Diesl

Good luck to you. Sounds like you have a good understanding of what you want and how you want to do it.

I hope that's not what you charge in Switzerland, or else you're on the low end! The company that manages my company's website charges upwards of 150chf/hour.

Or you compress your code and it wouldn't matter.

It's a good idea, but it would be better coded if it were designed for expansion. If I wanted to add another merit, I would have to create another column in the users table and add more if statements to the code. Not exactly ideal, especially if you have many many merits. Something to consider.

I was already surprised that you invited him to be part of your team Dreamcoder. His lack of professionalism on the forum, and the fact that he was trying to sell a game in a really shady way should have set off some alarms. I foresaw something like this happening. scorpiic, is there really a need to create this dramatic thread? Did you really need to announce to the world that you're leaving this "company"? First you slam him and his company, then you say basically say "but no disrespect! You should still work with him!". Right. Next thing is that you complain about not making any money, but then you are going to start a company and release a free game engine? You sound a bit hypocritical.

@LegendFTW - Are you sure that you have items with itmtype=9 in your database? It still looks to me as if you are returning nothing and your array is empty. @lucky: that defeats the purpose of what he's doing. It would just declare an array inside another array and give an error when inputting into the databse. @blade: he is using this method because it randomizes which items will be put into pstock database. There are more efficient ways to do this, such as: $er=$db->query("SELECT itmid FROM items WHERE itmtype=9 ORDER BY rand() LIMIT 26",$c); while($r=$db->fetch_row($er)) { $db->query("INSERT INTO pstock VALUES('','','{$r['itmid']}','','230000')"); }   However, the code he is using is still valid.

I think this is best answered with this quote: "You cannot always be sure that the data in the database is sanitized data. You cannot guarantee that it came from the sources we anticipated the data to come from. There is a chance that the data ended up in the database through a path where you have not placed your input sanitizer. What if a user directly edited the database to add some data? What if there are loopholes in your sanitizer? What if the data was placed by an SQL injection attack against your database? All these points tell us that we need to sanitize user data where it is being used – that is in the output stage." http://www.diovo.com/2008/09/sanitizing-user-data-how-and-where-to-do-it/

Are you sure you are actually fetching any data? From what I can see, the code is correct, but it could be that your array is empty. Use this to test while($r=mysql_fetch_array($er)) { $petid[$r['itmid']]++; } print_r($petid);   Is anything being printed out? If it is, you should have something in the format of: ex. Array ( [1] => 1 [2] => 1 [5] => 1 [6] => 1 [7] => 1 [8] => 1 [9] => 1 ) If nothing is being printed, then your array is empty, and the problem is that you are not actually fetching any data (could be a problem with your SQL query, or that you haven't entered any content into your database).

If you're going to release a mod, it would be better if you released it with all the necessary elements that make it a good quality mod. - basic security (users may have their own security functions but you don't sanitize inputs at all) - filtering (you're not checking for unwanted/empty input) - optimizing your queries - grammar check? (line 105 and 161 for example) - time of wall post/comment post? - closing all of your <tr> tags The idea itself is good, but could be done better if you spent more time and care with it. Also, you may want to look into giving the user privacy options. It's a big deal with social media platforms like facebook, I'm sure that sometime down the road, you would face it with this mod.

Can you provide information on how it is unique? Can you elaborate any more information on your game? Also, why is now worth $250 when you were trying to sell it for $35 a little more than 3 weeks ago?

http://www.mpog100.com/ http://www.gamesites200.com/mpog/ http://www.hotrpgames.com

Looks awesome. Who does your art?

I'm pretty sure that since the cron_hour code is not able to reference the gangID that the problem lies with this line: $q=$db->query("SELECT * FROM oclist ol LEFT JOIN orgcrimes oc ON ol.oclOC = oc.ocID LEFT JOIN gangs g ON g.gangID = ol.oclGANG WHERE ol.oclTIME <= '0'") or die(mysql_error());   use this instead $q=$db->query("SELECT ol.*, g.gangID FROM oclist ol LEFT JOIN orgcrimes oc ON ol.oclOC = oc.ocID LEFT JOIN gangs g ON g.gangID = ol.oclGANG WHERE ol.oclTIME <= '0'") or die(mysql_error());

@nationgamer my mistake, you are correct.

keep what you had originally, but your WHERE statement block should be WHERE m.gangid=g.gangID AND u.userid='".$ir['userid']."' your edited SQL code will not join your tables properly.

Not the most ideal way to solve your problem, but can you simply do;   $q=$db->query("SELECT userid FROM users"); $membs=max($db->num_rows($q), 1); $q=$db->query("SELECT userid FROM users WHERE bankmoney>-1"); $banks=max($db->num_rows($q), 1); $q=$db->query("SELECT userid FROM users WHERE gender='Male'"); $male=max($db->num_rows($q), 1); $q=$db->query("SELECT userid FROM users WHERE gender='Female'"); $fem=max($db->num_rows($q), 1);

You don't have any users with bank money (or bank accounts) as seen in lines 4-5. So $banks is equal to 0.

27 hours a day? That's awesome.

I think that logo would fit in about 7-10 years ago. It doesn't fit the style of logo's today. I think you would have been better of using a vector program for the logo. Your edges need to be smoother especially when using a hard drop shadow effect on the text. Same with your darker blue circle and "O" in the background.

Add this before the mysql_query echo $_GET['ID']." "; If you don't get a number or it's blank, then that is your problem. If you get a number, match that number to the inv_itemid field in the inventory table in your database where your userid is the inv_userid field, so run this SQL command without the brackets. [mysql]SELECT inv_userid, inv_itemid FROM inventory WHERE inv_userid=(enter your userid) AND inv_itemid=(enter the ID you are checking)[/mysql] If you are not returned a result, then that means you are missing it from your inventory.

Could you provide a link or reference to the thread that discusses this issue? Thanks.

You have 2 instances in your add() function that will give you that output. The first if(!mysql_num_rows($Data) || !ctype_digit($_GET['ID'])) { echo ('An error has occurred, please go back and try again.'); exit($h->endpage()); }   The second if(!in_array($_POST['time'], array('1Hour','6Hours','1Day','2Days'))) { echo ('An error has occured please go back and try again.'); exit($h->endpage()); }   First determine which one of these it is outputting to. Add giberish into one of the echos to see which one it is. If it's the first one, 2 possible scenarios. (1) mysql_num_rows is returning 0, which means it can not find a match for the selected item id in the items table or in the inventory table. (2) the ID being returned is a string that doesn't contain ALL integers. If its the second one, (3) $_POST['time'] has a value that is not in the array you defined here: array('1Hour','6Hours','1Day','2Days') My guess is that its most likely (1), but check those instances to be sure.

  <form action="highlow.php?action=bet" method="POST" > by doing "/>" at the end of that code bit, you are closing the form tag before you even are able to use any inputs.

This a filtering function that will only validate that the URL string is a valid link. It won't validate that the image exists on a remote server. I would use that as a pre-filter function before I ran the link through my url_exists function.     Agreed, that would be a good practice to use. For me, I allow my players to upload a link to an external image for a few different instances, so I need the function to be a bit more flexible.

Lets say that you are storing the URL address to an image file in your database, such as a users display picture, avatar, etc, that the user has added. You've already used php filter functions to make sure that the output to the image doesn't contain any harmful code and contains an image type extension, but have you checked if the image actually exists?? The best way to check if the remote image actually exists is to use a cURL.   function url_exists($url) { $curl = curl_init($url); curl_setopt($curl, CURLOPT_NOBODY, true); //don't fetch the actual page, you only want to check the connection is ok $result = curl_exec($curl); //do request $ret = FALSE; if ($result !== FALSE) { $statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE); //if request was ok, check response code if ($statusCode == 200) { $ret = TRUE; } //200 found, 400 not found } curl_close($curl); return $ret; }   This will send out a request to the image URL header and return true if the file exists or false if not. However, you need to make sure that you have cURL enabled on your server. Contact your server tech to enable it. If it is not enabled, you would get an error such as: Fatal error: Call to undefined function curl_init() The alternative method is using the php function file_get_contents()   function url_exists($url) { if(@file_get_contents($url,0,NULL,0,1)) { return TRUE; } else { return FALSE; } }   This will attempt to read the given file into a string, and if it is able to, return true, otherwise return false. The default is to download the entire file into a string, so make sure that the last parameter is set to 1, which only forces the function to only download 1 byte. I have used both methods, and cURL is much faster (many blogs will say the same). Rather than downloading to your site, the cURL will just make a connection request to the header (not the body) and check that way. If you're only checking one file, the speed difference will not be noticeable. It's when you start making multiple requests that a difference becomes apparent.   References http://stackoverflow.com/questions/981954/how-can-one-check-to-see-if-a-remote-file-exists-using-php http://php.net/manual/en/function.file-get-contents.php