Salve a tutti!
HO UN PROBLEMA ESISTENZIALE CON IL MIO SITO
Ho installato un sito di surf su altervista, tutto ok sul lato admin, ma non mi fa effettuare l'accesso come utente (ne ho registrati 3 ma al momento del login mi da l'errore):
In particolare quando effettuo il login da utente nella barra degli indirizzi del browser si evidenzia questo link http://www.catturavisite.altervista....h8rf0ud92211u6 e successivamente mi dice File Doesn't Exist (sembrerebbe un problema della sessione) non permettendomi di entrare sul sito.
Potrebbe dipendere da questo codice che si trova sul file HEADFOOT?
Vi ringrazio anticipatamentecodice:} function file_reader($fileurl) { $fileurl = $_SERVER['DOCUMENT_ROOT'] . $fileurl; $file = fopen($fileurl,'r') or die("File Doesn't Exist"); $contents = fread($file,filesize($fileurl)); fclose($file); return $contents;
Dario
I files interessati sembrerebbero
INDEX PHP - VARS.PHP (che non posto ADESSO perchè raggiungerei il massimo di caratteri consentiti da questo form) MEM_AUT.PHP - HEADFOOT.PHP - ACTIVATE.PHP
MEM_AUT.PHP
HEADFOOT.PHPcodice:<?php session_start(); session_destroy(); session_start(); include("../vars.php"); mysql_connect($db_host, $db_user, $db_pwd); mysql_select_db($db_name); if ($_POST['form'] == 'sent') { if (trim($_POST['email']) == "" || trim($_POST['passwd']) == "") { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><font face=\"$fontface\" color=\"red\"><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">Login details cannot be blank!</span></font></body></html>"); $_SESSION = array(); session_destroy(); mysql_close; exit; } elseif (ereg('@', trim($_POST['email']))) { $_SESSION['sess_name'] = trim($_POST['email']); $_SESSION['sess_passwd'] = md5(trim($_POST['passwd'])); header("Location: $self_url" . "members/?".session_name() . "=" . session_id()); mysql_close; exit; } elseif (is_numeric(trim($_POST['email']))) { $res = mysql_query("select * from user where id='" . trim($_POST['email']) . "' && passwd='".trim($_POST['passwd'])."'"); if (mysql_num_rows($res) != 0) { $_SESSION['sess_name'] = mysql_result($res, 0, "email"); $_SESSION['sess_passwd'] = md5(trim($_POST['passwd'])); header("Location: $self_url" . "members/?".session_name() . "=" . session_id()); mysql_close; exit; } else { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><font face=\"$fontface\" color=\"red\"><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">Invalid login details!</span></font></body></html>"); $_SESSION = array(); session_destroy(); mysql_close; exit; } } else { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><font face=\"$fontface\" color=\"red\"><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">Invalid login details!</span></font></body></html>"); $_SESSION = array(); session_destroy(); mysql_close; exit; } } else { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><font face=\"$fontface\" color=\"red\"><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">You are not authorized to view this area!</span></font></body></html>"); $_SESSION = array(); session_destroy(); mysql_close; exit; } ?>
codice:<?php function get_main_content() { $mncontent = @mysql_result(@mysql_query("select content from html where type='1page'"), 0); echo($mncontent); } function uheader() { global $m_header, $ref; include($m_header); } function ufooter() { global $m_footer, $ref; include($m_footer); } function secheader() { global $mem_header, $usrid; include($mem_header); } function members_main_menu() { global $title, $fontface, $server_clock, $usrid; $s_vals = file_reader("/memlinks.html"); $s_vals = str_replace('[show_server_time]', $server_clock, $s_vals); $s_vals = str_replace('[session_name]', session_name(), $s_vals); $s_vals = str_replace('[session_id]', session_id(), $s_vals); echo($s_vals); } function secfooter() { global $mem_footer, $usrid; include($mem_footer); } function file_reader($fileurl) { $fileurl = $_SERVER['DOCUMENT_ROOT'] . $fileurl; $file = fopen($fileurl,'r') or die("File Doesn't Exist"); $contents = fread($file,filesize($fileurl)); fclose($file); return $contents; } function checkPTCdata($dateis) { @mysql_query("UPDATE ptc_orders SET date_done='$dateis' WHERE clicks_remain=0 && date_done='0000-00-00'"); return; } function text() { $res = mysql_query("select text from tads order by rand() limit 1"); if (mysql_num_rows($res) > 0) { $text = mysql_result($res, 0); echo("<p align=center>$text</p>"); } @mysql_free_result($res); } function get_referral($vid) { $query = "select ref_id from member_refs where mem_id=$vid"; if ($res = mysql_query($query)) { if ($res1 = mysql_fetch_array($res)) { return $res1[0]; } } @mysql_free_result($res); } function credit_ref_bonuses($par_id) { for ($i=0; $i < count($par_id); $i++) { $get_ref_data = mysql_query("SELECT acctype FROM user WHERE id=$par_id[$i] && status='Active'"); if (mysql_num_rows($get_ref_data) != 0) { $refacc = mysql_result($get_ref_data, 0); $get_bonuses = mysql_result(mysql_query("SELECT rbonuses FROM acctype WHERE id=$refacc"), 0); $bonuses = explode(",", $get_bonuses); $givebonus = $bonuses[$i]; if (!is_numeric($givebonus)) {$givebonus = 0; } @mysql_query("UPDATE user SET credits=credits+$givebonus, rbon_credits=rbon_credits+$givebonus, lifetime_credits=lifetime_credits+$givebonus WHERE id=$par_id[$i]"); @mysql_query("update adminprops set value=value-$givebonus where field='surplu'"); } @mysql_free_result($get_ref_data); } } function get_ref_levels($mid,$z) { global $tier; $squery = "select count(*),mem_id from member_refs where ref_id in ($mid) group by mem_id"; if ($res = mysql_query($squery)) { $tier[$z] = mysql_num_rows($res); $res = mysql_fetch_array($res); $mquery = "select mem_id from member_refs where ref_id in ($mid)"; if ($resultx = mysql_query($mquery)) { $z = 1; while ($rsvz = mysql_fetch_array($resultx)){ $rr_id[$z] = $rsvz[0]; $z++; } } return $rr_id; } @mysql_free_result($res); } function credit_r_bonuses($par_id,$type,$ammt) { $zzz = 0; for ($i=0; $i < count($par_id); $i++) { $zzz++; $get_ref_data = mysql_query("SELECT acctype FROM user WHERE id=$par_id[$i] && status='Active'"); if (mysql_num_rows($get_ref_data) != 0) { $refacc = mysql_result($get_ref_data, 0); if ($type == 'credits') { $get_bonuses = mysql_result(mysql_query("SELECT levels FROM acctype WHERE id=$refacc"), 0); } else { $get_bonuses = mysql_result(mysql_query("SELECT ptc_levels FROM acctype WHERE id=$refacc"), 0); } $bonuses = explode(",", $get_bonuses); $givebonus = $bonuses[$i] / 100; $givebonus = round($givebonus, 2); $givebonus = $givebonus * $ammt; if ($zzz == 1) { $return_val = $givebonus; } if (!is_numeric($givebonus)) {$givebonus = 0; } if ($type == 'credits') { @mysql_query("UPDATE user SET credits=credits+$givebonus, crdsfrmallrefs=crdsfrmallrefs+$givebonus, lifetime_credits=lifetime_credits+$givebonus WHERE id=$par_id[$i]"); @mysql_query("update adminprops set value=value-$givebonus where field='surplu'"); } else { @mysql_query("UPDATE user SET cshfrmallrefs=cshfrmallrefs+$givebonus, roi_cash=roi_cash+$givebonus, lifetime_cash=lifetime_cash+$givebonus WHERE id=$par_id[$i]"); @mysql_query("update adminprops set value=value-$givebonus where field='csurpl'"); $get_refstats = mysql_query("SELECT * FROM monthly_stats WHERE usrid=$par_id[$i] && yearis=" . date("Y") . " && monthis=" . date("m")); if (mysql_num_rows($get_refstats) == 0) { @mysql_query("INSERT INTO monthly_stats (usrid, refptc_cash, tot_owed, monthis, yearis) VALUES ($par_id[$i], $givebonus, $givebonus, " . date("m") . ", " . date("Y") . ")") or die (mysql_error()); } else { @mysql_query("UPDATE monthly_stats SET refptc_cash=refptc_cash+$givebonus, tot_owed=tot_owed+$givebonus WHERE usrid=$par_id[$i] && yearis=" . date("Y") . " && monthis=" . date("m")) or die (mysql_error()); } } } } return $return_val; } function ref_shunt($memb_id) { $par_id=get_referral($memb_id); $query="SELECT mem_id FROM member_refs WHERE ref_id=$memb_id"; $chv_id=array(); $i=0; if ($res=mysql_query($query)) { while($id=mysql_fetch_array($res)) { $chv_id[$i] = $id[0]; $i++; } $queryv="UPDATE member_refs SET ref_id=$par_id WHERE mem_id="; for ($i=0;$i<count($chv_id);$i++) { mysql_query($queryv.$chv_id[$i]); } } return 1; } function totalmembers() { $resz = mysql_query("SELECT id FROM user"); if (mysql_num_rows($resz) > 0) { echo(mysql_num_rows($resz)); } else { echo("0"); } } ?>
ACTIVATE.PHP
codice:<?php session_start(); session_register("sess_data"); session_register("sess_name"); session_register("sess_passwd"); include("vars.php"); include("headfoot.php"); mysql_connect($db_host, $db_user, $db_pwd); mysql_select_db($db_name); if (!isset($_GET['ac']) || !is_numeric($_GET['ac']) || !isset($_GET['i']) || !is_numeric($_GET['i'])) { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">Failed to resolve activation code!</span></body></html>"); mysql_close; exit; } $res = mysql_query("select email, ref from user where id=" . $_GET['i'] . " && status='Un-verified' && ac=" . $_GET['ac']); if (mysql_num_rows($res) != 1) { echo("<head><title>$title</title><meta http-equiv=\"Refresh\" content=\"1;URL=$self_url\"></head><body><span style=\"font-size:250%\">$title</span> <span style=\"font-size:150%\">Failed to resolve activation code!</span></body></html>"); mysql_close; exit; } $email = mysql_result($res, 0, "email"); $myref = mysql_result($res, 0, "ref"); if ($activation_pages == 0) { $my_stat = "Active"; $accs = mysql_query("SELECT * FROM acctype"); for ($i = 0; $i < mysql_num_rows($accs); $i++) { $accids = mysql_result($accs, $i, "id"); $r_bons = mysql_result($accs, $i, "rbonuses"); $r_bons2[$accids] = explode(",", $r_bons); $acc_r_bon[$accids] = count($r_bons2[$accids]); } if ($acc_r_bon[2] > $acc_r_bon[1]) {$greatest = 2; } elseif ($acc_r_bon[1] > $acc_r_bon[2]) {$greatest = 1; } else {$greatest = 2; } if ($myref >= 1 && ($acc_r_bon[1] > 0 || $acc_r_bon[2] > 0)) { $cc = 0; $ref_id[$cc]=$myref; for ($v = 0; $v < ($acc_r_bon[$greatest] - 1); $v++) { $myref = get_referral($myref); if(!$myref || $myref == 0) break; ++$cc; $ref_id[$cc] = $myref; } credit_ref_bonuses($ref_id); } } else { $my_stat = "Verified"; } $res = mysql_query("update user set status='$my_stat', ac=0 where id=" . $_GET['i']) or die ("Please contact $title Admin there was an error, listed below please inlcude with your contact request... Error was: " . mysql_error()); uheader(); echo("<p align=center class=big>Your account was activated!</p>"); echo("<form action=\"$self_url" . "members/mem_auth.php\" method=post name=login><input type=hidden name=form value=sent><div align=center>You may now log in: "); echo("E-mail: <input type=text name=email size=10 maxlength=100 value=$email> Password: <input type=password name=passwd size=10 maxlength=20> <input type=submit value=\"Log in\"></div></form>\n"); ufooter(); mysql_close; exit; ?>
Rispondi quotando
