Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
twinjet
New Member
New Member


Joined: Jan 17, 2005
Posts: 22

PostPosted: Mon Jan 24, 2005 3:11 am Reply with quote

I almost dont know anything so i dont know if its secure or anything but can you please tell me:

1.- How can only registered users open this module and if they are not registered to give them the same message that comes out when trying to post in forums and you are not registered?
2.- Secure a little my code.

Join Module

index.php
Code:


<?php
if (!eregi("modules.php", $_SERVER['PHP_SELF']))
{
die ("You can't access this file directly...");
}

if(!IsSet($mainfile)) { include ("mainfile.php"); }
$index=0;
$theme="fiblack";

$go_to_address=rawurldecode($go_to_address1);
include("header.php");
OpenTable();
echo "<iframe SRC=\"http://www.mysite.com/modules/Join/join.php".$go_to_address."\" width=\"100%\" height=\"550\" framespacing=0 frameborder=no border=0 scrolling=auto></iframe>"; 
CloseTable();
include("footer.php");
die;
?>


join.php
Code:


<?php
echo '<html>
<link rel="STYLESHEET" type="text/css" href="style/style.css">
<form action="http://mysite.com/v-cgi/forms.cgi"
      enctype="application/x-www-form-urlencoded"
      method="post">
<table>  <tr>
    <th></th>
  <tr>
    <th align="right" class="storytitle">
     How they called you in the real world?&nbsp;
    </th>
    <td>
      <input type="text" name="real_name"  size="60" />
    </td>
  </tr>
      <td>
      <th align="center">
     <input type="submit" name="Form_Submit" value="Submit Form" />
    </td>
  </tr>
</table>
<input type="hidden" name="_vDeckformid" value="358" />
</p>
</form>
</body>
</html>';
?>


After they submit the form the formmail takes them to a specified page in this case:

thx.php
Code:


<?php
echo '<html>
<body bgcolor="#303030" text="#D2A900">
<b>Your submited form was succesfully received!<br></b>
<br>
We will contact you ASAP.
<br>
<br>
<br>
</body>
</html>';
?>
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon Jan 24, 2005 8:45 am Reply with quote

You should be able to set the view of the module when you are in the modules admin area by clicking on the edit link for the module. You could add something directly in the page too. Put something like this just below the include mainfile line. I would change that line to the standard require_once("mainfile.php"); it will do the same thing the like you have now does.
Code:


if(!is_user($user)) {
echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=account.html\">";
$pagetitle = "Registered Users Only";
include("header.php");
echo "message you want to send here";
include("footer.php");
}

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
twinjet
PostPosted: Mon Jan 24, 2005 12:26 pm Reply with quote

What a noob i am, thx a lot sixonetonoffun, i forgot you could set that up in the modules section.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©