Nicholas

hmm... hope it will be how i want it :)

lol thanks.

hi, i remembered from while ago that a player on my game wanted some attack logs made for them so they know who attacked them. well i made it and now i feel like sharing it lol. its a quite simple mod but still here... i called this file "ayw.php" (attacks you won)   <?php include "globals.php"; $atks=$db->query("SELECT a.*,u1.username as attackern, u2.username as attackedn FROM attacklogs a LEFT JOIN users u1 ON a.attacker=u1.userid LEFT JOIN users u2 ON a.attacked=u2.userid WHERE (u1.userid=$userid) AND result='won' ORDER BY time DESC LIMIT 100"); print "[b]Attack Logs - The last 100 players you have killed.[/b] <center><table width=50% cellspacing=1 class='table' border='1' bordercolor='#636363'></center> <tr> <th>Time</th> <th>Attacked</th> </tr>"; while($r=$db->fetch_row($atks)) { $d=date('F j, Y, g:i:s a',$r['time']); print "<tr> <td><center>$d</td> <td>[url='viewuser.php?u={$r[']<center>{$r['attackedn']}[/url]</td> </tr>"; } print "</table>"; ?> i called this file "ayl.php" (attacks you lost)   <?php include "globals.php"; $atks=$db->query("SELECT a.*,u1.username as attackern, u2.username as attackedn FROM attacklogs a LEFT JOIN users u1 ON a.attacker=u1.userid LEFT JOIN users u2 ON a.attacked=u2.userid WHERE (u2.userid=$userid) AND result='won' ORDER BY time DESC LIMIT 100"); print "[b]Attack Logs - The last 100 players that killed you.[/b] <center><table width=50% cellspacing=1 class='table' border='1' bordercolor='#636363'></center> <tr> <th>Time</th> <th>Attacker</th> </tr>"; while($r=$db->fetch_row($atks)) { $d=date('F j, Y, g:i:s a',$r['time']); print "<tr> <td><center>$d</td> <td>[url='viewuser.php?u={$r[']<center>{$r['attackern']}[/url] </td> </tr>"; } print "</table>"; ?> in explore just add these links anywhere you want...   [url='ayw.php']<font color=green>Your Attack Logs (won)</font>[/url] [url='ayl.php']<font color=red>Your Attack Logs (lost)</font>[/url]   hope you like it :P

ive only been coding for just over 3 months lol, and im kinda a slow learner lol. also ive tried searching for security stuff on google, im not a good searcher lol. cant find any tips at all... i do happen to have a "essential PHP Security" book made by Chris Shiflett tho... im gonna try and learn them the book about security.

well like i said on the first post, i dont know how much this mod will cost... why i asked if someone could like tell me how much they will charge or whatever?

guess no one knows how to make it or whatever...

most probably the cordindates on the image are wrong so the links dont appear in the right place, btw this was a quick reply...

small problem about this mod... most of the Sqaures dont have a link on them. only about 30% of them do... could you fix it for us please?

hi everyone, im wondering... could anyone please make or redirect me to a mod like this. instead of a eductional schools where it works on days to complete... could you make it so you have to train it yourself every hour but you can only train the course 10 times a day... when you train the course you get some % on the course (set on the creation of the course) for example, each train you get like 0.1%, 1%, 10% or so on... when the course becomes 100% or higher, it will complete and you get a event saying you completed your course and you gained blah blah strength, agility, defence and blah blah... depending on what you set when the admin makes the course. i want the layout to be like this ------------------------------------------------------------------------------------------------------- Course Name | Current Module | Completed Modules | Train Course ---------------------------------------------------------------------------------------------- Becoming A Pirate | Forge A Sword (41% Completed) | Finding Materials | Train -------------------------------------------------------------------------------------------------------- Couldnt get it to go all together, but you should get the idea you can set up like 1-3 different sections of the course so it isnt that easy to complete the course. for example... say you wanted to do a course called Becoming A Pirate -- and you wanted to set 3 sections up on it you can set the sections up like this 1st part --- Finding Materials (once at 100% it will carry on the course but on 2nd part) 2nd part --- Forge A Sword (once at 100% it will carry on the course but goes to the 3rd part of the course) 3rd part --- Kill A Pirate (once at 100% you will be rewarded the stats and the course will be completed) you will beable to work on 3 different courses at a time, so you dont have to train only 1 course at a time and get bored. lol. [align=center]i dont know how much this mod cost... so if you could... could you tell me how much you will charge to make this mod for me. if you need more information please contact me, ill try putting up more information on how i want the mod.[/align]

ahh ha i think i figured the bloody thing out! i added this to globals.php   function anti_inject($campo) { foreach($campo as $key => $val) { $val = mysql_real_escape_string($val); // store it back into the array $campo[$key] = $val; } return $campo; //Returns the the var clean } //the next two lines make sure all post and get vars are filtered through this function $_POST = anti_inject($_POST); $_GET = anti_inject($_GET);

its doing it for everything... gang description mailbox messages profile signiture usershops description and blah blah... i never edited anything so i have no idea why its doing it... i do keep on thinking its something to do with the server.

never heard of that function lol. is it like this stuff? < br /> and /n if so, that doesnt work nither just says this when i try changing my gang description   hi, welcome test   do you think it could be something to do with the server?

hi, im having a huge problem and cant figure out why its happening! say someone on my game puts   hi, welcome to blah blah the requirements to join is the following... strength, agility, defence in hall of fame active daily   but some reason it comes out like this   hi, welcome to blah blah the requirements to join is the following... strength, agility, defence in hall of fame active daily   it doesnt allow enter bars (drop down a line) any idea why it would be doing this?

hi im wondering could someone help me convert this into sprintf coding please? its for prefs.php this is the action bit   case 'PDChange2': PDChange2(); break; case 'PDChange': PDChange(); break;   this is the function   function PDChange() { global $ir,$db,$userid; echo "<h3>Personal Details Change</h3>"; $pd=$db->query("SELECT * FROM pdetails WHERE userid=$userid"); $p=$db->fetch_row($pd); echo "<form action='prefs.php?act=PDChange2' method='post'> <center><table></center> <tr> <td align='center' valign='left'> <div style='text-align: left;'> First Name:</td> <td><input type='text' name='fistname' value='{$p['first']}' /></td></tr><tr> <td>Last Name:</td> <td><input type='text' name='lastname' value='{$p['last']}' /></td></tr><tr> <td>Age:</td> <td><input type='text' name='age' value='{$p['age']}' /></td></tr><tr> <td>Aim Of The Game:</td> <td><input type='text' name='aog' value='{$p['aog']}' /></td></tr><tr> <td>Msn:</td> <td><input type='text' name='msn' value='{$p['msn']}' /></td></tr><tr> <td>Aim:</td> <td><input type='text' name='aim' value='{$p['aim']}' /></td></tr><tr> <td>Aol:</td> <td><input type='text' name='aol' value='{$p['aol']}' /></td></tr><tr> <td>Yahoo:</td> <td><input type='text' name='yahoo' value='{$p['yahoo']}' /></td></tr><tr> <td>Personal Details:</td> <td><select name='pdetails' type='dropdown'> <option value='ON'>On <option value='OFF'>Off</select> <input type='submit' value='Update' /></form></td></div></tr></table>"; } function PDChange2() { global $db,$userid; $pd=$db->query("SELECT * FROM pdetails WHERE userid=$userid"); $p=$db->fetch_row($pd); $db->query("UPDATE pdetails SET first='{$_POST['fistname']}', last='{$_POST['lastname']}', age='{$_POST['age']}', aog='{$_POST['aog']}', msn='{$_POST['msn']}', aim='{$_POST['aim']}', aol='{$_POST['aol']}', yahoo='{$_POST['yahoo']}', personal='{$_POST['pdetails']}' WHERE userid=$userid"); echo "Personal Details Changed!"; }   this is my attempt... couldnt do it... didnt work :/ no good with sprintf stuff, but my prefs.php is in sprintf :/   function PDChange() { global $ir,$db,$userid,$h; $pd=$db->query("SELECT * FROM pdetails WHERE userid=$userid"); $p=$db->fetch_row($pd); $db->query(sprintf("UPDATE pdetails SET first='%s', last='%s', age='%s', aog='%s', msn='%s', aim='%s', aol='%s', yahoo='%s', personal='%s' WHERE `userid`='%d'", $_POST['fistname'], $_POST['lastname'], $_POST['age'], $_POST['aog'], $_POST['msn'], $_POST['aim'], $_POST['aol'], $_POST['yahoo'], $_POST['pdetails'], $ir['userid'])); $h->endpage(); exit } else { echo '<h3 style="text-decoration: underline;">Personal Details Change</h3> <form action="prefs.php?act=PDChange" method="post">'; echo sprintf(" <center><table></center> <tr> <td align='center' valign='left'> <div style='text-align: left;'> First Name:</td> <td><input type='text' name='fistname' value='%s' /></td></tr><tr> <td>Last Name:</td> <td><input type='text' name='lastname' value='%s /></td></tr><tr> <td>Age:</td> <td><input type='text' name='age' value='%s' /></td></tr><tr> <td>Aim Of The Game:</td> <td><input type='text' name='aog' value='%s' /></td></tr><tr> <td>Msn:</td> <td><input type='text' name='msn' value='%s /></td></tr><tr> <td>Aim:</td> <td><input type='text' name='aim' value='%s' /></td></tr><tr> <td>Aol:</td> <td><input type='text' name='aol' value='%s' /></td></tr><tr> <td>Yahoo:</td> <td><input type='text' name='yahoo' value='%s' /></td></tr><tr> <td>Personal Details:</td> <td><select name='pdetails' type='dropdown'> <option value='ON'>On <option value='OFF'>Off</select> <input type="submit" value="Update" /></form></td></div></tr></table>"; }

i agree with him too... but... im not a good coder, so i wouldnt know how to remake attacktake.php (exp one)

figured a way how to slow it down. (players leveling up)   $qe=$r['level']*$r['level']*$r['level']; if($ir['level'] <= 15) { $expgain = rand($qe/2,$qe) > $ir['exp_needed'] / 100 * 15 ? $ir['exp_needed']/100*15 : rand($qe/2,$qe); } else if($ir['level'] > 15 && $ir['level'] <= 50) { $expgain = rand($qe/2,$qe) > $ir['exp_needed'] / 100 * 10 ? $ir['exp_needed']/100*10 : rand($qe/2,$qe); } else if($ir['level'] > 50 && $ir['level'] <= 100) { $expgain = rand($qe/2,$qe) > $ir['exp_needed'] / 100 * 5 ? $ir['exp_needed']/100*5 : rand($qe/2,$qe); } else { $expgain = rand($qe/2,$qe) > $ir['exp_needed'] / 100 * 3 ? $ir['exp_needed']/100*3 : rand($qe/2,$qe); } $expperc=(int) ($expgain/$ir['exp_needed']*100);   any level lower and level 15, max exp you can get is 15% by attacking a high level. any level between level 15 to 50 the max exp you can get is 10% by attacking a high level. any level between level 50 to 100 the max exp you can get is 5% by attacking a high level. and finally any level higher and level 100 should only get 3% exp. even if they attack a level like 500 times higher and their level.

so its all wrong then? lol also php.net is confusing... i cant figure out how to use it to get information... lol.

hi, im wondering... would this make it secure? halloffame.php   $filter['filter'] = abs(@intval($filter['filter'])); $filter['filter'] = isset($filter['filter']) && is_string($filter['filter']) ? strtolower(trim($filter['filter'])) : ""; $filter['filters'] = abs(@intval($filter['filters'])); $filter['filters'] = isset($filter['filters']) && is_string($filter['filters']) ? strtolower(trim($filter['filters'])) : ""; $filters['filter'] = abs(@intval($filters['filter'])); $filters['filter'] = isset($filters['filter']) && is_string($filters['filter']) ? strtolower(trim($filters['filter'])) : ""; $filters['filters'] = abs(@intval($filters['filters'])); $filters['filters'] = isset($filters['filters']) && is_string($filters['filters']) ? strtolower(trim($filters['filters'])) : ""; $filter['bt1'] = abs(@intval($filter['bt1'])); $filter['bt1'] = isset($filter['bt1']) && is_string($filter['bt1']) ? strtolower(trim($filter['bt1'])) : ""; $filter['bet1'] = abs(@intval($filter['bet1'])); $filter['bet1'] = isset($filter['bet1']) && is_string($filter['bet1']) ? strtolower(trim($filter['bet1'])) : ""; $filter['bt2'] = abs(@intval($filter['bt2'])); $filter['bt2'] = isset($filter['bt2']) && is_string($filter['bt2']) ? strtolower(trim($filter['bt2'])) : ""; $filter['bet2'] = abs(@intval($filter['bet2'])); $filter['bet2'] = isset($filter['bet2']) && is_string($filter['bet2']) ? strtolower(trim($filter['bet2'])) : ""; $filter['bt3'] = abs(@intval($filter['bt3'])); $filter['bt3'] = isset($filter['bt3']) && is_string($filter['bt3']) ? strtolower(trim($filter['bt3'])) : ""; $filter['bet3'] = abs(@intval($filter['bet3'])); $filter['bet3'] = isset($filter['bet3']) && is_string($filter['bet3']) ? strtolower(trim($filter['bet3'])) : ""; $filters=array( 'nodon' => 'AND donatordays=0', 'don' => 'AND donatordays > 0', 'all' => ''); $filter=(isset($filters[$_GET['filter']])) ? $_GET['filter'] : 'all'; $myf=$filters[$filter]; $bt1=($filter=="nodon") ? "[b]" : ""; $bet1=($filter=="nodon") ? "[/b]" : ""; $bt2=($filter=="don") ? "[b]" : ""; $bet2=($filter=="don") ? "[/b]" : ""; $bt3=($filter=="all") ? "[b]" : ""; $bet3=($filter=="all") ? "[/b]" : "";   userlist.php   $st = abs((int) $_GET['st']); $by = abs((int) $_GET['by']); $ord = abs((int) $_GET['ord']); abs(@intval($_GET['st'])); abs(@intval($_GET['by'])); abs(@intval($_GET['ord'])); $_GET['st'] = isset($_GET['st']) && is_string($_GET['st']) ? strtolower(trim($_GET['st'])) : ""; $_GET['by'] = isset($_GET['by']) && is_string($_GET['by']) ? strtolower(trim($_GET['by'])) : ""; $_GET['ord'] = isset($_GET['ord']) && is_string($_GET['ord']) ? strtolower(trim($_GET['ord'])) : ""; $st=($_GET['st']) ? $_GET['st'] : 0; $by=($_GET['by']) ? $_GET['by'] : 'userid'; $ord=($_GET['ord']) ? $_GET['ord'] : 'ASC';   could you tell me if its secure or not? and if not, could you tell me how to secure it please? (im trying to learn security)

im still so confused lol. the only thing im thinking is... if i change that 2.2 into like between 25-50 then change the exp table in users into deflut 64,4 lol. that make the game harder and the users wouldnt beable to reach that exp cap, correct? I HATE EXP FORMULA! i think it be harder to understand and the crime formula lol.

hi all, im wondering could amyone update this mod for me? ive tried doing it loads of times but keep on getting errors... im wondering could you add a PAGES function in it please so it only displays 50 players at a time on each page?   <?php include("globals.php"); echo '<h1>Search For a User</h1>'; if($_POST['username']) { $name = mysql_real_escape_string($_POST['username']); $fetch = mysql_query("SELECT userid,username,money,crystals FROM users WHERE username LIKE('%".$name."%')"); echo ' User\'s found: '.mysql_num_rows($fetch).' <center><table width=50% cellspacing=1 class=table border=1 bordercolor=#636363></center> <tr> <th>Username</th> <th>Money</th> <th>Knifes</th> <th>Attack?</th> </tr>'; if(mysql_num_rows($fetch) == 0) { echo ' <tr> <td colspan="4"> <center> No user\'s found </center> </td> </tr> </table>'; $h->endpage(); exit; } while($soc = mysql_fetch_assoc($fetch)) { echo ' <tr> <td><center>[url="viewuser.php?u='.$soc['userid'].'"]'.$soc['username'].' ['.$soc['userid'].'][/url]</td> <td><center>'.money_formatter($soc['money']).'</td> <td><center>'.number_format($soc['crystals']).'</td> <td><center>[url="attack.php?ID='.$soc['userid'].'"]Attack[/url]</td> </tr> <tr>'; } echo ' </tr> </table>'; $h->endpage(); exit; } if($_POST['ID']) { header("Location: viewuser.php?u=".$_POST['ID']); exit; } if($_POST['loc']) { $l = abs(@intval($_POST['loc'])); $rows = mysql_query("SELECT userid,username,money,crystals FROM users WHERE location=".$l); echo ' User\'s found: '.mysql_num_rows($rows).' <center><table width=50% cellspacing=1 class=table border=1 bordercolor=#636363></center> <tr> <th>Username</th> <th>Money</th> <th>Knifes</th> <th>Attack?</th> </tr>'; if(mysql_num_rows($rows) == 0) { echo ' <tr> <td colspan="4"> <center> No user\'s found </center> </td> </tr> </table>'; $h->endpage(); exit; } while($soc = mysql_fetch_assoc($rows)) { echo ' <tr> <td><center>[url="viewuser.php?u='.$soc['userid'].'"]'.$soc['username'].' ['.$soc['userid'].'][/url]</td> <td><center>'.money_formatter($soc['money']).'</td> <td><center>'.number_format($soc['crystals']).'</td> <td><center>[url="attack.php?ID='.$soc['userid'].'"]Attack[/url]</td> </tr> <tr>'; } echo ' </tr> </table>'; $h->endpage(); exit; } echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post"> <center><table width=75% cellspacing=1 class=table border=1 bordercolor=#636363></center><tr> <td> <center>Search by name:</td> <td> <center><input type="text" name="username"></td> <td> <center><input type="submit" value="Search By Name"></td></tr><tr> <td> <center>Search by ID:</td> <td> <center><input type="text" name="ID"></td> <td> <center><input type="submit" value="Search By ID"></td></tr><tr> <td> <center>Search by Location:</td> <td> <center><select name="loc" type="dropdown">'; $fe = mysql_query("SELECT cityid,cityname FROM cities WHERE cityminlevel <= ".$ir['level']); while($soci = $db->fetch_row($fe)) { echo '<option value="'.$soci['cityid'].'">'.$soci['cityname'].'</option>'; } echo ' </select></td> <td> <center><input type="submit" value="Search By Location"> </form></td></tr></table>'; $h->endpage(); ?>

yes i know its them 3 lines but what do i change them to, to make it harder to level up and if i change both   $ir['exp_needed']=(int) (($ir['level']+1)*($ir['level']+1)*($ir['level']+1)*2.2); in global_func.php into like   $ir['exp_needed']=(int) (($ir['level']+1)*($ir['level']+1)*($ir['level']+1)*25); that would make it harder to level up. BUT! it will make it quicker for the players to reach the EXP cap. it then stop them from going any futher...

hi all, im wondering how do you make it harder to levelling up when you attack someone and leave them? heres the script, could someone edit it for me please to make it give out less experience? i dont wanna mess it up lol.   <?php $atkpage=1; include "globals.php"; $_GET['ID'] = abs(intval($_GET['ID'])); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); $od=$db->query("SELECT * FROM users WHERE userid={$_GET['ID']}"); if($_SESSION['attackwon'] != $_GET['ID']) { die ("<font color=white>Cheaters don't get anywhere."); } if($db->num_rows($od)) { $r=$db->fetch_row($od); $gq=$db->query("SELECT * FROM gangs WHERE gangID={$r['gang']}"); $ga=$db->fetch_row($gq); if($r['hp'] == 1) { print "<font color=white>What a cheater u are."; } else { print "<font color=white>You beat {$r['username']} "; $qe=$r['level']*$r['level']*$r['level']; $expgain=rand($qe/2,$qe); $expperc=(int) ($expgain/$ir['exp_needed']*100); print "<font color=white>You took {$r['username']} to the attacking rating company. The owners of the attacking rating company said welldone for beating this person you gained $expperc EXPERIENCE! You then went home and told your mum of your achievement!"; $hosptime=rand(10,20); $db->query("UPDATE users SET exp=exp+$expgain WHERE userid=$userid"); $db->query("UPDATE users SET hp=1,hospital=$hosptime,hospreason='Left by <a href=\'viewuser.php?u={$userid}\'>{$ir['username']}</a>' WHERE userid={$r['userid']}"); event_add($r['userid'],"[url='viewuser.php?u=$userid']{$ir['username']}[/url] attacked you and left you lying outside the hospital.",$c,'combat'); $db->query("UPDATE users SET attacksdone=attacksdone+1 WHERE userid=$userid"); $atklog=mysql_escape_string($_SESSION['attacklog']); $db->query("INSERT INTO attacklogs VALUES('',$userid,{$_GET['ID']},'won',unix_timestamp(),-2,'$atklog');"); $_SESSION['attackwon']=0; $warq=$db->query("SELECT * FROM gangwars WHERE (warDECLARER={$ir['gang']} AND warDECLARED={$r['gang']}) OR (warDECLARED={$ir['gang']} AND warDECLARER={$r['gang']})"); if ($db->num_rows($warq) > 0) { $war=$db->fetch_row($warq); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT-1 WHERE gangID={$r['gang']}"); $ga['gangRESPECT']-=1; $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT+1 WHERE gangID={$ir['gang']}"); if($ga['gangRESPECT'] <= 0 && $r['gang']) { mysql_query("DELETE FROM loaned WHERE nGANG={$ga['gangID']}",$c); } print " <font color=gold>You earnt 1 respect for your gang!</font>"; } //Gang Kill if ($ga['gangRESPECT']<=0 && $r['gang']) { $db->query("UPDATE users SET gang=0 WHERE gang={$r['gang']}"); $db->query("DELETE FROM gangs WHERE gangRESPECT<='0'"); $db->query("DELETE FROM gangwars WHERE warDECLARER={$ga['gangID']} or warDECLARED={$ga['gangID']}"); } $npcs=array( ); if($r['user_level']==0) { $q=$db->query("SELECT * FROM challengebots WHERE cb_npcid={$r['userid']}"); if ($db->num_rows($q)) { $cb=$db->fetch_row($q); $qk=$db->query("SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}"); if(!$db->num_rows($qk)) { $m=$cb['cb_money']; $db->query("UPDATE users SET money=money+$m WHERE userid=$userid"); print " <font color=white>You gained \$$m for beating the challenge bot {$r['username']}"; $db->query("INSERT INTO challengesbeaten VALUES($userid, {$r['userid']})"); } } } } } else { print "<font color=white>You beat Mr. Ghost!"; } $h->endpage(); ?>

looking for different type of one where you type the number of crystals you want to buy into a box, but thanks for posting this code up :) i guess it do for now :)

did it work then? as i didnt test it lol.

to make it so money, crystals, bank money, and blah blah max isnt 2,147,483,647 try running this SQL ALTER TABLE `users` CHANGE `money` `money` BIGINT( 21 ) NOT NULL DEFAULT '0'; ALTER TABLE `users` CHANGE `crystals` `crystals` BIGINT( 21 ) NOT NULL DEFAULT '0'; ALTER TABLE `users` CHANGE `bankmoney` `bankmoney` BIGINT( 21 ) NOT NULL DEFAULT '0'; ALTER TABLE `users` CHANGE `cybermoney` `cybermoney` BIGINT( 21 ) NOT NULL DEFAULT '0';