Curt

it allows you to withdraw a % of a stat and creates a injection type item...and when this item is used it adds the % to your stat. So you could give a friend some stats or even sell stats on the market... hope u understand that..lol cheers

np bro also to get it so the war ends when there respect is less than 200 you would need to edit the following files : attackbeat.php attacklost.php attacktake.php attackwon.php hope that helps u.. cheers

check this topic out : How to secure a few things! it helped me out a lot :D cheers

I made a simple downtown search where you can add items by there commonness... 3 types of items : Common Items, Rare Items, Super Rare Items also you can find money and points...I coded this from scratch... ***FILE HAS TO BE EDITED TO WORK WITH YOUR GAME -- COMMENTS TELL YOU WHAT NEED TO BE EDITED*** You just have to add you item ID to the arrays...simple :P also i believe it is secure aswell :D enjoy :D   ADD THIS TO YOUR USERS TABLE IN YOUR DATABASE: *DEFAULT CAN BE YOUR DESIRED AMOUNT OF SEARCHES searches int(11) default 100   <?php include "globals.php"; ?> <style type="text/css"> p.together { line-height: .5em; text-align: left; } </style> <?php $pointsf=0; $moneyf=0; $itemsf=0; $ritemf=0; $sritemf=0; print "<h3>Search Downtown</h3> <hr> "; $_GET['action'] = mysql_real_escape_string($_GET['action']); if ($_GET['action'] != 'search') { $search=$ir['searches']; print "You can search downtown 100 times a day. You have {$search} Searches left for today. You can find Points, Money, Items or even Gain EXP. "; print " <form method=post action=searchdowntown.php?action=search><input type=hidden name=action value=search><input type='text' name='search' value='{$ir['searches']}'> <input type=submit value='Search'></form> "; } else { $search=abs((int) $_POST['search']); for($i=0;$i<$search;$i++) if ($ir['searches'] < 1) { print("You have searched all you can for today. Come back at newday. [url='explore.php'][i]back to city[/i][/url] "); return; } else { $g=$i+1; $chance = rand(1,10); ## $chance = random numbr between 1 and 15 -- diferrent posiblities for search $chancepoints= rand (1,25); ## Chance to find points : tweak this to change the rate that you find points $chancemoney = rand (1,10); $chanceitem = rand (1,25); $chanceritem = rand (1,50); $chancesritem = rand (1,75); $query1=sprintf("UPDATE users SET searches=searches-1 where userid=$userid"); $db->query($query1); print"<p class='together'>[b] $g : [/b]"; if ($chance == 1) { print "Nothing here."; } ## CHANCE FOR POINTS if ($chance == 2) { if ($chancepoints < 23) { print "Nothing here."; } if ($chancepoints == 23) { $gain = rand(1,15); print "You found [b]$gain[/b] Points."; $query2=sprintf("UPDATE users SET crystals=crystals+$gain where userid=$userid"); $db->query($query2); $pointsf=$pointsf+$gain; } if ($chancepoints == 24) { $gain = rand(1,10); print "You found [b]$gain[/b] Points."; $query3=sprintf("UPDATE users SET crystals=crystals+$gain where userid=$userid"); $db->query($query3); $pointsf=$pointsf+$gain; } if ($chancepoints == 25) { $gain = rand(1,5); print "You found [b]$gain[/b] Points."; $query4=sprintf("UPDATE users SET crystals=crystals+$gain where userid=$userid"); $db->query($query4); $pointsf=$pointsf+$gain; } } ## CHANCE FOR MONEY if ($chance == 3) { if ($chancemoney < 7) { print "Nothing here."; } if ($chancemoney == 7) { $gain = rand(50,100)*(floor($ir['level']/2)+1); print "You found [b] \$$gain[/b]."; $query5=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query5); $moneyf=$moneyf+$gain; } if ($chancemoney == 8) { $gain = rand(75,150)*(floor($ir['level']/2)+1); print "You found [b] \$$gain[/b]."; $query6=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query6); $moneyf=$moneyf+$gain; } if ($chancemoney == 9) { $gain = rand(50,100)*(floor($ir['level']*2)); print "You found [b] \$$gain[/b]."; $query7=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query7); $moneyf=$moneyf+$gain; } if ($chancemoney == 10) { $gain = rand(150,300)*(floor($ir['level']/2)+1); print "You found [b] \$$gain[/b]."; $query8=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query8); $moneyf=$moneyf+$gain; } } if ($chance == 4) { print "Nothing here. "; } ########################### ## CHANCE FOR COMMON ITEM # ########################### if ($chance == 5) { if ($chanceitem == 22) { ## RANDOM NUMBER FOR COMMON ITEM srand ((double) microtime() * 10000000); // $ri = array("50","52","53","54","8","30");**EXAMPLE** $ci = array("1","2","3"); ## Add You common Items ID to this array $cia = array_rand($ci,1); $common = mysql_query("SELECT * FROM `items` WHERE `itmid`='".$ci[$cia]."' LIMIT 1"); $comi = mysql_fetch_array($common); $query9=sprintf("INSERT INTO inventory VALUES('',$ci[$cia],$userid,1)",$c); $db->query($query9); $itemsf = $itemsf +1; print " You found a/an {$comi['itmname']} !"; } else { echo "Nothing here."; } } if ($chance == 6) { print "Nothing here. "; } if ($chance == 7) { $gain = rand(50,100)*(floor($ir['level']*2)); print "You found [b] \$$gain[/b]."; $query10=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query10); $moneyf=$moneyf+$gain; } if ($chance == 8) { $gain = rand(50,100)*(floor($ir['level']/2)+1); print "You found [b] \$$gain[/b]."; $query11=sprintf("update users set money=money+$gain where userid=$userid"); $db->query($query11); $moneyf=$moneyf+$gain; } ########################## ## CHANCE FOR RARE ITEM ## ########################## if ($chance == 9) { if ($chanceritem == 25) { ## RANDOM NUMBER FOR RARE ITEM srand ((double) microtime() * 10000000); $ri = array("1","2","3"); ## Add Your Rare Items ID to this array $ria = array_rand($ri,1); $common = mysql_query("SELECT * FROM `items` WHERE `itmid`='".$ri[$ria]."' LIMIT 1"); $ri = mysql_fetch_array($common); $query12=sprintf("INSERT INTO inventory VALUES('',$ri[$ria],$userid,1)",$c); $db->query($query12); $ritemf = $ritemf + 1; print " You found a/an {$ri['itmname']} !"; } else { echo "Nothing here."; } } ################################ ## CHANCE FOR SUPER RARE ITEM ## ################################ if ($chance == 10) { if ($chancesritem == 25) { ## RANDOM NUMBER FOR SUPER RARE ITEM srand ((double) microtime() * 10000000); $ri = array("1","2","3"); ## Replace numbers with your Super Rare Items ID to this array $ria = array_rand($ri,1); $common = mysql_query("SELECT * FROM `items` WHERE `itmid`='".$ri[$ria]."' LIMIT 1"); $ri = mysql_fetch_array($common); $query13=sprintf("INSERT INTO inventory VALUES('',$ri[$ria],$userid,1)",$c); $db->query($query13); $sritemf = $sritemf + 1; print " You found a/an {$ri['itmname']} !"; } else { echo "Nothing here."; } } } $moneyf=number_format($moneyf); print " <hr></p> You found a total of [b] $pointsf [/b]Points. You found a total of [b] \$$moneyf. [/b] You found a total of [b] $itemsf [/b] Items. "; if ($ritemf > 0){ print "[b] You found a total of[i] $ritemf [/i]Rare Items.[/b] "; } if ($sritemf > 0){ print "[b] You found a total of[i] $sritemf [/i] Super Rare Items.[/b] "; } print "<hr>"; if($ir['searches']==0) { print("You have searched all you can for today. Come back at newday. [url='explore.php'][i]back to city[/i][/url] "); return; } else { print " <form method=post action=searchdowntown.php?action=search><input type=hidden name=action value=search><input type='text' name='search' value=' {$ir['searches'] }'> <input type=submit value='Search'></form>"; } } $h->endpage(); ?>

as far as i know there is no "patch" to secure mccodes. You will need to get a basic understanding of security and go through all pages and secure them. or do it the lazy way by paying someone to do it for you :P... btw there are plenty of topics bout security this is what u need to be looking up. cheers

hmmm correct me if im wrong but isn't a voting incentive just a reward the player will get for voting ?

well seeing as i dont have any rep for selling mods i figured it was best to give out one copy for free so everyone would know the mod works and im not just trying to rip people off... btw thanks guys :)

freebie has been given to immortalthug just let u guys know...

sweet :D

What this mod does is when a user declares war on another gang, both gangs get a predetermined amount of kills they need to complete against the enemy gang to win... I have the predetermined number of kills needed set to 10% of the opposite gang respect +50..which can be changed to your preference... EDIT** I Forgot to add that with this mod gangs can only be in one war at a time. I would release this as a free mod but i need some money for paid hosting and im broke :( this mod includes : 6 PHP files 1 SQL if you have not edited any of the pages listed below you can simply upload and overwrite the pages and add the fields in your database and the mod should work perfect... 1) attackwon.php 2) attacktake.php 3) attacklost.php 4) attackbeat.php 5) creategang.php 6) yourgang.php if you have edited any of the pages above, contact me about which pages u edited and ill get a text file with the changes u need to make to the file.. BTW..since this is my first paid mod, im glad to give out 1 FREEBIE to the first person who asks...but please do not give out the code :) also i ask the person who gets the free copy to please post a review... no screen shots because the mod is self explanatory and theres nothing visual about except for in the yourgang.php page under summary where it tells you what gang your at war with and how many kills you need to win and how many kills they need to win... Payment can be sent to : [email protected] ill send files to the email you use to make payment unless otherwise stated. Ill also offer support for 1 week if its needed... hope you guys like :) cheers

thanks Zero ill play around with that code to see what i come up with :D

ok ive looked over my scipts and i just cant figure this out and im sure this is a simple one...heres my problem.. Its about making new items that change a value in your users table... heres the effect code from the database : a:4:{s:4:"stat";s:10:"protection";s:3:"dir";s:3:"pos";s:8:"inc_type";s:6:"figure";s:10:"inc_amount";i:60;}   ok when i make a item and i need it to change the value i always have to go through and continuesly change the value of s:10; part unti the item works...lol..this is starting to get very annoying to me .. EDIT* just noticed there is two s:10 parts im talking about the first one... how do i determine this value when i create a item that changes a value in the database ?...i just cant seem to figure it out... thanks if you can help...

naw not the hall of fame i have that so it doesn't list admins. im talking about on the index page where it lists your stats and next to your stats it says [rank:11} or wte... i would like to have it so admins do not get ranked....if its possible...if not ill just take away the ranks..lol thanks for your reply rpmb :D

i searched the forum for about this and didnt find anything.... my question is can i remove admins from the stats rank ? and if so can you show me how please ?...if its not too much trouble for you ofcourse... cheers

hmm...just curious as what this is good for ? does it assist security in anyway ?

thanks alot a_bertrand :D like always your input is greatly appreciated later

ok im just looking for some clarification about XSS hacks... if i filter every single user input in my game i will be secure from this type of hack, correct ?   im gonna be launching my game soon hopefully but i wanna be secure before i do.... later

lol...this was like the first file i ever modified and released.... im sure you have seen this gym....not on this site tho i dont believe... i seen the max stat buttons in a game i play, and i liked them so i decided to add it to my gym....thats all...and the stats at the top...thats all i changed from the default gym...   sorry i dont know, i have never used or seen that mod...so i have no clue...

a very easy way to make it so a player gets a certain amount of money, crystals, and donator days when they sign up is to do this : open register and find this query : $db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), 1, $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1, '$IP', '$IP')"); replace with the query below AFTER YOU EDIT THE X_MONEY, X_CRYSTALS and X_DONATORDAYS (replace with your desired starting amounts).. works fine for me...   $db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), 1, X_MONEY, X_CRYSTALS, X_DONATORDAYS, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1, '$IP', '$IP')");   EDIT" I didnt read through this post so if it was posted before...sorry

i changed the table width but i still have the same issue :(

sounds like a cool mod... i personally wouldn't be using it but im sure there are some guys out there that will really enjoy this :)

i just found this mod : [mccode v2] userADS looks good but i found an error with it... if you post a alot of text and never hit enter it will make the ad long and stretch the page to fit the post... any way i can fix this ? thanks guys

lol... im pretty sure that text does not need (11) after it...thats for integers...(numbers)..  

could someone assist me with securing this mod against the auto-admin hack ?... i looked over the post about it but i cant figure out how i would implement this.... thanks to you if u can assist me.... PM me or add me on MSN messenger : [email protected] thanks guys

lol... im looking for a friendly member with the skills to "hack" mccode games... Ive implemented the security features listed on this site and i would like for someone to try the SQL injection, and what ever other hacks people do and see if my site is secure... if anyone is interested simple send me a pm and ill send a link to my game. i dont wanna post it cause im still fixing stuff and im not going public with it yet... thanks if you can help :D