From: Neil S. <sir...@us...> - 2003-06-18 08:06:04
|
CVSROOT : /cvsroot/publicdnsadmin Module : publicdnsadmin Commit time: 2003-06-18 08:05:57 UTC Modified files: signup.php docs/INSTALL docs/TODO docs/mysql.sql docs/postgresql.sql lib/config.php-dist lib/prepend.php Added files: gfx_code.php docs/gfxcode.update.sql images/b5.ttf images/bg_gfx_code.jpg images/rans.ttf images/tile_dw.jpg images/tile_dw_small.jpg images/tile_up.jpg images/tile_up_small.jpg lib/gfx_code.inc.php Log message: Author: SiRVu|caN Log message: gfxcode addition ---------------------- diff included ---------------------- Index: publicdnsadmin/docs/INSTALL diff -u publicdnsadmin/docs/INSTALL:1.2 publicdnsadmin/docs/INSTALL:1.3 --- publicdnsadmin/docs/INSTALL:1.2 Fri Jun 13 07:09:28 2003 +++ publicdnsadmin/docs/INSTALL Wed Jun 18 01:05:47 2003 @@ -17,6 +17,9 @@ properly. The required structure data can be found in mysql.sql and postgresql.sql in the same directory as this INSTALL-file. + If you are upgrading from a CVS version, make sure you run the *.update.sql + scripts. + Edit dbbackup.php in the Public DNS Administrator root dir, change thse values: $filename = "/path/to/publicdnsadmin/data/lbdns-$date.sql"; Index: publicdnsadmin/docs/TODO diff -u publicdnsadmin/docs/TODO:1.2 publicdnsadmin/docs/TODO:1.3 --- publicdnsadmin/docs/TODO:1.2 Fri Jun 13 09:31:25 2003 +++ publicdnsadmin/docs/TODO Wed Jun 18 01:05:47 2003 @@ -1,4 +1,4 @@ - Some sort of maintenence news system (displayed on the main login page). -- Graphical code check upon signup (and possibly login). +- Graphical code check upon signup (and possibly login). -signup done - Improve dbbackup.php. - Improve nsstats.php. Index: publicdnsadmin/docs/gfxcode.update.sql diff -u /dev/null publicdnsadmin/docs/gfxcode.update.sql:1.1 --- /dev/null Wed Jun 18 01:05:57 2003 +++ publicdnsadmin/docs/gfxcode.update.sql Wed Jun 18 01:05:47 2003 @@ -0,0 +1,7 @@ +CREATE TABLE gfxcodes ( + code VARCHAR(25) NOT NULL, + crc VARCHAR(128) NOT NULL, + expire INT NOT NULL +); + +CREATE INDEX gfxcodes_idx ON gfxcodes(code,crc,expire); Index: publicdnsadmin/docs/mysql.sql diff -u publicdnsadmin/docs/mysql.sql:1.1.1.1 publicdnsadmin/docs/mysql.sql:1.2 --- publicdnsadmin/docs/mysql.sql:1.1.1.1 Wed Apr 16 00:19:07 2003 +++ publicdnsadmin/docs/mysql.sql Wed Jun 18 01:05:47 2003 @@ -37,4 +37,13 @@ PRIMARY KEY (id), KEY username (username,password) ) TYPE=MyISAM; + +CREATE TABLE gfxcodes ( + code VARCHAR(25) NOT NULL, + crc VARCHAR(128) NOT NULL, + expire INT NOT NULL +); + +CREATE INDEX gfxcodes_idx ON gfxcodes(code,crc,expire); + INSERT INTO users VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'DNS Administrator', 'hos...@ex...', '', '2'); Index: publicdnsadmin/docs/postgresql.sql diff -u publicdnsadmin/docs/postgresql.sql:1.1.1.1 publicdnsadmin/docs/postgresql.sql:1.2 --- publicdnsadmin/docs/postgresql.sql:1.1.1.1 Wed Apr 16 00:19:07 2003 +++ publicdnsadmin/docs/postgresql.sql Wed Jun 18 01:05:47 2003 @@ -40,4 +40,13 @@ CREATE INDEX "users_password_key" ON "users" ("password"); CREATE INDEX "users_username_key" ON "users" ("username"); CREATE SEQUENCE "users_id_seq" START 2 INCREMENT 1 MAXVALUE 9223372036854775807 MINVALUE 1 CACHE 1; + +CREATE TABLE gfxcodes ( + code VARCHAR(25) NOT NULL, + crc VARCHAR(128) NOT NULL, + expire INT NOT NULL +); + +CREATE INDEX gfxcodes_idx ON gfxcodes(code,crc,expire); + INSERT INTO "users" ("id", "username", "password", "name", "email", "company", "permission") VALUES(1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'DNS Administrator', 'ad...@ex...', '', 2); Index: publicdnsadmin/gfx_code.php diff -u /dev/null publicdnsadmin/gfx_code.php:1.1 --- /dev/null Wed Jun 18 01:05:57 2003 +++ publicdnsadmin/gfx_code.php Wed Jun 18 01:05:46 2003 @@ -0,0 +1,50 @@ +<?php +/* + Public DNS Administator + Originally Written by Trond Arve Nordheim <tr...@no...> + Modified By Neil Spierling <sir...@si...> + + Distributed under the GPL license, see LICENSE for + more information + + $Id: +*/ + +require("lib/prepend.php"); + +global $ALLOWED_EXT,$DEFAULT_BG_COLOR,$DEFAULT_FG_COLOR,$DEFAULT_FONT_SIZE,$FONT_PATH,$GFX_SECURE_MODE; +global $ENABLE_ANGLE_VARIATION,$DEFAULT_LINES_COLOR,$DEFAULT_DOTS_COLOR,$DEFAULT_NUM_LINES,$DEFAULT_NUM_DOTS; +global $ENABLE_H_LINES,$ENABLE_V_LINES,$ENABLE_DOTS,$SPECIFIC_FONT2,$TILE_UP,$TILE_DW,$RANDOM_UP_DW,$NEWUSERS_GFXCHECK; +global $JPEG_OUT_QUALITY,$SPECIFIC_FONT; + +if (!extension_loaded("gd")) { // checking if LibGD is present in apache/php + $SHOW_GFXUSRCHK = 0; + } else { + $SHOW_GFXUSRCHK = 1; +} + +if ($SHOW_GFXUSRCHK && $NEWUSERS_GFXCHECK) { + $dbh = db_connect(); + if (!extension_loaded("gd")) { die("GD Library not present !"); } + $ENABLE_COOKIE_TABLE = 1; + + $fontList = get_font_face_list(); + unset($dFID); $dFID = rand(0,(count($fontList)-1)); // random available font face + + $dbh->query("DELETE FROM gfxcodes WHERE expire<now()::abstime::int4"); + $r = $dbh->query("SELECT code FROM gfxcodes WHERE crc='" . $_GET["crc"] . "'"); + if ($o = $r->fetchRow()) { + $code_gen = $o["code"]; + // generate the picture + if ($GFX_SECURE_MODE==1) { + img_label($code_gen,$SPECIFIC_FONT); + } else { + img_label2($code_gen,$SPECIFIC_FONT2); + } + } else { + img_label("INVALID CRC !!!",$SPECIFIC_FONT,24,"#ff1111","#ffffff"); + } +} else { + die("Page is disabled."); +} +?> Index: publicdnsadmin/images/b5.ttf Index: publicdnsadmin/images/bg_gfx_code.jpg Index: publicdnsadmin/images/rans.ttf Index: publicdnsadmin/images/tile_dw.jpg Index: publicdnsadmin/images/tile_dw_small.jpg Index: publicdnsadmin/images/tile_up.jpg Index: publicdnsadmin/images/tile_up_small.jpg Index: publicdnsadmin/lib/config.php-dist diff -u publicdnsadmin/lib/config.php-dist:1.1.1.1 publicdnsadmin/lib/config.php-dist:1.2 --- publicdnsadmin/lib/config.php-dist:1.1.1.1 Wed Apr 16 00:19:08 2003 +++ publicdnsadmin/lib/config.php-dist Wed Jun 18 01:05:47 2003 @@ -7,7 +7,7 @@ Distributed under the GPL license, see LICENSE for more information - $Id: config.php-dist,v 1.1.1.1 2003/04/16 07:19:08 sirvulcan Exp $ + $Id: config.php-dist,v 1.2 2003/06/18 08:05:47 sirvulcan Exp $ */ /* @@ -45,5 +45,34 @@ $ns2port = "8081"; $ns2user = "admin"; $ns2pass = "password"; + +/* Graphical code check options, You need libgd enabled in your PHP */ +$NEWUSERS_GFXCHECK = 0; + +$ALLOWED_EXT = ".ttf"; +$DEFAULT_BG_COLOR = "#FFFFFF"; +$DEFAULT_FG_COLOR = "#CACACA"; +$DEFAULT_FONT_SIZE = 36; +$FONT_PATH = "/path/to/publicdnsadmin/images/"; + +$GFX_SECURE_MODE = 2; +$ENABLE_ANGLE_VARIATION = 1; +$JPEG_OUT_QUALITY = 60; + +/* GFX_SECURE_MODE == 1 */ +$DEFAULT_LINES_COLOR = "#CACACA"; +$DEFAULT_DOTS_COLOR = "#CACACA"; +$DEFAULT_NUM_LINES = 10; +$DEFAULT_NUM_DOTS = 2000; +$ENABLE_H_LINES = 1; +$ENABLE_V_LINES = 1; +$ENABLE_DOTS = 0; +$SPECIFIC_FONT = "rans.ttf"; + +/* GFX_SECURE_MODE == 2 */ +$SPECIFIC_FONT2 = "b5.ttf"; +$TILE_UP = "tile_up_small.jpg"; +$TILE_DW = "tile_dw_small.jpg"; +$RANDOM_UP_DW = 1; ?> Index: publicdnsadmin/lib/gfx_code.inc.php diff -u /dev/null publicdnsadmin/lib/gfx_code.inc.php:1.1 --- /dev/null Wed Jun 18 01:05:57 2003 +++ publicdnsadmin/lib/gfx_code.inc.php Wed Jun 18 01:05:47 2003 @@ -0,0 +1,185 @@ +<?php +/* + Public DNS Administator + Originally Written by Trond Arve Nordheim <tr...@no...> + Modified By Neil Spierling <sir...@si...> + + Distributed under the GPL license, see LICENSE for + more information + + $Id: gfx_code.inc.php,v 1.1 2003/06/18 08:05:47 sirvulcan Exp $ +*/ + +include("lib/config.php"); + +/* GFX code check functions */ +function ImgNewColor($image_id,$hex_notation) { + if (!preg_match("/^#[0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F]$/",$hex_notation)) { return 0; } + $r_col = substr($hex_notation,1,2);$g_col = substr($hex_notation,3,2);$b_col = substr($hex_notation,5,2); + $r_dec = hexdec($r_col);$g_dec = hexdec($g_col);$b_dec = hexdec($b_col); + return ImageColorAllocate($image_id,$r_dec,$g_dec,$b_dec); +} +function get_font_face_list() { + global $ALLOWED_EXT,$DEFAULT_BG_COLOR,$DEFAULT_FG_COLOR,$DEFAULT_FONT_SIZE,$FONT_PATH,$GFX_SECURE_MODE; + global $ENABLE_ANGLE_VARIATION,$DEFAULT_LINES_COLOR,$DEFAULT_DOTS_COLOR,$DEFAULT_NUM_LINES,$DEFAULT_NUM_DOTS; + global $ENABLE_H_LINES,$ENABLE_V_LINES,$ENABLE_DOTS,$SPECIFIC_FONT2,$TILE_UP,$TILE_DW,$RANDOM_UP_DW,$NEWUSERS_GFXCHECK; + global $JPEG_OUT_QUALITY,$SPECIFIC_FONT; + + // returns an array containing all valid FONT FACE (file names) + $retVal = Array(); + if ($handle = opendir($FONT_PATH)) { + while (false !== ($file = readdir($handle))) { + if ($file != "." && $file != ".." && ereg($ALLOWED_EXT,strtolower($file))) { + $retVal[] = $file; + } + } + closedir($handle); + sort($retVal); + return $retVal; + } else { + return $retVal; + } +} +function img_label($text_label) { + global $fontList,$dFID; + global $ALLOWED_EXT,$DEFAULT_BG_COLOR,$DEFAULT_FG_COLOR,$DEFAULT_FONT_SIZE,$FONT_PATH,$GFX_SECURE_MODE; + global $ENABLE_ANGLE_VARIATION,$DEFAULT_LINES_COLOR,$DEFAULT_DOTS_COLOR,$DEFAULT_NUM_LINES,$DEFAULT_NUM_DOTS; + global $ENABLE_H_LINES,$ENABLE_V_LINES,$ENABLE_DOTS,$SPECIFIC_FONT2,$TILE_UP,$TILE_DW,$RANDOM_UP_DW,$NEWUSERS_GFXCHECK; + global $JPEG_OUT_QUALITY,$SPECIFIC_FONT; + + $font_name = $SPECIFIC_FONT; + $font_size = $DEFAULT_FONT_SIZE; + $font_path = $FONT_PATH; + $fg_color = $DEFAULT_FG_COLOR; + $bg_color = $DEFAULT_BG_COLOR; + + if (substr($FONT_PATH,(strlen($FONT_PATH)-1),1)!="/") { $ff = $FONT_PATH . "/"; } else { $ff = $FONT_PATH; } + + // this function will only work if nothing was output before its call. + // it will completely generate the image text label from scratch to the 'die' clause. + + if ($font_name == "") { $font_name = $fontList[$dFID]; } // if no specified font_name, pick a random one in those TTFs available in FONT_PATH. + header("Content-type: image/jpeg"); + + // load the bg image + $bg_IMG = ImageCreateFromJPEG($ff . "bg_gfx_code.jpg"); // image is in FONT_PATH + $bg_W = ImageSX($bg_IMG); $bg_H = ImageSY($bg_IMG); + + // calculate image size for chosen text + if ($ENABLE_ANGLE_VARIATION) { srand(); $da_angle = rand(-5,5); } else { $da_angle = 0; } + list($pos_blx, $pos_bly, $pos_brx, $pos_bry, $pos_trx, $pos_try, $pos_tlx, $pos_tly) = ImageTTFBBox($font_size, $da_angle, $ff . $font_name, $text_label); + $text_w = $pos_brx - $pos_blx; + $text_h = $pos_bly - $pos_tly; + + // create empty template of final size and define colors + $newIm = ImageCreate($text_w+50,$text_h+50); + $bgCol = ImgNewColor($newIm,$bg_color); $fgCol = ImgNewColor($newIm,$fg_color); + if ($ENABLE_H_LINES || $ENABLE_V_LINES) { $gridCol = ImgNewColor($newIm,$DEFAULT_LINES_COLOR); } + if ($ENABLE_DOTS) { $dotzCol = ImgNewColor($newIm,$DEFAULT_DOTS_COLOR); } + + // copy a resized version of BG image into final picture + ImageCopyResampled($newIm,$bg_IMG,0,0,0,0,$text_w+50,$text_h+50,$bg_W,$bg_H); + + // write the text into the picture + ImageTTFText($newIm,$font_size,$da_angle,20,$text_h+20,$fgCol,$ff . $font_name,$text_label); + + + // add some various configurable garbage to make it even harder to do picture recognition + if ($ENABLE_H_LINES){ + for ($x=0;$x<$DEFAULT_NUM_LINES;$x++) { + srand(); + $r_y = rand(1,(ImageSY($newIm)-1)); + ImageLine($newIm,0,$r_y,ImageSX($newIm),$r_y,$gridCol); + } + } + if ($ENABLE_V_LINES) { + for ($x=0;$x<$DEFAULT_NUM_LINES;$x++) { + srand(); + $r_x = rand(1,(ImageSX($newIm)-1)); + ImageLine($newIm,$r_x,0,$r_x,ImageSY($newIm),$gridCol); + } + } + if ($ENABLE_DOTS) { + for ($x=0;$x<$DEFAULT_NUM_DOTS;$x++) { + srand(); + $r_x = rand(1,(ImageSX($newIm)-1)); + $r_y = rand(1,(ImageSY($newIm)-1)); + ImageSetPixel($newIm,$r_x,$r_y,$dotzCol); + } + } + // output the picture + ImageJPEG($newIm,"",$JPEG_OUT_QUALITY); // JPEG Quality + die; +} + +function img_label2($text_label) { + global $fontList,$dFID; + global $ALLOWED_EXT,$DEFAULT_BG_COLOR,$DEFAULT_FG_COLOR,$DEFAULT_FONT_SIZE,$FONT_PATH,$GFX_SECURE_MODE; + global $ENABLE_ANGLE_VARIATION,$DEFAULT_LINES_COLOR,$DEFAULT_DOTS_COLOR,$DEFAULT_NUM_LINES,$DEFAULT_NUM_DOTS; + global $ENABLE_H_LINES,$ENABLE_V_LINES,$ENABLE_DOTS,$SPECIFIC_FONT2,$TILE_UP,$TILE_DW,$RANDOM_UP_DW,$NEWUSERS_GFXCHECK; + global $JPEG_OUT_QUALITY,$SPECIFIC_FONT; + + $font_name = $SPECIFIC_FONT2; + $font_size = $DEFAULT_FONT_SIZE; + $font_path = $FONT_PATH; + $fg_color = $DEFAULT_FG_COLOR; + $bg_color = $DEFAULT_BG_COLOR; + + if (substr($FONT_PATH,(strlen($FONT_PATH)-1),1)!="/") { $ff = $FONT_PATH . "/"; } else { $ff = $FONT_PATH; } + + // this function will only work if nothing was output before its call. + // it will completely generate the image text label from scratch to the 'die' clause. + + if ($font_name == "") { $font_name = $fontList[$dFID]; } // if no specified font_name, pick a random one in those TTFs available in FONT_PATH. + header("Content-type: image/jpeg"); + + + // calculate image size for chosen text + if ($ENABLE_ANGLE_VARIATION) { srand(); $da_angle = rand(-5,5); } else { $da_angle = 0; } + list($pos_blx, $pos_bly, $pos_brx, $pos_bry, $pos_trx, $pos_try, $pos_tlx, $pos_tly) = ImageTTFBBox($font_size, $da_angle, $ff . $font_name, $text_label); + $text_w = $pos_brx - $pos_blx; $text_h = $pos_bly - $pos_tly; + + // load the TILE UP/DOWN images + if ($RANDOM_UP_DW) { + srand(); + $rnum = rand(5000,10000); + if ($rnum>=7500) { + $tile_up_IMG = ImageCreateFromJPEG($ff . $TILE_UP); // image is in FONT_PATH + $tile_down_IMG = ImageCreateFromJPEG($ff . $TILE_DW); // image is in FONT_PATH + } else { + $tile_up_IMG = ImageCreateFromJPEG($ff . $TILE_DW); // image is in FONT_PATH + $tile_down_IMG = ImageCreateFromJPEG($ff . $TILE_UP); // image is in FONT_PATH + } + } else { + $tile_up_IMG = ImageCreateFromJPEG($ff . $TILE_UP); // image is in FONT_PATH + $tile_down_IMG = ImageCreateFromJPEG($ff . $TILE_DW); // image is in FONT_PATH + } + + // create empty template of final size and define colors + $newIm = ImageCreate($text_w+70,$text_h+70); + $bgCol = ImgNewColor($newIm,$bg_color); + $fgCol = ImgNewColor($newIm,$fg_color); + ImageSetTile($newIm,$tile_up_IMG); + ImageFilledRectangle($newIm,0,0,$text_w+70,$text_h+70,IMG_COLOR_TILED); + + + // create the text image + $t_IMG = ImageCreate($text_w+70,$text_h+70); + $TbgCol = ImgNewColor($t_IMG,"#ffffff"); + $TfgCol = ImgNewColor($t_IMG,"#000000"); + $TTTCol = ImgNewColor($t_IMG,"#ffffff"); + ImageSetTile($t_IMG,$tile_down_IMG); + ImageFilledRectangle($t_IMG,0,0,$text_w+70,$text_h+70,IMG_COLOR_TILED); + $transp_t = ImageColorTransparent($t_IMG,$TTTCol); + + // write the text into the picture + ImageTTFText($t_IMG,$font_size,$da_angle,35,$text_h+35,-$TTTCol,$ff . $font_name,$text_label); + + // copy transparent text on final picture + ImageCopy($newIm,$t_IMG,0,0,0,0,$text_w+70,$text_h+70); + + // output the picture + ImageJPEG($newIm,"",$JPEG_OUT_QUALITY); // JPEG Quality + die; +} +?> Index: publicdnsadmin/lib/prepend.php diff -u publicdnsadmin/lib/prepend.php:1.1.1.1 publicdnsadmin/lib/prepend.php:1.2 --- publicdnsadmin/lib/prepend.php:1.1.1.1 Wed Apr 16 00:19:08 2003 +++ publicdnsadmin/lib/prepend.php Wed Jun 18 01:05:47 2003 @@ -7,7 +7,7 @@ Distributed under the GPL license, see LICENSE for more information - $Id: prepend.php,v 1.1.1.1 2003/04/16 07:19:08 sirvulcan Exp $ + $Id: prepend.php,v 1.2 2003/06/18 08:05:47 sirvulcan Exp $ */ /* Start session */ @@ -19,6 +19,7 @@ /* Internal dependencies */ require("config.php"); require("db.inc.php"); +require("gfx_code.inc.php"); require("permission.inc.php"); require("templates.inc.php"); require("zones.inc.php"); Index: publicdnsadmin/signup.php diff -u publicdnsadmin/signup.php:1.1.1.1 publicdnsadmin/signup.php:1.2 --- publicdnsadmin/signup.php:1.1.1.1 Wed Apr 16 00:19:06 2003 +++ publicdnsadmin/signup.php Wed Jun 18 01:05:47 2003 @@ -19,6 +19,40 @@ $password = trim(addslashes($_POST["password"])); $pass_confirm = trim(addslashes($_POST["pass_confirm"])); +$dbh = db_connect(); + +if (!extension_loaded("gd")) { // checking if LibGD is present in apache/php + $SHOW_GFXUSRCHK = 0; + } else { + $SHOW_GFXUSRCHK = 1; +} + +if ($SHOW_GFXUSRCHK && $NEWUSERS_GFXCHECK) { + if ($clic == 1 && ($gfxcode_crc != md5( $gfxcode_ts . $_SERVER["HTTP_USER_AGENT"] . CRC_SALT_0010 . strtoupper($gfxcode_val) . CRC_SALT_0008))) { + $failed = 1; + if ($first_error) { echo "<center>"; $first_error=0; } + echo "<p>You entered an invalid code from the picture. <a href=\"signup.php\">Please try again</a>.</p>"; + } else { + if ($clic == 1) { + $ENABLE_COOKIE_TABLE = 1; + $dbh->query("DELETE FROM gfxcodes WHERE expire<now()::abstime::int4"); + $r = $dbh->query("SELECT expire FROM gfxcodes WHERE crc='" . $gfxcode_crc . "' AND code='" . strtoupper($gfxcode_val) . "'"); + if ($r->numRows()==0) { + $failed = 1; + if ($first_error) { echo "<center>"; $first_error=0; } + echo "<p>You entered an invalid/expired code from the picture. <a href=\"newuser.php\">Please try again</a>.</p>"; + } else { + } + } + $ENABLE_COOKIE_TABLE = 0; + if ($failed==0) { + $ENABLE_COOKIE_TABLE = 1; + $dbh->query("DELETE FROM gfxcodes WHERE crc='" . $gfxcode_crc . "' AND code='" . strtoupper($gfxcode_val) . "'"); + $ENABLE_COOKIE_TABLE = 0; + } + } +} + ?> <h3>Signup</h3> <? @@ -29,8 +63,6 @@ } if ($douser == 1) { - $dbh = db_connect(); - // terms and agreement check if ($terms == 1) { echo "<p class=\"error\">You Didnt Agree To The Terms and Conditions.</p>"; @@ -244,6 +276,28 @@ <tr><td>Company:</td><td><input type="text" name="company" size="40" maxlength="40"></td><td>40 Chars Max</td></tr> <tr><td>Domains:</td><Td><textarea rows="5" cols="40" name="ldomains"></textarea></td><td>1 Domain Per Line</td></tr> <tr><td></td><td colspan="2">NOTE: Each Domain must use ns1.linux-boxen.org and ns2.linux-boxen.org for its nameservers, signup will be denied if the domains dont match to ns1.linux-boxen.org and ns2.linux-boxen.org</td></tr> + +<? + if ($SHOW_GFXUSRCHK && $NEWUSERS_GFXCHECK) { + $code_length = 10; // generated code number of chars + $code_base = md5( CRC_SALT_0001 . time() . microtime() . CRC_SALT_0009 . uniqid(1) ); // base of code ( with strlen(this)>$code_length ! ). + $code = strtoupper(substr(str_replace("1","",str_replace("i","",str_replace("I","",str_replace("o","",str_replace("O","",str_replace("l","",str_replace("L","",str_replace("0","",$code_base)))))))),0,$code_length)); + $ts = time()+1800; // expires 30 mins after page load. + $crckey = md5( $ts . $_SERVER["HTTP_USER_AGENT"] . CRC_SALT_0010 . $code . CRC_SALT_0008 ); + echo "<input type=hidden name=gfxcode_crc value=\"" . $crckey . "\">\n"; + echo "<input type=hidden name=gfxcode_ts value=\"" . $ts . "\">\n"; + $ENABLE_COOKIE_TABLE = 1; + $dbh->query("INSERT INTO gfxcodes VALUES ('" . $code . "','" . $crckey . "','" . $ts . "')"); + $ENABLE_COOKIE_TABLE = 0; + echo "<tr><td></td><Td>"; + echo "<input type=text size=35 maxlength=$code_length name=gfxcode_val value=\"\">"; + echo "</td><td>"; + echo "<img src=\"gfx_code.php?crc=" . $crckey . "\" border=0 alt=\"Type Code in Box\">"; + echo "</td></tr>"; + +} +?> + <tr><td></td><td width="250"><input type="checkbox" name="terms">Do You Agree To The <a href="terms.php" target="new">Terms And Conditions</a></td><td></td></tr> <tr><td></td><td></td><td align="right"><input type="reset" value="Reset"><input type="submit" value="Signup"></td><td></td></tr> ----------------------- End of diff ----------------------- |