Joshua
-
Posts
1,271 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Everything posted by Joshua
-
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
Yep :) Figured why let it go to waste ;) Makes it more interesting anywho. -
Hm...never thought of that aspect, may have to do some looking myself ><
-
Raven is IDENTICAL in coding to MCv2 I've seen the scripts on both NEITHER are more secure than the other. :)
-
**/e Waits**
-
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
'hospreason' should be `hospreason` it's a column not a string ;-) -
What's the mod :p
-
Simply to stop the drama as i'm sick of it........ What was the mod, i'll code the darn thing for free.
-
Ditto, Without constructive criticism where would we be ;)
-
Eh nothing horrible about it, just another typical McCodes / Torn clone :\
-
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
Oddly enough the above script worked perfect for me i tested...and i extracted the sqls as is..so i dno what the err is -
When I get home We'll talk ;p I have a few that i own that are down atm so you'd be starting with nill users, but the price because of this would be fair. Some use McCodes, one uses the GL engine and I was working on one using the GRPG engine.
-
http://www.prisonstruggle.com
-
Actually Nicholas, you could secure that particular post variable in the header and it would cover the whole script as it's a super global. So yes, you can secure it one time in the proper location and it globally secures. Is it the best practice? na, but whether you secure the $_POST variable each time it is used in each query or directly under include('globals.php') at the top of the page it will achieve the same effect and secure exactly the same Again, this doesnt secure every variable and injection point in the script, but it will secure that particular variable In the entire script after $_POST['variable'] = abs((int) $_POST['variable']); $_POST['variable'] will always be an integer and only an integer. Again, this will just secure that variable and not all, but that's what was being discussed so :P :P
-
A popular American Soap Opera :p One Life to Live All My Children General Hospital All the same Genre :P
-
All My Children should do a series about these boards.
-
I tend to secure all $_POST and $_GET at the beinning of a script it makes it a bit safer and less likely you set it as safe in the wrong section and it fails. At bare minimum $_POST['number'] = abs((int) $_POST['number']) always
-
just add OR die(mysql_error()); to the end of your queries, start at the top and work your way down till you find the issue, :P
-
I'm not home at the moment but i have shaveds 3 column template as well as a revamped one that is a bit better giving use out of the right side menu. Also working on a few freebie layouts as practice, when i'm home i'll post them up
-
Not bad, even secured the post Variable to a degree (: Thumbs up. :thumbup:
-
Different way of going about 'User Display Pictures'.
Joshua replied to Djkanna's topic in Free Modifications
I was actually surprised as you were on the upload pic form. I designed a php/photo gallery site for a family member who is a photographer and had to enable a simple upload form for new pictures. Google tuts ftw ^_^ They also came in handy for using jquery/ajax with the new slideshow i made....It's amazing....I thought I knew html pretty well to have something as basic as an upload form throw me for a loop lol...... Nice Mod (: -
Ravan code is identical to McCodes V2. So I'm not seeing how you feel it's "safer" The only thing they changes with Ravan script was the Banner and mccodes to Ravan. Seriously........
-
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
equip_leggings.php <?php include "globals.php"; $_GET['ID'] = abs((int) $_GET['ID']); $id=$db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1"); if($db->num_rows($id)==0) { print "Invalid item ID"; $h->endpage(); exit; } else { $r=$db->fetch_row($id); } if(!$r['leggings']) { print "This item cannot be equipped to this slot."; $h->endpage(); exit; } if($_GET['type']) { if(!in_array($_GET['type'], array("equip_leggings"))) { print "This slot ID is not valid."; $h->endpage(); exit; } if($ir[$_GET['type']]) { item_add($userid, $ir[$_GET['type']], 1); } item_remove($userid, $r['itmid'], 1); $db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}"); print "Item {$r['itmname']} equipped successfully."; } else { print "<h3>Equip Leggings</h3><hr /> <form action='equip_leggings.php' method='get'> <input type='hidden' name='ID' value='{$_GET['ID']}' /> Click Equip Leggings to equip {$r['itmname']} as your leggings, if you currently have any leggings equipped it will be removed back to your inventory. <input type='hidden' name='type' value='equip_leggings' /> <input type='submit' value='Equip Leggings' /></form>"; } $h->endpage(); ?> SQLs SQL's ALTER TABLE `items` ADD `boots` int(11) NOT NULL default '0', `helmet` int(11) NOT NULL default '0', `breastplate` int(11) NOT NULL default '0', `leggings` int(11) NOT NULL default '0', `gloves` int(11) NOT NULL default '0', Delete the Armor Column in Items. ALTER TABLE `users` ADD `equip_helmet` int(11) NOT NULL default '0', `equip_boots` int(11) NOT NULL default '0', `equip_breastplate` int(11) NOT NULL default '0', `equip_leggings` int(11) NOT NULL default '0', `equip_gloves` int(11) NOT NULL default '0', Delete equip_armor From users. -
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
equip_boots.php <?php include "globals.php"; $_GET['ID'] = abs((int) $_GET['ID']); $id=$db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1"); if($db->num_rows($id)==0) { print "Invalid item ID"; $h->endpage(); exit; } else { $r=$db->fetch_row($id); } if(!$r['boots']) { print "This item cannot be equipped to this slot."; $h->endpage(); exit; } if($_GET['type']) { if(!in_array($_GET['type'], array("equip_boots"))) { print "This slot ID is not valid."; $h->endpage(); exit; } if($ir[$_GET['type']]) { item_add($userid, $ir[$_GET['type']], 1); } item_remove($userid, $r['itmid'], 1); $db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}"); print "Item {$r['itmname']} equipped successfully."; } else { print "<h3>Equip Boots</h3><hr /> <form action='equip_boots.php' method='get'> <input type='hidden' name='ID' value='{$_GET['ID']}' /> Click Equip Boots to equip {$r['itmname']} as your boots, if you currently have any boots equipped it will be removed back to your inventory. <input type='hidden' name='type' value='equip_boots' /> <input type='submit' value='Equip Boots' /></form>"; } $h->endpage(); ?> equip_breastplate.php <?php include "globals.php"; $_GET['ID'] = abs((int) $_GET['ID']); $id=$db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1"); if($db->num_rows($id)==0) { print "Invalid item ID"; $h->endpage(); exit; } else { $r=$db->fetch_row($id); } if(!$r['breastplate']) { print "This item cannot be equipped to this slot."; $h->endpage(); exit; } if($_GET['type']) { if(!in_array($_GET['type'], array("equip_breastplate"))) { print "This slot ID is not valid."; $h->endpage(); exit; } if($ir[$_GET['type']]) { item_add($userid, $ir[$_GET['type']], 1); } item_remove($userid, $r['itmid'], 1); $db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}"); print "Item {$r['itmname']} equipped successfully."; } else { print "<h3>Equip Breastplate</h3><hr /> <form action='equip_breastplate.php' method='get'> <input type='hidden' name='ID' value='{$_GET['ID']}' /> Click Equip Breastplate to equip {$r['itmname']} as your Breastplate, if you currently have any breastplates equipped it will be removed back to your inventory. <input type='hidden' name='type' value='equip_breastplate' /> <input type='submit' value='Equip Breastplate' /></form>"; } $h->endpage(); ?> equip_gloves.php <?php include "globals.php"; $_GET['ID'] = abs((int) $_GET['ID']); $id=$db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1"); if($db->num_rows($id)==0) { print "Invalid item ID"; $h->endpage(); exit; } else { $r=$db->fetch_row($id); } if(!$r['gloves']) { print "This item cannot be equipped to this slot."; $h->endpage(); exit; } if($_GET['type']) { if(!in_array($_GET['type'], array("equip_gloves"))) { print "This slot ID is not valid."; $h->endpage(); exit; } if($ir[$_GET['type']]) { item_add($userid, $ir[$_GET['type']], 1); } item_remove($userid, $r['itmid'], 1); $db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}"); print "Item {$r['itmname']} equipped successfully."; } else { print "<h3>Equip Gloves</h3><hr /> <form action='equip_gloves.php' method='get'> <input type='hidden' name='ID' value='{$_GET['ID']}' /> Click Equip Glove to equip {$r['itmname']} as your gloves, if you currently have any gloves equipped it will be removed back to your inventory. <input type='hidden' name='type' value='equip_gloves' /> <input type='submit' value='Equip Gloves' /></form>"; } $h->endpage(); ?> equip_helmet.php <?php include "globals.php"; $_GET['ID'] = abs((int) $_GET['ID']); $id=$db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1"); if($db->num_rows($id)==0) { print "Invalid item ID"; $h->endpage(); exit; } else { $r=$db->fetch_row($id); } if(!$r['helmet']) { print "This item cannot be equipped to this slot."; $h->endpage(); exit; } if($_GET['type']) { if(!in_array($_GET['type'], array("equip_helmet"))) { print "This slot ID is not valid."; $h->endpage(); exit; } if($ir[$_GET['type']]) { item_add($userid, $ir[$_GET['type']], 1); } item_remove($userid, $r['itmid'], 1); $db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}"); print "Item {$r['itmname']} equipped successfully."; } else { print "<h3>Equip Helmet</h3><hr /> <form action='equip_helmet.php' method='get'> <input type='hidden' name='ID' value='{$_GET['ID']}' /> Click Equip Helmet to equip {$r['itmname']} as your helmet, if you currently have any helmets equipped it will be removed back to your inventory. <input type='hidden' name='type' value='equip_helmet' /> <input type='submit' value='Equip Helmet' /></form>"; } $h->endpage(); ?> -
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
staff_items.php <?php include "sglobals.php"; //This contains item stuffs switch($_GET['action']) { case 'newitem': new_item_form(); break; case 'newitemsub': new_item_submit(); break; case 'giveitem': give_item_form(); break; case 'giveitemsub': give_item_submit(); break; case 'killitem': kill_item_form(); break; case 'killitemsub': kill_item_submit(); break; case 'edititem': edit_item_begin(); break; case 'edititemform': edit_item_form(); break; case 'edititemsub': edit_item_sub(); break; case 'newitemtype': newitemtype(); break; default: print "Error: This script requires an action."; break; } function new_item_form() { global $db,$ir,$c; if($ir['user_level'] > 2) { die("403"); } print "<h3>Adding an item to the game</h3><form action='staff_items.php?action=newitemsub' method='post'> Item Name: <input type='text' name='itmname' value='' /> Item Desc.: <input type='text' name='itmdesc' value='' /> Item Type: ".itemtype_dropdown($c,'itmtype')." Item Buyable: <input type='checkbox' name='itmbuyable' checked='checked' /> Item Price: <input type='text' name='itmbuyprice' /> Item Sell Value: <input type='text' name='itmsellprice' /> <hr /> [b]Usage Form[/b]<hr /> [b]<u>Effect 1</u>[/b] On? <input type='radio' name='effect1on' value='1' /> Yes <input type='radio' name='effect1on' value='0' checked='checked' /> No Stat: <select name='effect1stat' type='dropdown'> <option value='energy'>Energy</option> <option value='will'>Will</option> <option value='brave'>Brave</option> <option value='hp'>Health</option> <option value='strength'>Strength</option> <option value='agility'>Agility</option> <option value='guard'>Guard</option> <option value='labour'>Labour</option> <option value='IQ'>IQ</option> <option value='hospital'>Hospital Time</option> <option value='jail'>Jail Time</option> <option value='money'>Money</option> <option value='crystals'>Crystals</option> <option value='cdays'>Education Days Left</option> <option value='bankmoney'>Bank money</option> <option value='cybermoney'>Cyber money</option> <option value='crimexp'>Crime XP</option> </select> Direction: <select name='effect1dir' type='dropdown'> <option value='pos'>Increase</option> <option value='neg'>Decrease</option> </select> Amount: <input type='text' name='effect1amount' value='0' /> <select name='effect1type' type='dropdown'> <option value='figure'>Value</option> <option value='percent'>Percent</option> </select><hr /> [b]<u>Effect 2</u>[/b] On? <input type='radio' name='effect2on' value='1' /> Yes <input type='radio' name='effect2on' value='0' checked='checked' /> No Stat: <select name='effect2stat' type='dropdown'> <option value='energy'>Energy</option> <option value='will'>Will</option> <option value='brave'>Brave</option> <option value='hp'>Health</option> <option value='strength'>Strength</option> <option value='agility'>Agility</option> <option value='guard'>Guard</option> <option value='labour'>Labour</option> <option value='IQ'>IQ</option> <option value='hospital'>Hospital Time</option> <option value='jail'>Jail Time</option> <option value='money'>Money</option> <option value='crystals'>Crystals</option> <option value='cdays'>Education Days Left</option> <option value='bankmoney'>Bank money</option> <option value='cybermoney'>Cyber money</option> <option value='crimexp'>Crime XP</option> </select> Direction: <select name='effect2dir' type='dropdown'> <option value='pos'>Increase</option> <option value='neg'>Decrease</option> </select> Amount: <input type='text' name='effect2amount' value='0' /> <select name='effect2type' type='dropdown'> <option value='figure'>Value</option> <option value='percent'>Percent</option> </select><hr /> [b]<u>Effect 3</u>[/b] On? <input type='radio' name='effect3on' value='1' /> Yes <input type='radio' name='effect3on' value='0' checked='checked' /> No Stat: <select name='effect3stat' type='dropdown'> <option value='energy'>Energy</option> <option value='will'>Will</option> <option value='brave'>Brave</option> <option value='hp'>Health</option> <option value='strength'>Strength</option> <option value='agility'>Agility</option> <option value='guard'>Guard</option> <option value='labour'>Labour</option> <option value='IQ'>IQ</option> <option value='hospital'>Hospital Time</option> <option value='jail'>Jail Time</option> <option value='money'>Money</option> <option value='crystals'>Crystals</option> <option value='cdays'>Education Days Left</option> <option value='bankmoney'>Bank money</option> <option value='cybermoney'>Cyber money</option> <option value='crimexp'>Crime XP</option> </select> Direction: <select name='effect3dir' type='dropdown'> <option value='pos'>Increase</option> <option value='neg'>Decrease</option> </select> Amount: <input type='text' name='effect3amount' value='0' /> <select name='effect3type' type='dropdown'> <option value='figure'>Value</option> <option value='percent'>Percent</option> </select><hr /> [b]Combat Usage[/b] Helmet Defense: <input type='text' name='helmet' value='0' /> Weapon Power: <input type='text' name='weapon' value='0' /> Boots Defense: <input type='text' name='boots' value='0' /> BreastPlate Defense: <input type='text' name='amulet' value='0' /> Leggings Defense: <input type='text' name='braclet' value='0' /> Gloves Defense: <input type='text' name='ring' value='0' /> <input type='submit' value='Add Item To Game' /></form>"; } function new_item_submit() { global $db,$ir,$c,$h; if($ir['user_level'] > 2) { die("403"); } if(!isset($_POST['itmname']) || !isset($_POST['itmdesc']) || !isset($_POST['itmtype']) || !isset($_POST['itmbuyprice']) || !isset($_POST['itmsellprice'])) { print "You missed one or more of the fields. Please go back and try again. [url='admin.php?action=newitem']> Back[/url]"; $h->endpage(); exit; } $itmname=$db->escape($_POST['itmname']); $itmdesc=$db->escape($_POST['itmdesc']); $weapon=abs((int) $_POST['weapon']); $helmet=abs((int) $_POST['helmet']); $boots=abs((int) $_POST['boots']); $amulet=abs((int) $_POST['amulet']); $braclet=abs((int) $_POST['braclet']); $ring=abs((int) $_POST['ring']); $special=abs((int) $_POST['special']); if($_POST['itmbuyable'] == 'on') { $itmbuy=1; } else { $itmbuy=0; } $efx1=$db->escape(serialize(array("stat" => $_POST['effect1stat'], "dir" => $_POST['effect1dir'], "inc_type" => $_POST['effect1type'], "inc_amount" => abs((int) $_POST['effect1amount'])))); $efx2=$db->escape(serialize(array("stat" => $_POST['effect2stat'], "dir" => $_POST['effect2dir'], "inc_type" => $_POST['effect2type'], "inc_amount" => abs((int) $_POST['effect2amount'])))); $efx3=$db->escape(serialize(array("stat" => $_POST['effect3stat'], "dir" => $_POST['effect3dir'], "inc_type" => $_POST['effect3type'], "inc_amount" => abs((int) $_POST['effect3amount'])))); $m=$db->query("INSERT INTO items VALUES('',{$_POST['itmtype']},'$itmname','$itmdesc',{$_POST['itmbuyprice']},{$_POST['itmsellprice']},$itmbuy, '{$_POST['effect1on']}', '$efx1', '{$_POST['effect2on']}', '$efx2', '{$_POST['effect3on']}', '$efx3', $weapon, $boots, $helmet, $amulet, $braclet, $ring)"); print "The {$_POST['itmname']} Item was added to the game."; stafflog_add("Created item {$_POST['itmname']}"); } function give_item_form() { global $db,$ir,$c; if($ir['user_level'] > 3) { die("403"); } print "<h3>Giving Item To User</h3> <form action='staff_items.php?action=giveitemsub' method='post'> User: ".user_dropdown($c,'user')." Item: ".item_dropdown($c,'item')." Quantity: <input type='text' name='qty' value='1' /> <input type='submit' value='Give Item' /></form>"; } function give_item_submit() { global $db,$ir,$c; if($ir['user_level'] > 3) { die("403"); } $db->query("INSERT INTO inventory VALUES('',{$_POST['item']},{$_POST['user']},{$_POST['qty']},0,0)",$c) or die(mysql_error()); print "You gave {$_POST['qty']} of item ID {$_POST['item']} to user ID {$_POST['user']}"; stafflog_add("Gave {$_POST['qty']} of item ID {$_POST['item']} to user ID {$_POST['user']}"); } function kill_item_form() { global $db,$ir,$c,$h,$userid; if($ir['user_level'] > 2) { die("403"); } print "<h3>Deleting Item</h3> The item will be permanently removed from the game. <form action='staff_items.php?action=killitemsub' method='post'> Item: ".item_dropdown($c,'item')." <input type='submit' value='Kill Item' /></form>"; } function kill_item_submit() { global $db,$ir,$c,$h,$userid; if($ir['user_level'] > 2) { die("403"); } $d=$db->query("SELECT * FROM items WHERE itmid={$_POST['item']}"); $itemi=$db->fetch_row($d); $db->query("DELETE FROM items WHERE itmid={$_POST['item']}"); $db->query("DELETE FROM shopitems WHERE sitemITEMID={$_POST['item']}"); $db->query("DELETE FROM inventory WHERE inv_itemid={$_POST['item']}"); $db->query("DELETE FROM itemmarket WHERE imITEM={$_POST['item']}"); print "The {$itemi['itmname']} Item was removed from the game."; stafflog_add("Deleted item {$itemi['itmname']}"); } function edit_item_begin() { global $db,$ir,$c,$h,$userid; if($ir['user_level'] > 2) { die("403"); } print "<h3>Editing Item</h3> You can edit any aspect of this item. <form action='staff_items.php?action=edititemform' method='post'> Item: ".item_dropdown($c,'item')." <input type='submit' value='Edit Item' /></form>"; } function edit_item_form() { global $db,$ir,$c,$h; if($ir['user_level'] > 2) { die("403"); } $d=$db->query("SELECT * FROM items WHERE itmid={$_POST['item']}"); $itemi=$db->fetch_row($d); print "<h3>Editing Item</h3> <form action='staff_items.php?action=edititemsub' method='post'> <input type='hidden' name='itmid' value='{$_POST['item']}' /> Item Name: <input type='text' name='itmname' value='{$itemi['itmname']}' /> Item Desc.: <input type='text' name='itmdesc' value='{$itemi['itmdesc']}' /> Item Type: ".itemtype_dropdown($c,'itmtype',$itemi['itmtype'])." Item Buyable: <input type='checkbox' name='itmbuyable'"; if ($itemi['itmbuyable']) { print " checked='checked'"; } print " /> Item Price: <input type='text' name='itmbuyprice' value='{$itemi['itmbuyprice']}' /> Item Sell Value: <input type='text' name='itmsellprice' value='{$itemi['itmsellprice']}' /><hr />[b]Usage Form[/b]<hr />"; $stats=array( "energy" => "Energy", "will" => "Will", "brave" => "Brave", "hp" => "Health", "strength" => "Strength", "agility" => "Agility", "guard" => "Guard", "labour" => "Labour", "IQ" => "IQ", "hospital" => "Hospital Time", "jail" => "Jail Time", "money" => "Money", "crystals" => "Crystals", "cdays" => "Education Days Left", "bankmoney" => "Bank money", "cybermoney" => "Cyber money", "crimexp" => "Crime XP"); for($i=1;$i<=3;$i++) { if($itemi["effect".$i]) { $efx=unserialize($itemi["effect".$i]); } else { $efx=array("inc_amount" => 0); } $switch1=($itemi['effect'.$i.'_on'] > 0) ? " checked='checked'" : ""; $switch2=($itemi['effect'.$i.'_on'] > 0) ? "" : " checked='checked'"; print "[b]<u>Effect {$i}</u>[/b] On? <input type='radio' name='effect{$i}on' value='1'$switch1 /> Yes <input type='radio' name='effect{$i}on' value='0'$switch2 /> No Stat: <select name='effect{$i}stat' type='dropdown'>"; foreach($stats as $k => $v) { if($k==$efx['stat']) { print "<option value='{$k}' selected='selected'>{$v}</option>\n"; } else { print "<option value='$k'>{$v}</option>\n"; } } if($efx['dir']=="neg") { $str="<option value='pos'>Increase</option><option value='neg' selected='selected'>Decrease</option>"; } else { $str="<option value='pos' selected='selected'>Increase</option><option value='neg'>Decrease</option>"; } if($efx['inc_type']=="percent") { $str2="<option value='figure'>Value</option><option value='percent' selected='selected'>Percent</option>"; } else { $str2="<option value='figure' selected='selected'>Value</option><option value='percent'>Percent</option>"; } print "</select> Direction: <select name='effect{$i}dir' type='dropdown'>{$str} </select> Amount: <input type='text' name='effect{$i}amount' value='{$efx['inc_amount']}' /> <select name='effect{$i}type' type='dropdown'>{$str2}</select><hr />"; } print "[b]Combat Usage[/b] Weapon Power: <input type='text' name='weapon' value='{$itemi['weapon']}' /> Helmet Defense: <input type='text' name='helmet' value='{$itemi['helmet']}' /> Boots Defense: <input type='text' name='boots' value='{$itemi['boots']}' /> BreastePlate Defense: <input type='text' name='amulet' value='{$itemi['breastplate']}' /> Leggings Defense: <input type='text' name='braclet' value='{$itemi['leggings']}' /> Gloves Defense: <input type='text' name='ring' value='{$itemi['gloves']}' /> <input type='submit' value='Edit Item' /></form>"; } function edit_item_sub() { global $db,$ir,$c,$h,$userid; if($ir['user_level'] > 2) { die("403"); } if(!isset($_POST['itmname']) || !isset($_POST['itmdesc']) || !isset($_POST['itmtype']) || !isset($_POST['itmbuyprice']) || !isset($_POST['itmsellprice'])) { print "You missed one or more of the fields. Please go back and try again. [url='staff_items.php?action=edititem']> Back[/url]"; $h->endpage(); exit; } $itmname=$_POST['itmname']; $itmdesc=$_POST['itmdesc']; $weapon=abs((int) $_POST['weapon']); $armor=abs((int) $_POST['armor']); $helmet=abs((int) $_POST['helmet']); $boots=abs((int) $_POST['boots']); $amulet=abs((int) $_POST['amulet']); $braclet=abs((int) $_POST['braclet']); $ring=abs((int) $_POST['ring']); $special=abs((int) $_POST['special']); if($_POST['itmbuyable'] == 'on') { $itmbuy=1; } else { $itmbuy=0; } $db->query("DELETE FROM items WHERE itmid={$_POST['itmid']}",$c); $efx1=$db->escape(serialize(array("stat" => $_POST['effect1stat'], "dir" => $_POST['effect1dir'], "inc_type" => $_POST['effect1type'], "inc_amount" => abs((int) $_POST['effect1amount'])))); $efx2=$db->escape(serialize(array("stat" => $_POST['effect2stat'], "dir" => $_POST['effect2dir'], "inc_type" => $_POST['effect2type'], "inc_amount" => abs((int) $_POST['effect2amount'])))); $efx3=$db->escape(serialize(array("stat" => $_POST['effect3stat'], "dir" => $_POST['effect3dir'], "inc_type" => $_POST['effect3type'], "inc_amount" => abs((int) $_POST['effect3amount'])))); $m=$db->query("INSERT INTO items VALUES('{$_POST['itmid']}',{$_POST['itmtype']},'$itmname','$itmdesc',{$_POST['itmbuyprice']},{$_POST['itmsellprice']},$itmbuy, '{$_POST['effect1on']}', '$efx1', '{$_POST['effect2on']}', '$efx2', '{$_POST['effect3on']}', '$efx3', $weapon, $boots, $helmet, $amulet, $braclet, $ring)"); print "The {$_POST['itmname']} Item was edited successfully."; stafflog_add("Edited item {$_POST['itmname']}"); } function newitemtype() { global $db,$ir,$c,$h,$userid; if($ir['user_level'] > 2) { die("403"); } if($_POST['name']) { $db->query("INSERT INTO itemtypes VALUES(NULL, '{$_POST['name']}')"); print "Item Type {$_POST['name']} added."; stafflog_add("Added item type {$_POST['name']}"); } else { print "<h3>Add Item Type</h3><hr /> <form action='staff_items.php?action=newitemtype' method='post'> Name: <input type='text' name='name' /> <input type='submit' value='Add Item Type' /></form>"; } } $h->endpage(); ?> -
mccode-v2 Advanced Attack and Inventory Mod--One Click.
Joshua replied to Joshua's topic in Free Modifications
inventory.php <?php require_once("globals.php"); $q=$db->query("SELECT * FROM `items` WHERE `itmid` IN({$ir['equip_primary']},{$ir['equip_secondary']},{$ir['equip_armor']},{$ir['equip_helmet']},{$ir['equip_boots']},{$ir['equip_leggings']},{$ir['equip_gloves']},{$ir['equip_breastplate']})"); echo "<h3>Equipped Items</h3><hr />"; while($r=$db->fetch_row($q)) { $equip[$r['itmid']]=$r; } echo "<table width='75%' cellspacing='1' class='table'> <tr> <th>Helmet</th> <td>"; if($equip[$ir['equip_helmet']]['itmid']) { echo $equip[$ir['equip_helmet']]['itmname']."</td><td>[url='unequip.php?type=equip_helmet']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo '</tr> <tr> <th>Breast Plate</th> <td>'; if($equip[$ir['equip_breastplate']]['itmid']) { echo $equip[$ir['equip_breastplate']]['itmname']."</td> <td>[url='unequip.php?type=equip_breastplate']Unequip Item[/url]</td>"; } else { print 'None equipped.</td><td> </td>'; } print '</tr> </tr> <tr> <th>Primary Weapon</th> <td>'; if($equip[$ir['equip_primary']]['itmid']) { echo $equip[$ir['equip_primary']]['itmname']."</td> <td>[url='unequip.php?type=equip_primary']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo '</tr> <tr> <th>Secondary Weapon</th> <td>'; if($equip[$ir['equip_secondary']]['itmid']) { echo $equip[$ir['equip_secondary']]['itmname']."</td><td>[url='unequip.php?type=equip_secondary']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo '</tr> <tr> <th>Leggings</th> <td>'; if($equip[$ir['equip_leggings']]['itmid']) { echo $equip[$ir['equip_leggings']]['itmname']."</td> <td>[url='unequip.php?type=equip_braclet']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo '</tr> <tr> <th>Gloves</th> <td>'; if($equip[$ir['equip_gloves']]['itmid']) { echo $equip[$ir['equip_gloves']]['itmname']."</td> <td>[url='unequip.php?type=equip_ring']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo '</tr> <tr> <th>Boots</th> <td>'; if($equip[$ir['equip_boots']]['itmid']) { echo $equip[$ir['equip_boots']]['itmname']."</td><td>[url='unequip.php?type=equip_boots']Unequip Item[/url]</td>"; } else { echo 'None equipped.</td><td> </td>'; } echo "</tr> </table><hr /> <h3>Inventory</h3><hr />"; $inv=$db->query("SELECT iv.*,i.*,it.* FROM `inventory` iv LEFT JOIN `items` i ON iv.`inv_itemid`=i.`itmid` LEFT JOIN `itemtypes` it ON i.`itmtype`=it.`itmtypeid` WHERE iv.`inv_userid`={$userid} ORDER BY i.`itmtype` ASC, i.`itmname` ASC"); if ($db->num_rows($inv) == 0) { echo "[b]You have no items\![/b]"; } else { echo "[b]Your items are listed below.[/b] <table width=100% class=\"table\" border=\"0\" cellspacing=\"1\"> <tr> <td class=\"h\">Item</td> <td class=\"h\">Sell Value</td> <td class=\"h\">Total Sell Value</td> <td class=\"h\">Links</td> </tr>"; $lt=""; while($i=$db->fetch_row($inv)) { if($lt!=$i['itmtypename']) { $lt=$i['itmtypename']; echo "\n<tr><td colspan=4>[b]{$lt}[/b]</td></tr>"; } if($i['weapon']) { $i['itmname']="<font color='red'>*</font>".$i['itmname']; } if($i['armor']) { $i['itmname']="<font color='green'>*</font>".$i['itmname']; } if($i['helmet']) { $i['itmname']="<font color='blue'>*</font>".$i['itmname']; } if($i['boots']) { $i['itmname']="<font color='pink'>*</font>".$i['itmname']; } if($i['breastplate']) { $i['itmname']="<font color='brown'>*</font>".$i['itmname']; } if($i['leggings']) { $i['itmname']="<font color='yellow'>*</font>".$i['itmname']; } if($i['gloves']) { $i['itmname']="<font color='lime'>*</font>".$i['itmname']; } echo "<tr><td>".$i['itmname'].""; if ($i['inv_qty'] > 1) { echo "x".$i['inv_qty'].""; } echo "</td><td>$".$i['itmsellprice']."</td><td>"; echo "$".($i['itmsellprice']."*".$i['inv_qty']).""; echo "</td><td>[[url='iteminfo.php?ID=".$i[']Info[/url]]"; echo ' [[url="itemsend.php?ID='.$i['inv_id'].'"]Send[/url]] [[url="itemsell.php?ID='.$i['inv_id'].'"]Sell[/url]] [[url="imadd.php?ID='.$i['inv_id'].'"]Add To Market[/url]] [[url="itemuse.php?ID='.$i['inv_id'].'"]Use[/url]]'; if($i['effect1_on'] || $i['effect2_on'] || $i['effect3_on']) { echo ' [[url="itemuse.php?ID='.$i['inv_id'].'"]Use[/url]]'; } if($i['weapon']) { echo ' [[url="equip_weapon.php?ID='.$i['inv_id'].'"]Equip as Weapon[/url]]'; } if($i['armor']) { echo ' [[url="equip_armor.php?ID='.$i['inv_id'].'"]Equip as Armor[/url]]'; } if($i['helmet']) { echo ' [[url="equip_helmet.php?ID='.$i['inv_id'].'"]Equip as Helmet[/url]]'; } if($i['boots']) { echo ' [[url="equip_boots.php?ID='.$i['inv_id'].'"]Equip as Boots[/url]]'; } if($i['breastplate']) { echo ' [[url="equip_breastplate.php?ID='.$i['inv_id'].'"]Equip as BreastPlate[/url]]'; } if($i['leggings']) { echo ' [[url="equip_leggings.php?ID='.$i['inv_id'].'"]Equip as Leggings[/url]]'; } if($i['gloves']) { echo ' [[url="equip_ring.php?ID='.$i['inv_id'].'"]Equip as Gloves[/url]]'; } echo '</td></tr>'; } echo '</table>'; echo '[size="1"][b]NB:[/b] Items with a small red [/size]<font color="red">*</font>[size="1"] next to their name can be used as weapons in combat. Items with a small green [/size]<font color="green">*</font>[size="1"] next to their name can be used as armor in combat. Items with a small blue [/size]<font color="blue">*</font>[size="1"] next to their name can be used as a helmet in combat. Items with a small pink [/size]<font color="pink">*</font>[size="1"] next to their name can be used as boots in combat. Items with a small brown [/size]<font color="brown">*</font>[size="1"] next to their name can be used as leggings in combat. Items with a small lime [/size]<font color="lime">*</font>[size="1"] next to their name can be used as a breastplate in combat. Items with a small yellow [/size]<font color="yellow">*</font><small> next to their name can be used as gloves in combat. '; } $h->endpage(); ?>