gazsr123

Nice modification mate, however it would be useless without house sharing really, so maybe you should think about inserting that too your marriage. :)

Nice work, but would be pointless without house sharing.

That didn't solve the problem. Their already is 2 } before ?>

When I use paddytm's version I get the error:   Parse error: syntax error, unexpected $end in /home/theghetto/public_html/sendcash.php on line 138   and that line is ?> so I don't know what the error is.

Hi guys thanks for the support I finally fixed the error, it was just a few mins job and a litle mistake I found.

Okay lol. Shall i post the send cash logs bud?

my staff protected file is only used on staff.php so it doesn't interfere with the logs + it doesnt have no $ip inside the file as it's only some html.

Nope. The only edits I done was created a staff password file and edited the dp's.

Hi I done that, however still on the cash and crystals logs it shows all transfers as MULTI'S when I even sent other staff money to test.

In my register I also have:   $IP = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; twice..   so may the problem because of this i have in my register authenticate.php ?

But if I replace that with the code you said, will not prevent the admin hack? Also I did it but still saying MULTI in the logs and I retested by sending accs money. However it's because I followed a security tutorial on MWG. Although in my authenticate.php I have this:   $_SESSION['userid']=$mem['userid']; $IP = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];

I remember inserting this into my header to stop admin hacks:   $ip = mysql_real_escape_string($ip); if ( isset($_SESSION['HTTP_USER_AGENT']) ) { if ( $_SESSION['HTTP_USER_AGENT'] != sha1( $_SERVER['HTTP_USER_AGENT'] )) { session_unset(); session_destroy(); header("Location: login.php"); } } else { $_SESSION['HTTP_USER_AGENT'] = sha1( $_SERVER['HTTP_USER_AGENT'] ); }

What do you mean mate?

Hi It seems that whenever anyone sends any game money or crystals to another member, it classes them as a MULTI in the cash and crystal logs. I have the basic V2 sendcrys.php and the sendcash.php and I am not sure how to fix this problem. Some help would be great. Thanks. :)

Right cheers for that guys. :) I've looked on some articles and finally secured some places and will continue to you.