topmorpg

Not sure why but the tables are screwying up badly once I start putting in the connection values etc.. http://www.bornmobsters.com/login3.php Code: <?php session_start(); include "config.php"; global $_CONFIG; define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; //count users and stats display $sql = "SELECT COUNT(userid) FROM users"; $rs = mysql_query($sql); $row = mysql_fetch_array($rs); $total_users = $row[0]; $sql = sprintf("SELECT COUNT(userid) FROM users WHERE (laston > %u)", time() - 900); $rs = mysql_query($sql); $row = mysql_fetch_array($rs); $users_online = $row[0]; $users_offline = $total_users - $users_online; //end stats display info $set=array(); $settq=$db->query("SELECT * FROM settings"); while($r=$db->fetch_row($settq)) { $set[$r['conf_name']]=$r['conf_value']; } print <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>{$set['game_name']}</title> <link rel="SHORTCUT ICON" href="favicon.ico" /> <script language="JavaScript"> <!-- function getCookieVal (offset) { var endstr = document.cookie.indexOf (";", offset); if (endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } function GetCookie (name) { var arg = name + "="; var alen = arg.length; var clen = document.cookie.length; var i = 0; while (i < clen) { var j = i + alen; if (document.cookie.substring(i, j) == arg) return getCookieVal (j); i = document.cookie.indexOf(" ", i) + 1; if (i == 0) break; } return null; } function SetCookie (name,value,expires,path,domain,secure) { document.cookie = name + "=" + escape (value) + ((expires) ? "; expires=" + expires.toGMTString() : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); } function DeleteCookie (name,path,domain) { if (GetCookie(name)) { document.cookie = name + "=" + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; } } // --> </script> <script language="JavaScript"> var usr; var pw; var sv; function getme() { usr = document.login.username; pw = document.login.password; sv = document.login.save; if (GetCookie('player') != null) { usr.value = GetCookie('username') pw.value = GetCookie('password') if (GetCookie('save') == 'true') { sv[0].checked = true; } } } function saveme() { if (usr.value.length != 0 && pw.value.length != 0) { if (sv[0].checked) { expdate = new Date(); expdate.setTime(expdate.getTime()+(365 * 24 * 60 * 60 * 1000)); SetCookie('username', usr.value, expdate); SetCookie('password', pw.value, expdate); SetCookie('save', 'true', expdate); } if (sv[1].checked) { DeleteCookie('username'); DeleteCookie('password'); DeleteCookie('save'); } } else { alert('You must enter a username/password.'); return false; } } </script> <style type="text/css"> <!-- body { background-color: #000000; } a:link { color: #42465A; text-decoration: none; } a:visited { text-decoration: none; color: #42465A; } a:hover { text-decoration: none; color: #CED6CD; } a:active { text-decoration: none; color: #D6D6D6; } --> </style></head> <body leftmargin=\"0\" topmargin=\"0\" marginwidth=\"0\" marginheight=\"0\" onload=\"getme();\"> EOF; print " <div align=\"center\"> <form action=\"authenticate.php\" method=\"post\" name=\"login\" onsubmit=\"return saveme();\"> <table id=\"Table_01\" width=\"950\" height=\"751\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td colspan=\"9\"> <img src=\"images/index_01.gif\" width=\"950\" height=\"135\" alt=\"\"></td> </tr> <tr> <td colspan=\"3\" rowspan=\"2\"> <img src=\"images/index_02.gif\" width=\"123\" height=\"326\" alt=\"\"></td> <td colspan=\"5\"> <table width=\"342\" height=\"224\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td align=\"center\" valign=\"top\" background=\"images/index_03.gif\">Here will place in some text. Users Online: {$users_online} Users Offline: {$users_offline} Total Users: {$total_users} <a href=\"http://bornmobsters.com/forgot_password.php\">Forgot password?</a> || <a href=\"http://bornmobsters.com/register.php\">[b]REGISTER NOW![/b]</a></td> </tr> </table> </td> <td rowspan=\"6\"> <img src=\"images/index_04.gif\" width=\"485\" height=\"615\" alt=\"\"></td> </tr> <tr> <td colspan=\"5\"> <img src=\"images/index_05.gif\" width=\"342\" height=\"102\" alt=\"\"></td> </tr> <tr> <td colspan=\"2\" rowspan=\"2\"> <img src=\"images/index_06.gif\" width=\"54\" height=\"42\" alt=\"\"></td> <td colspan=\"2\"> <table width=\"111\" height=\"28\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td><input name=\"username\" type=\"text\" id=\"username\" style=\"border: medium none ; background: transparent url(images/index_07.gif) no-repeat scroll 0pt; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial; text-align: bottom; vertical-align: bottom; width: 111px; height: 28px; color: red; font-weight: bold;\" maxlength=\"25\"><input type=\"hidden\" value=\"ON\" name=\"save\" checked></td> </tr> </table> </td> <td rowspan=\"2\"> <img src=\"images/index_08.gif\" width=\"93\" height=\"42\" alt=\"\"></td> <td> <table width=\"114\" height=\"28\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td><input name=\"username\" type=\"text\" id=\"username\" style=\"border: medium none ; background: transparent url(images/index_09.gif) no-repeat scroll 0pt; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial; text-align: bottom; vertical-align: bottom; width: 114px; height: 28px; color: red; font-weight: bold;\" maxlength=\"25\"></td> </tr> </table> </td> <td colspan=\"2\" rowspan=\"2\"> <img src=\"images/index_10.gif\" width=\"93\" height=\"42\" alt=\"\"></td> </tr> <tr> <td colspan=\"2\"> <img src=\"images/index_11.gif\" width=\"111\" height=\"14\" alt=\"\"></td> <td> <img src=\"images/index_12.gif\" width=\"114\" height=\"14\" alt=\"\"></td> </tr> <tr> <td> <img src=\"images/index_13.gif\" width=\"40\" height=\"40\" alt=\"\"></td> <td colspan=\"6\"> <table width=\"354\" height=\"40\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td> <input src=\"images/index_14.gif\" value=\"Submit\" alt=\"Submit\" type=\"image\"></td> </tr> </table> </td> <td rowspan=\"2\"> <img src=\"images/index_15.gif\" width=\"71\" height=\"247\" alt=\"\"></td> </tr> <tr> <td colspan=\"7\"> <table width=\"394\" height=\"207\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"> <tr> <td width=\"394\" height=\"207\" background=\"images/index_16.gif\">[i]<center>Provided by: Dedicated Gaming Network LLC &copy 2008. Game Copyright © 2008 Dedicated Gaming Network LLC</center>[/i]</td> "; print <<<OUT </tr> </table> </td> </tr> <tr> <td> <img src=\"images/spacer.gif\" width=\"40\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"14\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"69\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"42\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"93\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"114\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"22\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"71\" height=\"1\" alt=\"\"></td> <td> <img src=\"images/spacer.gif\" width=\"485\" height=\"1\" alt=\"\"></td> </tr> </table> </form> </div> </body> </html> OUT; ?>   Any ideas?   TJ

Re: My Newist Discovery   Then you are obviously not reading. I posted a way for you to learn rather then just copy and paste some code. How do you learn for later use if I just give you everything you need to do? TJ

Re: My Newist Discovery   as an example of a different type of exploit. I know its open in the script as its not common. <?php <form action="addbug.php" method="post"> Bug Catagory : <select name="bugTITLE" type="dropdown"> <option value="Gangs">Gangs</option> <option value="Comments">Comments</option> <option value="Players">Players</option> <option value="Staff">Staff</option> <option value="Login">Login</option> <option value="Refferals">Refferals</option> <option value="General">General</option> <option value="Grammer">Grammer</option> <option value="Page Error">Page Error</option> <option value="Script Faulty">Script Faulty</option> <option value="Other..">Other</option></select> Urgency : <select name="urgency" type="dropdown"> <option value="1">Low</option> <option value="2">Medium</option> <option value="3">High</option> <option value="4">Very High</option></select> Bug/Error :<textarea rows="7" cols="40" name="breport"></textarea> <input value="Proccess Bug" type="submit"></form> ?> With a simple browser plug in I wont say which I can change any data I want (values) for submission and have it posted into your system. Now depending how you have the data checked ? or if it is? I can insert malicious scripting to echo or print out in there that would cause the page to error giving me some nice path info such as username Or maybe if I can get it to execute take over an admin account then have my way with information.   Always make sure to validate all data pasted in forms, and urls that = true if not fail. Also if a form is $_POST and you $_GET the infor or data in any means. make sure it can not be exploited by an outside page. saving your source and posting to your page can cause harm as well. Generate a session or cookie to rotate the string and verify on submission.   Sorry killah first person I ran across with a link in sig. Needed an example. But make sure you verify the submitted data if you wont already.   TJ

Re: My Newist Discovery Lets face it people if there is a will there is a way. Its just a matter of how experienced the person trying to exploit, inject is -vs- the person trying to secure the script. There is many many ways of securing. There is simple cleaning of the submitted data, there is URL injection, form injection, and many others. It goes on and on. If its a char make sure it is if its int make sure it is Do this before it even makes it to a point of updating data. Should be the first checks ran. Do some checks on the data submitted. make sure its within case type a-_z 0-9 There is many lists and if I get the time I will post some very helpful threads. But its 2am here. Cant sleep figured I would see whats going on here. But if you take the time in learning. Ask questions. Most times someone like myself if I have the time will push you in the right direction. Or give you a good start but will not complete the entire thing for you. Hereis a really good read. Talks over many types, examples, and how to stop them. TJ

Re: Top Site Script :( I had that script early on in the first few months for topmorpg.com and then decided to code mine from scratch cloning apex. It has its bugs and not a lot of features. But for the price you cant really complain to much. They wont issue fixes on it. Sold as is. This is what SOJ on msn told me more then a year ago. the script hasnt been upgraded since. TJ

Re: Stop Auto Refreshers and multi IP logins I have in the past created a table on a users account to log the time of the last action they performed. If it was within 1-2 seconds that they are performing another action it asks them to slow down. This is mainly because they end up using auto refreshers to perform actions and or go click happy on buttons causing the mysql to lock up and wait for the que to clear before it can unlock. Now this is not the most advanced type of solution for this. And I do not recommend it on a small box or without having high level access to server and system changes. This was performed on a box that has 8 cores and about 12 GB memory. its a monster yes. but the site on average has about 200+ people online at a time with about 30+ query's from each user being passed over the mysql via the script.   There are good points from both of you in this thread. Its just a matter of will your box handle it? Putting hardware to solve a speed problem is not always a good thing. Performance first starts application side. make sure your code is setup with performance and accuracy in mind. Then it becomes a mysql structure (is it built properly for executing the data as best, and fast as possible.?) then the back end server tweaks we spoke of. there are many things to take into consideration here. The Box I mentioned earlier that client rather toss hardware at speeding his site up. Rather then having me tweak the script to perform better. This is a short term money saver for him. But in the long run will end up running out of options. Same site tweaked would run on a box 1/3 the size without having to even think about upgrading for a few years .   TJ

As previously done for CE members. Here We offered 10.00 savings.   For a limited time we are going to extend a never before offered price savings of $25.00 that makes this script cost $75.00 instead of the retail cost of $100.00 So without anymore babbling.. Heres the Details. Dedicated Gaming Network LLC. Mafia Gaming Script v1.2 new release (updates always free.) if you market the site properly and hit up all the top morpg game sites listing your site and post some news articles you will get players that spend in the site. The hottest games right now for turn based sites are mafia, business, and anime sites. Mafia and business type games surpass any other because there is no cap as to what they can purchase and add into the rounds. Clients of mine rake in in average 3000-7500 every 10 days and only payout to there #1 player 30% thats a nice chunk of change for 10 days right? The modifications alone to the site are well worth the money and that its all turnkey and takes very little effort. Set it up, take 30 minutes a day to check in and moderate things. and rake in the cash. Easy right? it is. DGN has been doing it for more then 10 years now. Some screenshot's of the main site and in game can be found in a folder at the demo site. http://mafia.dedicatedgamingnetwork.com/screenshots/ main site showing you a lot of administration functions that completely automate things. and the ingame folder listed will show a couple key features members look for in these types of games. Demo site: http://mafia.dedicatedgamingnetwork.com   If you have any questions please feel free to ask in the support folder. These features and functions listed are created by DGN LLC and can give you a legal license to help you feel more secure in your purchase if you like that if anyone should ever say that it is there work to remove the item you can forward them directly to DGN LLC without any legal recourse to you. Price: $100.00 USD One Time Now for CE Members Only $75.00 a $25 discount. How to get your Discount ? Click here to order your game engine Go to services >>> Custom scripts >>> mafia game script Do not forget to use PROMO CODE: mdshare08 to get your $25 discount on this engine.   This is a limited time offer and we will change it back soon to 10.00 savings. Get it while you can at this wonderful price.

Re: MySql Compilation   I currently use something similar I built. It will grab all tables and make sure they are optimized Much like if you go into phpmyadmin select all. and optimize them. TJ

Re: someone added Chedburn Networks To Better Business Bureau its easy really. about a grand. and have your company registered for a year. and you get placed in.   I contacted someone about it 5 months ago.

We have taken in all suggestions, feedback, and trouble everyone may or may not have had over the past few months. Upon approaching this update we have thought about a few things. performance security legitimacy of license Keeping the above in mind we went over the script and tweaked many areas. adding in, and taking out the un-needed items. Cleaning up the code as much as possible while still keeping all functions live and in order. Performance boosts on processing and query's. Securing more areas of the script from sql injection and other forms of attacks. And installed a license file on the script that pages a txt file where all licensed sites will be licensed sites will be listed on. If a site running the license file is not on the list you and (I) will know it is not a legitimate site and I can have it taken down. There was 2 files encrypted with ioncube to ensure its integrity and ensure the license file would not be removed easily. ioncube loaders are provided in the package to make things easier. Instructions were lengthened so that it gives more details to full setup case you don't want the 25.00 install service. Support here and on preferredservers.com still supported. Mod releases coming shortly to enhance your scripts further. member submitted mods are welcome and appreciated. If you want to share them here that is great and if you want them to be suggested for future releases please get with me here on this forum and I will see about including it into the package and a thank you goes to you within the licensing for the script so you don't go unmentioned and unrecognized.   Any questions please feel free to ask. Click here to order your game engine Go to services >>> Custom scripts >>> mafia game script Do not forget to use PROMO CODE: mdshare08 to get your $10 discount on this engine.

Re: who likes mccodes? I have both v4 and v5 dezend ability's and its as simple as drag and drop and its done. I recommend v3 mcc uses ioncube. harder to decode and constant updates. TJ

Re: $10 Discount for CE Members   regardless i will have them down one way or another.. :evil: Friends in high places that love trashing sites. So the ones I cant touch legally overseas running illegal licenses I have friends take them down in some not so nice ways. TJ

Re: Mafia Game Script v1.0 details (FREE UPDATES FOR LIFE)   I have time for everything. Many clients now and I am the only programmer. As the time comes I need to staff others I will do so however you and other clients come first. Just let me know.     hi, i was hoping to get an answer soon. If you are not interested then tell me so i can find someone. thanks greets Sorry have been in the middle of moving. will respond this evening. TJ

Re: $10 Discount for CE Members   between my attorney and I we issue DMCA requests to remove content to the data hosting company's.. (not the hosting company normally we go direct to the data centers. As well as a cease and desist order to the person running it via signature required postal mail. TJ

Re: $10 Discount for CE Members   the stolen buggy shit that I can name a few people are putting out there. yes.. Mine is debugged, built up more features, and comes with lifetime updates as they are released.   I didn't said about your offer, I'm just noticing that there's MANY mafia games, most very similar ...   Yea there is. As well I have shut down about 42 in the last 2 weeks with a list of more then 183 sites to shut down in total from illegal warez. TJ

Re: Mafia Game Script v1.0 details (FREE UPDATES FOR LIFE)   I have time for everything. Many clients now and I am the only programmer. As the time comes I need to staff others I will do so however you and other clients come first. Just let me know.

Re: $10 Discount for CE Members   I been in the process getting ready to move next week so has been delayed. However I plan to have it ready within the next 2-2.5 weeks for sure. I don't want to have you all waiting much to much longer.   TJ

Re: keep a cookie live   Yea i been rather tired lately and lazy personally. moving in less then a week and working more then my fair share lately so has worked me over. Thanks for the reply I will have a look as well I need to take a look how i was setting the cookie as im sure I placed it somewhere incorrectly for tacking.

Re: keep a cookie live can anyone help with this?

Re: [v2] Family's [$30]   A+ support thanks for future note on purchasing mods.   Keep the 30 seems you need it more then I do.

Re: Customisable Merit System ($15+) thanks for that advice in like butter. runs nice. thank you

Re: [v2] Family's [$30]   Wow i actualy never thought you would be so umm what way can i put it.... sensless... mysql_query(""); can be used in both versions. If i go into a v1 and add $db = new mysql; and some other stuff i could use $db->query(""); in v1. Willmax aint stated twice read the code it says willmax & maxwill! maxwill is your actual will and willmax is there for your house sharing.   [url='proposals.php']Proposal Manager[/url] "; if($ir['married'] > 0) { echo '[url="family.php"]Family Manager[/url] '; } echo " why exactly would that be missing some thing? unless you can just go like "; if($ir['married'] == 0) { echo '[url="proposal.php"]Proposal Manager[/url] '; } else { echo '[url="family.php"]Family Manager[/url] '; } echo "   I thought you would know that.   Excuse me for asking the mod was popping up errors in the header file thus to assume something is not right. its still not installed because of this. I gave the information above hopping for an educated response from you however got sarcasm instead. Sorry to have ruffled your feathers on such a wonderful day.. Maybe when you get back and relax you can respond with logical reasons why there would be a echo'' statement hanging in the code doing nothing. Why the header modification would pop up the error stated. and I know that the query data can be in $db-> form or mysql_query form simply put if made for v2 it should be as easy to drop in run it and install per instructions but it is not. I followed everything line for line and to my avail did not work. You can explain this. as well your installer for DB updates did not fully install needed alters to users table and had to do them on my own. Thanks for your time and look forward to a more professional response. TJ

Re: [v2] Family's [$30]   1.- Add this url to your explore: [url='proposals.php']Proposal Manager[/url] "; if($ir['married'] > 0) { echo '[url="family.php"]Family Manager[/url] '; } echo "   This missing something Killah? also 7.- Open ******.php and find: mysql_query("UPDATE users SET money=money-{$np['hPRICE']},maxwill={$np['hWILL']} WHERE userid=$userid",$c); Replace with: mysql_query("UPDATE users SET money=money-{$np['hPRICE']},maxwill={$np['hWILL']},willmax={$np['hWILL']} WHERE userid=$userid",$c); above makes no since to me. Why have willmax stated twice>? If this was for v2 why is there all these query statements stead of $db->query marks? The area of install stated to insert something to header. It kept on popping up an error. I will try to convert myself. but I thought for the money spent on this it would be correct and almost a drop in code. error that pops up after making the header update. Parse error: syntax error, unexpected T_IF, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in /home/bornmob/public_html/header.php on line 215 TJ

Re: Customisable Merit System ($15+) the text file supplied is crazy.. can really tell where code begins and ends and how to properly set it up   each and every line has some \par statement everywhere.   Please clean it up and resent to me as a pack that can be used properly.

I noticed that when someone logs in to the mccodes script it begins the session. however if they go back to the install any cookies generated will be deleted and the new cookie is started.   How can I keep a cookie live for tracking purposes?   This will go hand and hand on a release of a tracking system for multis and such. Thanks, TJ