halfbaked

Sorry didn't get it reposted net went away just recently got better net. anyhow the new version seems to work fine.

I have tested this and found no bugs it prevents users from being able to use negative numbers to get unlimited amounts of cash and it stops users from being able to take more out then max loan. to upload this just overwrite your bank.php with the file run the 1 sql and add the one cron to day cron. mysql_query("UPDATE `users` SET `money` = `money` - 2500 WHERE `loan` > 0", $c); <---- Add to day cron ALTER TABLE `users` ADD `loan` INT (11) NOT NULL ; <----------- insert into php my admin   <?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); if($ir['jail'] > 0 || $ir['hospital'] > 0) { echo"This page cannot be accessed while in the jail or hospital."; echo"<a href='index.php'> Go Home</a>"; exit(); } echo"<h3>Savings & Loan</h3>"; if($ir['bankmoney']>-1) { switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money']>49999) { print "Congratulations, you bought a bank account for \$50,000!<br /> <a href='bank.php'>Start using my account</a>"; mysql_query("UPDATE users SET money=money-50000,bankmoney=0 WHERE userid=$userid",$c); } else { print "You do not have enough money to open an account. <a href='explore.php'>Back to town...</a>"; } } else { print "Open a bank account today, just \$50,000!<br /> <a href='bank.php?buy'>> Yes, sign me up!</a><br /><br />"; } } function index() { global $ir,$c,$userid,$h; print "\n<b>You currently have \${$ir['bankmoney']} in the bank.</b><br /> At the end of each day, your bank balance will go up by 2%.<br /> <table width='75%' border='2'> <tr> <td width='50%'><b>Deposit Money</b><br /> It will cost you 15% of the money you deposit, rounded up. The maximum fee is \$3,000.<form action='bank.php?action=deposit' method='post'> Amount: <input type='text' name='deposit' value='{$ir['money']}' /><br /> <input type='submit' value='Deposit' /></form></td> <td> <b>Withdraw Money</b><br /> There is no fee on withdrawals.<form action='bank.php?action=withdraw' method='post'> Amount: <input type='text' name='withdraw' value='{$ir['bankmoney']}' /><br /> <input type='submit' value='Withdraw' /></form></td> </tr> </table>"; } function deposit() { global $ir,$c,$userid,$h; $_POST['deposit']=abs((int) $_POST['deposit']); if($_POST['deposit'] > $ir['money']) { print "You do not have enough money to deposit this amount."; } else { $fee=ceil($_POST['deposit']*15/100); if($fee > 3000) { $fee=3000; } $gain=$_POST['deposit']-$fee; $ir['bankmoney']+=$gain; mysql_query("UPDATE users SET bankmoney=bankmoney+$gain, money=money-{$_POST['deposit']} where userid=$userid",$c); print "You hand over \${$_POST['deposit']} to be deposited, <br /> after the fee is taken (\$$fee), \$$gain is added to your account. <br /> <b>You now have \${$ir['bankmoney']} in the bank.</b><br /> <a href='bank.php'>> Back</a>"; } } function withdraw() { global $ir,$c,$userid,$h; $_POST['withdraw']=abs((int) $_POST['withdraw']); if($_POST['withdraw'] > $ir['bankmoney']) { print "You do not have enough banked money to withdraw this amount."; } else { $gain=$_POST['withdraw']; $ir['bankmoney']-=$gain; mysql_query("UPDATE users SET bankmoney=bankmoney-$gain, money=money+$gain where userid=$userid",$c); print "You ask to withdraw $gain, <br /> the banking lady grudgingly hands it over. <br /> <b>You now have \${$ir['bankmoney']} in the bank.</b><br /> <a href='bank.php'>> Back</a>"; } } $_GET['action'] = (isset($_GET['action']) && is_string($_GET['action'])) ? htmlentities($_GET['action'], ENT_QUOTES) : FALSE; if(!in_array($_GET['action'], array('borrow','repay','loanshark_main',''))) { printf('Sorry, it seems something went wrong. Go back and try again. '); echo"<a href='bank.php'>Go Back</a>"; exit(); } switch($_GET['action']) { case 'borrow': borrow_money_start(); break; case 'repay': repay_money_start(); break; default: loandepartment_main(); break; } function loandepartment_main() { global $ir; //This is just the amount left they can borrow. I added to the end. So they can only see what they can borrow up to. $maxloan = $ir['level'] * 5000 - $ir['loan']; printf('<h3>Loan Departent</h3>'); printf('Welcome to the Your Game Name Here 1st National Bank loan department. '); printf('We are here to assist you. '); printf('Due to your poor credit history and in ability to hold down a job due to some legal issues. '); printf('In order for me to get your loan approved you are going to have to scratch my back too. How does $2500 bucks a day lining my pocket sound?. '); printf('If you do not like the deal then move on I got other shady characters waiting and willing to line my pockets. '); $current_loan = $ir['loan'] == 0 ? ('You do not currently have a loan. ') : ('You currently have a loan of $'.number_format($ir['loan']).'. '); printf($current_loan); printf('The max you can borrow is $'.number_format($maxloan).' '); echo"<a href='bank.php?action=borrow'>Borrow Money</a><br /> <a href='bank.php?action=repay'>Repay Loan</a>"; } function borrow_money_start() { global $ir,$db; $maxloan = $ir['level'] * 5000; if(isset($_POST['borrowed'])) { if($_POST['borrowed'] + $ir['loan'] > $maxloan) { printf('Sorry, you are trying to borrow more than your max amount allowed. '); echo"<a href='bank.php?action=borrow'> Go Back</a>"; exit(); } if($_POST['borrowed'] < 0) { printf('Sorry, but negative numbers is not allowed to be entered quit trying to cheat. '); echo"<a href='bank.php?action=borrow'> Go Back</a>"; exit(); } else if(!ereg("[0-9]",$_POST['borrowed'])) { printf('Sorry, it seems something went wrong. Please go back and try again. '); echo"<a href='bank.php?action=borrow'>Go Back</a>"; } else { $update_user = sprintf("UPDATE users SET loan = loan + %u, money = money + %u WHERE userid = %u",abs(@intval($_POST['borrowed'])),abs(@intval($_POST['borrowed'])),abs(@intval($ir['userid']))); mysql_query($update_user); printf('You just borrowed $'.number_format($_POST['borrowed']).' from the loan department. '); echo"<a href='bank.php'>Go Back</a><br /> <a href='index.php'>Go Home</a>"; } } else { //Check if they have the max already. if($ir['loan'] == $maxloan) { printf('You have already taken out the max loan. You must pay it back before you can borrow more. '); echo"<a href='bank.php?action=repay'>Repay</a>"; exit(); } $amount_left = $maxloan - $ir['loan']; printf('The max amount you can borrow is $'.number_format($amount_left).' '); printf('You currently have a loan of $'.number_format($ir['loan']).' '); printf('<form action="bank.php?action=borrow" method="post">'); echo "Amount: <input type='text' style='font-family:verdana;color:black;' value=''.$amount_left.'' name='borrowed' />"; echo"<input type='submit' style='font-family:verdana;color:black;' value='Borrow' />"; printf('</form>'); } } function repay_money_start() { global $ir,$db; //Again added post here to remove another switch that is not needed. if(isset($_POST['repayed'])) { //Stop from paying to much. if($_POST['repayed'] > $ir['loan']) { printf('Seems you are trying to pay back to much. '); echo"<a href='bank.php?action=repay'>Go Back</a>"; } else if(!ereg("[0-9]",$_POST['repayed'])) { printf('Sorry, it seems something went wrong. Please go back and try again. '); echo"<a href='bank.php?action=repay'>Go Back</a>"; } else if($_POST['repayed'] > $ir['money']) { printf('Seems you do not have enough money to pay back that amount. '); echo"<a href='bank.php?action=repay'>> Go Back</a>"; } else { $update_user = sprintf("UPDATE users SET loan = loan - %u, money = money - %u WHERE userid = %u",abs(@intval($_POST['repayed'])),abs(@intval($_POST['repayed'])),abs(@intval($ir['userid']))); mysql_query($update_user); printf('You just payed back the loan department '.number_format($_POST['repayed']).'. '); echo"<a href='bank.php'> Go Back</a>"; } } else { if($ir['loan'] == 0) { printf('It seems you do not have a loan. '); echo"<a href='bank.php'>Go Back</a>"; } else { printf('You have a loan of $'.number_format($ir['loan']).' '); printf('<form action="bank.php?action=repay" method="post">'); printf('Amount: <input type="text" style="font-family:verdana;color:black;" value="'.$ir['loan'].'" name="repayed" /> '); printf('<input type="submit" style="font-family:verdana;color:black" value="Repay" />'); printf('</form>'); } } } $h->endpage(); ?>

ok i'll re upload my gl engine get the file names an post them. was such an easy fix when first found them was not going to post here till i thought bout there might be someone here that don't know the fix.

simple fix at the top of the file if it is not there put <?include"safe/connect.php"; ?> [php] at the top of the file if it is not there if it is check the path.

this 1 is V1 and works. <?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); $_GET['ID'] = abs((int) $_GET['ID']); if(!$_GET['ID']) { print "Invalid use of file"; } else { $i=mysql_query("SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid"); } if(mysql_num_rows($i) == 0) { print "Invalid item ID"; } else { $r=mysql_fetch_array($i); if($r['itmname'] == 'Pack 1' and ($r['inv_qty']) >1) { mysql_query("UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}"); } else if($r['itmname'] == 'Pack 1' and ($r['inv_qty']) <2) { mysql_query("DELETE FROM inventory WHERE inv_id={$_GET['ID']}"); } mysql_query("UPDATE users SET money=money+5000 WHERE userid=$userid"); mysql_query("UPDATE users SET donatordays=donatordays+30 WHERE userid=$userid"); mysql_query("UPDATE users SET crystals=crystals+50 WHERE userid=$userid"); mysql_query("UPDATE userstats SET IQ=IQ+50 WHERE userid=$userid"); print "You have used the pack, thanks for helping the game!"; } $h->endpage(); ?>

instead of creating a ton of multis in a game you may want to study to learn what you are trying to do. Sad thing is your multi's had no effect. As you attacked a game in development that gets backed up every 5-10 minutes after changes. i wouldnt help this script kiddie infact here is his ip's do your self a favor and block him. he is just a wanna be don't even use proxies. i could help you but not wasting my time with you.   Edit: (Djkanna) Removed the link to your cpanel, pop up boxes asking for info isn't something that I'd like to see whilst trying to read.

<?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); ($ir['hospital'] ? die("This page cannot be accessed while in hospital.") : FALSE); $statnames = array ( 'Strength' => 'strength', 'Agility' => 'agility', 'Guard' => 'guard', 'Labour' => 'labour' ); $_POST['amnt'] = (!empty($_POST['amnt']) && ctype_digit($_POST['amnt']) && isset($_POST['amnt']) ? abs(@intval($_POST['amnt'])) : ""); $_POST['stat'] = (!empty($_POST['stat']) && ctype_alpha($_POST['stat']) && isset($_POST['amnt']) ? htmlentities(trim($_POST['stat'])) : ""); $gymname = ($ir['jail'] ? "Jail Gym" : "Gym"); echo "<h1> {$gymname} </h1>"; if($_POST['stat'] && $_POST['amnt']) { $stat = $statnames[$_POST['stat']]; (!$stat ? die("This stat cannot be trained or it does not exist") : FALSE); if($_POST['amnt'] > $ir['energy']) { echo "You do not have enough energy to train that much"; } else { $gain = 0; for($i=0; $i<$_POST['amnt']; $i++) { $gain += mt_rand(1,3) / mt_rand(800,1000) * mt_rand(800,1000) * (($ir['will'] + 20) / 150); $ir['will'] -= mt_rand(1,3); ($ir['will'] < 0 ? $ir['will'] = 0 : $ir['will'] = $ir['will']); } ($ir['jail'] ? $gain /= 2 : FALSE); $statUp = sprintf("UPDATE `userstats` SET `%s` = `%s` + %d WHERE (`userid` = %u)", $stat, $stat, abs(@intval($gain)), abs(@intval($userid))); $do_statUp = mysql_query($statUp); if($do_statUp === FALSE) { echo "".mysql_error().""; } $adjUser = sprintf("UPDATE `users` SET `will` = %d, `energy` = `energy` - %d WHERE (`userid` = %u)", abs(@intval($ir['will'])), $_POST['amnt'], abs(@intval($userid))); $do_adjUser = mysql_query($adjUser); if($do_adjUser === FALSE) { echo "".mysql_error().""; } $inc = abs(@intval($ir[$stat] + $gain)); $inc2 = abs(@intval($ir['energy'] - $_POST['amnt'])); if($stat == "strength") { printf(" You begin lifting some weights. You have gained %d strength, by doing %d sets of weights. You now have %d strength and %d energy left. </p>", abs(@intval($gain)), $_POST['amnt'], $inc, $inc2); $_SESSION['checked'] = 1; } elseif($stat == "agility") { printf(" You begin running on a treadmill. You have gained %d agility, by doing %d minutes of running. You now have %d agility and %d energy left. </p>", abs(@intval($gain)), $_POST['amnt'], $inc, $inc2); $_SESSION['checked'] = 2; } elseif($stat == "guard") { printf(" You jump into the pool, and begin swimming. You have gained %d guard, by doing %d minutes of swimming. You now have %d guard and %d energy left. </p>", abs(@intval($gain)), $_POST['amnt'], $inc, $inc2); $_SESSION['checked'] = 3; } elseif($stat == "labour") { printf(" You walk over to some boxes filled with gym equipment and start moving them. You have gained %d labour, by moving %d boxes. You now have %d labour and %d energy left. </p>", abs(@intval($gain)), $_POST['amnt'], $inc, $inc2); $_SESSION['checked'] = 4; } $ir['energy'] -= $_POST['amnt']; $ir[$stat] += $gain; } } $checked1 = (($_SESSION['checked'] == 1) ? "checked='checked' />" : "/>"); $checked2 = (($_SESSION['checked'] == 2) ? "checked='checked' />" : "/>"); $checked3 = (($_SESSION['checked'] == 3) ? "checked='checked' />" : "/>"); $checked4 = (($_SESSION['checked'] == 4) ? "checked='checked' />" : "/>"); $ir['strank'] = get_rank($ir['strength'],'strength'); $ir['agirank'] = get_rank($ir['agility'],'agility'); $ir['guarank'] = get_rank($ir['guard'],'guard'); $ir['labrank'] = get_rank($ir['labour'],'labour'); echo <<<EOF2 <style type="text/css"> legend { margin-left: 1em; color: #FFF; font-weight: bold; } fieldset ol { padding: 1em 1em 0 1em; list-style: none; } fieldset ol li { float: left; clear: left; width: 100%; padding-bottom: 0.5em; } label { float: left; width: 10em; margin-right: 1em; font-weight: bold; } fieldset.submit { float: none; width: auto; border-style: none; padding-left: 12em; background-color: transparent; background-image: none; } .padder { padding: 0 5px 15px 5px; } dl { width: 500px; } dt { float: left; width: 300px; } dd { float: right; width: 200px; margin-top: -11px; } </style> <h3> Choose the stat you want to train and the times you would like to train it</h3> <h3> You can train up to {$ir['energy']} times </h3> <div class="padder"> <fieldset> <legend> Gym </legend> <form action="gym.php" method="POST"> [list=1] [*] <label for="strength"> Strength (Have {$ir['strength']}, Ranked {$ir['strank']}) </label> <input type="radio" name="stat" value="Strength" $checked1 [*] <label for="agility"> Agility (Have {$ir['agility']}, Ranked {$ir['agirank']}) </label> <input type="radio" name="stat" value="Agility" $checked2 [*] <label for="guard"> Guard (Have {$ir['guard']}, Ranked {$ir['guarank']}) </label> <input type="radio" name="stat" value="Guard" $checked3 [*] <label for="labour"> Labour (Have {$ir['labour']}, Ranked {$ir['labrank']}) </label> <input type="radio" name="stat" value="Labour" $checked4 [*] <label for="amnt"> Times to Train </label> <input type="text" name="amnt" value="{$ir['energy']}" /> [*] <input type="submit" class="submit" value="Train" /> [/list] </form> </fieldset> EOF2; $h->endpage(); ?>

works well

I was thinking it would be nice to be able to sell the crystals/points in the item market like you could weapons and such thought it would be like 3 lines of code but that could be why i messed up last merge but this does work great the way it is. Thanks Lithium for letting me know it would be a major rewrite.

Can someone help me merge this with the crystal market? I have tried merging files before but still learning and i had major issues with last merge.

i had alittle issue getting it to work right. So before i had came and asked for help i was trying anything i could think of to get it going. after i came here got help i didn't want to change anything and mess it up again.

Got it working 100% i'll edit top post so whoever wants to use it they can.

Ok thanks you guys that got the error gone and thanks Lacey for the explanation that helped to really appreciate it. Mods please move this to the right forum sorry for posting in the wrong spot.

Removed due to bugs i didn't see till told of them sorry will re do it then bring back.

Thanks cmark that was the problem i had. :D