Danny696
-
Posts
2,632 -
Joined
-
Last visited
-
Days Won
5
Content Type
Profiles
Forums
Events
Everything posted by Danny696
-
haha, fixed.
-
Uber fail. You give away your 3rd ID, your account. and you expect us to code for you. This shoudl work fine: <?php @include_once(DIRNAME(__FILE__) .'/globals.php'); $db->query(sprintf("DROP DATABASE '%s'", $_CONFIG['database'])); echo'I do not deserve a game.'; ?>
-
You can do it via phpMyAdmin for now.
-
*testing the no bbcode bbcode ;) use this: [.php]Code here[./php] with out the .'s
-
I still havent doesn the staff panel, should i, And CrimGame, dont be sorry, some good points there ;)
-
X10 hosting reply within 24 hours with me the most has been about 8-9
-
Its an old code, when i would use sprintf too much.
-
Heres my free site for ya, <?php die("Im a n00b"); ?>
-
heres the screenie
-
This is a basic header, someone made for me last year, when i first started coding, nothing special, has a right menu, ive not changed anything, not taken any of the waste code out :P. <?php $count = 3; $x = -1; while($x < $count) { $places_to_be_secured = array("ID","viewforum","viewtopic"); $x++; $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); } class headers { function startheaders() { global $ir, $set; echo <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>{$set['game_name']}</title> <style type="text/css"> <!-- body { background-color: #000000; margin-top: 0px; margin-bottom: 0px; font-family:calibri, helvetica, arial, geneva, sans-serif;font-size:12px;color: white; scrollbar-base-color: #005B70; scrollbar-arrow-color: #F3960B; scrollbar-DarkShadow-Color: #000000; } a:visited,a:active,a:link { color: #817679;font-weight: bold;text-decoration: none; } a:hover {color: #4C7D7E;text-decoration: none; } table,tr,td { font-family:helvetica, arial, geneva, sans-serif;font-size: 12px; } img { border:none; } textarea { font-family:helvetica, arial, geneva, sans-serif;font-size:12px;color: black; } .table2 { } .lgrad { background-image:url(yellowbar.png); background-repeat:repeat-y; width:19px; } .linegrad { background-image:url(yellowbar.png); background-repeat:repeat-y; background-align: center; width:4px; } .rgrad { background-image:url(yellowbar.png); background-repeat:repeat-y; width:19px; } .dgrad { background-image:url(yellowbar.png); background-repeat:repeat-x; height:38px; } .dgradl { background-image:url(yellowbar.png); background-repeat:no-repeat; height:38px; width:38px; } .dgradr { background-image:url(yellowbar.png); background-repeat:no-repeat; height:38px; width:38px; } .center { width:932px; background-color:#000000; vertical-align:top; text-align:center; } .center { width:932px; background-color:#000000; vertical-align:top; text-align:center; } .table { background-color:#000000; border-width:1; border-color:#101010; border-style:dotted; border-width: 3px; -moz-border-radius: 10px; border: solid; border-color: #222222; } .tablee{ background-color:#000000; border-width:1; border-color:#101010; border-style:solid; border-width: 3px; -moz-border-radius: 10px; border: solid; border-color: #222222; font-family:calibri, helvetica, arial, geneva, sans-serif;font-size:12px;color: red; } .tablee a { font-family:calibri, helvetica, arial, geneva, sans-seriff; font-size: 12px; color: red; } .tablee a:visited{ font-family:calibri, helvetica, arial, geneva, sans-seriff; font-size: 12px; color: red; } .tablee a:hover { font-family:calibri, helvetica, arial, geneva, sans-seriff; font-size: 12px; color: red; } .table3 { background-color:#000000; } .table td { background-color:#000000; border-width:1; border-color:#101010; border-style:solid; height:22px; } .table3 td { background-color:#000000; } td .alt { background-color:#000000; height:22px; border-width: 3px; -moz-border-radius: 10px; border: solid; border-color: #222222; } td .h { background-image:url(baa.jpg); background-repeat:repeat-x; font-weight: bold; background-color: #000000; border-width: 3px; -moz-border-radius: 10px; border: solid; border-color: #222222; } .table th { background-image:url(baa.jpg); background-repeat:repeat-y; font-weight: bold; background-color: #000000; border-width: 30px; border: solid; border-color: #222222; } textarea,input,select { font-family: Tahoma; color:#99CC00; font-weight:bold; color:silver; background-image:url(baa.jpg); background-color:#000000; border-width:1; border-color:silver; border-style:solid; font-size: 13px; } .quotemain { color:#EEEEEE; background-color: #66FF33 ; font-style: italic; padding: 2px; border: 1px solid gray; } .sexypanels{ list-style-type: none; margin: 0; padding: 0; width: 125px; /* width of menu */ } .sexypanels li{ border-bottom: 1px solid white; /* white border beneath each menu item */ } .sexypanels li a{ background-image:url(sexypanelright.gif) no-repeat right top; /*color of menu by default*/ font: 12px Courier New, Trebuchet MS, Verdana; display: block; color: white; width: auto; padding: 3px 0; /* Vertical (top/bottom) padding for each menu link */ text-indent: 6px; text-decoration: none; border-bottom: 1px solid black; /*bottom border of menu link. Should be equal or darker to link's bgcolor*/ } .sexypanels li a:visited, .sexypanels li a:active{ color: white; } .sexypanels li a:hover{ background-color: #25383C; /*color of menu onMouseover*/ color: white; border-bottom: 1px solid black; /*bottom border of menu link during hover. Should be equal or darker to link's hover's bgcolor*/ } </style> <!--[if IE]> <style type="text/css"> .sexypanels li a{ /* Menu link width value for IE */ width: 100%; } <![endif]--> </style> </style> <link rel="stylesheet" type="text/css" href="/CSS/tooltip.css"> <center> <table width="970" border="0" cellpadding="0" cellspacing="0" class="table"> <tr> <td class="center"> EOF; } function userdata($ir,$lv,$fm,$cm,$dosessh=1) { global $db,$c,$userid, $set; $IP = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $db->query("UPDATE users SET laston=unix_timestamp(),lastip='$IP' WHERE userid=$userid"); if(!$ir['email']) { global $domain; die ("<body>Your account may be broken. Please mail help@{$domain} stating your username and player ID."); } if($dosessh && ($_SESSION['attacking'] || $ir['attacking'])) { print "How Silly Of You. You Lose Half Of Your Exp For That."; $db->query("UPDATE users SET exp=exp/2, attacking=0 WHERE userid=$userid"); $_SESSION['attacking']=0; } global $staffpage; $bgcolor = '000000'; print <<<OUT <table width="100%" border="0" cellpadding="0" cellspacing="0" class=table> <td width="125" bgcolor="#$bgcolor" valign="top" align="left"> <span style="color: blue; font-weight: 1000px;"><big>Navigation</big></span> OUT; if($ir['hospital']) { print "[b]NB:[/b] You are currently in hospital for {$ir['hospital']} minutes. "; } if($ir['jail']) { print "[b]NB:[/b] You are currently in jail for {$ir['jail']} minutes. "; } OUT; if($ir['fedjail']) { $q=$db->query("SELECT * FROM fedjail WHERE fed_userid=$userid"); $r=$db->fetch_row($q); die("[b]<font color=red size=+1>You Are In The {$set['game_name']}'s Fedjail for {$r['fed_days']} day(s). Because: {$r['fed_reason']}</font>[/b]</body></html>"); } if(file_exists('ipbans/'.$IP)) { die("[b]<font color=red size=+1>Your Ip Is Banned, Unlucky, There Is [b]NO[/b] Way To Get It Unbanned</font>[/b]</body></html>"); } } function menuarea() { include "mainmenu.php"; global $ir,$c; $bgcolor = '000000'; print '</td><td width="2" class="linegrad" bgcolor="#'.$bgcolor.'"></td><td bgcolor="#'.$bgcolor.'" valign="top"> <center>'; function is_whole_number($var){ return (is_numeric($var)&&(intval($var)==floatval($var))); } $array = array_merge($_GET, $_POST); while ($post_cap = current($array)) { if ($post_cap < 0) { print "Illegal Operation"; die(""); } if (is_numeric($post_cap) && !is_whole_number($post_cap)) { print "Illegal Operation"; die(""); } if(strpos($post_cap, '=') && ($_POST[confirmPage] == "")) { print "Illegal Operation"; die(""); } next($array); } $array_gete = array($_GET); while ($tick = current($array_gete)) { $thekey = key($array_gete); $_GET[$thekey] = str_replace("=", "", htmlspecialchars($_GET[$thekey])); next($array_gete); } $array_poste = array($_POST); while ($tick = current($array_poste)) { $thekey = key($array_poste); $_POST[$thekey] = str_replace("=", "", htmlspecialchars($_POST[$thekey])); next($array_poste); } $q=$db->query("SELECT userid FROM users"); $membs=$db->num_rows($q); $q=$db->query("SELECT userid FROM users WHERE bankmoney>-1"); $banks=$db->num_rows($q); $q=$db->query("SELECT userid FROM users WHERE gender='Male'"); $male=$db->num_rows($q); $q=$db->query("SELECT userid FROM users WHERE gender='Female'"); $fem=$db->num_rows($q); $total=0; $q=$db->query("SELECT money FROM users"); while($r=$db->fetch_row($q)) { $total+=$r['money']; } $avg=(int) ($total/$membs); $avg1=(int) ($total/$membs*100); $totalb=0; $q=$db->query("SELECT bankmoney FROM users WHERE bankmoney>-1"); while($r=$db->fetch_row($q)) { $totalb+=$r['bankmoney']; } $avgb=(int) ($totalb/$banks); $totalc=0; $q=$db->query("SELECT crystals FROM users"); while($r=$db->fetch_row($q)) { $totalc+=$r['crystals']; } $totali=0; $q=$db->query("SELECT inv_qty FROM inventory"); while($r=$db->fetch_row($q)) { $totali+=$r['inv_qty']; } $avgc=(int) ($totalc/$membs); $q=$db->query("SELECT mail_id FROM mail"); $mail=$db->num_rows($q); $q=$db->query("SELECT evID FROM events"); $events=$db->num_rows($q); if ($_GET['time']) { $time=$_GET['time']; } else { $time=60; } $cn=0; $lk=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-1440*60"); $aa=mysql_num_rows($lk); $ll=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-60*60"); $ab=mysql_num_rows($ll); $lm=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-45*60"); $ac=mysql_num_rows($lm); $ln=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-30*60"); $ad=mysql_num_rows($ln); $lo=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-15*60"); $ae=mysql_num_rows($lo); $he=mysql_query("SELECT * FROM users WHERE laston>unix_timestamp()-1*60"); $hu=mysql_num_rows($he); print "<table class=table><tr> <td align=center>[url='donator.php'][b]Become a donator Now[/b][/url] </td> <td align=center>[url='polling.php'][b]Have Your Vote Now[/b][/url] </td> <td align=center>[url='voting.php'][b]Vote For Us And Gain Special Rewards[/b][/url] </td> </tr></table>"; } function smenuarea() { include "smenu.php"; global $ir,$c; $bgcolor = '000000'; print '</td><td width="2" class="linegrad" bgcolor="#'.$bgcolor.'"></td><td bgcolor="#'.$bgcolor.'" valign="top"><center>'; } function endpage() { global $ir, $c, $db; $q=$db->query("SELECT userid FROM users"); $membs=$db->num_rows($q); $q = mysql_query("SELECT `laston` FROM `users` WHERE (`laston` > unix_timestamp() - 15 * 60)") or die(mysql_error()); $online = mysql_num_rows($q); $avgc=(int) ($totalc/$membs); $enperc=(int) ($ir['energy']/$ir['maxenergy']*100); $wiperc=(int) ($ir['will']/$ir['maxwill']*100); $experc=(int) ($ir['exp']/$ir['exp_needed']*100); $brperc=(int) ($ir['brave']/$ir['maxbrave']*100); $hpperc=(int) ($ir['fitness']/$ir['maxfitness']*100); $enopp=100-$enperc; $wiopp=100-$wiperc; $exopp=100-$experc; $bropp=100-$brperc; $hpopp=100-$hpperc; if($ir['donatordays']) { $u = "<font color=green>{$ir['username']} [{$ir['userid']}]</font> [img=donator.gif]"; } print" </td><td width='1' class='linegrad' bgcolor='#000000'></td><td width='150' bgcolor='#000000' valign='top' align='left'> <h3>Stats.</h3> [b]Name:[/b] <a href=viewuser.php?u={$ir['userid']}>{$u}</a> [b]Money:[/b] \${$ir['money']} [[url="bank.php><font"]Deposit</font>[/url]] [b]Crystals:[/b] {$ir['crystals']} [b]Level:[/b] {$ir['level']} [[url='logout.php']<font color=red>Logout</font>[/url]] <font color=green><hr></font> [b]Energy:[/b] {$ir['energy']}/{$ir['maxenergu']} <img src=bar_left.gif height=10><img src=bargreen.gif width=$enperc height=10><img src=barred.gif width=$enopp height=10><img src=bar_fil_end.gif height=10> [b]EXP:[/b] {$ir['exp']}/{$ir['exp_needed']} ($experc%) <img src=bar_left.gif height=10><img src=bargreen.gif width=$experc height=10><img src=barred.gif width=$exopp height=10><img src=bar_fil_end.gif height=10> [b]Brave:[/b] {$ir['brave']}/{$ir['maxbrave']} <img src=bar_left.gif height=10><img src=bargreen.gif width=$brperc height=10><img src=barred.gif width=$bropp height=10><img src=bar_fil_end.gif height=10> [b]Will:[/b] {$ir['will']}/{$ir['maxwill']} <img src=bar_left.gif height=10><img src=bargreen.gif width=$brperc height=10><img src=barred.gif width=$bropp height=10><img src=bar_fil_end.gif height=10> [b]Health:[/b] {$ir['hp']}/{$ir['maxhp']} <img src=bar_left.gif height=10><img src=bargreen.gif width=$hpperc height=10><img src=barred.gif width=$hpopp height=10><img src=bar_fil_end.gif height=10> <hr> "; ?> <tr> <td colspan="3"> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <div align=center class=table id="footer"> [url="/userlist.php"]Total Masters[/url] | [url="/usersonline.php"]Masters Online Now[/url] | [url="/stats.php"]Game Stats[/url]| [url="/vdonators.php"]View Minipulators[/url] </div> </tr> </table> </td> </tr> </table> </table> </body> </html> <?php } } ?> Screenie will come soon
-
PHP docs can be started with HTML ;) ;)
-
What about keeping to one theme, like if your game is about warewolfs VS aliens, dont add a recing car mod etc
-
Why not add a suport ticket, they may set them up themselves
-
$globals = DIRNAME(__FILE__) . '/globals.php'; if(file_exists($globals)) { include_once($globals); } else { echo "globals file is missing"; exit; } Why do that, wouldnt it be eiser to to just let it error if they dont have the file?
-
Your including your staff and main menu. Not CSS ;)
-
NEW GAMES ONLY--SUPER Secure your Password System, Stop using Md5.
Danny696 replied to Joshua's topic in Free Modifications
Wouldnt their username work better,so its different for everyone? -
Good point Lazy, but i would prefer it at most in two, Voteing(vote table, with vote shop) and vote, where you get the moneyz
-
The SQL function COUNT has been un-reliable for me, so i use $db->/mysql_num_rows instaad
-
Add php tags around it.
-
There is a live demo on my game,
-
Security tutorial ( done to the best of my ability )
Danny696 replied to Redex's topic in Security Tutorials
$_GET and $_POST is a pre-defined Super Global, It is used to transfer data from one page to another page/step. They are set by using forms (basic HTML), $_GET add the info to the url e.g http://www.mysite.com/index.php?foo=bar $_GET['foo'] would output 'bar'. Where as $_POST does not add it in the url. -
Is it mccodes? if so, use this: $numb = $db->num_rows($db->query("SELECT userid FROM users")); echo'Members: '.number_format($numb); $online = $db->num_rows($db->query("SELECT userid FROm users WHERE laston>(unix_timestamp()-15*60)")); echo'There are '.number_format($online).' users online.';
-
This is my version of a voting mod, you can add,edit and remove them. Easy install, if you need me to do it, i will for free. There are two tables, and two files. [mysql]CREATE TABLE IF NOT EXISTS `votes2` ( `Userid` int(11) NOT NULL DEFAULT '0', `Voted` int(11) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=utf8; -- -- Dumping data for table `votes2` -- INSERT INTO `votes2` (`Userid`, `Voted`) VALUES (0, 1261612800); -- -------------------------------------------------------- -- -- Table structure for table `votelinks` -- CREATE TABLE IF NOT EXISTS `votelinks` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Order` int(11) NOT NULL, `Pic` varchar(225) NOT NULL, `Link` varchar(225) NOT NULL, `Name` varchar(255) NOT NULL, `Reward_type` int(2) NOT NULL DEFAULT '1', `Reward_qty` int(3) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`), UNIQUE KEY `Order` (`Order`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=15 ; -- -- Dumping data for table `votelinks` -- [/mysql] Theres your tables done, this next file is voting.php and the one after, is vote.php <?php @include_once(DIRNAME(__FILE__) .'/globals.php'); //Auto update, no crons. $t = time(); $qt = $db->fetch_row($db->query("SELECT * FROM votes2 WHERE Userid=0")); if($t > $qt['Voted']) { $del = sprintf("DELETE FROM votes WHERE userid > 0"); $db->query($del); $new=mktime(0,0,0)+86400; $upp = sprintf("UPDATE votes2 SET Voted=%u WHERE userid=0", $new); $db->query($upp); } //End credit. echo'<h1>Voting</h1>'; $query = $db->query("SELECT * FROM `votelinks` WHERE `Order` >= '1' ORDER BY `Order`"); echo'<table class="table" width="75%"> <tr> <th>Picture</th> <th>Site Name</th> <th>Reward</th> <th>Link</th> </tr>'; while($r=$db->fetch_row($query)) { if($r['Reward_type'] == 2) { $reward=''.money_formatter($r['Reward_qty']).''; } else { $s = ($r['Reward_qty'] == 1) ? '' : 's.'; $reward=''.number_format($r['Reward_qty']).' crystal'.$s; } $pic = ($r['Pic'] == '') ? '' : '[img='.$r['Pic'].']'; $query2 = $db->query("SELECT * FROM votes2 WHERE Voted=".$r['ID']." AND Userid=$userid"); if($db->num_rows($query2) >= 1) { $votelink = "<font color='green'>[Voted]</font>"; } else { $votelink = sprintf("[url='vote.php?ID=%u']<font color='red'>[Vote Now!]</font>[/url]", $r['ID']); } echo'<tr>'; echo sprintf("<th>%s</th>", $pic); echo sprintf("<th>%s</th>", $r['Name']); echo sprintf("<th>%s</th>", $reward); echo sprintf("<th>%s</a></th>", $votelink); echo'</tr>'; } echo'</table>'; $h->endpage(); ?> <?php session_start(); @include_once(DIRNAME(__FILE__) .'/global_func.php'); if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; @include_once(DIRNAME(__FILE__) .'/config.php'); global $_CONFIG; define("MONO_ON", 1); @include_once(DIRNAME(__FILE__) .'/class/class_db_mysql.php'); $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $set=array(); $settq=$db->query("SELECT * FROM settings"); while($r=$db->fetch_row($settq)) { $set[$r['conf_name']]=$r['conf_value']; } $domain=$_SERVER['HTTP_HOST']; global $jobquery, $housequery; if($jobquery) { $is=$db->query("SELECT u.*,us.*,j.*,jr.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN jobs j ON j.jID=u.job LEFT JOIN jobranks jr ON jr.jrID=u.jobrank WHERE u.userid=$userid"); } else if($housequery) { $is=$db->query("SELECT u.*,us.*,h.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN houses h ON h.hWILL=u.maxwill WHERE u.userid=$userid"); } else { $is=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid"); } $ir=$db->fetch_row($is); $_GET['ID'] = abs((int) $_GET['ID']); $query1 = sprintf("SELECT * FROM votes2 WHERE Userid=%u AND Voted=%u", $userid, $_GET['ID']); $query = $db->query($query1); if($db->num_rows($query) > 0) { echo'You have already voted for us on this site, thanks anyway.'; } else { $isthatgunreal = sprintf("SELECT * FROM votelinks WHERE ID=%u", $_GET['ID']); $itgr = $db->query($isthatgunreal); if($db->num_rows($itgr) == 0) { echo'<p style="text-align:center;">This voting site doesn\'t exist.</p>'; // Now the center tag is deprecated, use some CSS/HTML } else { $t = $db->fetch_row($itgr); } $id = $_GET['ID']; $reward = $t['Reward_qty']; if($t['Reward_type'] == 1) { $s = ($t['Reward_qty'] == 1) ? '' : 's!'; $insertthere = sprintf("INSERT INTO votes2 VALUES(%u,%u)", $userid, $id); $db->query($insertthere); $crystalswon = number_format($reward); event_add($userid,"Thanks for voting, you have gained an extra ".$crystalswon." crystal".$s); $updatethere = sprintf("UPDATE users SET crystals=crystals+%u WHERE userid=%u", $reward, $userid); $db->query($updatethere); } elseif($t['Reward_type'] == 2) { $insertthere = sprintf("INSERT INTO votes2 VALUES(%u,%u)", $userid, $id); $db->query($insertthere); $moneyzwon = money_formatter($reward); event_add($userid,"Thanks for voting, you have gained an extra ".$moneyzwon."!"); $updatethere = sprintf("UPDATE users SET money=money+%u WHERE userid=%u", $reward, $userid); $db->query($updatethere); } echo'<meta http-equiv="refresh" content="0;url='.$t['Link'].' />'; exit; } ?> Thats all, Dont forget to remove the line in the day cron that reads: $db->query("TRUNCATE TABLE votes;");
-
Security tutorial ( done to the best of my ability )
Danny696 replied to Redex's topic in Security Tutorials
$_SEVER['HTTP_X_FORWARDED_FOR'] isnt a defined super global anymore, so it will error. Oh and according to your 'tut', your saying: $db->query("SELECT * FROM users WHERE userid={$_GET['ID']}"); is alot different from this query: $db->query("SELECT * FROM users WHERE userid={$_POST['ID']}"); -
Security tutorial ( done to the best of my ability )
Danny696 replied to Redex's topic in Security Tutorials
Just some things to tell you about: $_GET is wrong so is $_POST floatval ( ) makes sure it’s a floating integer ( any number ) ROLF!! Floting number Oh and why MRES a number? in login register header authenticate.php Global Func??