Magictallguy

Re: crystal bank Yea.. it's "Magictallguy", although I do like Metallica....  

Re: Quote Mod   if(strlen($q) > 255) { echo 'Quotes can only have upto 255 characters'; echo ' '; echo '[url="preferences.php?action=uq"]Back[/url]'; } That's why that is there -.-

Re: crystal bank For the sake of The Joker, sprintf() has been implemented.. Joker, sprintf() on it's own, will offer little protection. Combine it with mysql_real_escape_string() and you'll have a file fit for a king.. (or Nyna..) Secured Crystal Bank <?php include (DIRNAME(__FILE__) . "/globals.php"); //Learn to secure your script! //And code properly for that matter -.- //Secured by Magictallguy print "<h3>Crystal Bank</h3>"; if($ir['crystalbank']>-1) { //Addition of the functions below to stop a hidden error. (Use error_reporting(E_ALL); too see what I mean... $_GET['action'] = isset($_GET['action']) && is_string($_GET['action']) ? strtolower(trim($_GET['action'])) : ""; switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money'] > 25000) { print "Congratulations, you bought a crystal bank account for \$25,000! [url='crystalbank.php']Start using my account[/url]"; $sql = sprintf("UPDATE users SET money = money - %u WHERE (userid = %u)", 25000, $userid); $db->query($sql); } else { die("You do not have enough money to open an account, it costs \$25,000 for an account [url='explore.php']Back to town...[/url]"); } } else { print "Open a crystal bank account today, just \$25,000! [url='crystalbank.php?buy']> Yes, sign me up![/url]"; } } function index() { global $db, $ir, $c, $userid, $h; $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo sprintf("[b]You currently have %s crystal%s in your crystal bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("<table width='85%' cellspacing=1 class='table'>"); echo ("<tr>"); echo ("<td width='50%'>[b]Deposit crystal[/b] "); echo ("<form action='crystalbank.php?action=deposit' method='post'>"); echo sprintf("Amount: <input type='text' name='deposit' value='%u' /> ", $ir['crystalbank']); echo ("<input type='submit' value='Deposit' /></form></td>"); echo ("<td width='50%'>[b]Withdraw crystals[/b] "); echo ("There is no fee on withdrawals.<form action='crystalbank.php?action=withdraw' method='post'>"); echo sprintf("Amount: <input type='text' name='withdraw' value='%u' /> ", $ir['crystalbank']); echo ("<input type='submit' value='Withdraw' /></form></td>"); echo ("</tr>"); echo ("</table>"); } function deposit() { global $db, $ir, $c, $userid, $h; $_POST['deposit'] = (float) $_POST['deposit']; if($_POST['deposit'] > $ir['crystals']) { print "You do not have enough crystals to deposit in the bank."; } else { $gain=$_POST['deposit']-$fee; $ir['crystals']+=$gain; $sql = sprintf("UPDATE users SET crystalbank = crystalbank + %u, crystals = crystals - %u WHERE (userid = %u)", mysql_real_escape_string($gain), mysql_real_escape_string($_POST['deposit']), $userid); //You MUST ALWAYS escape everything,, unless you want hackers to gain access? $db->query($sql); $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo sprintf("You hand over %s crystal%s to be deposited, ", number_format($_POST['deposit']), $s); echo sprintf(" is added to your account. ", number_format($gain)); echo sprintf("[b]You now have %s crystal%s in the bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("[url='crystalbank.php']> Back[/url]"); } } function withdraw() { global $db,$ir,$c,$userid,$h; $_POST['withdraw'] = (float) $_POST['withdraw']; if($_POST['withdraw'] > $ir['crystalbank']) { print "You do not have enough crystals to withdraw from the bank."; } else { $gain=$_POST['withdraw']; $ir['crystalbank']-=$gain; $sql = sprintf("UPDATE users SET crystalbank = crystalbank - %u, crystals = crystals + %u WHERE (userid = %u)", mysql_real_escape_string($gain), mysql_real_escape_string($gain), $userid); $db->query($sql); $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo ("You ask to withdraw , ", number_format($gain), $s); echo ("the banking lady grudgingly hands it over. "); echo ("[b]You now have %s crystal%s in the bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("[url='crystalbank.php']> Back[/url]"); } } $h->endpage(); ?>

Re: crystal bank Before posting all over CE what I'm attempting to teach you, actually learn it? Brilliant quote from Nyna .. You should take heed Chris..  

Re: contact staff [v2] As this is v2, session_start(); is not required.. That is already in the globals.php..

Re: Religions Mod This is only true if your users are to stupid to open their eyes and see the person for who they are, and not what they believe in..

Re: [Mccode][Free] House Pictures Using the post before mine, and the first post works fine. Why are argue when you can call it from the database? That's what it's there for..

Re: Updated Explore V.2 I'm tempted to create an explore that is updatable via the staff panel.. Each "box" (or <td>) will have it's own row on a table in the database..[me=Magictallguy]ponders the thought[/me]

Re: [V2] Crystalbank Mod [V2] Links are the same, SQL is the same. Secured Crystal Bank <?php include (DIRNAME(__FILE__) . "/globals.php"); //Learn to secure your script! //And code properly for that matter -.- //Secured by Magictallguy print "<h3>Crystal Bank</h3>"; if($ir['crystalbank']>-1) { //Addition of the functions below to stop a hidden error. (Use error_reporting(E_ALL); too see what I mean... $_GET['action'] = isset($_GET['action']) && is_string($_GET['action']) ? strtolower(trim($_GET['action'])) : ""; switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money'] > 25000) { print "Congratulations, you bought a crystal bank account for \$25,000! [url='crystalbank.php']Start using my account[/url]"; $sql = sprintf("UPDATE users SET money = money - %u WHERE (userid = %u)", 25000, $userid); $db->query($sql); } else { die("You do not have enough money to open an account, it costs \$25,000 for an account [url='explore.php']Back to town...[/url]"); } } else { print "Open a crystal bank account today, just \$25,000! [url='crystalbank.php?buy']> Yes, sign me up![/url]"; } } function index() { global $db, $ir, $c, $userid, $h; $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo sprintf("[b]You currently have %s crystal%s in your crystal bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("<table width='85%' cellspacing=1 class='table'>"); echo ("<tr>"); echo ("<td width='50%'>[b]Deposit crystal[/b] "); echo ("<form action='crystalbank.php?action=deposit' method='post'>"); echo sprintf("Amount: <input type='text' name='deposit' value='%u' /> ", $ir['crystalbank']); echo ("<input type='submit' value='Deposit' /></form></td>"); echo ("<td width='50%'>[b]Withdraw crystals[/b] "); echo ("There is no fee on withdrawals.<form action='crystalbank.php?action=withdraw' method='post'>"); echo sprintf("Amount: <input type='text' name='withdraw' value='%u' /> ", $ir['crystalbank']); echo ("<input type='submit' value='Withdraw' /></form></td>"); echo ("</tr>"); echo ("</table>"); } function deposit() { global $db, $ir, $c, $userid, $h; $_POST['deposit'] = (float) $_POST['deposit']; if($_POST['deposit'] > $ir['crystals']) { print "You do not have enough crystals to deposit in the bank."; } else { $gain=$_POST['deposit']-$fee; $ir['crystals']+=$gain; $sql = sprintf("UPDATE users SET crystalbank = crystalbank + %u, crystals = crystals - %u WHERE (userid = %u)", mysql_real_escape_string($gain), mysql_real_escape_string($_POST['deposit']), $userid); //You MUST ALWAYS escape everything,, unless you want hackers to gain access? $db->query($sql); $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo sprintf("You hand over %s crystal%s to be deposited, ", number_format($_POST['deposit']), $s); echo sprintf(" is added to your account. ", number_format($gain)); echo sprintf("[b]You now have %s crystal%s in the bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("[url='crystalbank.php']> Back[/url]"); } } function withdraw() { global $db,$ir,$c,$userid,$h; $_POST['withdraw'] = (float) $_POST['withdraw']; if($_POST['withdraw'] > $ir['crystalbank']) { print "You do not have enough crystals to withdraw from the bank."; } else { $gain=$_POST['withdraw']; $ir['crystalbank']-=$gain; $sql = sprintf("UPDATE users SET crystalbank = crystalbank - %u, crystals = crystals + %u WHERE (userid = %u)", mysql_real_escape_string($gain), mysql_real_escape_string($gain), $userid); $db->query($sql); $s = ($_POST['deposit'] == 1) ? "" : "s"; //Outputs: //0 crystals //1 crystal //2 crystals echo ("You ask to withdraw , ", number_format($gain), $s); echo ("the banking lady grudgingly hands it over. "); echo ("[b]You now have %s crystal%s in the bank.[/b] ", number_format($ir['crystalbank']), $s); echo ("[url='crystalbank.php']> Back[/url]"); } } $h->endpage(); ?>

Re: Updated Display Pic System [V2] Speak in english and we may be able to help you..

Re: online/offline/total users Stick inbetween those 2 lines of code..

Re: Quote Mod Thanks for the security LostOne. sprintf() would be a good idea there xD

Re: House Tax [$5] No idea who Matt is, but I'll make this for free if you wish? The screenshot no longer works so I don't know how you want it, but it's not hard to make :)

Re: House Rentals [V2] Ah nuts xD

Re: [Free] Advanced(ish) Level Upgrade Mod. Actually no, if you look into the globals.php, you'll find that $ir['exp_needed'] is defined there.

Re: Updated Mailbox [v1] Instead of using include "globals.php";   Use include_once(DIRNAME(__FILE__) . '/globals.php');

Re: [V2] Edit/Delete Item Type [V2] Nicely done Tonka! Saves me from having to make it :P

Re: Cant get my head around these? I've had a friend with that problem, and we narrowed it down to the browser that the user is using. Sometimes, even simple things like clearing cache/cookies actually helps prevent that.

Re: NEW Explore.php[v2]   <?php /*----------------------------------------------------- -- Made By squimmy -- Free Mod -- Tables fixed by MTG -- Learn to code -.- -----------------------------------------------------*/ include "globals.php"; $tresder=(int) rand(100,999); if($ir['jail'] or $ir['hospital']) { die("This page cannot be accessed while in jail or hospital."); } $q=$db->query("SELECT u.*,c.* FROM users u LEFT JOIN cities c ON u.location=c.cityid WHERE u.userid=$userid"); $r=$db->fetch_row($q); ?> [b]You begin exploring <? echo sprintf("%s", $r['cityname']); ?>, you see a bit that interests you.[/b] <table width=75% border=7> <tr height='100'> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> </tr> <tr height=100> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u><font color=red>[b]Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> </tr> <tr height=100> <td valign=top> <u><font color=red>Coming Soon[b]</u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u><font color=red>[b]Coming Soon</u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u>[b]<font color=red>Bargate</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> </tr> <tr height=100> <td valign=top> <u>[b]<font color=red>Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u>[b]<font color=red>Coming Soon</font></u> [url='usersonline.html']Users Online[/url] [url='usersonline.php']Users Online[/url] [url='usersonline.php']Users Online[/url] </td> <td valign=top> <u>[b]<font color=red>Coming Soon</font></u> [url='useronline.php']Users Online[/url] </td> </tr> </table> <table cellspacing='3' border='2' cellpadding='4' class='table' width='53%'> <tr> <td colspan='2'>[b]<center>Referal Link: http://<? echo sprintf("%s", $domain); ?>/register.php?REF= <? echo sprintf("%s", $userid); ?> </td> <td colspan='2'>Every signup from this link earns you two valuable crystals!</td> </tr> </table> <? $h->endpage(); ?> Fixed up for you

Re: Updated Display Pic System [V2] Well said.. This aint ebay feedback system mate rofl so lets gain an extra post by taking the p*ss out of other members , so immeture.

Re: [V1] Unlocks [V1] Would love to know what the point in this is...

Re: Ranger Den [$25] Nyna said it's good.. So it's gotta be good! xD

Re: [REVIEW]Criminal Warfare I find it sexy, yet elegent. Basic, yet professional But as Justice said, the text can be alittle hard to read.

Re: Tutorial: v1 - v2 Conversion *muffles laughter* Be nice people!

Re: upgraded lucky boxes He's not a graphics person :P