Haunted Dawg

Re: Something other than male/female? lol.. Your even wrong there.. It's $ir['gender']/$r['gender'].

Re: Something other than male/female? Editing the Database.. Sure, you care to provide like 15 file's recoded to fit it?

Re: [MCCODES V2] Mobile text messaging   Where's the connection? Where's the defined $db?   <?php include_once('globals.php'); $price_p_credit = 500; echo '<h2>Buying Credits</h2>'; if(isset($_POST['credits'])) { $clean = abs(@intval($_POST['credits'])); $SQL = 'UPDATE `users` SET `credit` = (`credit` + '.$clean.'),`money` = (`money` - ('.($price_p_credit * $clean.')) WHERE `userid` = '.$ir['userid']; mysql_query($SQL); echo (mysql_error() ? 'MySQL Error '.mysql_error().exit() : ''); echo 'You bought '.$clean.' credits for '.money_formatter($price_p_credit * $clean).'.'; } else { echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post"> Credits: <input type="text" name="credits" value="5" /> [size="1"]* '.money_formatter($price_p_credit).'[/size] <input type="submit" value="Buy Credits" /> </form>'; } $h->endpage(); ?>   Untested

Re: Something other than male/female?   function buffer_output($buffer) { return str_ireplace(array('male','female'), array('human','alien'), $buffer); } ob_start('buffer_output');   Edited: Error

Re: [mccode v2] Advanced(isher) Level Upgrade Mod. And gain, enlighten me on how the hell is a $variable = 'some thing'; hackable 0.o

Re: [v2] New Header What's programming got to do with image's? 0.o

Re: [v2] New Header http://street-crime.co.cc/images/maincontent_blank.gif Maybe look at why it says theres error's first.

Re: Installer Game folder writable which says Failed Maybe search?

Re: What would you do with $100,000,000? 1.- Buy a couple houses. 2.- Buy a piece of land. 3.- Build a huge garage on the piece of land. 4.- Buy a couple cars 5.- Store the cars in the garage. 6.- Buy a nice decent car for personal use. 7.- Move into one of the houses and fully furnish it. 8.- Rent out the other houses (+ income). 9.- Bank the rest and gain a monthly interest.

Re: [mccode v2] Advanced(isher) Level Upgrade Mod. If he mean's that the $_POST, $_GET & $_REQUEST variable's, then that's just simple cense to secure get + post data.

Re: [mccode v2] Advanced(isher) Level Upgrade Mod. LOL.. variables:   $variable = 'haxxor me!';   OMGZ!!! some one's gonna hack that!!!!   http://www.php.net/manual/en/language.v ... basics.php yup a hacker is going to attack my variables -_-

Re: Gangsta-Wars Turn captcha off..

Re: Gangsta-Wars 1.- Login => Used to much. 2.- Register => Captcha code doesnt show. 3.- Inside => Yellow EWW!

Re: Looking to buy a full layout & register & login Aww.. i have -99 does that mean i can't? :(

Re: Looking to buy a full layout & register & login Here's 3 image's you can use..

Re: [mccode v2] Advanced(isher) Level Upgrade Mod.   OMGZ!!! My game's full of variable's, does that mean im not secure against hack's? :o

Re: strtotime produces wrong time. ahh true.. mine supposed to be 16 not 7 lol.

Re: strtotime produces wrong time.   $rm = (60 * 60) * 7;

Re: Random word at the top of my game? What are you doing running your cron files in the main game? :S

Re: [mccode] Simple user rating system v2 change that line to   if ($ratingtot >=0) {echo '<font color="green">';echo $ratingtot; echo '</font>';} else {echo '<font color="red">';echo $ratingtot; echo '</font>';} echo " [/b][url='rating.php?ID={$r['] [img=thumbsdown.gif][/url]

Re: [mccode] Simple user rating system v2   <?php include "globals.php"; $_GET['u'] = abs((int) $_GET['u']); if(!$_GET['u']) { print "Invalid use of file"; } else { $q=$db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); if($db->num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; } else { $r=$db->fetch_row($q); if($r['user_level'] == 1) { $userl="Member"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if ($r['user_level'] == 3) { $userl="Secretary"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Assistant"; } $lon=($r['laston'] > 0) ?date('F j, Y g:i:s a',$r['laston']) : "Never"; $sup=date('F j, Y g:i:s a',$r['signedup']); $ts=$r['strength']+$r['agility']+$r['guard']+$r['labour']+$r['IQ']; $d=""; if($r['laston'] > 0) { $la=time()-$r['laston']; $unit="seconds"; if($la >= 60) { $la=(int) ($la/60); $unit="minutes"; } if($la >= 60) { $la=(int) ($la/60); $unit="hours"; if($la >= 24) { $la=(int) ($la/24); $unit="days"; } } $str="$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } if($r['donatordays']) { $r['username'] = "<font color=red>{$r['username']}</font>";$d="[img=donator.gif]"; } if($r['laston'] >= time()-15*60) { $on="<font color=green>[b]Online[/b]</font>"; } else { $on="<font color=red>[b]Offline[/b]</font>"; } print "<h3>Profile for {$r['username']}</h3> <table width=100% cellspacing=1 class='table'><tr style='background:gray'><th>General Info</th><th>Financial Info</th> <th>Display Pic</th></tr> <tr><td>Name: {$r['username']} [{$r['userid']}] $d User Level: $userl Duties: {$r['duties']} Gender: {$r['gender']} Signed Up: $sup Last Active: $lon Last Action: $str Last Login: $str2 Online: $on "; $ratingtot = $r['goodratings'] - $r['badratings']; echo "Ratings: [url='rating.php?ID={$r['][img=thumbsup.gif][/url] [b]"; if ($ratingtot >=0) {echo '<font color="green">';echo $ratingtot; echo '</font>';} else {echo '<font color="red">';echo $ratingtot; echo '</font>';} echo ' [/b][url='rating.php?ID={$r['] [img=thumbsdown.gif][/url] Days Old: {$r['daysold']} Location: {$r['cityname']}</td><td> Money: \${$r['money']} Crystals: {$r['crystals']} Property: {$r['hNAME']} Referals: "; $rr=$db->query("SELECT * FROM referals WHERE refREFER={$r['userid']}"); print $db->num_rows($rr); print " Friends: {$r['friend_count']} Enemies: {$r['enemy_count']} </td> <td>"; if($r['display_pic']) { print "<center>[img={$r[] Quote: {$r['quote']}</center>"; } else { print "<center>This user has no display pic! Quote: {$r['quote']}</center>"; } $sh=($ir['user_level'] >1) ? "Staff Info" : " "; print "</td></tr> <tr style='background:gray'><th>Physical Info</th><th>Links</th><th>$sh</th></tr> <tr><td>Level: {$r['level']} Health: {$r['hp']}/{$r['maxhp']} Gang: "; if($r['gang']) { print "[url='gangs.php?action=view&ID={$r[']{$r['gangNAME']}[/url]"; } else { print "N/A"; } if($r['fedjail']) { print " [b]<font color=red>In federal jail for {$r['fed_days']} day(s). {$r['fed_reason']}</font>"; } if($r['hospital']) { print " [b]<font color=red>In hospital for {$r['hospital']} minutes. {$r['hospreason']}</font>[/b]"; } if($r['jail']) { print " [b]<font color=red>In jail for {$r['jail']} minutes. {$r['jail_reason']}</font>[/b]"; } print "</td><td>[[url='mailbox.php?action=compose&ID={$r[']Send Mail[/url]] [[url='sendcash.php?ID={$r[']Send Cash[/url]] "; if($set['sendcrys_on']) { print "[[url='sendcrys.php?ID={$r[']Send Crystals[/url]] "; } if($set['sendbank_on']) { if($ir['bankmoney'] >= 0 && $r['bankmoney'] >= 0) { print "[[url='sendbank.php?ID={$r[']Bank Xfer[/url]] "; } if($ir['cybermoney'] >= 0 && $r['cybermoney'] >= 0) { print "[[url='sendcyber.php?ID={$r[']CyberBank Xfer[/url]] "; } } print " [[url='attack.php?ID={$r[']Attack[/url]] [[url='hackpc.php?ID={$r[']Hack Users PC[/url]] [[url='contactlist.php?action=add&ID={$r[']Add Contact[/url]]"; if($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) { print " [[url='jailuser.php?userid={$r[']Jail[/url]] [[url='mailban.php?userid={$r[']MailBan[/url]]"; } if($ir['donatordays'] > 0) { print " [[url='rentaspy.php?ID={$r[']Hire Spy[/url]] [[url='friendslist.php?action=add&ID={$r[']Add Friend[/url]] [[url='blacklist.php?action=add&ID={$r[']Add Enemy[/url]] "; } print "</td><td>"; if($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) { $r['lastiph']=@gethostbyaddr($r['lastip']); $r['lastiph']=checkblank($r['lastiph']); $r['lastip_loginh']=@gethostbyaddr($r['lastip_login']); $r['lastip_loginh']=checkblank($r['lastip_loginh']); $r['lastip_signuph']=@gethostbyaddr($r['lastip_signup']); $r['lastip_signuph']=checkblank($r['lastip_signuph']); print "<h3>Internet Info</h3><table width='100%' border='0' cellspacing='1' class='table'> <tr><td></td><td class='h'>IP</td><td class='h'>Hostname</td></tr> <tr><td class='h'>Last Hit</td><td>$r[lastip]</td><td>$r[lastiph]</td></tr> <tr><td class='h'>Last Login</td><td>$r[lastip_login]</td><td>$r[lastip_loginh]</td></tr> <tr><td class='h'>Signup</td><td>$r[lastip_signup]</td><td>$r[lastip_signuph]</td></tr></table>"; print "<form action='staffnotes.php' method='post'> Staff Notes: <textarea rows=7 cols=40 name='staffnotes'>{$r['staffnotes']}</textarea> <input type='hidden' name='ID' value='{$_GET['u']}' /> <input type='submit' value='Change' /></form>"; } else { print " "; } print "</tr></table>"; } } function checkblank($in) { if(!$in) { return "N/A"; } return $in; } $h->endpage(); ?>

Re: Idea For sql protection It's doable, Nyna did that with a standard v2.0 and modified the db class. And it was almost impossible to exploit. On the other hand, what protects you from HTML exploits? XSS exploits? I can easily gain admin on your game by simply using the preferences. MCCodes is more vulnerable to html exploits than to SQL injection's.

Re: [mccode] Simple user rating system v2 Maybe post it with the ratings in!

Re: [mccode] Simple user rating system v2 Post your viewuser.

Re: Random word at the top of my game? Try looking in config.php, global_func.php and maybe in the class/ folder.