Can you help please? Php file

[jokerfool]

I have to write this php file to allow users to register their nicknames on nickserv

 

For an IRC server, however it worked fine for a couple of years, I then upgraded from Php4 to Php5 and suddenly nothing works.

 

If I use "register_global" on it still works but if I turn the RG off I get either a blank page or if I add the following line to show me what the error is:

 

error_reporting(E_ALL);
ini_set('display_errors', 'On');

 

I get 4 Undefined variables.

 

And If I define the variables at the beginning of the script, I get the blank page again.

 

Here is the script, and I hope somebody can give me some clues on what I should do.

 

Thanks

 

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 'On');

// Adresse de Connexion du Serveur 
$serv="irc.someserver.org"; 
// Port du Serveur 
$port="6667"; 
// Pseudo de NickServ 
$nickserv="NickServ"; 
// Message de quit 
$messquit="Enregistrement sous $nickserv Ok !!!"; 


if($create) 
    { 
    $pseudo1=stripslashes($pseudo); 
    $motpass1=stripslashes($motpass); 
    $email1=stripslashes($email); 
    $fp=fsockopen("$serv","$port"); 
    fputs($fp,"USER $pseudo1 $pseudo1 $pseudo1 :$pseudo1 \r\n"); 
    fputs($fp,"NICK $pseudo1 \r\n"); 
    //while($data=fgets($fp,1024)) 
     while($data=fgets($fp,2046))
        { 
        if(ereg("PING",$data)) 
            { 
            $ping = explode(":",$data); 
            $reply = $ping[1]; 
            fputs($fp,"PONG $reply\n\r"); 
            } 
        elseif(ereg("433",$data)) 
            { 
            fputs($fp,"QUIT : Pseudo used \r\n"); 
            header("location:nickserv.php?used=1&pseudo=$pseudo1"); 
            } 


        elseif(ereg("MODE",$data)) 
            { 
            fputs($fp,"PRIVMSG $nickserv : register $motpass1 $email1 \r\n"); 
            fputs($fp,"QUIT : $messquit \r\n"); 
            header("location:nickserv.php?result=1&pseudo=$pseudo1&motpass=$motpass1&email=$email1"); 
            } 
        } 
    } 
print("<html><head><title>Register nickname with $nickserv</title></head><body>");     
// 
// Verification du formulaire 
//
print("<script language=\"javascript\">\n"); 
print("function verife()\n"); 
print("{\n"); 
print("if (document.formu.pseudo.value.length == 0)\n"); 
print("{\n"); 
print("alert(\"Votre Pseudo...\");\n"); 
print("return false;\n"); 
print("}\n"); 
print("if (document.formu.motpass.value.length == 0)\n"); 
print("{\n"); 
print("alert(\"Votre Mot de Passe...\");\n"); 
print("return false;\n"); 
print("}\n"); 
print("if (document.formu.email.value.length == 0)\n"); 
print("{\n"); 
print("alert(\"Votre E-mail...\");\n"); 
print("return false;\n"); 
print("}\n"); 
print("return true;\n"); 
print("}\n"); 
print("</script>\n"); 


if($debut == 1)

    { 
    print("<center>Enregistrement de votre pseudo sous $nickserv<br><br>"); 
    print("<form name=\"formu\" OnSubmit=\"return verife()\" action=\"nickserv.php?create=1\" method=\"post\">"); 
    print("Votre Pseudo<br><input type=\"text\" name=\"pseudo\" size=\"30\" maxlength=\"30\"><br>"); 
    print("Your Password ( min : 5 letters ) <br><input type=\"text\" name=\"motpass\" size=\"30\" maxlength=\"30\"><br>"); 
    print("Votre E-mail<br><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"30\"><br><br>"); 
    print("<input type=\"submit\" value=\"Enregistrer\">"); 
    print("</form></center>"); 
    } 

if($result== 1) 
    { 
    $ps=stripslashes($pseudo); 
    $ps=htmlspecialchars("$ps", ENT_QUOTES); 
    $pa=stripslashes($motpass); 
    $pa=htmlspecialchars("$pa", ENT_QUOTES); 
    $em=stripslashes($email); 
    $em=htmlspecialchars("$em", ENT_QUOTES); 
    print("<center>Votre Pseudo a bien ete enregistre.<br>"); 
    print("Pseudo : $ps<br>"); 
    print("Mot de Passe : $pa<br>"); 
    print("E-mail : $em<br><br><a href=\"nickserv.php?debut=1\">Retour...</a></center>"); 
    } 

if($used== 1) 
    { 
    $ps=stripslashes($pseudo); 
    $ps=htmlspecialchars("$ps", ENT_QUOTES); 
    print("<center>$ps est online sur le serveur.<br><br><a href=\"nickserv.php?debut=1\">Retour...</a></center>"); 
    } 

print("</body></html>"); 
?> 

 

If anyone can give some answers, I would really appreciate it, I promise you I have tried almost anything you can think of, remember this script did work for nearly 3 years without a problem.

 

Thank you.

[citricsquid]

You need to change all the variables taken from the previous page to $_GET['name'] or $_POST['name'] depending on the method they're passed with. For example in your script you have "if($create)" but $create isn't defined anywhere, so I assume the form passes it, correct? If so above this line you should have "$create = $_GET['create']" (or $_POST).

[PFMaBiSmAd]

register_globals magically populated program variables from the corresponding $_POST, $_GET, $_COOKIE, $_SESSION, $_SERVER, $_ENV... variables. Unfortunately, they also back-populated SESSION variables, which meant that hackers could magically set your session variables by simply putting a $_GET variable on the end of the URL when he visits one of your pages that you think is being protected by a log in script. A lot of web sites where taken over this way. register_globals were turned off by default nearly 8 years ago.

 

You need to use the correct source variable in your code. Your form is using the POST method, so the values are present in $_POST variables, such as $_POST['pseudo'] You are also passing $create on the end of the URL as a GET parameter, so you would use $_GET['create']

 

If you are using session variables with the session_register(), session_is_registered(), or session_unregister() functions, you will need to make addition changes in your code in order to remove those functions.