Aqua

Well i am making a VERY different, unique, game. But i am having some troubles with the following, the error message is;   Warning: extract(): First argument should be an array in /home/Hitman_Legacy/public_html/showmissions.php on line 16   Some of my code;   <?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; $sql = "SELECT username,title,Mission1,Mission2,Mission3,Mission4,Mission5,Mission6,Mission7,Mission8,Mission9,Mission10,Mission11,Mission12,Mission13,Mission14,Mission15,Mission16,Mission17,Mission18,Mission19,Mission20,Mission21,Mission22,Mission23,Mission24,Mission25,Mission26,Mission27,Mission28,Mission29,Mission30,submitedby,dateadded,membersnon,difficulty,reward,itemsneeded,startlocation,description,requirements FROM questguides WHERE title='$_POST[ftitle]'"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result); [b]extract($row);[/b] if ($title == "") { include("viewmissions.php"); } else { include("http://www.*****"); echo"This mission was submited by [b]$submitedby[/b]. It was added to the database by [b]$username[/b] on $dateadded <font size='+1'>[b]$title[/b]</font>"; include("http://www.*****"); } ?>   Can someone please explain the actual function of extract, i know it sort of, but need a specific explanation. And give some examples if possible :p PS: The code was done in a few minutes, it is not yet functional. ¬LK

Re: Mysql/PHP problem Well thank you for re-assuring me that list() function works good for this exact situation.   Thank you Floydian... :)

Re: Error!! Did you set up the database correctly, try double checking. When i installed the NEAB i had numerous troubles with the actuall database;   I would assume you made an error in your DB, so re-check it ;)

Re: who likes mccodes? Well if you think about it, half of the members of CE would not be here if it wasnt for Dabomstew and Colblooded. DBS/MC Code is very poorly coded, has many bugs and errors, however it is a base start up code, and i think we all agree that most of us would use a MC code to start up a new game. MC Codes is very easy to edit, it is not complex hence why i think many use it for their projects. There is no proof that Dabomstew and Coldblooded actually did make DBS codes from scratch, afterall they claimed copyright which they did not ever have. I personally think MC Codes is a decent set of scripts for the price we are buying it, other big scripts will cost way more. For around $100 dollarsa MC codes is totally worth the buy, however i kind of dislike the codes more because of the management of them, Dabomstew and Coldblooded could not make it worse, anybody can porbably get some MC Scripts very easily for free. Anyway i guess the question is more about the codes than the actuall personal issues i myself have with Dabomstew and ColdBlooded. Personally i prefer the V1 version, easy to costumize in the way you would like it, i would much rather use MC V1 as a base for coding an original game. Some stuff i like about MC Codes; It is a great script to work on and develop, it is more of a learning project than anything to be honest MC/DBS Codes is a great 'Base Code' to have, it functions, and is very easily changes and costumized therefor you can change the subjects/topics/purposes of the game It is worth the money, it is fully functional, and it is a bargain considering the price. Afterall many other game engines developed by serious companies will cost thousands   I always will think MC/DBS codes has shit coding within it, but for the price it was selling at, i do think it was worth to buy it. Especially if you are learning to code, I do respect MC/DBS codes, because i learnt PHP mainly through it, the actuall engine inspired me to go on and learn, and i would like to think i am a decent programmer now. I prefer V1 to V2, as i said V1 is much easily more costumized, and i believe it has more potentiol. Overall Opinion of mine would be that MC codes is decent for the price they were selling at, decent code to start learning PHP/SQL from. It has alot of bugs and needs to be devloped alot, totally different so the players have some new concepts, but it does have potentiol... So i guess i do like it in a way... *I think whatever i said above makes sense :-P ¬LK

Re: WWI USA-18 Germany-19 Russia-16 Great Britan-33 France-14

Re: Which Programming Language are You? Brilliant :)

It seems i can run the following query on mySQL but i am struggling to get it to work with the PHP. I am not recieving any error message as such, but my results = 'Resource id #4'   $TimeDiff = "SELECT TIMEDIFF('2007-11-17 17:10:19','2007-11-17 17:07:05')"; $DownTime = mysql_query($TimeDiff) or die (mysql_error());   I think I need a mysql_fetch, but I am not sure what to use since this query is not coming from a table, any help on this guys. Maybe some other function could help. For example list() , would work in theory. Well i hope you guys can help. Thanks in advance, ¬LK

Re: [$10] Pub Mod What the hell are you guys talking about... Why would a sell a free mod, and add a shoutbox :roll: I can assure you this is my own work, nothing to do with genocide at all, and spooky get your facts right because if you dont know the majority of the things regarding this modification i suggest you dont make any assumptions. And Zaver, why would i resell someone elses work, i am more than capeable of doing this by myself. Please dont queastion my authority, i do not use free mods, or resell, i wish to maintain my status. Also dont you think, Suggests that i am trustworthy... Think about this logically, if this was a quick cash scheme, that i havent put any effort at all in, then why would i risk loosing my 'Site management' and 'Coders' Status, and even moreimportantly why would i only sell to whom i think will not steal/resell the codes. It comes to my mind that the people making accusations arent the best of people either, after all you are being showing signs of prejudice, basically making assumptions that i am a Modification Thief, although i could not care more. To whom i do respect, i assure you it is my %100 coding :wink: ¬LK

Re: [$10] Pub Mod I do not have any screenshots, as i currently dont have a game that would be online. Anyway i will try getting a free hosting in the next few days and will upload some screenshots of this specific modification :) And thank you Vorlen, the modification is quite cheap when you look at some of the other features coders are making and selling. And yet my modification is quite effective and adds some fun to the game, pretty much depends on the theme though :p ¬LK

Re: Club Members Yes big price for something not that complex. It is basically a generic Donator Pack :wink: Also it seems you let the members access a few staff functions. SO not very hard to code is it, so $40 is a hefty price. Also a queastion, to see how well thought out this is, when you make your own city do you control the shops prices etc... ? Anyway, hope you decrease the price, will seem more apealing. ¬LK

I have made a Pub Mod. Basically it is a feature where you can buy a drink, to reffil your happy and chat amongst other people in the Pub. Hope there is a decent ammount intrest in this. Also this is my first mod that i have made to sell. Features : 'Buy a drink' 'Chat' This Modification works on both Internet Explorer and Firefox. Contact me for more info. Also please note, i only sell my modifications to whom do not have a bad record on CE, those that are known to trade mods will be ignored. Also i only sell a few copies of the code, so if you are intrested PM me. Copies Left: 5 ¬LK

Well this is a Points/Merits exchange system me and a friend made by editing it from a stats developer a friend found.   <?php /*----------------------------------------------------- -- Created by [email][email protected][/email] 2007 -- Edited by Legend-Killer and a friend -- moneytemple.php-- -- Make sure to add the link to your menu in 'explore.php' -----------------------------------------------------*/ session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); if(!$_GET['spend']) { print "<table border=0 cellspacing=2 cellpadding=2 align=left width=12%><tr width=35%> [b]</tr>[/b] <tr><td></td></tr></table> <table border=0 cellspacing=1 cellpadding=1 align=left width=35%> <center><h3>Points Exchange</h3> <tr><td>[url='pointsexchange.php?spend=level']+1 Brave[/url] - 5 Points</a></td></tr> <tr><td>[url='pointsexchange.php?spend=strength']Strength Boost (250*Level)[/url] - 15 Points</a></td></tr> <tr><td>[url='pointsexchange.php?spend=agility']Agility Boost (250*Level)[/url] - 15 Points</a></td></tr> <tr><td>[url='pointsexchange.php?spend=labour']Labour Boost (250*Level)[/url] - 15 Points</a></td></tr> <tr><td>[url='pointsexchange.php?spend=iq']IQ Boost (50*Level)[/url] - 20 Points</a></td></tr> <tr><td>[url='pointsexchange.php?spend=ex']Exp Bar[/url] - 20 Points (coming soon)</a></td></tr> <table border=0 cellspacing=2 cellpadding=2 align=left width=1%><tr width=5%> [b]</tr>[/b] </center> <tr><td></td></tr></table> <table border=0 cellspacing=2 cellpadding=2 align=left width=35%> <h3></h3> <tr><td>[url='moneytemple.php?spend=will'][/url]</a></td></tr> <tr><td>[url='moneytemple.php?spend=refill'][/url] </a></td></tr> <tr><td>[url='moneytemple.php?spend=brave'][/url]</a></td></tr> <tr><td>[url='moneytemple.php?spend=health'][/url]</a></td></tr> </table> <center> <h3></h3> [url='moneytemple.php?spend=special'][/url]</a> [url='moneytemple.php?spend=special2'][/url]</a> [url='moneytemple.php?spend=special3'][/url]</a> </center> "; } else { if($_GET['spend'] == 'refill') { if($ir['money'] <30000) { print "You don't have enough money!"; } else if($ir['energy'] == $ir['maxenergy']) { print "You already have full energy."; } else { mysql_query("UPDATE users SET energy=maxenergy,money=money-30000 WHERE userid=$userid",$c); print "You have paid $30,000 to refill your energy bar."; } } else if($_GET['spend'] == 'will') { if($ir['money'] <250000) { print "You don't have enough money!"; } else if($ir['will'] == $ir['maxwill']) { print "You already have full will."; } else { mysql_query("UPDATE users SET will=maxwill,money=money-250000 WHERE userid=$userid",$c); print "You have paid $250,000 to refill your will."; } } else if($_GET['spend'] == 'brave') { if($ir['money'] <20000) { print "You don't have enough money!"; } else if($ir['brave'] == $ir['maxbrave']) { print "You already have full brave."; } else { mysql_query("UPDATE users SET brave=maxbrave,money=money-20000 WHERE userid=$userid",$c); print "You have paid $30,000 to refill your brave."; } } else if($_GET['spend'] == 'level') { if($ir['points'] <10) { print "You do not have enough points to use this feature!"; } else { mysql_query("UPDATE users SET brave=brave+1,maxbrave=maxbrave+1,points=points-10 WHERE userid=$userid",$c); print "You have paid 10 Points to to increase your Brave Bar by one.."; } } else if($_GET['spend'] == 'exp') { if($ir['money'] <25000) { print "You don't have enough money!"; } else { mysql_query("UPDATE users SET exp=exp+999,money=money-25000 WHERE userid=$userid",$c); print "You have paid $25,000 for exp points."; } } else if($_GET['spend'] == 'strength') { if($ir['points'] <15) { print "You do not have enough points to use this feature!"; } else { mysql_query("UPDATE userstats SET strength=strength+(250*{$ir['level']}) Where userid=$userid",$c); mysql_query("UPDATE users SET points=points-15 WHERE userid=$userid",$c); print "You have paid 15 points to become stronger."; } } else if($_GET['spend'] == 'agility') { if($ir['points'] <15) { print "You do not have enough points to use this feature!"; } else { mysql_query("UPDATE userstats SET agility=agility+(250*{$ir['level']}) Where userid=$userid",$c); mysql_query("UPDATE users SET points=points-15 WHERE userid=$userid",$c); print "You have paid 15 Points to gain some agility."; } } else if($_GET['spend'] == 'guard') { if($ir['points'] <15) { print "You do not have enough points to use this feature!"; } else { mysql_query("UPDATE userstats SET guard=guard+(250*{$ir['level']}) Where userid=$userid",$c); mysql_query("UPDATE users SET points=points-15 WHERE userid=$userid",$c); print "You have paid 15 Points, and gained some guard!"; } } else if($_GET['spend'] == 'labour') { if($ir['points'] <15) { print "You do not have enough points to use this feature!"; } else { mysql_query("UPDATE userstats SET labour=labour+(250*{$ir['level']}) Where userid=$userid",$c); mysql_query("UPDATE users SET points=points-15HERE userid=$userid",$c); print "You have paid 15 Points and gained some labour."; } } else if($_GET['spend'] == 'iq') { if($ir['points'] <20) { print "You don't have enough money!"; } else { mysql_query("UPDATE userstats SET IQ=IQ+(50*{$ir['level']}) Where userid=$userid",$c); mysql_query("UPDATE users SET points=points-20 WHERE userid=$userid",$c); print "You have paid 20 Points for some brain power."; } } else if($_GET['spend'] == 'special') { if($ir['money'] <5000000) { print "You don't have enough money!"; } else { $slip = rand(10,900); $slip2 = rand(3000000,4999999); mysql_query("UPDATE users SET crystals=crystals+$slip WHERE userid=$userid",$c); mysql_query("UPDATE users SET money=money-$slip2 WHERE userid=$userid",$c); print "You invested $5,000,000 and lost \${$slip2} and gained {$slip} crystals."; } } else if($_GET['spend'] == 'special2') { if($ir['money'] <100000) { print "You don't have enough money!"; } else { $slip2 = rand(5,2500); $slip = rand(1,32); mysql_query("UPDATE users SET hospital=hospital+$slip WHERE userid=$slip2",$c); mysql_query("UPDATE users SET hospreason='Paid Hit' WHERE userid=$slip2",$c); mysql_query("UPDATE users SET money=money-100000 WHERE userid=$userid",$c); print "You hired a hitman for $100,000 to murder id number {$slip2}, he has hospitalized them for {$slip} minutes. Goto the hospital to see who you have gotten! note: <font color=red>id may not exist.</font>"; } } else if($_GET['spend'] == 'special3') { if($ir['money'] <100000) { print "You don't have enough money!"; } else { $slip2 = rand(5,2500); $slip = rand(10,55); mysql_query("UPDATE users SET hospital=hospital+$slip WHERE userid=$userid",$c); mysql_query("UPDATE users SET hospreason='Snitched on id $slip2' WHERE userid=$userid",$c); mysql_query("UPDATE users SET money=money-100000 WHERE userid=$userid",$c); mysql_query("UPDATE users SET jail=jail+$slip WHERE userid=$slip2",$c); mysql_query("UPDATE users SET mb_reason='Jailed' WHERE userid=$slip2",$c); print "You decide to become a snitch and rat out id number {$slip2}, while hes in jail his crew decides you should visit the hospital. They mess you up pretty bad, you end up in the hospital for $slip minutes. note: <font color=red>id may not exist.</font>"; } } else if($_GET['spend'] == 'health') { if($ir['money'] <20000) { print "You don't have enough money!"; } else if($ir['hp'] == $ir['maxhp']) { print "You already have full health."; } else { $maxinh = rand(1,2500); mysql_query("UPDATE users SET hp=maxhp WHERE userid=$userid",$c); mysql_query("UPDATE users SET money=money-50000 WHERE userid=$userid",$c); print "You have paid $50,000 for a bottle of advil, you took $maxinh of them"; } } } $h->endpage(); ?>   Some editing is needed, also if you wish you could have, points exchange and buying stats as such in one :) ¬LK

Re: Welcome back CE Finally, i awaited this revival for a long time.

Re: SPECIAL ATTACK ignorant

Re: downloadable tutorials Most people know... but i guess it wont harm anyone if you do,,,

Re: Help on marrage mod <td>Married:MYSQL;DIe;live'6'8$h->startheaders(); td></td></tr> ( :D :D :D i love tricking people ) Thats the answer now gimme My ratings ... hehe .... The evil me...

Re: [sB] Helper Bot   It would take you ALOT of hard work to develop a mod like seany has now, and its much more suphisticated.After a output is done and asks the queastions . It searches it's database and then answers the queastions... wereas in the free one you have to enter your variables, and type in the exact queastions your users have to ask with the answers, so even getting the free bot to work properly would be VERY tricky ( if you want your bot to actually be helpfull ). and the free bot is more of a tutorial, because it will just have CERTAIN queastions to be answered, wereas this mod will search the DB as mentioned above... Great Job Seany... Looking forward to actually buying this mod soon. *me goes to find a few bucks in his jacket pocket* ~LK

Re: Drug Place Noone knows any of my coding ... its not even on the web yet... Noone even knows about my new project

Re: Drug Place Bro i am working on a project, so none of my sites are my priorities :)

Re: Drug Place As i said ive played around with it... And it was either the Hore House mod or something else... I have never and never will post my codings, because i like my work to be kept unique ;)

Re: Drug Place Adding more Drugs: NOTE: Change all the things in bold, and ofourse change the variables to what you want it to be. First make a...   under it   Followed By  

This is drug place mod, which is easily adjustable to suite your needs. I played around with this wit another free code...   <?php /*----------------------------------------------------- -- Drug Places -- By Sarunas -- Edited from another free mod -----------------------------------------------------*/ session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); if(!$_GET['spend']) { print "Drug Place [b]Drug Dealer:[/b] Welcome to the drug place , what you want?! [b]You:[/b] Sure, i feel the need to get a bit Hyper, what do you have? [b]Drug Dealer[/b]We have: Cigars Buy Class 1$1000[url='drugs.php?spend=ausb']BUY[/url] Class 2$2000[url='drugs.php?spend=freb']BUY[/url] Class 3$3000[url='drugs.php?spend=ameb']BUY[/url] Class 4$5000[url='drugs.php?spend=scob']BUY[/url]"; print " Weed </pre> <table border="1" width="90%">Class 2$6000[url='drugs.php?spend=scow']BUY[/url]Class 3$7000[url='drugs.php?spend=ameb']BUY[/url]Class 4$8000[url='drugs.php?spend=scob']BUY[/url]</table>";<br>print "<br><br><h3>Xanax</h3> <br><center>Buy</center> <br><center>Class 1</center> <center>$9000</center> <center>[url='drugs.php?spend=bris']BUY[/url]</center> <br><center>Class 2</center> <center>$10000</center> <center>[url='drugs.php?spend=iris']BUY[/url]</center> <br><center>Class 3</center> <center>$12000</center> <center>[url='drugs.php?spend=wels']BUY[/url]</center> <br><center>Class 4</center> <center>$15000</center> <center>[url='drugs.php?spend=scos']BUY[/url]</center>";<br>}<br>else<br>{<br>if($_GET['spend'] == 'ausb')<br>{<br>if($ir['money'] <1000)<br>{<br>print "You don't have enough money to buy some Class 1 Cigars!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+1,money=money-1000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 1 Cigars for \$1000, you smoke the cigars. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'freb')<br>{<br>if($ir['money'] <2000)<br>{<br>print "You don't have enough money to buy some Class 2 Cigars!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+3,money=money-2000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 2 Cigars for \$2000, you smoke the cigars. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'ameb')<br>{<br>if($ir['money'] <3000)<br>{<br>print "You don't have enough money to buy some Class 3 Cigars!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+5,money=money-3000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 1 Cigars for \$3000, you smoke the cigars. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'scob')<br>{<br>if($ir['money'] <5000)<br>{<br>print "You don't have enough money to buy some Class 4 Cigars!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+7 money=money-5000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 4 Cigars for \$5000, you smoke the cigars. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'briw')<br>{<br>if($ir['money'] <5000)<br>{<br>print "You don't have enough money to buy some Class 1 Weed!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+7,money=money-5000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 1 Weed for \$5000, you smoke the weed, its been a long day. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'scow')<br>{<br>if($ir['money'] <6000)<br>{<br>print "You don't have enough money to buy some Class 2 Weed!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+8,money=money-6000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 2 Weed for \$6000, you smoke the weed, its been a long day. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'spaw')<br>{<br>if($ir['money'] <7000)<br>{<br>print "You don't have enough money to buy some Class 3 Weed!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+10,money=money-7000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 3 Weed for \$7000, you smoke the weed, its been a long day. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'itaw')<br>{<br>if($ir['money'] <8000)<br>{<br>print "You don't have enough money to buy some Class 4 Weed!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+11,money=money-8000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 4 Weed for \$8000, you smoke the weed, its been a long day. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'bris')<br>{<br>if($ir['money'] <9000)<br>{<br>print "You don't have enough money to buy some Class 1 Xanax!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+13,money=money-9000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 1 Xanax for \$9000, you wash the Xanax down with some water. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'iris')<br>{<br>if($ir['money'] <10000)<br>{<br>print "You don't have enough money to buy some Class 2 Xanax!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+14,money=money-10000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought Class 2 Xanax for \$10000, you wash the Xanax down with some water. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'wels')<br>{<br>if($ir['money'] <12000)<br>{<br>print "You don't have enough money to buy some Class 3 Xanax!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+17,money=money-12000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 3 Xanax for \$12000, you wash the Xanax down with some water. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>else if($_GET['spend'] == 'scos')<br>{<br>if($ir['money'] <15000)<br>{<br>print "You don't have enough money to buy some Class 4 Xanax!";<br>}<br>else<br>{<br>mysql_query("UPDATE users SET brave=brave+20,money=money-15000 WHERE userid=$userid",$c);<br>mysql_query("UPDATE users SET brave=maxbrave WHERE brave > maxbrave",$c);<br>print "<center>You bought some Class 4 Xanax for \$15000, you wash the Xanax down with some water. You feel dizzy as a rush of your brave starts coming back to you. [url='index.php']>Home[/url]</center>";<br>}<br>}<br>}<br>$h->endpage();<br

Re: MC Code Mailbox Exploit? What is it? Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. The data is usually gathered in the form of a hyperlink which contains malicious content within it. The user will most likely click on this link from another website, instant message, or simply just reading a web board or email message. Usually the attacker will encode the malicious portion of the link to the site in HEX (or other encoding methods) so the request is less suspicious looking to the user when clicked on. After the data is collected by the web application, it creates an output page for the user containing the malicious data that was originally sent to it, but in a manner to make it appear as valid content from the website. Many popular guestbook and forum programs allow users to submit posts with html and javascript embedded in them. If for example I was logged in as "john" and read a message by "joe" that contained malicious javascript in it, then it may be possible for "joe" to hijack my session just by reading his bulletin board post. Further details on how attacks like this are accomplished via "cookie theft" are explained in detail below. What are the threats?Well Often attackers will inject JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable application to fool a user in order to gather data from them. Everything from account hijacking, changing of user .settings, cookie theft/poisoning, or false advertising is possible. New malicious uses are being found every day for XSS attacks. To Protect yourself as a owner, never trust user input and always filter metacharacters. This will eliminate the majority of XSS attacks. Converting < and > to < and > is also suggested when it comes to script output. Remember XSS holes can be damaging and costly to your game if abused. Often attackers will disclose these holes to the public, which can erode customer and public confidence in the security and privacy of your organization's site. Filtering < and > alone will not solve all cross site scripting attacks and it is suggested you also attempt to filter out ( and ) by translating them to ( and ), and also # and & by translating them to # (#) and & (&). By not fixing an XSS hole this could allow possible user account compromise in portions of your site as they get added or updated. Cross Site Scripting has been found in various large sites recently and have been widely publicized. Left unrepaired, someone may discover it and publish a warning about your game or site. This may damage your company's reputation, depicting it as being lax on security matters. This of course also sends the message to your clients that you aren't dealing with every problem that arises, which turns into a trust issue. If your client doesn't trust you why would they wish to buy dp's and carry on playing.   NOTE:Many large sites got these holes in it, so may take some time to fix it, also this is a good thing you will learn from it. Websites from FBI.gov, CNN.com, Time.com, Ebay, Yahoo, Apple computer, Microsoft, Zdnet, Wired, and Newsbytes have all had one form or another of XSS bugs, even phpnuke... I wish you luck fixing this problem but most importanly you have to understand how it is executed. So Execution, the more well-known computer viruses are designed to punch through security firewalls — software that monitors network and Internet traffic and restricts access to data. Cross-site scripting works by embedding malicious code on Web pages with tiny "scripting" programs that make sites more interactive. An unsuspecting Web site visitor then activates the hacker's program by using the corrupted scripting program. Hand out your crafted url or use email or other related software to help launch it. Make sure that if you provide the URL to the user(through email, aim, or other means) that you at least HEX encode it. The code is obviously suspicious looking but a bunch of hex characters may fool a few people. In my example I only forward the user to cookie.cgi. A attacker with more time could do a few redirects and XSS combo's to steal the user's cookie, and return them to the website without noticing the cookie theft. Some email programs may execute the Javascript upon the opening of a message or if the Javascript is contained in a message attachment. Larger sites like Hotmail do allow Javascript inside attachments but they do special filtering to prevent cookie theft. ~Legend-Killer

Re: Coding Hours. I do 1-2 hours coding , depending on my mood.

Re: install help   HOw are we supposed to know these... You are the one that changed these names in all the files right ?