Twisted

issue has been fixed many help for the advice 🙂

Hello all, I wanted to write this forum for someone who helped me with my issue with gangs on my game support form it was "QUERY ERROR: Query was SELECT * FROM gangwars where warID=", for days people have been trying to help with every bit of advice but still the same error happened, I was on this error for 3 weeks while my players was nice enough to not war until it was fixed. Today it has now been fixed and even improved by one person Uridium, who spent the last few days with me trying to figure it out, multiple replacements of .php files, endless testing, to the point we was both nearly beat, till he found the one line that caused an issue the code was the wrong way around. 1 line nearly had us beat so for anyone who gets this issue with their code this maybe the reason why, and I thank Uridium for all the help the last few days, a legend in my eyes. @Uridium

function gang_staff_surrender() { global $db,$ir,$c,$userid,$gangdata; if(!isset($_POST['subm'])) { print "<form action='yourgang.php?action=staff&act2=surrender' method='post'> Choose who to surrender to.<br /> <input type='hidden' name='subm' value='submit' /> Gang: <select name='war' type='dropdown'>"; $wq=$db->query("SELECT * FROM gangwars where warDECLARER={$ir['gang']} or warDECLARED={$ir['gang']}"); while($r=$db->fetch_row($wq)) { if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $d=date('F j, Y, g:i:s a',$r['warTIME']); $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); print "<option value='{$r['warID']}'>{$them['gangNAME']}</option>"; } print "</select><br /> Message: <input type='text' STYLE='color: black; background-color: white;'name='msg' /><br /> <input type='submit' STYLE='color: black; background-color: white;'value='Surrender' /></form>"; } else { $_POST['war'] = abs((int) $_POST['war']); $wq=$db->query("SELECT * FROM gangwars where warID={$_POST['war']}"); $r=$db->fetch_row($wq); if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $db->query("INSERT INTO surrenders VALUES('',{$_POST['war']},{$ir['gang']},".$r[$f].",'{$_POST['msg']}')"); $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); $event=str_replace("'","''","<a href='gangs.php?action=view&ID={$ir['gang']}'>{$gangdata['gangNAME']}</a> have asked to surrender the war against <a href='gangs.php?action=view&ID={$them['gangID']}'>{$them['gangNAME']}</a>"); $db->query("INSERT INTO gangevents VALUES('',{$ir['gang']},unix_timestamp(),'$event') , ('',".$r[$f].",unix_timestamp(),'$event')"); print "You have asked to surrender."; } } function gang_staff_viewsurrenders() { global $db,$ir,$c,$userid,$gangdata; if(!isset($_POST['subm'])) { print "<form action='yourgang.php?action=staff&act2=viewsurrenders' method='post'> Choose who to accept the surrender from.<br /> <input type='hidden' name='subm' value='submit' /> Gang: <select name='sur' type='dropdown'>"; $wq=$db->query("SELECT s.*,w.* FROM surrenders s LEFT JOIN gangwars w ON s.surWAR=w.warID WHERE surTO={$ir['gang']}"); while($r=$db->fetch_row($wq)) { if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); print "<option value='{$r['surID']}'>War vs. {$them['gangNAME']} (Msg: {$r['surMSG']})</option>"; } print "</select><br /><input type='submit' STYLE='color: black; background-color: white;'value='Accept Surrender' /></form>"; } else { $_POST['sur'] = abs((int) $_POST['sur']); $q=$db->query("SELECT surWAR FROM surrenders WHERE surID={$_POST['sur']}"); list($_POST['war']) = $db->fetch_row($q); $wq=$db->query("SELECT * FROM gangwars where warID={$_POST['war']}"); $r=$db->fetch_row($wq); if($gangdata['gangID'] == $r['warDECLARER']) { $w="You";$f="warDECLARED"; } else { $w="Them";$f="warDECLARER"; } $db->query("DELETE FROM surrenders WHERE surID={$_POST['sur']}"); $db->query("DELETE FROM gangwars WHERE warID={$_POST['war']}"); $ggq=$db->query("SELECT * FROM gangs WHERE gangID=".$r[$f]); $them=$db->fetch_row($ggq); $event=str_replace("'","''","<a href='gangs.php?action=view&ID={$ir['gang']}'>{$gangdata['gangNAME']}</a> have accepted the surrender from <a href='gangs.php?action=view&ID={$them['gangID']}'>{$them['gangNAME']}</a>, the war is over!"); $db->query("INSERT INTO gangevents VALUES('',{$ir['gang']},unix_timestamp(),'$event') , ('',".$r[$f].",unix_timestamp(),'$event')"); print "You have accepted surrender, the war is over."; } } @Veramis

Im new to coding and slowly learning to me everything looks alright is there anyway of showing you? maybe youll pick something up I wont?

Yes im running MC Codes v2, nothing has been changed to date and yes both gangs are created in game, the war is there, it works, someone can request for surrenders but the other gang cannot accept them

Hello, I've wrapped my head around this many times trying to figure out the issue, its to do with gang wars, now gangs can ask for a surrender but the other gangs cant accept them did anyone ever had this issue or know what i need to do? Many thanks

im confused what is missing

<?php /** * MCCodes Version 2.0.5b * Copyright (C) 2005-2012 Dabomstew * All rights reserved. * * Redistribution of this code in any form is prohibited, except in * the specific cases set out in the MCCodes Customer License. * * This code license may be used to run one (1) game. * A game is defined as the set of users and other game database data, * so you are permitted to create alternative clients for your game. * * If you did not obtain this code from MCCodes.com, you are in all likelihood * using it illegally. Please contact MCCodes to discuss licensing options * in this case. * * File: login.php * Signature: 4a7c1670deb7175782714a27e72bfc16 * Date: Fri, 20 Apr 12 08:50:30 +0000 */ require_once('globals_nonauth.php'); $login_csrf = request_csrf_code('login'); print <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>{$set['game_name']}</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <script type="text/javascript" src="js/login.js"></script> <link href="css/login.css" type="text/css" rel="stylesheet" /> </head> <body onload="getme();"> <center> <table width="970" border="0" cellpadding="0" cellspacing="0" class="table2"> <tr> <td class="lgrad"></td> <td class="center"><img src="title.jpg" alt="Mccodes Version 2" /><br /> <!-- Begin Main Content --> EOF; $IP = str_replace(array('/', '\\', '\0'), '', $_SERVER['REMOTE_ADDR']); if (file_exists('ipbans/' . $IP)) { die( "<span style='font-weight: bold; color:red;'> Your IP has been banned, there is no way around this. </span></body></html>

the reason why you signed in was because i went back to my old scripts it was the new one i needed to try and fix :)

Found it function request_csrf_code($formid) { // Generate the token $token = md5(mt_rand()); // Insert/Update it $issue_time = time(); $_SESSION["csrf_{$formid}"] = array('token' => $token, 'issued' => $issue_time); return $token; } /** * Request that an anti-CSRF verification code be issued for a particular form in the game, and return the HTML to be placed in the form. * @param string $formid A unique string used to identify this form to match up its submission with the right token. * @return string The HTML for the code issued to be added to the form. */ function request_csrf_html($formid) { return "<input type='hidden' name='verf' value='" . request_csrf_code($formid) . "' />"; } /** * Check the CSRF code we received against the one that was registered for the form - return false if the request shouldn't be processed... * @param string $formid A unique string used to identify this form to match up its submission with the right token. * @param string $code The code the user's form input returned. * @return boolean Whether the user provided a valid code or not */ function verify_csrf_code($formid, $code) { // Lookup the token entry // Is there a token in existence? if (!isset($_SESSION["csrf_{$formid}"]) || !is_array($_SESSION["csrf_{$formid}"])) { // Obviously verification fails return false; } else { // From here on out we always want to remove the token when we're done - so don't return immediately $verified = false; $token = $_SESSION["csrf_{$formid}"]; // Expiry time on a form? $expiry = 900; // hacky lol if ($token['issued'] + $expiry > time()) { // It's ok, check the contents $verified = ($token['token'] === $code); } // don't need an else case - verified = false // Remove the token before finishing unset($_SESSION["csrf_{$formid}"]); return $verified; } } hopefully thats what you need

sorry for the late reply i just got back on here is the issue as far as i can see with a picture showing what happens require_once('globals_nonauth.php'); // Check CSRF input if (!isset($_POST['verf']) || !verify_csrf_code('login', stripslashes($_POST['verf']))) { die( "<h3>{$set['game_name']} Error</h3> Your request has expired for security reasons! Please try again.<br /> <a href='login.php'>> Back</a>"); } // Check username and password input $username = (array_key_exists('username', $_POST) && is_string($_POST['username'])) ? $_POST['username'] : ''; $password = (array_key_exists('password', $_POST) && is_string($_POST['password'])) ? $_POST['password'] : ''; if (empty($username) || empty($password)) { die(

damnnnnnn im partial to MCC just personal preference really, issue being I had ravan mafia script and I had to take it down as I recently found out its illegal

Hey all, Just brought the script and ive been having an issue with the authenticate.php, ive looked into the forums to try and find a fix with no luck, im new to coding and would like to get this working properly due to i prefer google chrome then microsoft edge. Any help ill appreciate it