Jump to content
MakeWebGames

The Phantom

Members
  • Posts

    57
  • Joined

  • Last visited

Everything posted by The Phantom

  1. Looks good so far +1
  2. So when I switch users I end up at the login page. function switch_user() { global $db, $ir, $c, $h, $userid; if (!in_array($ir['user_level'], array(2, 6, 7))) { echo 'You cannot access this area.<br /> > <a href="staff.php">Go Back</a>'; die($h->endpage()); } $_POST['userid'] = (isset($_POST['userid']) && is_numeric($_POST['userid'])) ? abs(intval($_POST['userid'])) : 0; if (!empty($_POST['userid'])) { staff_csrf_stdverify('staff_switch', 'staff_users.php?action=switch'); $d = $db->query("SELECT `userid`, `username`, `user_level` FROM `users` WHERE `userid` = '{$_POST['userid']}' LIMIT 1"); $r = $db->fetch_row($d); /*if($r['user_level'] == 2) { error('Die'); } */ stafflog_add('Switched account to ' . $r['username'] . ' [' . $r['userid'] . ']'); echo 'Switched account to ' . $r['username'] . '.<br /> > <a href="../index.php">Go Home</a>'; $_SESSION['userid'] = $_POST['userid']; } else { $csrf = request_csrf_html('staff_switch'); echo " <h3>Switch Users</h3> <hr /> Log in to another account without their password. <form action='staff_users.php?action=switch' method='post'> User: " . user_dropdown(NULL, 'userid') . " <br /> {$csrf} <input type='submit' value='Switch' /> </form> "; } } I do not see the problem here...
  3. Hello all, I just need help for someone to make the default McCodes viewuser.php layout to be like this - [ATTACH=CONFIG]2102[/ATTACH] If anyone can help that will be so helpful and great! Everytime I try I always mess up :(   <?php /** * MCCodes Version 2.0.5b * Copyright (C) 2005-2012 Dabomstew * All rights reserved. * * Redistribution of this code in any form is prohibited, except in * the specific cases set out in the MCCodes Customer License. * * This code license may be used to run one (1) game. * A game is defined as the set of users and other game database data, * so you are permitted to create alternative clients for your game. * * If you did not obtain this code from MCCodes.com, you are in all likelihood * using it illegally. Please contact MCCodes to discuss licensing options * in this case. * * File: viewuser.php * Signature: 359abfc90736815bd4dd5e155cd1edf8 * Date: Fri, 20 Apr 12 08:50:30 +0000 */ require_once('globals.php'); $_GET['u'] = (isset($_GET['u']) && is_numeric($_GET['u'])) ? abs(intval($_GET['u'])) : ''; if (!$_GET['u']) { echo 'Invalid use of file'; } else { $q = $db->query( "SELECT `userid`, `user_level`, `laston`, `last_login`, `signedup`, `duties`, `donatordays`, `username`, `gender`, `daysold`, `money`, `crystals`, `level`, `friend_count`, `enemy_count`, `display_pic`, `hp`, `maxhp`, `gang`, `fedjail`, `hospital`, `hospreason`, `jail`, `jail_reason`, `bankmoney`, `cybermoney`, `lastip`, `lastip`, `lastip_login`, `lastip_signup`, `staffnotes`, `cityname`, `hNAME`, `gangNAME`, `fed_days`, `fed_reason` FROM `users` `u` INNER JOIN `cities` AS `c` ON `u`.`location` = `c`.`cityid` INNER JOIN `houses` AS `h` ON `u`.`maxwill` = h.`hWILL` LEFT JOIN `gangs` AS `g` ON `g`.`gangID` = `u`.`gang` LEFT JOIN `fedjail` AS `f` ON `f`.`fed_userid` = `u`.`userid` WHERE `u`.`userid` = {$_GET['u']}"); if ($db->num_rows($q) == 0) { $db->free_result($q); echo 'Sorry, we could not find a user with that ID, check your source.'; } else { $r = $db->fetch_row($q); $db->free_result($q); $checkulevel = array(0 => 'NPC', 1 => 'Member', 2 => 'Owner', 3 => 'Secretary', 5 => 'Assistant'); $userl = $checkulevel[$r['user_level']]; $lon = ($r['laston'] > 0) ? date('F j, Y g:i:s a', $r['laston']) : "Never"; $ula = ($r['laston'] == 0) ? 'Never' : DateTime_Parse($r['laston']); $ull = ($r['last_login'] == 0) ? 'Never' : DateTime_Parse($r['last_login']); $sup = date('F j, Y g:i:s a', $r['signedup']); $u_duties = ($r['user_level'] > 1) ? 'Duties: ' . $r['duties'] . '<br />' : ''; $user_name = ($r['donatordays']) ? '<span style="color:red; font-weight:bold;">' . $r['username'] . '</span> [' . $r['userid'] . '] <img src="donator.gif" alt="Donator: ' . $r['donatordays'] . ' Days Left" title="Donator: ' . $r['donatordays'] . ' Days Left" />' : $r['username'] . ' [' . $r['userid'] . ']'; $on = ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15 * 60) ? '<font color="green"><b>Online</b></font>' : '<font color="red"><b>Offline</b></font>'; $ref_q = $db->query( "SELECT COUNT(`refID`) FROM `referals` WHERE `refREFER` = {$r['userid']}"); $ref = $db->fetch_single($ref_q); $db->free_result($ref_q); echo " <h3>Profile for {$r['username']}</h3> <table width='100%' cellspacing='1' class='table'> <tr> <th>General Info</th> <th>Financial Info</th> <th>Display Pic</th> </tr> <tr> <td> Name: $user_name<br /> User Level: $userl<br /> $u_duties Gender: {$r['gender']}<br /> Signed Up: $sup<br /> Last Active: $lon<br /> Last Action: $ula<br /> Last Login: $ull<br /> Online: $on<br /> Days Old: {$r['daysold']}<br /> Location: {$r['cityname']}</td><td> Money: " . money_formatter($r['money']) . "<br /> Crystals: {$r['crystals']}<br /> Property: {$r['hNAME']}<br /> Referals: {$ref}<br /> Friends: {$r['friend_count']}<br /> Enemies: {$r['enemy_count']} </td> <td> "; echo ($r['display_pic']) ? '<img src="' . $r['display_pic'] . '" width="150px" height="150px" alt="User Display Pic" title="User Display Pic" />' : 'No Image'; $sh = ($ir['user_level'] > 1) ? "Staff Info" : " "; echo " </td> </tr> <tr> <th>Physical Info</th> <th>Links</th> <th>$sh</th> </tr> <tr> <td> Level: {$r['level']}<br /> Health: {$r['hp']}/{$r['maxhp']}<br /> "; echo ($r['gang']) ? 'Gang: <a href="gangs.php?action=view&ID=' . $r['gang'] . '">' . $r['gangNAME'] . '</a>' : ''; if ($r['fedjail']) { echo " <br /> <span style='font-weight: bold; color: red;'> In federal jail for {$r['fed_days']} day(s). <br /> {$r['fed_reason']} </span> "; } if ($r['hospital']) { echo " <br /> <span style='font-weight: bold; color: red;'> In hospital for {$r['hospital']} minutes. <br /> {$r['hospreason']} </span> "; } if ($r['jail']) { echo " <br /> <span style='font-weight: bold; color: red;'> In jail for {$r['jail']} minutes. <br /> {$r['jail_reason']} </span> "; } echo " </td> <td> [<a href='mailbox.php?action=compose&ID={$r['userid']}'>Send Mail</a>] <br /><br /> [<a href='sendcash.php?ID={$r['userid']}'>Send Cash</a>] <br /><br /> "; if ($set['sendcrys_on']) { echo " [<a href='sendcrys.php?ID={$r['userid']}'>Send Crystals</a>] <br /><br /> "; } if ($set['sendbank_on']) { if ($ir['bankmoney'] >= 0 && $r['bankmoney'] >= 0) { echo " [<a href='sendbank.php?ID={$r['userid']}'>Bank Xfer</a>] <br /><br /> "; } if ($ir['cybermoney'] >= 0 && $r['cybermoney'] >= 0) { echo " [<a href='sendcyber.php?ID={$r['userid']}'>CyberBank Xfer</a>] <br /><br /> "; } } echo " [<a href='attack.php?ID={$r['userid']}'>Attack</a>] <br /><br /> [<a href='contactlist.php?action=add&ID={$r['userid']}'>Add Contact</a>] "; if (in_array($ir['user_level'], array(2, 3, 5))) { echo " <br /><br /> [<a href='jailuser.php?userid={$r['userid']}'>Jail</a>] <br /><br /> [<a href='mailban.php?userid={$r['userid']}'>MailBan</a>] "; } if ($ir['donatordays'] > 0) { echo " <br /><br /> [<a href='friendslist.php?action=add&ID={$r['userid']}'>Add Friends</a>] <br /><br /> [<a href='blacklist.php?action=add&ID={$r['userid']}'>Add Enemies</a>] <br /> "; } echo " </td> <td> "; if (in_array($ir['user_level'], array(2, 3, 5))) { $r['lastiph'] = @gethostbyaddr($r['lastip']); $r['lastiph'] = checkblank($r['lastiph']); $r['lastip_loginh'] = @gethostbyaddr($r['lastip_login']); $r['lastip_loginh'] = checkblank($r['lastip_loginh']); $r['lastip_signuph'] = @gethostbyaddr($r['lastip_signup']); $r['lastip_signuph'] = checkblank($r['lastip_signuph']); echo " <h3>Internet Info</h3> <table width='100%' border='0' cellspacing='1' class='table'> <tr> <td></td> <td class='h'>IP</td> <td class='h'>Hostname</td> </tr> <tr> <td class='h'>Last Hit</td> <td>$r[lastip]</td> <td>$r[lastiph]</td> </tr> <tr> <td class='h'>Last Login</td> <td>$r[lastip_login]</td> <td>$r[lastip_loginh]</td> </tr> <tr> <td class='h'>Signup</td> <td>$r[lastip_signup]</td> <td>$r[lastip_signuph]</td> </tr> </table> <form action='staffnotes.php' method='post'> Staff Notes: <br /> <textarea rows=7 cols=40 name='staffnotes'>" . htmlentities($r['staffnotes'], ENT_QUOTES, 'ISO-8859-1') . "</textarea> <br /> <input type='hidden' name='ID' value='{$_GET['u']}' /> <input type='submit' value='Change' /> </form> "; } echo ' </tr> </table> '; } } function checkblank($in) { if (!$in) { return "N/A"; } return $in; } $h->endpage();   (http://pastebin.com/u4raZsn5)
  4. But there is multiple houses which people own...
  5. Imagine, I wanted to delete every houses in the game? However, I have members who own houses. So I want every house to be deleted and give back the money of each houses the users bought...?
  6. How would I re-write this to be more secure? Someone told me this line is now secure.   echo'<script>!window.jQuery && document.write(\'<script src="http://code.jquery.com/jquery-1.4.2.min.js"><\/script>\');</script>';   UPDATE - No worries :)
  7. Wow game looks great mate! However the polling area is a bit messed.
  8. Hey I saw this in another game. I need help coding this. Please can somoene help me out? [ATTACH=CONFIG]1762[/ATTACH]
  9. Hey thanks Magictallguy! But I have a problem? All it shows is Hospital and Pages: 0 nothing else
  10. Thanks for this Sniko! However I want to add all the money in one total and all the mugs in another total. As now its on different columns. I tried this -   $total_money = $arrResults['total_mugged'] + $arrResults['total_mugged']; $total_mugs = $arrResults['total_mugs'] + $arrResults['total_mugs'];   Still does the same thing
  11. [MENTION=70485]G7470[/MENTION] - Thanks man! Just learnt something new :D
  12. I need help. I don't know if it's secure enough? I took me two days to create. If anyone can help me clean it up, I would be grateful!   <?php require('globals.php'); echo "<h3><u>Hospital</u></h3>"; if(!isset($_GET['st'])) { $_GET['st'] = 0; } if(!$_GET['st']) { $_GET['st'] = 0; } $st=abs((int) $_GET['st']); $query = $db->query("SELECT `hospital` FROM `users` WHERE `hospital` > 0"); $members = $db->num_rows($query); $pages = ceil($members / 25); for($i = 1; $i <= $pages; $i++) { $s = ($i-1) * 25; if($s == $st) { echo "Pages: <strong>$i</strong> "; } else { echo "<a href='hospital.php?&st=$s'>$i</a> "; } if($i % 25 == 0) { echo "<br />"; } } echo "<br /><br /> <hr width='50%'>Welcome to the Hospital. Unlucky to be placed here.<br/>Medical Bill: " . money_formatter($ir['hosp_bill']) . "<hr width='50%'><br /> <hr width='85%'><table width='85%' class='table' border='0' cellspacing='1'><tr><th>Name</th><th>Level</th><th>Time</th><th>Reason</th><th>Links</th></tr>"; $q=$db->query("SELECT `u`.*, `c`.* FROM `users` AS `u` LEFT JOIN `clans` AS `c` ON `u`.`clan`=`c`.`clanID` WHERE `u`.`hospital` > 0 ORDER BY `u`.`hospital` DESC LIMIT $st, 25"); while($r=$db->fetch_row($q)) { $time=$r['hospital']; $t4=floor($time/60/24); $t1=floor($time/60) % 24; $t2=$time % 60; if($t2 < 10) { $t3="0".$t2; } else { $t3=$t2; } if($t4) { $t5="$t4 days,"; } else { $t5=""; } if($t1) { $t1="$t1 hours,"; } else { $t1=""; } if($t2 == 1) { $t2="1 minute"; } else { $t2="$t2 minutes"; } echo "\n<tr><td> <a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td><td> {$r['level']}</td><td>$t5 $t1 $t2</td><td>{$r['hospreason']}</td><td><a href='healer.php'>[Hire Healer]</td></tr>"; } if($db->num_rows($q) == 0) { echo "<td colspan='5'>There is no one in hospital!</td>"; } echo "</table><hr width='85%'><br /><hr width='50%'><a href='index.php'>>Go Home</a><hr width='50%'><br />"; $h->endpage(); ?>
  13. The Phantom

    Dear Hybridd

    He just spammed my game? *** dude, i could get 20-30 people to spam your game! Your pissing me off.
  14. Thanks SL! I withdraw my bid, I got a new plan. ps, I don't buy from thief's and dickheads.
  15. I'll buy for £75 message me.
  16. Seems like a cool guy. Doesn't seem booky.
  17. Can someone delete everything I said. We negotiated.
  18. The Social Site! I would love to see new ideas from you.
  19. Paypal Proof - [ATTACH=CONFIG]1312[/ATTACH] Mail Proof - [ATTACH=CONFIG]1313[/ATTACH]   I can also show the messages on MWG.
  20. Razor42 I bought that template of from your for £10. I can show proof. That template is mine. You can not use.
  21. NWE is really secure, but mccodes I like it more as it looks better and the free version is better but mccodes got too many holes.
  22. I'll recomend razor42 to make templates!
  23. Try somethink like this?   if( $ir['energy'] == "0" ) { echo" <table width='90%'><tr><td><p> You dont have any energy for taining <a href='crystaltemple.php?spend=refill'><font color='green'>[Refill Energy]</font></a></p></td></tr></table> <br /> "; } else {
  24. Well, you can use your crystal temple?
  25. I can do that (: All you will need is a SQL and a bit of coding (:
×
×
  • Create New...