Magictallguy

Code posted, thanks to Djkanna for finding it for me xD   <?php //Crystal Market, free for Dev Forum //Copyright (c), 2009 Magictallguy //Not for resale //If you don't understand it, leave it alone include(DIRNAME(__FILE__) . '/globals.php'); echo "<h3>Crystal Market</h3>"; $_GET['action'] = isset($_GET['action']) && is_string($_GET['action']) ? strtolower(trim($_GET['action'])) : false; $_GET['act2'] = isset($_GET['act2']) && is_string($_GET['act2']) ? strtolower(trim($_GET['act2'])) : false; $_GET['ID'] = isset($_GET['ID']) && is_numeric($_GET['ID']) ? abs(@intval($_GET['ID'])) : false; switch($_GET['action']) { case 'add': add_listing(); break; case 'remove': remove_listing(); break; case 'buy': buy_crystals(); break; default: index(); break; } function index() { global $db, $userid; echo "Viewing all listings "; echo "[url='cmarket.php?action=add']Add a listing[/url] "; echo "<table class='table' width='100%'>"; echo "<tr>"; echo "<th>Player</th>"; echo "<th>Crystals</th>"; echo "<th>Price</th>"; echo "<th>Link</th>"; echo "</tr>"; $query = $db->query( "SELECT c.*, u.username " . "FROM crystalmarket c " . "LEFT JOIN users u ON (u.userid = c.cmADDER) " . "ORDER BY c.cmQTY ASC, c.cmPRICE ASC"); if(!$db->num_rows($query)) { echo "<tr>"; echo "<td colspan='4' style='text-align:center;'>There are no listings</td>"; echo "</tr>"; } while($row = $db->fetch_row($query)) { $total = $row['cmQTY'] * $row['cmPRICE']; $link = ($row['cmADDER'] == $userid) ? sprintf("[url='cmarket.php?action=remove&ID=%u']Remove[/url]", $row['cmID']) : sprintf("[url='cmarket.php?action=buy&ID=%u']Buy[/url]", $row['cmID']); echo "<tr style='text-align:center;'>"; echo sprintf("<td>[url='viewuser.php?u=%u']%s[/url] [%s]</td>", $row['cmADDER'], stripslashes(htmlspecialchars($row['username'])), number_format($row['cmADDER'])); echo sprintf("<td style='text-align:right;'>%s</td>", number_format($row['cmQTY'])); echo sprintf("<td style='text-align:right;'>Total: \$%s <span style='font-size:10px;'>(Each: \$%s)</span></td>", number_format($total), number_format($row['cmPRICE'])); echo sprintf("<td>%s</td>", $link); echo "</tr>"; } echo "</table>"; } function buy_crystals() { global $ir, $db, $userid, $h; if(!$_GET['ID']) { echo "Listing ID not specified. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } if(!$ir['money']) { echo "You have no money. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $select = sprintf("SELECT * FROM crystalmarket WHERE (cmID = %u)", $_GET['ID']); $query = $db->query($select); if(!$db->num_rows($query)) { echo "This listing does not exist. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $row = $db->fetch_row($query); if($row['cmADDER'] == $userid) { echo "You can't buy your own listing. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $total = $row['cmQTY'] * $row['cmPRICE']; $icanbuy = floor($ir['money'] / $row['cmPRICE']); $cost = $icanbuy * $row['cmPRICE']; $name = $db->fetch_single($db->query(sprintf("SELECT username FROM users WHERE (userid = %u)", $row['cmADDER']))); if($total > $ir['money']) { $_GET['act2'] = 'buysome'; } if(!$icanbuy) { echo "You don't have enough money. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } switch($_GET['act2']) { default: $update1 = sprintf("UPDATE users SET money = money - %s, crystals = crystals + %u WHERE (userid = %u)", $total, $row['cmQTY'], $userid); $update2 = sprintf("UPDATE users SET money = money + %s WHERE (userid = %u)", $total, $row['cmADDER']); $delete = sprintf("DELETE FROM crystalmarket WHERE (cmID = %u)", $_GET['ID']); $db->query($update1); $db->query($update2); $db->query($delete); $event = sprintf("[url='viewuser.php?u=%u']%s[/url] bought your %s crystal%s for \$%s from the crystal market", $userid, $ir['username'], number_format($row['cmQTY']), ($row['cmQTY'] == 1) ? '' : 's', number_format($total)); event_add($row['cmADDER'], $event); echo sprintf("You bought the %s crystal%s from %s for \$%s. [url='cmarket.php']Back[/url]", number_format($row['cmQTY']), ($row['cmQTY'] == 1) ? '' : 's', stripslashes(htmlspecialchars($name)), number_format($total)); break; case 'buysome': if($ir['money'] < $row['cmPRICE']) { echo "You don't have enough money. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } if(!isset($_POST['buy'])) { echo "You don't have enough money to buy all of the crystals listed. "; echo sprintf("But you do have enough to buy %s crystal%s, costing you \$%s. ", number_format($icanbuy), ($icanbuy == 1) ? '' : 's', number_format($cost)); echo "Would you like to buy that amount instead? "; echo sprintf("<form action='cmarket.php?action=buy&ID=%u&act2=buysome' method='post'>", $_GET['ID']); echo "<input type='submit' name='buy' value='Yes' /> <input type='button' value='No' onclick='location.href=\"cmarket.php\"' />"; echo "</form>"; } else { $update1 = sprintf("UPDATE users SET money = money - %s, crystals = crystals + %u WHERE (userid = %u)", $cost, $icanbuy, $userid); $update2 = sprintf("UPDATE users SET money = money + %s WHERE (userid = %u)", $cost, $row['cmADDER']); $update3 = sprintf("UPDATE crystalmarket SET cmQTY = cmQTY - %u WHERE (cmID = %u)", $icanbuy, $_GET['ID']); $db->query($update1); $db->query($update2); $db->query($update3); $event = sprintf("[url='viewuser.php?u=%u']%s[/url] bought %s of your %s crystal%s for \$%s from the crystal market", $userid, $ir['username'], number_format($icanbuy), number_format($row['cmQTY']), ($row['cmQTY'] == 1) ? '' : 's', number_format($cost)); event_add($row['cmADDER'], $event); echo sprintf("You have bought %s crystal%s from %s for \$%s. [url='cmarket.php']Back[/url]", number_format($icanbuy), ($icanbuy == 1) ? '' : 's', stripslashes(htmlspecialchars($name)), number_format($cost)); } break; } } function remove_listing() { global $db, $userid, $h; if(!$_GET['ID']) { echo "Listing ID not specified. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $select = sprintf("SELECT * FROM crystalmarket WHERE ((cmID = %u) AND (cmADDER = %u))", $_GET['ID'], $userid); $query = $db->query($select); if(!$db->num_rows($query)) { echo "Either this listing does not exist, or you don't own it. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $row = $db->fetch_row($query); $update = sprintf("UPDATE users SET crystals = crystals + %u WHERE (userid = %u)", $row['cmQTY'], $userid); $delete = sprintf("DELETE FROM crystalmarket WHERE (cmID = %u)", $_GET['ID']); $db->query($update); $db->query($delete); echo "Your crystals have been returned to you"; } function add_listing() { global $db, $userid, $h, $ir; echo "<h4>Adding a listing to the Crystal Market</h4>"; if(!$ir['crystals']) { echo "You don't have any crystals. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } if(!isset($_POST['crystals']) || empty($_POST['price'])) { echo "<form action='cmarket.php?action=add' method='post'>"; echo "<table class='table' width='50%' style='text-align:center;'>"; echo "<tr>"; echo "<th>Amount</th>"; echo "<td><input type='text' name='crystals' /></td>"; echo "</tr>"; echo "<tr>"; echo "<th>Price</th>"; echo "<td><input type='text' name='price' /></td>"; echo "</tr>"; echo "<tr>"; echo "<td colspan='2'><input type='submit' value='Submit' /></td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { if($_POST['crystals'] > $ir['crystals']) { echo "You don't have enough crystals. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $_POST['price'] = abs(@intval($_POST['price'])); if(!$_POST['price']) { echo "You didn't enter a valid price. [url='cmarket.php']Back[/url]"; $h->endpage(); exit; } $update = sprintf("UPDATE users SET crystals = crystals - %u WHERE (userid = %u)", $_POST['crystals'], $userid); $insert = sprintf("INSERT INTO crystalmarket VALUES ('', %u, %u, %u)", $_POST['crystals'], $userid, $_POST['price']); $db->query($update); $db->query($insert); echo "Your listing has been added to the market. [url='cmarket.php']Back[/url]"; } } $h->endpage(); ?>

That code is heavily insecure, I would suggest securing that before uploading it.

As an option to hosts without crons - use either MySQL events or timestamps. (Or "Cronless Crons" as I call them).. As for hosting, find yourself a decent host (paid would be preferable, as you really do get what you pay for when looking for hosting), and learn to code.

If you don't have an auto_increment (though why you wouldn't is beyond me), you can use LAST_INSERT_ID(). It's a good MySQL function that works similar, in principal, to an auto_increment

SQL/HTML injections, XSS attacks, etc. What hacks exactly do you secure each file from?

I'm creating one for you as we speak :P

I'm not too bothered. Unless I claim copyright of it with a notice somewhere, they can do what they like with the code. Security is pretty easy to learn, just time-consuming - which is why I charge for security/recodes

I have already created this and posted on Dev Forum (currently down - server issues). Once it's back up, I'll link you (saves me coding it out again)

Once I secure a code, they can do whatever they liek with it, it's their code.. I don't give much of a flying biscuit about it xD

These are mods that have been created, some of which are available free (though mostly insecure). I am happy to code them all again though, give me a shout with your thoughts

Someone will have to tell me how this turned from ass-kissing to name checks..

Yeah, but I ignored you ^.^

XBLGT: Magictallguy

$queryGangs = $db->query("SELECT gangID FROM gangs WHERE (gangRESPECT < 1))"); while($row = $db->fetch_row($queryGangs)) { $db->query(sprintf("DELETE FROM gangs WHERE (gangID = %u)", $row['gangID'])); $db->query(sprintf("DELETE FROM gangwars WHERE ((warDECLARER = %1\$u) OR (warDECLARED = %1\$u))", $row['gangID'])); $db->query(sprintf("UPDATE users SET gang = 0 WHERE (gang = %u)", $row['gangID'])); }   Would work fine, if you want to delete and update all systems concerned..

Using abs() and intval() on a number that's been extracted from the database is pointless. Unless you've edited the number in some way - i.e. user input - then there is no need for the extra code. if(!$ir['money']) { $db->query("UPDATE users SET money = 0 WHERE userid = ".$userid); }

MakeWebGames is not the place for this..

WooP, I got mentioned xD

Don't rely on this to secure your header, it will do very little - it's more of a false sense of security. Whilst it does help with (very little) "securing" the GETDATA of ID, viewforum, viewtopic, and reply, it won't do much else. Stop looking for the short (lazy) way, and secure your code properly

In functions.php, does it have session_start(); in there already? If so, simply remove it from the code you've posted here

Assuming you already have a database connection (and database).. Untested [mysql]CREATE TABLE `your_table` ( `id` INT( 11 ) NOT NULL AUTO_INCREMENT PRIMARY KEY, `name` VARCHAR( 50 ) NOT NULL DEFAULT 'n/a', `message` TEXT NOT NULL, `ip` VARCHAR( 20) NOT NULL DEFAULT '127.0.0.1', `time` INT( 11 ) NOT NULL DEFAULT 0 ) ENGINE = MyISAM;[/mysql]   $IP = isset($_SERVER['REMOTE_ADDR']) ? mysql_real_escape_string($_SERVER['REMOTE_ADDR'], $connection_identifier) : '127.0.0.1'; if(!isset($_POST['msg'])) { $select = sprintf("SELECT `time` FROM `your_table` WHERE (`ip` = '%s')", $IP); $query = mysql_query($select, $connection_identifier) or die("Could not execute query: ".mysql_error()); if(mysql_num_rows($query)) { $row = mysql_fetch_assoc($query); if($row['time'] < time() - 3600) { echo "You have already posted a comment within the last hour. Please wait for ".date('i:s', time() - $row['time'])." before attempting to post again"; //Page footer. exit; } } echo "<form action='comments.php' method='post'>"; echo "<table width='50%' style='text-align:center;'>"; echo "<tr>"; echo "<th>Your name</th>"; echo "<td><input type='text' name='name' /></td>"; echo "</tr>"; echo "<tr>"; echo "<th>Message</th>"; echo "<td><textarea name='msg' rows='10' cols='50'></textarea></td>"; echo "</tr>"; echo "<tr>"; echo "<td colspan='2'><input type='submit' value='Submit' /></td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { if(empty($_POST['name'])) { echo "You didn't enter your name"; //Insert page footer here exit; } if(empty($_POST['msg'])) { echo "You didn't enter a message"; //Page footer.. exit; } $_POST['name'] = mysql_real_escape_string($_POST['name'], $connection_identifier); $_POST['msg'] = mysql_real_escape_string($_POST['msg'], $connection_identifier); $query = sprintf("INSERT INTO `your_table` VALUES ('', '%s', '%s', '%s', %u)", $_POST['name'], $_POST['msg'], $IP, time()); mysql_query($query, $connection_identifier) or die("Could not execute query: ".mysql_error()); echo "Your comment has been submitted"; }   Be sure to use htmlspecialchars() when outputting from the database. Use stripslashes() if you get backslashes (\) before speech marks and apostrophies

I do security jobs at £2 per file - standard MC Craps v2 has around 140 files - with the first file free. I also do complete recodes (which include security) at £75 for v1, and £300 for v2.

A hole in my code? I'm stunned! Must be an old code :P

I offer security jobs at £2 per file with the first file free. I also offer full recodes which includes; security, code updates (i.e. bringing into PHP 5 standards), limited aesthetic updates, I edit how things are handled and do so efficiently. v1 recode: 75 GBP v2 recode: 300 GBP I also create custom modifications per request - pricing ranges on the size and complexity of the request. Feel free to email me [email protected] if you would like to know more

Re: [REVIEW REQUEST] Criminals-Nightmare Let's see.. Register fail, can't find check.php and checkem.php A few colour changes, pretty much the standard layout.. Copyright banner at the bottom is just a big no-no. Add a small text notice, nothing that would distract players from playing. Profiles are *very* basic.. Don't like your grammar on any part of the game (I R GRAMMAR NAZI! - HIEL GRAMMAR!) Mining for knives? Um.. ok then.. :/ 15 players, small userbase. Most of the game is highly insecure.. Overall, don't like it lol. Learn to secure your source, from there, learn to manage a game ;)

Re: Jobs on view user   <?php $qqery = $db->query(sprintf( "SELECT `u`.*, `c`.`cityid`, `c`.`cityname`, `h`.`hID`, `h`.`hNAME`, `h`.`hWILL`, `g`.`gangID`, `g`.`gangNAME`, `f`.*, `uu`.`userid` AS `fed_jailer_id`, `uu`.`username` AS `fed_jailer`, `j`.`jNAME`, `jr`.`jrNAME` " . "FROM `users` `u` " . "LEFT JOIN `cities` `c` ON (`u`.`location` = `c`.`cityid`) " . "LEFT JOIN `houses` `h` ON (`u`.`maxwill` = `h`.`hWILL`) " . "LEFT JOIN `gangs` `g` ON (`g`.`gangID` = `u`.`gang`) " . "LEFT JOIN `fedjail` `f` ON (`f`.`fed_userid` = `u`.`userid`) " . "LEFT JOIN `users` `uu` ON (`f`.`fed_jailedby` = `uu`.`userid`) " . "LEFT JOIN `jobs` `j` ON (`j`.`jID` = `u`.`job`) " . "LEFT JOIN `jobranks` `jr` ON (`jr`.`jrID` = `u`.`jobrank`) " . "WHERE (`u`.`userid` = %u)", abs(@intval($_GET['u']))));