Jump to content

Dynamic Signature Tutorial - WITH PICTURES


Tom

Recommended Posts

Gonna give this tutorial thing a crack ya know

 

Introduction

What is a Dynamic Signature?

A Dynamic Signature is an automatically updating image that will display a group of statistics for individual, or a certain amount of users.

It uses PHP scripts to write over the top of an already existing image with data from a specified database, and then outputs it as a new image.

 

Example of a grouped user dynamic signature:

signature.png?player_name=ALL

 

Example of an individual user dynamic signature:

signature.png?player_name=Mykindos

 

What are the benefits of creating a dynamic signature?

 

Dynamic signatures are a great way to display data, and it also gives users of your script something to show off.

For example, you want to find out how long an individual user has run a certain script for, but all you can see is the time ran in milliseconds, which isn't very readable.

kqRxu.png

Requirements

- A web server / website

- A MySQL Database

- A brain basic understanding of programming concepts

- The ability to understand what I am trying to demonstrate, I am by no means a teacher.

 

The Beef

So lets get started. With my current setup, I am using 2 separate PHP files, one is for updating the database with the new data for each user, and the other is for generating 

 

Creation of the Database

The database is the most important thing when it comes to creating the dynamic signature, as you might of guessed, it stores all of your data.

 

I'm going to assume most of you are going to access your database through your webhost, and I will use my webhost as an example in the tutorial, but if you do not use a web host, and need help setting up the database with appropriate tables, feel free to ask.

 

Step 1. Access your web hosting cPanel.

Step 2. Create a database user with all privileges:

 

First thing you need to do here, is navigate to the MySQL section of cPanel, which usually you have to scroll down a tiny bit to find.

kqSE0.png

And select MySQL Databases.

 

Now, you may need to scroll down again, but you should see the Add MySQL User option on the screen

kqSI3.png

(Ignore the timestop_ part, this is the name my hosting provider decided to give me)

Fill in the details, and click create.

 

You now have a MySQL user, and if i entered 'Tom' into the first text field, my username would be timestop_tom, and yours could be peter_smith, or even just smith.

 

Step 3. Creating a database

For this you can stay on the same page as before, but it is generally located towards the top of the page.

 

kqSRt.png

Once again, ignore the timestop part, as that is unique to me, you will have your own prefix.

 

Click create, and you are done for this step.

 

Step 4. Assigning the user you created to the database you created.

This step is very important, as you want the requires privileges.

 

Go down towards the bottom of the same page as before, and you should see:

kqSZ3.png

Select the user you just created, then the database you have just created, and click add.

 

You will then be navigated to a page containing something like this, but it may be different

kqT1R.png

You want to give yourself every single privilege, this can be done easily just by checking the ALL  PRIVILEGE checkbox if there is one.

Finish by clicking Make Changes.

 

Step 5. Creating a table in your database

This is a little more tricky, but it can be done using the built in phpMyAdmin that generally comes with cPanel, or just simple software like Navicat Lite.

 

You can access phpMyAdmin from the front page of your cPanel once again

kqTaC.png

Click to navigate.

 

You should then see a list of databases on the left of the page, click through them until you found the one you just created, (timestop_awesomescript in my case)

kqTdM.png

 

Afterwards, on the right side of the page, it should automatically pop up with the option to create a table, you DON'T want to do it like this, instead up the top of the page, you should see the tab option "SQL".

Press that, and you should see this tab pop up

kqTqi.png

 

In that middle text field, enter the following:


CREATE TABLE Data 
(Username varchar(25) NOT NULL,
timeran bigint(200),
expgained bigint(200),
premium varchar(3),
PRIMARY KEY(Username));

And click GO in the bottom right corner.

 

Congratulations, your database and table have been setup correctly if you followed this properly.

 

Update.php

This script is used to pass new data into your Tables, it will also ADD onto old data


<?php
// Connection details
$servername = "YOUR_SERVER_NAME E.G. WWW.BRAZZERS.COM";
$user = "YOUR_DATABASE_USERNAME";
$password = "YOUR_DATABASE_PASSWORD";
$dbname = "THE_NAME_OF_THE_DATABASE";
 
// Your data variables, you can have as many as you want.
$timetemp = $_GET ['time']; // The total time ran
$exptemp = $_GET ['exp']; // The total EXP gained
 
$nametemp = $_GET ['name']; // The username of the botter.
$premium = $_GET ['premium']; // "YES" if the user is premium, "NO" if they are using the free script
 
 
// Variable conn is used to determine the new mysql connection for above data
 
// If you are running this script off the same webserver that the database is stored on, the servername can be NULL.
$conn = mysqli_connect ($servername, $user, $password, $dbname );
 
// Checking if the connection is valid, if not, killing the process and throwing a error message
if ($conn->connect_error) {
die ( "Connection failed: " . $conn->connect_error );
}
 
if (mysqli_connect_errno ()) {
echo "Failed to connect to the mySQL server ";
die ();
}
 
$setResult = mysqli_query ( $conn, "SELECT * FROM Data WHERE Username='$nametemp'" ); // Selects all fields from the Data table, based on the username supplied
if ($setResult) { 
 
/* 
If the Table already contains some data for this user,
it will instead ADD the new data onto the old data, then insert it back into the table.
*/
$resultArray = mysqli_fetch_row($setResult);
$time = $resultArray[1];
$exp = $resultArray[2];
 
 
$exp2 = $exp + $exptemp;
$time2 = $time + $timetemp;
 
// Query for inserting the wanted data into the mysql - Where Data is the table name
$sql = "REPLACE INTO Data (Username, timeran, expgained, premium)
VALUES ('$nametemp', '$time2',' $exp2', '$premium')";
 
if (mysqli_query ( $conn, $sql )) {
echo "Recorded Data";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error ( $conn );
}
} else{ // If there is currently no user data, it will insert a fresh sample.
    $sql = "INSERT INTO Data (Username, timeran, expgained, premium)
VALUES ('$nametemp', '$timetemp',' $exptemp', '$premium')";
 
if (mysqli_query ( $conn, $sql )) {
echo "Recorded new Data";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error ( $conn );
}
}
$conn->close ();
?>
 

 

Signature.php

This script is used to generate the signature that the users can put in there signatures, or just look at to keep track of their stats.

<?  



function formatTime($time){
    $time_seconds = $time / 1000;
    $time_minutes = $time_seconds / 60;
    $time_hours = $time_minutes / 60;
	$time_days = floor($time_hours / 24);
    $seconds = $time_seconds % 60;
    $minutes = $time_minutes % 60;
    $hours = $time_hours % 24;
    
	$days = floor($time_days % 365);
	$years = floor($time_days / 365);
	
	return $years . "y " . $days . "d " .$hours . "h " . $minutes . "m ";
}


$username=""; //Your MySQL Username. 
$password=""; // Your MySQL Pass. 
$database=""; // Your MySQL database. 
$host=""; // Your MySQL host. This is "localhost" or the IP specified by your hosting company. 



$player_name=$_GET['player_name']; // This gets the player his name from the previous page. 


mysql_connect($host,$username,$password); // Connection to the database. 
@mysql_select_db($database) or die( "Unable to select database. Be sure the databasename exists and online is."); //Selection of the database. If it can't read the database, it'll give an error. 


/* To protect MySQL injection. */ 
$player_name = stripslashes($player_name); 
$player_name = mysql_real_escape_string($player_name); 
/*							   */



if($player_name == "ALL"){ // If you want to sum all of your users data, like I have in my signature, you need this.

    $query="SELECT SUM(timeran) as timesum FROM Data";
    $result=mysql_query($query); 
    $Timeran1= mysql_fetch_assoc($result);
    $Timeran = $Timeran1[timesum];


     $query="SELECT SUM(expgained) as expsum FROM Data";
	 $result=mysql_query($query); 
     $ExpGained1= mysql_fetch_assoc($result);
	 $ExpGained = $ExpGained1[expsum];


// Now for the creation of the image.



    header('Content-Type: image/png;'); 
 // Your image must be in the same directory as your PHP Scripts for it to work, otherwise you will need to include a path
    $im = @imagecreatefrompng('YOUR_IMAGE.png') or die("Cannot find image, check naming and file location");



    $text_color = imagecolorallocate($im, 255,255,100); // RED, GREEN, BLUE , you can goto http://colorpicker.com to pick a nice colour if you wish. 

    $text_username = "ALL"; // This gets the information about player name to be showed in the picture. 
    $text_timeran = formatTime($Timeran); // Same as above ^^ 
    $text_expgained = number_format($ExpGained);


    $font = 'Calibri.ttf'; //Upload your custum font to the directory where this file is placed if you wish to customise it.

	// 18 is the font size, 0 is the angel of the text, 165 is the x coordinate on your image, and 132 is the Y coordinate on your image.
    imagettftext($im, 18, 0, 165, 132, $text_color, $font, 'ALL'); 
    imagettftext($im, 12, 0, 300, 93, $text_color, $font, $text_timeran); 
    imagettftext($im, 14, 0, 130, 93, $text_color, $font, $text_expgained); 
    imagepng($im); 
    imagedestroy($im); 
    return;
}

// Below is the code for regular players, it will not SUM

$query="SELECT * FROM Data WHERE Username='$player_name'"; // Gets all the information about the player. 

$result=mysql_query($query); 
$i=mysql_num_rows($result); // Here we are counting how many rows this result gives us. 


if ($i == 1) // If the user has been correct, then it'll give us 1 row. If its 1 row, then it'll proceed with the code. 
{ 


    $Username=mysql_result($result,0,"Username");
    $Timeran=mysql_result($result,0,"timeran");
    $ExpGained=mysql_result($result,0,"expgained");

     // Creating of the .png image.  



    header('Content-Type: image/png;'); 



     header('Content-Type: image/png;'); 
	// Your image must be in the same directory as your PHP Scripts for it to work, otherwise you will need to include a path
    $im = @imagecreatefrompng('YOUR_IMAGE.png') or die("Cannot find image, check naming and file location");

    $text_color = imagecolorallocate($im, 255,255,100); // RED, GREEN, BLUE , you can goto http://colorpicker.com to pick a nice colour if you wish. 
    $text_username = "$Username"; // This gets the information about player name to be showed in the picture.  // This gets the information about player name to be showed in the picture. 
    $text_timeran = formatTime($Timeran); // Same as above ^^ 
    $text_expgained = number_format($ExpGained);

    $font = 'Calibri.ttf'; //Upload your custum font to the directory where this file is placed. Then change the name here. 

	// 18 is the font size, 0 is the angel of the text, 165 is the x coordinate on your image, and 132 is the Y coordinate on your image.
    imagettftext($im, 12, 0, 138, 130, $text_color, $font, $text_username); 
    imagettftext($im, 12, 0, 300, 93, $text_color, $font, $text_timeran); 
    imagettftext($im, 14, 0, 138, 93, $text_color, $font, $text_expgained); 

    

    imagepng($im);
    imagedestroy($im); 

} else echo('Username is not in our database. Please try again.'); // If the username doesn't exist (so the row is 0) then it'll give en error. 

mysql_close(); 

?> 

 

Finishing Off

There is only a couple more steps left, and they are generally a lot easier for most people.

 

Step 1. Submitting data when your script is stopped

 

Basically, in your onExit(), you want to have this, you will need to replace the URL with your web host URL.

if (getExperienceTracker().getElapsed(Skill.YOURSKILL) > 0) {
			try {
				URL submit = new URL("http://THE_WEB_DIRECTORY + "/update.php?name="
						+ getClient().getUsername().replace(" ", "_")
						+ "&time="
						+ instance.getExperienceTracker().getElapsed(Skill.YOURSKILL)
						+ "&exp="
						+ instance.getExperienceTracker().getGainedXP(Skill.YOURSKILL)
						+ "&premium=" + "YES");
				
				URLConnection con = submit.openConnection();
				instance.log("Submitting statistics...");
				con.setDoInput(true);
				con.setDoOutput(true);
				con.setUseCaches(false);
				final BufferedReader rd = new BufferedReader(
						new InputStreamReader(con.getInputStream()));
				rd.close();
			} catch (Exception e) {
				instance.log("Failed to submit print details");
			}
		}

Don't forget to start the experience tracker either, this can be done in the onStart

getExperienceTracker().start(Skill.YOURSKILL);

 

Step 2. Creating a web page for generation

This 2nd last step, and it is important to ensure that the html file you create is in the same folder as your PHP scripts, otherwise you will have to do all that pathing nonsense, which isn't that big of a deal.

 

Here is my current HTML Code for a simple user interface:

 

<html> 

<head>

        <title>Dynamic Signature Creation</title>

</head>

        <h1>Your Dynamic Signature</h1>

     
       <p> To generate your Dynamic Signature, enter your OSBot username below!</p>

       

        <form action="signature.png" method="get"> 

        OSBot Username: <input type="text" name="player_name"><br>  <!-- This is a little text box which will ask for you playername. -->

       <input type="Submit"> <!-- A "send" button. -->

       </form>





</body>

</html> 

 Which would look something like 

kqUy5.png

 

Step 3. Modifying your .htaccess to rewrite .php urls to .png so that you can display your signature on the forum.

On your webserver, there should be a file called ".htaccess"

Modify this, and place the following inside

RewriteEngine On
RewriteBase /
RewriteRule signature.png signature.php

You should now be able to generate Dynamic signatures like so:

signature.png?player_name=Mrtaylaah

 

 

If you find any problems, please don't hesitate to point them out, or to ask for help.

Edited by Tom
  • Like 6
Link to comment
Share on other sites

For the record, there is SQL injection protection

 

 

$setResult = mysqli_query ( $conn, "SELECT * FROM Data WHERE Username='$nametemp'" ); // Selects all fields from the Data table, based on the username supplied

What happens when $nametemp is ' OR '1'='1'? Look into parametised queries or sanitise your input properly :/ :/

Link to comment
Share on other sites

$setResult = mysqli_query ( $conn, "SELECT * FROM Data WHERE Username='$nametemp'" ); // Selects all fields from the Data table, based on the username supplied

What happens when $nametemp is ' OR '1'='1'? Look into parametised queries or sanitise your input properly :/ :/

 

 

The username is directly entered by your script using their osbot username, so unless someone has the URL and knows the php parameters, they aren't going to have the ability to do anything

Link to comment
Share on other sites

The username is directly entered by your script using their osbot username, so unless someone has the URL and knows the php parameters, they aren't going to have the ability to do anything

 

Why don't you understand that if someone wants to get all of your data, they will. All I need to do is just turn on wireshark, look at my connections, and grab the data. You don't sanitise any data in the update page, you use deprecated MySQL in signature.php, you rely solely on mysql_real_escape_string (which will not escape certain characters like \ and \x00). At least you mask errors, that's a start.

  • Like 2
Link to comment
Share on other sites

Why don't you understand that if someone wants to get all of your data, they will. All I need to do is just turn on wireshark, look at my connections, and grab the data. You don't sanitise any data in the update page, you use deprecated MySQL in signature.php, you rely solely on mysql_real_escape_string (which will not escape certain characters like \ and \x00). At least you mask errors, that's a start.

 

oh no they get my fish sum

  • Like 1
Link to comment
Share on other sites

Edit: fixed it by generating sigs every 10 min...


"Unable to retrieve signature image dimensions, please try another image."


Dafuq is this? I get this when I try to put the image in my signature...

Halp anyone plz?



(/care about the text atm)

signature.png?user=flamezzz&script=fclue
http://www.flamezzz.nl/signature.png?user=flamezzz&script=fcluehuntereasy


Dimensions = 500x150, even windows can read this so I assume the file is not corrupt in any way.

signature.php

 

<?

Header('Content-type: image/png');

.....
.....


$image = @imagecreatefrompng('./cluehuntereasy.png') or die("Picture not found.");
  
$black = imagecolorallocate($image, 0, 0, 0);
$white = imagecolorallocate($image, 255, 255, 255);
imagecolortransparent($image, $black);
imagealphablending($image, false);
imagesavealpha($image, true);

.....
.....

imagettftext($image, 15, 0, 370, 58, $white, $font, $row['solved']);
imagettftext($image, 15, 0, 370, 107, $white, $font, $runtime);
imagettftext($image, 15, 0, 370, 153, $white, $font, $profit);

imagettftext($image, 20, 0, 50, 153, $white, $font, $row['name']);
  
imagepng($image);
imagedestroy($image);


mysql_close();

?>
Edited by Flamezzz
Link to comment
Share on other sites

 

"Unable to retrieve signature image dimensions, please try another image."

Dafuq is this? I get this when I try to put the image in my signature...

Halp anyone plz?

(/care about the text atm)

signature.png?user=flamezzz&script=fclue

http://www.flamezzz.nl/signature.png?user=flamezzz&script=fcluehuntereasy

Dimensions = 500x150, even windows can read this so I assume the file is not corrupt in any way.

signature.php

 

<?

Header('Content-type: image/png');

.....
.....


$image = @imagecreatefrompng('./cluehuntereasy.png') or die("Picture not found.");
  
$black = imagecolorallocate($image, 0, 0, 0);
$white = imagecolorallocate($image, 255, 255, 255);
imagecolortransparent($image, $black);
imagealphablending($image, false);
imagesavealpha($image, true);

.....
.....

imagettftext($image, 15, 0, 370, 58, $white, $font, $row['solved']);
imagettftext($image, 15, 0, 370, 107, $white, $font, $runtime);
imagettftext($image, 15, 0, 370, 153, $white, $font, $profit);

imagettftext($image, 20, 0, 50, 153, $white, $font, $row['name']);
  
imagepng($image);
imagedestroy($image);


mysql_close();

?>

 

I think I circumvented this for myself by removing imagealphablending($image, false);. Good luck :D

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...