Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on Apr 29th, 2012  |  syntax: PHP  |  size: 1.48 KB  |  hits: 24  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2.  
  3.         $db = mysql_connect("wavemeup.ru", "t1ok", "t1ok") or die('Could not connect: ' . mysql_error());
  4.         mysql_select_db('game') or die('Could not select database');
  5.         function getid($login) {
  6. $res=mysql_query("SELECT * FROM users WHERE login='$login'");
  7. $user=mysql_fetch_assoc($res);
  8. $id=$user["id"];
  9. return $id;
  10. }
  11.  
  12.         // Strings must be escaped to prevent SQL injection attack.
  13.         $name = mysql_real_escape_string(@$_GET['name'], $db);
  14.         $pass = mysql_real_escape_string(@$_GET['pass'], $db);
  15.         $mail = mysql_real_escape_string(@$_GET['mail'],$db);
  16.         $hash = isset($_GET['hash']);
  17.         $secretKey="r1r2r3r4"; # Change this value to match the value stored in the client javascript below
  18.  
  19.         $real_hash = md5($name . $pass . $mail . $secretKey);
  20. $res=mysql_query( "SELECT * FROM users WHERE login='$name'");
  21. if (@mysql_num_rows($res)!=0) {
  22.  
  23. } else {
  24.  
  25.         if($real_hash == $hash) {
  26. $rlogin = md5($pass);
  27.             $query="INSERT INTO users (email,login,pass) VALUES ('$mail','$name','$rlogin');";
  28.             $result = mysql_query($query) or die('Query failed: ' . mysql_error());
  29.  
  30. $a=getid($name);
  31. echo $a;
  32. mysql_query("INSERT INTO events (type,user_id,text,when) VALUES ('reg','$a','<strong>$name</strong> присоединился к нам!', now())");
  33.             // Send variables for the MySQL database class.
  34. mysql_query("INSERT INTO profile (img) VALUES ('/profile/userpic.jpg')");
  35.         }
  36. }
  37. ?>
create a new version of this paste RAW Paste Data