SteveDave

Hey guys, I'm sure some people have come into this problem before with people using ridiculously large pictures in their signatures. I was wondering if there was a way to set a maximum size to a signature or the pictures inside of it. Thanks :-)

Hey guys just a quick question, I think the Brave/Energy gain per Level is a bit high and I'd like to lower it. Where exactly is that lowered and if I lowered it would it change everyone's Max's or would I have to write up some kind of Update in the database? Thanks :-)

This doesn't have much to do with MC or anything but I figured someone might know more about this than I do. I recently have been offered to go into a partnership with someone on making a game. Basically, one does graphics while the other does coding and each person takes 50% of the earnings. Now, should there be more than just a mutual agreement on say a instant messenger? I mean, that's pretty weak evidence of having an official partnership. If one person were to get greedy and change all the site information, what exactly could you do about this? Would that be illegal, or is there a way to make it illegal by making some type of online contract? Thanks in advance :-)

Re: [mccode] Treasure Map! [$25.00] I may be interested in buying this mod but the picture for the Map Preview doesn't seem to be showing. Could you give me a link to it? Thanks.

Re: viewuser taking ages to load? Thanks guys, I'll see what I can do. Much appreciated.

For some reason out of nowhere my viewuser / Player profiles are taking ages to load. The weird thing is, it only seems to be happening on my Admin account. I tried it on a normal account and it's fast as usual. Why would it be doing that? It can't take that long to pull someones IP from the database.

Re: +9999--99999999 ( Bug ) Thanks guys I'll try that, +1's for both of you I appreciate the help.

Well I just recently added a Mod to my game, came back a few hours later and found billions of dollars going around in my game due to someone stumbling upon a bug. I thought I had it covered with:   elseif($_POST['amount'] > $ir['money'] or $_POST['crystals'] > $ir['crystals']) { die ("[b]You dont have enough funds.[/b]"); }   But it seems the old +9999999--99999999999999 worked and let someone give themselves ridiculous amounts of crystals/money. I thought this code (in header) protected against that: $count = 3; $x = -1; while($x < $count) { $places_to_be_secured = array("ID","viewforum","viewtopic"); $x++; $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); }   But apparently not. I can't seem to find a way around this, I've tried several things but can't seem to fix it. Any ideas?

Re: Userlist - Secure! Looks good but it only has one page.

Re: View Gang Surrender I don't like begging for answers but I'm pretty lost here, has nobody else had this problem? Here's what I have for the full function..   function gang_staff_viewsurrenders() { global $db,$ir,$c,$userid,$gangdata; if(!isset($_POST['subm'])) { print "<form action='yourgang.php?action=staff&act2=viewsurrenders' method='post'> Choose who to accept the surrender from. <input type='hidden' name='subm' value='submit' /> Gang: <select name='sur' type='dropdown'>"; $wq=$db->query("SELECT s.*,w.* FROM surrenders s LEFT JOIN gangwars w ON s.surWAR=w.warID WHERE surTO={$ir['gang']}"); while($r=$db->fetch_row($wq)) { if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); print "<option value='{$r['surID']}'>War vs. {$them['gangNAME']} (Msg: {$r['surMSG']})</option>"; } print "</select> <input type='submit' value='Accept Surrender' /></form>"; } else { $_POST['sur'] = abs((int) $_POST['sur']); $q=$db->query("SELECT surWAR FROM surrenders WHERE surID={$_POST['sur']}"); $rowfromthis = $db->fetch_row($q); $warid = $rowfromthis['surWAR']; $wq=$db->query("SELECT * FROM gangwars where warID={$warid}"); $r=$db->fetch_row($wq); if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $db->query("DELETE FROM surrenders WHERE surID={$_POST['sur']}"); $db->query("DELETE FROM gangwars WHERE warID={$warid}"); $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); $event=str_replace("'","''","[url='gangs.php?action=view&ID={$ir[']{$gangdata['gangNAME']}[/url] have accepted the surrender from [url='gangs.php?action=view&ID={$them[']{$them['gangNAME']}[/url], the war is over!"); $db->query("INSERT INTO gangevents VALUES('',{$ir['gang']},unix_timestamp(),'$event') , ('',".$r[$f].",unix_timestamp(),'$event')"); print "You have accepted surrender, the war is over."; } }   Help would be greatly appreciated.. Thanks

Re: Important Security Issue For All McCode Owners !   I tested the exploit with what you have added above. It didn't work so I would assume it would be safe for many to use. Just figured I would add my comment. :-) So that is the fix for this problem? And if so, where should it be added, globals maybe?

I looked through old threads for the answer to this but couldn't find it so I thought I'd make my own and see if I can get an answer. The problem is that for some reason, a lot of the time when a Gang surrenders, the other gang can't see their surrender. So I tried to figure it out and thought maybe it was something to do with the name of the gang having certain characters or even spaces in it. While looking, I found this in the page source: Gang: <select name='sur' type='dropdown'>QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Query was SELECT * FROM gangs WHERE gangID= I'm not sure what to do about this, I made a gang named Test and surrendered, the surrender showed. I then called it Test 1 2 3 and that's when I seen this error. Any ideas?

Re: [mccode v2] Enhanced Hall of fame COMPLETED! I posted asking for help, I didn't want to make a new thread about it and if this gets fixed other people can use it too.

Re: [MCCODES V2] Reset password + Secret question before password is sent. I just added it to my game, works great and looks great too. Thanks for this illusions.

Re: [mccode v2] Enhanced Hall of fame COMPLETED! But it works for certain parts of the HoF just not Strength, Guard, Agility etc. That shouldn't have to do with the Header?

Re: Secure My Game {$$$} I might have a couple people in line for this so thanks to everyone who messaged me.

Re: [mccode v2] Enhanced Hall of fame COMPLETED! Sorry for the double post but since nobody seemed interested in helping me and it should be a few simple changes, I'll give someone $3 to answer my above question, tested if possible.

Re: Help with Custom Mod V2 I'd offer help if I was more experienced but definitely let me know how this turns out because I've wanted something similar for my game and would be interested in purchasing it :-)

Re: [MCCODES V2] Reset password + Secret question before password is sent. Funny, just yesterday I was testing a Reset Password mod and decided not to use it because I instantly realized it could be easily abused. Perfect timing for this, and a big +1 to you. I trust it works and will add it soon. Thanks a lot for sharing, when I have more experience in PHP I plan to give back a lot to the CE community as it has helped me so much already. :-)

Hey guys, I'm not sure if anyone really knows me around here but I've come to the CE community for some more help but this time, I don't plan on freeloading information. I'm trying my best to have a successful game, and as many of you could tell from my questions, I'm no PHP pro. I'm coming here asking for help, because honestly, where could be a better place? I need my game secure. And I'm willing to pay for it. I'm looking for someone who can give my game the security it needs so I can sleep better at night and not have to worry every time I go to log in every morning. My game has become a lot more successful than I had planned in the first place, I never really planned on having even close to as many players as I do now. I know a lot of you might say I should just quit and shut the game down until I learn to do it myself, but it's not that easy. The game got successful fast, and I've run into a lot of problems the past few months with people pretty well trying to screw me (and the game) over. Now, I need to hire someone to help me secure the game. I'm looking for estimates, suggestions, or a point in the right direction. I'm going to College for Advanced Programming in a few months, until then, I need to do what I need to do. Thanks, Steve.

Re: [mccode v2] Enhanced Hall of fame COMPLETED! This is a much better Hall of Fame, great work. I was hoping someone could give me a hand here, I'm adding Color to Donators/Staff in the HOF.. I have it working for everything but the Stats section (Strength, Guard, Total etc) Here is what I have that works for everything else (Others feel free to use this to spice up your HOF): Under $display = htmlspecialchars($_GET['display']); $fetch = mysql_query("SELECT * FROM users WHERE user_level != 0 ".$donator." ORDER BY ".$display." ".$filter.",userid ASC LIMIT 50"); while($t = mysql_fetch_assoc($fetch)) { if($display == "money") { $t[$display] = money_formatter($t['money']); } else if($display == "crystals") { $t[$display] = number_format($t['crystals']); } if($ir['userid'] > $t['userid']) { $t['username'] = "[b]".$t['username']."[/b]";   Add } if($t['user_level'] == 3) { $t['username'] = "[b]<font color=#CCCCCC>".$t['username']."[/b]</font>"; } if($t['user_level'] == 5) { $t['username'] = "[b]<font color=orange>".$t['username']."[/b]</font>"; } if($t['donatordays'] > 0) { $t['username'] = "[b]<font color=red>".$t['username']."[/b]</font>"; }   If I try the same thing with Strength, Guard etc, It does nothing. Am I missing something? And also, could someone tell me how to add a Position # to the table? I'm not sure how to make it count down. I used the original HOF for reference but just got a lot of errors, I've been trying for a while. I know, I'm a noob. But I'm trying my best to learn. Thanks in advance. If I get it all working I'll post my full working version so others can use it.

So my hall of fame recently started taking about 30 seconds to load when it comes to Stats (IQ, Strength, Total Stats etc). I was wondering if anyone else had come to this problem and if so, what did you do about it? I was thinking since a lot of games have the HOF update every several minutes, is there an easy way to do that or would that require a lot of work? Thanks in advance.

Re: Secure Names? Please help. Any help here? If there are some things I have to do to fix this that would require you to make an effort I'll at least throw a couple bucks your way for taking your time to help me.

Hey guys, I just had someone on my game change their name to C:\Users\aid and their name doesn't show up. Is it possible this person can hack the site by doing this? Is there any way to now allow certain characters in names or secure this somehow? (I already searched the forum for similar threads but couldn't find anything..)

Re: Car Mod Help Hmm, thanks for the help but it didn't seem to fix it. I believe you meant change:   $q=$db->query("SELECT cm.*, u.*,ct.* FROM carmarket cm LEFT JOIN users u ON u.userid=cm.cmADDER LEFT JOIN cars_types ct ON ct.carID=cm.cmCAR ORDER BY cmPRICE ASC",$c);   To:   $q=$db->query("SELECT cm.*, u.*,ct.* FROM carmarket cm LEFT JOIN users u ON u.userid=cm.cmADDER LEFT JOIN cars_types ct ON ct.carID=cm.cmCAR ORDER BY cmPRICE ASC");   ..I also tried taking all of the ,$c's out from the entire page but still nothing, same error..