KyleMassacre

You dont have to go back and edit your stuff but maybe implement something like that else where? Besides, my code is untested and written while I was on my phone haha so who knows the outcome of that lol

Seems like a lot of work when you could've used a session which I think may have been easier. Sessions can be a great tool for things since they stay with the person until you basically decide to end the session. On your attack page at the start you could declare a new session like for example: //Start the session for the person of the id being attacked $id = abs((int)$_GET['id']; if(!array_key_exists('user_attacking',$_SESSION)) { $_SESSION['user_attacking'] = $id;//or whatever the variable is for the user being attacked } else if(array_key_exists('user_attacking',$_SESSION) && $_SESSION['user_attacking'] != $id) { //they must have changed the url so do something with them here and end that session unset($_SESSION['user_attacking']); } You can also add the same in the attack reward files just incase they get sneaky and try to change it up their too by editing the source in inspect element of whatever their browser uses. Then about the place where they claim the reward for winning and where they lose an attack you can unset their session: //kill their session of who they are attacking unset($_SESSION['user_attacking']);

I think he is talking about your standard SQL injections and XSS, not people giving out copies of their failed attempts at creating a game from the engine. I will be the first to tell you that if the source that I have was the original copy of the engine I would be real shocked. But I think my copy is like 3 generations old haha

Putting quotes around numbers is not entirely true. There are some instances that I have seen where the datatype is enum which is represented by a string and not an INT which you would need to put a quote around the data

Am I not good enough to be tagged? Hopefully this doesn't turn into another RC engine debacle :p

Ahh see, that part was never mentioned by Kaine, even to me. I was going to partner up with him to help get it ready for sale/release and it was a good thing I never did. Maybe [MENTION=69859]KaineBennett[/MENTION] can come on in and have a say in this matter???

[MENTION=69762]RCengineOwner[/MENTION], thank you for taking the time to come here but I do have a question for you regarding this. Did you set up some sort of deal with Kaine Bennet? Last I heard he was in the midst of buying it from you so I am taking it that was never the case? I spoke to a member here who will go un-named in the public eye for the time being who knew/knows you and he confirmed with me the deal that you had but were waiting for something on Kaine's end. Now if thats the case, Kaine did sell his rights to RC to NonStopCoding a little while back and handed them over to NSC. So if you can help get this mess sorted out I would be very appreciated. I am not an Admin but I can help out the process quickly if none of this stuff is in fact true. So feel free to PM me, or message me on skype and we can talk.

Sony already stated that they have no plans of releasing it at all but I'm just worried that our government is just pussy footin' around and they are going to let this happen

[rant] I'm just pretty appalled at the fact that our (as in American's) constitutional right of freedom of speech is being suppressed and we are just letting it happen by Sony not releasing the movie. I understand that movie theaters here now don't want anything to do with the movie because of the constant fear of the next movie theatre tragedy but now they are scared of releasing it to On Demand. But this is a topic for another thread. [/rant]

Was anyone planning on going to see that next week or planning on seeing it all? Or were you not planning on seeing but now want to because of all the controversy behind it? Me me personally I was stoked to go and see it but doesn't look like I will be anytime soon. There was rumor that Sony was going to release it On Demand but has at this time reneged that proposal #ILostMyIpod

wallet = wallet + 50000;

If they are changing the URL in attack.php you can probably start a new $_SESSION with the persons id they are attacking and when they win the attack be sure to end that $_SESSION. If the $_SESSION doesn't match the current id then you can do whatever like redirect them, log them out, etcetera

In your code snippet try changing the $r['user_level'] to $odata['user_level']?

Yeah sorry. The first part was at you script and the last part was for Hybridd

Ok just follow what I said and it should be ok

Well don't use the query to check for a successful attack on the streets page. To make it easy you can do a function to do the check where ever you want it to check for that type of thing. Im still kind of confused here though because isn't the battle tent different from the streets? Just remove the link from viewuser for a NPC and add at the top of attack (after you do the query for the user being attacked) and do something like: if($r["user_level"] == 0) { echo "Put something fancy right here"; $h->endpage(); return; } if your worried about them changing the url to have the NPC's id I wouldn't worry about it if you put your if ststement in the correct place

It's off label? Also so what are you getting stuck on exactly?

I'm a bit confused on what your asking for. Do you want them to be able to attack the same NPC over and over again or no?

I think there is a table in MCC called challenges beaten or whatever. So what you could do is query that for the NPC id and the userid; if any rows appear then they have completed that NPC challenge and you can kill the rest of the script from executing

Not a problem

Try adding this to your SQL: order by u.level desc

Can you please use the code or php tags when you post code? It's makes it easy for us to read. Also, can you give us some stats of "your" level and the level of the NPC it should be selecting? Is there a NPC that would meet that criteria? Example: Say you are level 20 and the lowest level NPC is 10 and the next level is 25, your query should run and give you the level 10 bot, is that a similar case that you have?

The settings table is the default MCC settings and Dave just put all of the chat settings in there. If your database doesn't have that table then you can create it with those to column names you see and the both columns I believe are either text or varchar. For your second error about the headers you can try adding ob_start() above the header function and ob_end_flush() before it. I'm not certain it will work but you can try it. Like I said before I'm not too sure on the ob_* functions because I never really used them.

For your first error it is because your mysql_query that it is trying to fetch is returning false which means it's a bum query or not selecting any rows from the database. What you can try to do is wrap where it is fetching and displaying your data in an if statement like if(mysql_num_rows($query)) { //the rest would go here } or you can put it in a while() statement: while($rows = mysql_fetch_array($query)) { //the rest goes here }   Now I will be honest about the header() error(s) I hate these things and what you can do is wrap that in an if() like: if(!headers_sent()){ header("Location: somewhere.php"); } else { //it's dirty but do a meta redirect } Now that is assuming that the header function is in fact redirecting someone. There are ways to get around it like using ob_* but I'm not too keen on the ob_* functions like I should. /me thinks this is the correct work around. Im sure there is a better way of tackling the header errors so if there is a better way can someone please correct me?

Yes please, take it to PM. Now for [MENTION=70303]Hybridd[/MENTION], in regards to your PM I'm sorry but I don't have the time to help. What parts are you stuck on? Maybe show some errors you are getting and we can try to help