Octet

Oh right, my mistake, sorry.

Still basic HTML and CSS except it also has some JavaScript which does all the roll over effects. There is no single script which does the layout, it is a combination of the HTML which creates the elements and then the CSS which styles it. Just been looking through your posts, what languages do you actually know? What I'm trying to gather is whether you need help on a specific part or whether your looking to learn from scratch.

I'm confused which script you are referring to? It is a simple HTML and CSS website, if you mean the logins e.t.c. then that is PHP? The member count and the such as carried in from the database, probably using mysql_num_rows and then you obviously have the game and engine if you login.

I'm not a lawyer but from what I gather then embedding youtube videos and hiding the player is fine but that doesn't make you immune with copyright issues. Although your using content from another site you may still be responsible for it as you specifically added it yourself and so you are now posting the material instead of it being from a third party source.

Let's think about this sensibly, companies use security audit tools all the time, you cannot suggest that some poor server admin goes along and checks through the server and the entire website e.t.c. for security vulnerabilities? Yes, they must have an understanding how it works but the responsibility is too huge for them to do it by hand, and no company would trust a single person (or team of people) to do it because of the potential loss. They would use a security audit tool, and yes it won't be a free one which you can download as an add on but the principal is still the same. SQL Inject ME runs a couple of hundred checks which returns thousands of results... imagine doing that by hand... Understand your security but don't expect to notice every problem by eye.

No, you are entirely wrong. It is the only app I have for Firefox, I take security extremely seriously but what I am saying is applications like this can be useful to check afterwards. I stated in my first post that it isn't going to be entirely accurate and shouldn't be used solely but it is good to check for common problems.   Who do you agree with? Me or Spudinski?

I agree, but once you have done the best you can using your own knowledge on how SQL works then you can use that tool to verify that you have made it as water tight as you possibly can. Admittedly tools like that may not be accurate or may not cover everything but it can offer some reassurance.

The best way to check if your site is vulnerable is to use the Firefox add on 'SQL Inject ME' which scans for common problems, from then on you can research each problem individually and resolve it yourself.

I can get onto the site now, looks good! I like the reflections, very clean and professional looking!

Looks like the default Apache server page, a Heading 1 saying 'It Works!'

No problem, in case you are wondering why I included the $Rand_Weather = $Rand_1 - $Rand_2; That is to reduce the number of hurricanes, by modifying the random numbers possible in $Rand_2 you can change the frequency of severe storms. At the moment you are likely to get between Calm and Strong Breeze but you still have the possibility of the stronger storms.

I have one which I could share, it doesn't do much but it is for my game which I am working on (writing my own engine so it shall be up to you to implement into your own engine or which ever one you are using). It basically decides what weather conditions to have, and then it inserts it into the database (removed my login information from the script), the script is run by a crontask every 30 minutes so you get an evolving weather. As I say, nothing complex.   <?php $Rand_1 = mt_rand(0, 12); $Rand_2 = mt_rand(0, 8); $Rand_Weather = $Rand_1 - $Rand_2; if($Rand_Weather < 0) { $Rand_Weather = 0; } /* All Weather is Calculated on the Beaufort Scale */ if ($Rand_Weather == 0) { $Weather = "Calm"; $Rand_Wave_Height = 0.1 * mt_rand(0, 0); $Rand_Wind_Speed = mt_rand(0, 1); } if ($Rand_Weather == 1) { $Weather = "Light Air"; $Rand_Wave_Height = 0.1 * mt_rand(0, 1); $Rand_Wind_Speed = mt_rand(1, 3); } if ($Rand_Weather == 2) { $Weather = "Light Breeze"; $Rand_Wave_Height = 0.1 * mt_rand(1, 2); $Rand_Wind_Speed = mt_rand(4, 6); } if ($Rand_Weather == 3) { $Weather = "Gentle Breeze"; $Rand_Wave_Height = 0.1 * mt_rand(3, 6); $Rand_Wind_Speed = mt_rand(7, 10); } if ($Rand_Weather == 4) { $Weather = "Moderate Breeze"; $Rand_Wave_Height = 0.1 * mt_rand(7, 10); $Rand_Wind_Speed = mt_rand(11, 16); } if ($Rand_Weather == 5) { $Weather = "Fresh Breeze"; $Rand_Wave_Height = 0.1 * mt_rand(15, 20); $Rand_Wind_Speed = mt_rand(17, 21); } if ($Rand_Weather == 6) { $Weather = "Strong Breeze"; $Rand_Wave_Height = 0.1 * mt_rand(25, 30); $Rand_Wind_Speed = mt_rand(22, 27); } if ($Rand_Weather == 7) { $Weather = "Near Gale"; $Rand_Wave_Height = 0.1 * mt_rand(35, 40); $Rand_Wind_Speed = mt_rand(28, 33); } if ($Rand_Weather == 8) { $Weather = "Gale"; $Rand_Wave_Height = 0.1 * mt_rand(50, 60); $Rand_Wind_Speed = mt_rand(34, 40); } if ($Rand_Weather == 9) { $Weather = "Strong Gale"; $Rand_Wave_Height = 0.1 * mt_rand(65, 75); $Rand_Wind_Speed = mt_rand(41, 47); } if ($Rand_Weather == 10) { $Weather = "Storm"; $Rand_Wave_Height = 0.1 * mt_rand(80, 95); $Rand_Wind_Speed = mt_rand(48, 55); } if ($Rand_Weather == 11) { $Weather = "Violent Storm"; $Rand_Wave_Height = 0.1 * mt_rand(100, 115); $Rand_Wind_Speed = mt_rand(56, 63); } if ($Rand_Weather == 12) { $Weather = "Hurricane"; $Rand_Wave_Height = 0.1 * mt_rand(140, 160); $Rand_Wind_Speed = mt_rand(64, 80); } mysql_connect ("localhost", "root", "") or die ("Couldn't Connect to Server"); mysql_select_db ("") or die ("Couldn't Find Database"); mysql_query ("UPDATE Global_Variables SET Weather = '$Weather' WHERE ID = '1'") or die ("Couldn't Update Global Weather Variables"); mysql_query ("UPDATE Global_Variables SET Wind_Speed = '$Rand_Wind_Speed' WHERE ID = '1'") or die ("Couldn't Update Global Weather Variables"); mysql_query ("UPDATE Global_Variables SET Wave_Height = '$Rand_Wave_Height' WHERE ID = '1'") or die ("Couldn't Update Global Weather Variables"); mysql_close(); ?>

Safari doesn't like it either. Just tried in Firefox, no luck and I can't ping the domain but I can ping the IP.

I can't get it to load either, DNS Resolution error.

That would be a good step to building a portfolio, any way to prove yourself is a good thing, especially considering the current difficulty in getting work full stop. Looking forward to seeing these mods.

Happy Birthday Curt.

Moving back on topic, here is a joke a friend of mine sent me: How do you know you've been using your computer too long? ------------------ When to find your car keys you do, "grep keys /dev/pockets"

In my opinion you can call it your game, as you said ColdBlooded, if you have the rights to it. Although at that point I believe you only should say you have the rights to it, and then once you begin adding your own content to it you can claim it as your own game, otherwise it is just plagiarism. Depending on how much of your own content you add shall depend on how much you can call it your own, for example I wouldn't be happy to call it fully my own unless I did everything including writing the engine and doing the graphics.

I see your point, but I was more referring to people who shall download it off the internet without any idea how it actually works and then claim that they are "l33t hackerz". (a general comment, not referencing anyone here) Sorry, I just have this thing against script kiddies.

That makes you a script kiddie... I agree, hacking is an art and not a skill.

The site is done (except the new background graphic) and now I am moving onto the actual game. I probably shall do the inventory system, player control panel e.t.c. first and then move onto the black market trading system.

You main security problem is going to be SQL Injection and trying to stop it. The trick is to never trust user input, with SQL injection you can enter a piece of code into a form and you can execute it because it is now classed as part of the script. This means that you could exploit the entire database if someone knew what they are doing. The simplest but only a limited fix is to include mysql_real_escape_string on your user input. Validation and Sanitation are the most important things, make sure it is what the user was supposed to enter and then clean it of any potential code anyway.

Actually, since posting that I have found some security problems... you are sending your information in a plain text cookie. Not only that but you aren't hashing/encrypting your passwords.

I've been following this thread, finding it rather amusing to say the least, and have quickly just made an account to see what GothCentral is about for myself. -As others have mentioned, the game does look basic and 'Enter if you Dare' doesn't make much sense. My suggestion would be to change the header graphic (masthead I think it is technically called) to something that fits well and isn't stretched. Secondly, I'm not sure whether you are aware of copyright infringement but do you own the rights to that image? -I agree, what enough does 'Hipsterizing' mean? -The gameplay itself is basic, and although I haven't seen the MCCodes engine I shall believe that it hasn't varied from it much. A storyline would be a good idea, as it gives us something to follow when playing the game as opposed to just making money. -I'm not a security expert so I can't comment on what a_bertrand finds but I would certainly follow his instructions, he certainly seems to know what he is doing. Overall I think you need to completely re-design the site to make it more interesting and improve it's quality. This shall instantly make it look more professional and entice more members to start playing. The other thing I would say is to make sure you have a storyline which follows a good and well thought out plot.

No, I agree. What I might do is add a subtle background to it, almost like a border going along the bottom of the page which represents scenes from the game. One example could be a high street of one of the medieval villages.