<?
$lang = "en"; // default to "en" for English -- but later select lang from users table
if(@$COOKIE['lang']) {
$lang= $COOKIE['lang'];
}
// Enter your MySQL settings and $SITETITLE in this file
@include 'config_settings.php';
//removing 1st class security risk
if(file_exists('phaos.cfg')){
unlink('phaos.cfg');}
$connection = mysql_connect("host","user","password") or die ("Unable to connect to MySQL server.");
$db = mysql_select_db("db") or die ("Unable to select requested database.");
$query = "SELECT 1 FROM phaos_characters LIMIT 1";
$result = mysql_query($query);
if (!mysql_fetch_array($result)) {
die('Missing tables in the database - please import the structure and the data.');
}
// INITIAL SETUP
define('DEBUG',intval(@$COOKIE['debug']));
if(DEBUG){
error_reporting(E_ALL);
} else {
error_reporting(E_ERROR | E_PARSE);
}
$PHP_PHAOS_USER = @$COOKIE["PHP_PHAOS_USER"];
$PHP_PHAOS_PW = @$COOKIE["PHP_PHAOS_PW"];// for compatibility with old accounts
$PHP_PHAOS_MD5PW = @$_COOKIE["PHP_PHAOS_MD5PW"];
$PHP_ADMIN_USER = @$COOKIE["PHP_ADMIN_USER"];
$PHP_ADMIN_PW = @$COOKIE["PHP_ADMIN_PW"];// for compatibility with old accounts
$PHP_ADMIN_MD5PW = @$_COOKIE["PHP_ADMIN_MD5PW"];
// FIXME: security hole
foreach($GET as $key=>$value) {
$$key = get_magic_quotes_gpc() ? $value : addslashes($value);
}
foreach($POST as $key=>$value) {
$$key = get_magic_quotes_gpc() ? $value : addslashes($value);
}
// Additional Security Check
unset($PHP_PHAOS_CHARID);
unset($PHP_PHAOS_CHAR);
$auth = false;
if(@$PHP_PHAOS_USER && ((@$PHP_PHAOS_MD5PW)||(@$PHP_PHAOS_PW)) ) {
if(@$PHP_PHAOS_MD5PW){
$query = "SELECT * FROM phaos_users WHERE username = '$PHP_PHAOS_USER' AND password = '$PHP_PHAOS_MD5PW'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
}
if(!@$row){
$PHP_PHAOS_MD5PW= md5(@$PHP_PHAOS_PW);
$query = "SELECT * FROM phaos_users WHERE username = '$PHP_PHAOS_USER' AND password = '$PHP_PHAOS_MD5PW'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
}
if ($row) {
$auth = true;
$lang = $row['lang'];
$result = mysql_query("SELECT * FROM phaos_characters WHERE username = '$PHP_PHAOS_USER'");
if ($row = mysql_fetch_array($result)) {
$PHP_PHAOS_CHARID = $row['id'];
$PHP_PHAOS_CHAR = $row['name'];
} else {
$PHP_PHAOS_CHARID=0;
}
if(defined('AUTH')){
setcookie("PHP_PHAOS_USER",$PHP_PHAOS_USER,time()+17280); // ( REMEMBERS USER NAME FOR 200 DAYS )
setcookie("PHP_PHAOS_MD5PW",$PHP_PHAOS_MD5PW,time()+17280); // ( REMEMBERS USER PASSWORD FOR 2 DAYS )
setcookie('lang',$lang,time()+17280000); // ( REMEMBERS LANGUAGE FOR 200 DAYS )
setcookie("PHP_PHAOS_PW",0,time()-3600); // remove cookie used in version 0.88
if($GET[play_music] == "YES") {
$play_music = $GET[play_music];
setcookie("play_music",$play_music,time()+17280000);
} elseif($GET[play_music] == "NO") {
$play_music = $GET[play_music];
setcookie("play_music",$play_music,time()+17280000);
} elseif($GET[play_music] == "") {
$play_music = $COOKIE[play_music];
setcookie("play_music",$play_music,time()+17280000);
}
}
} else {
please_register(true);
}
} else {
please_register();
}
function please_register($badpass=false){
if($badpass){
?><p style="background:black"><p><center><?
?><hr width="10%"><font size=+1 color=red>Bad User Name or Password</font></p><hr width="10%"><?php
?><p>If you do not already have a character, please Register first!<br><?php
?></center><?php
}
if(!defined('AUTH')){
//unset these values just in case someone decides to remove the 'exit'
unset($_COOKIE["PHP_PHAOS_USER"]);
unset($GLOBALS['PHP_PHAOS_USER']);
unset($GLOBALS['PHP_PHAOS_CHAR']);
unset($GLOBALS['PHP_PHAOS_CHARID']);
// Commented out because admin login wasn't working....please fix
// exit;
}
}
?>
and the logout.php script
<?
include "config.php";
include_once 'include_lang.php';
// BEGIN BLANK COOKIE VARS ( SETS COOKIE VARS TO BLANK )
setcookie("PHP_PHAOS_PW",$PHP_PHAOS_PW,time()-17280);
setcookie("PHP_PHAOS_MD5PW",$PHP_PHAOS_PW,time()-17280);
unset ($PHP_PHAOS_USER, $PHP_PHAOS_PW, $PHP_PHAOS_MD5PW, $PHP_PHAOS_CHARID, $PHP_PHAOS_CHAR);
// END BLANK COOKIE VARS
?>
<html>
<head>
<title>world at war</title>
<link rel=stylesheet type=text/css href=styles/phaos.css>
<meta http-equiv="refresh" content="0;URL=index.php">
</head>
<body bottommargin="0" rightmargin="0" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align=center valign=middle height="100%" width="100%">
<table border="0" cellspacing="1" cellpadding="0">
<tr>
<td colspan="2" align=center>
<img src="images/top_logo.png">
</td>
</tr>
<tr>
<td colspan="2" align=center>
<? echo $lang_aup["no_long"]; ?>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
and the error
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@wcraftemu.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
so please help me and my developer with that script bacuse we just cant make it to work.and my developer just checked everyting he saying its right.so were just dont know what to do now.
