Joshua

LOL You WISH you were idealistic like I am :D   I was bouncing back and forth between this mod, or a re-vamped, upgraded Crack the safe mod--with 3 safes, 10 tries per day on one 4 random integers. one cost 10k to try. one cost 100k to try Larger prizes in larger safes. Each time a user fails at the crack, more money is put in the safe. Once someone Cracks it, the password changes. Shouldnt be to hard to do via a db->query right? if -success blah blah $db->query UPDATE safe where safepass=safepass SET safepass=blah or something along those lines?

IF people are interested I am planning on making this mod, Free, for mwg. In appreciation for helping me along my way. What this mod will do.   Extreme Hitman Agency: Users will be able to create their very own Agencies. Users will be able to accept or deny applications for Hitmen Users will be able to request Other users to Join their Hitman orginization Hitman Shop: Where All available hitman Factions will be viewable, and users can select which agency they'd like to use. A list of targets requested by users and price they are asking. A list of available hitmen in the faction and the ability to choose which hitman receives which task. Upon completion of the hits, the Owner will collect a percentage of the hit cost The assassin will collect the majority of the cost. An assassin Hall of Fame An Agency Hall of Fame   That was a lot just typing that >< I'm about to embark on construction of this mod, Just figured I'd feel everyone out on it and see if they'd be interested in this or have any requests or suggestions. This will take me a bit of time, but it will be my first free mod for mwg ( first free one that i count :P)

Ok, so Granted i don't know EVERYTHING...but after 8 months now of working on my own site and dealing with attempted hacks, I've learned a few things.   I figured i' d make this post as just saying (Secure ALL pages) Doesn't appear to get through to people and for SOME reason everyone thinks that a few Header inserts will stop a hack. Let me help you better understand why THIS is not going to stop anything.   1. abs@intval in header for securing users ID, ViewTopic and ViewForum, stop just that. They make sure the user is the Right user. That's it, nothing more. So while that may stop a quick URL injection hack, it doesnt stop SQL injections in your forums or any other form of hack XSS shell etc. __________________ 2. $IP hack is about one of the Only fixes I've seen on this board that helps stop a full fledged hacker that has more than 2 hacks to copy and paste. People were using an Older version of Firefox and an X sploofer to IP hack games and make themselves admins. The $IP secure stops this. _________________________ Here are the Following pages that I know of that are exploitable and should be secured, Use mysql_real_escape To secure $_POSTS and $_GETS in all these folders, that's a starter.   Forum TOPIC Forum SUBJECT----Even with the secured forums <meta tag> hacks will work on those 2. Secure them or even better, Ban if someone tries it automatically. Signature--Again, <meta hacks> Can use signature to A. Auto admin when an Admin views your profile. or B. Re-Direct users to another site when they view your profile.. or C. The possibilites are endless.   Display Pic---By inserting hacks, users can become admin upon being viewed, just as Sig.   Username: Make sure they can't enter hacks, secure your names. Forum Avatar/Sig---AGAIN secure this.   Player Report---it's a form, It can be exploited. Bug Report---Another exploitable form. Player Ads---Exploitable forms Staff Apps--Forms Basically Any page where you can Insert Form Data is the most susceptible to malicious attacks. Secure all your $_GET and $_POST variables when possible and to prevent SHELL type hacks. Also learn to use sprintf( to clean all data. Never share your Cpanel access with ANYONE you can't trust. Change your password every so often--Keep it Difficult, dont make it "cool" or "silver" Try adding characthers and remember them such as... iam!!elite2 View your Error logs!--This will tell you where people are trying to access your site! It also tells you their I.P for banning reasons :-) and helps you out with any little bugs you may encounter. If you are able to do so Change your staff_special folder over to a differant name no one will find out or guess. Then stick it in a specially named folder...go into everything that calls for staff special and rename it to your new name/location. That will stop the Auto Admin problem 100%. Unless they manage to upload a shell >< That's all for now, I'll edit if i remember any more stuff. If you have questions about just how to do any of the stuff i asked, they make this BEAUTIFUL little feature, it's up top of the boards in the Right Hand corner, right next to a pretty green arrow..called.> SEARCH Thanks :) ----IF YOU HAVE any question as to whether your site is vulnerable to hacks, Message me here or on msn [email protected] and I'll attempt the few that I have discovered. --Nothing Malicious like a Shell Upload as I'm not sure how that one works-- Then you will know where to start.

lol Epic.   I dno, someone wanted it for their game, figured it's out may as well post. perhaps someone else might use it< shrugz > I dont agree with half the mods on these boards :p

It is an Xss Injection By inserting a few hack codes into the Display Pic via their Preferances they are Auto Admin'd on Some games when an admin views them. Some Advice: I took my Staff_Special.php (and a few others) Completely Renamed them. Stuck them in a folder in my filemanager password protected that folder. Then put a Staff Password query into my Database users Then had a mod added that If a user somehow manages to become an Admin, and his IP address and Password in the database isnt what I have set for the Admins I allow, he is auto fedded.   Secure---ALL form data. Just about every game out right now is vulnerable to <meta tag> injections. Some idiot tried this on my game last night. learn to use mysql_real_escape($_POST) for form data entries Places to look   Bug Report ---Form Data. Player Ads ---Form Data Staff Apps ---Form Data Display Pic----Form Data Signature---IF you dont have BBcode enabled, get it. Forum Avatar/Sig---Form Data Stocks ---Form Data Forum SUBJECT and TITLE---Form Data. I'm sure there are more, but that will get you started.

Oh there are TONS of people with the basic Mccodes layout with a few adjustments or a header. Beleive that lol.. :) I dont get why everyone makes the exact same Mafia Based game there must be a million of them out there, all have the exact same layout for the most part and all are ..eh...the same.

LOL don't hate :P It's Underworld + Twilight combined Kinda inter mixing them. It's not your mccodes type game tho... :) If you saw it now you wouldnt even know it's mccodes as most files have been re-coded, re-named, it's not a "mccodes" layout ;) going for some originality here :D

EVERYTHING i've done to my race mod has turned out just like I wanted it. HOWEVER :| I cannot no matter what I do (tried this off and on for months) Get my Gym to do what it's supposed to I need it to give me a multipler for a certain stat for certain races i.e if you are a vampire, you get more agility per workout human guard wolf strength I DNO WHY i cant get this to work :\ I have an idea it has to do with gain and i'm just doign something wayyy wrong. <?php $macropage="gym2.php"; require "globals.php"; if($ir['hospital']) { die("<prb>This page cannot be accessed while in hospital.</prb>"); } $statnames=array( 'Strength' => 'strength', 'Agility' => 'agility', 'Guard' => 'guard', 'Labour' => 'labour'); $_POST['amnt']=abs((int) $_POST['amnt']); if(!$ir['jail']) { print "<h1>Gym</h1><hr width='90%' align='left' />"; } else { print "<h1>Jail Gym</h1><hr width='90%' align='left' />"; } if($_POST['stat'] && $_POST['amnt']) { $stat=$statnames[$_POST['stat']]; if(!$stat) { die("<prb>This stat cannot be trained.</prb>"); } if($_POST['amnt'] > $ir['energy']) { print("<prb>You do not have enough energy to train that much.</prb><hr width='90%' align='left' />"); } else { $gain=0; for($i=0; $i<$_POST['amnt']; $i++) { $gain+=rand(1,3)/rand(800,1000)*rand(800,1000)*(($ir['will']+20)/150); $ir['will']-=rand(1,3); if($ir['will'] < 0) { $ir['will']=0; } } if($ir['jail']) { $gain/=2; } $db->query("UPDATE `userstats` SET `{$stat}` = `{$stat}` + $gain WHERE `userid` = $userid"); $db->query("UPDATE `users` SET `will` = {$ir['will']}, energy = energy - {$_POST['amnt']} WHERE `userid` = $userid"); if($ir['race'] == 1 AND $stat=="guard") { $inc=$ir[$stat]+$gain*5; $inc2=$ir['energy']-$_POST['amnt']; } else if($ir['race'] == 2 AND $stat=="agility") { $inc=$ir[$stat]+$gain*20; $inc2=$ir['energy']-$_POST['amnt']; } else if($ir['race'] == 3 AND $stat=="guard") { $inc=$ir[$stat]+$gain*5; $inc2=$ir['energy']-$_POST['amnt']; } else { $inc=$ir[stat]+$gain*1.1; $inc2=$ir['energy']-$_POST['amnt']; } if($stat=="strength") { print "You start to lift some weights, You go heavier and heavier until You are out of energy. You have gained {$gain} strength by doing {$_POST['amnt']} sets of weights. You now have {$inc} strength and {$inc2} energy left."; } elseif($stat=="agility") { print "You Begin to run on the treadmill, You keep tapping the faster button till you fly off the damn thing!. You have gained {$gain} agility by doing {$_POST['amnt']} minutes of running. You now have {$inc} agility and {$inc2} energy left."; } elseif($stat=="guard") { print "You jump into the pool and begin swimming, you keep flapping your arms in the water like Michael Felps, you get a cramp and almost drown. You have gained {$gain} guard by doing {$_POST['amnt']} minutes of swimming. You now have {$inc} guard and {$inc2} energy left."; } elseif($stat=="labour") { print "You walk over to the front desk, and ask the manager If you can volunteer to help the gym out, He says unload the boxes In the back, You unload boxes until the gym closes You have gained {$gain} labour by unloading {$_POST['amnt']} boxes. You now have {$inc} labour and {$inc2} energy left."; } print "<hr />"; $ir['energy']-=$_POST['amnt']; $ir[$stat]+=$gain; } } $ir['strank']=get_rank($ir['strength'],'strength'); $ir['agirank']=get_rank($ir['agility'],'agility'); $ir['guarank']=get_rank($ir['guard'],'guard'); $ir['labrank']=get_rank($ir['labour'],'labour'); print "<table width='90%'><tr><td> Welcome to the Second Gym! You can train up to <prb>{$ir['energy']}</prb> times with your current energy.</p></td></tr></table> <hr width='90%' align='left' /> <table width='90%' class='table'> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Strength'></input> <th width='15%'><ph2>Strength:</ph2></th> <td width='15%'>{$ir['strength']}</td> <td width='10%'>(Rank {$ir['strank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}' length='5'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Agility'></input> <th width='15%'><ph2>Agility:</ph2></th> <td width='15%'>{$ir['agility']}</td> <td width='10%'>(Rank {$ir['agirank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Guard'></input> <th width='15%'><ph2>Guard:</ph2></th> <td width='15%'>{$ir['guard']}</td> <td width='10%'>(Rank {$ir['guarank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Labour'></input> <th width='15%'><ph2>Labour:</ph2></th> <td width='15%'>{$ir['labour']}</td> <td width='10%'>(Rank {$ir['labrank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> </table> <hr width='90%' align='left' /> "; $h->endpage(); ?>   pllz help :P

Na, I figured it out. I just added in Staff Items, 5 races ( my game has 3) So if they are bitten they become 4 or 5th race. Put race in the Arrays Put a drop down to select which race can use the item So now when I create the Item i can select which race can use it. Then I set the amount to Decrease, Value to 3 or 4 depending on which vaccine. So when they use it it sets their race backwards accordingly Just tested, works 100% :D Now if i could jsut get gym to work ><

Ok, Updated my original Post THAT will work for sure :-) Got ahead of myself and workin on 3 diff mods at once i tend to have a few typos..WHICH only makes things take EVEN longer ;) Enjoy

My race = 4 and the Item Race = 4. But when I try to use it tells me I'm not the right race. i've had this working b4 and i'm not sure wth it isnt working now > <   <?php include "globals.php"; global $ir; $_GET['ID'] = abs((int) $_GET['ID']); //Food if(!$_GET['ID']) { print "Invalid use of file"; } else if($ir['race'] != $_GET['item_race']) { print "You aren't the right race to equip this item"; $h->endpage(); exit; } else { $i=$db->query("SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid"); if(mysql_num_rows($i) == 0) { print "Invalid item ID"; } else { $r=$db->fetch_row($i); if(!$r['effect1_on'] && !$r['effect2_on'] && !$r['effect3_on']) { die("Sorry, this item cannot be used as it has no effect."); } if($r['effect1_on']) { $einfo=unserialize($r['effect1']);

oops i madea booboo on postign hah. it should be   $db->query("INSERT INTO crystalmarket VALUES('', $rand, 1, $price)");

gurpreet I tried it on my game 4 him, it worked 100% :P Why mt_rand ? what's wrong with rand :O

EDIT---I FIGURED IT OUT---THNX nywho :)

meh i'm trying :P Just wanted to keep the sprintf up as it seems that whole script is sprintf'd lol :P ***ON A SIDE NOTE****   This is either Magictallguys script or Karlos's Script Why did you remove the Copyright info?

Ok, just finished getting this to work for someone else, and now gonna post in here. It's really simple, 3 lines of code. This is just so Staff ( if they want ) To keep points on the market. You can insert this into your min, 5 min, day, or week cron, or w/e you choose. (again, looks like an inflation causer to me :P) All this does is every *set* amount of time It adds Crystals to the Crystal market. You can set a Price on them or You can make it a random price, up to you. Find $c=$db->connection_id; Add this underneath. $rand=rand(1,5);//This selects a random number between 1-5 $price=$rand*5000;//This takes the Random number and Multiplies it by 5000 to change just change 5000 or 1,5   Next in your db queries somewhere insert this $db->query("INSERT INTO crystalmarket VALUES('', $rand, 1, $price)");   Yey, that was hard. :P

OK, JUST FOR YOU ;) I got it working. I tested this on my Minute Cron. Insert right under   $c=$db->connection_id;   $rand=rand(1,5); $price=$rand*5000;   The $rand is selecting a number between 1-5 and the Multiplier is Price. So if you want them to be cheaper, or more expensive alter these. 5*5000 = 25000 per POINT so that's 125k for 5 points. To alter that Change up the Rand integers or just lower the *5000 Multiplier. Now, In your $db->queries Insert this somewhere $db->query("INSERT INTO crystalmarket VALUES('', $rand, 1, $price)");   And you're done, DAMN i finally learn to code and there's not +1's ;P

echo sprintf("Rating: [<a href=rating.php?change=up&ID={$r['userid']}><img src=positive.gif></a>]", @intval{$r['rating']} "[<a href=rating.php?change=down&ID={$r['userid']}><img src=negative.gif></a>]");

what about Just insert it into the 5 minute cron, takes all of 5 minutes =P db query the cmarket to update with points have to find the exact call to the cmarket listing as i dno it off top of my head lemme go look. EDIT: K, that didnt work, let me mess with it a few mins :p

last I checked she still posts on Dev-forums tho

I've already had testers, Other than the Gym and The cron_day not working quite right the mod is 100% functional :-) Was up all night last night finishing the bite mod. It kinda works off the same concept as the human or zombie mod with a few alterations to the original attackbite.php and some security I originally purchased a race mod like this a long time ago, but wasnt happy with the limitations. It was a decent mod but had room for expansion. So I completely re-coded it and added more features etc. Still looking for ideas for more features to add to it :-) Anyone like to help me figure the problem with Gym? I've gone over and over it, but I can't figure out why it won't update differant races. They always get the equal work-out I "think" I am seeing the problem though a fix will be a pain, can anyone confirm? I would need to Race Specify the $gain and not just the $inc?   <?php $macropage="gym2.php"; require "globals.php"; if($ir['hospital']) { die("<prb>This page cannot be accessed while in hospital.</prb>"); } $statnames=array( 'Strength' => 'strength', 'Agility' => 'agility', 'Guard' => 'guard', 'Labour' => 'labour'); $_POST['amnt']=abs((int) $_POST['amnt']); if(!$ir['jail']) { print "<h1>Gym</h1><hr width='90%' align='left' />"; } else { print "<h1>Jail Gym</h1><hr width='90%' align='left' />"; } if($_POST['stat'] && $_POST['amnt']) { $stat=$statnames[$_POST['stat']]; if(!$stat) { die("<prb>This stat cannot be trained.</prb>"); } if($_POST['amnt'] > $ir['energy']) { print("<prb>You do not have enough energy to train that much.</prb><hr width='90%' align='left' />"); } else { $gain=0; for($i=0; $i<$_POST['amnt']; $i++) { $gain+=rand(1,3)/rand(800,1000)*rand(800,1000)*(($ir['will']+20)/150); $ir['will']-=rand(1,3); if($ir['will'] < 0) { $ir['will']=0; } } if($ir['jail']) { $gain/=2; } $db->query("UPDATE `userstats` SET `{$stat}` = `{$stat}` + $gain WHERE `userid` = $userid"); $db->query("UPDATE `users` SET `will` = {$ir['will']}, energy = energy - {$_POST['amnt']} WHERE `userid` = $userid"); if($ir['race'] == 1 AND $stat=="guard") { $inc=$ir[$stat]+$gain*5; $inc2=$ir['energy']-$_POST['amnt']; } else if($ir['race'] == 2 AND $stat=="agility") { $inc=$ir[$stat]+$gain*20; $inc2=$ir['energy']-$_POST['amnt']; } else if($ir['race'] == 3 AND $stat=="guard") { $inc=$ir[$stat]+$gain*5; $inc2=$ir['energy']-$_POST['amnt']; } else { $inc=$ir[stat]+$gain*1.1; $inc2=$ir['energy']-$_POST['amnt']; } if($stat=="strength") { print "You start to lift some weights, You go heavier and heavier until You are out of energy. You have gained {$gain} strength by doing {$_POST['amnt']} sets of weights. You now have {$inc} strength and {$inc2} energy left."; } elseif($stat=="agility") { print "You Begin to run on the treadmill, You keep tapping the faster button till you fly off the damn thing!. You have gained {$gain} agility by doing {$_POST['amnt']} minutes of running. You now have {$inc} agility and {$inc2} energy left."; } elseif($stat=="guard") { print "You jump into the pool and begin swimming, you keep flapping your arms in the water like Michael Felps, you get a cramp and almost drown. You have gained {$gain} guard by doing {$_POST['amnt']} minutes of swimming. You now have {$inc} guard and {$inc2} energy left."; } elseif($stat=="labour") { print "You walk over to the front desk, and ask the manager If you can volunteer to help the gym out, He says unload the boxes In the back, You unload boxes until the gym closes You have gained {$gain} labour by unloading {$_POST['amnt']} boxes. You now have {$inc} labour and {$inc2} energy left."; } print "<hr />"; $ir['energy']-=$_POST['amnt']; $ir[$stat]+=$gain; } } $ir['strank']=get_rank($ir['strength'],'strength'); $ir['agirank']=get_rank($ir['agility'],'agility'); $ir['guarank']=get_rank($ir['guard'],'guard'); $ir['labrank']=get_rank($ir['labour'],'labour'); print "<table width='90%'><tr><td> Welcome to the Second Gym! You can train up to <prb>{$ir['energy']}</prb> times with your current energy.</p></td></tr></table> <hr width='90%' align='left' /> <table width='90%' class='table'> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Strength'></input> <th width='15%'><ph2>Strength:</ph2></th> <td width='15%'>{$ir['strength']}</td> <td width='10%'>(Rank {$ir['strank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}' length='5'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Agility'></input> <th width='15%'><ph2>Agility:</ph2></th> <td width='15%'>{$ir['agility']}</td> <td width='10%'>(Rank {$ir['agirank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Guard'></input> <th width='15%'><ph2>Guard:</ph2></th> <td width='15%'>{$ir['guard']}</td> <td width='10%'>(Rank {$ir['guarank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> <tr> <form action='gym2.php' method='post'> <input type='hidden' name='stat' value='Labour'></input> <th width='15%'><ph2>Labour:</ph2></th> <td width='15%'>{$ir['labour']}</td> <td width='10%'>(Rank {$ir['labrank']})</td> <td width='40%'>Times to train: <input type='text' name='amnt' value='{$ir['energy']}'></input></td> <td width='20%'><input type='submit' value='Go!'></input></td> </form> </tr> </table> <hr width='90%' align='left' /> "; $h->endpage(); ?>

Ok, so I have had this mod for awhile, and it has been altered several times to fit my game. It's more of advanced Charachter Class mod than the one posted on here before. What this does is the following.   1. 3 Races to choose from. Upon registration Each Race is sent to a Start city you set up and given a certain set of stats. ie. i have vampire, werewolves and humans Vampire starts off in Forks==A vampire only city that humans or wolves cannot go to. They start off 10,10,50,10,10 "somethin to that effect. Wolf starts in La Push ==A wolf only city starting stats 10,50,10,10,10 Human = human only city 10,10,10,50,10 More can be added to this part of the registration, "ie" what level they start off as etc. _____________________________________________________________________   Race specific cities and Monorail.--checks the race of the characther and allows only certain races in places you choose. ___________________________________________________ Race Specific Items ----------You can create items for each race, and only That race can purchase or Equip that item. __________________________________________________ Can alter this a bit--In my game, I have it set up so If you are a human, and you are attacked by a vampire or a werewolf and the species wins. They have the option to Bite a Human and turn you into a 4th race (actually 4th or 5th depending on which species bit you) Named Infected. The human then has Until the Day Cron resets to Seek a Vaccination to Stay human or else he changes to the race that bit him. ________________________________________________________________ Depending on which race you are, You gain Differant stats in the Gym. i.e if you are a werwolf and you train say..strength you get a (*10 multiplier where as human gets *5 as vampire. ..etc..etc. ______________________________________________________________ Depending on your Race, Differant Stats raise quicker. like..humans willpower goes up a bit faster. __________________________________________________ I have a few more additions to this mod and I've been fully integrating it to my game. Just having problems getting the Gym to work properly and The crons to update properly. Would this hold any interest for anyone?

<?php include "globals.php"; $statnames=array( 'Strength' => 'strength', 'Agility' => 'agility', 'Guard' => 'guard', 'Labour' => 'labour'); $_POST['statselect']=abs((int) $_POST['statselect']); if($_POST['statselect']) { $stat=$statnames($_POST['statselect']); { $withdrawn=($stat/5)*100; $db->query("UPDATE userstats SET '{$stat}'='{$stat}'-$withdrawn WHERE 'userid'=".$userid.""); $db->query("Insert into implants (statid, userid, stat, amount) VALUES ('',".$ir['userid'].",'$statselect','$withdrawn')"); $inc=$ir[$stat]-$withdrawn; if($statselect=="strength") { print "You Safety Managed to fill the Stat Implant with some of your strength. You have lost {$withdrawn} strength from this process. You now have {$inc} strength."; } elseif($statselect=="agility") { print "You Safety Managed to fill the Stat Implant with some of your Agility. You have lost {$withdrawn} agility from this process. You now have {$inc} agility."; } elseif($statselect=="guard") { print "You Safety Managed to fill the Stat Implant with some of your Guard. You have gained {$withdrawn} guard from this process. You now have {$inc} guard."; } elseif($statselect=="labour") { print "You Safety Managed to fill the Stat Implant with some of your Labour. You have gained {$withdrawn} labour from this process. You now have {$inc} labour."; } elseif($statselect=="IQ") { print "You Safety Managed to fill the Stat Implant with some of your IQ. You have gained {$withdrawn} labour from this process. You now have {$inc}."; } else if(!$statselect) { die("This stat cannot be withdrawn."); } print "<hr />"; $ir['stat']-=$_POST['withdrawn']; $ir[$stat]-=$withdrawn; } } $ir['strank']=get_rank($ir['strength'],'strength'); $ir['agirank']=get_rank($ir['agility'],'agility'); $ir['guarank']=get_rank($ir['guard'],'guard'); $ir['labrank']=get_rank($ir['labour'],'labour'); $ir['IQrank']=get_rank($ir['IQ'],'IQ'); print "Choose the stat you want to withdraw from. <form action='testeresi.php' method='post'> Stat: <select type='dropdown' name='statselect'> <option style='color:red;' value='Strength'>Strength (Have {$ir['strength']}, Ranked {$ir['strank']}) <option style='color:blue;' value='Agility'>Agility (Have {$ir['agility']}, Ranked {$ir['agirank']}) <option style='color:green;' value='Guard'>Guard (Have {$ir['guard']}, Ranked {$ir['guarank']}) <option style='color:brown;' value='Labour'>Labour (Have {$ir['labour']}, Ranked {$ir['labrank']}) <option style='color:Yellow;' value='Labour'>Labour (Have {$ir['IQ']}, Ranked {$ir['IQrank']}) </select> <input type='submit' value='withdrawn' /></form>"; $h->endpage(); ?>

How do you know what all he was doing on your site? I'm curious as to how you log things of that nature. I have the log malicious users script, but it only tells me when they attempt to access my staff panel. Is their some sort of keylogger type program that works in-game telling you what the user is doing?

Hmm Bizzare. I'll have to go through it and see if i cant find a leak :\