Arkvoodle`

Re: Donator's Bank[MCV2] What happened?

I thought I'd make a bank for donators only. It's a very basic mod of cyberbank but I thought you guys might want something like this. Create file called donatorbank.php In that, add... <?php include "globals.php"; if($ir['donatordays'] >0 ) print "<h3>Donator's Bank</h3>"; if($ir['donatormoney']>-1) { switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money']>9999) { print "Congratulations, you bought a bank account for \$10,000! [url='cyberbank.php']Start using my account[/url]"; $db->query("UPDATE users SET money=money-10000,donatormoney=0 WHERE userid=$userid"); } else { print "You do not have enough money to open an account. [url='explore.php']Back to town...[/url]"; } } else { print "Open a bank account today, just \$10,000! [url='donatorbank.php?buy']> Yes, sign me up![/url]"; } } function index() { global $db,$ir,$c,$userid,$h; print "\n[b]You currently have \${$ir['donatormoney']} in the bank.[/b] At the end of each day, your bank balance will go up by 20%. <table width='75%' border='2'> <tr> <td width='50%'>[b]Deposit Money[/b] It will cost you 8% of the money you deposit, rounded up. The maximum fee is \$10,000.<form action='donatorbank.php?action=deposit' method='post'> Amount: <input type='text' name='deposit' value='{$ir['money']}' /> <input type='submit' value='Deposit' /></form></td> <td> [b]Withdraw Money[/b] There is no fee when you withdraw.<form action='donatorbank.php?action=withdraw' method='post'> Amount: <input type='text' name='withdraw' value='{$ir['donatormoney']}' /> <input type='submit' value='Withdraw' /></form></td> </tr> </table>"; } function deposit() { global $db,$ir,$c,$userid,$h; $_POST['deposit']=abs((int) $_POST['deposit']); if($_POST['deposit'] > $ir['money']) { print "You do not have enough money to deposit this amount."; } else { $fee=ceil($_POST['deposit']*8/100); if($fee > 10000) { $fee=10000; } $gain=$_POST['deposit']-$fee; $ir['donatormoney']+=$gain; $db->query("UPDATE users SET donatormoney=donatormoney+$gain, money=money-{$_POST['deposit']} where userid=$userid"); print "You hand over \${$_POST['deposit']} to be deposited, after the fee is taken (\$$fee), \$$gain is added to your account. [b]You now have \${$ir['donatormoney']} in the Donator's Bank.[/b] [url='donatorbank.php']> Back[/url]"; } } function withdraw() { global db,$ir,$c,$userid,$h; $_POST['withdraw']=abs((int) $_POST['withdraw']); if($_POST['withdraw'] > $ir['donatormoney']) { print "You do not have enough banked money to withdraw this amount."; } else { $fee=ceil($_POST['withdraw']*0/1000); if($fee > 0) { $fee=0; } $gain=$_POST['withdraw']-$fee; $ir['donatormoney']-=$gain; $db->query("UPDATE users SET donatormoney=donatormoney-$gain, money=money+$gain where userid=$userid"); print "You ask to withdraw $gain, the bank lady hands it over. [b]You now have \${$ir['donatormoney']} in the donator's Bank.[/b] [url='donatorbank.php']> Back[/url]"; } } $h->endpage(); ?>   Then run this SQL query ALTER TABLE `users` ADD `donatorbank` INT NOT NULL DEFAULT '0'; Now place this into your Cron_day.php where other db query's are. $db->query("UPDATE users SET donatormoney=donatormoney+(donatormoney/100*20) where donatormoney>0"); I think that is it, You can change the interest by changing (donatormoney/100*[interest goes here]). Also you can change fees by finding $fees in the codes. I hope you enjoy this, as it took me all of 10 minutes to make =P Oh, one last thing:- Edit explore.php and find... if($ir['location'] == 5) { print " Cyber Bank "; } Under that put if($ir['donatordays'] > 0) { print " Donator's Bank "; } And that is it, I havn't tested this yet so please post any problems/things I may have missed. Thanks =D.

Re: Staff Password without sql's. (ANY VERSION) It's ok now, thanks. This works great =D

Re: Staff Password without sql's. (ANY VERSION) Yes I put that in staff.php and smenu.php and I can still get in via URL.

Re: Staff Password without sql's. (ANY VERSION) Allthough this works in a way, I can still enter staff.php in the URL and gain entrance without putting in the Password. Please can you fix this? I woul love to use it.

Re: SQL INJEC Go to www.pills.com -.- We are not going to teach people how to Inject, this forum is how to stop that shit.