wesly
Joined: 24th Apr 2012
Posts: 335
 Register an account Through Website ?
Title says it all. Someone gave me a code for this a long time ago but it never seemed to work tho.
8 years, 43 weeks ago
|
newguy
Joined: 13th Mar 2009
Posts: 665
Re: Register an account Through Website ?
Any script that you once had is probably not going to work anymore without at least a little tweaking. EOSERV used to use MYSQL and now it uses MariaDB(?). To register an account online you are going to need to create a PHP script that adds a new entry to the 'accounts' table of your database. This
can be done pretty easily and there are loads of tutorials on how to edit databases online.
Sausage explains the switch here: link
Good luck! Hope I helped!
(Sausage edit: removed unnecessary massive font size, also the first part of the post is wrong, MariaDB is just the connector library EOSERV uses to connect to your database).
---
Love you too.
8 years, 43 weeks ago
|
lewis999
Joined: 27th Aug 2010
Posts: 368
Re: Register an account Through Website ?
If you do this, remember that the password field should be hashed with the same algorithm EOServ uses: ( from World::CreatePlayer, world.cpp:1128 )
-
util::secure_string password_buffer(std::move(std::string(this->config["PasswordSalt"]) + username +
password.str()));
-
password = sha256(password_buffer.str());
So in PHP something like:
$password = hash("sha256", $passwordSalt . $_POST["username"] . $_POST["password"] )
8 years, 42 weeks ago
|
wesly
Joined: 24th Apr 2012
Posts: 335
Re: Register an account Through Website ?
Tbh . I have no clue on what to do . Here's the previous code tho
<?php
$host="127.0.0.1";
$user="root";
$pass="";
$dbname="endless";
$postuser=mysql_real_escape_string($_POST["username"]);
$postpass=mysql_real_escape_string($_POST["password"]);
$postname=mysql_real_escape_string($_POST["realname"]);
$postcountry=mysql_real_escape_string($_POST["country"]);
$postemail=mysql_real_escape_string($_POST["email"]);
$SALT="changeme";
//Must match the salt in config.ini of your server
$con=mysql_connect($host,$user,$pass);
if
($con){
mysql_select_db($dbname);
if
($_POST["password"]==$_POST["repassword"]){
$sql=mysql_query("select
* from accounts where username='".$postusername."'");
if
($row=mysql_fetch_array($sql)){
echo("account
already exists!");
}else{
$password=hash('sha256',$SALT.strtolower($postuser).substr($postpass,0,12));
$currip=$_SERVER['REMOTE_ADDR'];
$now=time();
$sql=mysql_query("INSERT
INTO `accounts` (username,password,fullname,location,email,regip,lastip,created,lastused) VALUES('$postuser','$password','$postname','$postcountry','$postemail','$currip','$currip',$now,$now)");
if
(!$sql) die(mysql_error());
}
}
}else{
echo("database
connection could not be made");
}
?>
8 years, 42 weeks ago
|
Sausage
 Administrator
Joined: 26th Jul 2008
Posts: 1346
Re: Register an account Through Website ?
The above code is probably failing due to not including the 'computer' and 'hdid' fields, which would be obvious since that would be the exact error it gives you.
Either add them with dummy values, or set them as nullable with a default value of null in the database.
8 years, 42 weeks ago
|
Apollo
 Administrator
Joined: 14th Apr 2009
Posts: 2759
Re: Register an account Through Website ?
You really shouldn't do this without adding some retry timer on the server end and probably a cookie on the web side so you don't spoon feed even the worst of hackers a way to spam bloat your database with accounts. The official client uses about 132 seconds between creation start and end, but
even less than that is far better than unlimited.
8 years, 42 weeks ago
|
Re: Register an account Through Website ?
A little bit of human verification wouldn't go amiss. Make sure any web page that uses this has a Captcha.
https://www.google.com/recaptcha/intro/index.html
---
Forgotten Passwords = Fresh Start
8 years, 42 weeks ago
| | | | | | | |
