stryker

Re: [mccode v2] Crystal Reserve Mod FREE VERSION [/mccode v2] apparently not correctly

Re: [mccode v2] Crystal Reserve Mod FREE VERSION [/mccode v2] ppl need to read the title

Re: How do I use a type function on a normal page? :| ur hopeless

Re: Causes of Looping? take   $connection   and change it too   $c

Re: SQL Injections it's been years since i have done so of course i don't have proof, i don't save everything

Re: SQL Injections depends on the program, the one i use you can't dl anywhere any more

Re: How do I use a type function on a normal page? actually no it does not get parsed. have you tried to post it in a textbox before? did it parse and make the code go through? no if it did then this wouldn't work print "<textarea></textarea>";

Re: SQL Injections   what i was saying there is yes i do have a program and alot of ppl do use it, but they use it for other means but it can be used to steal scripts, it is a web crawler with a link spider i can get links from sites or if i want i can steal the scripts.it will show you everything it runs into on that server.

Re: How do I use a type function on a normal page? arson uses smf but that has nothing to do with the question, he is not asking how to make a forum enclosed page with bb code enabled he s asking how to do it with a normal php page, why are there so many fucking idiots on here? read it before you answer.

Re: How do I use a type function on a normal page? if the text area is inclosed in an echo or print statement then it won't parse

Re: [mccode v2] Crystal Reserve Mod FREE VERSION [/mccode v2] yeah i always forget the delimiter

Re: Why you code? I code because it keeps my mind off of things. It has also came to me very easily. i found after a few weeks it was sometime better than drawing to pass time by, and the as suddenly as i started i made my first script and sold it. After the success of that i decided that coding was way more lucrative then designing and started doing it full time. i don't think i will ever quit as long as there are geeks to create more and more complex langs there will be learning how to use them and to make something new. Gotta do something with the ideas i have, don't want my brain to explode.

bank your crystals, easy install. cbank.php <?php include "globals.php"; print "Crystal Reserve"; if($ir['cbank']>-1) { switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money']>4999999) { print "Congratulations, you bought a crystal reserve account for \$5,000,000! [url='bank.php']Start using my account[/url]"; $db->query("UPDATE users SET money=money-5000000,cbank=0 WHERE userid=$userid"); } else { print "You do not have enough money to open an account. [url='explore.php']Back to town...[/url]"; } } else { print "Open a crystal reserve account today, just \$5,000,000! [url='cbank.php?buy']> Yes, sign me up![/url]"; } } function index() { global $db, $ir,$c,$userid,$h; print "\n[b]You currently have {$ir['cbank']} in the crystal reserve.[/b] At the end of each day, your crystal reserve balance will go up by 2%. </pre> <table width="75%" cellspacing="1">[b]Deposit Crystals[/b] It will cost you 15% of the crystals you deposit, rounded up. The maximum fee is \$3,000. Amount: [b]Withdraw Crystals[/b] There is no fee on withdrawals. Amount: </table>";<br>}<br>function deposit()<br>{<br>global $db,$ir,$c,$userid,$h;<br>$_POST['deposit']=abs((int) $_POST['deposit']);<br>if($_POST['deposit'] > $ir['crystals'])<br>{<br>print "You do not have enough crystals to deposit this amount.";<br>}<br>else<br>{<br>$fee=ceil($_POST['deposit']*15/100);<br>if($fee > 3000) { $fee=3000; }<br>$gain=$_POST['deposit']-$fee;<br>$ir['cbank']+=$gain;<br>$db->query("UPDATE users SET cbank=cbank+$gain, crystals=crystals-{$_POST['deposit']} where userid=$userid");<br>print "You hand over {$_POST['deposit']} to be deposited, <br><br>after the fee is taken ($fee), $gain crystals is added to your crystal reserve account. <br><br>[b]You now have {$ir['cbank']} in the crystal reserve.[/b]<br><br>[url='cbank.php']> Back[/url]";<br>}<br>}<br>function withdraw()<br>{<br>global $db,$ir,$c,$userid,$h;<br>$_POST['withdraw']=abs((int) $_POST['withdraw']);<br>if($_POST['withdraw'] > $ir['cbank'])<br>{<br>print "You do not have enough reserved crystals to withdraw this amount.";<br>}<br>else<br>{<br>$gain=$_POST['withdraw'];<br>$ir['cbank']-=$gain;<br>$db->query("UPDATE users SET cbank=cbank-$gain, crystals=crystals+$gain where userid=$userid");<br>print "You ask to withdraw $gain, <br><br>the crystal reserve automated teller spits out your crystals into a little satchel.<br><br>A robotic arm then picks up the satchel and drops it into your hand.<br><br>You there hear a robotic voice chime<br>- Have a nice day {$ir['username']} -<br><br>[b]You now have {$ir['cbank']} crystals in the crystal reserve.[/b]<br><br>[url='cbank.php']> Back[/url]";<br>}<br>}<br>$h->endpage();<br>?&g   sql ALTER TABLE `users` ADD `cbank` BIGINT(45) NOTNULL -1   +1 if you like it (yes i know it is edited copy of bank) new version to be released soon

Re: Game Completely Hacked/SQL Injection? owner panel has nothing to do with it noob

Re: [mccode] [TGM] Item Sell Logs [TGM] works fine on v2

Re: [TGM] Equip Weapons/Armour [TGM] looks like edited version of 2.0 source

Re: [TGM] Give Item To All Users Admin Function [TGM] simple

Re: Itemsend did you upload it in binary?

Re: Reset ?|?|?|? someone just needs to make a mod that resets every thing to default instead of deleting it

Re: Seanybob's Arcade Mod pm me plz

Re: Day Cron Help ahhh i see what i did i put an underscore in the maxpower ok it all works ty i guess the error was stopping it from doing the cron, never had that prob before

this is the error i am getting   QUERY ERROR: Unknown column 'maxpower' in 'where clause' Query was UPDATE users SET power=power+10 WHERE power   here is my day_cron.php file <?php include "config.php"; global $_CONFIG; if($_GET['code'] != $_CONFIG['code']) { die(""); } define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $db->query("UPDATE fedjail set fed_days=fed_days-1"); $q=$db->query("SELECT * FROM fedjail WHERE fed_days=0"); $ids=array(); while($r=$db->fetch_row($q)) { $ids[]=$r['fed_userid']; } if(count($ids) > 0) { $db->query("UPDATE users SET fedjail=0 WHERE userid IN(".implode(",", $ids).")"); } $db->query("DELETE FROM fedjail WHERE fed_days=0"); $db->query("UPDATE users SET course=0 WHERE cdays=0"); $db->query("TRUNCATE TABLE votes"); $db->query("UPDATE users SET power=power+10 WHERE power$db->query("UPDATE users SET daysingang=daysingang+1 WHERE gang > 0"); $db->query("UPDATE users SET daysold=daysold+1, boxes_opened=0"); $db->query("UPDATE users SET mailban=mailban-1 WHERE mailban > 0"); $db->query("UPDATE users SET donatordays=donatordays-1 WHERE donatordays > 0"); $db->query("UPDATE users SET cdays=cdays-1 WHERE course > 0"); $db->query("UPDATE users SET bankmoney=bankmoney+(bankmoney/50) where bankmoney>0"); $db->query("UPDATE users SET cybermoney=cybermoney+(cybermoney/100*7) where cybermoney>0"); $q=$db->query("SELECT * FROM users WHERE cdays=0 AND course > 0"); while($r=$db->fetch_row($q)) { $cd=$db->query("SELECT * FROM courses WHERE crID={$r['course']}"); $coud=$db->fetch_row($cd); $userid=$r['userid']; $db->query("INSERT INTO coursesdone VALUES({$r['userid']},{$r['course']})"); $upd=""; $ev=""; if($coud['crSTR'] > 0) { $upd.=",us.strength=us.strength+{$coud['crSTR']}"; $ev.=", {$coud['crSTR']} strength"; } if($coud['crGUARD'] > 0) { $upd.=",us.guard=us.guard+{$coud['crGUARD']}"; $ev.=", {$coud['crGUARD']} guard"; } if($coud['crLABOUR'] > 0) { $upd.=",us.labour=us.labour+{$coud['crLABOUR']}"; $ev.=", {$coud['crLABOUR']} labour"; } if($coud['crAGIL'] > 0) { $upd.=",us.agility=us.agility+{$coud['crAGIL']}"; $ev.=", {$coud['crAGIL']} agility"; } if($coud['crIQ'] > 0) { $upd.=",us.IQ=us.IQ+{$coud['crIQ']}"; $ev.=", {$coud['crIQ']} IQ"; } $ev=substr($ev,1); if ($upd) { $db->query("UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET us.userid=us.userid $upd WHERE u.userid=$userid"); } $db->query("INSERT INTO events VALUES('',$userid,unix_timestamp(),0,'Congratulations, you completed the {$coud['crNAME']} and gained $ev!')"); } ?>   it just stopped running / working and yes it is in crontab

Re: A way to protect against sql injection xsishost.com

Re: A way to protect against sql injection maybe so, but when it is off it is a lot easier to write the functions needed to block the exploits

Re: A way to protect against sql injection actually magic quotes should be off, it says is mccode that it needs to be on thats a bunch of bull. here is what i use on my game /*+++++++++++++++++++++++++++++++++++++*/ /* Mod Start */ /*Mod By Twysted of Dynamic-Designz.com*/ /*+++++++++++++++++++++++++++++++++++++*/ //check if incomingData is not empty and of the expected length function checkIncomingData($idata, $minsize, $maxsize) { if ( strlen($idata)<$minsize or strlen($idata)>$maxsize ) { return false; } else { return true; } } //make sure that nothing bad can be entered by the user (-->sql injection attack) function cleanIncomingData($idata) { $cleaned = trim($idata); $cleaned = mysql_real_escape_string($cleaned); return $cleaned; } /*+++++++++++++++++++++++++++++++++++++*/ /* Mod Ended */ /*Mod By Twysted of Dynamic-Designz.com*/ /*+++++++++++++++++++++++++++++++++++++*/