Equinox

You do question a lot, in all fairness. But hey, if you know something well enough to argue it and always be right, you might aswell. But in most cases you're wrong. Great work Dave, your standard of code seems to be getting better, definitely from works I've seen of yours in the past :D

$Job = mysql_fetch_array(mysql_query("SELECT `jNAME` FROM `jobs` WHERE (`jID` = ".$ir['job'].")")); echo 'Current job : '.$Job['jName'].''; That should do it Or there should be a LEFT JOIN query at the top, include jNAME in it and then echo out '.$r['jNAME'].' or something similar to what you have done

Erm, I opened photoshop once again and started painting xD Sig :

Yup, contact me on MSN

Well, turns out bigger and better opportunity for me has arisen and I can no longer continue to work on my own engine. So I've decided to sell, I will only be selling to a trusted person and for the time an effort I've already put into this site, I won't be selling for cheap, so don't make silly offers please. The game is built from the ground up, custom. No McCodes involved. It's secure and I've had a number of people do some 'tests' on it to check it's safe and it seems fine. You will get the domain and if you like, I will continue to host it on mine and Zed's server for as long as you like. There are some incomplete things within the game, but I can complete them for the buyer if required. So far, the game consists of: Login, Register Inventory Shops Explore Mailbox Events Hospital Jail Settings page Game Info page (userlist, usersonline) Profile Search feature Tasks (crimes) Train (gym) The database is setup well, it's not cluttered and as far as I know I've used the right indexations and database optimizations. I went through it and cleared it up a few days ago. The site runs fast and it wouldn't take a lot of work to get it open and ready to go And then the main files, such as a cron file which runs on timestamps, so the game updates to the second. There are also some other little features the game has, like logging everything so you can create awards and what not. I will continue to work on the game and make features if the new owner would like me to, as well as completing the features that are currently there but incomplete. http://www.conflictchaos.com Add me on MSN or email me at : [email protected] If the game fails to sell, it will die. Or remain until I can return.

Don't get me wrong, it's a good point you bring up. I remember having this discussion with you on how to fix it, didn't we land on urlencode() and/or htmlentities() also Kanna suggested the basename?

Here's a good solution..... The file I want is called login.php, so instead of using PHP_SELF, I just type login.php. action="login.php" Win.

Write - obvious xD Right - direction Wright - "a constructive worker" (I didn't know this one) Rite - a formal or ceremonial act or procedure prescribed or customary in religious or other solemn use: rites of baptism; sacrificial rites. =]

Take out what you added into globals.php Open up global_func.php and add:   function quest_dropdown($connection,$ddname="quests",$selected=-1) { global $db; $ret="<select name='$ddname' type='dropdown'>"; $q=$db->query("SELECT * FROM quests ORDER BY questNAME ASC"); if($selected == -1) { $first=0; } else { $first=1; } while($r=$db->fetch_row($q)) { $ret.="\n<option value='{$r['questID']}'"; if ($selected == $r['questID'] || $first == 0) { $ret.=" selected='selected'";$first=1; } $ret.=">{$r['questNAME']}</option>"; } $ret.="\n</select>"; return $ret; } function questgroup_dropdown($connection,$ddname="questgroup",$selected=-1) { global $db; $ret="<select name='$ddname' type='dropdown'>"; $q=$db->query("SELECT * FROM questgroups ORDER BY qgNAME ASC"); if($selected == -1) { $first=0; } else { $first=1; } while($r=$db->fetch_row($q)) { $ret.="\n<option value='{$r['qgID']}'"; if ($selected == $r['qgID'] || $first == 0) { $ret.=" selected='selected'";$first=1; } $ret.=">{$r['qgNAME']}</option>"; } $ret.="\n</select>"; return $ret; }

I have now opened a Sign Up page, this will just give you access to a BETA account when it is released

illegalife does some good work

http://www.conflictchaos.com http://conflictchaos.com/Login.php conflictchaos.com/Login.php http:// www. conflictchaos com Login.php Click me   I has copy.

Yeah, well mine is : http://www.conflictchaos.com /me spams

Ah thanks, fixed

You'd need to add a quantity to the Items table, then on the item use, make a form for how many they want to use Then just do some checks   if((isset($_POST['Amount'])) && ctype_digit($_POST['Amount'])) { mysql_query("UPDATE `inventory` SET `Quantity` = `Quantity` - ".$_POST['Amount']." WHERE (`userid` = ".$_SESSION['userid'].") AND (`inv_id` = ".$r['inv_id'].")"); echo 'You used '.number_format($_POST['Amount']).' of the '.htmlentities($Item['ItemName']).''; // I'm sure something like $Item was defined elsewhere }   I don't care if you would do this differently, do it your way if that's the case This may not be 100% accurate, I've forgotten a lot of the McCodes setup, and this is just a quick idea of how it can be done. That's the way I'd do it

That's awesome xD

Just to note, I didn't add the whitelist array, I didn't add much to the code at all, I removed mysql_real_escape_string() from a query as it was a number and I done a few checks like The OP had if(!$_GET['id']) and I changed it to if((!isset($_GET['id'])) || !ctype_digit($_GET['id'])) ...thinks like that -.- I also added a function for the Buy() is he was doing it in 2 pages when it could be done in 1 =]

<?php /*---------------------------------------------------------- -- Crystal Dealer -- Please DO NOT alter this section -- This page has been developed by David Armstead (Maniak) -- Contact me @ [email][email protected][/email] ----------------------------------------------------------*/ include_once (DIRNAME(__FILE__) .'/globals.php'); $_GET['action'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? trim($_GET['action']) : 'index'; switch($_GET['action']) { case 'add': add(); break; case 'Buy': Buy(); break; default: index(); break; } if (!in_array($_GET['action'], array('index', 'add'))) { echo('Invalid Command!'); exit($h->endpage()); } function index() { global $db, $ir, $h; $q=$db->query("SELECT * FROM `crydeal`"); echo "<h3>Crystal Dealer</h3>"; if($ir['user_level'] == 2) { echo "<p align='left'>[url='?action=add']Add crystals to the dealer[/url]</p>"; } echo "<p align='left'>Welcome to the crystal Dealer. Here you can buy a set amount of crystals from the game for a set price.</p> <table width='50%' class='table'><tr> <td class='h' width='40%'>Number of Crystals</td> <td class='h' width='40%'>Cost</td> <td class='h' width='10%'></td> </tr>"; if(!$db->num_rows($q)) { echo "<tr><td colspan='3' align = 'center'>No crystals for sale here!</td></tr>"; } else { while ($r=$db->fetch_row($q)) { echo "<tr> <td width='40%'>".number_format($r['crystals'])."</td> <td width='40%'>$".number_format($r['price'])."</td> <td width='10%'><a href='dealer.php?action=Buy&id=".$r['id']."'>[buy]</td> </tr>"; } } echo "</table>"; } function add() { global $db, $ir, $h; if(isset($_POST['submit'])) { if(!isset($_POST['crystals'])) { echo "Amount of crystals cannot be empty!"; exit($h->endpage()); } if(!isset($_POST['price'])) { echo "The price cannot be empty!"; exit($h->endpage()); } else { $db->query("INSERT INTO `crydeal` VALUES(NULL, ".abs(intval($_POST['crystals'])).", ".abs(intval($_POST['price'])).")"); echo "Crystal package added. [url='dealer.php'][View package][/url]"; } } if($ir['user_level'] !=2) { echo "Haha, trying to fool the system?! Just get out of here!"; } else { echo "<form action='?action=add' method='post'> <table width='95%' class='table'> <tr> <td colspan='2' class='h'><center>Add a new package</td> </tr> <tr> <td>Amount of crystals</td> <td><input type='text' name='crystals' length='70'></td> </tr> <tr> <td>Cost (for the package)</td> <td><input type='text' name='price' length='70'></td> </tr> <tr> <td></td> <td align='right'><input type='submit' value='Add package' name='submit' /></td> </tr> </table> </form>"; } } function Buy() { global $h, $ir, $db; if((!isset($_GET['id'])) || !ctype_digit($_GET['id'])) { echo "Invalid use of file"; exit($h->endpage()); } else { $q=$db->query("SELECT * FROM `crydeal` WHERE `id` = ".$_GET['id'].""); if(mysql_num_rows($q) == 0) { echo "Invalid action."; exit($h->endpage()); } else { $cryd=$db->fetch_row($q); if($ir['money'] < $cryd['price']) { echo "You do not have enough Money!"; exit($h->endpage()); } $price=$cryd['price']; $crystals=$cryd['crystals']; echo "You brought ".number_format($cryd['crystals'])." for $".number_format($price).". > [url='explore.php']Back[/url]"; $db->query("UPDATE `users` SET `money` = `money` - ".$price.", `crystals` = `crystals` + ".$crystals." WHERE (`userid` = ".$_SESSION['userid'].")"); } } ?>   I didn't do much, you don't need to mysql_real_escape_string() a number, and I made 2 files into 1...and just cleaned up bits of the code Good job

can i make a slight suggest there mate, add conflictchaos.com ... Thanks, sorted :) And thanks Kenji

Well, I guess it's about time I get this up. I've been working on this for a few days and would just like to make people kind of aware of it's existence. Here's a little information on it:   Conflict chaos is a game that is completely built from scratch from the ground up, a few people have seen the development in progress and even watched me make the engine on TeamViewer - it's come quite far and I've been working solidly, it uses NO McCodes whatsoever. I am the only developer/designer, however the template was made by Kenji and I've modified the inside a bit. This system will be secure and efficient, I've made it my number one project. I've been focussing a lot on speed using little tactics that I've picked up over some time and using the correct MySql Indexations and not using these stupid classes, etc that slow the game right down. I will be needing BETA testers and there will be a link soon which you can visit to basically secure your position of a tester, as I don't need a huge amount of people. The game features will be interesting and there will definately be a lot to do, so far I've got a working Interface for users and some basic features to do with user interaction and general game play. I'm trying very hard to create unique ideas but I'm not that creative.... If you'd like to know any more, reply here or you can add me on MSN with any questions, or maybe you'd like to help out a bit with ideas, or maybe even a banner (I'd do it myself but I have so much running through my head, I can't make it creative :huh: )   [email protected] conflictchaos.com Oh, and I'm aware that it looks a little bit like HoboCountry, Kenji made it >.< It will be changed, I just need something to work with and it's the last thing I need to worry about right now :D

mt_rand() is faster and the randomness of numbers is better. It's perfectly acceptable in this case, yes. And they both do the EXACT same job here, yes. But mt_rand() would be faster by about .2 of a second. I'm not saying he's wrong in using rand() =p I'm purely saying mt_rand() is faster xD[MSIE_newline_end ]

Lookin' good boys :D good luck with it, if you need any help, let me know ;) [MSIE_newline_end ]

I use mt_rand() purely because it's meant to be 4 times faster than rand()... . Oh, and HTML issues.....<font> has been deprecated, and naming the colour, for example "<font color = lime>" will fail a HTML test, you need to use the colour hash, like <font color = #8B0000> The correct HTML here would be: <span style = "color : #00FF00;"></span>[MSIE_newline_end ]

[mccode lite] Bomb User. You could modify that...

I wouldn't advise following this, most of the things here are bad practice.