Magictallguy

Learn how to patch 'em! 😉 It's directly thanks to MCC that I learned as much as I did about security (or the distinct lack thereof) in my first year as a developer. I would strongly recommend learning what attacks are applicable to your project(s) and, more importantly, how to defend against them.

'fraid not. Both v1 and v2 hard-code the logo.jpg into the .. uh .. template.

function renderEditUser(database $db, array $ir, headers $h, array $column_data, ?array $user_data = null): void { // Loop through the column data foreach ($column_data as $column => $data_type) { $type = in_array($data_type, ['tinyint', 'int', 'bigint', 'float', 'double', 'decimal']) ? 'number' : 'text'; ?> <div style="padding: 0.8em 0;"> <label for="<?php echo $column; ?>"><?php echo ucwords(str_replace('_', ' ', $column)); ?></label> <?php if ($data_type === 'text') { ?> <textarea name="<?php echo $column; ?>" id="<?php echo $column; ?>" class="form-control"><?php echo $user_data[$column]; ?></textarea> <?php } else { ?> <input type="<?php echo $type; ?>" name="<?php echo $column; ?>" id="<?php echo $column; ?>" value="<?php echo $user_data[$column]; ?>" class="form-control"> <?php } ?> </div> <?php } } function editUser(): void { global $db, $ir, $h; // These should really be passed in if ($ir['user_level'] != 2) { echo '403: Forbidden'; $h->endpage(); exit; } $user_id = $_GET['user'] ?? 0; // Get column data for both users and userstats tables // .. while omitting the stuff we don't need $unneeded = implode('\', \'', ['userid', 'userpass', 'pass_salt', 'lastrest_life', 'lastrest_other']); $get_user_cols = $db->query('SHOW COLUMNS FROM users WHERE Field NOT IN (\'' . $unneeded . '\')'); $get_stats_cols = $db->query('SHOW COLUMNS FROM userstats WHERE Field NOT IN (\'' . $unneeded . '\')'); // Loop column name => type into array $cols = [ 'users' => [], 'stats' => [], ]; while ($row = $db->fetch_row($get_user_cols)) { $cols['users'][$row['Field']] = strtolower(explode('(', $row['Type'])[0]); } while ($row = $db->fetch_row($get_stats_cols)) { $cols['stats'][$row['Field']] = strtolower(explode('(', $row['Type'])[0]); } // Get the relevant user data $user_data = null; if ($user_id > 0) { $get_user_data = $db->query( 'SELECT u.*, us.* FROM users AS u INNER JOIN userstats AS us ON u.userid = us.userid WHERE u.userid = '.$user_id, ); if (!$db->num_rows($get_user_data)) { echo 'Sod off.'; $h->endpage(); exit; } $user_data = $db->fetch_row($get_user_data); }?> <form action="/staff_users.php?action=edituser" method="post"> <h4>User</h4> <?php renderEditUser($db, $ir, $h, $cols['users'], $user_data); ?> <h4>Stats</h4> <?php renderEditUser($db, $ir, $h, $cols['stats'], $user_data); ?> <div style="padding: 1em 0;"> <button type="submit" name="submit" class="btn-submit"> <span class="fas fa-check"></span> Save Changes </button> </div> </form> <?php } 5 minutes o' fun 😄

Oh, yeah, lemme get riiiiiight on that!

The ability to set image paths via the staff_items.php's add/edit item methods could be added. This would allow you (and your staff) to set `path/to/someImage.png` (example) when creating/editing an item directly within the staff panel, as opposed to needing to log into the database - to which, I presume, isn't something you'd normally grant your game staff access. So yeah, modify add/edit item, set image path!

Load up the webpage in question and attempt to carry out the process you've written

PHP versions! mysql_* functions were deprecated and removed. Use the mysqli_* functions - so, for you, alter your config.php and change "mysql" to "mysqli"

Welcome aboard! 😄

It's one of the IPNs I wrote - attempting to load the file directly will result in this error as there's no POSTDATA being sent on a standard GET request for loading a page in browser. Use PayPal's Dev Sandbox to simulate real-world payments

More information required. What is the error message it spits at you? (If you haven't already and your script supports it, enable debug mode)

More information required. An HTTP Error 500 is generic Check your error_log

1 table, 3 columns; id, parent_id, name. We can make some guesses at what the data might actually be, based on what we see. For example, I see that `id` (the first column) is likely a primary key that auto-increments. Again, based on the data we've got and the explanation given with it, the parent_id relates to another row in the table if parent_id is greater than 0, or otherwise has no direct relation (and therefore is the parent category). Your instructions are to write a function that'll display this breadcrumb-style, based on parameters given to said function. As the question says, assume you've already got a function named getCategory() and it takes 1 parameter; the id. Can you write, say, showBreadcrumbs()? If you have a PHP-capable webserver and a DB server available to you, then start playing around (suggested only as I'm aware you're familiar with this)! Create the table with the 3 columns and insert the data as displayed - then query it. If not, or if you'd like to run this in a php sandbox online for free (hint hint), then write an array of the data instead; <?php $categories = [ [ 'id' => 1, 'parent_id' => 0, 'name' => 'Clothing', ], [ 'id' => 2, 'parent_id' => 0, 'name' => 'Accessories', ], // ... ]; There's a couple of "oh, duuuhhh" moments in this exercise. Remember; keep it simple!

* * * * * php path/to/file code=thecode arg=wutever arg3=..

crond

Currently running AlmaLinux here for multiple purposes including the usual webserver setup. Beautiful OS, familiar CLI, no complaints!

Check that the result of the guard / 1.5 is above 0 before using it as part of the equation <?php // Check that the user's guard is above 0 and get the guard division result, otherwise it's 0 $guardResult = $youdata['guard'] > 0 ? $youdata['guard'] / 1.5 : 0; // Begin the damage calculation $dam = $enweps[$weptouse]['weapon'] * $odata['strength']; // If we've got something to divide by .. if ($guardResult > 0) { // .. divide it $dam /= $guardResult; } // Add the randomisation back in $dam *= rand(8000, 12000) / 10000; // And cast it to an integer $dam = (int)$dam; /** * Original line for reference * $dam = (int) (($enweps[$weptouse]['weapon'] * $odata['strength'] / ($youdata['guard'] / 1.5)) * (rand(8000, 12000) / 10000)); */

Enable Debug Mode - edit lib/basic_error_handler.php and set the DEBUG constant to true (line 31 by default)

And all of this is beside the point - if it doesn't make sense to you, that's fine. Ask, don't attack. Stay on topic, please

Error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given A null value was passed to a count() call. count() doesn't accept null values. nbbc.php line 155 is the call

$db->query('SELECT type, user, person FROM lists WHERE user = ? AND person = ?'); $db->execute([$i['userid'], $u['userid']]); $row = $db->fetch(true); if(empty($row)) { $fri = '<a href="friends?add='.$profile_info->name.'">Add friend</a>'; $ene = '<a href="enemys?add='.$profile_info->name.'">Add enemy</a>'; } elseif($row['type'] === 'friend') { $fri = 'Remove Friend'; $ene = ''; } else if($row['type'] === 'enemy') { $fri = ''; $ene = 'Remove enemy'; }

True! This grants those who prefer an in-site GUI over opening an editor that ability and was originally written with that in mind

And reality - this plane of existence, for example 😉 Better hills to die on, guys!

I believe he's using a PDO wrapper I released a few years ago

Remove the error suppressant from the session_start() call and get the information you need

I quite liked MCC's crime success chance calculation. I feel it was a little lacking on the modifiers side of it as default, but easy enough to extend. I'd suggest doing something similar to it, perhaps incrementally per level range or crime level (don't know what you're intending to do). Alternatively, keep it simple with an "easy", "medium", "hard" at varying integers and use an RNG? <?php // Example // Set array of difficulties with associated percentage of success $difficulties = [ 'easy' => 95, 'medium' => 50, 'hard' => 25, 'extreme' => 10, ]; // Assume $row is an array of crime data, assume "difficulty" is a valid column name with either "easy", "medium", "hard", or "extreme" set if ($difficulties[$row['difficulty']] >= mt_rand(0, 100)) { // success } else { // fail (maybe and/or jail?) } There are many ways to achieve your desired effect; experiment as see what works for you