-
problema cookie
salve a tutti,
ho un grosso bug che purtroppo non riesco a correggere nel mio game.
in pratica ho scaricato una base di un game e mi sono accorto che ogni volta che provo a registrare un nuovo account mi dice che il nome esiste già e i cookie sono uguali ad un altro utente e di cancellarli.
ora, io ho provato a cambiare browser, cancellare cookie ( ma comunque i nick che metto sono tutti diversi) ma esce sempre questo errore.
per caso può dipendere da qualcosa questo bug ? perchè ho guardato veramente da tutte le parti ma non riesco a capire il problema ma soprattutto come può uscire questo errore anche perchè i codici sono quasi identici ad un'altra mia versione che non da l'errore però.
attendo qualche risposta ^^
-
Senza sapere la base del game da cui sei partito e le modifiche che hai fatto, è impossibile darti una mano.
Senza leggere i sorgenti potrebbe essere di tutto.
-
allora questo è il sistema di registrazione:
Codice PHP:
<?php
define('INSIDE' , TRUE);
define('INSTALL' , FALSE);
define('LOGIN' , TRUE);
define('XGP_ROOT', './');
$InLogin = TRUE;
include(XGP_ROOT . 'global.php');
includeLang('PUBLIC');
$parse = $lang;
function sendpassemail ( $emailaddress , $password )
{
global $lang;
$email = parsetemplate ( $lang['reg_mail_text_part1'] . $password . $lang['reg_mail_text_part2'] . GAMEURL , $parse );
$status = mymail ( $emailaddress , $lang['register_at'] . read_config ( 'game_name' ) , $email );
return $status;
}
function mymail ( $to , $title , $body , $from = '' )
{
$from = trim ( $from );
if ( !$from )
{
$from = ADMINEMAIL;
}
$rp = ADMINEMAIL;
$head = '';
$head .= "Content-Type: text/html \r\n";
$head .= "charset: UTF-8 \r\n";
$head .= "Date: " . date('r') . " \r\n";
$head .= "Return-Path: $rp \r\n";
$head .= "From: $from \r\n";
$head .= "Sender: $from \r\n";
$head .= "Reply-To: $from \r\n";
$head .= "Organization: $org \r\n";
$head .= "X-Sender: $from \r\n";
$head .= "X-Priority: 3 \r\n";
$body = str_replace ( "\r\n" , "\n" , $body );
$body = str_replace ( "\n" , "\r\n" , $body );
return mail ( $to , $title , $body , $head );
}
if ($_POST)
{
$errors = 0;
$errorlist = "";
$_POST['email'] = strip_tags($_POST['email']);
if (!valid_email($_POST['email']))
{
$errorlist .= $lang['invalid_mail_adress'];
$errors++;
}
if (!$_POST['character'])
{
$errorlist .= $lang['empty_user_field'];
$errors++;
}
if (strlen($_POST['passwrd']) < 4)
{
$errorlist .= $lang['password_lenght_error'];
$errors++;
}
if (preg_match("/[^A-z0-9_\-]/", $_POST['character']) == 1)
{
$errorlist .= $lang['user_field_no_alphanumeric'];
$errors++;
}
if ($_POST['rgt'] != 'on')
{
$errorlist .= $lang['terms_and_conditions'];
$errors++;
}
$ExistUser = doquery("SELECT `username` FROM {{table}} WHERE `username` = '" . mysql_escape_value($_POST['character']) . "' LIMIT 1;", 'users', TRUE);
if ($ExistUser)
{
$errorlist .= $lang['user_already_exists'];
$errors++;
}
$ExistMail = doquery("SELECT `email` FROM {{table}} WHERE `email` = '" . mysql_escape_value($_POST['email']) . "' LIMIT 1;", 'users', TRUE);
if ($ExistMail)
{
$errorlist .= $lang['mail_already_exists'];
$errors++;
}
if ($errors != 0)
{
message ($errorlist, "reg.php", "3", FALSE, FALSE);
}
else
{
$newpass = $_POST['passwrd'];
$UserName = $_POST['character'];
$UserEmail = $_POST['email'];
$md5newpass = md5($newpass);
$QryInsertUser = "INSERT INTO {{table}} SET ";
$QryInsertUser .= "`username` = '" . mysql_escape_value(strip_tags($UserName)) . "', ";
$QryInsertUser .= "`email` = '" . mysql_escape_value($UserEmail) . "', ";
$QryInsertUser .= "`email_2` = '" . mysql_escape_value($UserEmail) . "', ";
$QryInsertUser .= "`ip_at_reg` = '" . $_SERVER["REMOTE_ADDR"] . "', ";
$QryInsertUser .= "`user_agent` = '', ";
$QryInsertUser .= "`id_planet` = '0', ";
$QryInsertUser .= "`register_time` = '" . time() . "', ";
$QryInsertUser .= "`password`='" . $md5newpass . "';";
doquery($QryInsertUser, 'users');
$NewUser = doquery("SELECT `id` FROM {{table}} WHERE `username` = '" . mysql_escape_value($_POST['character']) . "' LIMIT 1;", 'users', TRUE);
$LastSettedGalaxyPos = read_config ( 'lastsettedgalaxypos' );
$LastSettedSystemPos = read_config ( 'lastsettedsystempos' );
$LastSettedPlanetPos = read_config ( 'lastsettedplanetpos' );
while (!isset($newpos_checked))
{
for ($Galaxy = $LastSettedGalaxyPos; $Galaxy <= MAX_GALAXY_IN_WORLD; $Galaxy++)
{
for ($System = $LastSettedSystemPos; $System <= MAX_SYSTEM_IN_GALAXY; $System++)
{
for ($Posit = $LastSettedPlanetPos; $Posit <= 4; $Posit++)
{
$Planet = round (rand (4, 12));
switch ($LastSettedPlanetPos)
{
case 1:
$LastSettedPlanetPos += 1;
break;
case 2:
$LastSettedPlanetPos += 1;
break;
case 3:
if ($LastSettedSystemPos == MAX_SYSTEM_IN_GALAXY)
{
$LastSettedGalaxyPos += 1;
$LastSettedSystemPos = 1;
$LastSettedPlanetPos = 1;
break;
}
else
{
$LastSettedPlanetPos = 1;
}
$LastSettedSystemPos += 1;
break;
}
break;
}
break;
}
break;
}
$QrySelectGalaxy = "SELECT * ";
$QrySelectGalaxy .= "FROM {{table}} ";
$QrySelectGalaxy .= "WHERE ";
$QrySelectGalaxy .= "`galaxy` = '" . $Galaxy . "' AND ";
$QrySelectGalaxy .= "`system` = '" . $System . "' AND ";
$QrySelectGalaxy .= "`planet` = '" . $Planet . "' ";
$QrySelectGalaxy .= "LIMIT 1;";
$GalaxyRow = doquery($QrySelectGalaxy, 'galaxy', TRUE);
if ($GalaxyRow["id_planet"] == "0")
{
$newpos_checked = TRUE;
}
if (!$GalaxyRow)
{
CreateOnePlanetRecord ($Galaxy, $System, $Planet, $NewUser['id'], '', TRUE);
$newpos_checked = TRUE;
}
if ($newpos_checked)
{
update_config ( 'lastsettedgalaxypos' , $LastSettedGalaxyPos );
update_config ( 'lastsettedsystempos' , $LastSettedSystemPos );
update_config ( 'lastsettedplanetpos' , $LastSettedPlanetPos );
}
}
$PlanetID = doquery("SELECT `id` FROM {{table}} WHERE `id_owner` = '". $NewUser['id'] ."' LIMIT 1;" , 'planets', TRUE);
$QryUpdateUser = "UPDATE {{table}} SET ";
$QryUpdateUser .= "`id_planet` = '" . $PlanetID['id'] . "', ";
$QryUpdateUser .= "`current_planet` = '" . $PlanetID['id'] . "', ";
$QryUpdateUser .= "`galaxy` = '" . $Galaxy . "', ";
$QryUpdateUser .= "`system` = '" . $System . "', ";
$QryUpdateUser .= "`planet` = '" . $Planet . "' ";
$QryUpdateUser .= "WHERE ";
$QryUpdateUser .= "`id` = '" . $NewUser['id'] . "' ";
$QryUpdateUser .= "LIMIT 1;";
doquery($QryUpdateUser, 'users');
$from = $lang['welcome_message_from'];
$subject = $lang['welcome_message_subject'];
$message = $lang['welcome_message_content'];
SendSimpleMessage ( $NewUser['id'] , 0 , '' , 5 , $from , $subject , $message );
@include('config.php');
$cookie = $NewUser['id'] . "/%/" . $UserName . "/%/" . md5($md5newpass . "--" . $dbsettings["secretword"]) . "/%/" . 0;
setcookie(read_config ( 'cookie_name' ), $cookie, 0, "/", "", 0);
unset($dbsettings);
header("location:game.php?page=overview");
}
}
else
{
$parse['year'] = date ( "Y" );
$parse['version'] = VERSION;
$parse['servername'] = read_config ( 'game_name' );
$parse['forum_url'] = read_config ( 'forum_url' );
display (parsetemplate(gettemplate('public/registry_form'), $parse), FALSE, '',FALSE, FALSE);
}
?>
-
e questi sono i codici dei cookie:
Codice PHP:
<?php
/**
* @project XG Proyect
* @version 2.10.x build 0000
* @copyright Copyright (C) 2008 - 2012
*/
if(!defined('INSIDE')){ die(header ( 'location:../../' ));}
class CheckSession
{
private function CheckCookies ($IsUserChecked)
{
global $lang;
$UserRow = array();
include(XGP_ROOT . 'config.php');
$game_cookie = read_config ( 'cookie_name' );
if (isset($_COOKIE[$game_cookie]))
{
$TheCookie = explode("/%/", $_COOKIE[$game_cookie]);
// START FIX BY JSTAR
$TheCookie = array_map ( 'mysql_escape_value' , $TheCookie );
// END FIX BY JSTAR
// BETTER QUERY BY JONAMIX REDUCE GENERAL QUERY FROM 10 TO 6 BETA TEST
$UserResult = doquery ( "SELECT u.*,usul.total_rank,
usul.total_points,
(SELECT COUNT(`message_id`) AS `new_message` FROM `{{table}}messages` WHERE `message_owner` = u.`id` AND `message_read` = 0) AS `new_message`
FROM {{table}}users AS u
INNER JOIN {{table}}statpoints AS usul ON usul.id_owner = u.id
WHERE (u.username = '".mysql_real_escape_string($TheCookie[1])."')
LIMIT 1;", '');
if (mysql_num_rows($UserResult) != 1)
{
message($lang['ccs_multiple_users'], XGP_ROOT, 5, FALSE, FALSE);
}
$UserRow = mysql_fetch_array($UserResult);
if ($UserRow["id"] != $TheCookie[0])
{
message($lang['ccs_other_user'], XGP_ROOT, 5, FALSE, FALSE);
}
if (md5($UserRow["password"] . "--" . $dbsettings["secretword"]) !== $TheCookie[2])
{
message($lang['css_different_password'], XGP_ROOT, 5, FALSE, FALSE);
}
$NextCookie = implode("/%/", $TheCookie);
if ($TheCookie[3] == 1)
{
$ExpireTime = time() + 31536000;
}
else
{
$ExpireTime = 0;
}
if ($IsUserChecked == FALSE)
{
setcookie ($game_cookie, $NextCookie, $ExpireTime, "/", "", 0);
}
$QryUpdateUser = "UPDATE {{table}} SET ";
$QryUpdateUser .= "`onlinetime` = '". time() ."', ";
$QryUpdateUser .= "`current_page` = '". mysql_escape_value(htmlspecialchars($_SERVER['REQUEST_URI'])) ."', ";
$QryUpdateUser .= "`user_lastip` = '". mysql_escape_value(htmlspecialchars($_SERVER['REMOTE_ADDR'])) ."', ";
$QryUpdateUser .= "`user_agent` = '". mysql_escape_value(htmlspecialchars($_SERVER['HTTP_USER_AGENT'])) ."' ";
$QryUpdateUser .= "WHERE ";
$QryUpdateUser .= "`id` = '". intval($TheCookie[0]) ."' LIMIT 1;";
doquery( $QryUpdateUser, 'users');
$IsUserChecked = TRUE;
}
unset($dbsettings);
$Return['state'] = $IsUserChecked;
$Return['record'] = $UserRow;
return $Return;
}
public function CheckUser($IsUserChecked)
{
global $user, $lang;
$Result = $this->CheckCookies($IsUserChecked);
$IsUserChecked = $Result['state'];
if ($Result['record'] != FALSE)
{
$user = $Result['record'];
if ($user['bana'] == 1)
{
die("<div align=\"center\"><h1>".$lang['css_account_banned_message']."</h1><br /> <strong>".$lang['css_account_banned_expire'].date("d-m-y H:i", $user['banaday'])."</strong></div>");
}
$RetValue['record'] = $user;
$RetValue['state'] = $IsUserChecked;
}
else
{
$RetValue['record'] = array();
$RetValue['state'] = FALSE;
header ( 'location:' . XGP_ROOT );
}
return $RetValue;
}
}
