I wanted the player to enter their ingame login and password, and if it matches with the login and password stored in the game database, then it would update the table with the new password.
I have a script working:
Code: Select all
<?php
include("config.php");
error_reporting ( E_PARSE );
if ('submit')
if (!eregi("^[a-zA-Z0-9]*$",$_POST['loginID'])) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (!eregi("^[a-zA-Z0-9]*$",$_POST['Password'])) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (!eregi("^[a-zA-Z0-9]*$",$_POST['Password2'])) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (!eregi("^[a-zA-Z0-9]*$",$_POST['NewPassword'])) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (!eregi("^[a-zA-Z0-9]*$",$_POST['NewPassword2'])) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (strlen($_POST['NewPassword']) > 16) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (strlen($_POST['NewPassword2']) > 16) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (strlen($_POST['loginID']) > 16) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (strlen($_POST['Password']) > 16) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
if (strlen($_POST['Password2']) > 16) {
echo "hack attempt by ". $_SERVER['REMOTE_ADDR'] . "!!!!";
exit;
}
$test = $_POST['test'];
if (isset($_POST['Create'])) {
if ($_POST['loginID'] > "" && $_POST['Password'] > "" && $_POST['Password2'] > "" && $_POST['NewPassword'] > "" && $_POST['NewPassword2'] > "" ) {
$validchars = "abcdefghijklmnopqrstuvwxyz0123456789@";
$valid = true;
for ($i = 0; $i < strlen($_POST['loginID']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['loginID'],$i,1))) === false){
$valid = false;
}
}
for ($i = 0; $i < strlen($_POST['Password']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['Password'],$i,1))) === false){
$valid = false;
}
}
for ($i = 0; $i < strlen($_POST['NewPassword']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['NewPassword'],$i,1))) === false){
$valid = false;
}
}
for ($i = 0; $i < strlen($_POST['NewPassword2']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['NewPassword2'],$i,1))) === false){
$valid = false;
}
}
if ($_POST['Password'] != $_POST['Password2']){
$valid=false;
}
if ($_POST['NewPassword'] != $_POST['NewPassword2']){
$valid=false;
}
if ($valid == true) {
$accquery = "UPDATE tblBillID set Password = '".$_POST['NewPassword']."' where BillID = '".$_POST['loginID']."' and Password = '".$_POST['Password']."'";
$accresult = odbc_exec($conn,$accquery);
odbc_close($conn);
echo "<b>Account Has Been Updated</b>";
exit;
}
if ($valid == false) {
echo "<b>Please type your information again, make sure it matches!</b>";}
}
}
?>
<script type="text/javascript">
<!--
var letters='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz '
var numbers='1234567890'
var custom='@.?'
function alpha(e,allow) {
var k;
k=document.all?parseInt(e.keyCode): parseInt(e.which);
return (allow.indexOf(String.fromCharCode(k))!=-1);
}
//form clear function
function clearDefault(el) {
if (el.defaultValue==el.value) el.value = ""
}
// -->
</script>
<form action="" method="post">
<table><tr><td>
Login:</td><td>
<input name="loginID" type="text" maxlength="14" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)"></td></tr>
<tr><td>
Password:</td><td>
<input name="Password" type="password" maxlength="28" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)"></td></tr>
<tr><td>
Retype Password:</td><td>
<input name="Password2" type="password" width="100" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)"></td></tr>
<tr><td>
New Password:</td><td>
<input name="NewPassword" type="text" maxlength="30" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)"></td></tr>
<tr><td>
Retype New Password:</td><td>
<input name="NewPassword2" type="text" width="100" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)"></td></tr>
<tr>
<td><input type="submit" name="Create" value="Update Account!"></td>
</tr>
</table>
</form>
Is there any way I can have it echo "Account has been updated" only if rows have been affected, or is there a better way I could achieve the same results that Im after.
Thanks