Legaci

this game was made from RIPcitylive scripts that was leaked had many errors with it so you done well to fix them :)

<?php include "globals.php"; echo "<center>"; if($_GET['action']) { if(!in_array($_GET['action'], array('remove','add'))) { echo "Invalid action!<br/> <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } } $_GET['XID'] = isset($_GET['XID']); switch($_GET['action']) { case 'remove' : remove(); break; case 'add' : add(); break; default : display(); break; } function display() { global $ir, $h, $db, $query; echo "<center><h1>Display Case</h1>"; $_GET['XID'] = abs(intval($_GET['XID'])); if(!$_GET['XID']) { echo "Invalid ID <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { $query = array(); $db->query("SELECT `display_case` FROM `users` WHERE `userid` = '".mysql_real_escape_string($_GET['XID'])."' AND `display_case` = 'yes'"); if(!$db->num_rows($plys)) { echo "Sorry, This user does not have a display case! <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { if($_GET['ID'] == $ir['userid']) { echo "<b>><a href='display.php?action=add'>Add items</a> | ><a href='display.php?action=remove'>Remove items</a></b><hr width = '750px'/>"; } $py = array(); $py = $db->fetch_row($plys); $query = array(); $db->query("SELECT * FROM `player_display_items` pdi LEFT JOIN `inventory` i ON pdi.pdi_itemid = i.inv_id WHERE pdi.pdi_playerid = '".mysql_real_escape_string($_GET['ID'])."' ORDER BY i.inv_id ASC"); echo "<table width = '100%' cellspacing='1'><tr>"; if(!$db->num_rows($thishop)) { echo "<tr><td align = 'center'>This person does not have any items in their display case.</td></tr></table>"; } else { $ts = array(); $num = 0; while($ts = $db->fetch_row($thishop)) { $num++; echo "<td align = 'center'><b>",htmlentities($ts['item_name']),"</b> (x ".number_format($ts['pdi_qty']).") <a href='iinfo.php?ID=".$ts['item_id']."'><img src='images/items/".$ts['item_picture']."' border='1'></a></td>"; if($num == 3) { echo "</tr><tr>"; $num=0; } } echo "</table>"; } } } } function add() { echo "<center><h1>Add items to your display</h1><hr />"; global $ir,$h, $db, $m, $user, $itemid, $qty; $query = array(); $db->query("SELECT `display_case` FROM `users` WHERE `userid` = '".mysql_real_escape_string($ir['userid'])."' AND `display_case` = 'yes'"); if(!$db->num_rows($myshop)) { echo "<table>Error, You dont own a display case to add items to!<br/> <hr width='750px'>><a href=\"javascript:history.back();\">Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } if(!$_POST['add']) { $query = array(); $db->query("SELECT * FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_userid = '".$ir['userid']."'"); $le = array(); echo "<table width = '750px' class = 'rounded'><tr><td align = 'center'> <table width = '100%'><tr bgcolor = #999999 style = 'font-weight:800;'><td>Item</td><td>Qty</td><td>Add</td> </tr>"; $num=0; while($le = $db->fetch_row($listem)) { echo "<form action = 'display.php?action=add' method = 'post'> <tr bgcolor = $color> <td align = 'left'>".htmlentities($le['itmname'])."</td> <td align = 'left'>".number_format($le['inv_qty'])."</td> <td align = 'right'><input type = 'text' name = 'qty' value = ''> <input type = 'hidden' name = 'item' value = '".$le['inv_id']."'> <input type = 'submit' name = 'add' value = 'Add'></td></tr></form>"; } echo "</table></td></tr></table>"; } else { $_POST['inv_id'] = abs(intval($_POST['inv_id'])); $_POST['inv_qty'] = abs(intval($_POST['inv_qty'])); if(!$_POST['item'] || !$_POST['qty']) { echo "<table>Error, Please go back and fill the form in correctly!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } $db->query("SELECT FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_id = '".$_POST['item']."' AND mi.inv_userid = '".$ir['userid']."'"); if(!$db->num_rows($mine)) { echo "<table>Error, Invalid item!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr></table>"; $h->endpage(); exit(); } $m = array(); $m = $db->fetch_row($mine); if($_POST['qty'] > $m['inv_qty']) { echo "<table>Error, you dont have that many!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } if($_POST['item'] && $_POST['qty'] && $_POST['add'] != 'Confirm') { echo "<table>Are you sure you wish to add ".number_format($_POST['qty'])." <b>".htmlentities($m['itmname'])."(s)</b> to your display?<br/> <form action = 'display.php?action=add' method = 'post'> <input type = 'hidden' name = 'item' value = '".$_POST['item']."'> <input type = 'hidden' name = 'qty' value = '".$_POST['qty']."'> <input type = 'submit' name = 'add' value = 'Confirm'> </form></table>"; } else { if($_POST['item'] && $_POST['qty'] && $_POST['add'] == 'Confirm') { $query = array(); $db->query("SELECT * FROM `player_display_items` WHERE `pdi_itemid` = '".($ir['item_id'])."' AND `pdi_playerid` = '".($ir['userid'])."'"); if(!$db->num_rows($alin)) { $query = array(); $db->query("INSERT INTO `player_display_items` VALUES ('NULL', '".($ir['userid'])."', '".($ir['item_id'])."', '".($_POST['qty'])."')"); } else { $query = array(); $db->query("UPDATE `player_display_items` SET `pdi_qty` = `pdi_qty` + '".mysql_real_escape_string($_POST['qty'])."' WHERE `pdi_id` = '".mysql_real_escape_string($ai['pdi_id'])."'"); } item_remove($ir['inv_userid'], i.itmid, $m['qty']); echo "Items added successfully! <hr width='750px'>><a href='display.php?action=add'>Okay</a><hr width='750px'>"; $h->endpage(); exit(); } } } }   QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM `inventory` mi LEFT JOIN `items` i ON mi.' at line 2 Query was SELECT FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_id = '2' AND mi.inv_userid = '1'   i get this error when i finally add it to the display

its a mod i am building

QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Query was SELECT * FROM inventory WHERE inv_userid=1 AND inv_itemid= this is all it tells me is this because of item_remove($ir['userid'], $r['inv_itemid'], $qty); or this   if(!$_POST['add']) { $query = array(); $db->query("SELECT * FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_userid = '".$ir['userid']."'"); $le = array(); echo "<table width = '750px' class = 'rounded'><tr><td align = 'center'> <table width = '100%'><tr bgcolor = #999999 style = 'font-weight:800;'><td>Item</td><td>Qty</td><td>Add</td> </tr>"; $num=0;   or could it be global_func.php

the mres was already there and that passed my mind mainly getting it to work with V2 and was somewhat secure was the priority but thanks you helped QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Query was SELECT * FROM inventory WHERE inv_userid=1 AND inv_itemid= this is all it tells me is this because of item_remove($ir['userid'], $r['inv_itemid'], $qty); or this   if(!$_POST['add']) { $query = array(); $db->query("SELECT * FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_userid = '".$ir['userid']."'"); $le = array(); echo "<table width = '750px' class = 'rounded'><tr><td align = 'center'> <table width = '100%'><tr bgcolor = #999999 style = 'font-weight:800;'><td>Item</td><td>Qty</td><td>Add</td> </tr>"; $num=0;   or could it be global_func.php

ive almost finished my mod i havent coded this myself i have been converting it to V2 so all the codes i am not familiar with i am almost successful i have taken out the mres

what should the if()s be

if(!$_POST['add']) { $query = array(); $db->query("SELECT * FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_userid = '".mysql_real_escape_string($ir['userid'])."'"); $le = array(); echo "<table width = '750px' class = 'rounded'><tr><td align = 'center'> <table width = '100%'><tr bgcolor = #999999 style = 'font-weight:800;'><td>Item</td><td>Qty</td><td>Add</td> </tr>"; $num=0; while($le = $db->fetch_row($listem)) { echo "<form action = 'display.php?action=add' method = 'post'> <tr bgcolor = $color> <td align = 'left'>".htmlentities($le['itmname'])."</td> <td align = 'left'>".number_format($le['inv_qty'])."</td> <td align = 'right'><input type = 'text' name = 'qty' value = ''> <input type = 'hidden' name = 'item' value = '".$le['inv_id']."'> <input type = 'submit' name = 'add' value = 'Add'></td></tr></form>"; } echo "</table></td></tr></table>"; } else { $_POST['inv_id'] = abs(intval($_POST['inv_id'])); $_POST['inv_qty'] = abs(intval($_POST['inv_qty'])); if(!$_POST['inv_id'] || !$_POST['inv_qty']) { echo "Error, Please go back and fill the form in correctly!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr width='750px'>"; $h->endpage(); exit();   it tells me Error, Please go back and fill the form in correctly! im trying to make it secure this is why i am having problems with it help would be awesome thank you

thats what i thought ok thank you for your help

no it now calls an invalid ID

function display() { global $ir, $h; echo "<center><main>Display Case</main><hr width = '750px'>"; $_GET['XID'] = abs(intval($_GET['XID'])); if(!$_GET['XID']) { echo "Invalid ID <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { $query = array(); $db->query("SELECT `display_case` FROM `users_extra` WHERE `playerid` = '".mysql_real_escape_string($_GET['XID'])."' AND `display_case` = 'yes'"); $plys = array(); $plys = $db->query($q_ry); if(!$db->num_rows($plys)) { echo "Sorry, This user does not have a display case!<br/> <hr width='750px'>><a href=\"javascript:history.back();\">Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { if($_GET['XID'] == $ir['userid']) { echo "<b>><a href='display.php?action=add'>Add items</a> | ><a href='display.php?action=remove'>Remove items</a></b><hr width = '750px'/>"; } $py = array(); $py = $db->fetch_row($plys); $query = array(); $db->query("SELECT * FROM `player_display_items` pdi LEFT JOIN `items` i ON pdi.pdi_itemid = i.item_id WHERE pdi.pdi_playerid = '".mysql_real_escape_string($_GET['XID'])."' ORDER BY i.item_class ASC"); $thishop = array(); $thishop = $db->query($q_ry); echo "<table width = '100%' cellspacing='1'><tr>"; if(!$db->num_rows($thishop)) { echo "<tr><td align = 'center'>This person does not have any items in their display case.</td></tr></table>"; } else { $ts = array(); $num = 0; while($ts = $db->fetch_row($thishop)) { $num++; echo "<td align = 'center'><b>",htmlentities($ts['item_name']),"</b><br/> (x ".number_format($ts['pdi_qty']).")<br/> <a href='iinfo.php?XID=".$ts['item_id']."'><img src='images/items/".$ts['item_picture']."' border='1'></a></td>"; if($num == 3) { echo "</tr><tr>"; $num=0; } } echo "</table>"; } } } }   ok so here it is

Fatal error: Call to a member function endpage() on a non-object in /home/bravelan/public_html/display.php on line 38   function display() { global $ir; echo "<center><main>Display Case</main><hr width = '750px'>"; $_GET['XID'] = abs(intval($_GET['XID'])); if(!$_GET['XID']) { echo "Invalid ID<br/> <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit();   if i remove the $h->endpage(); exit();   it calls an invalid ID   fixing solutions would be greatful thank you ???

turns out is wasnt a Db query i was looking at it and new that wasnt correct so here is my resolved problem   function get_rank($stat, $mykey) { global $ir,$userid,$c; $q=mysql_query("SELECT count(*) FROM userstats us LEFT JOIN users u ON us.userid=u.userid WHERE us.$mykey > $stat AND us.userid != $userid AND u.user_level != 0", $c) ; return mysql_result($q,0,0)+1; }   Thanks for the help

$dbh is in global is just an alteration to $db

i removed to = but still the same problem is arising

function get_rank($stat, $mykey) { global $db; global $ir,$userid,$c; $q=$dbh->query("SELECT count(*) FROM userstats us LEFT JOIN users u ON us.userid=u.userid WHERE us.=? > ? AND us.userid != ? AND u.user_level != 0", $mykey, $stat, $userid) ; return $db->fetch_single($q)+1; }   this is the function

where is the variable

$q=$dbh->query("SELECT count(*) FROM userstats us LEFT JOIN users u ON us.userid=u.userid WHERE us.=? > ? AND us.userid != ? AND u.user_level != 0", $mykey, $stat, $userid) ; return $db->fetch_single($q)+1;   there is an error with this this is the message Fatal error: Call to a member function query() on a non-object in /home/bravelan/public_html/global_func.php on line 285

i fixed it i found the error ;)

ive looked at this code for over an hour and i am not seeing anything wrong with this spent a good few hours building this mod :/ Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/bravelan/public_html/clottery.php on line 28   } if($_GET['a'] == buy) { if($ir['crystals'] < 25) { die("You don't have enough crystals"); }$tick = 1; $tickq = $db->query("SELECT * FROM `clottery` WHERE `userid` = '$ir['userid']'"); if($db->num_rows($tickq) > $tick) { die('You can only purchase ' .$tick. ' tickets maximum'); } echo' You purchased a Crystal lottery ticket';   thanks to you that help!!!

RC is turning bad with bad updates and lack of player interests updates are made from the minority of players that have interest in certian areas

Not what he says

hahaha actually you will be gone martin simmons designed it and you stole his codes from ruthlesscity to bad you have been reported already not by me to webmaster good luck everyone can code a simply menu thats all this is

what codes are you on about i have built it my self who are you

i fully designed this from scratch with nothing but the old mainmenu.php