can anyone solve my problem please

bijaybd

hello there ,

i am new to this nice forum . i need some help . i am running a wap chating site . in my registration page i found some 2 problems swich i can not fix.i am giving my codes here so if somebody can help me i will be really greatfull to him/her .

my problems :

1.In the registration page from normal mobile browser or computer the maxlength for username is 15 it works fine user can not register a nick more then 15 letters. but if a user use operamini he can register a nick with 5000+ letters and creating flood in room as big user name.

2.the second problem is i can't not fix the image varifcation code . which is sessson id or sesson code 4 digit code vefication it is not working fine.

so if somebody can help me i will be really great full.

i have postest all the details below : [if anything else needed please let me know]

registration page 1 = reg.php

<? include("../config/config.php"); ?>
<?php


if(isset($_POST['action']))
{
session_id("".$_POST['sid']."");
session_start();
}
else
{
session_start();
$number = rand(1000, 9999);
$_SESSION['code'] = $number;
}


$nocache = rand(1000, 9999);
header("Content-type: text/vnd.wap.wml; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\"\n \"http://www.wapforum.org/DTD/wml_1.2.xml\">\n";

echo "<wml>\n";
echo "<head>";
echo "<meta http-equiv=\"Cache-Control\" content=\"no-cache\"/>";
echo "</head>";

echo "<card title=\"Register\">";
echo "<p align=\"$align\">";

echo "<small>Username:</small><br/><input name=\"nimi\" type=\"text\" format=\"*x\" maxlength=\"15\" emptyok=\"true\"/><br/>";

echo "<small>Password:</small><br/><input name=\"salasana\" type=\"password\" format=\"*x\"  maxlength=\"20\" emptyok=\"true\"/><br/>";

echo "<small>Photo:</small><br/>";
echo "<input name=\"logo\" type=\"text\" value=\"http://\" maxlength=\"128\" emptyok=\"true\"/><br/>";

echo "<small>Real name:</small><br/>";
echo "<input name=\"name\" type=\"text\" value=\"\" maxlength=\"16\" emptyok=\"true\"/><br/>";

echo "<small>Age:</small><br/>";
echo "<input name=\"age\" type=\"text\" format=\"*N\" maxlength=\"2\" emptyok=\"true\"/><br/>";

echo "<small>Sex:</small><br/>";
echo "<select name=\"sex\" title=\"sex\"><option value=\"Male\">male</option><option value=\"Female\">female</option></select><br/>\n";

echo "<small>Location:</small><br/>";
echo "<input name=\"location\" type=\"text\" value=\"\" maxlength=\"25\" emptyok=\"true\"/><br/>";

echo "<small>Email:</small><br/>";
echo "<input name=\"email\" type=\"text\" value=\"@\" maxlength=\"50\" emptyok=\"true\"/><br/>";

echo "<img src=\"img.php?sid=".session_id()."\" alt=\"kartinka\"/><br/>\n";
echo "Type the code shown :<br/>\n";
echo "<input type=\"text\" name=\"ref\" maxlength=\"4\" value=\"\"/><br/>\n";

echo "<small><anchor>»Register";
echo "<go method=\"post\" href=\"reg2.php?$nocache\">";
echo "<postfield name=\"nimi\" value=\"$(nimi)\"/>";
echo "<postfield name=\"salasana\" value=\"$(salasana)\"/>";
echo "<postfield name=\"logo\" value=\"$(logo)\"/>";
echo "<postfield name=\"name\" value=\"$(name)\"/>";
echo "<postfield name=\"age\" value=\"$(age)\"/>";
echo "<postfield name=\"sex\" value=\"$(sex)\"/>";
echo "<postfield name=\"location\" value=\"$(location)\"/>";
echo "<postfield name=\"email\" value=\"$(email)\"/>";
echo "<postfield name=\"sid\" value=\"".session_id()."\"/>\n";
echo "</go>";

echo "</anchor><br/>";
echo "<a href=\"../index.php?time=".time()."\">«Back</a>";
echo "<br/>---<br/>$copyright</small>";             

echo "</p>";
echo "</card>";
echo "</wml>";
?>

sesson id = img.php

<?php
session_id("".$_GET['sid']."");
session_start();
	$string=rand(1000,10000);
	$_SESSION['ref'] = $string;
    Header("Content-type: image/gif");
    $im = ImageCreateFromGif("../images/img.gif");
    $orange = ImageColorAllocate($im, 0, 0, 0);
    $px = (imagesx($im)-7.5*strlen($string))/2;
    ImageString($im,3,$px,1,$string,$orange);
    ImageGif($im);
    ImageDestroy($im);
?>

bijaybd

registration page 2 reg2.php


<? include("../config/config.php"); ?>
<?php
$nocache = rand(1000, 9999);


header("Content-type: text/vnd.wap.wml");
header("display_errors=0");
echo "<?xml version=\"1.0\"?>";


echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\"
\"http://www.wapforum.org/DTD/wml_1.2.xml\">";

echo "<wml>";
echo "<card title=\"Creating account..\">";
echo "<p align=\"$align\">";


$nimi      = $_REQUEST['nimi'];
$salasana  = $_REQUEST['salasana'];
$logo      = $_REQUEST['logo'];
$name  = $_REQUEST['name'];
$age      = $_REQUEST['age'];
$sex  = $_REQUEST['sex'];
$location      = $_REQUEST['location'];
$signiture  = $_REQUEST['signiture'];
$site      = $_REQUEST['site'];
$email  = $_REQUEST['email'];

 $swe_from = array("","","","","","","$","&"); 
$swe_to = array("", "", "", "", "", "","[usd]","[and]"); 
$nimi = str_replace ("
", "enter", $nimi);
$nimi = str_replace ("_DEMOTED", "lol", $nimi);
$nimi = str_replace (" ", "sp", $nimi);
$nimi = str_replace ("", "sm", $nimi);
$nimi = str_replace ("@", "a", $nimi);
$nimi = str_replace ("[", "b", $nimi);
$nimi = str_replace ("]", "c", $nimi);
$nimi = str_replace ("©", "d", $nimi);
$nimi = str_replace ("{", "e", $nimi);
$nimi = str_replace ("}", "f", $nimi);
$nimi = str_replace ("(", "g", $nimi);
$nimi = str_replace (")", "h", $nimi);
$nimi = str_replace ("*", "i", $nimi);
$nimi = str_replace ("^", "j", $nimi);
$nimi = str_replace ("!", "k", $nimi);
$nimi = str_replace ("`", "l", $nimi);
$nimi = str_replace ("~", "m", $nimi);
$nimi = str_replace ("%", "n", $nimi);
$nimi = str_replace ("$", "o", $nimi);
$nimi = str_replace ("@", "p", $nimi);
$nimi = str_replace ("#", "q", $nimi);
$nimi = str_replace ("&", "r", $nimi);
$nimi = str_replace ("-", "s", $nimi);
$nimi = str_replace ("+", "t", $nimi);
$nimi = str_replace ("|", "u", $nimi);
$nimi = str_replace ("sinner", "v", $nimi);
$nimi = str_replace ("/", "w", $nimi);
$nimi = str_replace (";", "x", $nimi);
$nimi = str_replace (":", "y", $nimi);
$nimi = str_replace ("'", "z", $nimi);
$nimi = str_replace ("<", "ab", $nimi);
$nimi = str_replace (">", "ac", $nimi);
$nimi = str_replace (".", "ad", $nimi);
$nimi = str_replace ("bijay", "ae", $nimi);
$nimi = str_replace ("Â", "aw", $nimi);
$nimi = str_replace ("³", "af", $nimi);
$nimi = str_replace ("²", "ag", $nimi);
$nimi = str_replace ("¥", "aq", $nimi);
$nimi = str_replace ("â", "am", $nimi);
$nimi = str_replace ("¬", "an", $nimi);
$nimi = str_replace ("¤", "au", $nimi);
$nimi = str_replace ("£", "ap", $nimi);
$nimi = str_replace ("?", "wt", $nimi);
$nimi = str_replace ("§", "ww", $nimi);
$nimi = str_replace ("®", "aa", $nimi);
$nimi = str_replace ("å", "bb", $nimi);
$nimi = str_replace ("Ã", "cc", $nimi);
$nimi = str_replace ("ª", "dd", $nimi);
$nimi = str_replace ("Ä", "ee", $nimi);
$nimi = str_replace ("Á", "ff", $nimi);
$nimi = str_replace ("À", "gg", $nimi);
$nimi = str_replace ("ã", "hh", $nimi);
$nimi = str_replace ("ß", "ii", $nimi);
$nimi = str_replace ("Ç", "jj", $nimi);
$nimi = str_replace ("ç", "kk", $nimi);
$nimi = str_replace ("¢", "ll", $nimi);
$nimi = str_replace ("Ð", "mm", $nimi);
$nimi = str_replace ("ð", "nn", $nimi);
$nimi = str_replace ("í", "oo", $nimi);
$nimi = str_replace ("€", "pp", $nimi);
$nimi = str_replace ("£", "qq", $nimi);
$nimi = str_replace ("¿", "rr", $nimi);
$nimi = str_replace ("µ", "ss", $nimi);         

$nimi = str_replace ("¦", "tt", $nimi);
$nimi = str_replace ("Ø", "uu", $nimi);
$nimi = str_replace ("þ", "vv", $nimi);
$nimi = str_replace ("Õ", "w1", $nimi);
$nimi = str_replace ("Œ", "xx", $nimi);
$nimi = str_replace ("Æ", "yy", $nimi);
$nimi = str_replace ("æ", "zz", $nimi);
$nimi = str_replace ("™", "a1", $nimi);
$nimi = str_replace ("½", "a2", $nimi);
$nimi = str_replace ("¼", "a3", $nimi);
$nimi = str_replace ("¾", "a4", $nimi);
$nimi = str_replace ("»", "1", $nimi);
$nimi = str_replace ("«", "2", $nimi);
$nimi = str_replace ("±", "3", $nimi);
$nimi = str_replace ("¹", "4", $nimi);
$nimi = str_replace ("•", "5", $nimi);
$nimi = str_replace ("Ù", "6", $nimi);
$nimi = str_replace ("Û", "7", $nimi);
$nimi = str_replace ("ü", "8", $nimi);   









for ($t=0; $t<count($swe_from); $t++) 
{ 
$nimi = str_replace ($swe_from[$t], $swe_to[$t], $nimi); 
$salasana = str_replace ($swe_from[$t], $swe_to[$t], $salasana); 
} 

$nimi = strtolower($nimi);
$salasana = strtolower($salasana);
$salsan=file('../text/sals.txt');
$salnim=file('../text/nims.txt');
$salasanapieni=$salasana;

$logo = $_POST["logo"];
$name = $_POST["name"];
$age = $_POST["age"];
$sex = $_POST["sex"];
$location = $_POST["location"];
$signiture = $_POST["signiture"];
$site = $_POST["site"];
$email = $_POST["email"];
$number = intval($_POST['number']);

for ($u=0; $u<count($salnim); $u++) 
{ if (rtrim($salnim[$u])==$nimi){$nimi='';}}


if(($img == 1) && ($_POST['ref'] != $_SESSION['ref'])) $error .= "Captcha error!<br/>\n";
if($number != $_SESSION['code']) $error .= BAD_SID."<br/>\n";
if ($salasana !='' && $nimi !='') {
if ($logo=="http://" OR $logo==""){$logo="../images/logo.gif";}
if ($site=="" OR $site==""){$site="not set";}
if ($name==""){$name="not set";}
if ($email=="@" OR $email==""){$email="not set";}
if ($age==""){$age="not set";}
if ($sex==""){$sex="not set";}
if ($location==""){$location="not set";}
if ($signiture==""){$signiture="not set";}
$date = date("d/m/Y");

$member = "../members/$nimi.txt";
$membersinfo = fopen($member, "w+");
fwrite($membersinfo, $logo."\n");
fwrite($membersinfo, $name."\n");
fwrite($membersinfo, $age."\n");
fwrite($membersinfo, $sex."\n");
fwrite($membersinfo, $location."\n");
fwrite($membersinfo, $signiture."\n");
fwrite($membersinfo, $site."\n");
fwrite($membersinfo, $email);
fclose($membersinfo);

$tiedsal = fopen('../text/sals.txt', 'a');
$salasana = crypt($salasana,'password');
 $lissal=$salasana.'
';
   fputs($tiedsal, $lissal);
  fclose($tiedsal);

$tiednim= fopen('../text/nims.txt', 'a');
 $lisnim=$nimi.'
';
   fputs($tiednim, $lisnim);
  fclose($tiednim);

$tiednim= fopen('../text/profidate.txt', 'a');
 $lisnim="$nimi::$date::
";
   fputs($tiednim, $lisnim);
  fclose($tiednim);
}

if ($nimi !='') {echo "<small>Thank You For Register With Us.Your login infomations :<br/>";

echo "Username: ".$nimi."<br/>";

echo "Password: ".$salasanapieni."<br/>";

echo "<anchor>»Login\n";
echo "<go method=\"post\" href=\"rooms.php$nocache\">\n";
echo "<postfield name=\"nimi\" value=\"$(nimi)\"/>\n";
echo "<postfield name=\"salasana\" value=\"$(salasana)\"/>\n";
echo "</go>\n";
echo "</anchor><br/>\n";
echo "<a href=\"../index.php?time=".time()."\">«Back</a></small>";

$timezone;

$user = explode ('/', $HTTP_USER_AGENT);
$ip = ($REMOTE_ADDR);
$tie = fopen('../text/room1.txt', 'r+');
 $ko=file_get_contents ('../text/room1.txt');
  $to='<small><b><a href="pmuser.php?kenelle='.$nimi.'&amp;nimi=$nimi&amp;salasana=$salasana&amp;rank=0&amp;phone='.$user[0].'&amp;ip='.$ip.'">*</a></b>'.$nimi.' signed up at: '.$time.'</small><br/>
'. $ko;
  fputs($tie, $to);
  fclose($tie);
$tie = fopen('../text/room2.txt', 'r+');
 $ko=file_get_contents ('../text/room2.txt');
  $to='<small><b><a href="pmuser.php?kenelle='.$nimi.'&amp;nimi=$nimi&amp;salasana=$salasana&amp;rank=0&amp;phone='.$user[0].'&amp;ip='.$ip.'">*</a></b>'.$nimi.' signed up at: '.$time.'</small><br/>
'. $ko;
  fputs($tie, $to);
  fclose($tie);
$tie = fopen('../text/room3.txt', 'r+');
 $ko=file_get_contents ('../text/room3.txt');
  $to='<small><b><a href="pmuser.php?kenelle='.$nimi.'&amp;nimi=$nimi&amp;salasana=$salasana&amp;rank=0&amp;phone='.$user[0].'&amp;ip='.$ip.'">*</a></b>'.$nimi.' signed up at: '.$time.'</small><br/>
'. $ko;
  fputs($tie, $to);
  fclose($tie);
$tie = fopen('../text/room4.txt', 'r+');
 $ko=file_get_contents ('../text/room4.txt');
  $to='<small><b><a href="pmuser.php?kenelle='.$nimi.'&amp;nimi=$nimi&amp;salasana=$salasana&amp;rank=0&amp;phone='.$user[0].'&amp;ip='.$ip.'">*</a></b>'.$nimi.' signed up at: '.$time.'</small><br/>
'. $ko;
  fputs($tie, $to);
  fclose($tie);
}

if ($nimi =='') {echo "<small>sorry the requested username is already registered.<br/>Please try by another username.<br/>";
echo "<a href=\"luonti2.php?time=".time()."\">«Back</a></small>";
}
echo "<small><br/>---<br/>$copyright</small>";
echo "</p>";
echo "</card>";
echo "</wml>";
?>