Jump to content
MakeWebGames

modernmafia

Members
 View Profile  See their activity

  • Posts

    188

  • Joined

  • Last visited

modernmafia's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. modernmafia
    how do you know its vulnerable ?
  2. modernmafia
    like what i see hope it goes well
  3. modernmafia
    also a suggestion on what permission to use
  4. modernmafia
      how do you go about doing this and is any one good at spotting loop whole or can look at the game online and suggest areas of improvement
  5. modernmafia
    Thanks for your help you two :)
  6. modernmafia
    would you suggest i re-add the user to my database and click the following options you have suggested ( in your opinion what would you do ) thanks for reply also
  7. modernmafia
    i ticked all boxes as i was unsure what not to tick
  8. modernmafia
    recently i have had some guy called millo or milo attack my games db he is able to change/alter things how can i secure my database for attacks also advice when adding a user to a db what should/ shouldnt be ticked [ATTACH=CONFIG]634[/ATTACH]
  9. modernmafia
    Bullet Store   <?php error_reporting(0); session_start(); include_once "includes/db_connect.php"; include_once "includes/functions.php"; logincheck(); $username=$_SESSION['username']; $fetch= mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); $fetch_owner=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$RPS->owner'")); ?> <? if ($site->gupdate == "1"){ echo "<link href='style.css' rel='stylesheet' type='text/css'><center><div class='update'>$site->gupdatetext</div></center> <br>"; } ?> <link href='style.css' rel='stylesheet' type='text/css'> <script type="text/javascript" src="/js/select.js"></script> <style type="text/css"> .select, .selected { width: 110px; padding: 10px; } </style> <?php if($_GET['buyfactory']){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if($bf->owner == "0"){ if($info->money < 25000000){ echo "<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You dont have £25,000,000 to purchase this factory!</td></tr></table>"; }else{ mysql_query("UPDATE users SET money=money-25000000 WHERE username='$username'"); mysql_query("UPDATE bf SET owner='$username' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$fetch->location'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>Your now the owner of $fetch->location bullet factory!</td></tr></table>"; }}} ?> <?php if($_GET['drop']){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location' AND owner='$username'")); if ($bf->owner == $username) { mysql_query("UPDATE bf SET owner='0' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$fetch->location'"); echo"<br><div class=success>You have dropped the bullet factory in $fetch->location!<br><br>"; }} ///////////////////////////////////////////////////// if(strip_tags($_POST['submit'])){ $type=$_POST['type']; $amount=strip_tags($_GET['amount']); if($type == "1"){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if ($bf->owner == $username) { echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy from your own factory!</td></tr></table><br>"; } elseif ($bf->owner != $username) { $amount=intval(strip_tags($_POST['amount'])); if ($amount == 0 || !$amount || ereg('[^0-9]',$amount)){ print " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy that amount!</td></tr></table><br>"; }elseif ($amount != 0 || $amount || !ereg('[^0-9]',$amount)){ $costs = $bf->jhpprice * $amount; if ($costs > $fetch->money){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You do not have enough money!</td></tr></table><br>"; }elseif ($costs <= $fetch->money){ if ($bf->jhpstock < $amount){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>There isn't enough JHP in stock for you to buy that amount!</td></tr></table><br>"; }elseif ($amount <= $bf->jhpstock){ mysql_query("UPDATE users SET money=money-$costs WHERE username='$username'"); mysql_query("UPDATE users SET JHP=JHP+$amount WHERE username='$username'"); mysql_query("UPDATE bf SET jhpstock=jhpstock-$amount WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit=profit+$cost WHERE location='$fetch->location'"); mysql_query("UPDATE users SET money=money+$costs WHERE username='$bf->owner'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0> <tr><td class=notice align=center><center><font color=green>You've bought ".makecomma($amount)." JHP for £".makecomma($costs)."!</td></tr></table><br>"; }}}}}} ///////////////////////////////////////////////// if($type == "2"){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if ($bf->owner == $username) { echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy from your own factory!</td></tr></table><br>"; } elseif ($bf->owner != $username) { $amount=intval(strip_tags($_POST['amount'])); if ($amount == 0 || !$amount || ereg('[^0-9]',$amount)){ print " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy that amount!</td></tr></table><br>"; }elseif ($amount != 0 || $amount || !ereg('[^0-9]',$amount)){ $costs = $bf->fmjprice * $amount; if ($costs > $fetch->money){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You do not have enough money!</td></tr></table><br>"; }elseif ($costs <= $fetch->money){ if ($bf->fmjstock < $amount){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>There isn't enough FMJ in stock for you to buy that amount!</td></tr></table><br>"; }elseif ($amount <= $bf->fmjstock){ mysql_query("UPDATE users SET money=money-$costs WHERE username='$username'"); mysql_query("UPDATE users SET FMJ=FMJ+$amount WHERE username='$username'"); mysql_query("UPDATE bf SET fmjstock=fmjstock-$amount WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit=profit+$cost WHERE location='$fetch->location'"); mysql_query("UPDATE users SET money=money+$costs WHERE username='$bf->owner'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0> <tr><td class=notice align=center><center><font color=green>You've bought ".makecomma($amount)." FMJ for £".makecomma($costs)."!</td></tr></table><br>"; }}}}} ?> <?php if($bf->owner == "0"){ echo "<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center>This bullet factory has no owner.<br> The price to buy this factory is £25,000,000.<br> <a href=?buyfactory=yes>Buy Bullet Factory</a></td></tr></table><br>";exit; } ?> <br> <form action='' method='post'> <input type="hidden" name="type" id="select" value="0"> <table width="400" align="center" cellspacing="0" class="table"> <tr class="header"><td colspan="2">Bullet Factory - Owner: <?php if($bf->owner == "0"){ echo "No Owner"; }else{ echo "Owned by <a href='profile.php?viewuser=$bf->owner'>$bf->owner</a>"; } ?></td></tr> <?php if($bf->producing == "yes"){ ?> <tr class="subhead"><td colspan="2" align="center">The stock will update in: <?php echo"".maketime($finds_status->bfstocktime).""; ?></td></tr> <? }else{ ?> <tr class="subhead"><td colspan="2" align="center">This bullet factory is currently not producing.</td></tr> <? } ?> <tr><td height="10"> </td></tr> <tr><td width='50%' align='center'><div id='1' value='1' class='action select' onclick='SelectOption(this.id, this.className);'><img src='images/items/jhp.png'><br>Jacketed Hollow Point<br>Stock: <?php echo "".number_format($bf->jhpstock).""; ?><br>Cost: <?php echo "£".number_format($bf->jhpprice).""; ?> / per bullet</div></td> <td width='50%' align='center'><div id='2' value='2' class='action select' onclick='SelectOption(this.id, this.className);'><img src='images/items/fmj.png'><br>Full Metal Jacketed<br>Stock: <?php echo "".number_format($bf->fmjstock).""; ?><br>Cost: <?php echo "£".number_format($bf->fmjprice).""; ?> / per bullet</div></td></tr> <tr><td height="10"> </td></tr> <?php if($username == $bf->owner){ ?> <tr><td class=notice colspan='5' align=center><center><font color=red>You cannot buy from your own Bullet Factory!</td></tr> <? }else{ ?> <tr><td align='center' colspan='2'>Bullets: <input type="text" name="amount" class="textbox" id="bullets" autocomplete="off" class="input"></td></tr> <tr><td align='center' colspan='2'><input type='submit' name='submit' class='button' value='Purchase'></td></tr> </table> <? } ?> </form> <table align="center"> <tr> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/jhp.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->JHP).""; ?> JHP!</td> </tr> </table> </td> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/fmj.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->FMJ).""; ?> FMJ!</td> </tr> </table> </td> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/gbullet.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->GoldenBullet).""; ?> Golden Bullets!</td> </tr> </table> </td> </tr> </table> Functions   FUNCTIONS   <?php error_reporting(0); session_start(); include_once "db_connect.php"; $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $site2=mysql_query("SELECT * FROM site_stats WHERE id='1' LIMIT 1"); $site = mysql_fetch_object($site2); $nowarnings5=mysql_num_rows(mysql_query("SELECT * FROM warnings WHERE username='$username'")); if($nowarnings5 > "2"){ mysql_query("UPDATE users SET status='Banned' WHERE username='$username'"); } $don=mysql_num_rows(mysql_query("SELECT * FROM donaters WHERE username='$username'")); $date = gmdate('Y-m-d h:i:s'); $latime = time(); if($site->doublexptime < "$latime" || $site->doublexptime == "0"){ mysql_query("UPDATE site_stats SET doublexp='OFF' WHERE id='1'"); } if (empty($_SESSION['username'])){ echo"<meta http-equiv='refresh' content='0;url=index.php'>"; session_destroy(); } elseif ($info->health <= "0"){ mysql_query("UPDATE users SET status='Dead' WHERE username='$username'"); session_destroy(); } elseif ($info->status == "Dead" || $info->status == "Banned"){ session_destroy(); echo "<b><font color=white>You have been Killed!"; exit(); } $crew_check =mysql_query("SELECT * FROM crews"); while($k = mysql_fetch_object($crew_check)){ $user=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$k->owner'")); $rhm=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$k->rhm'")); if ($user->status == "Dead" || $user->status == "Banned"){ if ($k->rhm != "0" && $rhm->status == "Alive"){ mysql_query("UPDATE crews SET owner='$k->rhm', rhm='0' WHERE name='$k->name'"); } elseif ($k->rhm == "0" || $rhm->status == "Dead" || $rhm->status == "Banned"){ mysql_query("UPDATE `users` SET `crew`='1' WHERE `crew`='$k->name'"); mysql_query("DELETE FROM crews WHERE name='$k->name'"); } } } $bba=mysql_query("SELECT * FROM bank"); while($nana =mysql_fetch_object($bba)){ $ppl=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$nana->owner'")); if ($ppl->status == "Dead" || $ppl->status == "Banned"){ mysql_query("UPDATE bank SET owner='0' WHERE id='$nana->id'"); } } $oc_query=mysql_query("SELECT * FROM oc"); while($ttfn = mysql_fetch_object($oc_query)){ $user_oc=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ttfn->leader'")); if ($user_oc->status == "Dead" || $user_oc->status == "Banned"){ mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->we'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->ee'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->driver'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->leader'"); mysql_query("DELETE FROM oc WHERE id='$ttfn->id'"); }} function logincheck(){ if (empty($_SESSION['username'])){ echo " <SCRIPT LANGUAGE='JavaScript'> window.location='index.php'; </script> "; exit(); }} ////UPDATE ONLINE $time = time() + (60 * 10); mysql_query("UPDATE users SET online='$time' WHERE username='$username'"); ///FINSH UPDATING ONLINE function makecomma($input) { if(strlen($input)<=3) { return $input; } $length=substr($input,0,strlen($input)-3); $formatted_input = makecomma($length).",".substr($input,-3); return $formatted_input; } function makesafe($text) { $text = addslashes(htmlspecialchars(strip_tags($text))); return $text; } function lang($text){ $smallwordsarray = array( 'of','a','the','and','an','or','nor','but','if','then','else','when', 'at','from','by','on','off','for','in','out','over','to','into','with' ); $words = explode(' ', $text); foreach ($words as $key => $word) { if ($key == 0 or !in_array($word, $smallwordsarray)) $words[$key] = ucwords(strtolower($word)); } $text = implode(' ', $words); return $text; } /////////NOW TO THE BB CODES ETC... function rankcheck(){ $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $date = gmdate('Y-m-d h:i:s'); if (($info->rank == "Dirty Cop") && ($info->rankpoints >= "100")){ $newrank="Scum"; $done="1"; $GP="0"; } elseif (($info->rank == "Scum") && ($info->rankpoints >= "200")){ $newrank="Criminal"; $done="1"; $GP="1"; } elseif (($info->rank == "Criminal") && ($info->rankpoints >= "300")){ $newrank="Vandal"; $done="1"; $GP="2"; } elseif (($info->rank == "Vandal") && ($info->rankpoints >= "500")){ $newrank="Arsonist"; $done="1"; $GP="3"; } elseif (($info->rank == "Arsonist") && ($info->rankpoints >= "800")){ $newrank="Thug"; $done="1"; $GP="4"; } elseif (($info->rank == "Thug") && ($info->rankpoints >= "1300")){ $newrank="Boss"; $done="1"; $GP="5"; } elseif (($info->rank == "Boss") && ($info->rankpoints >= "2100")){ $newrank="Assassin"; $done="1"; $GP="6"; } elseif (($info->rank == "Assassin") && ($info->rankpoints >= "3400")){ $newrank="Don"; $done="1"; $GP="7"; } elseif (($info->rank == "Don") && ($info->rankpoints >= "5500")){ $newrank="Godfather"; $done="1"; $GP="8"; } elseif (($info->rank == "Godfather") && ($info->rankpoints >= "8900")){ $newrank="Global Threat"; $done="1"; $GP="12"; } elseif (($info->rank == "Global Threat") && ($info->rankpoints >= "14400")){ $newrank="Global Dominator"; $done="1"; $GP="17"; } elseif (($info->rank == "Global Dominator") && ($info->rankpoints >= "23300")){ $newrank="Untouchable Godfather"; $done="1"; $GP="24"; } elseif (($info->rank == "Untouchable Godfather") && ($info->rankpoints >= "37700")){ $newrank="Man Of Honour"; $done="1"; $GP="31"; } elseif (($info->rank == "Man Of Honour") && ($info->rankpoints >= "61000")){ $newrank="Respectable Don"; $done="1"; $GP="54"; } elseif (($info->rank == "Respectable Don") && ($info->rankpoints >= "81000")){ $newrank="Legend"; $done="1"; $GP="78"; } elseif (($info->rank == "Legend") && ($info->rankpoints >= "129700")){ $newrank="Official MH Legend"; $done="1"; $GP="120"; } elseif (($info->rank == "Official MM Legend") && ($info->rankpoints >= "159000")){ $newrank="True MH Legend"; $done="1"; $GP="150"; } elseif (($info->rank == "True MM Legend") && ($info->rankpoints >= "2500000000")){ $newrank="True MH Legend"; $done="0"; $GP="260"; } if (!$done){ $done="0"; } if ($done == "1"){ mysql_query("UPDATE users SET rank='$newrank' WHERE username='$username'"); mysql_query("UPDATE users SET GP=GP+$GP WHERE username='$username'"); mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `date` , `read` , `saved` , `event_id` ) VALUES ('', '$username', '$username', '[center]Congratulations, You are now <b>$newrank</b><br> Keep it up for reaching this rank you earned $GP game points!', '$date', '0', '0', '')"); }} rankcheck();///////HOUSTON WE HAVE JAIL CHECK! $jail_check=mysql_query("SELECT * FROM jail"); while($monster=mysql_fetch_object($jail_check)){ if (time() > $monster->time_left){ mysql_query("DELETE FROM jail WHERE username='$monster->username'"); }} function maketime($last){ $timenow = time(); if($last>$timenow){ $order = $last-$timenow; while($order >= 60){ $order = $order-60; $ordermleft++; } while($ordermleft >= 60){ $ordermleft = $ordermleft-60; $orderhleft++; } if($ordermleft == 0){ $ordermleft = ""; } else { $ordermleft = "$ordermleft Minutes"; } if($orderhleft == 0){ $orderhleft = ""; } else { $orderhleft = "$orderhleft Hours"; } return "$orderhleft $ordermleft $order Seconds"; }} function loose_energy(){ $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $energy=$info->energy - rand(1,3); if ($energy <= "0"){ $update=health; $thing=$info->health - rand(1,3); $energy_new="0"; }elseif ($energy > "0"){ $update=energy; $thing=$info->energy - rand(1,3); } if (!$energy_new){ mysql_query("UPDATE users SET $update='$thing' WHERE username='$username'"); }elseif ($energy_new){ mysql_query("UPDATE users SET $update='$thing', energy='0' WHERE username='$username'"); } } $most_online=mysql_fetch_object(mysql_query("SELECT * FROM site_stats WHERE id='1'")); $timenow=time(); $now_online =mysql_num_rows(mysql_query("SELECT * FROM users WHERE online > '$timenow'")); if ($now_online > $most_online->online){ mysql_query("UPDATE site_stats SET online='$now_online' WHERE id='1'"); } $drop =mysql_query("SELECT * FROM casinos"); while($tard=mysql_fetch_object($drop)){ $per = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard->owner'")); if ($per->status == "Dead" || $per->status == "Banned"){ mysql_query("UPDATE casinos SET owner='0' WHERE casino='$tard->casino' AND owner='$tard->owner'"); } } $drop_bar =mysql_query("SELECT * FROM bar"); while($tard_bar=mysql_fetch_object($drop_bar)){ $per_bar = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_bar->owner'")); if ($per_bar->status == "Dead" || $per_bar->status == "Banned"){ mysql_query("UPDATE bar SET owner='0' WHERE owner='$tard_bar->owner'"); } } $drop_crew =mysql_query("SELECT * FROM crews"); while($tard_crew=mysql_fetch_object($drop_crew)){ $per_crew = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_crew->owner'")); if ($per_bar->status == "Dead" || $per_bar->status == "Banned"){ mysql_query("UPDATE crew SET owner='$tard_bar->rhm', rhm='' WHERE owner='$tard_bar->owner'"); } } $drop_bf =mysql_query("SELECT * FROM bf"); while($tard_bf=mysql_fetch_object($drop_bf)){ $per_bf = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_bf->owner'")); if ($per_bf->status == "Dead" || $per_bf->status == "Banned"){ mysql_query("UPDATE bf SET owner='0' WHERE owner='$tard_bf->owner'"); } } if ($info->banktime <= time() && $info->bank > "0"){ $nmoney = 10 * $info->bank / 100; $money_in = $info->bank + $nmoney; $money_in= round($money_in); $recieve = $info->money + $money_in; mysql_query("UPDATE users SET money = '$recieve', bank='0', banktime='0' WHERE username='$username'"); } $drop_und =mysql_query("SELECT * FROM shop"); while($tard_und=mysql_fetch_object($drop_und)){ $per_und = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_und->owner'")); if ($per_und->status == "Dead" || $per_und->status == "Banned"){ mysql_query("UPDATE shop SET owner='0' WHERE owner='$tard_und->owner'"); } } $user_info=mysql_fetch_object(mysql_query("SELECT * FROM user_info WHERE username='$username'")); if ($user_info->jail_able == "1" && $user_info->jail_untill <= time()){ mysql_query("UPDATE user_info SET jail_able='0' WHERE username='$username'"); } $user_****=mysql_fetch_object(mysql_query("SELECT * FROM user_info WHERE username='$username'")); if ($user_****->last_respect < time() && $fetch->rank != "Tramp"){ if ($info->rank == "Paper Kid"){ $new_res="1"; }elseif($info->rank == "Theif"){ $new_res="2"; }elseif($info->rank == "Robber"){ $new_res="3"; }elseif($info->rank == "Gangster"){ $new_res="4"; }elseif($info->rank == "Associate"){ $new_res="5"; }elseif($info->rank == "Piciotto"){ $new_res="6"; }elseif($info->rank == "Made Man"){ $new_res="7"; }elseif($info->rank == "Capo"){ $new_res="8"; }elseif($info->rank == "Consigliere"){ $new_res="9"; }elseif($info->rank == "Underboss"){ $new_res="10"; }elseif($info->rank == "Druglord"){ $new_res="11"; }elseif($info->rank == "Godfather"){ $new_res="12"; } $now=time() + (3600 * 24 * 7); mysql_query("UPDATE user_info SET respect='$new_res', last_respect='$now' WHERE username='$username'"); } $bulletq=mysql_query("SELECT * FROM bf WHERE producing='yes'"); $bulletf = mysql_fetch_object($bulletq); $site_status=mysql_query("SELECT * FROM site_stats WHERE id='1'"); $finds_status = mysql_fetch_object($site_status); $fetch_owner=mysql_query("SELECT * FROM users WHERE username='$bulletf->owner'"); $fetch_owner_money = mysql_fetch_object($fetch_owner); if ($finds_status->bfstocktime < time()){ $newstocktime = time() + 3600; $newjhp=$bulletf->jhpstock+$finds_status->jhpupdate; $newfmj=$bulletf->fmjstock+$finds_status->fmjupdate; $newfmjcost=$finds_status->fmjupdate*2000; $newjhpcost=$finds_status->jhpupdate*2000; $newbmoney=$newfmjcost+$newjhpcost; if($fetch_owner_money->money > "$newbmoney"){ mysql_query("UPDATE bf SET jhpstock='$newjhp', fmjstock='$newfmj' WHERE owner!='0'"); mysql_query("UPDATE users SET money=money-$newbmoney WHERE username='$bulletf->owner'"); } mysql_query("UPDATE site_stats SET bfstocktime='$newstocktime' WHERE id='1'"); } if ($finds_status->xpcompstart < time() && $finds_status->xpcompstatus == "1"){ mysql_query("UPDATE site_stats SET xpcompstatus='2' WHERE id='1'"); $newcompytimez = time() + $finds_status->xpcomplength; mysql_query("UPDATE site_stats SET xpcompstart='$newcompytimez' WHERE id='1'"); } if ($finds_status->xpcompstart < time() && $finds_status->xpcompstatus == "2"){ mysql_query("UPDATE site_stats SET xpcompstatus='3' WHERE id='1'"); } if ($finds_status->killstimer < time()){ $newskillstime = time() + 43200; mysql_query("UPDATE site_stats SET killstimer='$newskillstime' WHERE id='1'"); mysql_query("UPDATE site_stats SET daykills='0' WHERE id='1'"); } ?>   BULLET FACTORY CP   <?php error_reporting(0); session_start(); include_once "includes/db_connect.php"; include_once "includes/functions.php"; logincheck(); $username=$_SESSION['username']; $location=$_GET['location']; $bfcheck=mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$location'")); if (!$bfcheck){ echo "<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>No Such Country!</td></tr></table>";exit; exit(); } if($username != "$bfcheck->owner"){ mysql_query("UPDATE bf SET owner='0' WHERE location='$location'"); echo"<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You don't own $location Bullet Factory!</td></tr></table>";exit; } if($_GET['drop']){ mysql_query("UPDATE bf SET owner='0' WHERE location='$location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$location'"); echo"<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You dropped $location Bullet Factory!</font></td></tr></table>";exit; } $jhpsellamount = $bfcheck->jhpstock * $bfcheck->jhpprice; $fmjsellamount = $bfcheck->fmjstock * $bfcheck->fmjprice; $fetch= mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if(strip_tags($_POST['submit'])){ $jhpprice=$_POST['jhpprice']; $fmjprice=$_POST['fmjprice']; $pro=$_POST['pro']; if($jhpprice > 4500){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The maximum price for JHP is £4,500!</font></td></tr></table><br>"; }elseif($jhpprice < 4000){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The minimum price for JHP is £4,000!</font></td></tr></table><br>"; }elseif($fmjprice > 5000){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The maximum price for FMJ is £5,000!</font></td></tr></table><br>"; }elseif($jhpprice < 4500){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The minimum price for FMJ is £4,500!</font></td></tr></table><br>"; }else{ mysql_query("UPDATE bf SET jhpprice='$jhpprice' WHERE location='$location'"); mysql_query("UPDATE bf SET fmjprice='$fmjprice' WHERE location='$location'"); mysql_query("UPDATE bf SET producing='$pro' WHERE location='$location'"); echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>You successfully updated your Bullet Factory prices!</font></td></tr></table><br>"; }} if($bfcheck->producing == "yes"){ $chicken=" <option value='yes'>Yes</option> <option value='no'>No</option> "; }elseif($bfcheck->producing == "no"){ $chicken=" <option value='no'>No</option> <option value='yes'>Yes</option> "; } ?> <link href='style.css' rel='stylesheet' type='text/css'> <script type="text/javascript" src="/js/select.js"></script> <script type="text/javascript" src="/js/money_input.js"></script> <style type="text/css"> .select, .selected { width: 110px; padding: 10px; } </style> <body> <form method="POST"> <table width="300" align="center" cellspacing="0" class="table"> <tr><td class="header" colspan="5"><?php echo"$location"; ?> - Bullet Factory CP</td></tr> <tr><td height="25" align="right">Profit:</td> <td align="center">£<?php echo "".number_format($bfcheck->profit).""; ?></td></tr> <tr><td height="25" align="right">JHP Stock:</td> <td align="center"><?php echo"$bfcheck->jhpstock"; ?> (£<?php echo "".number_format($jhpsellamount).""; ?>)</td></tr> <tr><td height="25" align="right">FMJ Stock:</td> <td align="center"><?php echo"$bfcheck->fmjstock"; ?> (£<?php echo "".number_format($fmjsellamount).""; ?>)</td></tr> <tr><td height="25" align="right">JHP Cost:</td> <td align="center"><input type="text" class="textbox" name="jhpprice" id="cost_jhp" value='<?php echo"$bfcheck->jhpprice"; ?>' class="input"></td><td></tr> <tr><td height="25" align="right">FMJ Cost:</td> <td align="center"><input type="text" class="textbox" name="fmjprice" id="cost_fmj" value='<?php echo"$bfcheck->fmjprice"; ?>' class="input"></td></tr> <tr><td height="25" align="right">Producing:</td> <td align="center"><select name="pro" class="textbox"> <?php echo"$chicken"; ?> </select></td></tr> <tr><td height="25" colspan="2" align="center"><a href="?location=<?php echo"$location"; ?>&drop=yes">Drop Property</a></td></tr> <tr><td height="25" align="center" colspan="2"><input type="submit" name="submit" class="button" value="Submit"></td></tr> </table> </form> <br> </body>     The Problem is that my englanf bf keeps dropping and i dont know why any suggestion ( the user is alive that own and he has enough cash to hold it to )
  10. modernmafia
    ill see how it goes
  11. modernmafia
      Apache version 2.2.22 PHP version 5.3.15 MySQL version 5.5.24-cll
  12. modernmafia
    if i change line 81 to session_start('username'); will that be ok as its starting/resuming the session of the login   cause it prevents me from login in and hjust comes up with the error
  13. modernmafia

    another problem

    modernmafia posted a topic in PHP

    <?php if (file_exists('offyes1.php')) { die("<meta http-equiv='refresh' content='1;url=comingsoon.php'>"); } session_start(); include_once"includes/db_connect.php"; if (strip_tags($_GET['logout']) == "yes"){ session_destroy(); echo "<meta http-equiv='refresh' content='1;url=index.php'>"; }else{ $ip = $_SERVER['REMOTE_ADDR']; $getip = mysql_query("SELECT * FROM `adminbans` WHERE `ip` = '$ip'"); if(mysql_num_rows($getip) > 0){ session_start(); echo "<meta http-equiv=\"refresh\" content=\"0;URL=ipbanned.php\">"; } if($row['ip'] == $_SERVER['REMOTE_ADDR']){ echo"<title>Modern-Mafia - Login</title>"; }elseif (isset($_SESSION['username'])){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=logged_in.php\">"; exit(); } if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){ $username = addslashes(strip_tags($_POST['username'])); $password = addslashes(strip_tags($_POST['password'])); $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1"); $login_check = mysql_num_rows($sql); $inf = mysql_fetch_object($sql); if ($login_check == "0"){ $message="Your Username & Password Do Not Match Or You Do Not Have An Account"; }elseif ($login_check != "0"){ if ($login_check > "0"){ if ($inf->status == "Dead"){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=dead.php\">"; exit(); } if ($login_check > "0"){ if ($inf->status == "Banned"){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=banned.php\">"; exit(); }} session_register('username'); $_SESSION['username'] = $inf->username; $timestamp = time()+120; mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'"); mysql_query("UPDATE users SET l_ip='$ip' WHERE username='$username'"); echo "<meta http-equiv=\"refresh\" content=\"0;URL=logged_in.php\">"; } else { $message= "You could not be logged in.<br />"; }}} $timenow=time(); $select = mysql_query("SELECT * FROM users WHERE online > '$timenow' ORDER by 'rank' DESC"); $num = mysql_num_rows($select); $iti=mysql_fetch_object(mysql_query("SELECT * FROM site_stats WHERE id='1'")); $most=$iti->online; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Hidden - Multiplayer Online RPG Mafia Game</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" > <META name="keywords" content="Hidden , Hidden ,Hidden "> <meta name="description" content="Create a war, rule the world and show that you have what it takes to be the best. Kill or be killed in this Massive Online text-based Mafia Game."> <link REL="SHORTCUT ICON" HREF="icon.png"> <link href="loginstyle.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- a:hover { color: #999999; text-decoration: underline; } a:link { text-decoration: none; } a:visited { text-decoration: none; } a:active { text-decoration: none; } --> </style></head> <body> <div id="container"> <div id="header"> <div id="banner"> <br><br> <p></p> </div> <div id="menu"> <ul> <li class='selected'><a href="index.php">Home</a></li> <li ><a href="registernew.php">Register</a></li> <li ><a href="forgotpasswordnew.php">Forgot Password</a></li> <li ><a href="tosnew.php">Terms of Service</a></li> </ul> </div> <div style="clear: both"></div> </div> <div id="content-container"> <div id="content"> <center> <div class="login"> <p>Welcome to Hidden , use the form below to login if you are a returning member..</p> <div class="login-form"> <form action="" method="post"> <form name="form1" method="post" action=""> <label>Username:</label><br> <input name="username" type="text" class="textinput" id="username" value="" size="" maxlength="40" /><br> <label>Password:</label><br> <input name="password" type="password" class="textinput" id="password2" value="" size="" maxlength="40" /> <input type="submit" name="Submit" class="login-button" value="Login" /> </form> <font color=white></div> <div class="tools"> <ul> <li><a href="registernew.php">- Register an account</a></li> <li><a href="forgotpasswordnew.php">- Forgot Password</a></li> <li><a href="tosnew.php">- Terms of Service</a></li> </ul> </div> <div style="clear: both;"></div> </div> <div class="content_text"> <script> $("button").click(function () { $("t").toggle("slow"); }); </script> <div class="text"> <p><strong>Hidden </strong> is a new Text-Based Mafia MMORPG Game. The aim is to rank up, control your turf, make money and rule the world! The online mafia-themed game is new and will have thousands playing till midnight. We pride ourselves on a great, growing community which is constantly expanding and we provide unique features and regular updates so your never left with nothing todo and we keep you updated about it too! </p> <p><a href="registernew.php">Click here</a> to join the game that will have you playing past midnight.</p></div></div> </center> </t> </div> <div id="footer"> <div class="login-form"> <div id="footer"> <p>Hidden - Copyright 2011-2012<center><font color=white> </p> </div> </div> </div> </body> </html> <? } ?>   any ideas on this problem   Fatal error: Call to undefined function session_register() in /home/modernma/public_html/index.php on line 81
  14. modernmafia

    need help

    modernmafia replied to modernmafia's topic in PHP

    ill give mysqli a go and keep you update thanks for the advice and your time
  15. modernmafia

    need help

    modernmafia replied to modernmafia's topic in PHP

    check and there no spaces ?
×
×
  • Create New...