Hi,
This time teach them how to create your web page style MPOG GunZ
Hey here's the download link several of the web with several bugs fixed.
Proved necessary requirements:
"Having installed Microsoft SQL Server Management Studio Express
"Having the database (GunzDB) already created.
"To have or install AppServer 2.6.0
Started.
Installation.
Unzip the file ".Rar" called "tables". As summer there are several files ".Sql" called account.sql,
indexcontent.sql, Login.sql and SessionHash.sql ...
Then listen double click the file starting account.sql.
How to open SQL summer, log on, and change master to "GunzDB" and press Run .
And so on with the rest of the files.
Then, unpack the file. ".rar" call "IndexContent" and execute it.
NOTE: If for any reason, SQL tells you that the file will be replaced, you will give "if any"
Finished all, delete all files and used.
Now we proceed to install the "AppServer" We pressed next, until it looks like this:
As truly said "Server Name" "Email".
In "Server Name" I will put what you want with no spaces and "Administrator's Email Address" will put your email
In "Apache HTTP Port" by default "80", or change it to "8080"
In the "MySQL Server Configuration" asks for password ... You can put the one you want,
We now proceed to install the AppServer.
At the end NO PRESSURE "Finish", go to Start - Run - and type "php.ini"
We look for the word "mssql" and delete ";" from "mssql.dll" and "ming.dll"
Default:
Code:
;extension=php_ming.dll
;extension=php_mssql.dll
Change:
Code:
extension=php_ming.dll
extension=php_mssql.dll
We close and save changes.
After going to My Computer - Local Disk C:\AppServ - and delete the folder "www" found there.
Unzip it. "Rar" called "www" in that place.
When there will decompress a file. "Dll" called "Ntwdblib.dll", copy this file and paste in the following folders:
php6, Apache 2.2, bin (found in the "Apache 2.2").
Installing returned to the AppServer, and it ends.
Settings.
Come to the folder "www" by default is in "C:\AppServ\www" and began to configure the web!
We headed to the file "config.php"
Code:
<?php
mssql_connect(Your user\SQLEXPRESS","sa","password");
mssql_select_db("GunzDB");
$opened = 1;
if($opened == 0){
$pagetitle = "Server in maintenance";
}
?>
In closing, save your changes.
We headed to the file "hash.php"
Code:
<?php
//This file has been edited by Wizkid. All rights reserved.
mssql_connect("Your user\SQLEXPRESS","sa","password");
mssql_select_db("GunzDB");
//Anti SQL injection by Wizkid. Updated a bit to prevent all sorts of injections.
function antisql($sql)
{
// Remove words that contain SQL syntax
$sql = preg_replace(sql_regcase("/(from|update|set|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql); //Replaces some parts of a SQL query with absolutely nothing.
$sql = trim($sql); //antisqls up spaces
$sql = strip_tags($sql);//Php and html tags strip
$sql = addslashes($sql);//Adds backslashes to one string
return $sql;
}
//==========================================================
$hashid = antisql($_GET['hashid']);
$res = mssql_query("SELECT * FROM SessionHash WHERE HashString = '$hashid' AND Used = '0'");
if(mssql_num_rows($res) >= 1){
$data = mssql_fetch_assoc($res);
mssql_query("UPDATE Login SET Allowed = '1' WHERE UserID = '".$data['User']."'");
mssql_query("UPDATE SessionHash SET Used = '1' WHERE HashString = '$hashid'");
echo "YES";
}else{
echo "NO";
}
?>
In closing, we save the changes.
We headed to the file "registrer.php"
Code:
<body bgcolor="#999999">
<div align="center">
<p><strong><font color="#FFFFFF">Returns "Your GunZ"<a href="/index.php">Aqui</a>«</font></strong></p>
<p>
<?php
/*
This script was written by Wizkid.
All rights reserved. Any support can be requested via RageZone.
You're allowed to edit this script and modify the template.
However, you are NOT allowed to remove and/or edit my copyright.
Removing this copyright will be your death.
*/
//Edit to fit YOUR requirements.
$servername = "You own GunZ";
$accounttable = "Account";
$logintable = "Login";
//Edit these variables. If not, no regpage for you. (Or you're fuxpro with the same logins as me.)
$host = "Your user\SQLEXPRESS";
$user = "sa";
$pass = "password";
$dbname = "GunzDB";
$connect = odbc_connect("Driver={SQL Server};Server={$host}; Database={$dbname}", $user, $pass) or die("Can't connect the MSSQL server.");
//The well-known antisql injection. Bad enough, it's needed.
function antisql($sql) {
$sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|--|\\\\)/"),"",$sql);
$sql = trim($sql);
$sql = strip_tags($sql);
$sql = addslashes($sql);
return $sql;
}
//My favorite function. Get The Fuck Off. (Nothing personally :].)
function gtfo($wut) {
echo "<center><table width='500' cellpadding='5' cellspacing='0' border='0' style='border: 1px ;'>
<tr>
<td align=center width='100%' style='border-bottom: 1px solid black;'><b>Error</b></td>
</tr>
<tr>
<td width='100%'><center>$wut</center></td>
</tr>
</table>";
die();
}
//Check email function. This to prevent fake emails. (Remember the time YOU doing that?)
function checkemail($address) {
list($local, $host) = explode("@", $address);
$pattern_local = "^([0-9a-z]*([-|_]?[0-9a-z]+)*)(([-|_]?)\.([-|_]?)[0-9a-z]*([-|_]?[0-9a-z]+)+)*([-|_]?)$";
$pattern_host = "^([0-9a-z]+([-]?[0-9a-z]+)*)(([-]?)\.([-]?)[0-9a-z]*([-]?[0-9a-z]+)+)*\.[a-z]{2,4}$";
$match_local = eregi($pattern_local, $local);
$match_host = eregi($pattern_host, $host);
if($match_local && $match_host) {
return 1;
}
else {
return 0;
}
}
//The num_rows() function for ODBC since the default one always returns -1.
function num_rows(&$rid) {
//We can try it at least, right?
$num= odbc_num_rows($rid);
if ($num >= 0) {
return $num;
}
if (!odbc_fetch_row($rid, 1)) {
odbc_fetch_row($rid, 0);
return 0;
}
if (!odbc_fetch_row($rid, 2)) {
odbc_fetch_row($rid, 0);
return 1;
}
$lo= 2;
$hi= 8192000;
while ($lo < ($hi - 1)) {
$mid= (int)(($hi + $lo) / 2);
if (odbc_fetch_row($rid, $mid)) {
$lo= $mid;
} else {
$hi= $mid;
}
}
$num= $lo;
odbc_fetch_row($rid, 0);
return $num;
}
?>
<html>
<head>
</p>
</div>
<title><?=$servername?> Registration</title>
</head>
<body>
<center>
<?php
//Oh well. Let's create the variable $ip to start with.
$ip = antisql($_SERVER['REMOTE_ADDR']);
/*
An extra feature. This is NOT enabled before you remove this + the comment thingy's.
To ban 1 IP it will be:
if ($ip == "xxxxxx")
{
gtfo("Your IP is blacklisted.");
}
For multiple IP's, use this way:
if ($ip == "xxxxxx" OR $ip == "xxxxxx")
{
gtfo("Your IP is blacklisted.");
}
*/
//Get the AID out of the Login table (defined at the top of this file) where LastIP is the visitors IP.
$query1 = odbc_exec($connect,"SELECT AID FROM $logintable WHERE LastIP = '$ip'");
//Understable for the real people. Editing this without knowledge will be the death of your regpage.
$i=1;
while (odbc_fetch_row($query1, $i)){
$aid = odbc_result($query1, 'AID');
$query2 = odbc_exec($connect,"SELECT UGradeID FROM $accounttable WHERE AID = '$aid'");
odbc_fetch_row($query2);
$ugradeid = odbc_result($query2, 1);
if ($ugradeid == "253")
{
//Get the fuck off.
gtfo("You have one or more accounts banned here. You're not welcome anymore.");
}
$i++;
}
//The doreg part.
if (isset($_GET['act']) AND $_GET['act'] == "doreg")
{
//Check for any shit.
if (!is_numeric($_POST['age']) OR !checkemail($_POST['email']) OR empty($_POST['username']) OR empty($_POST['password']) OR empty($_POST['email']) OR empty($_POST['name']) OR empty($_POST['age']))
{
gtfo("You're not funny.");
}
//Check if the username exists already.
$query1 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
$count1 = num_rows($query1);
if ($count1 >= 1)
{
gtfo("Username in use.");
}
//Check if the Email is in use.
$query2 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE Email = '" . antisql($_POST['email']) . "'");
$count2 = num_rows($query2);
if ($count2 >= 1)
{
gtfo("Email address in use.");
}
//Regdate
//Time for the real work. Editing this will be the end of your regpage.
$query3 = odbc_exec($connect, "INSERT INTO $accounttable (UserID, UGradeID, PGradeID, RegDate, Email, Age, Name) VALUES ('".antisql($_POST['username'])."', '0', '0', '11.03.2207 0:00:00', '".antisql($_POST['email'])."', '".antisql($_POST['age'])."', '".antisql($_POST['name'])."')");
$query4 = odbc_exec($connect, "SELECT AID FROM $accounttable WHERE UserID = '" . antisql($_POST['username']) . "'");
odbc_fetch_row($query4);
$aid = odbc_result($query4, 1);
//If no results comes back. (Registration failed.)
if (!$aid)
{
gtfo("Shit happened. Please report this bug at our forums.");
}
odbc_exec($connect, "INSERT INTO $logintable (UserID, AID, Password, euCoins) VALUES ('".antisql($_POST['username'])."', '$aid', '".antisql($_POST['password'])."', '0')");
//When everything is done, show the username/password to the visitor.
gtfo("Your account has been created.<br><br>
Username: $_POST[username]<br>
Password: $_POST[password]<br><br>
Have fun at $servername!");
}
//Here the party begins. Feel free to edit this.
echo "<table width='350'>
<form action='" . $_SERVER['PHP_SELF'] . "?act=doreg' method='POST'>
<b>Register an account at $servername.</b><br><br>
<tr>
<td width='50%'><b>Username:</b></td>
<td width='50%'><input type='text' name='username'></td>
</tr>
<tr>
<td width='50%'><b>Password:</b></td>
<td width='50%'><input type='password' name='password'></td>
</tr>
<tr>
<td width='50%'><b>E-mail:</b></td>
<td width='50%'><input type='text' name='email'></td>
</tr>
<tr>
<td width='50%'><b>Name:</b></td>
<td width='50%'><input type='text' name='name'></td>
</tr>
<tr>
<td width='50%'><b>Age:</b></td>
<td width='50%'><input type='text' name='age'></td>
</tr>
<tr>
<td width='50%'><b></b></td>
<td width='50%'><input type='submit' value='Register'></td>
</tr>
</table>";
?>
<br>
<!-- No you don't remove it. -->
<font size="1">Copyright 2008 Wizkid - <?=$servername?>.</font>
<!-- See? -->
</center>
</body>
</html>
In closing keep the changes.
Now we drove to the folder 'Panel' and edit the following files: "config.php", "config1.php".
When you finish configuring the file, save the changes.
Now we drove to the folder "clan" and edit the "config.php"
Code:
<?php
//Data Base Stuff!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
$DBHost = 'Your user\SQLEXPRESS'; //The host of your DB (I.E: MACHINE\SQL2005)
$DBUser = 'sa'; //Your DB User
$DBPass = 'password'; //Your DB Password
$DB = 'GunzDB'; //Your GunZ DB
?>
Save the changes made.
The configuration here now to see all the work we've done, we drove to your browser (We recommend using FireFox)
Write your ip default or who has no internet (like me xD) 127.0.0.1/index.php
NOTE: If you used the "port" (8080) type your ip + :8080
Code:
your ip, or 127.0.0.1:8080/index.php
Perfect!, your website GunZ is complete! I hope you have enjoyed my tutorial, thank costs nothing.
Credits:
* Emisand- For Admin Panel.
* Lambda - For webpage .
* Jizeth - for doing the tutorial and fix several bugs on the web.
Downloads.
1. AppServ - Download
2. Megaupload - Download folder "www"
3. Free large file hosting. Send big files the easy way! [Registrer.php]
Attached Files
table.rar : http://forum.ragezone.com/attachments/f497/73940d1261166019-tut-make-gunzweb-panel-tables.rar
index content.rar : http://forum.ragezone.com/attachments/f497/73941d1261166019-tut-make-gunzweb-panel-indexcontent.rar