Haunted Dawg

Now now danny, why not post them the city edit also while you at it? :P

For faster loading time's, you got to think about server side, now what is serverside? PHP, that is the background of the engine. To speed this up, you'll need to update your script, modify and even delete some thing's. A lot of mccode's game's when they get like over 1k member's daily then it start's loading like a pig :P a full recode should help you fix your problem :)

Well then http://makewebgames.io/board750/31798-session-hijacking-protection Altho, Including on the sha1 function, i'd include a special text like this: $_SESSION['HTTP_USER_AGENT'] = sha1('SomeRandom'.$_SERVER['HTTP_USER_AGENT'].'SomeRandom'); That way making it even more secure as now alot of people are going to know your hashing the USER AGENT, and can still spoof it. I'd also suggest you make the random text something else and keeping it to yourself.

Oh, now i see what this script is actualy trying to do. What you will have to do is post up the section that display's the 15 message's of the shoutbox, and then ill be able to do it for you. And this im assuming that you want to delete the shout's that are not being displayed right?

If your on the login page, there are no session's being called, thus no major exploit on the login page.

Honestly? All that for something so simple? :P Slap this in a file that display's nothing: if(isset($_GET['time'])) { echo date("F jS h:i:s A"); exit; }   Now put this wherever you want to display your time: <script src="http://code.jquery.com/jquery-latest.min.js"></script> <script> $(function() { setInterval("$('#servertime').load('url.php?time=true');",1000); } ); </script> <div id="servertime"></div>   Then just change the url to where it is going to be displayed in the JQuery section. :)

You'll need to enter the file manually, but you could setup a cron to go to that file, but then modifying would be needed. So it's useless much, just run it manually.

PHP GD is actualy an easy framework if you have worked with it before.

If one of those 3 free lesson's can be one of the Mascot design, ill take it and post up some good feedback :D

All you need in that file is this:   <?php include_once(DIRNAME(__FILE__).'globals.php'); if($ir['userid'] !== 1) { exit; } mysql_query('TRUNCATE TABLE `shout_box`'); echo 'Table cleaned!'; ?>

What i was trying to say was that I'd prefer to have your thread which is more detailed, than this one which lack's ALOT.

I understand your concept, but my price's are cheap, and no, im not saying come to me. Ask anyone, if they ask me via PM, i'll secure the script they sent me, but now if it become's the hole site, then there is where my cheap price come's in. Now that that is out of the way, but only just yesterday there was a post on also securing number's, which you can see here which contain's the same type of security. Now, would you like it if there is a bunch of thread's from different people all stating how to secure number's, yet, all of them work the same, but just coded different? Why not just post your method in that thread? Then who ever is looking for another way, will simply go look through the thread!

Im not intending to be harsh, or no offence intended here. But why make a fool of yourself when you know squat about security? :(

As zeggy stated, the PHPGD library will remove any type of HTML from your image, thus HTML will not appear.

Try this:   $fetch = mysql_query('SELECT COUNT(`userid`) AS `count` FROM `users` WHERE `location` = '.$r['cityid']) or die(mysql_error().' on line '.__LINE__); $pricepay = (mysql_result($fetch, 'count') * $r['citytaxprice']); mysql_query('UPDATE `users` SET `money` = (`money` + '.$pricepay.') WHERE `userid` = '.$r['cityowner']); } $cities = mysql_query('SELECT `cityid`,`citymost` FROM `cities`') or die(mysql_error().' on line '.__LINE__); while($fsoc = mysql_fetch_assoc($cities)) { $rpos = mysql_query('SELECT COUNT(`userid`) AS `count` FROM `users` WHERE `location` = '.$fsoc['cityid']) or die(mysql_error().' on line '.__LINE__); $rows = mysql_num_rows($rpos); if($rows >= $fsoc['citymost']) { mysql_query('UPDATE `cities` SET `citymost` = '.$rows.' WHERE `cityid` = '.$fsoc['cityid']) or die(mysql_error().' on line '.__LINE__); if(!empty($query)) { mysql_query($query) or die(mysql_error().' on line '.__LINE__); } } }

What is lorem ipsum? Why do we use it? Where does it come from? Additional:

Oh sorry, i never knew i had 'l33t' skill's, you see, at first i thought i was a n00b as you said, now you say i have 'l33t' skills. Thank's. But then again, your clearly an idiot if you never played around with the gym. Those file's have been on my server for well over a year you idiot.   Lol, i do have to laugh at you. Hahahaha, You say i stalked crimgame over at mccode's forum because we were both interested in the topic, and we were both by coinsidence online at the same time on that forum. Haha, yet it seem's your stalking me ay bud? Please now, run along and get a life. Any admin/staff is welcome to lock this thread as it seem's to be going out of hand. As for you equinox, why not take post's to pm as i already stated elsewhere.

So because i do real life thing's (unlike you unfortunatly), you reckon i coded that to say it's not mccode's? HAHA, then i do have to laugh at you idiotic people thinking it's mccode's :P, if only i was not secure over my code and if it was to be a free released engine, you would of seen the entire core, unfortunatly, that is the only code you'll get to see untill i release, then you can come try your "mccode" hack's and ill just sit there and laugh at how your stupid attempt's at trying to exploit a game using mccode exploit's while it is not. Good bye fool.

Just so everyone can shutup: Database driven class: (which is still missing over 400 line's of code just function's at easy to use.) Gameplay driven functions: (Crossed some thing's out that you would not need to see to prevent "something" ;). As you can see, starts with my custom bbcode function, which then carry's onto a user function, that allows me to easily draw out data of the user through the $type variable. Still missing over 300 line's of just function's for my availability. Also, don't get happy and see that there is no script preventing the IMG tag from putting malicious data there. It's prevented on display.) Continue to your corner Equinox.

$ir['exp_needed'] = intval(($ir['level']+1)*($ir['level']+1)*($ir['level']+1)*2.2); It should be that, and run the query Danny has provided above, and you'll be on your way.

Believe what you want, i shall ignore this thread from now on. good bye.

Then change it to DECIMAL(99,4) Then go find check_level() function in global_func.php. Then as danny has said, instead replace with: $ir['exp_needed'] = intval(($ir['level']+1)*($ir['level']+1)*($ir['level']+1)*2.2); That should allow them to go up to quite a huge amount.

Change the EXP to bigint: ALTER TABLE `users` CHANGE `exp` `exp` BIGINT(1024) UNSIGNED DEFAULT '0'; Then, go into global_func.php, find your user_level() function, and modify that also to fit the BIGINT.

  Please refrain from posting your idiot post's claiming that my game is mccode's. And if you really think DK is mccode's, then why not file a claim on me for using illegal mccode's? See how far you get son.

If your talking about DK, please don't let me remind you that it is not McCode in any way! And if your talking about the /mccode folder, then no, i do not. How ever, it is a stripped down and only the basic script's are there so i can fool around and test my mod's, got a complaint? Be sure to take it up with mccode's.