dnenb

Mailed you again:)

You hate metro or w8?

Did you check out the error I got yet, Dave?

Cool! Do you guys have a launch date in mind? Related:P http://www.joelonsoftware.com/items/2009/09/23.html http://www.codinghorror.com/blog/2009/12/version-1-sucks-but-ship-it-anyway.html

Hey guys, I'm looking for a layout for a new mccode game I'm launching. I don't have a lot to spend right now so I don't care if it's unique or not. But I do want login+ingame and they have to be html/css already. Does anyone have anything they want to sell?

I've used Windows 8 for a while and I really like it. Taking away the start button has actually made me work the computer faster. Click the winndows button on your keyboard -> start typing anything (for ex "calc") -> hit enter to start calculator. I know more hotkeys now than before because w8 kinda made me. It starts really fast too.

that is awesome

I really like this addon guys - thanks!

Alright, thanks man. I'm gonna rewrite the donations system and figure it out.

I'm using mccode v2 and I haven't changed anything in the ipn files. You tell me? Looks like is checks (from ipn_donator.php): // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);

Wow, I had no clue. Is there any reason why I wouldn't want to do that? I mean why isn't this what we're told to do in the install instructions? Edit, just FYI: "You must spread some Reputation around before giving it to a_bertrand again."

Hey guys, Does anyone have a simple solution for taking paypal-donations from multiple MCCODE games? Paypal only lets me set one IPN url.

Does anyone have a layout for mccode v2 that's responsive? Responsive means that the sizes automaticly adapt to the screen. Google it if you need to :)

It's writing out this, so I'm pretty sure:

Can someone help me with inventory.php? I'm having problems understanding this: $q = $db->query(" SELECT * FROM `items` WHERE `itmid` IN(".$ir['equip_primary'].",".$ir['equip_helmet'].",".$ir['equip_boots'].",".$ir['equip_leggings'].",".$ir['equip_gloves'].",".$ir['equip_breastplate'].") "); echo "<h3>Equipped Items</h3><hr />"; while($r=$db->fetch_row($q)) { $equip[$r['itmid']]=$r; } Because the query turns out to be: And that doesn't return anything, resulting in $equip never being set. Help?

Djkanna helped me sort it out! The problem was as implied in my last post that the token was being set multiple times, and therefore not matching.

When I change this line: $token = md5(mt_rand()); to this: $token = md5('test'); I can login fine. So after reading this post on stackoverflow I'm pretty sure that the token id is set more than once. But I have no clue where that is happening or why it doesn't affect the login in internet explorer.

The version I'm using is 2.0.5b (from here). It seems that there's a problem with the functions request_csrf_code() and verify_csrf_code() in authenticate.php. They look like this: function request_csrf_code($formid) { // Generate the token $token = md5(mt_rand()); // Insert/Update it $issue_time = time(); $_SESSION["csrf_{$formid}"] = array('token' => $token, 'issued' => $issue_time); return $token; } You can see that the token is stored in the session array $_SESSION["csrf_login"].   function verify_csrf_code($formid, $code) { // Lookup the token entry // Is there a token in existence? if (!isset($_SESSION["csrf_{$formid}"]) || !is_array($_SESSION["csrf_{$formid}"])) { // Obviously verification fails return false; } else { // From here on out we always want to remove the token when we're done - so don't return immediately $verified = false; $token = $_SESSION["csrf_{$formid}"]; // Expiry time on a form? $expiry = 900; // hacky lol if ($token['issued'] + $expiry > time()) { // It's ok, check the contents $verified = ($token['token'] === $code); } // don't need an else case - verified = false // Remove the token before finishing unset($_SESSION["csrf_{$formid}"]); return $verified; } }   But when this function tries to get the token it seems to be different, resulting in $verified to always be false. But it works as it should in internet explorer. I'm literally banging my head against the wall here. Can aynone help me out?

This is the function that's causing my headache (in authenticate.php, mccode v2). If you can explain to me how this CSRF-system works and help me to fix it I'll send you $15.   // Check CSRF input if (!isset($_POST['verf']) || !verify_csrf_code('login', stripslashes($_POST['verf']))) { die( "<h3>{$set['game_name']} Error</h3> Your request has expired for security reasons! Please try again.<br /> <a href='login.php'>> Back</a>"); }

I'm not telling anyone that, sorry. I figure that if someone knows the script (and seen the problem before) they'll be able to help me with the problem without the link to my game.

$15 through paypal to whoever helps me understand and fix this issue :)

I keep getting this error using Chrome: But using internet explorer the login works fine. Can anyone help me?

Anyone? The login works in Internet Exlorer, but not with Chome. :(

I'm having this problem with v2 - does anyone know what causes this?

As with everything else. If you just upload the mccode script and make an app out of it people won't run to your game. But if you make the game look good on a phone and advertise is properly then you're off to a good start :)