codestryke

Re: Loop Error - Please Help! You don't need to keep querying the db to get all the ingredients. You already have the ingredients as a comma separated list in the receipt so instead use the IN clause. Something like: $items = explode(',', $recipe['reciperequired']); $ing_count = count($items); $ing_fetch = mysql_query("SELECT `itmname` FROM `items` WHERE `itmid` IN (".$recipe['reciperequired'].")" or die(mysql_error()); while( $ing = mysql_fetch_assoc($ing_fetch) ) { echo $ing['itmname'].' '; }

Re: Mccodes Lite Userstats IQ Bug   It's all about the query.. In lite IQ is stored in userstats, not the user table... Hence why IQ works #14 but doesn't work with #12, #13 and #15 Also on #14 you try to update it in user first then it updates userstats like it's suppose to..

Re: Monkey Wrench No I don't have a time line yet, still working on it as much as I can (I don't get to code much during the week). This weekend I started working on the admin/staff panel, mostly trying to get a scripting system to work (ala phpBB) for installing mods. Mod authors can then create a simple script that can be bundled with there mod for easy installation. The staff/admin panel is NOT integrated in the game like standard McCodes, it's in it's own directory and uses Apache's built in login system (ala PHP_AUTH_USER). Couple of screen shots from this mornings work... Basic Summary screen in the staff / admin panel: Lite doesn't come with a bank so I wrote one and have been using it for testing:

Re: Monkey Wrench Yes, I'd say I just hit the 50% done mark yesterday. Whats done: Front End: index.php register.php welcome.php Main Game: crimes.php (merge of criminal.php / docrime.php) estate.php explore.php gym.php index.php news.php (announcements.php) travel.php (monorail.php) Backend: account.lib.php (for account_create, account_login, account_delete) accesscontrol.php (checks session, ip init's player id) common.lib.php (common routines, smarty, db inits) config.game.php (defines for all in game options) config.server.php (defines for the server paths, url etc) player.lib.php (player loading) xcdb.lib.php (database class) All templates for the above done as well. Like I said it's based off the lite version so it's still very retarded for signup with no email validation and if you don't enter one it dumps out with the 'problem with account' error message. Still to do: crons attack events fed jail inventory items mailbox preferences search send cash userlist user online view user I've put off most of the list based coding till I found a javascript table sorting library. Finally found one yesterday that seems like it'll work very nicely, has a small foot print and works with the GPL license http://www.kryogenix.org/code/browser/sorttable/

Re: Monkey Wrench   one for the database and smarty as of now.

Looking to throw a monkey wrench in the McCodes world by re-writing the lite version and giving it away. It pains me to watch so called experts here front about how great of coders they are then post a free mods with a programming style of McCodes. Am I the only one who wants to stab their eyes out when they see McCodes style programming? So the only thing I can think of is to re-write the damn thing and make it secure and FREE. The code is based on the Lite version because that is released under the GPL so I can re-write it without breaking any laws ;) I took Nyna's db class, added my own SQLSafe method to clean SQL strings and then re-named most of the functions to work like ADODB (as that is the class I use normally but it's a memory hog). The new version also uses Smarty templates! Yes the whole site is in template files, no not header / footer quasi BS templates but actual templates you can munge and change at your desire and whim. This version, which I'm calling McCodes LiteFU (ok it's a working title), will give any laymen the ability to start a McCodes site without having to worry about it being hacked. If I see one more post about "I've been hacked please help" and then everyone rushing to cash in I'm going to lose it. The first release will mimic the lite version, hopefully, with time allotted I will release some of the cool free mods here for the engine. My hope though is people here will pick up here with the free codes and expand it rather then the standard McCodes. Let me be very specific here this is a new code base! Mods for lite, v1 and v2 will NOT work with this code base. Trying to secure the base McCodes or getting it to work within the mccodes structure is a fools errand, it's either start fresh or don't bother. The only thing that remains the same is the database, so if you have a lite game you could over write the code with this and it'll work. For your preview.. travel.php (aka monorail.php in lite) include_once '/../include/accesscontrol.php'; include_once '/../include/common.lib.php'; include_once '/../include/player.lib.php'; if( isset($_GET['to']) && isnumber($_GET['to']) ) { $city = $db->GetRow("SELECT cityname FROM cities WHERE cityid = ? AND cityminlevel <= ?", array($_GET['to'], $player['level'])); if( empty($city) ) { $tpl->assign('error', 'Invalid selection made, please try again'); } elseif( 1000 > $player['money'] ) { $tpl->assign('error', 'You don\'t have enough money to buy a ticket'); } else { $player['money'] -= 1000; $db->Execute("UPDATE users SET money = ?, location = ? WHERE userid = ?", array($player['money'], $_GET['to'], $player['userid'])); $tpl->assign('result', "Congratulations, you paid \$1,000 and travelled to $city[cityname] on the monorail!"); } } $tpl->assign('cities', $db->GetAll('SELECT * FROM cities WHERE cityid <> ? AND cityminlevel <= ?', array($player['location'], $player['level']))); $tpl->assign("player", $player); $tpl->display('travel.tpl'); exit;   travel.tpl (template for travel page) {include file="pageheader.tpl"} {if $error <> ""}<p style='color: red; font-weight: bold'>{$error}</p>{/if} {if $result <> ""} <p style='font-weight: bold'>{$result}</p> {else} Welcome to the Monorail Station. It costs $1,000 for a ticket. Where would you like to travel today? <table width=75%> <tr style='background:gray'> <th>Name</th> <th>Description</th> <th>Min Level</th> <th> </th> </tr> {foreach from=$cities item=c} <tr> <td>{$c.cityname}</td> <td>{$c.citydesc}</td> <td>{$c.cityminlevel}</td> <td>[url='travel.php?to={$c.cityid}']Go[/url]</td> </tr> {/foreach} </table> {/if} {include file="pagefooter.tpl"}   pageheader.tpl template for inside the game, the outside of the game (index.php, register, login etc) pages are seperate from inside of the game <html> <head> <title>Your Game Name</title> <script> var energy = {$player.energy}; var energy_max = {$player.maxenergy}; var will = {$player.will}; var will_max = {$player.maxwill}; var brave = {$player.brave}; var brave_max = {$player.maxbrave}; var exp = {$player.exp}; var exp_max = {$player.exp_needed}; var health = {$player.hp}; var health_max = {$player.maxhp}; </script> {literal} <script> function updatestats() { displaybar('energy', 'Energy', parseInt(energy / energy_max * 100)); displaybar('will', 'Will', parseInt(will / will_max * 100)); displaybar('exp', 'EXP', parseInt(exp / exp_max * 100)); displaybar('health', 'Health', parseInt(health / health_max * 100)); var bpercent = parseInt(brave / brave_max * 100); document.getElementById('brave').innerHTML = '[b]Brave:[/b] ' + brave + ' / ' + brave_max + ' [img=../images/bargreen.gif][img=../images/barred.gif]'; } function displaybar(elm, label, percent) { document.getElementById(elm).innerHTML = '[b]' + label + ':[/b] ' + percent + '% [img=../images/bargreen.gif][img=../images/barred.gif]'; } </script> <style> body { font-family:helvetica, arial, geneva, sans-serif;font-size:12;color: black; scrollbar-base-color: #005B70; scrollbar-arrow-color: #F3960B; scrollbar-DarkShadow-Color: #000000; } a:visited,a:active,a:hover,a:link { color: black;text-decoration: none; } table,tr,td { font-family:helvetica, arial, geneva, sans-serif;font-size: 12; } img { border:none; } textarea { font-family:helvetica, arial, geneva, sans-serif;font-size:12;color: black; } </style> {/literal} </head> <body bgcolor='#C3C3C3' onLoad='updatestats()'> <table width=100%> <tr> <td>[img=../images/logo.png]</td> <td> [b]Name:[/b] {$player.username} [b]Money:[/b] {$player.money|number_format} [b]Level:[/b] {$player.level} [b]Crystals: {$player.crystals}[/b] [[url='logout.php']Emergency Logout[/url]] </td> <td> <span id='energy'></span> <span id='will'></span> <span id='brave'></span> <span id='exp'></span> <span id='health'></span> </td> </tr> </table> <table width=100%> <tr> <td width=150 valign='top'> {include file=menu.tpl} </td> <td valign='top'>   pageheader.tpl is a work in progress. The final release will put the javascript and CSS into there own files for better caching.

Re: MySQL Procedures I'm going to go out on a limb here and assume you are using phpMyAdmin to create this procedure. If you are then you need to do the following or it won't work: Click the SQL tab enter the following for the SQL DROP PROCEDURE IF EXISTS buyShopItem $$ CREATE PROCEDURE buyShopItem(item INT(11), shop INT(11), user INT(11), itemCost INT(11)) BEGIN DELETE FROM `userShopItems` WHERE `itemId` = item; UPDATE `userShops` SET `shopStock` = `shopStock` - 1 WHERE `shopId` = shop; UPDATE `users` SET `money` = `money` - itemCost WHERE `userid` = user; END $$   below where you enter the SQL there should be a text field called delimeter, enter $$ click Go and it should now work for you also don't do field = field - '1' '1' is a char, not a number ;)

Re: How does Floydian do it?   I'm not arguing what is or is not a programming language vs a scripting language because at this point in time the line is very blurry. Look at Microsoft's Visual Basic is that a programming language or is it a scripting language? Yes you can compile it but it requires the vbrun librarys to run, so according to the above reference it's a scripting language, no? Along the same lines PHP is considered a scripting language, yet, you can now compile PHP so now what is it? Script or programming language? Now some are calling for and working on JavaScript compilers. If this happens now what is it?   Just some food for thought :)

Re: How does Floydian do it? Exactly... Maybe it should be called "So Wanna Be a YUI Programmer". YUI uses javascript but teaching how to use the YUI is not teaching someone about javascript. I've glanced at your engine and for the most part you use the YUI menu and the data table. Both of these could be easily programmed using another library that is a third of the size of the YUI. YUI is great but it seems your only barely using the full capabilities of the library in your engine which adds a lot of bloat for very little functionality (I could be wrong, maybe you use a bit more). Or you could call it "So you wanna copy a game engine". Yes your engine is more secure, yes you continue to update it and yes it is a copy of another engine. How about creating something new, from scratch, then I would be more interested in how the great Floydian got his start, how he codes etc.

Re: Paypal IPN. Secure?   YES! I cannot second this any more! I got bit by this a couple times because I was to lazy to add that simple check. I did it to one game, went on to work other things on my mind and got bit again on another one of our games. Why PayPal allows editing of this field is beyond me but check check check ;) Other then that I've been using the IPN service for about 6 years and have had very little problems or security problems other then what has been noted above.

Re: MCCODES V2 Exploited   I'm not sure where you went with this one, are you talking from a game owner perspective or the player? Personally I think from a game owner perspective is it's not that they like it, its that it's free. Well not really but you can pick up a copy of it from just about any warez site these days, so in the end it's free. Look at Floydian's engine, superior by far, pretty much the same thing but no where near the saturation of McCodes. Why? Because his engine hasn't made it to the warez sites yet so you actually have to pony up the money. From a player perspective I log into a lot of McCodes based sites some have really good numbers at first but then the players lose interest. I think those are the script kiddies that want to see if they can exploit the game and have fun with the game owner. If it's secure they move on to the next one that gets released. Then you have the other ones that don't give a rats butt about multi's (most). So they have high numbers online but in actuality they have less then a third of them. Finally you have the old salts, McCodes that have been around for quite a while and actually have a community based around them. Then they piss off some player, that player then gets a hold of said warez copy of McCodes, dups the site and then sponges players from the other game to get the numbers up. In the end just don't bother with McCodes or a re-write of the engine. If you want a game either have someone build it or code it yourself and make it unique, or fight over the same player base as every other McCodes sites are. McCodes is in the "saturation" part of the business cycle ;)

Re: Guitars... I've got three guitars My Joe Satriani Ibanez which I just love to shread on, love the tight narrow neck, built for just plain speed. My Fender love the warm tones on this one, bigger neck so you can just ease into it, let the fingers just go where they need to be. My parents bought me a cheap knock off fender when I was around 6 years old and have been playing ever since. Just one of those "going home" feelings when I pick up a fender. Cheap Ass Acoustic LOL - My girlfriend loves it but I wish I had ponied up more money for a better one. I go to Guitar Center and pick up some of the higher priced ones and the action is just so much better then what I have which makes playing more enjoyable. I don't play as often as I use to, life, job, code and my motorcycles are getting in the way but I do love to play when I get the chance ;) I play a lot of Satriani, Steve Vai, Eric Johnson, Prince (ya laugh if you will), Stevie Ray just about any artist that is musically guitar centric :)

Re: MyIsam or InnoDB or ?  

Re: [mccode] 8 Lines to secure your site from known sql injections.   Make a popular site thats even worth hacking and let them come to hack it. Learn from them or learn how to find how they did it. Nothing here is 100% and it's all a learning experience ;)

Re: Starting new Game Engine (massive features) - Need feedback No attacking PvP code defined and probably not even thought of No gang vs gang code defined either So your going to recode McCodes without PvP, humm, maybe you should just buy the first version of Flodians engine, same, same. Better yet get an original idea and stop coping / augmenting other peoples ideas ;)

Re: MyIsam or InnoDB or ? While I don't give a lot of credence to the test I do admire the effort put in ;) Like I said in the previous post it's all situational. INNODB is not the cure all, myISAM isn't the cure all. Sometimes running both is the best of both worlds (thank the gods we have that option with mySQL). a_bertrand -- The test was cool but the best thing to look at is you mySQL, it tells all. What does your Table_locks_waited look like on your game? If you have a really high number then start looking at breaking some of your tables or switch to INNODB. It really is as simple as that. A test is a test but real data is real data.   Been there done that... If the problem is table vs row locking like a_bertrand is trying to decide on then what would it take to switch from ISAM to INNODB, 10 - 30 seconds? Easiest fix I've ever seen. INNODB is not the best in all situations. Pure speed of retrieving the data that isn't written to a lot then go ISAM if your doing A LOT of reading and writing then INNODB is sometimes the way to go. To be sure on all aspects just try it, covert a table and see how it goes for your situation.

Re: [mccode]Multi alert Wouldn't this check be better suited in the login sequence somewhere? Maybe I'm missing something but if the person does pass the multi check it continues to check to see if they are a multi on every page hit, kind of a waste on server resources ;)

Found this on Digg :) 50 Extremely Useful PHP Tools Found some nice new tools & toys to play with :)

Re: Help with DB Class.   That's all that is needed, as long as you are happy with the results :) When it comes to db performance testing I really don't hold to much credence though. With a database there are just to many variables to consider or even cheat on (not that you did). But I've seen and participated in performance testing on databases where we sorta stacked the cards in our favor to yield the results we wanted ;)   When I started with computers only a few colleges taught computer science and back then they wore white lab coats, not me. So I learned all my basics from books or example code I was able to get off Compuserve. Then I got a job programming in a real company and (like nyna said somewhere before) had to unlearn my hobbiest ways and code corporate. We had these code reviews and at the beginning I got my butt reamed because the "old salts" knew better and had been down that road. Course afterwords I would go back and test what method was better mine or theirs. 49 times out of 50 they were right but I had to prove it to myself. However that one time my code was better and I took it back the next time and argued the why. In the end this helped me to think outside the box when it came to code. Then I became the old salt and saw in few others the same attitude I had when I was the new guy. The ones that challenged the status quo where the ones that ended up having stellar careers in programming (theres not enough people like that in the programming field in my humble opinion, to many like floydian). Killah code what you will, your either going to have something cool that works or you'll just have to rewrite it later. Least your learning from experience, which is the best teacher ;)

Re: Help with DB Class.   Sort of like you? You couldn't get INNODB installed on you machine so now there is only myISAM where you have to create some quasi transaction routines? But yea I guess your interpreted PHP code is way faster then the compiled c/c++ written INNODB. This is my favorite... Use the smarty TEMPLATE engine to do text replacement on a query string LOL. So what create a template file for each sql command and run it though $smarty->fetch. Now that would be considered making a mountain.

Re: Help with DB Class. Yup :)

Re: Help with DB Class. Well I'm not going to fix or create the code for you but I will help illustrate :) First take your query string and explode it into an array so you'll get something like so   $x = explode("[+n]", "UPDATE `users` SET `username` = [+n] WHERE `userid` = [+n]"); Will yield... Array ( [0] => UPDATE `users` SET `username` = [1] => WHERE `userid` = [2] => )   Then loop though your query parameters and add them to the end of said pieces, then combine the pieces and you'll have a query ready to submit to mySQL. :)

Re: Help with DB Class. You can't use str_replace because it replaces all instances of needle with haystack. That's why only the first param works ;)

Re: MyIsam or InnoDB or ?   I know I come off as a know it all prick on some posts and that's just because I've been there and done that ;) Hope it works out for ya, just 'member test, test and then when your tired and can't take anymore test it again. Its the only way we have to learn ;)

Re: InnoDB or MyISAM   Sorry for the bump, but this has really chapped my hide.. No the egg is on your face for talking out your ass and not knowing the real context of the article you read and spewed to the general populous. So because you couldn't install an engine on your server you claim it not worthy? Are you kidding me? You horrible sig graphic says your an expert, or alludes to it, with mySQL. Yet you can't get INNODB engine installed LOL? Is it just me or are you speaking out of turn when it comes to locking? I don't give a rats butt if you have the most super duper locking myISAM transaction locking known to man. Locking the the table vs locking a record is slow when it comes to highly active websites, period. Have you even tested your "engine" with more then 3 ppl online? If not then you would defiantly see why INNODB is better then myISAM when it comes to concurrent read/writes. If your engine is based on myISAM then I'll take a note from you.... Do NOT buy this engine, I repeat DO NOT BUY THIS ENGINE I'm sure your a good coder, I've seen some instances when you are very good at what you say but you lack the knowledge of someone that has had to deal with a heavily trafficked site and the rules you must break to make a site work under HEAVY load. Security is one thing (as you claim to be an expert in) but it's no good if your site can only handle 10 people online at a time.