
        if (mysql_num_rows($re) >= $config['MaxEmails']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts using that email address.</b></font>';
    }

//Fix For Double Digits by `Angel
    if($config['EncryptedPass'] > 0)
        $query = "INSERT INTO `accounts` (`acct`, `login`, `encrypted_password`, `gm`, `banned`, `lastlogin`, `lastip`, `email`, `flags`, `forceLanguage`, `muted`) VALUES (NULL, '".mysql_real_escape_string($_POST['alogin'])."', '$encrypted_password', '0', '0', NOW(), '".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_POST['aemail'])."', '".mysql_real_escape_string($_POST['aflags'])."', 'enUS', '0')";
    else
        $query = "INSERT INTO `accounts` (`acct`, `login`, `password`, `gm`, `banned`, `lastlogin`, `lastip`, `email`, `flags`, `forceLanguage`, `muted`) VALUES (NULL, '".mysql_real_escape_string($_POST['alogin'])."', '".mysql_real_escape_string($_POST['apassword'][1])."', '0', '0', NOW(), '".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_POST['aemail'])."', '".mysql_real_escape_string($_POST['aflags'])."', 'enUS', '0')";

    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    $msg[] = 'The Account <span style="color:#00FF00"><strong>'.htmlentities($_POST['login']).'</strong></span> has been created!<br>Allow 5 to 10 Minutes For The Server To Update.';
    return true;
}
if(!empty($_POST)){
    addUser();
}

@mysql_close($db);

?>


<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Account Creation</title>
    <meta http-equiv="Pragma" content="no-cache"/>
    <meta http-equiv="Cache-Control" content="no-cache"/>
<?php include('style.css'); ?>
    <!--[if lt IE 7.]>
    <script defer type="text/javascript" src="pngfix.js"></script>
    <![endif]-->
</head>
<body>

    <center>
      <div style="width:300px">
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<!-- <br>s for visual appeal  do not remove-->
	<br><br><br><br><Br><Br><br><br><br><br>
        <table width="100%" border="0" cellspacing="1" cellpadding="3">
            <tr class="head">
              <th colspan="2">Account Creation</th>
            </tr>
            <tr>
                <th>Username: </th><td align="center"><input class="button" type="text" name="alogin" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Password: </th><td align="center"><input class="button" type="password" name="apassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Retype Password: </th><td align="center"><input class="button" type="password" name="apassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>E-mail: </th><td align="center"><input class="button" type="text" name="aemail" size="30" maxlength="30"/></td>
            </tr>

<th>Account Type:</th><td align="center">
<select name="aflags" type="select">
<option value="0">Normal</option>
<option value="8">Burning Crusade</option>
<option selected value="44">Wrath of the Lich King</option>
</select></td>

<TR>
<th>Security Image: </th><td align="center"><img src="CaptchaSecurityImages.php" />
  </td>
          </tr>
          <TR>
<th>Security Code: </th><td align="center"><input name="security_code" type="text" class="button" id="security_code" />
  </td>
          </tr>

             				
        </table>
        <input type="button" class="button" value="Back" onClick="history.go(-1)" />
        <input type="submit" value="Submit" class="button"/>
        </form>

	<?php
        if (!empty($error)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td class="error" align="center">';
            foreach($error as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
        };
        if (!empty($msg)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td align="center">';
            foreach($msg as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
            exit();
        };
        ?>

    </div>
    </center>

</table>
<div align="center">
<p id="done" style="width: 220px; font-weight: bold; color: #29b503; font-family: tahoma, arial, sans; font-size: 13px;">
<span class="style1">Realmlist:</span><br />

<span class="style2"><font color="white">Set Realmlist <?=$config['RealmIP'];?></span><br />
<br />
<span class="style1">Accepted Client(s):</span><br />
<span class="style2"><font color="white"><?=$config['PatchVersion'];?></span><br />

</body>
</html>

Charlie9809 · January 16, 2009

I just tried another way to do this which I thought might work, which was to combine all 4 scripts into 1, my attempt failed as I dont know what evertthing does. What I did was change the names of any things that were the same on another script ( by things I mean like: Login, Password, Email etc...) I know I havent stuffed that part up, im sure. This is what ive com up with: (its in the "tabbed page" I was talking about)

<?php

include 'config.php';

error_reporting(E_ALL ^ E_NOTICE);

if(!session_id())
    session_start();

$msg = Array();
$error = Array();

function addUser(){
    global $db, $config, $msg, $error;
    if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
        // Insert you code for processing the form here, e.g emailing the submission, entering it into a database. <br>
        $msg[] = 'Security code accepted!';
        unset($_SESSION['security_code']);
    } else {
        // Insert your code for showing an error message here<br>
        $error[] = 'Error, You have provided an invalid security code!';
    }
    
    # Valid Email: [email protected]
    $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';
    # Valid String: abc123
    $pattern_string='^[0-9a-zA-Z]';
    
    if (empty($_POST['alogin'])) $error[] = 'Error, You forgot to enter an account name!';
    if (empty($_POST['apassword'][0]) || empty($_POST['password'][1])) $error[] = 'Error, You forgot to enter a password!';
    if ($_POST['apassword'][0] !== $_POST['password'][1]) $error[] = 'Password does not match!';
    if (empty($_POST['aemail']) || !ereg($pattern_email, $_POST['email'])) $error[] = 'Please fill in a valid email adress!';
    if (!empty($error)) return false;
    
    # Extra Checks - To enable uncomment the following
    #define("STRING_CHECK", 1);
    
    if(defined("STRING_CHECK"))
    {
        if (!ereg($pattern_string, $_POST['alogin'])) $error[] = 'Error, Your account name contains invalid letters!';
        if (!ereg($pattern_string, $_POST['apassword'][1])) $error[] = 'Error, Your password contains invalid letters!';
        if (!empty($error)) return false;
    }
    
    # Gather Password & IP
    # $encrypted_password = sha1($_POST['password'][1]);
    $encrypted_password = sha1(strtoupper($_POST['alogin']).":".strtoupper($_POST['apassword'][1]));
    $ip = $_SERVER['REMOTE_ADDR'];
    
    # Connect to database
    $db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
    if (!$db) return $error[] = 'Database: '.mysql_error();
    if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();

    # Check make sure user isnt ipbanned 
    $BanCheck = mysql_query("SELECT * FROM ipbans WHERE ip = '$ip' || ip = '$ip/32' LIMIT 1");
    $ban = mysql_num_rows($BanCheck);
    if ($ban == 1) { return $error[] = 'You Have Been Banned From This Server'; }
    
    # Check account limit for IP address
    if($config['MaxIPs'] > 0)
    {
        $UserCheck = mysql_query("SELECT * FROM accounts WHERE lastip = '$ip'");
        if (mysql_num_rows($UserCheck) >= $config['MaxIPs']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts</b></font>';
    }

    # Check username is not in use already
    $query = "SELECT `acct` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['alogin'])."' LIMIT 1";
    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    if (mysql_num_rows($res) > 0) return $error[] = 'Username already in use.';

    # Check account limit for email
    if($config['MaxEmails'] > 0)
    {
        $email = "SELECT `acct` FROM `accounts` WHERE `email` = '".mysql_real_escape_string($_POST['aemail'])."'";
        $re = mysql_query($email, $db);
        if (!$re) return $error[] = 'Database: '.mysql_error();
        if (mysql_num_rows($re) >= $config['MaxEmails']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts using that email address.</b></font>';
    }

//Fix For Double Digits by `Angel
    if($config['EncryptedPass'] > 0)
        $query = "INSERT INTO `accounts` (`acct`, `login`, `encrypted_password`, `gm`, `banned`, `lastlogin`, `lastip`, `email`, `flags`, `forceLanguage`, `muted`) VALUES (NULL, '".mysql_real_escape_string($_POST['alogin'])."', '$encrypted_password', '0', '0', NOW(), '".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_POST['aemail'])."', '".mysql_real_escape_string($_POST['aflags'])."', 'enUS', '0')";
    else
        $query = "INSERT INTO `accounts` (`acct`, `login`, `password`, `gm`, `banned`, `lastlogin`, `lastip`, `email`, `flags`, `forceLanguage`, `muted`) VALUES (NULL, '".mysql_real_escape_string($_POST['alogin'])."', '".mysql_real_escape_string($_POST['apassword'][1])."', '0', '0', NOW(), '".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_POST['aemail'])."', '".mysql_real_escape_string($_POST['aflags'])."', 'enUS', '0')";

    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    $msg[] = 'The Account <span style="color:#00FF00"><strong>'.htmlentities($_POST['login']).'</strong></span> has been created!<br>Allow 5 to 10 Minutes For The Server To Update.';
    return true;
}
if(!empty($_POST)){
    addUser();
}

@mysql_close($db);

?>
<?php

error_reporting(E_ALL ^ E_NOTICE);

if(!session_id())
    session_start();

$msg = Array();
$error = Array();

function addUser(){
    global $config, $msg, $error;
    if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
        // Insert you code for processing the form here, e.g emailing the submission, entering it into a database. <br>
        $msg[] = 'Security code accepted!';
        unset($_SESSION['security_code']);
    } else {
        // Insert your code for showing an error message here<br>
        $error[] = 'Error, You have provided an invalid security code!';
    }
    
    # Valid Email: [email protected]
    $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';
    # Valid String: abc123
    $pattern_string='^[0-9a-zA-Z]';
    
    if (empty($_POST['fclogin'])) $error[] = 'Error, You forgot to enter an account name!';
    if (empty($_POST['fcpassword'][0]) || empty($_POST['password'][1])) $error[] = 'Error, You forgot to enter a password!';
    if ($_POST['fcpassword'][0] !== $_POST['password'][1]) $error[] = 'Password does not match!';
#   if (empty($_POST['email']) || !ereg($pattern_email, $_POST['email'])) $error[] = 'Please fill in a valid email adress!';
    if (!empty($error)) return false;
    
    # Extra Checks - To enable uncomment the following
    #define("STRING_CHECK", 1);
    
    if(defined("STRING_CHECK"))
    {
        if (!ereg($pattern_string, $_POST['fclogin'])) $error[] = 'Error, Your account name contains invalid letters!';
        if (!ereg($pattern_string, $_POST['fcpassword'][1])) $error[] = 'Error, Your password contains invalid letters!';
        if (!empty($error)) return false;
    }
    
    # Gather Password & IP
    # $encrypted_password = sha1($_POST['password'][1]);
    $encrypted_password = sha1(strtoupper($_POST['fclogin']).":".strtoupper($_POST['fcpassword'][1]));
    $ip = $_SERVER['REMOTE_ADDR'];
    
    # Connect to database
    $db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
    if (!$db) return $error[] = 'Database: '.mysql_error();
    if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();
$mmkuser = $_POST['username'];
# Just a little thing I added as a test. `Angel
#  $acctq = 'SELECT * from `accts` WHERE `login` LIKE '.$mmkuser.'';  
#  $acctqq = mysql_query($query) or die(mysql_error());
#  $accts = mysql_fetch_array($acctqq);
/*
    # Check make sure user isnt ipbanned 
    $BanCheck = mysql_query("SELECT * FROM ipbans WHERE ip = '$ip' || ip = '$ip/32' LIMIT 1");
    $ban = mysql_num_rows($BanCheck);
    if ($ban == 1) { return $error[] = 'You Have Been Banned From This Server'; } */


    # Check make sure the password is correct
    $PassCheck = mysql_query("SELECT * FROM accounts WHERE login = '".$_POST['fclogin']."'") or die(mysql_error());
   $pass = mysql_fetch_array($PassCheck);
    if ($pass['password'] != $_POST['fcpassword'][1]) { return $error[] = 'Incorrect username or password!'; }

	# Check make sure the flag isnt already the same as requested
    $flagsCheck = mysql_query("SELECT `flags` FROM accts WHERE login = '".$_POST['fclogin']."'");
#    $flagsk = mysql_num_rows($flagsCheck);
    if ($_Post['fcflags'] == $pass['flags']) { return $error[] = 'That flag has already been set on that account!'; }
    
/*   # Check account limit for IP address
    if($config['MaxIPs'] > 0)
    {
        $UserCheck = mysql_query("SELECT * FROM accounts WHERE lastip = '$ip'");
        if (mysql_num_rows($UserCheck) >= $config['MaxIPs']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts</b></font>';
    }
*/
/*   

    # Check account limit for email
    if($config['MaxEmails'] > 0)
    {
        $email = "SELECT `acct` FROM `accounts` WHERE `email` = '".mysql_real_escape_string($_POST['email'])."'";
        $re = mysql_query($email, $db);
        if (!$re) return $error[] = 'Database: '.mysql_error();
        if (mysql_num_rows($re) >= $config['MaxEmails']) return $error[] = '<font size=2 face=Tahoma><br /><b> You have reached your maximum amount of accounts using that email address.</b></font>';
    }
*/
        $query = "UPDATE `accounts` SET `flags` = '".mysql_real_escape_string($_POST['fcflags'][0])."' WHERE `login` = '".$_POST['fclogin']."'";

    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    $msg[] = 'The Account <span style="color:#00FF00"><strong>'.htmlentities($_POST['fclogin']).'</strong></span>s flags have been updated! <br>Allow 5 to 10 Minutes For The Server To Update.';
    mysql_close($db);
    return true;
}
if(!empty($_POST)){
    addUser();
}

?>
<?php

include 'RandomPasswordGen.php';

error_reporting(E_ALL ^ E_NOTICE);

if(!session_id())
    session_start();

$msg = Array();
$error = Array();

function RetrievePassword(){
    global $config, $msg, $error;
    if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
        // Insert your code for processing the form here, e.g emailing the submission, entering it into a database. <br>
        $msg[] = 'Security code accepted!';
        unset($_SESSION['security_code']);
    } else {
        // Insert your code for showing an error message here<br>
        $error[] = 'Error, You have provided an invalid security code!';
    }
    
    # Valid Email: [email protected]
    $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';
    
    if (empty($_POST['fplogin'])) $error[] = 'Error, You forgot to enter your account name!';
    if (empty($_POST['fpemail']) || !ereg($pattern_email, $_POST['email'])) $error[] = 'Please fill in a valid email adress!';
    if (!empty($error)) return false;
    
    # Connect to database
    $db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
    if (!$db) return $error[] = 'Database: '.mysql_error();
    if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();

    if($config['EncryptedPass'])
    {
        $query = "SELECT `encrypted_password` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['fplogin'])."' AND `email` = '".mysql_real_escape_string($_POST['fpemail'])."' LIMIT 1";
    }else{
        $query = "SELECT `password` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['fplogin'])."' AND `email` = '".mysql_real_escape_string($_POST['fpemail'])."' LIMIT 1";
    }
    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    if (mysql_num_rows($res) !== 1) return $error[] = 'Information you entered is invalid.';
    
    # Generate a password that is 10 characters long and that is 0-9a-z
    $ranpassword = generatePassword(10, 1);
    
    if($config['EncryptedPass'])
    {
        $update = "UPDATE `accounts` SET `encrypted_password` = \"".sha1(strtoupper($_POST['fplogin']).":".strtoupper($ranpassword))."\" WHERE `login` = '".mysql_real_escape_string($_POST['fplogin'])."' LIMIT 1";
        $res = mysql_query($update, $db);
        if(!$res) return $error[] = 'Database: '.mysql_error();
        $email = 'The password for account <span style="color:#00FF00"><strong>'.htmlentities($_POST['fplogin']).'</strong></span> has been changed to <span style="color:#00FF00"><strong>'.$ranpassword.'</strong></span>';
    }else{
		//Changed retrievePassword query to update password field with a random generated password.
        $update = "UPDATE `accounts` SET `password` = \"$ranpassword\" WHERE `login` = '".mysql_real_escape_string($_POST['fplogin'])."' LIMIT 1";
	$res = mysql_query($update, $db);
	if(!$res) return $error[] = 'Database: '.mysql_error();
        $email = 'The password for account <span style="color:#00FF00"><strong>'.htmlentities($_POST['login']).'</strong></span> has been changed to <span style="color:#00FF00"><strong>'.$ranpassword.'</strong></span>';
    }
    
    if($config['EnableEmail'])
    {
        if(sendmail($_POST['fpemail'], $config['SiteEmail'], $config['PageTitle'], $email))
            return $msg[] = "<strong>Your password has been emailed to you.</strong>";
    }
    
    $msg[] = $email;

    mysql_close($db);
    return true;
}

function sendmail($to, $return, $title, $msg)
{
    # Attempt to send mail
    $mail_sent = mail($to, "Subject: $title", wordwrap($msg, 70, "<br />\n"), "From: $return");
    if(!$mail_sent)
    {
        # Open file for writing data to it.
        $file = fopen("config.php", "w");
        # Grab the current settings
        $settings = file("config.php");
        # Modify the configuration values to false
        $settings = str_replace('$config[\'EnableEmail\'] = true;','//Automatically Disabled
$config[\'EnableEmail\'] = false;',$settings);
        # Save data back into the file
        for($x=0; $x<sizeof($settings); $x++)
            fwrite($file, $settings[$x]);
        # Close the file
        fclose($file);        
    }
    return $mail_sent ? true : false;
}


if(!empty($_POST)){
    RetrievePassword();
}

?>

<?php


error_reporting(E_ALL ^ E_NOTICE);


# If theres no session_id() then create one
if(!session_id())
    session_start();

$msg = Array();
$error = Array();

function ModifyPassword(){
    global $config, $msg, $error;
    if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
        // Insert your code for processing the form here, e.g emailing the submission, entering it into a database. <br>
        $msg[] = 'Security code accepted!';
        unset($_SESSION['security_code']);
    } else {
        // Insert your code for showing an error message here. <br>
        $error[] = 'Error, You have provided an invalid security code!';
    }
    
    # Valid Email: [email protected]
    $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';

    # Check submitted data
    if (empty($_POST['plogin'])) $error[] = 'Error, You forgot to enter your account name!';
    if (empty($_POST['oldpassword'][0]) || empty($_POST['oldpassword'][1])) $error[] = 'Error, You forgot to enter your current password!';
    if ($_POST['oldpassword'][0] !== $_POST['oldpassword'][1]) $error[] = 'Current password does not match!';
    if (empty($_POST['newpassword'][0]) || empty($_POST['newpassword'][1])) $error[] = 'Error, You forgot to enter your new password!';
    if ($_POST['newpassword'][0] !== $_POST['newpassword'][1]) $error[] = 'New password does not match!';
    if (empty($_POST['pemail']) || !ereg($pattern_email, $_POST['email'])) $error[] = 'Please fill in a valid email adress!';
    if (!empty($error)) return false;

    # Gather Passwords & IP
    $encrypted_oldpassword = sha1(strtoupper($_POST['login']).":".strtoupper($_POST['oldpassword'][1]));
    $encrypted_newpassword = sha1(strtoupper($_POST['login']).":".strtoupper($_POST['newpassword'][1]));
    $ip = $_SERVER['REMOTE_ADDR'];
    
    # Connect to database
    $db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
    if (!$db) return $error[] = 'Database: '.mysql_error();
    if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();
    
    # Check make sure user isnt ipbanned
    $BanCheck = mysql_query("SELECT * FROM `ipbans` WHERE `ip` = '$ip' || `ip` = '$ip/32' LIMIT `1`");
    $ban = mysql_num_rows($BanCheck);
    if ($ban > 0) { return $error[] = 'You Have Been Banned From This Server'; }

    # Verify email in database
    $EmailCheck = mysql_query("SELECT `email` FROM `accounts` WHERE `email` = '".mysql_real_escape_string($_POST['pemail'])."' LIMIT 1");
    $echeck = mysql_num_rows($EmailCheck);
    if ($echeck == 0) { return $error[] = 'Your email information doesn\'t checkout.'; }

    # Check password in database
    if($config['EncryptedPass'])
        $PassCheck = mysql_query("SELECT `encrypted_password` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['plogin'])."' AND `encrypted_password` = '{$encrypted_oldpassword}' LIMIT 1");
    else
        $PassCheck = mysql_query("SELECT `password` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['plogin'])."' AND `password` = '".mysql_real_escape_string($_POST['oldpassword'][1])."' LIMIT 1");

    $pcheck = mysql_num_rows($PassCheck);
    if ($pcheck !== 1) { return $error[] = 'Your password information doesn\'t checkout.'; }	

    # Update password in database
    if($config['EncryptedPass'])
        $query = "UPDATE `accounts` SET `encrypted_password`='{$encrypted_newpassword}' WHERE `login` = '".mysql_real_escape_string($_POST['plogin'])."' AND encrypted_password='{$encrypted_oldpassword}' LIMIT 1";
    else
        $query = "UPDATE `accounts` SET `password`='".mysql_real_escape_string($_POST['newpassword'][1])."' WHERE `login` = '".mysql_real_escape_string($_POST['plogin'])."' AND `password` = '".mysql_real_escape_string($_POST['oldpassword'][1])."' LIMIT 1";

    $res = mysql_query($query, $db);
    if (!$res) return $error[] = 'Database: '.mysql_error();
    
    # Account modified
    $msg[] = 'The Account <span style="color:#00FF00"><strong>'.htmlentities($_POST['plogin']).'</strong></span> has been modified!<br>Allow 5 to 10 Minutes For The Server To Update.';
    
    # Close the database connection
    mysql_close($db);
    return true;
}

# If $_POST is not empty then ModifyPassword()
if(!empty($_POST)){
    ModifyPassword();
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Pragma" content="no-cache"/>
<meta http-equiv="Cache-Control" content="no-cache"/>
<?php include('style.css'); ?>
<title>Account Tools</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
background-color: #000000;
}
-->
</style>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="wrap", align="center"><p><br />
  <div id="TabbedPanels1" class="TabbedPanels">
    <ul class="TabbedPanelsTabGroup">
      <li class="TabbedPanelsTab" tabindex="0">Create Account</li>
      <li class="TabbedPanelsTab" tabindex="0">Change Password</li>
      <li class="TabbedPanelsTab" tabindex="0">Change Account Flag</li>
      <li class="TabbedPanelsTab" tabindex="0">Retrieve Password</li>
    </ul>
    <div class="TabbedPanelsContentGroup">
      <div class="TabbedPanelsContent"><center>
      <div style="width:300px">
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<!-- <br>s for visual appeal  do not remove-->
	<br><br><br><br><Br><Br><br><br><br><br>
        <table width="100%" border="0" cellspacing="1" cellpadding="3">
            <tr class="head">
              <th colspan="2">Account Creation</th>
            </tr>
            <tr>
                <th>Username: </th><td align="center"><input class="button" type="text" name="alogin" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Password: </th><td align="center"><input class="button" type="password" name="apassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Retype Password: </th><td align="center"><input class="button" type="password" name="apassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>E-mail: </th><td align="center"><input class="button" type="text" name="aemail" size="30" maxlength="30"/></td>
            </tr>

<th>Account Type:</th><td align="center">
<select name="aflags" type="select">
<option value="0">Normal</option>
<option value="8">Burning Crusade</option>
<option selected value="44">Wrath of the Lich King</option>
</select></td>

<TR>
<th>Security Image: </th><td align="center"><img src="CaptchaSecurityImages.php" />
  </td>
          </tr>
          <TR>
<th>Security Code: </th><td align="center"><input name="security_code" type="text" class="button" id="security_code" />
  </td>
          </tr>

             				
        </table>
        <input type="button" class="button" value="Back" onClick="history.go(-1)" />
        <input type="submit" value="Submit" class="button"/>
        </form>

	<?php
        if (!empty($error)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td class="error" align="center">';
            foreach($error as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
        };
        if (!empty($msg)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td align="center">';
            foreach($msg as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
            exit();
        };
        ?>

    </div>
    </center>

</table>
<div align="center">
<p id="done" style="width: 220px; font-weight: bold; color: #29b503; font-family: tahoma, arial, sans; font-size: 13px;">
<span class="style1">Realmlist:</span><br />

<span class="style2"><font color="white">Set Realmlist <?=$config['RealmIP'];?></span><br />
<br />
<span class="style1">Accepted Client(s):</span><br />
<span class="style2"><font color="white"><?=$config['PatchVersion'];?></span><br /></div>
      <div class="TabbedPanelsContent"><center>
      <div style="width:300px">
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<!-- <br>s for visual appearl  do not remove-->
	<br><br><br><br><Br><Br><br><br><br><br>
        <table width="100%" border="0" cellspacing="1" cellpadding="3">
            <tr class="head"><th colspan="2">Password Changer</th></tr>
            <tr>
                <th>Username: </th><td align="center"><input class="button" type="text" name="plogin" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Old Password: </th><td align="center"><input class="button" type="password" name="oldpassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Retype Old Password: </th><td align="center"><input class="button" type="password" name="oldpassword[]" size="30" maxlength="16"/></td>
            </tr>
        <tr>
                <th>New Password: </th><td align="center"><input class="button" type="password" name="newpassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th> New Retype Password: </th><td align="center"><input class="button" type="password" name="newpassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>E-mail: </th><td align="center"><input class="button" type="text" name="pemail" size="30" maxlength="30"/></td>
            </tr>

<TR>
<th>Security Image: </th><td align="center"><img src="CaptchaSecurityImages.php" />
  </td>
          </tr>
          <TR>
<th>Security Code: </th><td align="center"><input name="security_code" type="text" class="button" id="security_code" />
  </td>
          </tr>

             				
        </table>
        <input type="button" class="button" value="Back" onClick="history.go(-1)" />
        <input type="submit" value="Submit" class="button"/>
        </form>

	<?php
        if (!empty($error)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td class="error" align="center">';
            foreach($error as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
        };
        if (!empty($msg)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td align="center">';
            foreach($msg as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
            exit();
        };
        ?>

    </div></div>
    </center>

</table></div>
      <div class="TabbedPanelsContent"><center>
      <div style="width:300px">
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<!-- <br>s for visual appearl  do not remove-->
	<br><br><br><br><Br><Br><br><br><br><br>
        <table width="100%" border="0" cellspacing="1" cellpadding="3">
            <tr class="head"><th colspan="2">Change Account Flag</th></tr>
            <tr>
                <th>Username: </th><td align="center"><input class="button" type="text" name="fclogin" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Password: </th><td align="center"><input class="button" type="password" name="fcpassword[]" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>Retype Password: </th><td align="center"><input class="button" type="password" name="fcpassword[]" size="30" maxlength="16"/></td>
            </tr>

<th>Account Type:</th><td align="center">
<select name="fcflags" type="select">
<option value="0">Normal</option>
<option value="8">Burning Crusade</option>
<option selected value="44">Wrath Of The Lich King</option>
</select></td>

<TR>
<th>Security Image: </th><td align="center"><img src="CaptchaSecurityImages.php" />
  </td>
          </tr>
          <TR>
<th>Security Code: </th><td align="center"><input name="security_code" type="text" class="button" id="security_code" />
  </td>
          </tr>

             				
        </table>
        <input type="button" class="button" value="Back" onClick="history.go(-1)" />
        <input type="submit" value="Submit" class="button"/>
        </form>

	<?php
        if (!empty($error)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td class="error" align="center">';
            foreach($error as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
        };
        if (!empty($msg)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td align="center">';
            foreach($msg as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
            exit();
        };
        ?>

    </div>
    </center>

</table>
<p id="done" style="width: 220px; font-weight: bold; color: #29b503; font-family: tahoma, arial, sans; font-size: 13px;"></div>
      <div class="TabbedPanelsContent"><center>
      <div style="width:300px">
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<!-- <br>s for visual appearl  do not remove-->
	<br><br><br><br><Br><Br><br><br><br><br>
        <table width="100%" border="0" cellspacing="1" cellpadding="3">
            <tr class="head"><th colspan="2">Retrieve Password</th></tr>
            <tr>
                <th>Username: </th><td align="center"><input class="button" type="text" name="fplogin" size="30" maxlength="16"/></td>
            </tr>
            <tr>
                <th>E-mail: </th><td align="center"><input class="button" type="text" name="fpemail" size="30" maxlength="30"/></td>
            </tr>

<TR>
<th>Security Image: </th><td align="center"><img src="CaptchaSecurityImages.php" />
  </td>
          </tr>
          <TR>
<th>Security Code: </th><td align="center"><input name="security_code" type="text" class="button" id="security_code" />
  </td>
          </tr>

             				
        </table>
        <input type="button" class="button" value="Back" onClick="history.go(-1)" />
        <input type="submit" value="Submit" class="button"/>
        </form>

	<?php
        if (!empty($error)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td class="error" align="center">';
            foreach($error as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
        };
        if (!empty($msg)){
            echo '<table width="100%" border="0" cellspacing="1" cellpadding="3"><tr><td align="center">';
            foreach($msg as $text)
                echo $text.'</br>';
            echo '</td></tr></table>';
            exit();
        };
        ?>

    </div>
    </center>

</table>
<div align="center"></div>
<p id="done" style="width: 220px; font-weight: bold; color: #29b503; font-family: tahoma, arial, sans; font-size: 13px;">
</div>
    </div>
  </div>
</div>
<script type="text/javascript">
<!--
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
//-->
</script>
</body>
</html>

Thankyou to anyone who can have a look and find any errors, i will have the script up here http://tester.comoj.com/acctest/test_02/ so people can see the errors.

Cheers

Charlie

Charlie9809 · January 18, 2009

Bump

Sign In

Trying to Put 4 seperate PHP scripts into a tabbed page, help anyone?

Recommended Posts

Charlie9809

Link to comment

Share on other sites

dawsba

Link to comment

Share on other sites

aschk

Link to comment

Share on other sites

Charlie9809

Link to comment

Share on other sites

aschk

Link to comment

Share on other sites

Charlie9809

Link to comment

Share on other sites

dawsba

Link to comment

Share on other sites

Charlie9809

Link to comment

Share on other sites

Charlie9809

Link to comment

Share on other sites

Charlie9809

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information