problema cookie

salve a tutti,
ho un grosso bug che purtroppo non riesco a correggere nel mio game.
in pratica ho scaricato una base di un game e mi sono accorto che ogni volta che provo a registrare un nuovo account mi dice che il nome esiste già e i cookie sono uguali ad un altro utente e di cancellarli.

ora, io ho provato a cambiare browser, cancellare cookie ( ma comunque i nick che metto sono tutti diversi) ma esce sempre questo errore.

per caso può dipendere da qualcosa questo bug ? perchè ho guardato veramente da tutte le parti ma non riesco a capire il problema ma soprattutto come può uscire questo errore anche perchè i codici sono quasi identici ad un'altra mia versione che non da l'errore però.

attendo qualche risposta ^^

Senza sapere la base del game da cui sei partito e le modifiche che hai fatto, è impossibile darti una mano.
Senza leggere i sorgenti potrebbe essere di tutto.

allora questo è il sistema di registrazione:

Codice PHP:

<?php

define('INSIDE' , TRUE);
define('INSTALL' , FALSE);
define('LOGIN' , TRUE);
define('XGP_ROOT', './');

$InLogin = TRUE;

include(XGP_ROOT . 'global.php');

includeLang('PUBLIC');

$parse = $lang;

function sendpassemail ( $emailaddress , $password )
{
global $lang;

$email = parsetemplate ( $lang['reg_mail_text_part1'] . $password . $lang['reg_mail_text_part2'] . GAMEURL , $parse );
$status = mymail ( $emailaddress , $lang['register_at'] . read_config ( 'game_name' ) , $email );

return $status;
}

function mymail ( $to , $title , $body , $from = '' )
{
$from = trim ( $from );

if ( !$from )
{
$from = ADMINEMAIL;
}

$rp = ADMINEMAIL;

$head = '';
$head .= "Content-Type: text/html \r\n";
$head .= "charset: UTF-8 \r\n";
$head .= "Date: " . date('r') . " \r\n";
$head .= "Return-Path: $rp \r\n";
$head .= "From: $from \r\n";
$head .= "Sender: $from \r\n";
$head .= "Reply-To: $from \r\n";
$head .= "Organization: $org \r\n";
$head .= "X-Sender: $from \r\n";
$head .= "X-Priority: 3 \r\n";
$body = str_replace ( "\r\n" , "\n" , $body );
$body = str_replace ( "\n" , "\r\n" , $body );

return mail ( $to , $title , $body , $head );
}

if ($_POST)
{
$errors = 0;
$errorlist = "";

$_POST['email'] = strip_tags($_POST['email']);

if (!valid_email($_POST['email']))
{
$errorlist .= $lang['invalid_mail_adress'];
$errors++;
}

if (!$_POST['character'])
{
$errorlist .= $lang['empty_user_field'];
$errors++;
}

if (strlen($_POST['passwrd']) < 4)
{
$errorlist .= $lang['password_lenght_error'];
$errors++;
}

if (preg_match("/[^A-z0-9_\-]/", $_POST['character']) == 1)
{
$errorlist .= $lang['user_field_no_alphanumeric'];
$errors++;
}

if ($_POST['rgt'] != 'on')
{
$errorlist .= $lang['terms_and_conditions'];
$errors++;
}

$ExistUser = doquery("SELECT `username` FROM {{table}} WHERE `username` = '" . mysql_escape_value($_POST['character']) . "' LIMIT 1;", 'users', TRUE);
if ($ExistUser)
{
$errorlist .= $lang['user_already_exists'];
$errors++;
}

$ExistMail = doquery("SELECT `email` FROM {{table}} WHERE `email` = '" . mysql_escape_value($_POST['email']) . "' LIMIT 1;", 'users', TRUE);
if ($ExistMail)
{
$errorlist .= $lang['mail_already_exists'];
$errors++;
}

if ($errors != 0)
{
message ($errorlist, "reg.php", "3", FALSE, FALSE);
}
else
{
$newpass = $_POST['passwrd'];
$UserName = $_POST['character'];
$UserEmail = $_POST['email'];
$md5newpass = md5($newpass);

$QryInsertUser = "INSERT INTO {{table}} SET ";
$QryInsertUser .= "`username` = '" . mysql_escape_value(strip_tags($UserName)) . "', ";
$QryInsertUser .= "`email` = '" . mysql_escape_value($UserEmail) . "', ";
$QryInsertUser .= "`email_2` = '" . mysql_escape_value($UserEmail) . "', ";
$QryInsertUser .= "`ip_at_reg` = '" . $_SERVER["REMOTE_ADDR"] . "', ";
$QryInsertUser .= "`user_agent` = '', ";
$QryInsertUser .= "`id_planet` = '0', ";
$QryInsertUser .= "`register_time` = '" . time() . "', ";

$QryInsertUser .= "`password`='" . $md5newpass . "';";
doquery($QryInsertUser, 'users');

$NewUser = doquery("SELECT `id` FROM {{table}} WHERE `username` = '" . mysql_escape_value($_POST['character']) . "' LIMIT 1;", 'users', TRUE);

$LastSettedGalaxyPos = read_config ( 'lastsettedgalaxypos' );
$LastSettedSystemPos = read_config ( 'lastsettedsystempos' );
$LastSettedPlanetPos = read_config ( 'lastsettedplanetpos' );

while (!isset($newpos_checked))
{
for ($Galaxy = $LastSettedGalaxyPos; $Galaxy <= MAX_GALAXY_IN_WORLD; $Galaxy++)
{
for ($System = $LastSettedSystemPos; $System <= MAX_SYSTEM_IN_GALAXY; $System++)
{
for ($Posit = $LastSettedPlanetPos; $Posit <= 4; $Posit++)
{
$Planet = round (rand (4, 12));

switch ($LastSettedPlanetPos)
{
case 1:
$LastSettedPlanetPos += 1;
break;
case 2:
$LastSettedPlanetPos += 1;
break;
case 3:
if ($LastSettedSystemPos == MAX_SYSTEM_IN_GALAXY)
{
$LastSettedGalaxyPos += 1;
$LastSettedSystemPos = 1;
$LastSettedPlanetPos = 1;
break;
}
else
{
$LastSettedPlanetPos = 1;
}

$LastSettedSystemPos += 1;
break;
}
break;
}
break;
}
break;
}

$QrySelectGalaxy = "SELECT * ";
$QrySelectGalaxy .= "FROM {{table}} ";
$QrySelectGalaxy .= "WHERE ";
$QrySelectGalaxy .= "`galaxy` = '" . $Galaxy . "' AND ";
$QrySelectGalaxy .= "`system` = '" . $System . "' AND ";
$QrySelectGalaxy .= "`planet` = '" . $Planet . "' ";
$QrySelectGalaxy .= "LIMIT 1;";
$GalaxyRow = doquery($QrySelectGalaxy, 'galaxy', TRUE);

if ($GalaxyRow["id_planet"] == "0")
{
$newpos_checked = TRUE;
}

if (!$GalaxyRow)
{
CreateOnePlanetRecord ($Galaxy, $System, $Planet, $NewUser['id'], '', TRUE);
$newpos_checked = TRUE;
}

if ($newpos_checked)
{
update_config ( 'lastsettedgalaxypos' , $LastSettedGalaxyPos );
update_config ( 'lastsettedsystempos' , $LastSettedSystemPos );
update_config ( 'lastsettedplanetpos' , $LastSettedPlanetPos );
}
}
$PlanetID = doquery("SELECT `id` FROM {{table}} WHERE `id_owner` = '". $NewUser['id'] ."' LIMIT 1;" , 'planets', TRUE);

$QryUpdateUser = "UPDATE {{table}} SET ";
$QryUpdateUser .= "`id_planet` = '" . $PlanetID['id'] . "', ";
$QryUpdateUser .= "`current_planet` = '" . $PlanetID['id'] . "', ";
$QryUpdateUser .= "`galaxy` = '" . $Galaxy . "', ";
$QryUpdateUser .= "`system` = '" . $System . "', ";
$QryUpdateUser .= "`planet` = '" . $Planet . "' ";
$QryUpdateUser .= "WHERE ";
$QryUpdateUser .= "`id` = '" . $NewUser['id'] . "' ";
$QryUpdateUser .= "LIMIT 1;";
doquery($QryUpdateUser, 'users');

$from = $lang['welcome_message_from'];
$subject = $lang['welcome_message_subject'];
$message = $lang['welcome_message_content'];

SendSimpleMessage ( $NewUser['id'] , 0 , '' , 5 , $from , $subject , $message );

@include('config.php');
$cookie = $NewUser['id'] . "/%/" . $UserName . "/%/" . md5($md5newpass . "--" . $dbsettings["secretword"]) . "/%/" . 0;
setcookie(read_config ( 'cookie_name' ), $cookie, 0, "/", "", 0);

unset($dbsettings);

header("location:game.php?page=overview");
}
}
else
{
$parse['year'] = date ( "Y" );
$parse['version'] = VERSION;
$parse['servername'] = read_config ( 'game_name' );
$parse['forum_url'] = read_config ( 'forum_url' );
display (parsetemplate(gettemplate('public/registry_form'), $parse), FALSE, '',FALSE, FALSE);
}
?>

e questi sono i codici dei cookie:

Codice PHP:

<?php

/**
* @project XG Proyect
* @version 2.10.x build 0000
* @copyright Copyright (C) 2008 - 2012
*/

if(!defined('INSIDE')){ die(header ( 'location:../../' ));}

class CheckSession
{
private function CheckCookies ($IsUserChecked)
{
global $lang;

$UserRow = array();

include(XGP_ROOT . 'config.php');

$game_cookie = read_config ( 'cookie_name' );

if (isset($_COOKIE[$game_cookie]))
{
$TheCookie = explode("/%/", $_COOKIE[$game_cookie]);

// START FIX BY JSTAR
$TheCookie = array_map ( 'mysql_escape_value' , $TheCookie );
// END FIX BY JSTAR

// BETTER QUERY BY JONAMIX REDUCE GENERAL QUERY FROM 10 TO 6 BETA TEST
$UserResult = doquery ( "SELECT u.*,usul.total_rank,
usul.total_points,
(SELECT COUNT(`message_id`) AS `new_message` FROM `{{table}}messages` WHERE `message_owner` = u.`id` AND `message_read` = 0) AS `new_message`
FROM {{table}}users AS u
INNER JOIN {{table}}statpoints AS usul ON usul.id_owner = u.id
WHERE (u.username = '".mysql_real_escape_string($TheCookie[1])."')
LIMIT 1;", '');

if (mysql_num_rows($UserResult) != 1)
{
message($lang['ccs_multiple_users'], XGP_ROOT, 5, FALSE, FALSE);
}

$UserRow = mysql_fetch_array($UserResult);

if ($UserRow["id"] != $TheCookie[0])
{
message($lang['ccs_other_user'], XGP_ROOT, 5, FALSE, FALSE);
}

if (md5($UserRow["password"] . "--" . $dbsettings["secretword"]) !== $TheCookie[2])
{
message($lang['css_different_password'], XGP_ROOT, 5, FALSE, FALSE);
}

$NextCookie = implode("/%/", $TheCookie);

if ($TheCookie[3] == 1)
{
$ExpireTime = time() + 31536000;
}
else
{
$ExpireTime = 0;
}

if ($IsUserChecked == FALSE)
{
setcookie ($game_cookie, $NextCookie, $ExpireTime, "/", "", 0);
}

$QryUpdateUser = "UPDATE {{table}} SET ";
$QryUpdateUser .= "`onlinetime` = '". time() ."', ";
$QryUpdateUser .= "`current_page` = '". mysql_escape_value(htmlspecialchars($_SERVER['REQUEST_URI'])) ."', ";
$QryUpdateUser .= "`user_lastip` = '". mysql_escape_value(htmlspecialchars($_SERVER['REMOTE_ADDR'])) ."', ";
$QryUpdateUser .= "`user_agent` = '". mysql_escape_value(htmlspecialchars($_SERVER['HTTP_USER_AGENT'])) ."' ";
$QryUpdateUser .= "WHERE ";
$QryUpdateUser .= "`id` = '". intval($TheCookie[0]) ."' LIMIT 1;";
doquery( $QryUpdateUser, 'users');

$IsUserChecked = TRUE;
}

unset($dbsettings);

$Return['state'] = $IsUserChecked;
$Return['record'] = $UserRow;

return $Return;
}

public function CheckUser($IsUserChecked)
{
global $user, $lang;

$Result = $this->CheckCookies($IsUserChecked);
$IsUserChecked = $Result['state'];

if ($Result['record'] != FALSE)
{
$user = $Result['record'];

if ($user['bana'] == 1)
{
die("<div align=\"center\"><h1>".$lang['css_account_banned_message']."</h1><br /> <strong>".$lang['css_account_banned_expire'].date("d-m-y H:i", $user['banaday'])."</strong></div>");
}

$RetValue['record'] = $user;
$RetValue['state'] = $IsUserChecked;
}
else
{
$RetValue['record'] = array();
$RetValue['state'] = FALSE;
header ( 'location:' . XGP_ROOT );
}

return $RetValue;
}
}