sniko

  Don't remove it fully. Just comment out the part in authenticate.php that checks the csrf code. In theory, hardly anything. Here's why; It's harder for someone to forge _POST data (harder than forging _GET data, anyway) and I wouldn't see why you'd be a target, as who would spend time forging _POST data to log someone in, right? Considering you've got all the other security checks (admin side, and sending items/currency to players) nothing really could happen, apart from forcing someone to log in.

Hmmm. Weird. I've looked through the source (it's 0320am, here) and I can't seem to find anything wrong with it. For a temporary fix, and I wouldn't advice this normally, but as your game is in -what it looks like- demo stages, comment out the following on authenticate.php // Check CSRF input if (!isset($_POST['verf']) || !verify_csrf_code('login', stripslashes($_POST['verf']))) { die( "<h3>{$set['game_name']} Error</h3> Your request has expired for security reasons! Please try again. <a href='login.php'>> Back</a>"); }

login.php code, yeah. Try global_func.php

It's evident that this line is causing it // Check CSRF input if (!isset($_POST['verf']) || !verify_csrf_code('login', stripslashes($_POST['verf']))) { die( "<h3>{$set['game_name']} Error</h3> Your request has expired for security reasons! Please try again. <a href='login.php'>> Back</a>"); }   Would you mind pasting login and the function source of verify_csrf_code?

Post up the source for the login processing.

If you tackle the situation and your ex-client on a moral level, there would be a chance of getting some pay. You don't have to answer this, it's more rhetorical; did you not receive an agreed non-refundable deposit? If you didn't, I would always ask for one in future, just in case this happens again. Congratulations on finding a job so fast :)

Good luck :) (Remember to get background information on both companies before the interview - They may ask you questions about their company, and will expect you to know it)

With the hype and market of cellular/mobile applications, and if you utilize that market, then there will be players and profit.

I'd back everything up in the cloud, and on physical disks. Then I'd invest in a newer computer. It will be less expensive in the long run.

With all that I did, yeah.

There was an 'issue' when registering. I signed up, but I didn't have a passcode over 6 characters, and it told me about six times.

No need to encase the variable with braces and quotes. echo $name; //This will suffice   My pleasure.

@CavellA He asks if it will be secure from non-numerical input. I believe what you have would suffice, however; Use strip_tags($in), ENT_COMPAT, "UTF-8"); Do some of your own tests I quite like to throw in the filter_var function. filter_var($in, FILTER_SANITIZE_STRING) ...see more

The error ""Deprecated: Function ereg() is deprecated in /home/limite62/public_html/checkem.php on line 5"" shows you everything you need to know.   "eregi() is deprecated as of PHP 5.3.0. preg_match() with the i (PCRE_CASELESS) modifier is the suggested alternative" http://www.php.net/manual/en/book.pcre.php

I was actually thinking where you went, Spud ;) I'm interested in how the development is going, very much so! I'm interested into seeing the methods and design patterns you've adopted, and once available I'd like to see the source, and hopefully learn from it!

I've voted too, good luck.

Go to the table that holds the ID's, click 'operatioms', change the auto_increment back to 1

Visiolist holds malware, so says Google Chrome. I hope Basti and your business partner have fun in their venture :)

here's what you're looking for: http://mccodes.com/viewmod.php?id=79 As Kyle said, message me and I'll reply as soon as I can :)

  Your main selling point here is security. How can we test security without having a live preview of what we're purchasing. You still haven't provided any evidence that you have permission to sell it

If I get time later tonight - or tomorrow - I may dabble with New Worlds for the first time, and integrate Bootstrap, and maybe some free themes I find on the web. (No promises) (I've downloaded the free version, & maybe I'll purchase the development version at a later date)

I'm not following on what's needed here.

Ah, ok. Same applies, minus the CSS part.

When I do it (which is rarely, and most probably can be done much easier/quicker), I; Open up header.php Paste in the CSS (using link rel) Manually 'extract' the different parts of the header (header, mainmenu, smenu area, endpage - The functions. I don't have the file at hand, so I can tell you the exact names) Via trial and error, I paste in parts of the template, and re-integrate the PHP back into the HTML template that I just pasted in I don't do it on a live site, for obvious reasons.   I haven't done it for a while, so I'm probably missing something, but hopefully that gives you a heads up. Also, think about it logically when you're doing it ;)

I've not looked at NWE yet, sadly. However, if someone did this, they'd have to work around the security token, wouldn't they?