magic_quote problem.. and help me add HASH.... [URGENT!!!!]

  • xDragonZ
  • Born
  • Born
  • xDragonZ
  • Posts: 3

Post 3+ Months Ago

Besides that i have problem with magic_quote..

when i post Jingle's Bells
it will show :Jingle\\\'s Bells
so anyone have any idea?

----------------------------------------------------------------------------
and anyone have a code for [register page , reset password , comfimation mail?]
or help me edit this...just only help me implemed HASH.. you ca use MD5/SHA1

PHP Code: [ Select ]
if($_POST['create_account']){
   if(!$_POST['accept_terms']) $smarty->assign("error_terms", err_accept_terms);
   else if(!$_POST['username']) $smarty->assign("error_username", err_choose_username);
   else if(!preg_match('/^[a-zA-Z0-9]+$/', $_POST['username'])) $smarty->assign("error_username_chars", err_username_chars);
   else if(user_exists($_POST['username'])) $smarty->assign("error_username", err_account_exists);
   else if(!$_POST['pass1'] || $_POST['pass1'] != $_POST['pass2']) $smarty->assign("error_pass", err_password_mismatch);
   else if(!email_ok($_POST['email'])) $smarty->assign("error_email", err_email_incorrect);
   else if($_POST['code1'] != $_POST['code2']) $smarty->assign("error_code", err_invalid_code);
   else if(email_exists($_POST['email'])) $smarty->assign("error_email", err_email_exists);
   else {
      if($_POST['visible']) $visible = 1; else $visible = 0;
      $db = new database;
      $db->dblink();
      $id = $db->db_insert("users", "time, username, pass, email, visible", time().", '{$_POST['username']}', '{$_POST['pass1']}', '{$_POST['email']}', $visible");
      if($id) {
         $rec = $db->get_rec("users", "*", "id=$id");
         $_SESSION['user'] = new user($rec);
 
         //confirmation email
         $msg = str_replace("#username", $_SESSION['user']->username, confirmation_mail);
         $msg = str_replace("#link", $base_href."welcome/".encrypt($_SESSION['user']->username."###".$_SESSION['user']->pass), $msg);
         mail($_SESSION['user']->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
 
         $files = get_files('sample_photos');
         $file = $files[0];
         $old = "sample_photos/$file";
 
         $parts = explode(".", $file);
         $last = count($parts) - 1;
         $ext = $parts[$last];
 
         $filename = $_SESSION['user']->id.".".$ext;
         $new = "profile_images/$filename";
         if(copy($old, $new)) $db->db_update("users", "avatar='$filename'", "id={$_SESSION['user']->id}");
         copy($new, "avatars/$filename");
         resize_picture(25, 25, "avatars/$filename", $ext);
 
         //confirmation email
         //$msg = str_replace("#username", $_SESSION['user']->username, confirmation_mail);
         //$msg = str_replace("#link", $base_href."welcome/".encrypt($_SESSION['user']->username."###".$_SESSION['user']->pass), $msg);
         //mail($_SESSION['user']->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
         unset($_SESSION['user']);
         $page = "welcome_info";
      } else $error = err_create_account;
   }
   if($page != "welcome_info") {
      $page = "home";
      $smarty->assign("error", $error);
      $smarty->assign("reg", 1);
   }
} //login a user
if($_POST['login']){
   $result = $db->get_recs("users", "*", "(username='{$_POST['user']}' or email='{$_POST['user']}') and pass='{$_POST['pass']}' and new=0");
   $how_many = $db->count_recs($result);
   if($how_many != 0) {
      $rec = $db->fetch_objects($result);
      $_SESSION['user'] = new user($rec[0]);
      $_SESSION['user_id'] = $_SESSION['user']->id;
      if($_POST['remember_me']){
         setcookie("login_user", $_SESSION['user']->username, time() + 86400 * 60);
         setcookie("login_pass", $_SESSION['user']->pass, time() + 86400 * 60);
      }
      unset($_SESSION['logged_out']);
      header("Location: profile/{$_SESSION['user']->username}");
   } else {
      $result = $db->get_recs("users", "*", "(username='{$_POST['user']}' or email='{$_POST['user']}') and pass='{$_POST['pass']}' and new=1");
      $how_many = $db->count_recs($result);
      if($how_many != 0){
         //confirmation email
         $recs = $db->fetch_objects($result);
         if(is_array($recs)) foreach($recs as $rec){
            $u = new user($rec);
            $msg = str_replace("#username", $u->username, confirmation_mail);
            $msg = str_replace("#link", $base_href."welcome/".encrypt($u->username."###".$u->pass), $msg);
            mail($u->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
            $smarty->assign("login_error", err_account_inactive);
         } else $smarty->assign("login_error", err_login_incorrect);
      } else $smarty->assign("login_error", err_login_incorrect);
   }
}
 
//check if the user is logged in
if($_SESSION['user']){
   $rec = $db->get_rec("users", "id", "username='{$_SESSION['user']->username}'");
   if($rec->id != $_SESSION['user_id']) $_SESSION['user_id'] = $rec->id;
} else {
   //if not logged in but remembered in cookies
   if($_COOKIE['login_user'] && $_COOKIE['login_pass'] && !$_SESSION['logged_out']){
      $rec = $db->get_rec("users", "*", "(username='{$_COOKIE['login_user']}' or email='{$_COOKIE['login_user']}') and pass='{$_COOKIE['login_pass']}'");
      if($rec) $_SESSION['user'] = new user($rec);
      header("Location: profile/{$_SESSION['user']->username}");
   }
   $code = random_string(5);
   $smarty->assign("code", $code);
}
  1. if($_POST['create_account']){
  2.    if(!$_POST['accept_terms']) $smarty->assign("error_terms", err_accept_terms);
  3.    else if(!$_POST['username']) $smarty->assign("error_username", err_choose_username);
  4.    else if(!preg_match('/^[a-zA-Z0-9]+$/', $_POST['username'])) $smarty->assign("error_username_chars", err_username_chars);
  5.    else if(user_exists($_POST['username'])) $smarty->assign("error_username", err_account_exists);
  6.    else if(!$_POST['pass1'] || $_POST['pass1'] != $_POST['pass2']) $smarty->assign("error_pass", err_password_mismatch);
  7.    else if(!email_ok($_POST['email'])) $smarty->assign("error_email", err_email_incorrect);
  8.    else if($_POST['code1'] != $_POST['code2']) $smarty->assign("error_code", err_invalid_code);
  9.    else if(email_exists($_POST['email'])) $smarty->assign("error_email", err_email_exists);
  10.    else {
  11.       if($_POST['visible']) $visible = 1; else $visible = 0;
  12.       $db = new database;
  13.       $db->dblink();
  14.       $id = $db->db_insert("users", "time, username, pass, email, visible", time().", '{$_POST['username']}', '{$_POST['pass1']}', '{$_POST['email']}', $visible");
  15.       if($id) {
  16.          $rec = $db->get_rec("users", "*", "id=$id");
  17.          $_SESSION['user'] = new user($rec);
  18.  
  19.          //confirmation email
  20.          $msg = str_replace("#username", $_SESSION['user']->username, confirmation_mail);
  21.          $msg = str_replace("#link", $base_href."welcome/".encrypt($_SESSION['user']->username."###".$_SESSION['user']->pass), $msg);
  22.          mail($_SESSION['user']->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
  23.  
  24.          $files = get_files('sample_photos');
  25.          $file = $files[0];
  26.          $old = "sample_photos/$file";
  27.  
  28.          $parts = explode(".", $file);
  29.          $last = count($parts) - 1;
  30.          $ext = $parts[$last];
  31.  
  32.          $filename = $_SESSION['user']->id.".".$ext;
  33.          $new = "profile_images/$filename";
  34.          if(copy($old, $new)) $db->db_update("users", "avatar='$filename'", "id={$_SESSION['user']->id}");
  35.          copy($new, "avatars/$filename");
  36.          resize_picture(25, 25, "avatars/$filename", $ext);
  37.  
  38.          //confirmation email
  39.          //$msg = str_replace("#username", $_SESSION['user']->username, confirmation_mail);
  40.          //$msg = str_replace("#link", $base_href."welcome/".encrypt($_SESSION['user']->username."###".$_SESSION['user']->pass), $msg);
  41.          //mail($_SESSION['user']->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
  42.          unset($_SESSION['user']);
  43.          $page = "welcome_info";
  44.       } else $error = err_create_account;
  45.    }
  46.    if($page != "welcome_info") {
  47.       $page = "home";
  48.       $smarty->assign("error", $error);
  49.       $smarty->assign("reg", 1);
  50.    }
  51. } //login a user
  52. if($_POST['login']){
  53.    $result = $db->get_recs("users", "*", "(username='{$_POST['user']}' or email='{$_POST['user']}') and pass='{$_POST['pass']}' and new=0");
  54.    $how_many = $db->count_recs($result);
  55.    if($how_many != 0) {
  56.       $rec = $db->fetch_objects($result);
  57.       $_SESSION['user'] = new user($rec[0]);
  58.       $_SESSION['user_id'] = $_SESSION['user']->id;
  59.       if($_POST['remember_me']){
  60.          setcookie("login_user", $_SESSION['user']->username, time() + 86400 * 60);
  61.          setcookie("login_pass", $_SESSION['user']->pass, time() + 86400 * 60);
  62.       }
  63.       unset($_SESSION['logged_out']);
  64.       header("Location: profile/{$_SESSION['user']->username}");
  65.    } else {
  66.       $result = $db->get_recs("users", "*", "(username='{$_POST['user']}' or email='{$_POST['user']}') and pass='{$_POST['pass']}' and new=1");
  67.       $how_many = $db->count_recs($result);
  68.       if($how_many != 0){
  69.          //confirmation email
  70.          $recs = $db->fetch_objects($result);
  71.          if(is_array($recs)) foreach($recs as $rec){
  72.             $u = new user($rec);
  73.             $msg = str_replace("#username", $u->username, confirmation_mail);
  74.             $msg = str_replace("#link", $base_href."welcome/".encrypt($u->username."###".$u->pass), $msg);
  75.             mail($u->email, confirmation_subject, $msg, "From: Admin<".CONTACT_MAIL.">");
  76.             $smarty->assign("login_error", err_account_inactive);
  77.          } else $smarty->assign("login_error", err_login_incorrect);
  78.       } else $smarty->assign("login_error", err_login_incorrect);
  79.    }
  80. }
  81.  
  82. //check if the user is logged in
  83. if($_SESSION['user']){
  84.    $rec = $db->get_rec("users", "id", "username='{$_SESSION['user']->username}'");
  85.    if($rec->id != $_SESSION['user_id']) $_SESSION['user_id'] = $rec->id;
  86. } else {
  87.    //if not logged in but remembered in cookies
  88.    if($_COOKIE['login_user'] && $_COOKIE['login_pass'] && !$_SESSION['logged_out']){
  89.       $rec = $db->get_rec("users", "*", "(username='{$_COOKIE['login_user']}' or email='{$_COOKIE['login_user']}') and pass='{$_COOKIE['login_pass']}'");
  90.       if($rec) $_SESSION['user'] = new user($rec);
  91.       header("Location: profile/{$_SESSION['user']->username}");
  92.    }
  93.    $code = random_string(5);
  94.    $smarty->assign("code", $code);
  95. }
  • tiffix
  • Student
  • Student
  • User avatar
  • Posts: 65
  • Loc: kenya

Post 3+ Months Ago

enclose your variable like so before echoing them

Code: [ Select ]
\"".$variablename."\"
:wink:
  • xDragonZ
  • Born
  • Born
  • xDragonZ
  • Posts: 3

Post 3+ Months Ago

OK...
i have off the magic_quotes by using :
php_flag magic_quotes_gpc Off
Before:
Jingle\\\'s Bells
Now:
Jingle\'s Bells
  • devilwood
  • Silver Member
  • Silver Member
  • User avatar
  • Posts: 436

Post 3+ Months Ago

that should be fine if storing Jingle\'s Bells in a db. For display, all you should be lacking is a stripslashes() to remove slash.

http://us2.php.net/stripslashes

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: Liamw411 and 71 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.