Jump to content

antiroot

Members
  • Posts

    302
  • Joined

  • Last visited

    Never
  • Donations

    0.00 GBP 

About antiroot

  • Birthday 01/01/1

antiroot's Achievements

Advanced Member

Advanced Member (3/3)

0

Reputation

  1. thanks, yeah apparently it is just because i'm using a non standard client. Well at least i know it's just me and not the server now
  2. Can we have all the IRC rules posted on the forums, according to the post by Artimis, I should see the rules and a MOTD but i do not. Some IRCs support a rules command, mangos irc appears to not have such a command (i know it's not a standard command, but i tried). the motd command also doesn't do anything, not sure if that one is the server or my client though
  3. I agree most of the wiki content should be with the master, but for example wotlk realmd database has gmlevel in the account table, where as mangos-three (now master) has an account_access table instead. so posting the DB structure of mangos-wotlk would not make sense on the master wiki. at any rate good luck to all who will be contributing to the wiki, i'll do my best to help out with that as well Edit: of course what would make the most sense is to have all the cores using near identical structures, but i understand somethings that aren't used by old cores would be pointless to back port such as new power types in the characters tables and other things of that nature
  4. lol well i meant if you find that it is usable and produces something usable, it's still early where i'm at so the caffeine has not yet kicked in so my thought-to-keyboard ability is a bit slow right now. I am curious though will all of the repos have their own wikis, or just the master repo/github user, but that's a question that's a bit off topic for this thread
  5. Interesting find LilleCarl, I'm curious how well an automated tool would be able to do it. I'll probably contribute some installation guides if i can find the time, i'll probably just do it by hand myself. If you do find a good automated tool and you add to the wiki post the links of the mediawiki and github wiki pages so we can see how well it converts
  6. I'm not saying we should be in a hurry, in fact i believe we should take our time with it. I was only curious if this is a new global scheme and that all expansions will eventually be their own repos, meaning work on expansion specific cores will not take place in the repo of other expansions (with exception of back/forward ports of course) I also agree with the suggestion of standardizing the case and naming of the repo names, although when you pull a scriptdev repo its patch file expects the directory to be ScriptDev2 not scriptdev2 so maybe that should be taken into consideration as well
  7. should we expect a mangos-four (MoP) as well, or will that remain in the master repo until that expansion is actually released?
  8. as long as you don't send any content before sending the Location header it seems like it should work.. however i'd probably just do a single error page that handle all the error situations, missing email/username/password. another option is to use an include or require instead of redirecting their browser with a location header
  9. "'2'," . would suffice, however the single quotes aren't required either so just simply "2," . would work as well, my personal preference is to quote any value that is not a function/routine call (for example NOW() ) whatever method you prefer to generate the query, your end goal is to have something similar to the following for what your query should be when passed to mysql or echoed to the screen INSERT INTO account(username,sha_pass_hash,email,expansion,joindate) VALUES ('ANTIROOT','B4831A22B8ABFE73939B9E5C6BEF9F4D2F299C59','[email protected]','2',NOW());
  10. looks like there is an extra comma character either remove the one after intval(2) "'" . intval(2) . "'," . or the one before NOW() ",NOW()" . one thing i do when debugging is echo the query so i can see what is being passed to mysql after all the php variables are filled and everything is parsed Edit: in fact that extra comma looks like it was my fault because i have that in my example (which i'll be editing so it will be correct) one more edit: You don't actually need intval(2), since your 2 is static and an int to begin with
  11. in my examples i used intval($_POST['exp']), you can name it anything you want, so that the user could choose which expansion they wanted, I seem to remember having a case where one of my users had their client updated to the supported version yet they did not have all of the wotlk expansion content. one thing you could do is setup your code so that it will use a POST variable for the expansion if specified or default to something $expansion = (isset($_POST['expansion']) && $_POST['expansion'] >= 0 && $_POST['expansion'] <= 2 ? $_POST['expansion'] : 2); then in your query you would just use the $expansion variable (or just use that whole line in your query and not use the extra variable declaration) but if you just want to force expansion 2 no matter what then using what you had before would be fine Edit: the above does 3 checks, one to see if the variable POST['expansion'] exists, one to see if it's greater than or equal to 0, and the third check makes sure the value is less than or equal to 2. by using the && operators if any of the 3 checks fail the default value of 2 is used, if all three checks pass than the user specified POST['expansion'] is used. If you are un familiar with that syntax, it is called a ternary operator basically it's the equivalent to an if statement that returns 2 values depending on the conditions Another Edit: slightly off topic from your questions, but in case you have not done so yet make sure you check if the username is available before attempting to create the new account. You don't want to end up with accounts using the same name
  12. When you create an account using the console commands in mangos it stores everything in uppercase. My use of strtoupper is mainly to be consistent, but also in case that the table were to be case sensitive the lowercase strings could cause issues since mangos pulls compares the user input straight in the DB for logging in. the case sensitive issue means with case-insensitive antiroot==ANTIROOT is true with case-sensitive antiroot==ANTIROOT is false why this matters is that when mangos does something like 'SELECT * FROM account WHERE username="ANTIROOT"' that query would fail if my username was entered as 'antiroot' (again this only matters on a case-sensitive table)
  13. $sql="INSERT INTO account (username, sha_pass_hash, email, expansion) VALUES ('".mysql_real_escape_string($_POST['username'])."','".sha1(strtoupper($_POST['username'] . ":" . $_POST['sha_pass_hash']))."','".mysql_real_escape_string($_POST['email'])."','2')"; the code sha1(strtoupper($_POST['username'] . ":" . $_POST['sha_pass_hash'])) and '2' don't need to be escaped, since the 2 is not user input and static, and the hash won't include any breaking characters also note that your POST variable $_POST['sha_pass_hash'] should be just the plain clear text hash since the sha1() function call is performing the hash Edit: You can escape the hash if you wish, just make sure you do not escape the data your passing to the sha1 function as that would break your hash Here is a snippit of some code i use so you have something to compare to (i'll provide 2 examples one with sprintf and one with the format your using) With sprintf (i like using single quotes) $query = sprintf('INSERT INTO account(username,sha_pass_hash,email,expansion,joindate) VALUES(\\'%s\\',\\'%s\\',\\'%s\\',\\'%s\\',NOW());', mysql_real_escape_string(strtoupper($_POST['name'])), strtoupper(sha1(strtoupper($_POST['name'].":".$_POST['password']))), mysql_real_escape_string(strtoupper($_POST['email'])), intval($_POST['exp'])); Matching your format (a few tweaks so the extra white space isn't added to the query) $query = "INSERT INTO account(username,sha_pass_hash,email,expansion,joindate) VALUES(" . "'" . mysql_real_escape_string(strtoupper($_POST['name'])) . "'," . "'" . strtoupper(sha1(strtoupper($_POST['name'].":".$_POST['password']))) . "'," . "'" . mysql_real_escape_string(strtoupper($_POST['email'])) . "'," . "'" . intval($_POST['exp']) . "'," . "NOW()" . ");";
  14. Oh i'm sorry, you are correct you do still need quoting around the values, i mistakenly left them out. When i read your query for some reason i was reading it as if you were using the sprintf function. but yes you should do $sql="INSERT INTO account (username, sha_pass_hash, email, expansion) VALUES ('".$_POST['username']."','".sha1(strtoupper($_POST['username'] . ":" . $_POST['password']))."','".$_POST['email']."','2')";
  15. ('$_POST[username]','$_POST[sha_pass_hash]','$_POST[email]','2')"; with that your are single/literal quoting your variables, and you are not quoting your array index names, it will work without but will throw a warning and cause issues if you have constants with the same name, I would do it as ($_POST['username'],$_POST['sha_pass_hash'],$_POST['email'],'2'); Note: that is just a snippit of that code, your entire query ($sql) variable needs a little adjusting what does your code look like that is causing the error?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy Terms of Use