bluegman991

thx lazy t but that way i wouldnt need to put in the tags for it to check and then it will display all the information inside of the variable as invalid.png where i only want it to replace the with that are in the variable i think floydian is right tho it may not be possible to put a function inside preg_replace so how would i secure my img tags? or how does everyone else?

im trying to make a bbcode image tag that will check to see if an image is actually an image before it displays it heres the function function secimg( $input ) { $image=@getimagesize($input); if(!$image) { $input="notanimage.png"; } else { $input=$input; } return $input; }   heres the preg replace   function imgtag( $input ) { $bb = "/\[img\](.+?)\[\/img\]/"; $html = "[img=.secimg('//1').]"; return preg_replace($bb, $html, $input); }   whats happening is when i use the code it says everything is not an image but when i use i put the code directly into a page like this $text="http://www.url.com/image.png" echo secimg($text); it will define everything correctly can someone show me what im doing wrong and if its not possible help me with only allowing images inside image tags

ive had this error before it usually means that announcements table already exist which means u have already installed the game if your are trying to re-install the game clear the database before you try to reinstall or delete that database and make a new 1

got to ur database then find 'userstats' then view the table structure then edit each of them and change the type from 'decimal' to 'int' and the length values to '11' and the default to 'as defined' and you will probably want to change your training equation so u will get a non-decimal number even if u dont tho it will be ok as it will round down or up after u reload the page but no theres no problems i have seen with it i have a question with this tho ok so the int 11 makes the max number ur stuff can go to '2147483647' but how can i make this bigger? ive tried changing the value to numbers higher than 11 but that didnt work and then i tried changing the int to big int but that didnt work but i did see when changing these things that they were saying no index found could this have anything to do with it or am i just doing something wrong?

lol ok will try to fix something up using the get image size

that changes everything to text so it doesnt show wats suppose to be bbcoded

well its pretty much the same as the avatar attack u can put a php script in between the or <img> and </img> and put it in their profile or post it in a forum and it will run the script each time the thread/profile is viewed how should we go about fixing this? if this has already been mentioned please direct me to a topic that will help me fix this

NVM it wasnt the script it was becuz somehow my max hp got in the negatives :wacko:

nah thats been like that everysince i started using it that cant be it

can anybody help me find whats wrong with this page it had been working fine for weeks but i went in to do some edits and was talking to someone at the same time and was just highlitng and clicking around while talking and i went back to test it and now all it does when i attack someone is say Attack You are in a fight with blah blah. forgot to mention i tried undoing to the point where i first opened the file but it still doesnt work   <?php $atkpage=1; include "globals.php"; $user_class=$ir; $q=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}"); $attack_person=$db->fetch_row($q); $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid={$user_class['equip_primary']}"); $user_class1=$db->fetch_row($qo); $q1=$db->query("SELECT i.* FROM items i WHERE i.itmid={$user_class['equip_armor']}"); $user_class2=$db->fetch_row($q1); $weapon= "{$user_class1['itmname']}"; if(mysql_num_rows($qo) == 0) { $weapon="Fists"; } $eq=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); if(mysql_num_rows($eq) == 0) { $wep="Fists"; } else { $cnt=0; while($r=$db->fetch_row($eq)) { $enweps[]=$r; $cnt++; } $weptouse=rand(0,$cnt-1); $wep=$enweps[$weptouse]['itmname']; } $enperc=(int) ($ir['energy']/$ir['maxenergy']*100); $gq=$db->query("SELECT * FROM gangs WHERE gangID={$attack_person['gang']}"); $ga=$db->fetch_row($gq); $error = ($enperc < 25) ? "You need to have at least 20% of your energy if you want to attack someone." : $error; $error = ($user_class['jail'] > 0) ? "You can't attack someone if you are in jail." : $error; $error = ($user_class['hospital'] > 0) ? "You can't attack someone if you are in the hospital." : $error; $error = ($_GET['ID'] == "") ? "You didn't choose someone to attack." : $error; $error = ($_GET['ID'] == $userid) ? "You can't attack yourself." : $error; $error = ($attack_person['location'] != $user_class['location']) ? "You must be in the same city as the person you are attacking." : $error; $error = ($attack_person['username'] == "") ? "That person doesn't exist." : $error; $error = ($attack_person['hospital'] > 0) ? "You can't attack someone that is in the hospital." : $error; $error = ($attack_person['jail'] > 0) ? "You can't attack someone that is in jail." : $error; ?><div id="main " style="a"><center><?PHP if (isset($error)){ echo ($error); $h->endpage(); exit; } if ($user_class['energy'] >= $user_class['maxenergy']/5) { $user_class['energy']-= floor($user_class['maxenergy']/5); $me=floor($user_class['maxenergy']/5); $db->query("UPDATE users SET energy=energy-(maxenergy/5) WHERE userid=$userid"); $_SESSION['attacklog']=""; $_SESSION['attackdmg']=0; } $yourhp = $user_class['hp']; $theirhp = $attack_person['hp']; $damagestat = number_format($user_class['strength']) ; $itstat = $user_class1['weapon']; $damplu = $damagestat * ($itstat*100); print "<center><h3>Attack</h3> You are in a fight with ".$attack_person['username']." </center>"; $wait = ($user_class['speed'] > $attack_person['speed']) ? 1 : 0; $hospital = 600; $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); $r1=$db->fetch_row($qo); $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); $r2=$db->fetch_row($qo); $damage = (int) (($user_class1['weapon']*$user_class['strength']/($attack_person['defense']/1.5))); $theirdamage = (int) (($r1['weapon']*$attack_person['strength']/($user_class['defense']/1.5))); while($yourhp > 0 && $theirhp > 0){ $damage = ($damage < 1) ? 1 : $damage; $theirdamage = ($theirdamage < 1) ? 1 : $theirdamage; if($wait == 0){ $yourhp = ($yourhp - $theirdamage); echo "<font color=#ff0000>" .$attack_person['username']. " hit you for " .number_format($theirdamage). " damage using their ".$wep.". </font> "; $db->query("UPDATE users SET hp=hp-$theirdamage WHERE userid={$ir['userid']}",$c); } else { $wait = 0; } if($yourhp > 0) { $damage = (int) (($user_class1['weapon']*$user_class['strength']/($attack_person['defense']/1.5))); $damage = ($damage < 1) ? 1 : $damage; $theirhp = $theirhp - $damage; $ir['atturn']--; echo "<font color=#00ff00>You hit " .$attack_person['username']. " for " . number_format($damage) . " damage using your ".$weapon.". </font> "; $db->query("UPDATE users SET hp=hp-$damage WHERE userid={$attack_person['userid']}",$c); } if($theirhp <= 0){ // attacker won $winner = $user_class['ID']; $theirhp = 0; $moneywon = floor($attack_person['money'] /10); $expwon = 0-(100 * ($user_class['level'] - $attack_person['level'])); $expwon = ($expwon < 0) ? 0 : $expwon; $expwon = ($expwon > 10000) ? 10000 : $expwon; $hosptime=20; $hospreason = "Attacked by {$user_class['username']}."; $newexp = $expwon + $user_class['exp']; $yourhp = $yourhp; $newmoney = $user_class['money'] + $moneywon; $result = $db->query("UPDATE `users` SET `exp` = '".$newexp."', tkills=tkills+1, money = '".$newmoney."' WHERE `userid`='".$user_class['userid']."'"); $newmoney = $attack_person['money'] - $moneywon; $result = $db->query("UPDATE `users` SET `hp`= 1, `hospital` ='".$hosptime."', tdeaths=tdeaths+1, `money` = '".$newmoney."', `hospreason` = '".$hospreason."' WHERE `userid`='".$attack_person['userid']."'"); $atklog=mysql_escape_string($_SESSION['attacklog']); $db->query("INSERT INTO attacklogs VALUES('',".$user_class['userid'].",".$attack_person['userid'].",'won',unix_timestamp(),".$moneywon.",'$atklog');"); event_add($attack_person['userid'], "".$user_class['username']." beat you up and stole $".$moneywon.". They gained $expwon EXP"); $final ="<center>You hospitalized " .$attack_person['username']. ". You gain $expwon exp and stole $".$moneywon." from " .$attack_person['username']. ". </center>"; $pwnd =""; $warq=$db->query("SELECT * FROM gangwars WHERE (warDECLARER={$user_class['gang']} AND warDECLARED={$attack_person['gang']}) OR (warDECLARED={$user_class['gang']} AND warDECLARER={$attack_person['gang']})"); if ($db->num_rows($warq) > 0) { $war=$db->fetch_row($warq); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT-2 WHERE gangID={$attack_person['gang']}"); $ga['gangRESPECT']-=2; $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT+2 WHERE gangID={$user_class['gang']}"); $pwnd =" You earnt 2 respect for your gang!"; } if ($ga['gangRESPECT']<=0 && $attack_person['gang']) { $db->query("UPDATE users SET gang=0 WHERE gang={$attack_person['gang']}"); $db->query("DELETE FROM gangs WHERE gangRESPECT<='0'"); $db->query("DELETE FROM gangwars WHERE warDECLARER={$ga['gangID']} or warDECLARED={$ga['gangID']}"); } $bots=array(96,94,5,97,98,99,142,138,138,140,141,146,143,144,145);//Your Battle Tent Bots $moneys=array(96 =>5000,94 =>5000,5 => 500,97 => 5000, 98 => 500, 99 => 10000, 142 => 1500,138 =>10000,140 =>10000,141 =>10000,146 =>20000,143 =>15000,144 =>15000,145 =>15000); if(in_array($attack_person['userid'],$bots)) { $gain=$moneys[$attack_person['userid']]; $db->query("UPDATE users SET money=money+$gain WHERE userid=$userid",$c); $finalbot =""; $finalbot =" Congrats, for beating the Challenge Bot {$attack_person['username']}, you have earnt \$$gain!"; } } if($yourhp <= 0){ // defender won $winner = $attack_person['ID']; $yourhp = 0; $theirhp = $theirhp; $moneywon = floor($user_class['money'] /10); $expwon = 0-(100 * ($attack_person['level'] - $user_class['level'])); $expwon = ($expwon < 0) ? 0 : $expwon; $expwon = ($expwon > 10000) ? 10000 : $expwon; $hosplost = "Lost to ".$attack_person['username']."" ; $hosptime=20; $newexp = $expwon + $attack_person['exp']; $newmoney = $attack_person['money'] + $moneywon; $result = $db->query("UPDATE `users` SET `exp` = '".$newexp."', tkills=tkills+1, money = '".$newmoney."' WHERE `userid`='".$attack_person['userid']."'"); $newmoney = $user_class['money'] - $moneywon; $result = $db->query("UPDATE `users` SET `hp`= 1,`hospital` ='".$hosptime."' , tdeaths=tdeaths+1, `money` = '".$newmoney."', `hospreason` = '".$hosplost."' WHERE `userid`='".$user_class['userid']."'"); $atklog=mysql_escape_string($_SESSION['attacklog']); $db->query("INSERT INTO attacklogs VALUES('',".$attack_person['userid'].",".$user_class['userid'].",'won',unix_timestamp(),".$moneywon.",'$atklog');"); event_add($attack_person['userid'], "".$user_class['username']." attacked you and lost. You stole $".$moneywon.". You gained $expwon EXP!"); $final = "$attack_person2 beat you and stole \$$moneywon from you. And gained $expwon EXP!"; $pwnd =""; $warq=$db->query("SELECT * FROM gangwars WHERE (warDECLARER={$user_class['gang']} AND warDECLARED={$attack_person['gang']}) OR (warDECLARED={$user_class['gang']} AND warDECLARER={$attack_person['gang']})"); if ($db->num_rows($warq) > 0) { $war=$db->fetch_row($warq); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT+1 WHERE gangID={$attack_person['gang']}"); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT-1 WHERE gangID={$user_class['gang']}"); $pwnd =" You lost 1 respect for your gang!"; } } } echo "$final"; echo "$pwnd "; echo "$finalbot"; $h->endpage(); ?></center></div>

everyone be sure to download framework beta version 2 it wont work with beta version 1 it will do exactly what illusions says its doing working great with my game local game

I wouldnt actually call it a code converter because not every code will work perfectly, and it doesnt do the whole conversion. basically wat it does as you can see is replace the words in the script with what they should be in a few clicks. this could be very useful for long scripts. You have to change the to or vice-versa by yourself or remake the script so it will do it You can either download the ([attach]1382[/attach]) or make a file named mccodes_converter.php and copy this into it <?php switch($_GET['convert']) { case 'to_v1': conv_v1(); break; case 'to_v2': conv_v2(); break; default: conv_home(); break; } function conv_home() { echo <<<EOF <title>MC Codes Converter</title> <center><h3>MC Codes Version Converter<h3> <form action=javascript:action; method='post'> <select onChange="this.form.action=this.options[this.selectedIndex].value;"> <option default value="">--Select One--</option> <option value="mccodes_converter.php?convert=to_v2">v1->v2</option> <option value="mccodes_converter.php?convert=to_v1">v2->v1</option> </select> <textarea rows='20' cols='100' name='convtext'></textarea> <input value='Convert' type='submit' /></center> EOF; } function conv_v2() { $convtext=($_POST['convtext']); $tobereplaced = array( 'mysql_query', 'fetch_array', 'mysql_', ); $replacedwith = array( '$db->query', 'fetch_row', '$db->', ); $convedtext = str_replace($tobereplaced, $replacedwith, $convtext); print "<center><title>Converted to V2</title> <h3>Converted to V2</h3> <textarea rows='20' cols='100' readonly>$convedtext</textarea></center>"; } function conv_v1() { $convtext=($_POST['convtext']); $tobereplaced = array( '$db->query', 'fetch_row', '$db->', ); $replacedwith = array( 'mysql_query', 'fetch_array', 'mysql_', ); $convedtext = str_replace($tobereplaced, $replacedwith, $convtext); print "<center><title>Converted to V1</title> <h3>Converted to V1</h3> <textarea rows='20' cols='100' readonly>$convedtext</textarea></center>"; } ?>

update: now has admin hack protection so does the zip

ty googled portforwarding and forwarded it thx went to windows firewall->allow program through firewall and clicked add port at the bottom and for port i put in 80 and for name i put in any old name and checked tcp for my protocol

ok so i have instaled xampp on my computer everything is working fine except i want to be able to access my site through the internet so my friends can help me check for bugs in pages i can access the site fine from my computer but im the only one that can see i can get to it throught i can get to it via localhost,127.0.0.1,my ip , or my dns but when someone else try's to get throught it by my dns or ip address its not found i even tried getting to it via proxy i did some looking into it and read something about doing something to port:80 how and what would i do to fix this?

nope i have the else statement. i believe it is something else look at the error Warning: getimagesize() [function.getimagesize]: Couldn't resolve host name in /home/*****/public_html/account.php on line 38 Warning: getimagesize(http://masdfvs) [function.getimagesize]: failed to open stream: operation failed in /home/mafiagan/public_html/account.php on line 38 Warning: getimagesize(http://www.******.net/city) [function.getimagesize]: could not make seekable - http://www.***.net/city in /home/****/public_html/account.php on line 38 Warning: getimagesize(rsdfvesf) [function.getimagesize]: failed to open stream: No such file or directory in /home/******/public_html/account.php on line 38 can someone help me either hide this error or make an add on to this mod [mccode v2.x] User Settings [mod] that stops the admin hack

imortal what that code does is it only says thats its not an image if its not but if it is an image it changes it to the default pic so i deleted the else and it did what is was suppose to do but still when the target wasnt valid i got those errors is there something i can do to hide those errors?

$imageinfo = getimagesize($_POST['newpic']); if($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg' && $imageinfo['mime'] != 'image/jpg' && $imageinfo['mime'] != 'image/JPG' && $imageinfo['mime'] != 'image/png' && $imageinfo['mime'] != 'image/ico' && $imageinfo['mime'] != 'image/bmp' && isset($imageinfo)) { $_POST['newpic'] = "images/defaultpic.png"; }   ok i got it doing what i want it to do but i still get those errors is there something i am not doing right making the errors show or is there a way i can not show the errors but they only show if an invalid target is posted or it is not an actual gif jpg JPG jpeg ico bmp image

so i was just seeing if it would work and to my observance it does what i did is make it so it checks if it is an image in the preferences page by using this the only thing is it has to be a valid url or u will get 1 of these mysql errors Warning: getimagesize(degfedsg) [function.getimagesize]: failed to open stream: No such file or directory in /home/*******/public_html/account.php on line 38   Warning: getimagesize() [function.getimagesize]: Couldn't resolve host name in /home/******/public_html/account.php on line 38 Warning: getimagesize(http://) [function.getimagesize]: failed to open stream: operation failed in /home/*****/public_html/account.php on line 38   $imageinfo = getimagesize($_POST['newpic']); if($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg' && $imageinfo['mime'] != 'image/jpg' && $imageinfo['mime'] != 'image/JPG' && $imageinfo['mime'] != 'image/png' && $imageinfo['mime'] != 'image/ico' && $imageinfo['mime'] != 'image/bmp' && isset($imageinfo)) { echo "Sorry, we only accept GIF, JPEG, PNG, JPG, ICO, and BMP images! \n"; $h->endpage(); }   lol i didnt observe closely enough we get the echo but it still updates

there you go now we can see the error message that comes up Fatal error: Call to a member function query() on a non-object in /home/cagedmaf/public_html/register.php on line 167

ty :D making mods are fun im gonna try some more :P

it is probably the right click script u have installed that disables people from right clicking to see ur source codes it is recomended that people dont use them as it just screws things up try uninstalling the script :thumbup: wether u have the script in or not we can still see ur source codes

hmmm well since its not required u could just delete that line but i dont no wats the problem. it could be the version of php ur using or something else. ill try to look into it and see if theres anything i can do to fix it

i just repasted my account.php codes to be sure i didnt miss or add anything try them if u havent fixed the prob yet

if you do not want the profile signature on their in account.php simply find and delete Profile Signature: (BBcode Only) <textarea rows=20 cols=100 name='newsignature'>{$ir['profsignature']}</textarea>   then find and delete , profsignature='{$_POST['newsignature']}'   hope u guys like it :thumbsup: