Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 11 of 11
  1. #1
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    How to stop Redirect

    Okay so i have created a Beta Key Gen system for my site but the users are able to bypass it so they can just register without a beta key?? so for example they can just type site.com/register.php and bypassing my index page witch is the beta key

  • #2
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    You can use sessions to make sure that the key has been entered or validated or whatever. And if it isn't the register page can just redirect them back to the index page.
    OracleGuy

  • #3
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    How tho i need code like here is my site http://somethingtodo.x10.mx/ and your able to bypass the beta system just by doing /test.php

  • #4
    Regular Coder
    Join Date
    Oct 2009
    Location
    Florida
    Posts
    155
    Thanks
    16
    Thanked 2 Times in 2 Posts
    I would recommend using sessions as well, here is a link to read up on them: http://www.w3schools.com/php/php_sessions.asp


    It could go something like this.
    index.php
    PHP Code:
    <?php
    session_start
    ();  // starts the session, needs to be on top of page

    $_SESSION['beta_key'] = $key// $key or whatever variable needs to have what the beta key is equal to.
    ?>




    register.php
    PHP Code:
    <?php
    session_start
    ();

    if(isset(
    $_SESSION['beta_key']))  // checks to see if the session exists
    {
             
    // if session does exist





    }else{   // session else
    header("Location: index.php");  //redirects if session doesn't exists.
    }

    ?>
    It is untested, an you will have to configure it yourself of course. But that should get the ol' brain thinking.

  • #5
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    kk now i have other problem when ever i enter Beta code it wont Redirect me now to my test.php

  • #6
    Regular Coder
    Join Date
    Oct 2009
    Location
    Florida
    Posts
    155
    Thanks
    16
    Thanked 2 Times in 2 Posts
    Could you please post the code you are working with?

  • #7
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Index.php
    PHP Code:
    <?php
    session_start
    ();
    $_SESSION['beta_key'] = $key// $key or whatever variable needs to have what the beta key is equal to. 

    $dbhost 'localhost';
    $dbuser 'project9_root';
    $dbpass 'MYPASSWORD';

    $conn mysql_connect($dbhost$dbuser$dbpass) or die                      ('Error connecting to mysql');

    $dbname 'project9_beta';
    mysql_select_db($dbname);

    ?>
    <?php
    if(isset($_POST['login'])) {
        
    $username mysql_real_escape_string($_POST['username']);
        
    $password mysql_real_escape_string($_POST['password']);
        
    $query sprintf("SELECT * FROM `users` WHERE `username` = '%s'"$username);
        
    $usernamecheck mysql_query($query);
        if(
    mysql_num_rows($usernamecheck) > 0) {
            
    // Username is in the database
            
    $row mysql_fetch_array($usernamecheckMYSQL_ASSOC);
            if (
    $row["password"] == md5($password)) {
                
    // Password is correct
                
    header('Location: test.php');
                echo 
    "Login successful, redirecting to <a href='test.php'>test.php</a> now.";
            } 
        }
        echo 
    "<center>Login failed! Try a different username and, or password.</center>";
    }
    ?>
    <?php
    $ibr
    =mysql_query('SELECT requirebeta FROM settings');
    $ibrr=mysql_result($ibr0);
    If (
    $ibrr == 'yes') {
    ?>
    <?php
    if(isset($_POST['register']))
    if (
    $ibrr =='yes') { //beta required
    {
    $betakey mysql_real_escape_string($_POST['beta']);


            
                    if(
    $checkuserresult == 0)
            {
            
    $query sprintf("SELECT COUNT(code) FROM `key` WHERE `code` = '%s'"mysql_real_escape_string($betakey));
            
    $keycheck mysql_query($query);
    //        $keycheck=mysql_query('SELECT COUNT(code) FROM `key` WHERE `code` like ' . $betakey);
            
    $keyresult=mysql_result($keycheck0);
            if (
    $keyresult) {
    //        echo "Beta key found!";
            
    $deletekey=mysql_query('DELETE FROM `key` WHERE code="' $betakey '"');
            
    // Add your redirect here
            
    header'Location: test.php' ) ;
            }else {
            echo 
    '<center><font color="#FF0000">Beta key Not valid.</font></center>';
    //        die("Beta key not valid.");
            
    }
            }
    }
    }
    ?>


    <Title>Beta System</Title>
    <center><form action"test.php" method="post">
    Beta Key: <input type="text" name="beta"></br>
    <input type="submit" name="register" value="Enter Beta Now"></form></center>
    <?php
    }

    ?>
    <center><h2>OR</h2></center>
    </br>
    <center><h3>Login</h3></center>
    <center>
    <form action="index.php" method="post">
    Username: <input type="text" name="username"></br>
    Password: <input type="password" name="password"></br>
    <input type="submit" name="login" value="Login"></form>
    </form>
    </center>
    <!--
    <center><h2>Login Section coming soon</h2></center>
    -->

    <div id="footer"><center><br />Created by unknown</center></div>




    <table border="0" align="center" cellpadding="0" cellspacing="2" width="350"> 
            <tr style="font-size: 9px;"> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.pls"><img src="/images/winamp_icon.jpg" alt="Listen in Winamp or iTunes" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.pls">Winamp / iTunes</a></td> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.asx"><img src="/images/winmedia_icon.jpg" alt="Listen in Windows Media Player" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.asx">Windows Media</a></td> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.ram"><img src="/images/real_icon.jpg" alt="Listen in RealPlayer" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.ram">RealPlayer</a></td> 
            </tr> 
          </table>
    test.php

    PHP Code:
    <?php
    session_start
    ();

    if(isset(
    $_SESSION['beta_key']))  // checks to see if the session exists
    {
             
    // if session does exist





    }else{   // session else
    header("Location: index.php");  //redirects if session doesn't exists.
    }

    ?>
    <center>You have successful on getting this far on my beta system</center>
    <center><b>NOTICE:</b>To keep testing this system do site link /admin and enter following details</center>
    <h3><b>Username:</b>test</h3>
    <h3><b>Password:</b>test1</h3>

  • #8
    Regular Coder
    Join Date
    Oct 2009
    Location
    Florida
    Posts
    155
    Thanks
    16
    Thanked 2 Times in 2 Posts
    That isn't quite what the example code I posted was meant for. You still need to place the example code in the correct spots.

  • #9
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Can you Fix Please

  • #10
    Regular Coder
    Join Date
    Oct 2009
    Location
    Florida
    Posts
    155
    Thanks
    16
    Thanked 2 Times in 2 Posts
    index.php
    PHP Code:
    session_start();
    $dbhost = 'localhost';
    $dbuser = 'project9_root';
    $dbpass = 'MYPASSWORD';

    $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die                      ('Error connecting to mysql');

    $dbname = 'project9_beta';
    mysql_select_db($dbname);

    ?>
    <?php
    if(isset($_POST['login'])) {
        
    $username mysql_real_escape_string($_POST['username']);
        
    $password mysql_real_escape_string($_POST['password']);
        
    $query sprintf("SELECT * FROM `users` WHERE `username` = '%s'"$username);
        
    $usernamecheck mysql_query($query);
        if(
    mysql_num_rows($usernamecheck) > 0) {
            
    // Username is in the database
            
    $row mysql_fetch_array($usernamecheckMYSQL_ASSOC);
            if (
    $row["password"] == md5($password)) {
                
    // Password is correct
                
    header('Location: test.php');
                echo 
    "Login successful, redirecting to <a href='test.php'>test.php</a> now.";
            } 
        }
        echo 
    "<center>Login failed! Try a different username and, or password.</center>";
    }
    ?>
    <?php
    $ibr
    =mysql_query('SELECT requirebeta FROM settings');
    $ibrr=mysql_result($ibr0);
    If (
    $ibrr == 'yes') {
    ?>
    <?php
    if(isset($_POST['register']))
    if (
    $ibrr =='yes') { //beta required
    {
    $betakey mysql_real_escape_string($_POST['beta']);


            
                    if(
    $checkuserresult == 0)
            {
            
    $query sprintf("SELECT COUNT(code) FROM `key` WHERE `code` = '%s'"mysql_real_escape_string($betakey));
            
    $keycheck mysql_query($query);
    //        $keycheck=mysql_query('SELECT COUNT(code) FROM `key` WHERE `code` like ' . $betakey);
            
    $keyresult=mysql_result($keycheck0);
            if (
    $keyresult) {
    //        echo "Beta key found!";
            
    $deletekey=mysql_query('DELETE FROM `key` WHERE code="' $betakey '"');
            
    // Add your redirect here
            
    $_SESSION['beta_key'] = $betakey;
            
    header'Location: test.php' ) ;
            }else {
            echo 
    '<center><font color="#FF0000">Beta key Not valid.</font></center>';
    //        die("Beta key not valid.");
            
    }
            }
    }
    }
    ?>


    <Title>Beta System</Title>
    <center><form action"test.php" method="post">
    Beta Key: <input type="text" name="beta"></br>
    <input type="submit" name="register" value="Enter Beta Now"></form></center>
    <?php
    }

    ?>
    <center><h2>OR</h2></center>
    </br>
    <center><h3>Login</h3></center>
    <center>
    <form action="index.php" method="post">
    Username: <input type="text" name="username"></br>
    Password: <input type="password" name="password"></br>
    <input type="submit" name="login" value="Login"></form>
    </form>
    </center>
    <!--
    <center><h2>Login Section coming soon</h2></center>
    -->

    <div id="footer"><center><br />Created by unknown</center></div>




    <table border="0" align="center" cellpadding="0" cellspacing="2" width="350"> 
            <tr style="font-size: 9px;"> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.pls"><img src="/images/winamp_icon.jpg" alt="Listen in Winamp or iTunes" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.pls">Winamp / iTunes</a></td> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.asx"><img src="/images/winmedia_icon.jpg" alt="Listen in Windows Media Player" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.asx">Windows Media</a></td> 
              <td width="100" align="center" valign="middle"><a href="s13.myradiostream.com/13026.ram"><img src="/images/real_icon.jpg" alt="Listen in RealPlayer" width="48" height="48" border="0" /></a><br /> 
                <a href="/13026.ram">RealPlayer</a></td> 
            </tr> 
          </table>


    test.php
    PHP Code:
    session_start();
    if(isset(
    $_SESSION['beta_key']))  // checks to see if the session exists
    {
             
    // if session does exist
    echo '<center>You have successful on getting this far on my beta system</center>
    <center><b>NOTICE:</b>To keep testing this system do site link /admin and enter following details</center>
    <h3><b>Username:</b>test</h3>
    <h3><b>Password:</b>test1</h3>'
    ;




    }else{   
    // session else
    header("Location: index.php");  //redirects if session doesn't exists.
    }

    ?> 

    This is all untested for obvious reasons, I am not sure where some of the variables are coming from, but I hope you can get the idea off of this.

  • #11
    New to the CF scene
    Join Date
    Jan 2011
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Can you do the same thing but for Login. Username and Password section Please...


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •