 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
SoccaBallDude
Master Cheater
![]() Reputation: 1
Joined: 29 Aug 2008
Posts: 263
|
 Posted: Sat Jan 03, 2009 5:16 pm Post subject: Flash PHP login with txt file database |
 |
|
Live Demo
Thats just the swf file
Database
*Note: this is very basic and nothing is encrypted lol*
Create 5 files:
- index.php (removed)
- main.php
- main.swf
- dat.txt
- lolwut.txt (removed)
-------
index.php
removed because you don't really need it
main.php
| Code: |
<?php
putenv("TZ=US/Eastern");
$id = $_POST["id"];
$user = $_POST["user"];
$pass = $_POST["pass"];
$file = "dat.txt";
$time = date("h:ia");
$ip = $_SERVER['REMOTE_ADDR'];
if ($id == "login") {
$match = false;
$enterUP = "$user$pass";
$curUPs = file($file);
foreach($curUPs as $curUP) {
if(strpos($enterUP, rtrim($curUP)) !== false) {
$match = true;
}
}
if ($match == true) {
$data = "Login Successfull... welcome $user.";
}
else {
$data = "Incorrect username or password.. please try again.";
}
}
else if ($id == "register") {
$new = "$user$pass";
$fp = fopen($file, "a");
if(!$fp) die("&msg=Unable to process registration request... please try again.&");
fwrite($fp, "$new\n", 800000);
fclose($fp);
$data = "Registration successfull: Username-$user / Password-$pass";
}
print "&msg=$data&";
?>
|
Flash: (main.swf)
| Code: |
var loginTo:LoadVars = new LoadVars();
var loginFrom:LoadVars = new LoadVars();
login_btn.onRelease = function() {
var user = user_txt.text;
var pass = pass_txt.text;
var id = "login";
loginTo.id = id;
loginTo.user = user;
loginTo.pass = pass;
loginTo.sendAndLoad("main.php", loginFrom, "POST");
}
register_btn.onRelease = function() {
var user = userReg_txt.text;
var pass = passReg_txt.text;
var id = "register";
loginTo.id = id;
loginTo.user = user;
loginTo.pass = pass;
loginTo.sendAndLoad("main.php", loginFrom, "POST");
}
loginFrom.onLoad = function() {
var msg = this.msg;
main_txt.text += msg;
}
|
It shouldn't be to hard to do some other stuff with this.
edit: my bad, this is the wrong section, can a mod move this to general programming?
Last edited by SoccaBallDude on Sat Jan 03, 2009 8:43 pm; edited 7 times in total |
|
| Back to top |
|
 |
,.Kira.,
Grandmaster Cheater Supreme
 Reputation: 21
Joined: 28 Oct 2007
Posts: 1112
|
| Posted: Sat Jan 03, 2009 5:17 pm Post subject: |
|
|
<3 thanks +rep, is epic
_________________
sigs.getText(siggys[i]);
var sig:String = sigs.split("").reverse().join("");
if (sig.indexOf(",.Kira., I know you can't do none of this!")) return "mindfucked"; |
|
| Back to top |
|
|
Montycarlo
Expert Cheater
 Reputation: 0
Joined: 10 Jan 2007
Posts: 124
|
| Posted: Sat Jan 03, 2009 11:01 pm Post subject: |
|
|
Text files as a database are so horribly unorganized.
I suggest everyone Google 'AS2 to php mySQL' and have a read.
Honestly, it will save you a shitload of time in the future.
Also: A small error on your php file.
You need to make a separator between each username and password, because if I register an account as 'Noob' with the password 'UberNoob', there is no define space between which is which, so I can log in using 'NoobUber' and 'Noob'. What you need to do is add a unique character that won't be reused in someone's username or password (You can restrict what characters are accepted in a text box) eg '*'. When loading the database use the explode function in php to divide the two strings into an array.
|
|
| Back to top |
|
|
LolSalad
Grandmaster Cheater
![]() Reputation: 1
Joined: 26 Aug 2007
Posts: 988
Location: Australia
|
| Posted: Sat Jan 03, 2009 11:57 pm Post subject: |
|
|
| Montycarlo wrote: | Also: A small error on your php file.
You need to make a separator between each username and password, because if I register an account as 'Noob' with the password 'UberNoob', there is no define space between which is which, so I can log in using 'NoobUber' and 'Noob'. What you need to do is add a unique character that won't be reused in someone's username or password (You can restrict what characters are accepted in a text box) eg '*'. When loading the database use the explode function in php to divide the two strings into an array. |
That's exactly what I was thinking, but this part...
| Quote: | | (You can restrict what characters are accepted in a text box) |
You could easily fuck things up by bypassing the restricted character on the client side, if the restriction is put in the textbox. It's best if you just escape the characters for username and password, but not the separators, using rawurlencode in the PHP (then rawurldecode to read them again), or you refuse the request to register if that character is in the username or password, again in the PHP, which would be better because it would save using unnecessary space in the text file.
_________________
|
|
| Back to top |
|
|
Localhost
I post too much
 Reputation: 0
Joined: 28 Apr 2007
Posts: 3402
|
| Posted: Sun Jan 04, 2009 1:28 am Post subject: |
|
|
I think a text database for logins is a dumb idea all together!
How unsafe would it be if a site ACTUALLY used this.
If the text file was ever discovered... Their whole database would be compromised!
My suggestion, is either use MySQL... or if you are hell bent on a text document... Install some kind of Command Line interface archive program.
Extract the text document ( WITH A PASSWORD ) when you need it.
So that way if anyone downloaded the archived password protected file... they could do nothing!
_________________
|
|
| Back to top |
|
|
LolSalad
Grandmaster Cheater
![]() Reputation: 1
Joined: 26 Aug 2007
Posts: 988
Location: Australia
|
| Posted: Sun Jan 04, 2009 1:31 am Post subject: |
|
|
| localhost wrote: | | If the text file was ever discovered... Their whole database would be compromised! |
chmod user permissions
_________________
|
|
| Back to top |
|
|
SXGuy
I post too much
![]() Reputation: 0
Joined: 19 Sep 2006
Posts: 3551
|
| Posted: Sun Jan 04, 2009 5:45 am Post subject: |
|
|
chmod user permissions, but this is still a shit idea sorry.
No reason why anyone cant just use php and mysql.
Text based database? i mean come on seriously, how lame can you get.
I give you credit for the idea, if it was your idea, but thats about it.
I could of done this same thing with about 5 lines of php, something like ReadFile() match the username and password text to login, or divert to denied access if not found.
|
|
| Back to top |
|
|
SoccaBallDude
Master Cheater
![]() Reputation: 1
Joined: 29 Aug 2008
Posts: 263
|
| Posted: Sun Jan 04, 2009 9:28 am Post subject: |
|
|
Topic Title: Flash PHP Login with txt file databse
A lot of people have been going on about how it would be easier using MySQL databases, etc.
I know it would be easier, as well as more secure, but this was just a little thing I made in literally 10 minutes. Take a look at the swf for example; I didn't go all out on that either.
Anyways, I was very bored when I made this and was just looking for something to do.
@MontyCarlo: I know what that problem is that your talking about, after I coded it and I was messing around, I noticed you could do this but frankly I didn't feel like fixing it.
btw, I just want to know when in this post I mentioned anything about using this on some big website.
lol I would never use this on my website for anything serious/
As I recall, instead of saying, "go use this on your professional website now," I said:
| SoccaBallDude wrote: | | It shouldn't be to hard to do some other stuff with this. |
This was just one of my 5-10 minute experiments that I decided to post, and all of you are like, lolwut no MySQL database?
| localhost wrote: |
1. I think a text database for logins is a dumb idea all together!
2. How unsafe would it be if a site ACTUALLY used this.
3. If the text file was ever discovered... Their whole database would be compromised!
4. My suggestion, is either use MySQL... or if you are hell bent on a text document... Install some kind of Command Line interface archive program.
Extract the text document ( WITH A PASSWORD ) when you need it.
So that way if anyone downloaded the archived password protected file... they could do nothing!
|
1. I didn't suggest using this, I just gave you the code. :/
2. If you know what your doing you can make anything safe, and you can also do what LolSald mentioned, but this could probably be used for only a small amount of people.
3. Refer to number 2.
4. Do you seriously think the only protection you can use is to install "some kind of Command Line interface program."
I bet that any login you would make using MySQL could be easily subject to an SQL Injection.
| SXGuy wrote: |
chmod user permissions, but this is still a shit idea sorry.
1. No reason why anyone cant just use php and mysql.
2. Text based database? i mean come on seriously, how lame can you get.
I give you credit for the idea, if it was your idea, but thats about it.
3. I could of done this same thing with about 5 lines of php, something like ReadFile() match the username and password text to login, or divert to denied access if not found.
|
1. ur rite but once again this was one of my experiments and I never told anyone to use this.
2. It's actually pretty epic and making these can help with basic string manipulation.
3. So can I! Amazing right?
Also that person who was worried about if the text file was discovered. You can just use the crypt() function which is just a one way algorithm, so it cannot be decrypted.
Simply encrypt it on registration, and then when the person signs in, encrypt the persons login details and then move on to comparing the two strings.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
