I have the following code
<?php session_start();
require_once('Connections/conn_sd.php');
if (!$_SESSION['loged'] == 'yes') {
$hacker = "True";
}
if ($hacker) {
echo "<center><font color='white'> Nice Try, But you do not have access to this Area/File Please Login as a Administrator.";
}
if ($_SESSION['user_level'] == 10) {
if (!$hacker) {
?>
<?php require_once('Connections/conn_sd.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO tbl_member (member_id, member_email, member_irc, member_x, member_y, member_z, username, password, user_level, activated) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($HTTP_POST_VARS['member_id'], "int"),
GetSQLValueString($HTTP_POST_VARS['member_email'], "text"),
GetSQLValueString($HTTP_POST_VARS['member_irc'], "text"),
GetSQLValueString($HTTP_POST_VARS['member_x'], "text"),
GetSQLValueString($HTTP_POST_VARS['member_y'], "text"),
GetSQLValueString($HTTP_POST_VARS['member_z'], "text"),
GetSQLValueString($HTTP_POST_VARS['username'], "text"),
GetSQLValueString($HTTP_POST_VARS['password'], "text"),
GetSQLValueString($HTTP_POST_VARS['user_level'], "int"),
GetSQLValueString($HTTP_POST_VARS['activated'], "int"));
mysql_select_db($database_conn_sd, $conn_sd);
$Result1 = mysql_query($insertSQL, $conn_sd) or die(mysql_error());
$insertGoTo = "denied.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
$colname_rs_accepted = "1";
if (isset($HTTP_GET_VARS['app_id'])) {
$colname_rs_accepted = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['app_id'] : addslashes($HTTP_GET_VARS['app_id']);
}
mysql_select_db($database_conn_sd, $conn_sd);
$query_rs_accepted = sprintf("SELECT * FROM tbl_application WHERE app_id = %s", $colname_rs_accepted);
$rs_accepted = mysql_query($query_rs_accepted, $conn_sd) or die(mysql_error());
$row_rs_accepted = mysql_fetch_assoc($rs_accepted);
$totalRows_rs_accepted = mysql_num_rows($rs_accepted);
?>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#000000" text="#FFFFFF" link="#FFFFFF" vlink="#FFFFFF" alink="#FFFFFF">
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">
<td nowrap align="right">User_level:</td>
<td> <select name="user_level">
<option value="1" >Member</option>
<option value="0" >unactivated</option>
<option value="10" >Techy</option>
</select> </td>
</tr>
<tr><td>Password</td>
<td>
<input type="textfield" name="password" value="">
</td></tr>
<tr valign="baseline">
<td nowrap align="right">Activated:</td>
<td> <select name="activated">
<option value="1" >yes</option>
<option value="0" >no</option>
</select> </td>
</tr>
<tr valign="baseline">
<td nowrap align="right"> </td>
<td><input type="submit" value="Insert Record"></td>
</tr>
</table>
<input type="hidden" name="member_id" value="0">
<input type="hidden" name="member_email" value="<?php echo $row_rs_accepted['app_email']; ?>">
<input type="hidden" name="member_irc" value="<?php echo $row_rs_accepted['app_irc']; ?>">
<input type="hidden" name="member_x" value="<?php echo $row_rs_accepted['app_x']; ?>">
<input type="hidden" name="member_y" value="<?php echo $row_rs_accepted['app_y']; ?>">
<input type="hidden" name="member_z" value="<?php echo $row_rs_accepted['app_z']; ?>">
<input type="hidden" name="username" value="<?php echo $row_rs_accepted['app_username']; ?>">
<input type="hidden" name="MM_insert" value="form1">
</form>
<p> </p>
</body>
</html>
<?php
$message = "Hi there,
Your personal account for the Abattoir
has been created.
To log in, proceed to the
following address:
[url]http://www.abattoirhq.com/[/url]
Your personal login ID and password are as
follows:
username: $username
password: $password
Your account has now been accepted
To login to Abattoir our bot, which gives you access to the irc channel #rocka, use the following command:
/msg Abattoir login <username> <password>
so yours would be
/msg Abattoir login $username $password
This is VERY IMPORTANT!
If you have any problems, feel free to contact me at
<almighty@abattoirhq.com>.
-Almighty
Abattoir Technical Division
";
mail($member_email,"Your Password for Abattoir",
$message, "From:Almighty <almighty@abattoirhq.com>");
?>
<?php
mysql_free_result($rs_accepted);
}
}
?>
The problem is, is that instead of quoting the members username (in the email) it quotes the person logged in at that time.
So if Jim was adding a person the applicant would get an email saying
Username : Jim
Password : <correct password>
Obviously i would want them to recieve their username which is stored in the
<input type="hidden" name="username" value="<?php echo $row_rs_accepted['app_username']; ?>">
Any ideas?
