Coly010

I don't know if I have a cache issue or if your code is bugged

More than a constructor function I should say. And explain my object referencing issue?

First time I looked at that class. It's disgusting. One of the many things I see wrong is that it doesn't check whether the user it's trying to pull information on even exists. Next up, all it does is create a bunch of variables in a class, and doesn't do it nicely, or efficiently (foreach( $worked as $k=>$v){ $this->$k = $v; } ??? ). There's no need for this class. A user class should have both variables and functions. Even functions as simple as addMoney($amt), removeMoney($amt). It makes the logic code a lot better. If this approach was taken for a lot of the code you setup for say buying an item could be as simple as: if(!$this->Items->itemExists($itmid)){ //handle error } $item = $this->Items->getItem($itmid); if($this->User->get("money") < $item['cost']){ // handle error } $this->User->removeMoney($item['cost']); $this->User->giveItem($itmid);   It cuts down a lot of code and makes life easy and makes the code very readable and easy to understand

For loop with php mail();? Not the best or great solution but might work?

[uSER=65371]sniko[/uSER] , if you come across anyone you recognise, you should let them know their accounts are vulnerable and report to them to change their passwords.

unless itmname is a field in your backpack you are trying to access a field that doesn't exist. Consider joining the items table

http://en.code-bude.net/2013/01/06/php-rand-vs-mt_rand-what-is-more-accurate-what-is-faster/ http://golearnphp.com/php-rand-vs-mt_rand-and-openssl_random_pseudo_bytes/

No, both. Use $db->query to "query" the database. It will return a result and store it in the $note variable. But this result isn't just the data you wanted. It contains a lot of information about the query you asked the database to process. To get the data you need, after you query the database you need a line to store the data. $result = $db->fetch_row($note); Your code should look like: $myid = ($ir['userid']); $yourid = ($r['userid']); $note = $db->query("SELECT `note` FROM `notepad` WHERE `myid`={$ir['userid']} AND `yourid`={$r['userid']}"); $result = $db->fetch_row($note); echo "".$result['note']."";

Frameworks never made sense... That's a great start. Um.. They help keep your code maintainable. They provide a range of functions, libraries and helpers to help speed up the process of development. They generally provide an OO environment out of the box. A lot of them allow you to split the logic and design parts of your code. They provide extensions or plugins to handle things like rendering, bbcode parsers etc. They provide a good code structure. A lot of them have some sort of cache system built in. I'm not sure about Laravel but CodeIgniter has built in CSRF and XSS protection. CodeIgniter also has Query Builder which can help make your database queries more maintainable and readable. Don't knock them until you try it

I use CodeIgniter, I like it a lot actually /: so I'll prepare myself for the bashing

[uSER=72582]boionfire81[/uSER] don't worry about getting overwhelmed. There's a lot to take in. You don't replace SCRIPT_NAME with anything. This allows the server to find the file that was requested. It returns the full file name. So if someone clicked on explore, the value of it would be explore.php Therefore in your $denied variable you would need to write "explore.php" or whatever pages you don't want to allow access to

A switch is similar to if and if else and if elseif else statements. It takes the form: $id = 1; switch($id) { case 1: // run code break; case 2: // run code break; default: // run code for no matches break; }   It checks the variable passed in for a match in ease of the cases. If it does it runs all the code up to a break; A function similar to the one Kyle suggested is the best option for restricting specific pages based on other rules

I know it can be done without, but it would be better with. The zip would contain the logic file(s), the controller (if part of the code structure), and the view file. In my own ideal scenario, it would also contain a links.txt file. This would have a structure like: link : title : location Where the link is the url to a certain part of the mod, title is the link text and location would be town or main menu When the zip is uploaded the code would scan for this file, and on finding it would read the location and link and store them into a db. Then the mainmenu and the town links etc would be retrieved from the db. The admin panel could have a wysiwyg editor to allow the owner to change the order of the links or their titles.

To make your bars real time you need to learn the concept of asynchronous requests and of how php works at the minute for you. Some terminology: Client - The machine that your player(s) are using to access your site. Server - The machine that stores your game code, runs it, processes requests. How it works for now: The client sends requests to the server. The server receives the request and process it. Nine times out of ten these requests are GET requests. The server handles the requests and sends a response to the client that sent the request. So, when a player comes to your site and is simply clicking through the menu etc, it's sending requests to the server. The server is handling the requests and returning the appropriate repsonse. When a player clicks the Explore link, the url in your code is /explore.php. The client sends a request to the server to look for this file, and process the code in the file, and sends the response to the client. The browser on the client interprets the response and displays the result to the player. It loads the template and the content etc. Now, as it stands, Mccodes is set up that when the client sends a request to the server, it loads the players energy and other stats into an array. Then it runs the queries that change the stats. But it doesn't change the values in the array. Therefore the values that get displayed after a page is loaded is one step behind. You are looking for real time bars. As it stands, a request is sent and response is received. And that's the end of the connection between client and server until another link is clicked. But for real time bars you need to be constantly sending requests to the server to receive the new values to allow you to update the page. For this you need to learn JavaScript and AJAX. jQuery can make the process easier however.

An OO Modular code structure could work very well for this. I always had plans to do something similar to that. The idea would be that a developer could zip a mod for the game, and a game owner could install the mods through the admin panel by uploading the zip

I was hoping the reiteration would help the issue of making it OO more noticeable.

Go more OO. It'll be more maintainable and scalable in the long run. You can also cut down the amount you rewrite code.

Mccodes doesn't use or modify any .htaccess If the error occurred when trying to visit the cpanel then it's a problem for your server admins unless you installed cpanel yourself

http://www.wordstream.com/meta-tags May be helpful

You haven't grasped the concept of working with databases in PHP. What you have done is selected the field upgrades from the table property_mod_user using two other fields in it to determine which row to select. However, this code isn't what has caused the Critical Error. We cannot help with the error unless you show us the correct piece of code relating to the error. For your PHP code to work, you need to ask the database for the resulting field and value which can be done as follows: $q = $db->query("SELECT `upgrades` from `property_mod_user` WHERE `userid` = $userid, `upgrades` = $upgrades"); $result = $db->fetch_row($q); if(in_array($ir['upgrades'], $result)){ // Allow } else { // Dont }   The in_array() function takes a value as it's first parameter and an array as it's second parameter. It will search through the array until it finds the value that is specified in the first parameter. If it finds it, it returns true, if it doesn't it returns false. Some more information on some of these concepts: Arrays http://php.net/manual/en/language.types.array.php http://www.w3schools.com/php/php_arrays.asp in_array() http://php.net/manual/en/function.in-array.php Database Results http://www.w3schools.com/php/php_mysql_intro.asp http://www.w3schools.com/php/php_mysql_select.asp

  Thanks for pointing that out haha. I didnt notice

Use an array $restriced = [1, 4, 6, 7, 8]; if (in_array($ir['houseid'], $restricted)){ // restrict page } else { // show page }   You could even create a table In the database which you can use to populate the array, making it more dynamic

Um.. You do realise that Google uses more than just keywords to rank websites? It scans the content on the pages, it scans all content it can get access to. It'll try match some of that content to the search string. That's why if you search "powered by codes from dabomstew". A lot of Mccodes games come up, despite not having it in a meta tag for keywords. It also checks if the site is compatible on mobiles. It scans the title of the website too. When I search Mccodes, not a single game appears on the first 2 pages. Powered by codes from dabomstew gives me a lot of games. That line is at the bottom of the page. I wouldn't call it a keyword. Granted I don't know a lot about SEO, but from experience it won't matter. Also, you don't want to limit your search results, despite it possibly opening it up to potential hackers. If your game is secure you have nothing to worry about. It doesn't take much to secure the game. A hacker can even be beneficial. Not all hackers are bad people. Some do it to help improve security. A man found a bug with the PayPal site, took screenshots and reported it. If a hacker hacks your site then the fault is in lack of security, not in search engine presence.

I've done a fair bit of work on this game and it still seems be as popular as it was when I began working on it a year ago.

1.) Simply by avoiding being on google, you are not going to avoid hackers. By avoiding being on google you will be decreasing your chances of receiving an user base. 2.) A smart hacker will have already thought to edit anything that can point directly to him/her. Simply trying to block them is not enough. You need to protect your application against XSS. Easiest way to do this is to filter user input, and prevent inputted code from executing. Be careful of areas in your code that prints user input as html. You need to make sure that the inputted data has been filtered for any malicious code. On a side note. Never run php's eval() without good reason and never in a situation that can allow a user to somehow get their own input to be ran by it. 3.) Don't just stop at XSS, look into CSRF protection too. Essentially what you are looking for is a way to prevent a user submitting a form from somewhere other than your site or using your form. A token generator is normally enough to suffice. It generates a token for the user for the form they are filling out and then once they submit the server side code checks that a token was sent and that it matches one that was created for a form. 4.) Don't argue with sniko, or he'll find a way to rip you to shreds. He knows what he's talking about and lately seems to like to tear apart people for their misunderstandings.