sniko

"delete" and "where" - both sql keywords. Most likely someone has installed something to str_replace sql keywords with null. Try the following words; CREATE DROP ALTER   Also, search your script. Check your database table forum_replies to see if the words are missing there, if they are, check the function that processes the reply (forums.php)

I assume he's got something like; (but with a limit)

  http://www.overloadgame.com/ (Your thread ) In the credits: Copyright © 2013 Jonathan Gorard. All rights reserved. Game Design, Development and Code by Jonathan Gorard. Who made Fangs of Blood? Jonathan Gorard. ...

A good example is; http://magictallguy.tk/newsFeedArchive.php and the RSS feed to that http://magictallguy.tk/feed2.php It's somewhat a unified agreed way to allow sites to fetch certain data from other sites, quickly. I hope that helps ;)

Perhaps, one for his game, one for a forum?

Sounds like an awesome idea. As soon as my projects are done, I'll link you the RSS feed and the link ;)

Yep, here's something to connect to multiple databases, quickly (your first issue) <?php error_reporting(E_ALL); // Database info through array $config = array( $config = array( "database1" => array( "host" => "localhost", "user" => "root", "pass" => "usbw", "data" => "database2" ), "database2" => array( "host" => "localhost", "user" => "root", "pass" => "usbw", "data" => "database2" ) ); $db = array(); foreach($config as $database => $values) { $connection = mysql_connect($config[$database]['host'], $config[$database]['user'], $config[$database]['pass']); $db[$database] = mysql_select_db($config[$database]['data'], $connection) or die('Connection to '. $config[$database] .' failed. '. mysql_error()); } ?>   Now, to address the second issue; <?php error_reporting(E_ALL); // Database info through array $config = array( "database" => array( "host" => "localhost", "user" => "root", "pass" => "usbw", "data" => "database2" ), "database" => array( "host" => "localhost", "user" => "root", "pass" => "usbw", "data" => "database2" ), "stylesheet" => array( "website" => "websitestyle.css", "path" => "path/to/file.css", "name" => "homestyle" ), "javascript" => array( "jquery" => "http://code.jquery.com/jquery.min.js", "website" => "website.js", "path" => "path/to/file.js", "name" => "jquery" ) ); $db = array(); $css = array(); foreach($config as $type => $values) { switch($type) { case 'database' : $connection = mysql_connect($config['database']['host'], $config['database']['user'], $config['database']['pass']); $db['database']['data'] = mysql_select_db($config['database']['data'], $connection) or die('Connection to '. $config['database'] .' failed. '. mysql_error()); break; case 'stylesheet' : $css['stylesheet']['name'] = $config['stylesheet']['path']; break; case 'javascript' : $js['javascript']['name'] = $config['javascript']['path']; } } //Test it all works, perform a dump var_dump($db); var_dump($css); var_dump($js); ?>   Also, I'd use mysqli. Usage (Not tested) //Queries $db['database']['database2'] = mysql_query(); //Loop through the $css and $js arrays foreach($css as $style) { echo '<link rel="stylesheet" src="''. $style['stylesheet']['path'] .'" type="css/text" />'; } foreach($js as $javascript => $value) { echo '<script type="javascript/text" src="'. $javascript['javascript']['path'] .'"></script>'; }

I believe the-destroyers is McCodes - when Firecamp owned it, anyway.

Can you provide an example?

Look at the server logs, see how much of it you are actually using. If you can downgrade server, then do so - save some pennies :) With New Worlds Engine (dubbed NWE) you don't need to know programming, as it has a module installer/uninstaller. I'd advise checking that out :) Also, welcome to MakeWebGames

Inject more money into your budget.

There's probably no need to. If you do, and you do it indefinitely, you'll have a lot of 1KB files - which isn't nice to eyes, my eyes anyway. May I ask why you'd want to put it in a different file? Answering your question, they'd have to be stored in a super-global, such as _POST or _GET, sanitized and filtered in the file containing the query, and then processed.

Unless you had a table called `users`, with the column `id`, and a session with the index `id` ;)

...go to \b\, they might help

Are you on a shared server?

It's how everyone treats spammers.

#1 or #2 are my personal favourites

Way to go & sell yourself. Jimbo, check deviantart

The game could be greatly improved by adding typical game 'features', such as a story, and an unlock system - look at RPGS on the PC, and consoles; such as fallout 3. Also, the game looks and feels like mccodes, not "custom made".

I had time to make amendments to the source (although not a lot was done, mainly reformatted the config area) we have a result; Panther 0.2. Link to project I'm going to create it more object oriented at some point, as well as fully take in the previous comments made. -sniko

Perhaps the use of a flash or java applet?

Add a semi-colon at the end of each line

Yeah, it's vulnerable. Depending on the version you're running, there could be a patch available for you; check http://www.mccodes.com :)

  if( $_GET['ID'] == 1 ) { echo 'You can\'t attack the admin'; $h->endpage(); exit; }   I think that snippet at the top of each attack file would take less time :p Anyway, nice job :)

Thanks for all your time in viewing it, and taking the time to reply suggesting what I should do. Aventro - I've taken into account what you've suggested; I'll "upgrade" as soon as possible! K1ngscorp1o - Greatly appreciated on your reply! Ill fish out the duplicate segments as soon as possible, too!