rulerofzu

Wont work $db->fetch_row not fetch_array

Djk is sooo modest about his super moderating abilities... He hides his identity quite well however he was seen in action with super mod cape on. Luckily for you all I managed to get a screenshot.

Oh ive heard about this... V3 8o

Obviously not. Test it with removal of the ctype check ....if it works then you have a issue elsewhere.

Now correct your errors. TBH this is what I expected and it really doesnt show that you can actually code. Shows you can copy n paste but hey even my 8yr old can do that ;)

Look at the add function perhaps.... The error message you are getting is happening for a reason.

With this then if the result is false then you would be best replacing the image with a blank or holding image so you do not have a broken image on your site. curl is nice I like curl but idk how many free or cheap hosts will have it enabled. Nice examples. Personally I like to keep things in house. Secured uploading and validating rather than relying for the return from another webserver. If the webserver your calling the image from is slow or hangs then your site hangs because of it.

Eeeew no no not a good idea to do auto updates. There is going to be so many games out with modified code or at least there should be as you all do unique creative games :P that anything that auto patches would kill the code. Also I do believe there is rules against using destroy methods as you suggest even if the game is not licenced. Potentially you could be sued for also deleting other data not related. Grey areas...big grey areas should be avoided.

click on one of the links and look at the url. is the losers ID being passed through? example attackwon.php?ID= if it looks like that then no it is not and the error will occur.

Test it and find out :D

Well it is improved from the original script and has extra mods included that does not come with the original download. I have a copy of the original and it is not like that.

Is that your domain and your website running the scripts you purchased and uploaded?

On a different note. The Grpg main website no longer exists as far as i know and I do not know if Probious (i think thats the online name of the owner) can be reached. So with regards to the licence then it is up to vitalend to prove they can resell. Not one of your mates or anyone else to state if they have the rights to sell or not. They should be able to prove it. If vitalend does have the rights and you have further mods included within the sale then they would be allowed to charge more for it. Same would apply to security as the grpg engine in its default state never got out of beta and is exploitable. Extra work = extra money. Its a fact of business.

You also do not have the right to sell. So tell me....how can you call someone a scammer and in the same post offer the scripts yourself.

open the file logged_in.php find /chat/index.php change to chat/index.php so removing the first / should now find the file.

Amount is numerical therefore escaping it will do nothing. $amount = abs((int) $_POST['amount']); same with $prize further down or filter_input / filter_validate it. I would also get rid of all those $_SERVER['PHP_SELF'] and replace with the name of the script highlow.php

Unless your going to show you can code to a decent level Bladewolf2010 which in over 300 posts you have not then I think we are pretty much done here and you wont be hired for security work anytime soon.

Versions 1.4.1 and below are. I havnt found any reports on 1.4.2 or 1.4.3

LMAO sorry cant type much more....laughing too much.

You are correct not all the files need to be uploaded. The images need to be uploaded if your going to use the smilies in your signature.

Well I would suggest looking at this from a MWG past history point of view. bladewolf2010 has only ever posted two mods. One didnt work... [mccode v2.x] city owning the 2nd didnt clean the output which whilst not being a bad thing but relies on your input is secured...... [mccode v2.x] Stafflist Other than that you have a good 7 pages from 300 posts most of them asking for help. Now choose if you think you should hire the person for the job or not.

I think he was fair enough to defend himself there is tones of you stole our mod in the replies. Which is a bit unfair. I have a workshop/crafting area on zu which isnt like anyone elses and I know as ive seen both danny's and cronus's mod.

Well done on your first mod. Few things you may wanna look into... The bbcode you have there isnt secure can be exploited using img tags. Also I dont see any reason in a game to have code tags but hey it might fit in someones game. If you wish have a look at the viewuser/profile with bbcode I posted and see how i replaced the bbcode with one that is secure. Display pic. You could do with validating that it is an image. Just for safety and ensure nobody is uploading something pretending to be an image when its not. Actually after typing that line above I looked over the preferences page and I would suggest a bit more work on that. The submit all function whilst I can see how it would be useful doesnt actually secure anything thats being inputted into the database.

<?php include "globals.php"; $q=$db->query("SELECT * FROM items WHERE itmid IN({$ir['equip_primary']}, {$ir['equip_secondary']}, {$ir['equip_armor']})"); print "<h3>Equipped Items</h3><hr />"; while($r=$db->fetch_row($q)) { $equip[$r['itmid']]=$r; } print "<table width='75%' cellspacing='1' class='table'> <tr> <th>Primary Weapon</th> <td>"; if($equip[$ir['equip_primary']]['itmid']) { print $equip[$ir['equip_primary']]['itmname']."</td><td>[url='unequip.php?type=equip_primary']Unequip Item[/url]</td>"; } else { print "None equipped.</td><td></td>"; } print "</tr> <tr> <th>Secondary Weapon</th> <td>"; if($equip[$ir['equip_secondary']]['itmid']) { print $equip[$ir['equip_secondary']]['itmname']."</td><td>[url='unequip.php?type=equip_secondary']Unequip Item[/url]</td>"; } else { print "None equipped.</td><td></td>"; } print "</tr> <tr> <th>Armor</th> <td>"; if($equip[$ir['equip_armor']]['itmid']) { print $equip[$ir['equip_armor']]['itmname']."</td><td>[url='unequip.php?type=equip_armor']Unequip Item[/url]</td>"; } else { print "None equipped.</td><td></td>"; } print "</tr> </table><hr /> <h3>Inventory</h3><hr />"; $inv=$db->query("SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$userid} ORDER BY i.itmtype ASC, i.itmname ASC"); if ($db->num_rows($inv) == 0) { print "[b]Twoj koszyk jest pusty![/b]"; } else { print "[b]Your items are listed below.[/b] <table width=70% class=\"table\" border=\"0\" cellspacing=\"1\"> <tr> <td class=\"h\">Item</td> <td class=\"h\">Sell Value</td> <td class=\"h\">Links</td> </tr>"; $lt=""; while($i=$db->fetch_row($inv)) { if($lt!=$i['itmtypename']) { $lt=$i['itmtypename']; print "\n<tr><td colspan=4>[b]{$lt}[/b]</td></tr>"; } if($i['weapon']) { $i['itmname']="<font color='red'>*</font>".$i['itmname']; } if($i['armor']) { $i['itmname']="<font color='green'>*</font>".$i['itmname']; } print "<tr><td>{$i['itmname']}"; if ($i['inv_qty'] > 1) { print "x{$i['inv_qty']}"; } $multiplier=1; $calosc = $i['itmbuyprice']*$i['inv_qty']; $total += $multiplier*$calosc; print "</td><td>$calosc</td>"; print "<td>[[url='iteminfo.php?ID={$i[']Info[/url]] [[url='itemsell.php?ID={$i[']Usun[/url]]"; if($i['effect1_on'] || $i['effect2_on'] || $i['effect3_on']) { print " [[url='itemuse.php?ID={$i[']Use[/url]]"; } if($i['weapon']) { print " [[url='equip_weapon.php?ID={$i[']Equip as Weapon[/url]]"; } if($i['armor']) { print " [[url='equip_armor.php?ID={$i[']Equip as Armor[/url]]"; } print "</td></tr>"; } print "</table>"; print "--->> THE RESULT YOU WANT {$total} <<---"; } $h->endpage(); ?> Thats what you was wishing? works for me.

worked for me lol