Joshua

I've only got around 200 or so month's time running. but about 70% active, i'm gonna give it a shot, i really need the blackjack script for a mod i'm working on :P

And that did work and after going over it and reading it a bit better I see why. All 3 have to be != for that to work Gotcha >< I was thinking about it wrong, god sometimes i sware. =P Thanks man +1

Hm seems like i've tried that way because it's saying if the race doesnt match ALL 3. At least that's what I was reading >,<   Perhaps I'm reading it wrong, i'll give it a go :p

Problem i'm having Seany Is that it only has to match ONE of the 3. So if($ir['race'] != $r['item_race'] BUT It matches item_race2 or item_race 3. They can use the item If $IR race doesnt match ANY of the 3 they cant :P

Pm sent, Should be a simple fix and i'm brain farting over here. that's why I was thinking i may have to set up some form of array

Tried that, $r is set.   I want an IF type function, i.e if their race matches ANY of the 3 they can use so if their race is 3. and item_race=2, item_race2=2, item_race3=3 THey can use but if it's not in those 3, they cant.....make sense? :P

I wish they'd get it installed already so i can go check it out lol :P

The way I want this to work is if a user matches ANY of the 3 race settings they can use it. If they Don't match, it denies them. I am not sure how to get this to work like that   if($ir['race'] != $r['item_race'] OR $ir['race'] != $r['item_race2'] OR $ir['race'] != $r['item_race3']) { print "The selected item is not able to be used by your race."; $h->endpage(); exit; } Any help would be appreciated, i'm thinking using arrays, but not sure how i'd set that up properly.

7 Sets of this mod Left.

Should be a big hit :) Was def a good idea by frank

Edit: Didnt read rmpb's post first time Thumbs up :D

+1 bro, I know you worked hard on this :)

Could even do it like this   $_GET --- $a=$_GET = isset($_GET) && !empty($_GET]) && ctype_digit($_GET) $b=$_GET = isset($_GET]) && !empty($_GET) && ctype_alnum($_GET) ? $_GET : FALSE; ---- $_POST -- $c=$_POST = mysql_real_escape_string(htmlentities($_POST)); $d=$_GET= abs(@intval($_GET)); *NOTE* Even by putting just this in Global Functions it does absolutely nothing. You would have to go to each script you have, decide whether it's a get or post and put the appropriate function But it would get a few things done.

Hm havent thought about that. What would be a fix to stop something like that....Get imagesize no?

Sent you a Pm as well :p msn works, but I originally messaged the seller of this mod on Dev-Forum :p either way, i just need the mod as i'm purchasing for a client as an addition to a more in depth mod i've made for them to go with this.

I did have an idea the other night though I'm not 100% it would work because there is no other PHP function that is the same as $_POST   Perhaps in global functions $x = abs@(intval($_POST)) $y = mysql_real_escape_string($_POST)   then replace all get/posts with x and y defined on pages. Would speed things up if it would work right, though i'm sure someone will have something to say about it :P Would if nothing else be a start.

Ok since you asked nicely i'll do a search on all 4 forums i play around on and compile a list with my additional knowledge. Though undoubtedly those will appear saying McCodes cant be secured :P

It isnt bad, Unless someone attaches a shell to the picture :\ I could be wrong on this but if would just check the image size and if their is a %00 shell attached to it, it wouldnt catch it then a user could upload a shell

Now if he'd just log on and sell it to me we'd be good :) I've already got mods coded for this mod >< Users in Jail have their own shop, cigarettes as Currency. They gamble and trade cigarrettes to spend in jail store to purchase items needed for jail quests iso quest mod plz :p

It is about time you are almost done with this damn mod :p you're a pest with it! ;) heheh j/k man. Glad to see it's almost complete :)

tons of loopholes, those topics i posted are just a few run searches like $IP secure cmarket hack sprintf mysql_real_escape MRES abs(@intval topics htmlentities all those will give you a step in the right direc

Np, looks good, i'll have a look at it when i'm finished up with this mod for a client :)

I disagree slightly Zero :P Although mccodes is unsecure as crap It is fixable. other than the .1% chance someone can get into any thing ;)   Just takes a lot more work than most are willing to put into i   i.e renaming all database tables securing and renaming all files special folders for certain files like crons and staff stuff, and a secure host. Do-able, whether or not people want to or why not just build a new game engine instead tho... well...there are so many mods made "for" mccodes that's probably part of the reason ;) Tons of free mods that you don't have to write yourself :P

Agreed.

Seriously folks, after literally 3 minutes of the search feature i found all these, 3 minutes of looking. If i took time out of my day to actually search the boards, i could probably get a list of over 200 links. Just because you are to lazy and would rather make a new post each time you want security done doesnt mean we are going to reply. I help where I can and when I can as paying back to mwg for teaching me things I didnt know. But i'll be D**ned if every single time someone posts how to i'm going to find links and tell them. If you don't know how to secure your site, and you are to lazy to learn how to do it. Go to File Manager Click on public_html click Delete. Grab another hobby. There is no..here....i'll repeat again. THERE IS NO THERE IS NOTHERE IS NO THERE IS NO THERE IS NO THERE IS NO THERE IS NO THERE IS NO Quick fix for security. Someone will always be better than you. If you want your site secure for real, go through every damn file and secure it. $_GET, $_POST, Being 2 major keys. SprintF to clean data the list goes on. Even if you paid ME to do it, or anyone, it's not going to be 100% secure. You want a really secure game? Have a new engine custom designed for you, OR go through and re do every single McCodes file and Database table, then hope and pray to god you won't get hacked. Even the most secure site on the planet is only 99%.       Watch out for this hacker question about XSS hacks.. Secured Preferances, 1 small error. Secure all pages using globals or header Help !!URGENT!! secure sprintf() Query.. Secure mccodes How Can I Secure A Game? [mccode] 8 Lines to secure your site from known sql injections. How to secure a few things!