Cheat Engine :: View topic - Someone with programming experience?

Cheat Engine
The Official Site of Cheat Engine

FAQ

Memberlist

Usergroups

Profile

Someone with programming experience?

Cheat Engine Forum Index -> Random spam

View previous topic :: View next topic

Author

Message

Garavito
Master Cheater

Reputation: 0

Joined: 21 Jun 2009
Posts: 387

Posted: Thu Jan 20, 2011 9:38 am Post subject: Someone with programming experience?

I'm running WAMP which allows me to run mySQL, PHP, and Apache on my desktop. So I threw together a private server script leeching 70% of code from Simon's StickEMU release and I portforward everything and add the ip & port to the settings file like this:

Code:

/// SERVER LIST ///

&sConnectPort0=1138&
&sConnectPort1=1138&
&sConnectPort2=1138&
&sConnectPort3=1138&

&sServerName0=My Server&
&sServerURL0=127.0.0.1&
&sServerType0=STANDARD&

Then I turn the server on and I go to test the game and I see "pinging servers.. port 0 ip 0" This could be a problem. I don't know..

So I recheck all of the files and I have everything setup correctly and the MySQL, PHP, and Apache seem to be working fine. So I check the stick_arena.php file on my server..

I'm confronted with these five errors:

Code:

( ! ) Notice: Undefined index: username in C:\wamp\www\stick_arena.php on line 21
Call Stack
# Time Memory Function Location
1 0.0015 742368 {main}( ) ..\stick_arena.php:0

( ! ) Notice: Undefined index: userpass in C:\wamp\www\stick_arena.php on line 22
Call Stack
# Time Memory Function Location
1 0.0015 742368 {main}( ) ..\stick_arena.php:0

( ! ) Notice: Undefined index: action in C:\wamp\www\stick_arena.php on line 23
Call Stack
# Time Memory Function Location
1 0.0015 742368 {main}( ) ..\stick_arena.php:0

( ! ) Notice: Undefined index: usercol in C:\wamp\www\stick_arena.php on line 24
Call Stack
# Time Memory Function Location
1 0.0015 742368 {main}( ) ..\stick_arena.php:0

( ! ) Notice: Undefined index: stats in C:\wamp\www\stick_arena.php on line 25
Call Stack
# Time Memory Function Location
1 0.0015 742368 {main}( ) ..\stick_arena.php:0

So I open stick_arena.php in Notepad++ and I head to those lines. Everything seems normal but I may be wrong..

The lines listed above.

Code:

// declare variables
$username=sanitize($_POST['username']);
$password=sanitize(md5($_POST['userpass']));
$action=sanitize($_POST['action']);
$usercol=sanitize($_POST['usercol']);
$stats=$_POST['stats'];

The rest of the code

Code:

<?php
//My login Script
// mysql connection variables
require_once('./class.rc4crypt.php');
$host = 'localhost';
$dbuser = 'root';
$dbpass = '';
$dbname = 'stick_arena';
$table = 'users';
//
// connect to db
$db = @mysql_connect($host,$dbuser,$dbpass) or die("result=error");
$db = mysql_select_db($dbname);
if(!$db)
{
print "result=error";
exit;
}

// declare variables
$username=sanitize($_POST['username']);
$password=sanitize(md5($_POST['userpass']));
$action=sanitize($_POST['action']);
$usercol=sanitize($_POST['usercol']);
$stats=$_POST['stats'];

if($action=="authenticate")
{
//
// check table
$query = mysql_query("SELECT * FROM $table WHERE USERname = '$username' AND USERpass = '$password'");
$num = mysql_num_rows($query);
if($num>0)
{
   while ($row = mysql_fetch_array($query, MYSQL_BOTH)) {
      if($row["ban"] == 1)
      {
         echo "result=banned";
         exit;
      }
      printf("result=success&usercol=%s", colstring($row["red"]).colstring($row["green"]).colstring($row["blue"]));
   }
} else {
print "result=error";
}
}

if($action=="player_stats")
{
$query = mysql_query("SELECT * FROM users WHERE USERname = '$username'");
while ($row = mysql_fetch_array($query, MYSQL_BOTH)) {
printf ("rounds=%s&wins=%s&losses=%s&kills=%s&deaths=%s&user_level=%s&result=success", $row["rounds"], $row["wins"], $row["losses"], $row["kills"], $row["deaths"], $row["user_level"]);
}
}

if($action=="create")
{
if($usercol == "000000000")
   $usercol = "000000001";

$colour = str_split($usercol, 3);
$querystring = sprintf("INSERT INTO `users` (USERname, USERpass, red, green, blue) VALUES('%s','%s','%s','%s','%s')", $username, $password, $colour[0], $colour[1], $colour[2]);
$result = mysql_query($querystring);

if (!$result) {
   $message = 'result=error';
   die($message);
}
echo "result=success";
}

if($action=="start_round")
{
echo "result=success";
}

if($action=="round_stats")
{
//$ = rc4Encrypt(hex2bin($stats), "8fJ3Ki8Fy6rX1l0J");
$stats_decrypted = rc4crypt::decrypt("8fJ3Ki8Fy6rX1l0J", hex2bin($stats)); // Assuming the key is binary (what you typed)
$kills = get_string_between($stats_decrypted, "KILLS=", "&DE");
$deaths = sanitize(get_string_between($stats_decrypted, "DEATHS=", "&ROUNDSP"));

if($kills > 50)
   $kills = 0;

if($deaths < 0)
   $deaths = 0;

$kills = sanitize($kills);
$deaths = sanitize($deaths);

$roundsplayed = sanitize(get_string_between($stats_decrypted, "PLAYED=", "&WIN"));
$winner = get_string_between($stats_decrypted, "WINNER=", "X");

if($winner == "1")
{
   $wins = "1";
   $losses = "0";
} else if ($winner == "0")
{
   $wins = "0";
   $losses = "1";
}

$querystring = sprintf("UPDATE USERS set `kills` = `kills` + '%s', `deaths` = `deaths` + '%s', `rounds` = `rounds` + '%s', `wins` = `wins` + '%s', `losses` = `losses` + '%s' WHERE `USERname` = '%s' AND `USERpass` = '%s'", $kills, $deaths, $roundsplayed, $wins, $losses, $username, $password);

$result = mysql_query($querystring);
if (!$result) {
   $message = 'result=error';
   die($message);
}
echo "result=success";
}

//------------------------------------------------------------------------------
//Functions
function colstring($col)
{
return str_pad($col, 3, "0", STR_PAD_LEFT);
}

function cleanInput($input) {

$search = array(
'@<script[^>]*?>.*?</script>@si', // Strip out javascript
'@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags
'@<style[^>]*?>.*?</style>@siU', // Strip style tags properly
'@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments
);

$output = preg_replace($search, '', $input);
return $output;
}

function sanitize($input) {
if (is_array($input)) {
foreach($input as $var=>$val) {
$output[$var] = sanitize($val);
}
}
else {
if (get_magic_quotes_gpc()) {
$input = stripslashes($input);
}
$input = cleanInput($input);
$output = mysql_real_escape_string($input);
}
return $output;
}

function get_string_between($string, $start, $end){
$string = " ".$string;
$ini = strpos($string,$start);
if ($ini == 0) return "";
$ini += strlen($start);
$len = strpos($string,$end,$ini) - $ini;
return substr($string,$ini,$len);
}

function hex2bin($str) {
$bin = "";
$i = 0;
do {
$bin .= chr(hexdec($str{$i}.$str{($i + 1)}));
$i += 2;
} while ($i < strlen($str));
return $bin;
}

?>

Here's the database export

Code:

-- phpMyAdmin SQL Dump
-- version 3.2.5
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Jan 20, 2011 at 12:34 AM
-- Server version: 5.1.37
-- PHP Version: 5.3.0

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Database: `stick_arena`
--

-- --------------------------------------------------------

--
-- Table structure for table `ipbans`
--

CREATE TABLE IF NOT EXISTS `ipbans` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` text NOT NULL,
`playername` text NOT NULL,
`mod_responsible` text NOT NULL,
`date_updated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=22 ;

-- --------------------------------------------------------

--
-- Table structure for table `users`
--

CREATE TABLE IF NOT EXISTS `users` (
`UID` int(11) NOT NULL AUTO_INCREMENT,
`USERname` text NOT NULL,
`USERpass` text NOT NULL,
`user_level` tinyint(1) NOT NULL DEFAULT '0',
`rounds` int(11) NOT NULL DEFAULT '0',
`kills` int(11) NOT NULL DEFAULT '0',
`deaths` int(11) NOT NULL DEFAULT '0',
`wins` int(11) NOT NULL DEFAULT '0',
`losses` int(11) NOT NULL DEFAULT '0',
`red` smallint(3) NOT NULL DEFAULT '255',
`green` smallint(3) NOT NULL DEFAULT '0',
`blue` smallint(3) NOT NULL DEFAULT '0',
`ban` tinyint(1) DEFAULT '0',
UNIQUE KEY `USERname` (`USERname`(20)),
KEY `UID` (`UID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2480 ;

Aniblaze
Grandmaster Cheater Supreme

Reputation: 138

Joined: 23 Apr 2006
Posts: 1757
Location: The Netherlands

Posted: Thu Jan 20, 2011 9:56 am Post subject:

The errors are generated because it's trying to receive POST values while you are directly accessing the page. Is there a login page available in that stick arena package as well? Try going there first, create an account, login, and it should take you to the arena page I think.

Garavito
Master Cheater

Reputation: 0

Joined: 21 Jun 2009
Posts: 387

Posted: Thu Jan 20, 2011 9:58 am Post subject:

Augustine wrote:

The errors are generated because it's trying to receive POST values while you are directly accessing the page. Is there a login page available in that stick arena package as well? Try going there first, create an account, login, and it should take you to the arena page I think.

Everything on the clients end is handled in one file and it happens to be a flash file. I've checked the flash file several times and everything leads to that PHP file and that Database. It's not a problem on the servers end its the Database, the client, or that php file. I don't think it's the client.. but it may be. (Disregard that.. the login function is located in the cleint.. but that shouldn't be messed up..)

but this should be the only code that I have to edit

Code:

branchIfTrue label789
push 'phpURL', 'http://localhost/stick_arena.php'
varEquals
branch label790
label789:
push 'phpURL', 'http://localhost/stick_arena.php'
varEquals
label790:

Oh and I've tried throwing the database up on 000webhost along with the client and it gave me the same error when attempting to load the server and account creation along with the login was broken but it added everything to the database.

Aniblaze
Grandmaster Cheater Supreme

Reputation: 138

Joined: 23 Apr 2006
Posts: 1757
Location: The Netherlands

Posted: Thu Jan 20, 2011 10:07 am Post subject:

anime teen goku wrote:

Augustine wrote:

No, everything on the clients end is handled in one file and it happens to be a flash file. I've checked the flash file several times and everything leads to that PHP file and that Database. It's not a problem on the servers end its the Database, the client, or that php file. I don't think it's the client.. but it may be.

Well, I'm not familiar with stick arena, but I can further elaborate on the issue:

A POST is send through mostly forms (or from an AJAX call), in which the values send from a form are sent to the server side in the form of an array. For instance, say I have a form field like this one "<input type="text" name="blargh">". And I decide to put the text "test" in this form field. When I send the form to the server via POST, the server will be able to get these values using the following variable: $_POST['blargh'], which will hold the value "test".

So when your private server states the error "Notice: Undefined index: stats" it means that it can't find the index in the POST array by the name of stats, which looks like this: $_POST['stats']. As such, it would mean that no POST (or an incorrect one) was made, because it can't the POST values you're requesting.

Anyway, good luck. I'm afraid this is all I can do to help. Hope this explanation will lead to something.

Garavito
Master Cheater

Reputation: 0

Joined: 21 Jun 2009
Posts: 387

Posted: Thu Jan 20, 2011 10:11 am Post subject:

Augustine wrote:

anime teen goku wrote:

Augustine wrote:

Well thanks for helping. Hopefully I'll find the problem and fix it.

Display posts from previous:

	Cheat Engine Forum Index -> Random spam	All times are GMT - 6 Hours
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum