• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Website Problems

helflin

helflin

New Member
Joined
Sep 8, 2011
Messages
9
Reaction score
0
Location
Rio de Janeiro
When I create a character for the page (Account Management), I can create players with these names, example: Player'One, Player-Two.

' and -

My check_name.php:

PHP: 
<?PHP
echo '<?xml version="1.0" encoding="utf-8" standalone="yes"?>';
$config_ini = parse_ini_file('../config/config.ini');
include('../config/config.php');
$name = strtolower(stripslashes(trim($_REQUEST['name'])));
if(empty($name))
{
echo '<font color="red">Please enter new character name.</font>';
exit;
}
//first word can't be:
$first_words_blocked = array('drugovich', 'drugo', 'adm', 'gm ','cm ', 'god ','tutor ', "'", '-');
//names blocked:
$names_blocked = array('puta', 'simoni', 'simone', 'porra', 'buceta', 'caralho', 'thunder', 'training', 'trimera', 'serve', 'drugovich', 'drugo', 'adm', 'gm', 'cm', 'god', 'tutor');
//name can't contain:
$words_blocked = array('gamemaster', 'game master', 'game-master', "game'master", '  ', '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor');
$temp = strspn("$name", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '");
if($temp != strlen($name))
{
echo '<font color="red">Name contains illegal letters. Use only: <b>qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- \'</b></font>';
exit;
}
if(strlen($name) > 19)
{
echo '<font color="red">Too long name. Max. lenght <b>19</b> letters.</font>';
exit;
}
foreach($names_blocked as $word)
if($word == $name)
{
echo '<font color="red">Blocked names:<b> '.$names_blocked[0];
if(count($names_blocked) > 1)
foreach($names_blocked as $word)
if($word != $names_blocked[0])
echo ','.$word;
echo '</b></font>';
exit;
}
foreach($config['site']['monsters'] as $word)
if($word == $name)
{
echo '<font color="red"><b>You can not use monster name.</b></font>';
exit;
}
foreach($config['site']['npc'] as $word)
if($word == $name)
{
echo '<font color="red"><b>You can not use NPC name.</b></font>';
exit;
}
foreach($first_words_blocked as $word)
if($word == substr($name, 0, strlen($word)))
{
echo '<font color="red">First letters in name can\'t be:<b> '.$first_words_blocked[0];
if(count($first_words_blocked) > 1)
foreach($first_words_blocked as $word)
if($word != $first_words_blocked[0])
echo ','.$word;
echo '</b></font>';
exit;
}
if(substr($name, -1) == "'" || substr($name, -1) == "-"||!preg_match('/^[A-Za-z0-9]+$/', $name))
{
echo '<font color="red">Last letter can\'t be <b>\'</b> and <b>-</b></font>';
exit;
}
foreach($words_blocked as $word)
if (!(strpos($name, $word) === false))
{
echo '<font color="red">Name can\'t cointain words:<b> '.$words_blocked[0];
if(count($words_blocked) > 1)
foreach($words_blocked as $word)
if($word != $words_blocked[0])
echo ','.$word;
echo '</b></font>';
exit;
}
for($i = 0; $i < strlen($name); $i++)
if($name[$i] == $name[($i+1)] && $name[$i] == $name[($i+2)])
{
echo '<font color="red">Name can\'t contain 3 same letters one by one.</font><br /><font color="green"><u>Good:</u> M<b>oo</b>nster</font><font color="red"><br />Wrong: M<b>ooo</b>nster</font>';
exit;
}
for($i = 0; $i < strlen($name); $i++)
if($name[$i-1] == ' ' && $name[$i+1] == ' ')
{
echo '<font color="red">Use normal name format.</font><br /><font color="green"><u>Good:</u> <b>Gesior</b></font><font color="red"><br />Wrong: <b>G e s ior</b></font>';
exit;
}
if(substr($name, 1, 1) == ' ')
{
echo '<font color="red">Use normal name format.</font><br /><font color="green"><u>Good:</u> <b>Gesior</b></font><font color="red"><br />Wrong: <b>G esior</b></font>';
exit;
}
if(substr($name, -2, 1) == " ")
{
echo '<font color="red">Use normal name format.</font><br /><font color="green"><u>Good:</u> <b>Gesior</b></font><font color="red"><br />Wrong: <b>Gesio r</b></font>';
exit;
}
else
//connect to DB
$server_config = parse_ini_file($config_ini['server_path'].'config.lua');
if(isset($server_config['mysqlHost']))
{
//new (0.2.6+) ots config.lua file
$mysqlhost = $server_config['mysqlHost'];
$mysqluser = $server_config['mysqlUser'];
$mysqlpass = $server_config['mysqlPass'];
$mysqldatabase = $server_config['mysqlDatabase'];
$sqlitefile = $server_config['sqliteDatabase'];
}
elseif(isset($server_config['sqlHost']))
{
//old (0.2.4) ots config.lua file
$mysqlhost = $server_config['sqlHost'];
$mysqluser = $server_config['sqlUser'];
$mysqlpass = $server_config['sqlPass'];
$mysqldatabase = $server_config['sqlDatabase'];
$sqlitefile = $server_config['sqliteDatabase'];
}
// loads #####POT mainfile#####
include('../pot/OTS.php');
// PDO and POT connects to database
$ots = POT::getInstance();
if($server_config['sqlType'] == "mysql")
$ots->connect(POT::DB_MYSQL, array('host' => $mysqlhost, 'user' => $mysqluser, 'password' => $mysqlpass, 'database' => $mysqldatabase) );
elseif($server_config['sqlType'] == "sqlite")
$ots->connect(POT::DB_SQLITE, array('database' => $config_ini['server_path'].$sqlitefile));
$name_db = new OTS_Player();
$name_db->find($name);
if($name_db->isLoaded())
echo '<font color="red"><b>Player with this name already exist.</b></font>';
else
echo '<font color="green">Good. Your name will be:<br />"<b>'.ucwords($name).'</b>"</font>';
?>

And when I try to create these characters by the create account page is locked, ie I want to do it in another file, up there.

Player'test
This name contains invalid letters. Please use only AZ, az and space!

My ajax_charactername.php

PHP: 
<?PHP
$t=time();
ob_start('ob_gzhandler');
header('Connection: close');
if(!isset($_SERVER['HTTP_X_REQUESTED_WITH']) || $_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest')
   exit();

header('X-Ajax-Cip-Response-Type: Container');

function f($e) {
   die('{"AjaxObjects": [{"DataType": "Attributes","Data": "style=background-image:url(account/nok.gif)","Target": "#charactername_indicator"},{"DataType": "HTML","Data": "'.$e.'","Target": "#charactername_errormessage"},{"DataType": "Attributes","Data": "class=red","Target": "#charactername_label"}]}');
}

$s = isset($_POST['a_CharacterName']) ? $_POST['a_CharacterName'] : '';

if(empty($s))
   f('Please enter a name for your character!');
elseif(strlen($s) < 2 || strlen($s) > 29)
   f('A name must have at least 2 but no more than 29 letters!');
elseif(preg_match('/[^a-zA-Z ]/', $s))
   f('This name contains invalid letters. Please use only A-Z, a-z and space!');
elseif($s[0] == ' ')
   f('This name contains a space at the beginning. Please remove this space!');
elseif(substr($s, -1) == ' ')
   f('This name contains a space at the end. Please remove this space!');
elseif(!ctype_upper($s[0]))
   f('The first letter of a name has to be a capital letter!');
elseif(strpos($s, '  ') !== false)
   f('This name contains more than one space between words. Please use only one space between words!');

foreach(explode(' ', $s) as $k => $v) {
   $words[$k] = str_split($v);
   $len = strlen($v);
   if($len == 1)
     f('This name contains a word with only one letter. Please use more than one letter for each word!');
   elseif($len > 14)
     f('This name contains a word that is too long. Please use no more than 14 letters for each word!');
   $total=0;
   foreach($words as $k => $p) {
     $total++;
     if($total > 3)
       f('This name contains more than 3 words. Please choose another name!');
     $len=0;
     foreach($p as $i => $j) {
       $len++;
       if($i != 0 && ctype_upper($j))
         f('In names capital letters are only allowed at the beginning of a word!');
       elseif($i == $len-1) {
         $ff=null;
         for($h=0;$h<strlen($v); $h++) {
           if(in_array(strtolower($v[$h]), array('a','e','i','o','u')) !== false) {
             $ff=true;
             break;
           }
         }
         if(!$ff)
           f('This name contains a word without vowels. Please choose another name!');
       }
     }
   }
}
$s = strtolower($s);
for($i = 0; $i < strlen($s); $i++)
   if($s[$i] == $s[($i+1)] && $s[$i] == $s[($i+2)])
     f('This character name is already used. Please select another one!');
foreach(array('aa ', 'ee', 'ii', 'oo', 'uu', 'gm','cm', 'aff ', 'god ', 'abc', 'tutor', 'game', 'admin', 'the ') as $v)
   if($v == substr($s, 0, strlen($v)))
     f('This character name is already used. Please select another one!');
foreach(array('game', 'customer', 'support', 'fuck', 'haha', 'sux', ' abc', 'suck', 'noob', 'tutor', 'admin', 'account', 'gay', 'password', 'manager') as $v)
   if(strpos($s, $v) !== false)
     f('This character name is already used. Please select another one!');

$c = parse_ini_file('../config/config.ini');
$c = parse_ini_file($c['server_path'].'config.lua');

$conn = mysql_pconnect($c['sqlHost'], $c['sqlUser'], $c['sqlPass']) or die();
mysql_select_db($c['sqlDatabase']);

if(mysql_num_rows(mysql_query('SELECT id FROM players WHERE name=\''.mysql_escape_string($s).'\' LIMIT 1')) != 0)
   f('This character name is already used. Please select another one!');

echo '{"AjaxObjects": [{"DataType": "Attributes","Data": "style=background-image:url(account/ok.gif);","Target": "#charactername_indicator"},{"DataType": "HTML","Data": "","Target": "#charactername_errormessage"},{"DataType": "Attributes","Data": "class=","Target": "#charactername_label"}]}';
?>

And in the first file(check_name.php) i can't create characters with name of monsters and npcs, and in the second file(ajax_charactername.php) i can create, but i need put these to don't create.
 
Back
Top