iSOS

Hi, I did this a little earlier, I've not tested fully so please let me know of bugs ect. Screenies: http://yfrog.com/i3auctionnonep http://yfrog.com/7hauctionaddp http://yfrog.com/7hauctionaddp http://yfrog.com/5nauctionp http://yfrog.com/5ibidp Features: Buy It Now function Time Selection Bid Ran of timestamps SQL: [mysql]CREATE TABLE IF NOT EXISTS `gAuction` ( `ID` int(11) NOT NULL auto_increment, `SellerID` int(11) NOT NULL, `ItemID` int(11) NOT NULL, `CurrentBid` int(11) NOT NULL, `BuyNow` int(11) NOT NULL, `Time` varchar(30) NOT NULL, `TimeLeft` varchar(100) NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;[/mysql] [mysql]CREATE TABLE IF NOT EXISTS `gAuctionBids` ( `ID` int(11) NOT NULL auto_increment, `aID` int(11) NOT NULL, `BidderID` int(11) NOT NULL, `CurrentBid2` int(11) NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;[/mysql] Auction.php   <?php //Made by zeddicus, do NOT re-distribute. //Copyright 2010 //ONLY TO BE POSTED ON MAKEWEBGAMES.COM include(DIRNAME(__FILE__).'/globals.php'); $_GET['page'] = isset($_GET['page']) ? trim($_GET['page']) : 'index'; switch($_GET['page']) { case 'index' : index(); break; case 'Bid' : Bid(); break; case 'Add' : Add(); break; default : index(); break; } function index() { global $h; $Data = mysql_query("SELECT g.`ID`,g.`SellerID`,g.`ItemID`,g.`Time`,g.`CurrentBid`,g.`BuyNow`,g.`TimeLeft`,i.`itmid`,i.`itmname` FROM `gAuction` g LEFT JOIN `items` i ON (g.`ItemID` = i.`itmid`)") or die(mysql_error()); echo (' <span style = "font-size:2em; font-family:Arial,Helvetica,sans-serif; color:#8B0000">Auction House</span> <hr width = "90%"> <table border = "0" class = "table" align = "center" width = "90%" style = "text-align:center" cellspacing = "1"> <tr> <th>Seller</th> <th>Item</th> <th>Time Left</th> <th>Current Bid</th> <th>Links</th> </tr>'); if(!mysql_num_rows($Data)) { echo ('<tr> <td colspan = "5">There are no auction being held at the present time.</td> </tr> </table>'); exit($h->endpage()); }else{ while($aData = mysql_fetch_array($Data)) { $time = $aData['Time'] - time() + $aData['TimeLeft']; echo (' <tr> <td>'.$aData['SellerID'].'</td> <td>'.stripslashes(htmlentities($aData['itmname'])).'</td> <td>'.time_format($time).'</td> <td width = "15%">$'.number_format($aData['CurrentBid']).'</td> <td width = "15%" align = "center"><a href = "Auction.php?page=Bid&ID='.$aData['ID'].'"><span style = "color:#8B0000">Bid</span></a>|| <a href = "iteminfo.php?ID='.$aData['ItemID'].'"><span style = "color:#8B0000">Info</span></a></td>'); } echo ('</tr> </table> '); } $h->endpage(); } function Bid() { global $h,$ir; echo (' <span style = "font-size:2em; font-family:Arial,Helvetica,sans-serif; color:#8B0000">Bidding on Item</span> <hr width = "90%">'); $Data = mysql_query("SELECT g.`ID`,g.`SellerID`,g.`ItemID`,g.`CurrentBid`,g.`BuyNow`,g.`TimeLeft`,i.`itmid`,i.`itmname` FROM `gAuction` g LEFT JOIN `items` i ON (g.`ItemID` = i.`itmid`) WHERE (g.`ID` = ".abs(intval($_GET['ID'])).")") or die(mysql_error()); if(!mysql_num_rows($Data) || !ctype_digit($_GET['ID'])) { echo ('An error has occurred, please go back and try again.'); exit($h->endpage()); } $Data = mysql_fetch_array($Data); if((isset($_POST['bid']))) { if(!ctype_digit($_POST['bid'])) { echo ('An error has occurred, please try again.'); exit($h->endpage()); } if($_POST['bid'] < $Data['CurrentBid'] || $ir['money'] < $_POST['bid']) { echo ('You\'ve bidded below the current bid, or you don\'t have enough cash to bid. <a href = "/Auction.php"><span style = "color:#8B0000">Go Back</span></a>'); exit($h->endpage()); } if($_POST['bid'] >= $Data['BuyNow'] && $Data['BuyNow'] > 0) { mysql_query("DELETE FROM `gAuction` WHERE (`ID` = ".abs(intval($_GET['ID'])).")"); //Auction Delete mysql_query("UPDATE `users` SET `money` = `money` - ".abs(intval($_POST['bid']))." WHERE (`userid` = ".$_SESSION['userid'].")"); //Take cash from user mysql_query("INSERT INTO `inventory` VALUES ('',".$Data['ItemID'].",".$_SESSION['userid'].",1)"); // Credit winner item event_add($Data['SellerID'],''.mysql_real_escape_string($ir['username']).' bought your item of the auction using your "Buy It Now Price" ($'.number_format($Data['BuyNow']).')'); echo ('You\'ve successfully purchased the item from the Auction using the "Buy It Now" price!. <a href = "/index.php"><span style = "color:#8B0000">Go Home</span></a>'); }else{ mysql_query("UPDATE `gAuction` SET `CurrentBid` = ".abs(intval($_POST['bid']))." WHERE (`ID` = ".abs(intval($_GET['ID'])).")"); // mysql_query("INSERT INTO `gAuctionBids` VALUES ('',".$Data['ID'].",".$_SESSION['userid'].",".abs(intval($_POST['bid'])).")"); //insert bid mysql_query("UPDATE `users` SET `money` = `money` - ".abs(intval($_POST['bid']))." WHERE (`userid` = ".$_SESSION['userid'].")"); //Take cash from user echo ('Your bid has been confirmed. <a href = "/Auction.php"><span style = "color:#8B0000">Back to Auction</span></a>'); } } if($Data['BuyNow'] == 0) { $Buy = 'Disabled by user'; }else{ $Buy = number_format($Data['BuyNow']); } if($Data['BuyNow'] == 0) { $Sign = ''; }else{ $Sign = '$'; } echo (' <table class = "table" cellspacing = "1" width = "35%" align = "center" style = "text-align:center"> <form action = "Auction.php?page=Bid&ID='.$_GET['ID'].'" method = "post"> <tr> <td width = "25%">Item Name:</td> <td><span style = "color:#8B0000">'.htmlentities($Data['itmname']).'</span></td> </tr> <tr> <td width = "25%">Current Bid:</td> <td>'.number_format($Data['CurrentBid']).'</td> </tr> <tr> <td width = "25%">Buy Now Price:</td> <td>'.$Sign.''.$Buy.'</td> </tr> <tr> <td width = "25%">Enter Bid:</td> <td><input type = "text" name = "bid" value = "0" /></td> </tr> <tr> <td colspan = "2"><input type = "submit" value = "Place Bid" /></td> </tr> </form> </table> <a href = "/Auction.php"><span style = "color:#8B0000">Go Back</a>'); $h->endpage(); } function Add() { global $h; $Data = mysql_query("SELECT i.`inv_itemid`,i.`inv_userid`,i.`inv_qty`,it.`itmid`,it.`itmname` FROM `inventory` i LEFT JOIN `items` it ON (i.`inv_itemid` = it.`itmid`) WHERE (`inv_userid` = ".$_SESSION['userid'].") AND (`inv_itemid` = ".abs(intval($_GET['ID'])).")") or die(mysql_error()); if(!mysql_num_rows($Data) || !ctype_digit($_GET['ID'])) { echo ('An error has occurred, please go back and try again.'); exit($h->endpage()); } $Data = mysql_fetch_array($Data); echo (' <span style = "font-size:2em; font-family:Arial,Helvetica,sans-serif; color:#8B0000">Adding Item To Auction</span> <hr width = "90%"> You have <span style = "color:#8B0000">[i]'.number_format($Data['inv_qty']).'[/i]</span> - <span style = "color:#8B0000">[i]'.htmlentities($Data['itmname']).'[/i]</span> <hr width = "90%">'); if((isset($_POST['time']))) { $One = mysql_query("SELECT `ID` FROM `gAuction` WHERE (`SellerID` = ".$_SESSION['userid'].")"); if(mysql_num_rows($One)) { echo ('Only one item at the auction please.'); exit($h->endpage()); } if(!in_array($_POST['time'], array('1Hour','6Hours','1Day','2Days'))) { echo ('An error has occured please go back and try again.'); exit($h->endpage()); } if($Data['inv_qty'] < 1) { echo ('It seems you don\'t have enough of this item to send it to auction.'); exit($h->endpage()); } if($_POST['time'] === '1Hour') { $time = '3600'; } elseif($_POST['time'] === '6Hours') { $time = '21600'; } elseif($_POST['time'] === '1Day') { $time = '86400'; } elseif($_POST['time'] === '2Days') { $time = '172800'; } mysql_query("INSERT INTO `gAuction` VALUES ('',".$_SESSION['userid'].",".$Data['itmid'].",".abs(intval($_POST['sbid'])).",".abs(intval($_POST['buy'])).",".$time.",unix_timestamp())") or die(mysql_error()); if($Data['inv_qty'] > 1) { mysql_query("UPDATE `inventory` SET `inv_qty` = `inv_qty` - 1 WHERE (`inv_userid` = ".$_SESSION['userid'].") AND (`inv_itemid` = ".$Data['itmid'].")") OR DIE(MYSQL_ERROR()); }else{ mysql_query("DELETE FROM `inventory` WHERE (`inv_userid` = ".$_SESSION['userid'].") AND (`inv_itemid` = ".$Data['itmid'].")")OR DIE(MYSQL_ERROR()); } echo ('You\'ve successfully add the item to the auction. <a href = "/Auction.php"><span style = "color:#8B0000">Click here to View</span></a>'); }else{ echo (' <table border = "0" class = "table" cellspacing = "1" width = "60%" align = "center" style = "text-align:center"> <form action = "Auction.php?page=Add&ID='.$_GET['ID'].'" method = "post"> <tr> <td colspan = "2">Select the amount off time you wish your auction to last.</td> </tr> <tr> <td colspan = "2">1 Hour<input type = "radio" name = "time" value = "1Hour" /> 6 Hours<input type = "radio" name = "time" value = "6Hours" /> 24 Hours<input type = "radio" name = "time" value = "1Day" /> 48 Hours<input type = "radio" name = "time" value = "2Days" /></td> </tr> <tr> <td>Starting Bid</td> <td><input type = "text" name = "sbid" value = "0" /></td> </tr> <tr> <td>Buy It Now Price:</td> <td><input type = "text" name = "buy" value = "0" />(Enter 0 to disable)</td> </tr> <tr> <td colspan = "2"><input type = "submit" value = "Add item to auction" /></td> </tr> </form> </table> <a href = "/inventory.php"><span style = "color:#8B0000">Go Back</span></a>'); } $h->endpage(); } ?>   Open Header.php & find the $bgcolor variable & add underneath.   $Auction = mysql_query("SELECT `ID`,`SellerID`,`ItemID`,`CurrentBid`,`Time`,`TimeLeft` FROM `gAuction` WHERE (`Time` - ".time()." + `TimeLeft` < 1)")or die(mysql_error()); while($Auction2 = mysql_fetch_array($Auction)) { $AuctionBids = mysql_query("SELECT `ID`,`aID`,`BidderID`,`CurrentBid2` FROM `gAuctionBids` WHERE (`aID` = ".$Auction2['ID'].")")or die(mysql_error()); $atime = $Auction2['Time'] - time() + $Auction2['TimeLeft']; if($atime < 1 && !mysql_num_rows($AuctionBids)) { event_add($Auction2['SellerID'],'Your auction finished without any bids.'); mysql_query("INSERT INTO `inventory` VALUES ('',".$Auction2['ItemID'].",".$Auction2['SellerID'].",1)") or die(mysql_error()); mysql_query("DELETE FROM `gAuction` WHERE (`ID` = ".$Auction2['ID'].")")or die(mysql_error()); } elseif($atime < 1 && mysql_num_rows($AuctionBids)) { $AuctionBids = mysql_fetch_array($AuctionBids); event_add($Auction2['SellerID'],'Your auction has finished, the maximum bid was $'.number_format($Auction2['CurrentBid']).''); event_add($AuctionBids['BidderID'], 'You\'ve won the auction!'); mysql_query("UPDATE `users` SET `money` = `money` + ".abs(intval($Auction2['CurrentBid']))." WHERE (`userid` = ".$Auction2['SellerID'].")")or die(mysql_error()); mysql_query("INSERT INTO `inventory` VALUES ('',".$Auction2['ItemID'].",".$AuctionBids['BidderID'].",1)")or die(mysql_error()); mysql_query("DELETE FROM `gAuction` WHERE (`ID` = ".$Auction2['ID'].")")or die(mysql_error()); mysql_query("DELETE FROM `gAuctionBids` WHERE (`aID` = ".$Auction2['ID'].")")or die(mysql_error()); } }   Open inventory.php & find [Sell] Add next to it:   [[url='Auction.php?page=Add&ID={$i[']Add to Auction[/url]]   Open global_func.php & add.   function time_format($seconds) { // Made by MagicTallGuy $seconds = floor($seconds); $days = intval($seconds / 86400); $seconds -= ($days * 86400); $hours= intval($seconds / 3600); $seconds -= ($hours * 3600); $minutes = intval($seconds / 60); $seconds -= ($minutes * 60); $result = array(); if($days) { $result[] = sprintf("%u day%s", number_format($days), ($days == 1) ? "" : "s"); } if($hours) { $result[] = sprintf("%u hour%s", $hours, ($hours == 1) ? "" : "s"); } if($minutes && (count($result) < 2)) { $result[] = sprintf("%u minute%s", $minutes, ($minutes == 1) ? "" : "s"); } if(($seconds && (count($result) < 2)) || !count($result)) { $result[] = sprintf("%u second%s", $seconds, ($seconds == 1) ? "" : "s"); } return implode(", ", $result); }   And that's it, let me know of any bugs I did this quickly so have no idea if there are any.

I feel that the DB is easier to manage & with it being mail/shoutbox scripts, I would of thought that they would have been used to show the time anyway lol. If it's in a session all they have to do is logout, signin and do it again & a script to do that isn't hard. As for cookies, I don't know. EDIT: Just realised this wasn't in the MC section lol, yes Lazy - Now your right :L if there's no 'logout' system.

Yup timestamps are alot better, especially for the users point of view. I've just used them for an auction system that i'll be posting in a little while. :thumbsup: You could also use them on mail/shoutbox scripts to prevent spam. Example: if(time() - $Data['TimeStampInDB'] < 60) { echo 'Nooooo wait 1 min'; }

Post Updated, staff delete added.

Yeah -- BBcode on the comments would be a bad idea, it's really just meant for small comments, and the idea of having img's,big text ect ect there wouldn't be appealing, and Yup crimgame is right about the vulnerable parsers. I'll do the staff delete though. :D

Yes, you may say 'ugh just another one', but the fact is I was looking here and couldn't find a decent free one, well I only found part of it. This is simple, users can post on each others profiles, and the account owner can delete the comment if deemed necessary. If anyone wants anything added to it just let me know, I'm more than happy to add anything to it... SQL: CREATE TABLE IF NOT EXISTS `gComments` ( `ID` int(11) NOT NULL auto_increment, `SenderID` int(11) NOT NULL, `RecieverID` int(11) NOT NULL, `Comment` text NOT NULL, PRIMARY KEY (`ID`), KEY `ID` (`ID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; Comments.php <?php //Made by Zed -- Do NOT re-distribute as your own! //ONLY TO BE POSTED ON MAKEWEBGAMES.COM include(DIRNAME(__FILE__).'/globals.php'); if((!$_GET['ID']) || (!ctype_digit($_GET['ID']))) { echo ('You\'ve clicked an invalid link, please report to an administrator.'); exit($h->endpage()); } if(isset($_GET['Delete'])) { $Data = mysql_query("SELECT `RecieverID` FROM `gComments` WHERE (`ID` = ".abs(intval($_GET['ID'])).") AND (`RecieverID` = ".$_SESSION['userid'].")",$c); if($ir['user_level'] == 2 || mysql_num_rows($Data)) { mysql_query("DELETE FROM `gComments` WHERE (`ID` = ".abs(intval($_GET['ID'])).")"); echo ('The comment chose has been deleted. <a href = "/viewuser.php?u='.$_GET['ID'].'"><span style = "color:#8B0000">Go Back</span></a> '); exit($h->endpage()); }else{ echo ('This comment doesn\'t belong to you.'); exit($h->endpage()); } } if((isset($_POST['comment']))) { if(empty($_POST['comment'])) { echo ('You\'ve failed to fill the form in correctly.'); exit($h->endpage()); } mysql_query("INSERT INTO `gComments` VALUES ('', ".$_SESSION['userid'].", ".abs(intval($_GET['ID'])).", '".mysql_real_escape_string(strip_tags($_POST['comment']))."')",$c); event_add(abs(intval($_GET['ID'])), ''.mysql_real_escape_string($ir['username']).' has just left a comment on your profile!'); echo ('Your comment has successfully been posted. <a href = "/viewuser.php?u='.$_GET['ID'].'"><span style = "color:#8B0000">Go Back</span></a>'); }else{ echo ('<span style = "font-size:2em; font-family:Arial,Helvetica,sans-serif; text-align:center; color:#8B0000">Posting Comment</span> <hr width = "90%"> <form action = "Comments.php?ID='.$_GET['ID'].'" method = "post"> <input type = "text" name = "comment" value = "" /> <input type = "submit" value = "Post Comment" /> </form> <a href = "/viewuser.php?u='.$_GET['ID'].'"><span style = "color:#8B0000">Go Back</span></a> '); } ?> Open viewuser.php Find: print "</tr></table>"; -- Near end of file. Replace with: echo ('<tr> <td align = "center" colspan = "3"><a href = "/Comments.php?ID='.$_GET['u'].'"><span style = "color:#8B0000">Add Comment</span></a></td> </tr> </table>'); Then add underneath: echo (' <table width = "100%" cellspacing = "1" class = "table"> <tr> <th colspan = "3">User Comments</th> </tr>'); $Data = mysql_query("SELECT g.`ID`,g.`SenderID`,g.`RecieverID`,g.`Comment`,u.`userid`,u.`username` FROM `gComments` g LEFT JOIN `users` u "."ON g.`SenderID` = u.`userid` WHERE (`RecieverID` = ".abs(intval($_GET['u'])).") LIMIT 20"); if(!mysql_num_rows($Data)) { echo ('<tr> <td colspan = "1">This user has no comments.</td> </tr> </table>'); exit($h->endpage()); }else{ while($cData = mysql_fetch_array($Data)) { echo (' <tr> <td width = "15%">'.htmlentities($cData['username']).'</td> <td>'.stripslashes(htmlentities($cData['Comment'], ENT_QUOTES)).'</td>'); if(($_SESSION['userid'] === $cData['RecieverID'])) || ($ir['user_level'] == 2)) { echo (' <td width = "10%" align = "center"><a href = "/Comments.php?Delete&ID='.$cData['ID'].'"><span style = "color:#8B0000">Delete</span></a></td>'); } } echo ('</tr></table>'); It's not had alot of testing, but should all work well, it's just something simple so I can keep the boredom away. ^^

$_POST['blah'] = abs((int) $_POST['blah']), would work, as long as it goes into the DB as that, it's fine. Anyway what I forgot to mention was on some server setups, for some reason ctype_digit() allows the '-' character. -- I've had first hand experience with this.

Sooo now you're letting users can enter integers & characters into your form, well I hope atleast you're attempting to secure the query. ctype_digit(), only allows digits, so I'm not sure what you're doing wrong. ?(

This looks promising, I'm going to have a little tinker around with it. :)

No, what I mean is if the hijacker got as far as getting there IP & user-agent then that's alot of work just to get into an RPG account, they would be better off trying to get your bank details. Yes a simple script can do that, but your site has to be penetrated in order to redirect your site there. -- What I'm trying to say is, why would someone take all that trouble just to enter an account? But *if* they did there has to be some kind of damage limitation in place, I see it every where when user's accounts have been 'hacked' and all there stuff is gone and they have no cash ect ect.

Agreed, But it's also about damage limitation,if for some reason an account was compromised there has to be way's in order to prevent complete 'destruction' of there account & game play experience. Obviously both ways posted have there flaws but in all seriousness who is going to spend the time finding a users user-agent & IP just to access an RPG account, I think they'd be after there bank details if they got that far lol.

The 'hijacker' would have to get the exact 'user-agent,IP' of the user involved, now that's going to be hard for anyone without access to you DB or there PC. With the 'log' I meant all IP's would be logged but you could disregard AOL IP's, but if you change IP, you'd need to get the exact user IP anyway, same with user-agent. And with the JS and sessions, I'm pretty sure you could only get your own session ID, the easiest way to get them is just going to the 'tmp' folder as that's where all sessions are stored.(unless you've changed the session.save.path) I think I see an issue with your idea, when the user actually hijacks the session they will then be on there account, so there ID.(maybe I just haven't got the idea correctly.) But I feel as long as everything *important* is validated, (item sell,cash send,crystal send) ect ect, that will limit the damage that could be done, and atleast reassure yourself that even if someone did find a way round your defences that your players are relativity safe.

I suppose with the IP side of things you could have a 'log' of any the users IP's that change during game play, If there user-agent is AOL you can disregard, but if not maybe look into a little more, see if it's the same a another user. (potential hijacker).

Yeah, It's obviously flawed since the more experienced 'hackers/hijackers' can 'spoof' the user-agent, or simply may have the same user-agent, But it's an extra layer to get through rather than just 'walking in'.

This is a good prevention technique, but in no way *solves* the problem, other precautions need to be taken, A good way is password validate important game functions like selling items/sending cash ect. Being on a shared host doesn't help the problem either as all sessions are stored on a certain folder, but if you're on a VPS you can change the session path and that makes the 'hijackers' life a lot harder.

Yup I know why, I said a few posts up lol, just didn't want to get into a 'fight' with someone I know haha

Yup, I've tried all of them lol, with sprintf() it works, without, well, I get errors lol.

Well I've just tried and as expected received errors, You're adding an extra parameter to "mysql_query" with no function to handle it, I don't understand how that could work :S Lol, Maybe it does work for you guys but I sure as hell don't see the logic in this.

You're missing the point, you're using "sprintf()" operators without sprintf() itself, have you tried it?, I'm pretty sure you're going to receive errors.

You could use "isset()", http://uk.php.net/manual/en/function.isset.php Example:   if(isset($_GET['action'])) { blah }

I'm sorry but that made me 'lol' :L

Thank You Sethenor =) NOTE: Price reduced to $15 upon a few people requested as such.

Thank You =)

Hey, this is a "Units" modification, it suits all game types so could be of interest to many of you fellow game owners. User's can buy "Units", they can be what ever you want, I.E: 'Tanks','Boats','Horses', Anything that fits your game theme. User's can then battle others with there units, depending on the power/speed/defence they win/lose in a very nice attack system. Here are some screen-shots to show you the modification as I'm not a very good talker :L No Units -- http://img704.imageshack.us/img704/2794/nounits.png Recruit Main -- http://img704.imageshack.us/img704/2951/recruitmain.png Information -- http://img716.imageshack.us/img716/45/informationq.png Recruiting -- http://img31.imageshack.us/img31/8646/recruiting.png With Units -- http://img18.imageshack.us/img18/9783/withunits.png Train Main -- http://img31.imageshack.us/img31/3637/trainmain.png Main With Course -- http://img31.imageshack.us/img31/9999/mainwithcourse.png Battle -- http://img31.imageshack.us/img31/9612/battley.png Staff Unit Create -- http://img11.imageshack.us/img11/5725/staffunit.png Staff Course Creator -- http://img638.imageshack.us/img638/84/stafftrain.png Just some information on the "Training" side of things... Staff can create 'courses', you can pick name/description/price/Type/% increase in stats. So for instance if I had a "Tank" as a Unit I could create a course with "Tank" as the Unit type, Upon completion the users "Tank" unit will be upgraded depending on the % set. The battle has a win/lose/stalemate system. I offer full support on this modification, there will be upgrades both free and paid, I'll throw a few ideas out there... 1) Marching time, It takes time to march to the other users "Battle Ground". 2) Being able to appoint a "General" which in return boosts units stat's depending on it's own. You could use this as a complete replacement to the original attack system or run it side by side, your choice. :) If you'd like to purchase please PM me the URL that will be used and the email you'd like the mod to be sent to, I'll then send my paypal address and upon payment I'll send the mod out. :) I think that's it, any questions please let me know.

Okay fist post has been updated with required specifications.   I'm not quite sure what you mean?, I've tested it and can't seem to find that error...?