lucky3809

it was the url hack... you need to secure your $_GET and $_POST and all your forms... but should upgrade to 2.0.3 if you haven't yet.

thank you both... I use firefox 4.. could be the reason...

Did you not ask for testers? And feedback? Anyways you should be greatful for what Rulerofzu is telling you... I couldn't have said it any better myself... You just dont install mccodes and call it done... I never mention your images but they aren't what you would expect from a real graphic designer, who does them frequently... You said text games has no fun in them at all... Then what makes you want to create one? If you hold that opinion greatly and don't see eye to eye with your players your game will head into a major FAIL, it's happened to a lot of games, with owners not caring about the game itself but how much they can earn from installing the codes... Most all your players is going to know mccodes when they see them, and they aren't going to stick around playing if nothing is different... If that were the case they can easily go to the demo mccode site and play the demo game and get the same enjoyment... just saying...

your level exp is located in global_func.php under function check_level()

This mod allows you to ignore mail from users... If you may see something in the code that you do not want in it please feel free to delete it...Dont complain about it, because this is a FREE mod... It's been posted before, but none have worked... SQLS: CREATE TABLE `ignorelist` ( `ig_ID` int(11) NOT NULL auto_increment, `ig_ADDER` int(11) NOT NULL default '0', `ig_ADDED` int(11) NOT NULL default '0', PRIMARY KEY (`ig_ID`) ) ENGINE=MyISAM ;   Open up mailbox.php Find:<a href="mailbox.php?action=delete&ID='.$r['mail_id'].'">Delete</a> <br /> Under it add: [<a href="ignore.php">Ignore</a>]<br /> Find under function mail_send(): $to=$db->fetch_single($q);   Add Under it: $ig=$db->query("SELECT ig_ADDER FROM ignorelist WHERE ig_ADDED=".abs(@intval($_SESSION['userid']))." AND ig_ADDER=$to")or die(mysql_error()); $r=$db->fetch_row($ig); if($r['ig_ADDER']) { die('<h1> Sending Mail Error...</h1><br /> This person has chosen to ignore mails from you.<br /> <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="mailbox.php">Back</a>'); }   Make a new file call it ignore.php And add: <?php include(DIRNAME(__FILE__).'/globals.php'); switch($_GET['action']) { case "add":add_ignore();break; case "remove":remove_ignore();break; default:ignore_list();break; } function ignore_list() { global $db,$ir,$c,$userid; echo '<br/> <h2>Ignore List</h2><br /><br /> <a href="ignore.php?action=add">Ignore a user?</a><br /><br /> <table width="60%"><tr bgcolor="grey"> <td style="width: 35px;"><font color="white">ID</font></td> <td style="width: 100px;"><font color="white">Name</font></td> <td style="width: 50px;"><font color="white"><center>Remove</center></font></td></tr>'; $q=$db->query("SELECT fl.*,u.* FROM ignorelist fl LEFT JOIN users u ON fl.ig_ADDED=u.userid WHERE fl.ig_ADDER=".abs(@intval($_SESSION['userid']))." ORDER BY u.username ASC")or die(mysql_error()); while($r=$db->fetch_row($q)) { $bgcolor = ($bgcolor == "#ececec") ? "#ffffff" : "#ececec"; echo '<tr style="background-color: '.$bgcolor .'"><td>'.$r['userid'].'</td> <td><a href="viewuser.php?u='.abs(@intval($r['userid'])).'">'.$r['username'].'</a></td> <td><center><a href="ignore.php?action=remove&f='.abs(@intval($r['ig_ID'])).'">Remove</a></center></td></tr>'; } echo '</table><br/></div>'; } function add_ignore() { global $db,$ir,$c,$userid; $_POST['ID']= (isset($_POST['ID']) && ctype_digit($_POST['ID'])) ? $_POST['ID'] : ''; if($_POST['ID']) { $qc=$db->query("SELECT ig_ID,ig_ADDER,ig_ADDED FROM ignorelist WHERE ig_ADDER=".abs(@intval($_SESSION['userid']))." AND ig_ADDED=".abs(@intval($_POST['ID']))."")or die(mysql_error()); $q=$db->query("SELECT userid,username FROM users WHERE userid=".abs(@intval($_POST['ID']))."")or die(mysql_error()); if($db->num_rows($qc)) { echo '<h2>Ignoring Mail...</h2><br /><br /> You cannot add the same person twice. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'; } else if($userid==$_POST['ID']) { echo '<h2>Ignoring Mail...</h2><br /><br /> You cannot add yourself. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'; } else if($db->num_rows($q)==0) { echo '<h2>Ignoring Mail...</h2><br /><br /> The id you entered does not exist. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'; } else { $db->query("INSERT INTO ignorelist VALUES('', ".abs(@intval($_SESSION['userid'])).",".abs(@intval($_POST['ID'])).")")or die(mysql_error()); $r=$db->fetch_row($q); echo '<h2>Ignoring Mail...</h2><br /><br /> '.$r['username'].' was added to your ignore list. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'; } } else { echo '<br /> <h2>Ignore Mail</h2><br /><br /> <form action="ignore.php?action=add" method="post"> Player ID: <input type="text" name="ID" value="" /><br /> <input type="submit" value="Ignore" /></form>'; } } function remove_ignore() { global $db,$ir,$c,$userid; $q=$db->query("SELECT ig_ID,ig_ADDER,ig_ADDED FROM ignorelist WHERE ig_ID=".abs(@intval($_GET['f']))." AND ig_ADDER=".abs(@intval($_SESSION['userid']))."")or die(mysql_error()); if($db->num_rows($q) == 0) { die ('<h2>Removing Ignore...</h2><br /><br /> This player is not on your ignore list. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'); } $r=$db->fetch_row($q); $db->query("DELETE FROM ignorelist WHERE ig_ID=".abs(@intval($_GET['f']))." AND ig_ADDER=".abs(@intval($_SESSION['userid']))."")or die(mysql_error()); echo '<h2>Removing Ignore...</h2><br /><br /> Player has been successfully removed from ignore list. <hr style="border-bottom: solid #d6d6d6 1px;" width="400"> <a href="ignore.php">Back</a>'; } $h->endpage(); ?> That should be it enjoy... Note to mods:If your wondering why i didnt use the php bbcode its because it was adding <br /> on every single line...

There will always be bugs and problems with mccodes ... The script in which you guys/girls are using had $_POST mixed with $_GET, it either needs to be all $_POST or all $_GET, in those lines I fixed... Or else it will give the error and not update the database...

i use 850× 650 but 1k is ok.

mine works i have tested it...

You can use floor or ceil instead of round

haha didnt see it until now but take a look at your script... function userlevel() { global $db,$ir,$c,$h,$userid; $_GET['level'] = ( isset($_GET['level'])&&in_array($_POST['level'], array(1,2,3,4,5)) )?abs(intval($_GET['level'])):1; $_GET['ID'] = ( isset($_GET['ID'])&&is_numeric($_GET['ID']) )?abs(intval($_GET['ID'])):''; $d = $db->query('SELECT `userid` FROM `users` WHERE `userid` = '.$_POST['ID']); if ( $db->num_rows($d) == 0 ) { echo 'Invalid user.<br />> <a href="staff_special.php?action=userlevelform">Go Home</a>'; die($h->endpage());   See whats wrong? There is 2 $_POST when it should be $_GET Your script probably works fine now that i changed those... function userlevel() { global $db,$ir,$c,$h,$userid; $_GET['level'] = ( isset($_GET['level'])&&in_array($_GET['level'], array(1,2,3,4,5)) )?abs(intval($_GET['level'])):1; $_GET['ID'] = ( isset($_GET['ID'])&&is_numeric($_GET['ID']) )?abs(intval($_GET['ID'])):''; $d = $db->query('SELECT `userid` FROM `users` WHERE `userid` = '.$_GET['ID']); if ( $db->num_rows($d) == 0 ) { echo 'Invalid user.<br />> <a href="staff_special.php?action=userlevelform">Go Home</a>'; die($h->endpage()); } $db->query("UPDATE `users` SET `user_level` = {$_GET['level']} WHERE `userid` = {$_GET['ID']}"); stafflog_add('Adjusted user ID '.$_GET['ID'].'\'s staff status.'); echo 'User\'s level adjusted.<br />> <a href="staff.php">Go Home</a>'; die($h->endpage()); } function userlevelform() { global $db,$ir,$c,$h,$userid; echo " <h3>User Level Adjust</h3> <form action='staff_special.php?action=userlevel' method='get'> User: ".user_dropdown($c,'ID')." <br /> User Level: <br /> <input type='radio' name='level' value='1' /> Member <br /> <input type='radio' name='level' value='2' /> Admin <br /> <input type='radio' name='level' value='3' /> Secretary <br /> <input type='radio' name='level' value='4' /> IRC Op <br /> <input type='radio' name='level' value='5' /> Assistant <br /> <input type='submit' value='Adjust' /> </form>

Replace those functions with... function userlevel() { global $db,$ir,$c,$h,$userid; $_GET['level']=abs((int) $_GET['level']); $_GET['ID']=abs((int) $_GET['ID']); $db->query("UPDATE users SET user_level={$_GET['level']} WHERE userid={$_GET['ID']}"); print "User's level adjusted."; stafflog_add("Adjusted user ID {$_GET['ID']}'s staff status."); } function userlevelform() { global $db,$ir,$c,$h,$userid; print "<h3>User Level Adjust</h3> <form action='staff_special.php' method='get'> <input type='hidden' name='action' value='userlevel'> User: ".user_dropdown($c,'ID')."<br /> User Level:<br /> <input type='radio' name='level' value='1' /> Member<br /> <input type='radio' name='level' value='2' /> Admin<br /> <input type='radio' name='level' value='3' /> Secretary<br /> <input type='radio' name='level' value='4' /> IRC Op<br /> <input type='radio' name='level' value='5' /> Assistant<br /> <input type='submit' value='Adjust' /></form>"; }   Your getting that query error because it may have not inserted the ID.

dont know if this will work but try... mysql_query('UPDATE `users` SET `brave`=brave + 10 WHERE `brave` > 0');

Here is mine... I dont know if it'll work for you.. but you can try function userlevel() { global $db,$ir,$c,$h,$userid; $_GET['level']=abs((int) $_GET['level']); $_GET['ID']=abs((int) $_GET['ID']); $db->query("UPDATE users SET user_level={$_GET['level']} WHERE userid={$_GET['ID']}"); print "User's level adjusted."; stafflog_add("Adjusted user ID {$_GET['ID']}'s staff status."); } function userlevelform() { global $db,$ir,$c,$h,$userid;   print "<h3>User Level Adjust</h3> <form action='staff_special.php' method='get'> <input type='hidden' name='action' value='userlevel'> User: ".user_dropdown($c,'ID')."<br /> User Level:<br /> <input type='radio' name='level' value='1' /> Member<br /> <input type='radio' name='level' value='2' /> Admin<br /> <input type='radio' name='level' value='3' /> Secretary<br /> <input type='radio' name='level' value='4' /> IRC Op<br /> <input type='radio' name='level' value='5' /> Assistant<br /> <input type='submit' value='Adjust' /></form>"; }

its on his profile http://www.prisonsurvival.co.cc/login.php

change the tables, change the menu, change the bars, add different things into your game, learn php,mysql and make mods... Just do NOT leave it as is... be creative... If your looking to just make money fast off the engine its not going to work you need to put work into it, and not other peoples work either... a player knows when you have worked hard, it shows on what you give them in return for their effort in playing your game... And at this moment you have gaven just a login and logo...

I wouldn't release it to public if it's not secured, the server is slow when logging in... Something in your script is stalling it from loading... And just out of curiosity why did you add beta version 1.0 then your copyright mark in your logo? Should keep the copyright at the bottom... Nothing done differently like Anthony has said nothing "fun" is there... You just installed mccodes made a login and logo.. didnt really code anything in there that i can tell from...

Ok your functions is not the problem... its the link in your smenu page where it should say... <a href='staff_special.php?action=userlevelform'>Adjust User Level</a> If it does not have that then copy and paste that line... it should work evidently the smenu page links are not linking to the actions... Which the action is... userlevelform... which directs the link when clicked to the form...

There is no action meaning one of the links you clicked on didnt direct to an action in the script in which it goes to... Or the action function is not in the script... post your staff_special.php then others can see what link or action is missing.   For an example... You have in smenu.php <a href='staff_special.php?action=userlevelform'>Adjust User Level</a> Then see where the "action=" is? The "userlevelform" is the action... That action should be a function in your staff_special.php.... The link from your menu may be missing an action, or just says <a href='staff_special.php'>... You need to correct it and add an action, if the action is there, make sure it is correctly spelt, if that is fine then the problem is in your staff_special.php, may be missing the action function...

Tonka did give the actual link and it's STILL alive... So what needs to be repost?

well crime exp should be in your staff crime page, or you can modify it in your database under the crimes table...

For time you dont need to go off server time you can use something along the lines.... date_default_timezone_set ("America/Denver"); echo ' '.date('Y-m-j H:i:s ').' '; You add that to wherever the time stamp is in the script the time zone is Colorado,US in the example... I found the example on http://php.net/manual/en/function.date-default-timezone-set.php Your crime formula needs to be changed, there are many threads explaining this just use the search option... Or edit it through your staff crime page or mysql database manually, if you know what formula you want.

nevermind you got it to work lol

Take out... <<<OUT OUT; and replace with print or echo statement...

Are you meaning to have that stat effect at all times? and not just add 0.2% once? If your trying to accomplish this you need to make the item equipped-able,like a weapon... because if the user takes the item, it just adds 0.2% to that particular stat once... You would also have to add the calculation from that item equipped to where the stats show, and add calculations to the attack pages also.

$r['sig']=$bbc->bbcode_parse(htmlspecialchars(stripslashes(($r['sig']))); did you see what you did? lol there is an extra ( should be... $r['sig']=$bbc->bbcode_parse(htmlspecialchars(stripslashes($r['sig'])));