Referral system for RevCMS?
- Thread starter Ch0wd3r
- Start date
This is possibly the easiest thing to code ever:/
Just do it your self...
Open class.users.php and on the "header("location...");" on the register forum put if(isset($_GET['ref'])) { } before the header part then put your mysql query... and do a check as well so not same IP...
Just do it your self...
Open class.users.php and on the "header("location...");" on the register forum put if(isset($_GET['ref'])) { } before the header part then put your mysql query... and do a check as well so not same IP...
CosmoTrigger
Member
- Dec 30, 2012
- 60
- 7
I suggest you don't implement this, I mean its good, but people will cheat the system with hotspot shield and what not.
But i'm not here to tell you what to do so try this:
Referer : <input type="text" name="referal" />
<?php
$ref = $_POST['referal'];
if($ref=="")
{//normal register scriptelse{mysql_query("UPDATE users SET credits=AMOUNTOFCOINS WHERE username = $ref");
}
But i'm not here to tell you what to do so try this:
Referer : <input type="text" name="referal" />
<?php
$ref = $_POST['referal'];
if($ref=="")
{//normal register scriptelse{mysql_query("UPDATE users SET credits=AMOUNTOFCOINS WHERE username = $ref");
}
Don't do that...
1) It resets the users credits to "AMOUTOFCOINTS".
2)You can spam for credits by just using a post function.
3)in codding never use "$ref==""" always use isset or empty
3) Exploit "$ref = $_POST['referal'];" and username = $ref");
CosmoTrigger
Member
- Dec 30, 2012
- 60
- 7
damn man, I didn't even catch that, but It took me 2 seconds, didnt even look at it really
Also I think a referral section on the register page would be better, not the link idea.
PHP:
if(isset($_GET['ref']))
{
$_GET['ref'] == $engine->secure($_GET['ref']));
$q = mysql_query("select id, last_ip from users where username = '{$_GET['ref']}'");
$f = mysql_fetch_assoc($q);
if(mysql_num_rows($q) == 1)
{
if($f['last_ip'] == $_SERVER['REMOTE_ADDR'])
{
$template->form->error = 'The IP of this account is the same as yours';
return;
}else{
$q1 = mysql_query("SELECT credits FROM users WHERE username = '{$_GET['ref']}'");
$f1 = mysql_fetch_assoc($q1);
$newcoins = $f1['credits']+5000;
mysql_query("UPDATE users SET credits='{$newcoins}' WHERE username = '{$_GET['href']'}";
}
}else{
$template->form->error = 'Referal username was not found.';
return;
}
}
unset($q, $f, $q1, $f1);I think this will work i havn't tested it, i just made it on the spot if you need any help just ask and if there is a santax error i will fix it for you, looking at it looks okay...
app/tpl/class.users.php
Find the line:
Then after the {
Put the code.... Then save it... then you're done...
Referral link:
{url}/index.php?url=register&ref={username}
Find the line:
Code:
if($this->isBanned($_SERVER['REMOTE_ADDR']) == false)
{
if(!$this->hasClones($_SERVER['REMOTE_ADDR']))
{Then after the {
Put the code.... Then save it... then you're done...
Referral link:
{url}/index.php?url=register&ref={username}
- Status
