modernmafia's Content - MakeWebGames

would you suggest i re-add the user to my database and click the following options you have suggested ( in your opinion what would you do ) thanks for reply also

September 12, 2012
16 replies

How to protect my db

modernmafia replied to modernmafia's topic in PHP

i ticked all boxes as i was unsure what not to tick

September 12, 2012
16 replies

recently i have had some guy called millo or milo attack my games db he is able to change/alter things how can i secure my database for attacks also advice when adding a user to a db what should/ shouldnt be ticked [ATTACH=CONFIG]634[/ATTACH]

September 12, 2012
16 replies

Property dropping ??

modernmafia posted a topic in Engine Support

Bullet Store <?php error_reporting(0); session_start(); include_once "includes/db_connect.php"; include_once "includes/functions.php"; logincheck(); $username=$_SESSION['username']; $fetch= mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); $fetch_owner=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$RPS->owner'")); ?> <? if ($site->gupdate == "1"){ echo "<link href='style.css' rel='stylesheet' type='text/css'><center><div class='update'>$site->gupdatetext</div></center> <br>"; } ?> <link href='style.css' rel='stylesheet' type='text/css'> <script type="text/javascript" src="/js/select.js"></script> <style type="text/css"> .select, .selected { width: 110px; padding: 10px; } </style> <?php if($_GET['buyfactory']){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if($bf->owner == "0"){ if($info->money < 25000000){ echo "<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You dont have £25,000,000 to purchase this factory!</td></tr></table>"; }else{ mysql_query("UPDATE users SET money=money-25000000 WHERE username='$username'"); mysql_query("UPDATE bf SET owner='$username' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$fetch->location'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>Your now the owner of $fetch->location bullet factory!</td></tr></table>"; }}} ?> <?php if($_GET['drop']){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location' AND owner='$username'")); if ($bf->owner == $username) { mysql_query("UPDATE bf SET owner='0' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$fetch->location'"); echo"<br><div class=success>You have dropped the bullet factory in $fetch->location!<br><br>"; }} ///////////////////////////////////////////////////// if(strip_tags($_POST['submit'])){ $type=$_POST['type']; $amount=strip_tags($_GET['amount']); if($type == "1"){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if ($bf->owner == $username) { echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy from your own factory!</td></tr></table><br>"; } elseif ($bf->owner != $username) { $amount=intval(strip_tags($_POST['amount'])); if ($amount == 0 || !$amount || ereg('[^0-9]',$amount)){ print " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy that amount!</td></tr></table><br>"; }elseif ($amount != 0 || $amount || !ereg('[^0-9]',$amount)){ $costs = $bf->jhpprice * $amount; if ($costs > $fetch->money){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You do not have enough money!</td></tr></table><br>"; }elseif ($costs <= $fetch->money){ if ($bf->jhpstock < $amount){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>There isn't enough JHP in stock for you to buy that amount!</td></tr></table><br>"; }elseif ($amount <= $bf->jhpstock){ mysql_query("UPDATE users SET money=money-$costs WHERE username='$username'"); mysql_query("UPDATE users SET JHP=JHP+$amount WHERE username='$username'"); mysql_query("UPDATE bf SET jhpstock=jhpstock-$amount WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit=profit+$cost WHERE location='$fetch->location'"); mysql_query("UPDATE users SET money=money+$costs WHERE username='$bf->owner'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0> <tr><td class=notice align=center><center><font color=green>You've bought ".makecomma($amount)." JHP for £".makecomma($costs)."!</td></tr></table><br>"; }}}}}} ///////////////////////////////////////////////// if($type == "2"){ $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if ($bf->owner == $username) { echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy from your own factory!</td></tr></table><br>"; } elseif ($bf->owner != $username) { $amount=intval(strip_tags($_POST['amount'])); if ($amount == 0 || !$amount || ereg('[^0-9]',$amount)){ print " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You cant buy that amount!</td></tr></table><br>"; }elseif ($amount != 0 || $amount || !ereg('[^0-9]',$amount)){ $costs = $bf->fmjprice * $amount; if ($costs > $fetch->money){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You do not have enough money!</td></tr></table><br>"; }elseif ($costs <= $fetch->money){ if ($bf->fmjstock < $amount){ echo " <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>There isn't enough FMJ in stock for you to buy that amount!</td></tr></table><br>"; }elseif ($amount <= $bf->fmjstock){ mysql_query("UPDATE users SET money=money-$costs WHERE username='$username'"); mysql_query("UPDATE users SET FMJ=FMJ+$amount WHERE username='$username'"); mysql_query("UPDATE bf SET fmjstock=fmjstock-$amount WHERE location='$fetch->location'"); mysql_query("UPDATE bf SET profit=profit+$cost WHERE location='$fetch->location'"); mysql_query("UPDATE users SET money=money+$costs WHERE username='$bf->owner'"); echo" <table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0> <tr><td class=notice align=center><center><font color=green>You've bought ".makecomma($amount)." FMJ for £".makecomma($costs)."!</td></tr></table><br>"; }}}}} ?> <?php if($bf->owner == "0"){ echo "<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center>This bullet factory has no owner.<br> The price to buy this factory is £25,000,000.<br> <a href=?buyfactory=yes>Buy Bullet Factory</a></td></tr></table><br>";exit; } ?> <br> <form action='' method='post'> <input type="hidden" name="type" id="select" value="0"> <table width="400" align="center" cellspacing="0" class="table"> <tr class="header"><td colspan="2">Bullet Factory - Owner: <?php if($bf->owner == "0"){ echo "No Owner"; }else{ echo "Owned by <a href='profile.php?viewuser=$bf->owner'>$bf->owner</a>"; } ?></td></tr> <?php if($bf->producing == "yes"){ ?> <tr class="subhead"><td colspan="2" align="center">The stock will update in: <?php echo"".maketime($finds_status->bfstocktime).""; ?></td></tr> <? }else{ ?> <tr class="subhead"><td colspan="2" align="center">This bullet factory is currently not producing.</td></tr> <? } ?> <tr><td height="10"> </td></tr> <tr><td width='50%' align='center'><div id='1' value='1' class='action select' onclick='SelectOption(this.id, this.className);'><img src='images/items/jhp.png'><br>Jacketed Hollow Point<br>Stock: <?php echo "".number_format($bf->jhpstock).""; ?><br>Cost: <?php echo "£".number_format($bf->jhpprice).""; ?> / per bullet</div></td> <td width='50%' align='center'><div id='2' value='2' class='action select' onclick='SelectOption(this.id, this.className);'><img src='images/items/fmj.png'><br>Full Metal Jacketed<br>Stock: <?php echo "".number_format($bf->fmjstock).""; ?><br>Cost: <?php echo "£".number_format($bf->fmjprice).""; ?> / per bullet</div></td></tr> <tr><td height="10"> </td></tr> <?php if($username == $bf->owner){ ?> <tr><td class=notice colspan='5' align=center><center><font color=red>You cannot buy from your own Bullet Factory!</td></tr> <? }else{ ?> <tr><td align='center' colspan='2'>Bullets: <input type="text" name="amount" class="textbox" id="bullets" autocomplete="off" class="input"></td></tr> <tr><td align='center' colspan='2'><input type='submit' name='submit' class='button' value='Purchase'></td></tr> </table> <? } ?> </form> <table align="center"> <tr> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/jhp.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->JHP).""; ?> JHP!</td> </tr> </table> </td> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/fmj.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->FMJ).""; ?> FMJ!</td> </tr> </table> </td> <td> <table align="center" cellspacing="0" class="table"> <tr> <td width="25" align="right"><img src='/images/items/gbullet.png' width="25"></td> <td>You have <?php echo "".number_format($fetch->GoldenBullet).""; ?> Golden Bullets!</td> </tr> </table> </td> </tr> </table> Functions FUNCTIONS <?php error_reporting(0); session_start(); include_once "db_connect.php"; $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $site2=mysql_query("SELECT * FROM site_stats WHERE id='1' LIMIT 1"); $site = mysql_fetch_object($site2); $nowarnings5=mysql_num_rows(mysql_query("SELECT * FROM warnings WHERE username='$username'")); if($nowarnings5 > "2"){ mysql_query("UPDATE users SET status='Banned' WHERE username='$username'"); } $don=mysql_num_rows(mysql_query("SELECT * FROM donaters WHERE username='$username'")); $date = gmdate('Y-m-d h:i:s'); $latime = time(); if($site->doublexptime < "$latime" || $site->doublexptime == "0"){ mysql_query("UPDATE site_stats SET doublexp='OFF' WHERE id='1'"); } if (empty($_SESSION['username'])){ echo"<meta http-equiv='refresh' content='0;url=index.php'>"; session_destroy(); } elseif ($info->health <= "0"){ mysql_query("UPDATE users SET status='Dead' WHERE username='$username'"); session_destroy(); } elseif ($info->status == "Dead" || $info->status == "Banned"){ session_destroy(); echo "<b><font color=white>You have been Killed!"; exit(); } $crew_check =mysql_query("SELECT * FROM crews"); while($k = mysql_fetch_object($crew_check)){ $user=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$k->owner'")); $rhm=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$k->rhm'")); if ($user->status == "Dead" || $user->status == "Banned"){ if ($k->rhm != "0" && $rhm->status == "Alive"){ mysql_query("UPDATE crews SET owner='$k->rhm', rhm='0' WHERE name='$k->name'"); } elseif ($k->rhm == "0" || $rhm->status == "Dead" || $rhm->status == "Banned"){ mysql_query("UPDATE `users` SET `crew`='1' WHERE `crew`='$k->name'"); mysql_query("DELETE FROM crews WHERE name='$k->name'"); } } } $bba=mysql_query("SELECT * FROM bank"); while($nana =mysql_fetch_object($bba)){ $ppl=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$nana->owner'")); if ($ppl->status == "Dead" || $ppl->status == "Banned"){ mysql_query("UPDATE bank SET owner='0' WHERE id='$nana->id'"); } } $oc_query=mysql_query("SELECT * FROM oc"); while($ttfn = mysql_fetch_object($oc_query)){ $user_oc=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ttfn->leader'")); if ($user_oc->status == "Dead" || $user_oc->status == "Banned"){ mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->we'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->ee'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->driver'"); mysql_query("UPDATE users SET oc='0' WHERE username='$ttfn->leader'"); mysql_query("DELETE FROM oc WHERE id='$ttfn->id'"); }} function logincheck(){ if (empty($_SESSION['username'])){ echo " <SCRIPT LANGUAGE='JavaScript'> window.location='index.php'; </script> "; exit(); }} ////UPDATE ONLINE $time = time() + (60 * 10); mysql_query("UPDATE users SET online='$time' WHERE username='$username'"); ///FINSH UPDATING ONLINE function makecomma($input) { if(strlen($input)<=3) { return $input; } $length=substr($input,0,strlen($input)-3); $formatted_input = makecomma($length).",".substr($input,-3); return $formatted_input; } function makesafe($text) { $text = addslashes(htmlspecialchars(strip_tags($text))); return $text; } function lang($text){ $smallwordsarray = array( 'of','a','the','and','an','or','nor','but','if','then','else','when', 'at','from','by','on','off','for','in','out','over','to','into','with' ); $words = explode(' ', $text); foreach ($words as $key => $word) { if ($key == 0 or !in_array($word, $smallwordsarray)) $words[$key] = ucwords(strtolower($word)); } $text = implode(' ', $words); return $text; } /////////NOW TO THE BB CODES ETC... function rankcheck(){ $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $date = gmdate('Y-m-d h:i:s'); if (($info->rank == "Dirty Cop") && ($info->rankpoints >= "100")){ $newrank="Scum"; $done="1"; $GP="0"; } elseif (($info->rank == "Scum") && ($info->rankpoints >= "200")){ $newrank="Criminal"; $done="1"; $GP="1"; } elseif (($info->rank == "Criminal") && ($info->rankpoints >= "300")){ $newrank="Vandal"; $done="1"; $GP="2"; } elseif (($info->rank == "Vandal") && ($info->rankpoints >= "500")){ $newrank="Arsonist"; $done="1"; $GP="3"; } elseif (($info->rank == "Arsonist") && ($info->rankpoints >= "800")){ $newrank="Thug"; $done="1"; $GP="4"; } elseif (($info->rank == "Thug") && ($info->rankpoints >= "1300")){ $newrank="Boss"; $done="1"; $GP="5"; } elseif (($info->rank == "Boss") && ($info->rankpoints >= "2100")){ $newrank="Assassin"; $done="1"; $GP="6"; } elseif (($info->rank == "Assassin") && ($info->rankpoints >= "3400")){ $newrank="Don"; $done="1"; $GP="7"; } elseif (($info->rank == "Don") && ($info->rankpoints >= "5500")){ $newrank="Godfather"; $done="1"; $GP="8"; } elseif (($info->rank == "Godfather") && ($info->rankpoints >= "8900")){ $newrank="Global Threat"; $done="1"; $GP="12"; } elseif (($info->rank == "Global Threat") && ($info->rankpoints >= "14400")){ $newrank="Global Dominator"; $done="1"; $GP="17"; } elseif (($info->rank == "Global Dominator") && ($info->rankpoints >= "23300")){ $newrank="Untouchable Godfather"; $done="1"; $GP="24"; } elseif (($info->rank == "Untouchable Godfather") && ($info->rankpoints >= "37700")){ $newrank="Man Of Honour"; $done="1"; $GP="31"; } elseif (($info->rank == "Man Of Honour") && ($info->rankpoints >= "61000")){ $newrank="Respectable Don"; $done="1"; $GP="54"; } elseif (($info->rank == "Respectable Don") && ($info->rankpoints >= "81000")){ $newrank="Legend"; $done="1"; $GP="78"; } elseif (($info->rank == "Legend") && ($info->rankpoints >= "129700")){ $newrank="Official MH Legend"; $done="1"; $GP="120"; } elseif (($info->rank == "Official MM Legend") && ($info->rankpoints >= "159000")){ $newrank="True MH Legend"; $done="1"; $GP="150"; } elseif (($info->rank == "True MM Legend") && ($info->rankpoints >= "2500000000")){ $newrank="True MH Legend"; $done="0"; $GP="260"; } if (!$done){ $done="0"; } if ($done == "1"){ mysql_query("UPDATE users SET rank='$newrank' WHERE username='$username'"); mysql_query("UPDATE users SET GP=GP+$GP WHERE username='$username'"); mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `date` , `read` , `saved` , `event_id` ) VALUES ('', '$username', '$username', '[center]Congratulations, You are now <b>$newrank</b><br> Keep it up for reaching this rank you earned $GP game points!', '$date', '0', '0', '')"); }} rankcheck();///////HOUSTON WE HAVE JAIL CHECK! $jail_check=mysql_query("SELECT * FROM jail"); while($monster=mysql_fetch_object($jail_check)){ if (time() > $monster->time_left){ mysql_query("DELETE FROM jail WHERE username='$monster->username'"); }} function maketime($last){ $timenow = time(); if($last>$timenow){ $order = $last-$timenow; while($order >= 60){ $order = $order-60; $ordermleft++; } while($ordermleft >= 60){ $ordermleft = $ordermleft-60; $orderhleft++; } if($ordermleft == 0){ $ordermleft = ""; } else { $ordermleft = "$ordermleft Minutes"; } if($orderhleft == 0){ $orderhleft = ""; } else { $orderhleft = "$orderhleft Hours"; } return "$orderhleft $ordermleft $order Seconds"; }} function loose_energy(){ $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $info = mysql_fetch_object($query); $energy=$info->energy - rand(1,3); if ($energy <= "0"){ $update=health; $thing=$info->health - rand(1,3); $energy_new="0"; }elseif ($energy > "0"){ $update=energy; $thing=$info->energy - rand(1,3); } if (!$energy_new){ mysql_query("UPDATE users SET $update='$thing' WHERE username='$username'"); }elseif ($energy_new){ mysql_query("UPDATE users SET $update='$thing', energy='0' WHERE username='$username'"); } } $most_online=mysql_fetch_object(mysql_query("SELECT * FROM site_stats WHERE id='1'")); $timenow=time(); $now_online =mysql_num_rows(mysql_query("SELECT * FROM users WHERE online > '$timenow'")); if ($now_online > $most_online->online){ mysql_query("UPDATE site_stats SET online='$now_online' WHERE id='1'"); } $drop =mysql_query("SELECT * FROM casinos"); while($tard=mysql_fetch_object($drop)){ $per = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard->owner'")); if ($per->status == "Dead" || $per->status == "Banned"){ mysql_query("UPDATE casinos SET owner='0' WHERE casino='$tard->casino' AND owner='$tard->owner'"); } } $drop_bar =mysql_query("SELECT * FROM bar"); while($tard_bar=mysql_fetch_object($drop_bar)){ $per_bar = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_bar->owner'")); if ($per_bar->status == "Dead" || $per_bar->status == "Banned"){ mysql_query("UPDATE bar SET owner='0' WHERE owner='$tard_bar->owner'"); } } $drop_crew =mysql_query("SELECT * FROM crews"); while($tard_crew=mysql_fetch_object($drop_crew)){ $per_crew = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_crew->owner'")); if ($per_bar->status == "Dead" || $per_bar->status == "Banned"){ mysql_query("UPDATE crew SET owner='$tard_bar->rhm', rhm='' WHERE owner='$tard_bar->owner'"); } } $drop_bf =mysql_query("SELECT * FROM bf"); while($tard_bf=mysql_fetch_object($drop_bf)){ $per_bf = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_bf->owner'")); if ($per_bf->status == "Dead" || $per_bf->status == "Banned"){ mysql_query("UPDATE bf SET owner='0' WHERE owner='$tard_bf->owner'"); } } if ($info->banktime <= time() && $info->bank > "0"){ $nmoney = 10 * $info->bank / 100; $money_in = $info->bank + $nmoney; $money_in= round($money_in); $recieve = $info->money + $money_in; mysql_query("UPDATE users SET money = '$recieve', bank='0', banktime='0' WHERE username='$username'"); } $drop_und =mysql_query("SELECT * FROM shop"); while($tard_und=mysql_fetch_object($drop_und)){ $per_und = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$tard_und->owner'")); if ($per_und->status == "Dead" || $per_und->status == "Banned"){ mysql_query("UPDATE shop SET owner='0' WHERE owner='$tard_und->owner'"); } } $user_info=mysql_fetch_object(mysql_query("SELECT * FROM user_info WHERE username='$username'")); if ($user_info->jail_able == "1" && $user_info->jail_untill <= time()){ mysql_query("UPDATE user_info SET jail_able='0' WHERE username='$username'"); } $user_****=mysql_fetch_object(mysql_query("SELECT * FROM user_info WHERE username='$username'")); if ($user_****->last_respect < time() && $fetch->rank != "Tramp"){ if ($info->rank == "Paper Kid"){ $new_res="1"; }elseif($info->rank == "Theif"){ $new_res="2"; }elseif($info->rank == "Robber"){ $new_res="3"; }elseif($info->rank == "Gangster"){ $new_res="4"; }elseif($info->rank == "Associate"){ $new_res="5"; }elseif($info->rank == "Piciotto"){ $new_res="6"; }elseif($info->rank == "Made Man"){ $new_res="7"; }elseif($info->rank == "Capo"){ $new_res="8"; }elseif($info->rank == "Consigliere"){ $new_res="9"; }elseif($info->rank == "Underboss"){ $new_res="10"; }elseif($info->rank == "Druglord"){ $new_res="11"; }elseif($info->rank == "Godfather"){ $new_res="12"; } $now=time() + (3600 * 24 * 7); mysql_query("UPDATE user_info SET respect='$new_res', last_respect='$now' WHERE username='$username'"); } $bulletq=mysql_query("SELECT * FROM bf WHERE producing='yes'"); $bulletf = mysql_fetch_object($bulletq); $site_status=mysql_query("SELECT * FROM site_stats WHERE id='1'"); $finds_status = mysql_fetch_object($site_status); $fetch_owner=mysql_query("SELECT * FROM users WHERE username='$bulletf->owner'"); $fetch_owner_money = mysql_fetch_object($fetch_owner); if ($finds_status->bfstocktime < time()){ $newstocktime = time() + 3600; $newjhp=$bulletf->jhpstock+$finds_status->jhpupdate; $newfmj=$bulletf->fmjstock+$finds_status->fmjupdate; $newfmjcost=$finds_status->fmjupdate*2000; $newjhpcost=$finds_status->jhpupdate*2000; $newbmoney=$newfmjcost+$newjhpcost; if($fetch_owner_money->money > "$newbmoney"){ mysql_query("UPDATE bf SET jhpstock='$newjhp', fmjstock='$newfmj' WHERE owner!='0'"); mysql_query("UPDATE users SET money=money-$newbmoney WHERE username='$bulletf->owner'"); } mysql_query("UPDATE site_stats SET bfstocktime='$newstocktime' WHERE id='1'"); } if ($finds_status->xpcompstart < time() && $finds_status->xpcompstatus == "1"){ mysql_query("UPDATE site_stats SET xpcompstatus='2' WHERE id='1'"); $newcompytimez = time() + $finds_status->xpcomplength; mysql_query("UPDATE site_stats SET xpcompstart='$newcompytimez' WHERE id='1'"); } if ($finds_status->xpcompstart < time() && $finds_status->xpcompstatus == "2"){ mysql_query("UPDATE site_stats SET xpcompstatus='3' WHERE id='1'"); } if ($finds_status->killstimer < time()){ $newskillstime = time() + 43200; mysql_query("UPDATE site_stats SET killstimer='$newskillstime' WHERE id='1'"); mysql_query("UPDATE site_stats SET daykills='0' WHERE id='1'"); } ?> BULLET FACTORY CP <?php error_reporting(0); session_start(); include_once "includes/db_connect.php"; include_once "includes/functions.php"; logincheck(); $username=$_SESSION['username']; $location=$_GET['location']; $bfcheck=mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$location'")); if (!$bfcheck){ echo "<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>No Such Country!</td></tr></table>";exit; exit(); } if($username != "$bfcheck->owner"){ mysql_query("UPDATE bf SET owner='0' WHERE location='$location'"); echo"<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You don't own $location Bullet Factory!</td></tr></table>";exit; } if($_GET['drop']){ mysql_query("UPDATE bf SET owner='0' WHERE location='$location'"); mysql_query("UPDATE bf SET jspprice='4500' WHERE location='$location'"); mysql_query("UPDATE bf SET fmjprice='4500' WHERE location='$location'"); mysql_query("UPDATE bf SET profit='0' WHERE location='$location'"); echo"<link href='style.css' rel='stylesheet' type='text/css'><table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=red>You dropped $location Bullet Factory!</font></td></tr></table>";exit; } $jhpsellamount = $bfcheck->jhpstock * $bfcheck->jhpprice; $fmjsellamount = $bfcheck->fmjstock * $bfcheck->fmjprice; $fetch= mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $bf = mysql_fetch_object(mysql_query("SELECT * FROM bf WHERE location='$fetch->location'")); if(strip_tags($_POST['submit'])){ $jhpprice=$_POST['jhpprice']; $fmjprice=$_POST['fmjprice']; $pro=$_POST['pro']; if($jhpprice > 4500){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The maximum price for JHP is £4,500!</font></td></tr></table><br>"; }elseif($jhpprice < 4000){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The minimum price for JHP is £4,000!</font></td></tr></table><br>"; }elseif($fmjprice > 5000){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The maximum price for FMJ is £5,000!</font></td></tr></table><br>"; }elseif($jhpprice < 4500){ echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>The minimum price for FMJ is £4,500!</font></td></tr></table><br>"; }else{ mysql_query("UPDATE bf SET jhpprice='$jhpprice' WHERE location='$location'"); mysql_query("UPDATE bf SET fmjprice='$fmjprice' WHERE location='$location'"); mysql_query("UPDATE bf SET producing='$pro' WHERE location='$location'"); echo"<table border=0 bordercolor=black align=center cellpadding=2 cellspacing=0><tr><td class=notice align=center><center><font color=green>You successfully updated your Bullet Factory prices!</font></td></tr></table><br>"; }} if($bfcheck->producing == "yes"){ $chicken=" <option value='yes'>Yes</option> <option value='no'>No</option> "; }elseif($bfcheck->producing == "no"){ $chicken=" <option value='no'>No</option> <option value='yes'>Yes</option> "; } ?> <link href='style.css' rel='stylesheet' type='text/css'> <script type="text/javascript" src="/js/select.js"></script> <script type="text/javascript" src="/js/money_input.js"></script> <style type="text/css"> .select, .selected { width: 110px; padding: 10px; } </style> <body> <form method="POST"> <table width="300" align="center" cellspacing="0" class="table"> <tr><td class="header" colspan="5"><?php echo"$location"; ?> - Bullet Factory CP</td></tr> <tr><td height="25" align="right">Profit:</td> <td align="center">£<?php echo "".number_format($bfcheck->profit).""; ?></td></tr> <tr><td height="25" align="right">JHP Stock:</td> <td align="center"><?php echo"$bfcheck->jhpstock"; ?> (£<?php echo "".number_format($jhpsellamount).""; ?>)</td></tr> <tr><td height="25" align="right">FMJ Stock:</td> <td align="center"><?php echo"$bfcheck->fmjstock"; ?> (£<?php echo "".number_format($fmjsellamount).""; ?>)</td></tr> <tr><td height="25" align="right">JHP Cost:</td> <td align="center"><input type="text" class="textbox" name="jhpprice" id="cost_jhp" value='<?php echo"$bfcheck->jhpprice"; ?>' class="input"></td><td></tr> <tr><td height="25" align="right">FMJ Cost:</td> <td align="center"><input type="text" class="textbox" name="fmjprice" id="cost_fmj" value='<?php echo"$bfcheck->fmjprice"; ?>' class="input"></td></tr> <tr><td height="25" align="right">Producing:</td> <td align="center"><select name="pro" class="textbox"> <?php echo"$chicken"; ?> </select></td></tr> <tr><td height="25" colspan="2" align="center"><a href="?location=<?php echo"$location"; ?>&drop=yes">Drop Property</a></td></tr> <tr><td height="25" align="center" colspan="2"><input type="submit" name="submit" class="button" value="Submit"></td></tr> </table> </form> <br> </body> The Problem is that my englanf bf keeps dropping and i dont know why any suggestion ( the user is alive that own and he has enough cash to hold it to )

August 21, 2012

another problem

modernmafia replied to modernmafia's topic in PHP

ill see how it goes

August 19, 2012
6 replies

another problem

modernmafia replied to modernmafia's topic in PHP

Apache version 2.2.22 PHP version 5.3.15 MySQL version 5.5.24-cll

August 19, 2012
6 replies

another problem

modernmafia replied to modernmafia's topic in PHP

if i change line 81 to session_start('username'); will that be ok as its starting/resuming the session of the login cause it prevents me from login in and hjust comes up with the error

August 18, 2012
6 replies

another problem

modernmafia posted a topic in PHP

<?php if (file_exists('offyes1.php')) { die("<meta http-equiv='refresh' content='1;url=comingsoon.php'>"); } session_start(); include_once"includes/db_connect.php"; if (strip_tags($_GET['logout']) == "yes"){ session_destroy(); echo "<meta http-equiv='refresh' content='1;url=index.php'>"; }else{ $ip = $_SERVER['REMOTE_ADDR']; $getip = mysql_query("SELECT * FROM `adminbans` WHERE `ip` = '$ip'"); if(mysql_num_rows($getip) > 0){ session_start(); echo "<meta http-equiv=\"refresh\" content=\"0;URL=ipbanned.php\">"; } if($row['ip'] == $_SERVER['REMOTE_ADDR']){ echo"<title>Modern-Mafia - Login</title>"; }elseif (isset($_SESSION['username'])){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=logged_in.php\">"; exit(); } if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){ $username = addslashes(strip_tags($_POST['username'])); $password = addslashes(strip_tags($_POST['password'])); $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1"); $login_check = mysql_num_rows($sql); $inf = mysql_fetch_object($sql); if ($login_check == "0"){ $message="Your Username & Password Do Not Match Or You Do Not Have An Account"; }elseif ($login_check != "0"){ if ($login_check > "0"){ if ($inf->status == "Dead"){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=dead.php\">"; exit(); } if ($login_check > "0"){ if ($inf->status == "Banned"){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=banned.php\">"; exit(); }} session_register('username'); $_SESSION['username'] = $inf->username; $timestamp = time()+120; mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'"); mysql_query("UPDATE users SET l_ip='$ip' WHERE username='$username'"); echo "<meta http-equiv=\"refresh\" content=\"0;URL=logged_in.php\">"; } else { $message= "You could not be logged in.<br />"; }}} $timenow=time(); $select = mysql_query("SELECT * FROM users WHERE online > '$timenow' ORDER by 'rank' DESC"); $num = mysql_num_rows($select); $iti=mysql_fetch_object(mysql_query("SELECT * FROM site_stats WHERE id='1'")); $most=$iti->online; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Hidden - Multiplayer Online RPG Mafia Game</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" > <META name="keywords" content="Hidden , Hidden ,Hidden "> <meta name="description" content="Create a war, rule the world and show that you have what it takes to be the best. Kill or be killed in this Massive Online text-based Mafia Game."> <link REL="SHORTCUT ICON" HREF="icon.png"> <link href="loginstyle.css" rel="stylesheet" type="text/css"> <style type="text/css">  </style></head> <body> <div id="container"> <div id="header"> <div id="banner"> <br><br> <p></p> </div> <div id="menu"> <ul> <li class='selected'><a href="index.php">Home</a></li> <li ><a href="registernew.php">Register</a></li> <li ><a href="forgotpasswordnew.php">Forgot Password</a></li> <li ><a href="tosnew.php">Terms of Service</a></li> </ul> </div> <div style="clear: both"></div> </div> <div id="content-container"> <div id="content"> <center> <div class="login"> <p>Welcome to Hidden , use the form below to login if you are a returning member..</p> <div class="login-form"> <form action="" method="post"> <form name="form1" method="post" action=""> <label>Username:</label><br> <input name="username" type="text" class="textinput" id="username" value="" size="" maxlength="40" /><br> <label>Password:</label><br> <input name="password" type="password" class="textinput" id="password2" value="" size="" maxlength="40" /> <input type="submit" name="Submit" class="login-button" value="Login" /> </form> <font color=white></div> <div class="tools"> <ul> <li><a href="registernew.php">- Register an account</a></li> <li><a href="forgotpasswordnew.php">- Forgot Password</a></li> <li><a href="tosnew.php">- Terms of Service</a></li> </ul> </div> <div style="clear: both;"></div> </div> <div class="content_text"> <script> $("button").click(function () { $("t").toggle("slow"); }); </script> <div class="text"> <p><strong>Hidden </strong> is a new Text-Based Mafia MMORPG Game. The aim is to rank up, control your turf, make money and rule the world! The online mafia-themed game is new and will have thousands playing till midnight. We pride ourselves on a great, growing community which is constantly expanding and we provide unique features and regular updates so your never left with nothing todo and we keep you updated about it too! </p> <p><a href="registernew.php">Click here</a> to join the game that will have you playing past midnight.</p></div></div> </center> </t> </div> <div id="footer"> <div class="login-form"> <div id="footer"> <p>Hidden - Copyright 2011-2012<center><font color=white> </p> </div> </div> </div> </body> </html> <? } ?> any ideas on this problem Fatal error: Call to undefined function session_register() in /home/modernma/public_html/index.php on line 81

August 18, 2012
6 replies

need help

modernmafia replied to modernmafia's topic in PHP

ill give mysqli a go and keep you update thanks for the advice and your time

August 17, 2012
8 replies

need help

modernmafia replied to modernmafia's topic in PHP

check and there no spaces ?

August 17, 2012
8 replies

need help

modernmafia replied to modernmafia's topic in PHP

just the way it pasted here its not like that on my file manger

August 17, 2012
8 replies

need help

modernmafia replied to modernmafia's topic in PHP

i get mysql extension unavailable.

August 17, 2012
8 replies

need help

modernmafia replied to modernmafia's topic in PHP

was literally working half ago on that now throws the error

August 17, 2012
8 replies

need help

modernmafia posted a topic in PHP

Fatal error: Call to undefined function mysql_connect() in /home/modernma/public_html/includes/db_connect.php on line 11 <?php $mysql_host = "localhost"; $mysql_user = "hidden"; $mysql_password = "hidden"; $mysql_database = "hidden"; $connection = mysql_connect("$mysql_host","$mysql_user","$mysql_password") or die ("Unable to connect to MySQL server."); $db = mysql_select_db("$mysql_database") or die ("Unable to select requested database."); ?>