Welcome, Guest!!
follow us on... rss

Recent Posts

Pages: [1] 2 3 ... 10
1
I think your server must not actually be sending the query to us....the "Error: No return data from API query" tells me the query is probably not making it to our server or you'd be getting something back.

There's a section in the BotScout.php file like this:

Code: [Select]
if(function_exists('file_get_contents')){
// Use file_get_contents
$returned_data = file_get_contents($apiquery);
}else{
$ch = curl_init($apiquery);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$returned_data = curl_exec($ch);
curl_close($ch);
}

This bit determines whether the query is sent via file_get_contents() or via curl. It may be that your PHP config has a restriction on file_get_contents() or curl.

You could mod the code to force one or the other, but you might also want to look at the php.ini file or the output of phpinfo() to see if there are any restrictions imposed on either of those two functions.

As near as I can tell you're doing everything right at this point- the user email and IP are being put into the query correctly (not sure where the user name went, but that's not important at this point).

Can you check with your ISP and see if they can tell whether or not there are any restrictions on file_get_contents() or curl?




How do I use the "standard query" not XML?

I did everything but that step and submitted and got this:

Code: [Select]
FORM VAUES: UserID:
UserLevel:
UserName: krasnhello
UserEmail: krasnhello@mail.ru
Test String: http://botscout.com/test/?multi&mail=krasnhello%40mail.ru&ip=71.204.83.202&key=XXXXXXXXXXXXXX
RETURNED DATA:
Error: No return data from API query.
2
How do I use the "standard query" not XML?

I did everything but that step and submitted and got this:

Code: [Select]
FORM VAUES: UserID:
UserLevel:
UserName: krasnhello
UserEmail: krasnhello@mail.ru
Test String: http://botscout.com/test/?multi&mail=krasnhello%40mail.ru&ip=71.204.83.202&key=XXXXXXXXXXXXXX
RETURNED DATA:
Error: No return data from API query.
3
Okay, try this...

1) First, change these lines in your BotScout.php file:

BEFORE:
Code: [Select]
   // create your own custom form fields here
   // see documentation for more information
   $XUSER = $_POST['user_name'];
   $XMAIL = $_POST['user_email'];


AFTER:
Code: [Select]
   // create your own custom form fields here
   // see documentation for more information
   $XUSER = $user_name;
   $XMAIL = $user_email;




2) Then, find this section  in the registration.php file and make it look like this:

Code: [Select]
if (!$error) {
    $additional_field_sql = "";
    $additional_value_sql = "";
    if (!empty($additional_user_fields)) {
      $table_fields = $site_db->get_table_fields(USERS_TABLE);
      foreach ($additional_user_fields as $key => $val) {
        if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          $additional_field_sql .= ", $key";
          $additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }
     
   // add this line
   print "FORM VAUES: UserID: $user_id<br>UserLevel: $user_level<br>UserName: $user_name<br>UserEmail: $user_email <br>";


   // call the botscout file...
   ////////////////////////////////////////////////////
   // BotScout.com "BotBuster" check
   require(ROOT_PATH.'BotScout.php');
   ////////////////////////////////////////////////////


// quit here so we don't pollute the user table
exit;

    // (marker, these don't get changed)
    $activationkey = get_random_key(USERS_TABLE, get_user_table_field("", $user_table_fields['user_activationkey']));
    $user_id = $site_db->get_next_id($user_table_fields['user_id'], USERS_TABLE);



3) Turn on diagnostic output in the BotScout file, use the standard query to us (not XML), and try to register. Use a known bad name and email when you register:

name: krasnhello
email: krasnhello@mail.ru

...and let's see what gets printed out. :)


A return message of "Error: No return data from API query" means you're not getting any data sent back from us, and that's a problem. You should get something sent back that starts off, "API Data: (returned data)".

The only reasons I can think of for that happening is that maybe curl isn't configured correctly on the server or maybe it has some outgoing restriction on it. (??)
4
Would it be possible to send me the whole registration PHP code file?

Here it is. It shows you the different places I've tried to make it work and failed.

The current position of the BotScout include is about to be moved because it doesn't work in that spot either...
Code: [Select]
<?php
/**************************************************************************
 *                                                                        *
 *    4images - A Web Based Image Gallery Management System               *
 *    ----------------------------------------------------------------    *
 *                                                                        *
 *             File: register.php                                         *
 *        Copyright: (C) 2002-2009 Jan Sorgalla                           *
 *            Email: jan@4homepages.de                                    * 
 *              Web: http://www.4homepages.de                             * 
 *    Scriptversion: 1.7.7                                                *
 *                                                                        *
 *    Never released without support from: Nicky (http://www.nicky.net)   *
 *                                                                        *
 **************************************************************************
 *                                                                        *
 *    Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz-       *
 *    bedingungen (Lizenz.txt) für weitere Informationen.                 *
 *    ---------------------------------------------------------------     *
 *    This script is NOT freeware! Please read the Copyright Notice       *
 *    (Licence.txt) for further information.                              *
 *                                                                        *
 *************************************************************************/

$main_template 'register';

define('GET_CACHES'1);
define('ROOT_PATH''./');
 
define('MAIN_SCRIPT'__FILE__);
include(
ROOT_PATH.'global.php');
require(
ROOT_PATH.'includes/sessions.php');
$user_access get_permission();
include(
ROOT_PATH.'includes/page_header.php');

if (
$action == "") {
  
$action "signup";
}

if (
$user_info['user_level'] != GUEST && $action != "activate") {
  
show_error_page($lang['already_registered']);
}
$content "";

//-----------------------------------------------------
//--- Signup ------------------------------------------
//-----------------------------------------------------
if ($action == "signup") {
  
$site_template->register_vars(array(
    
"lang_agreement" => $lang['agreement'],
    
"lang_agreement_terms" => $lang['agreement_terms'],
    
"lang_agree" => $lang['agree'],
    
"lang_agree_not" => $lang['agree_not']
  ));
  
$content $site_template->parse_template("register_signup");
}

//-----------------------------------------------------
//--- Add New User ------------------------------------
//-----------------------------------------------------
if ($action == "register") {
  if (!isset(
$HTTP_POST_VARS['user_name'])) {
    if (
$config['activation_time'] != 0) {
      
$expiry time() - 60 60 24 $config['activation_time'];
      
$sql "DELETE FROM ".USERS_TABLE."
              WHERE ("
.get_user_table_field("""user_lastaction")." < $expiry) AND ".get_user_table_field("""user_level")." = ".USER_AWAITING;
      
$site_db->query($sql);
    }
  }
  
$user_name = (isset($HTTP_POST_VARS['user_name'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_name'])) : "";
  
$user_name preg_replace("/( ){2,}/"" "$user_name);
  
$user_password = (isset($HTTP_POST_VARS['user_password'])) ? trim($HTTP_POST_VARS['user_password']) : "";
  
$user_email = (isset($HTTP_POST_VARS['user_email'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email'])) : "";
  
$user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
  
$user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 1;
  
$user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;
  
$user_homepage = (isset($HTTP_POST_VARS['user_homepage'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_homepage'])) : "";
  
$user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? ((intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "") : "";


///////////////////////////////////////////////////
// NOT HERE - prints empty values
////////////////////////////////////////////////////


  
$captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  
$error 0;

///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  if (isset(
$HTTP_POST_VARS['user_name'])) {
    if (
$user_name != "") {
      
$sql "SELECT ".get_user_table_field("""user_name")."
              FROM "
.USERS_TABLE."
              WHERE "
.get_user_table_field("""user_name")." = '".strtolower($user_name)."'";
      if (
$site_db->not_empty($sql)) {
        
$msg .= (($msg != "") ? "<br />" "").$lang['username_exists'];
        
$error 1;
      }
    }
    else {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['user_name']), $lang['field_required']);
      
$error 1;
    }
if (
isaspammer($user_email)) {
      
$msg .= (($msg != "") ? "<br />" "").$lang['invalid_email_format']; // or add anything else, bots doesn't understand nothing :)
      
$error 1;
    }
  
    if (
$user_password == "") {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['password']), $lang['field_required']);
      
$error 1;
    }

    if (
$user_email != "") {
      if (
check_email($user_email)) {
        
$sql "SELECT ".get_user_table_field("""user_email")."
                FROM "
.USERS_TABLE."
                WHERE "
.get_user_table_field("""user_email")." = '".strtolower($user_email)."'";
        if (
$site_db->not_empty($sql)) {
          
$msg .= (($msg != "") ? "<br />" "").$lang['email_exists'];
          
$error 1;
        }
      }
      else {
        
$msg .= (($msg != "") ? "<br />" "").$lang['invalid_email_format'];
        
$error 1;
      }
    }
    else {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['email']), $lang['field_required']);
      
$error 1;
    }

    if (
$captcha_enable_registration && !captcha_validate($captcha)) {
      
$msg .= (($msg != "") ? "<br />" "").$lang['captcha_required'];
      
$error 1;
    }


    if (!empty(
$additional_user_fields)) {
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && intval($val[2]) == && trim($HTTP_POST_VARS[$key]) == "") {
          
$error 1;
          
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$val[0]), $lang['field_required']);
          
$msg .= (($msg != "") ? "<br />" "").$field_error;
        }
  
  
    
///////////////////////////////////////////////////
// NOT HERE - twice tested with require - No return data from API query.
////////////////////////////////////////////////////
  
      }

///////////////////////////////////////////////////
// NOT HERE - twice tested with require
////////////////////////////////////////////////////


    }    
  

////////////////////////////////////////////////////
// NOT HERE - twice tested with require
////////////////////////////////////////////////////
  
  } 
// end if


////////////////////////////////////////////////////
// NOT HERE - twice tested with require - throws page error too
////////////////////////////////////////////////////


  else {
    
$error 1;
  }

////////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  if (!
$error) {
    
$additional_field_sql "";
    
$additional_value_sql "";
    if (!empty(
$additional_user_fields)) {
      
$table_fields $site_db->get_table_fields(USERS_TABLE);
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          
$additional_field_sql .= ", $key";
          
$additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }
  
////////////////////////////////////////////////////
// BotScout.com "BotBuster" check
require(ROOT_PATH.'BotScout.php');
////////////////////////////////////////////////////
  
////////////////////////////////////////////////////
// NOT HERE - No return data from API query.
////////////////////////////////////////////////////
  

  
    
$activationkey get_random_key(USERS_TABLEget_user_table_field(""$user_table_fields['user_activationkey']));
    
$user_id $site_db->get_next_id($user_table_fields['user_id'], USERS_TABLE);

    
$current_time time();
    
$user_level = ($config['account_activation'] == 0) ? USER USER_AWAITING;
    
$user_password_hashed salted_hash($user_password);
    
$sql "INSERT INTO ".USERS_TABLE."
            ("
.get_user_table_field("""user_id").get_user_table_field(", ""user_level").get_user_table_field(", ""user_name").get_user_table_field(", ""user_password").get_user_table_field(", ""user_email").get_user_table_field(", ""user_showemail").get_user_table_field(", ""user_allowemails").get_user_table_field(", ""user_invisible").get_user_table_field(", ""user_joindate").get_user_table_field(", ""user_activationkey").get_user_table_field(", ""user_lastaction").get_user_table_field(", ""user_lastvisit").get_user_table_field(", ""user_comments").get_user_table_field(", ""user_homepage").get_user_table_field(", ""user_icq").$additional_field_sql.")
            VALUES
            (
$user_id$user_level, '$user_name', '$user_password_hashed', '$user_email', $user_showemail$user_allowemails$user_invisible$current_time, '$activationkey', $current_time$current_time, 0, '$user_homepage', '$user_icq'".$additional_value_sql.")";
$result $site_db->query($sql);
  
  

    if (
$result) {
      
$activation_url $script_url."/register.php?action=activate&activationkey=".$activationkey;

      include(
ROOT_PATH.'includes/email.php');
      
$site_email = new Email();
      
$site_email->set_to($user_email);
      
$site_email->set_subject($lang['register_success_emailsubject']);
      
$site_email->register_vars(array(
        
"activation_url" => $activation_url,
        
"user_name" => $user_name,
        
"user_password" => $user_password,
        
"site_name" => $config['site_name']
      ));

      switch(
$config['account_activation']) {
      case 
2:
        
$email_template "register_activation_admin";
        
$msg $lang['register_success_admin'];
        break;
      case 
1:
        if (
$config['language_dir_default'] != $config['language_dir']) {
          
$activation_url .= "&l=".$config['language_dir'];
        }
        
$email_template "register_activation";
        
$msg $lang['register_success'];
        break;
      case 
0:
      default:
        
$email_template "register_activation_none";
        
$msg $lang['register_success_none'];
        break;
      }

      
$site_email->set_body($email_template$config['language_dir']);
      
$site_email->send_email();
      if (
$config['account_activation'] == 2) {
        
$site_email->reset();
        
$site_email->set_to($config['site_email']);
        
$site_email->set_subject($lang['admin_activation_emailsubject']);
        
$user_details_url $script_url."/admin/index.php?goto=".urlencode("users.php?action=edituser&user_id=".$user_id."&activation=1");
        
$site_email->register_vars("user_details_url"$user_details_url);
        
$site_email->set_body("admin_activation"$config['language_dir_default']);
        
$site_email->send_email();
      }
    }
    else {
      
$msg $lang['general_error'];
    }
  }

  if (
$error) {
    if (
$user_showemail == 1) {
      
$user_showemail_yes " checked=\"checked\"";
      
$user_showemail_no "";
    }
    else {
      
$user_showemail_yes "";
      
$user_showemail_no " checked=\"checked\"";
    }
    if (
$user_allowemails == 1) {
      
$user_allowemails_yes " checked=\"checked\"";
      
$user_allowemails_no "";
    }
    else {
      
$user_allowemails_yes "";
      
$user_allowemails_no " checked=\"checked\"";
    }
    if (
$user_invisible == 1) {
      
$user_invisible_yes " checked=\"checked\"";
      
$user_invisible_no "";
    }
    else {
      
$user_invisible_yes "";
      
$user_invisible_no " checked=\"checked\"";
    }
    
$site_template->register_vars(array(
      
"user_name" => format_text(stripslashes($user_name), 2),
      
"user_email" => format_text(stripslashes($user_email), 2),
      
"user_homepage" => format_text(stripslashes($user_homepage), 2),
      
"user_icq" => $user_icq,
      
"user_showemail_yes" => $user_showemail_yes,
      
"user_showemail_no" => $user_showemail_no,
      
"user_allowemails_yes" => $user_allowemails_yes,
      
"user_allowemails_no" => $user_allowemails_no,
      
"user_invisible_yes" => $user_invisible_yes,
      
"user_invisible_no" => $user_invisible_no,
      
"lang_user_name" => $lang['user_name'],
      
"lang_password" => $lang['password'],
      
"lang_email" => $lang['email'],
      
"lang_register_msg" => $lang['register_msg'],
      
"lang_submit" => $lang['submit'],
      
"lang_reset" => $lang['reset'],
      
"lang_email" => $lang['email'],
      
"lang_show_email" => $lang['show_email'],
      
"lang_allow_emails" => $lang['allow_emails'],
      
"lang_invisible" => $lang['invisible'],
      
"lang_optional_infos" => $lang['optional_infos'],
      
"lang_homepage" => $lang['homepage'],
      
"lang_icq" => $lang['icq'],
      
"lang_yes" => $lang['yes'],
      
"lang_no" => $lang['no'],
      
"lang_captcha" => $lang['captcha'],
      
"lang_captcha_desc" => $lang['captcha_desc'],
      
"captcha_registration" => (bool)$captcha_enable_registration
    
));

    if (!empty(
$additional_user_fields)) {
      
$additional_field_array = array();
      foreach (
$additional_user_fields as $key => $val) {
        if (
$val[1] == "radio") {
          
$value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : 1;
          if (
$value == 1) {
            
$additional_field_array[$key.'_yes'] = " checked=\"checked\"";
            
$additional_field_array[$key.'_no'] = "";
          }
          else {
            
$additional_field_array[$key.'_yes'] = "";
            
$additional_field_array[$key.'_no'] = " checked=\"checked\"";
          }
        }
        else {
          
$value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : "";
        }
        
$additional_field_array[$key] = $value;
        
$additional_field_array['lang_'.$key] = $val[0];
      }
      if (!empty(
$additional_field_array)) {
        
$site_template->register_vars($additional_field_array);
      }
    }

    
$content $site_template->parse_template("register_form");
  }
}

if (
$action == "activate") {
  if (
$config['activation_time'] != 0) {
    
$expiry time() - 60 60 24 $config['activation_time'];
    
$sql "DELETE FROM ".USERS_TABLE."
            WHERE ("
.get_user_table_field("""user_lastaction")." < $expiry) AND ".get_user_table_field("""user_level")." = ".USER_AWAITING;
    
$site_db->query($sql);
  }
  if (!isset(
$HTTP_GET_VARS['activationkey'])){
    
$msg $lang['missing_activationkey'];
  }
  else {
    if (
$config['account_activation'] == && $user_info['user_level'] != ADMIN) {
      
show_error_page($lang['no_permission']);
      exit;
    }
    
$activationkey trim($HTTP_GET_VARS['activationkey']);
    
$sql "SELECT ".get_user_table_field("""user_name").get_user_table_field(", ""user_email").get_user_table_field(", ""user_activationkey")."
            FROM "
.USERS_TABLE."
            WHERE "
.get_user_table_field("""user_activationkey")." = '$activationkey'";
    
$row $site_db->query_firstrow($sql);
    if (!
$row) {
      
$msg $lang['invalid_activationkey'];
    }
    else {
      
$sql "UPDATE ".USERS_TABLE."
              SET "
.get_user_table_field("""user_level")." = ".USER."
              WHERE "
.get_user_table_field("""user_activationkey")." = '$activationkey'";
      
$site_db->query($sql);
      
$msg $lang['activation_success'];

      if (
$config['account_activation'] == 2) {
        include(
ROOT_PATH.'includes/email.php');
        
$site_email = new Email();
        
$site_email->set_to($row[$user_table_fields['user_email']]);
        
$site_email->set_subject($lang['activation_success_emailsubject']);
        
$site_email->register_vars(array(
          
"user_name" => $row[$user_table_fields['user_name']],
          
"site_name" => $config['site_name']
        ));
        
$site_email->set_body("activation_success"$config['language_dir']);
        
$site_email->send_email();
      }
    }
  }
}

//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$lang['register']."</span>";
$page_title $lang['register'].$config['category_separator']; // MOD: Dynamic page title

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
  
"content" => $content,
  
"msg" => $msg,
  
"clickstream" => $clickstream,
  
"page_title" => $page_title// MOD: Dynamic page title
  
"lang_register" => $lang['register']
));
$site_template->print_template($site_template->parse_template($main_template));
include(
ROOT_PATH.'includes/page_footer.php');
?>

5
This registration page submits to itself - would that make a difference? For example, when you go to the registration page you are on register.php.
When you click "Agree" you are still on register.php.
When you submit your info you are still on register.php

Submitting to the same page is very common and shouldn't be a problem.

The key things are 1) that the user name and email variables be populated and 2) that the BotScout.php file is called as soon as they're available (populated). And, of course, that this be done just before the submitted form fields are processed by the registration code.

Form fields filled out --> Form Submitted --> Botscout intercepts fields --> (accept or reject) --> Form fields processed



Either way - thanks for the help. If it can't be done with this script - I'll have to accept that. :)

We've never found a form that BotScout couldn't be made to work on. From SMF to Wordpress to Joomla to VBulletin and so on, it can be made to work on any form.

Contact forms and registration forms basically work the same way (taking in some fields and submitting them for processing) so I'm sure there's a way to make it work with your form as well.

Would it be possible to send me the whole registration PHP code file?
6
I have moved the code around a few times with the diagnostic turned on and keep getting the same error. I'll keep trying different spots in the code tomorrow. Usually, I'm not easily beaten by a script I need, so I refuse to give up.

I've been creating new accounts every time I change the code to test how it functions.

This registration page submits to itself - would that make a difference? For example, when you go to the registration page you are on register.php.
When you click "Agree" you are still on register.php.
When you submit your info you are still on register.php

Either way - thanks for the help. If it can't be done with this script - I'll have to accept that. :)
7
Code: [Select]
Test String: http://botscout.com/test/?multi&mail=MYEMAIL&ip=MY IP&key=MY KEY
RETURNED DATA:
Error: No return data from API query.


I'd have to review the code- I'm not sure if the "ERROR" indication means that something went wrong or not. It may just mean nothing way found, but according to the API docs it should always return something...hmmm.

Let us know what happens. You may also want to do a test registration just to make sure it's not blocking registrations for some reason.
8
Awesome tips - thanks.
I changed the code to "require" and moved it back to where I got the print statement to work before - tested and it worked again.
Then I changed the BotScout file to display the diagnostic information and it printed:

Code: [Select]
Test String: http://botscout.com/test/?multi&mail=MYEMAIL&ip=MY IP&key=MY KEY
RETURNED DATA:
Error: No return data from API query.

I changed the email, ip and key in the sample above - but they were correctly displayed.

Now I'm going to sit back and wait for a spammer to try it. I have notifications turned on. - Thanks for all of your help on this. *crossing fingers*
9
Okay here's what I think comes next:

1) Find a place in the submitted portion of the form code where the username and useremail values do print out whatever was entered into the form. This will ensure that the variables are available to the botscout code. 

2) Place the call to the botscout.php file immediately after that (or as close after it as feasible).

3) Also, instead of include(ROOT_PATH.'BotScout.php');, try using a require statement:

     require(ROOT_PATH.'BotScout.php');

Using require will force the code to halt if for some reason it's not actually finding the BotScout.php file, whereas include will not.

Finally, add a print/exit statement to the botscout.php code to verify it's actually being called and is running.
10

The code should halt at this point, printing out something like: username: (somevalue), usermail: (somevalue)

Does it halt and/or print anything out when you add that code and then try to register?

When inserted at this point it prints out username: and useremail - with no values. User has not put in those values yet. The regististration page is here:
http://comicartcommunity.com/gallery/register.php
When the code is inserted into the spot you pointed out, if you go to the page and click Agree it prints out username: and useremail - with no values.

I have used your print code to ensure values were getting passed later in the form though and it seemed to work. Here's my updated file of all the places I've tried the code so far. :) I'm marking them "not here" if I have uploaded it and subsequently received known bot registrations.

Code: [Select]
<?php


$main_template 
'register';

define('GET_CACHES'1);
define('ROOT_PATH''./');
 
define('MAIN_SCRIPT'__FILE__);
include(
ROOT_PATH.'global.php');
require(
ROOT_PATH.'includes/sessions.php');
$user_access get_permission();
include(
ROOT_PATH.'includes/page_header.php');

if (
$action == "") {
  
$action "signup";
}

if (
$user_info['user_level'] != GUEST && $action != "activate") {
  
show_error_page($lang['already_registered']);
}
$content "";

//-----------------------------------------------------
//--- Signup ------------------------------------------
//-----------------------------------------------------
if ($action == "signup") {
  
$site_template->register_vars(array(
    
"lang_agreement" => $lang['agreement'],
    
"lang_agreement_terms" => $lang['agreement_terms'],
    
"lang_agree" => $lang['agree'],
    
"lang_agree_not" => $lang['agree_not']
  ));
  
$content $site_template->parse_template("register_signup");
}

//-----------------------------------------------------
//--- Add New User ------------------------------------
//-----------------------------------------------------
if ($action == "register") {
  if (!isset(
$HTTP_POST_VARS['user_name'])) {
    if (
$config['activation_time'] != 0) {
      
$expiry time() - 60 60 24 $config['activation_time'];
      
$sql "DELETE FROM ".USERS_TABLE."
              WHERE ("
.get_user_table_field("""user_lastaction")." < $expiry) AND ".get_user_table_field("""user_level")." = ".USER_AWAITING;
      
$site_db->query($sql);
    }
  }
  
$user_name = (isset($HTTP_POST_VARS['user_name'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_name'])) : "";
  
$user_name preg_replace("/( ){2,}/"" "$user_name);
  
$user_password = (isset($HTTP_POST_VARS['user_password'])) ? trim($HTTP_POST_VARS['user_password']) : "";
  
$user_email = (isset($HTTP_POST_VARS['user_email'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email'])) : "";
  
$user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
  
$user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 1;
  
$user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;
  
$user_homepage = (isset($HTTP_POST_VARS['user_homepage'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_homepage'])) : "";
  
$user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? ((intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "") : "";


///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  
$captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  
$error 0;

///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  if (isset(
$HTTP_POST_VARS['user_name'])) {
    if (
$user_name != "") {
      
$sql "SELECT ".get_user_table_field("""user_name")."
              FROM "
.USERS_TABLE."
              WHERE "
.get_user_table_field("""user_name")." = '".strtolower($user_name)."'";
      if (
$site_db->not_empty($sql)) {
        
$msg .= (($msg != "") ? "<br />" "").$lang['username_exists'];
        
$error 1;
      }
    }
    else {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['user_name']), $lang['field_required']);
      
$error 1;
    }
if (
isaspammer($user_email)) {
      
$msg .= (($msg != "") ? "<br />" "").$lang['invalid_email_format']; // or add anything else, bots doesn't understand nothing :)
      
$error 1;
    }
    if (
$user_password == "") {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['password']), $lang['field_required']);
      
$error 1;
    }

    if (
$user_email != "") {
      if (
check_email($user_email)) {
        
$sql "SELECT ".get_user_table_field("""user_email")."
                FROM "
.USERS_TABLE."
                WHERE "
.get_user_table_field("""user_email")." = '".strtolower($user_email)."'";
        if (
$site_db->not_empty($sql)) {
          
$msg .= (($msg != "") ? "<br />" "").$lang['email_exists'];
          
$error 1;
        }
      }
      else {
        
$msg .= (($msg != "") ? "<br />" "").$lang['invalid_email_format'];
        
$error 1;
      }
    }
    else {
      
$msg .= (($msg != "") ? "<br />" "").$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['email']), $lang['field_required']);
      
$error 1;
    }

    if (
$captcha_enable_registration && !captcha_validate($captcha)) {
      
$msg .= (($msg != "") ? "<br />" "").$lang['captcha_required'];
      
$error 1;
    }


    if (!empty(
$additional_user_fields)) {
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && intval($val[2]) == && trim($HTTP_POST_VARS[$key]) == "") {
          
$error 1;
          
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$val[0]), $lang['field_required']);
          
$msg .= (($msg != "") ? "<br />" "").$field_error;
        }
  
    
///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////
  
      }

///////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////

    
}  

////////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////
  
  } 
// end if

////////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  else {
    
$error 1;
  }

////////////////////////////////////////////////////
// NOT HERE
////////////////////////////////////////////////////


  if (!
$error) {
    
$additional_field_sql "";
    
$additional_value_sql "";
    if (!empty(
$additional_user_fields)) {
      
$table_fields $site_db->get_table_fields(USERS_TABLE);
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          
$additional_field_sql .= ", $key";
          
$additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }
    
$activationkey get_random_key(USERS_TABLEget_user_table_field(""$user_table_fields['user_activationkey']));
    
$user_id $site_db->get_next_id($user_table_fields['user_id'], USERS_TABLE);

    
$current_time time();
    
$user_level = ($config['account_activation'] == 0) ? USER USER_AWAITING;
    
$user_password_hashed salted_hash($user_password);
    
$sql "INSERT INTO ".USERS_TABLE."
            ("
.get_user_table_field("""user_id").get_user_table_field(", ""user_level").get_user_table_field(", ""user_name").get_user_table_field(", ""user_password").get_user_table_field(", ""user_email").get_user_table_field(", ""user_showemail").get_user_table_field(", ""user_allowemails").get_user_table_field(", ""user_invisible").get_user_table_field(", ""user_joindate").get_user_table_field(", ""user_activationkey").get_user_table_field(", ""user_lastaction").get_user_table_field(", ""user_lastvisit").get_user_table_field(", ""user_comments").get_user_table_field(", ""user_homepage").get_user_table_field(", ""user_icq").$additional_field_sql.")
            VALUES
            (
$user_id$user_level, '$user_name', '$user_password_hashed', '$user_email', $user_showemail$user_allowemails$user_invisible$current_time, '$activationkey', $current_time$current_time, 0, '$user_homepage', '$user_icq'".$additional_value_sql.")";
$result $site_db->query($sql);

    if (
$result) {
      
$activation_url $script_url."/register.php?action=activate&activationkey=".$activationkey;

      include(
ROOT_PATH.'includes/email.php');
      
$site_email = new Email();
      
$site_email->set_to($user_email);
      
$site_email->set_subject($lang['register_success_emailsubject']);
      
$site_email->register_vars(array(
        
"activation_url" => $activation_url,
        
"user_name" => $user_name,
        
"user_password" => $user_password,
        
"site_name" => $config['site_name']
      ));

      switch(
$config['account_activation']) {
      case 
2:
        
$email_template "register_activation_admin";
        
$msg $lang['register_success_admin'];
        break;
      case 
1:
        if (
$config['language_dir_default'] != $config['language_dir']) {
          
$activation_url .= "&l=".$config['language_dir'];
        }
        
$email_template "register_activation";
        
$msg $lang['register_success'];
        break;
      case 
0:
      default:
        
$email_template "register_activation_none";
        
$msg $lang['register_success_none'];
        break;
      }

      
$site_email->set_body($email_template$config['language_dir']);
      
$site_email->send_email();
      if (
$config['account_activation'] == 2) {
        
$site_email->reset();
        
$site_email->set_to($config['site_email']);
        
$site_email->set_subject($lang['admin_activation_emailsubject']);
        
$user_details_url $script_url."/admin/index.php?goto=".urlencode("users.php?action=edituser&user_id=".$user_id."&activation=1");
        
$site_email->register_vars("user_details_url"$user_details_url);
        
$site_email->set_body("admin_activation"$config['language_dir_default']);
        
$site_email->send_email();
      }
    }
    else {
      
$msg $lang['general_error'];
    }
  }

  if (
$error) {
    if (
$user_showemail == 1) {
      
$user_showemail_yes " checked=\"checked\"";
      
$user_showemail_no "";
    }
    else {
      
$user_showemail_yes "";
      
$user_showemail_no " checked=\"checked\"";
    }
    if (
$user_allowemails == 1) {
      
$user_allowemails_yes " checked=\"checked\"";
      
$user_allowemails_no "";
    }
    else {
      
$user_allowemails_yes "";
      
$user_allowemails_no " checked=\"checked\"";
    }
    if (
$user_invisible == 1) {
      
$user_invisible_yes " checked=\"checked\"";
      
$user_invisible_no "";
    }
    else {
      
$user_invisible_yes "";
      
$user_invisible_no " checked=\"checked\"";
    }
    
$site_template->register_vars(array(
      
"user_name" => format_text(stripslashes($user_name), 2),
      
"user_email" => format_text(stripslashes($user_email), 2),
      
"user_homepage" => format_text(stripslashes($user_homepage), 2),
      
"user_icq" => $user_icq,
      
"user_showemail_yes" => $user_showemail_yes,
      
"user_showemail_no" => $user_showemail_no,
      
"user_allowemails_yes" => $user_allowemails_yes,
      
"user_allowemails_no" => $user_allowemails_no,
      
"user_invisible_yes" => $user_invisible_yes,
      
"user_invisible_no" => $user_invisible_no,
      
"lang_user_name" => $lang['user_name'],
      
"lang_password" => $lang['password'],
      
"lang_email" => $lang['email'],
      
"lang_register_msg" => $lang['register_msg'],
      
"lang_submit" => $lang['submit'],
      
"lang_reset" => $lang['reset'],
      
"lang_email" => $lang['email'],
      
"lang_show_email" => $lang['show_email'],
      
"lang_allow_emails" => $lang['allow_emails'],
      
"lang_invisible" => $lang['invisible'],
      
"lang_optional_infos" => $lang['optional_infos'],
      
"lang_homepage" => $lang['homepage'],
      
"lang_icq" => $lang['icq'],
      
"lang_yes" => $lang['yes'],
      
"lang_no" => $lang['no'],
      
"lang_captcha" => $lang['captcha'],
      
"lang_captcha_desc" => $lang['captcha_desc'],
      
"captcha_registration" => (bool)$captcha_enable_registration
    
));

    if (!empty(
$additional_user_fields)) {
      
$additional_field_array = array();
      foreach (
$additional_user_fields as $key => $val) {
        if (
$val[1] == "radio") {
          
$value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : 1;
          if (
$value == 1) {
            
$additional_field_array[$key.'_yes'] = " checked=\"checked\"";
            
$additional_field_array[$key.'_no'] = "";
          }
          else {
            
$additional_field_array[$key.'_yes'] = "";
            
$additional_field_array[$key.'_no'] = " checked=\"checked\"";
          }
        }
        else {
          
$value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : "";
        }
        
$additional_field_array[$key] = $value;
        
$additional_field_array['lang_'.$key] = $val[0];
      }
      if (!empty(
$additional_field_array)) {
        
$site_template->register_vars($additional_field_array);
      }
    }

    
$content $site_template->parse_template("register_form");
  }
}

if (
$action == "activate") {
  if (
$config['activation_time'] != 0) {
    
$expiry time() - 60 60 24 $config['activation_time'];
    
$sql "DELETE FROM ".USERS_TABLE."
            WHERE ("
.get_user_table_field("""user_lastaction")." < $expiry) AND ".get_user_table_field("""user_level")." = ".USER_AWAITING;
    
$site_db->query($sql);
  }
  if (!isset(
$HTTP_GET_VARS['activationkey'])){
    
$msg $lang['missing_activationkey'];
  }
  else {
    if (
$config['account_activation'] == && $user_info['user_level'] != ADMIN) {
      
show_error_page($lang['no_permission']);
      exit;
    }
    
$activationkey trim($HTTP_GET_VARS['activationkey']);
    
$sql "SELECT ".get_user_table_field("""user_name").get_user_table_field(", ""user_email").get_user_table_field(", ""user_activationkey")."
            FROM "
.USERS_TABLE."
            WHERE "
.get_user_table_field("""user_activationkey")." = '$activationkey'";
    
$row $site_db->query_firstrow($sql);
    if (!
$row) {
      
$msg $lang['invalid_activationkey'];
    }
    else {
      
$sql "UPDATE ".USERS_TABLE."
              SET "
.get_user_table_field("""user_level")." = ".USER."
              WHERE "
.get_user_table_field("""user_activationkey")." = '$activationkey'";
      
$site_db->query($sql);
      
$msg $lang['activation_success'];

      if (
$config['account_activation'] == 2) {
        include(
ROOT_PATH.'includes/email.php');
        
$site_email = new Email();
        
$site_email->set_to($row[$user_table_fields['user_email']]);
        
$site_email->set_subject($lang['activation_success_emailsubject']);
        
$site_email->register_vars(array(
          
"user_name" => $row[$user_table_fields['user_name']],
          
"site_name" => $config['site_name']
        ));
        
$site_email->set_body("activation_success"$config['language_dir']);
        
$site_email->send_email();
      }
    }
  }
}

//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$lang['register']."</span>";
$page_title $lang['register'].$config['category_separator']; // MOD: Dynamic page title

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
  
"content" => $content,
  
"msg" => $msg,
  
"clickstream" => $clickstream,
  
"page_title" => $page_title// MOD: Dynamic page title
  
"lang_register" => $lang['register']
));
$site_template->print_template($site_template->parse_template($main_template));
include(
ROOT_PATH.'includes/page_footer.php');
?>


Pages: [1] 2 3 ... 10