Welcome to AC Web.

View Poll Results: Should i add config option so that you can choose to check port with cmd or fsockopen

Voters
41. You may not vote on this poll
  • Yes please add it

    27 65.85%
  • No !

    2 4.88%
  • I dont care. Do it if you want

    12 29.27%
Page 10 of 10 FirstFirst ... 8910
Results 136 to 148 of 148
  1. #136

    REGISTER! (FREE)
    Registered members see less ads
    and also gain access to other great features.
    Thank you

  2. #137
    there are no restrictions on entering characters and so on. You can enter absolutely any information in the username and password field. You can't do that.

  3. #138
    Fatal error: Uncaught Error: Call to a member function bind_param() on bool in C:\xampp\htdocs\TokDevReg\functions\register.php:1 8 Stack trace: #0 {main} thrown in ++++:\++++\++++\TokDevReg\functions\register.php on line 18
    !
    Fatal error
    Last edited by newemudev; 04-05-2020 at 01:39 AM.

  4. #139
    Quote Originally Posted by wowskream View Post
    there are no restrictions on entering characters and so on. You can enter absolutely any information in the username and password field. You can't do that.
    You can and you should. The user should enter whatever he wants, in the php there has to be a sanitization of every character that is not supported or unwanted. To prevent SQL Injection atleast.

    - - - Updated - - -

    Quote Originally Posted by newemudev View Post
    Fatal error
    Check the required version of php of the website and check yours.

  5. #140
    Web Developer

    Join Date
    Oct 2010
    Location
    somewhere between <?php and ?>
    Posts
    3,082
    Quote Originally Posted by SkyLiner View Post
    You can and you should. The user should enter whatever he wants, in the php there has to be a sanitization of every character that is not supported or unwanted. To prevent SQL Injection atleast.

    - - - Updated - - -



    Check the required version of php of the website and check yours.
    Long time ago since i made this site but i'm pretty sure i wrote all my php code using Prepared Statements to prevent SQL Injection Attacks.

  6. #141
    Hi all!

    Thank you Tok124 for your awesome work!

    I use it for a legion server and i met with the problem what some other legion users mentioned. Like the error message with empty ajax data.

    The functions/register.php does not send "registered" or "1" in the data of ajax.
    Also does not check for already registered email or user.

    So i made some changes: https://pastebin.com/FksRe56p

    Would you approve or fix it in a different way?

  7. #142
    Web Developer

    Join Date
    Oct 2010
    Location
    somewhere between <?php and ?>
    Posts
    3,082
    Quote Originally Posted by Haverr View Post
    Hi all!

    Thank you Tok124 for your awesome work!

    I use it for a legion server and i met with the problem what some other legion users mentioned. Like the error message with empty ajax data.

    The functions/register.php does not send "registered" or "1" in the data of ajax.
    Also does not check for already registered email or user.

    So i made some changes: https://pastebin.com/FksRe56p

    Would you approve or fix it in a different way?
    Yeah i dont have a legion server and never had it so it was kinda hard for me to do any testing and also understand how all works since im not used to the battlenet system But i do remember someone tried the site when it was done and it was working just fine to register an account but maybe something has been changed. I dont really know... But yeah if your code is working fine then i'll update the link and leave credits for your update

  8. #143
    nice work tok!

    i have a question is there a way that your site will work with QNAP sql server ? i can connect but it is not writing changes
    Last edited by emptak123; 09-16-2020 at 05:53 AM.

  9. #144
    Web Developer

    Join Date
    Oct 2010
    Location
    somewhere between <?php and ?>
    Posts
    3,082
    Quote Originally Posted by emptak123 View Post
    nice work tok!

    i have a question is there a way that your site will work with QNAP sql server ? i can connect but it is not writing changes
    I highly doubt that it would work since all types of SQL Server have differrent commands or whatever you call it (You write queries slightly different for each type). However, It should not be too hard to change the queries to work for QNAP SQL

  10. #145
    Quote Originally Posted by Tok124 View Post
    I highly doubt that it would work since all types of SQL Server have differrent commands or whatever you call it (You write queries slightly different for each type). However, It should not be too hard to change the queries to work for QNAP SQL

    so i got this one Fatal error: Uncaught Error: Call to a member function bind_param() on bool in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php:28 Stack trace: #0 {main} thrown in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php on line 28
    !

    - - - Updated - - -

    Quote Originally Posted by emptak123 View Post
    so i got this one Fatal error: Uncaught Error: Call to a member function bind_param() on bool in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php:28 Stack trace: #0 {main} thrown in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php on line 28
    !
    so the problem was in sha_pass_hash there is none in sql db
    Last edited by emptak123; 09-16-2020 at 07:00 PM.

  11. #146
    Web Developer

    Join Date
    Oct 2010
    Location
    somewhere between <?php and ?>
    Posts
    3,082
    Quote Originally Posted by emptak123 View Post
    so i got this one Fatal error: Uncaught Error: Call to a member function bind_param() on bool in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php:28 Stack trace: #0 {main} thrown in /share/CACHEDEV1_DATA/Web/ragepage2/functions/register.php on line 28
    !

    - - - Updated - - -



    so the problem was in sha_pass_hash there is none in sql db
    Ah i see. Yeah well that depends on core. If you use TrinityCore for 3.3.5a then you do have the sha_pass_hash column in the account table

  12. #147
    Quote Originally Posted by Tok124 View Post
    Ah i see. Yeah well that depends on core. If you use TrinityCore for 3.3.5a then you do have the sha_pass_hash column in the account table
    Well, they changed table structure again

    https://github.com/TrinityCore/Trini...tabase.sql#L22

    https://github.com/TrinityCore/Trini...untMgr.cpp#L45
    Apparently, they're using srp6 protocol
    Last edited by mindsear; 09-16-2020 at 11:42 PM.

  13. #148
    Web Developer

    Join Date
    Oct 2010
    Location
    somewhere between <?php and ?>
    Posts
    3,082

    REGISTER! (FREE)
    Registered members see less ads
    and also gain access to other great features.
    Quote Originally Posted by mindsear View Post
    Well, they changed table structure again

    https://github.com/TrinityCore/Trini...tabase.sql#L22

    https://github.com/TrinityCore/Trini...untMgr.cpp#L45
    Apparently, they're using srp6 protocol
    Ah what the fuck... Okay, Thanks for letting me know. I will definitely not make a new fresh compiled core xD

    - - - Updated - - -

    But yeah, I guess its still a good change since its much harder to hack with salting in the encryption. I think bruteforce is atleast impossible but i wonder if any account on any server has ever been hacked before. sha1 is a pretty weak encryption but its still better than md5 lol. But i have never heard about anyone who have had their account hacked on a private server using TrinityCore, Unless they are stupid enough to give out their password to someone

 

 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •