Floydian

Re: MCcodes v2.0 problem I've seen that crime equation and it's crap. You could easily achieve the same thing by changing the equation over from using that eval statement into being hard coded. You'll need two columns though instead of the one in the database. Since you have to parts to that equation, and you would be storing just the number that is the "modifier". One is a crime level modifier, and the other one I think is a will modifier.

Re: N00B Question: Align Menu To Left in MCcodes v2.0 at the top of this file add:   echo '<div align="left">';   and at the bottom add:   echo '</div>';

Re: Error The most likely set of events, is that the $_POST['gang'] variable is empty, and is causing an error, mysql_query then returns boolean FALSE and that causes mysql_fetch_array() to trip up I suppose that might make mysql_num_rows trip up too huh. lol :mrgreen:

Re: Error it should be noted that if your select query does not find matching rows, you do not get a result returned from the mysql_query() function that can then be used in mysql_fetch_array(). You can catch this by inserting some code between what you have there: $gq=mysql_query("SELECT * FROM gangs WHERE gangID={$_POST['gang']}",$c); // Insert this stuff here: if (mysql_num_rows($gq) < 1) { echo "<h1>This query returned no result set.</h1>"; die; } // Insert that up there: $gangdata=mysql_fetch_array($gq);     Oh, and in defense of the possible injection, perhaps there was some sort of validation/escaping done, but not copied/pasted here?

Re: Understanding An Error Message! Vastly more complicated, but incredibly better of a solution is to go with databased sessions and skill the flat file bull. I can point you to a script that will handle a databased session, but implementing it will require some studying on your part. And then you have to search every file you have, and everywhere you have a die; or exit; or some sort of a redirect, whether it be one using headers or javascript, you will need to add in session_write_close(); before that. That bit isn't complicated, but it's tedious considering mccodes preponderance of die/exit usage. And you will have to setup a database table for the session, tell php to use the database for storing the session. All in all, it's a vastly superior method of sessions. I for one will never go back to the temp file stuff....

Re: Money sql injection No doubt Spudinski, balancing a game is tough work. And I guess there isn't much point in worrying about cheaters if you game's economy is going to explode out of control lol

Re: [FAQ] Developing locally on your own local PHP/MySQL/Apache server You can get a copy of that file from the PHP site. http://us2.php.net/manual/en/mysql.installation.php That link should help you reinstall that file. Editing the php.ini file may be required. You'll certainly need to check and make sure the extension is enabled there.

Re: Help Needed With Cyberbank [MCcodes v2.0] You're welcome. ;) I put that code into my PHP Code IDE (Zend) and it took me right to that spot. It might be helpful to pick up a good PHP IDE with syntax error detection built in. Of course it's not necessary, but for errors like these, it's super fast in detecting them ;)

Re: Money sql injection   Why you say that? I've seen a ton of folks come into cove of pirates and try to cheat the game, many of them using, or attempting to use mysql injection. Unfortunately, an answer to how to stop people from cheating your game would require some diagnosing. Once would need to know what they are exploiting before that can be fixed. You could find a sorts of code for validating input/protecting against sql injection, but if there are 100 places in you code that could potentially be open to such attacks, are you going to go through each one? You should of course go through them all, but I suspect you are either not a coder, or you are "eh" at coding and thus prolly don't have the necessary skills to find/fix the problem on your won. Therefore, my advice is to hire someone to fix it for you.

Re: What is the difference between echo and print ? It only takes typing out four characters for echo, and five for print. Come on now, that makes a difference!! :mrgreen:

Re: Does anyone know or have a free table script for explore.php You'll need some html for that. I'd recommend writing up some practice tables. Perhaps consult http://w3schools.com/html/default.asp for html help and http://w3schools.com/css/default.asp for css help.

Re: Help Needed With Cyberbank [MCcodes v2.0]   function withdraw() { global db,$ir,$c,$userid,$h;   Where it says that, put this:   function withdraw() { global $db,$ir,$c,$userid,$h;

Re: [Competion Questions] Recursive SQL? No no no, no need to optimize honey... lol

Re: [Competion Questions] Recursive SQL? ;) Now we apply a timer to see how's script runs faster! And yours was faster. Comparing the low end of the resulting script execution times, yours was about 2 milliseconds faster. Naturally I commented out Step #2 print the initial data and Step #5 print the tree for reference in your your code. I can live with that difference in time lol

Re: QUERY ERROR Now it sounds like you need to add the attacks won column to the users table ;) Rinse and repeat if necessary ;)

Re: Decimals in Banks good deal, and you're welcome ;)

Re: [Competition Questions] SQL Quoting Nice!

Re: [Competion Questions] Recursive SQL?   <?php require_once(); // Database file require_once(); // function file /* query() = mysql_query() fa() = mysql_fetch_array() Yes, I'm lazy and can't be bothered typing the whole thing out, so I made functions to shorten the name. */ function counter_adder($child, $parent) { global $forum_count, $forum_data; foreach ($forum_data as $forum_id => $data) { if ($forum_id == $parent) { $forum_count[$forum_id]['topics'] += $forum_data[$child]['topics']; $forum_count[$forum_id]['posts'] += $forum_data[$child]['posts']; counter_adder($child, $data['parent']); } } } $q_get = sprintf('select ID, Parent, Name, Topics, Posts from sample'); $q_get = query($q_get); $forum_count = array(); $forum_data = array(); while (list($id, $parent, $name, $topics, $posts) = fa($q_get)) { $forum_count[$id] = array('topics' => 0, 'posts' => 0); $forum_data[$id] = array('name' => $name, 'topics' => $topics, 'posts' => $posts, 'parent' => $parent); } foreach ($forum_data as $forum_id => $data) { $forum_count[$forum_id]['topics'] += $forum_data[$forum_id]['topics']; $forum_count[$forum_id]['posts'] += $forum_data[$forum_id]['posts']; counter_adder($forum_id, $data['parent']); } echo "<table>\n"; foreach ($forum_data as $forum_id => $data) { echo <<<EOT <tr> <td> {$data['name']} </td> <td> {$forum_count[$forum_id]['topics']} </td> <td> {$forum_count[$forum_id]['posts']} </td> </tr>\n EOT; } echo '</table>'; ?>

Re: [Competion Questions] Recursive SQL? I give up lol Tried it out, came close and no cigar. If there were money involved, I'd slog it out hehehe

Re: Decimals in Banks   <?php include "globals.php"; $ir['bankmoney'] = floor($ir['bankmoney'];   $money is simply an example variable. lol

Re: Decimals in Banks put it in the cyberbank and any other bank make sure you have this code before you echo the variable I can't tell you exactly where in your code it should go as I don't have your code and I don't really remember how mccodes code goes. Just make sure you insert the floor function, with the proper variable in the argument, i.e., floor(proper variable here); and then echo the variable, or print it. lol

Re: Sql Injections? no offense to TwiztedFake, but applying a humongous function to the entire get and post array just seems a bit inefficient, and would likely cause people to feel safer than they really are. It's better to custom tailor validation in every instance than attempt to make one catch all.   sample code to validate a number: if (!isset($_GET['id']) or $_GET['id'] < 1) { echo "Please submit a valid number."; } settype($_GET['id'], 'int'); settype could cast the variable to a float by changing the 'int' to 'float'.   That's it for numeric fields for string fields, protecting you database is really as simple as using the mysql_real_escape_string() funtion. if you don't know this function, I'm not even going to tell you what it does because I want you to read the as much as you possibly can stand to read about it on the php site. You really really really really need to know exactly what this does, and you really really really really must know exactly why it's used, and if you can't be bothered to look it up, stop coding now, immediately! Or get ready for problems. ;)

Re: Decimals in Banks Floor: 1.12413241324123 becomes: 1 1.9934939213493 becomes 1 12352341.12341324134 becomes 12352341 12352341.9913999919349134 becomes 12352341   $money = 12352341.99923993942; $money = floor($money); echo $money; // 12352341 personally, when I insert the data into the database, I do this: $q_update = sprintf('update users set bankmoney = "%.0f" where userid = %d', $money, $userid); %.0f, what that does is it formats your $money variable as a float with no decimals. %.3f would format it as a float with 3 decimal places: 1.2351451452 becomes 1.235 Then when you perform the query: mysql_query($q_update); and ya done You could apply the sprintf() function when you get data from the database: $money = sprintf('%.0f', $ir['money_field']); That is roughly equivalent to using the floor function, so floor is recommended for that. When inserting, updating the database, sprintf is preferred because you can cast the variable any way you want, at the same time that you cast other variables as well.

Re: merging multiple databases in 1 issue I didn't say it, mdshares original post is talking about selecting "FROM db1". I don't see how you can select an entire database that way. Or maybe you can can, who knows. The only way I'd know is to test it out for myself, but seeing as how I don't have a need to do something like that, I'll save it for later when I do, unless of course someone wants to just say, "hey, you can select an entire database" lol. Until then, I'm assuming that before I do such a thing, testing will be required to ensure that it works, if it can.

Re: merging multiple databases in 1 issue   As far as I can tell, I'm the only one that posted in this forum after Nyna bumped this thread, but perhaps you are assuming that people are reading this and not posting, but thinking a lot about it instead. lol I still don't see how you do a select database1, database2 without having a table listed in there. ;)