TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   General (http://www.talkphp.com/general/)
-   -   need help (http://www.talkphp.com/general/15-need-help.html)

alcapone 04-13-2005 02:21 AM
need help
 
have a php game code where it keeps you logged in and the next person to go there will beable to use your name so keeps you logged in

help please

CreativeLogic 04-13-2005 02:30 AM
I'm not sure exactly what you're saying? Can you explain further?

alcapone 04-13-2005 02:33 AM
ok lets say you go to my game and sign in to the game
ok me being that its my game im admin well if i logout when some one goes to the page all they need to do is hit play and they in the game under my account so it keeps you logged in the game at all times

CreativeLogic 04-13-2005 02:40 AM
Are you using cookies, sessions or some other type of authentication and login management? Still need more information. I'm not sure how exactly you login or keep control of your users?

alcapone 04-13-2005 03:04 AM
html.php file
 
3 Attachment(s)
ok here are the files

CreativeLogic 04-13-2005 03:19 AM
I have no idea what the problem is. It none of those files does it set the $id variable. Although it uses it through the html.php file. Possibly attach setup.php file also. The only thing that I saw for user authentication was if the username and password were both set. Then it checked for a match via the database. It only set one cookie after that which to be honest, I have no reason why it did that. It set the 'code' held in the database in the cookie. First off, this is a bad procedure because many people could by pass this if they knew this 'code'. Anyways, I need to figure out where the $id variable is being set and setup.php is the only file I think that would have a possibility at this point, unless there are more files included in the setup.php file.

By the way, this script is full of SQL injection. If I were you I would pay a programmer or go through all the files yourself and try to fix those problems. You could run into a problem depending on your php installation. :(

alcapone 04-13-2005 03:32 AM
setup.php
 
here is the setup.php file

CreativeLogic 04-13-2005 03:34 AM
Ok, I deleted your file though as it includes things that you probably don't want everyone to know. I'm looking at the file now.

CreativeLogic 04-13-2005 03:38 AM
Ok, try upload this setup.php file and give me the url to the site. I'm going to run a few tests on it and see what is causing the problem.

Let me know when you download the file so I can delete it so no one steals your information.

alcapone 04-13-2005 03:41 AM
ok have file and uploaded

www.pimpvalley.com

CreativeLogic 04-13-2005 03:43 AM
Ok, try this file now.

Again, let me know when you have it.

CreativeLogic 04-13-2005 03:49 AM
Ok, I noticed you uploaded it. Here's my last idea. This query is being ran when every someone goes to the site:
PHP Code:
SELECT id FROM $tab[userWHERE code='$trupimp' 
So basically it looks like they are being logged in as admin every time. Run this query in phpMyAdmin and tell me what it returns:
PHP Code:
SELECT code FROM users WHERE username 'admin' 

CreativeLogic 04-13-2005 03:51 AM
By the way here is your fixed setup.php file that you can reupload.

alcapone 04-13-2005 04:01 AM
sorry i added the name manually so no code that was the prob thank you so much four the help

CreativeLogic 04-13-2005 04:01 AM
No problem. I noticed it was working correctly so yes, that was the problem! :)

Veolus 04-13-2005 07:30 AM
I can see your a really nice and helping guy, Ryan :)

If i have any problems with PHP i will be sure to post them at TalkPHP ;)

CreativeLogic 04-13-2005 07:51 AM
Thanks for the kind words! :)


All times are GMT. The time now is 08:43 PM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0