TakeLogin issue

Started by BamBam0077, May 09, 2014, 02:13:36 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

cm27

#4
May 10, 2014, 12:28:22 AM Last Edit: May 10, 2014, 12:32:44 AM by cm27
There is no different between then as if my memory is right I think it dont change until TBDev source .. But V2 and V3 are the same.. I will look at this script in a few and get back here.. to  be honesty not sure what your doing here post all the files and I can take a look..
Never fall to those that just sit there.. Always look for the way to the top even if you have to code it your self and mistakes and all... quote from BonZO...

BamBam0077

#3
May 09, 2014, 03:24:15 PM
Quote from: Tundracanine on May 09, 2014, 02:43:47 PM
My only guess and guessing at that is the way the password hash is different between the 2. I would check how its made in stock V3 and V2 and see if different.  If your password hash is different or the cookies not being set right it will throw out bad password issue.

Thanks for your reply bro appreciate.
"When Darkness Shadows Your Doubts, Deep Within Us Is Our Key, Not Success But Everything" ~ Anonymous

Tundracanine

#2
May 09, 2014, 02:43:47 PM
My only guess and guessing at that is the way the password hash is different between the 2. I would check how its made in stock V3 and V2 and see if different.  If your password hash is different or the cookies not being set right it will throw out bad password issue.
If wanting support help please put bare min info like
Os:
U-232 Version:
Php Version:
Tracker type: like xbt or php
Saves on asking more questions just so people can help someone.

BamBam0077

#1
May 09, 2014, 02:13:36 PM
Hello U-232,

I am creating a new login for v2 & will upgrade to v3 once it is 100% working just wondering if someone might be able to help me out. everytime I place in my username & password I get taken to takelogin with it saying "Password or Username incorrect." which I know is false.

here is my is my takelogin if someone might be able to point me into the correct way to make it work to go to index.php...

takelogin:
Code Select

<?php
/**
 *   http://btdev.net:1337/svn/test/Installer09_Beta
 *   Licence Info: GPL
 *   Copyright (C) 2010 BTDev Installer v.1
 *   A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
 *   Project Leaders: Mindless,putyn.
 **/

require_once(INCL_DIR.'password_functions.php');
require_once(dirname(__FILE__).DIRECTORY_SEPARATOR.'include'.DIRECTORY_SEPARATOR.'bittorrent.php');
require_once(dirname(__FILE__).DIRECTORY_SEPARATOR.'include'.DIRECTORY_SEPARATOR.'user_functions.php');
require_once(dirname(__FILE__).DIRECTORY_SEPARATOR.'include'.DIRECTORY_SEPARATOR.'class'.DIRECTORY_SEPARATOR.'page_verify.php');

$sha sha1($_SERVER['REMOTE_ADDR']);


if (!mkglobal('username:password'))
      die('Password or Username incorrect.');  
      
session_start();
    if(empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection){
        header('Location: login/index.php');
        exit();
    }

    dbconn();
    
    $lang array_mergeload_language('global'), load_language('takelogin') );
    
   $freshpage = new page_verify(); 
   $freshpage -> create('take-account');

    function bark($text 'Username or password incorrect')
    {
    global $lang;
    @fclose(@fopen(''.$TBDEV['dictbreaker'].'/' sha1($_SERVER['REMOTE_ADDR']), 'w'));
    stderr($lang['tlogin_failed'], $text);
    }
    
    
    $res sql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = " sqlesc($username) . " AND status = 'confirmed'");
    $row mysql_fetch_assoc($res);

    if ($row['passhash'] != make_passhash$row['secret'], md5($password) ) ) {
    $ip sqlesc(getip());
    $added sqlesc(time());
    $fail = (@mysql_fetch_row(@sql_query("select count(*) from failedlogins where ip=$ip"))) or sqlerr(__FILE____LINE__);
    if ($fail[0] == 0)
    sql_query("INSERT INTO failedlogins (ip, added, attempts) VALUES ($ip$added, 1)") or sqlerr(__FILE____LINE__);
    else
    sql_query("UPDATE failedlogins SET attempts = attempts + 1 where ip=$ip") or sqlerr(__FILE____LINE__);
    @fclose(@fopen('' $TBDEV['dictbreaker'] . '/' sha1($_SERVER['REMOTE_ADDR']), 'w'));
    $to = ($row["id"]);
    $subject="Failed login";
   $msg "[color=red]Security alert[/color]\n Account: ID=".$row['id']." Somebody (probably you, ".$username." !) tried to login but failed!""\nTheir [b]Ip Address [/b] was : "$ip "\n If this wasn't you please report this event to a {$TBDEV['site_name']} staff member\n - Thank you.\n";
   $sql "INSERT INTO messages (sender, receiver, msg, subject, added) VALUES('System', '$to', "sqlesc($msg).", "sqlesc($subject).", $added);";
   $res sql_query($sql) or sqlerr(__FILE____LINE__);
   stderr("Login failed !""<b>Error</b>: Username or password entry incorrect <br />Have you forgotten your password? <a href='{$TBDEV['baseurl']}/resetpw.php'><b>Recover</b></a> your password !");
   bark();
    }

    if ($row['enabled'] == 'no')
      bark($lang['tlogin_disabled']);

    $passh md5($row["passhash"].$_SERVER["REMOTE_ADDR"]);
    logincookie($row["id"], $passh);
    
    $ip sqlesc(getip());
   sql_query("DELETE FROM failedlogins WHERE ip = $ip");

      header("Location: index.php");

?>

"When Darkness Shadows Your Doubts, Deep Within Us Is Our Key, Not Success But Everything" ~ Anonymous
Print
Go Up Pages1
User actions