Haunted Dawg

Re: [v2] Family's [$30] Is anyone still interested in the last 3 copies?

Re: Secure Your Crons. Because if you look carefully v2 global_func.php is WAY different than v1 global_func.php

Ok ive had a shell installed on my new game dont know how it got there and well ive deleted it now but it was accessing the mysql.php via my game. So some other people may have this to i know for one jay-dogg has a problem like this and until today ive made up the working thing. Add this to which every files you actualy want to access the mysql.php/config.php:   define("Game_File", 1);   To some of you who have v1 they should add this in the header: define("Game_File", 1); require("mysql.php");   Since v1 in every file uses include(mysql.php); now you cant go through all the files :lol: Ok now in the file you want it not to access if game_file is set to 0 (from outsiders)   if(defined("Game_File") != 1) { echo 'This file is locked from outsiders.'; exit; }   Jay dogg had this problem that people were changing his email, password, all the time after changing it back. Hope this helps to some of you who actualy need it. Note: please dont post shit that its stupid to use this and such as i know its not needed if you can use a key and such but this will help those who have the same problem as jay-dogg!

Re: [Free] MySQL Control Panel Well i aint going to use this any way tho i got it working with a couple edits. Edit: But great mod ISO

Re: [Free] MySQL Control Panel This does not work with lower than php 5 it does not load the tables it does but loads them blank.

Re: Money on my game Not Really matt. All you do is go to global_func.php and at the top should be function money_formatter($mony,$sign = "$") Just change the $ to the pound one.

Re: Secure Your Crons. And didnt you read at the bottom FOR V1 USERS! :x

Re: Top 5 Table for Register/Login Well it would slow down your register and login by far exspecialy big games like mine and iso's and those who have 1500+ i am almost about to hit 2k users and imagine if i add that? it will be a stress load to the server :|

Re: Secure Your Crons. Well deception its just an exception on ways to secure your crons from outsiders.

Re: My Newist Discovery Nope my code is longer than that.

Re: Secure Your Crons. Thats the problem v1 does not come with it and this is more secure than using a ?code=blah

Re: Secure Your Crons. I actualy pay $20 a month just to host 1 of my sites this is because i pay 2 different hosts. 1 host i use just for running crons and no one will be able to figure out the url because its like in 2 dif folders then ip protected then still code protected so as far as i know my game crons are secure from outsiders. and another thing is this code is worth the use for v1 users because v1 crons do not use a code they are just in folders but how many of us dont know the folders: home/root/username/public_html/crons/are/not/4u/ and the crons are here. But now some people change it and they dont do much of a change they normaly change to: home/root/username/public_html/crons/are/sacred/ and the crons are here So even if they use the old fashion way of using the crons/are/not/4u/ and with this code basicly they wont need to worry about outsiders touching there crons. I used this type when i was a total newbie about 1 year and a half back when i first started my first game. I used this method to keep outsiders away and it worked. Its just a little bit of help to keep those away from your crons. OH btw iso your $_SERVER['REMOTE_ADDR']; is not so secure. i can go to a test.php file make it go to test2.php file but with in test.php it has a field of what ip i want to use right? so then in test2.php i run $IP = $_SERVER['REMOTE_ADDR']; but instead of grabing your actual ip it grabs the ip you inputed in test.php trust me ive tried that and i got it to work for some reason.

Re: Secure Your Crons. ISO the mysql query is to insert into the database to check what ur host cron ip is. Then you can update it to set it so that only your host can run the crons. and yes nyna. My crons are running on a dif website just used for crons for my website. runs very perfect :P

Well have you recently been having problems running your crons? Well ok ill let you on a good secret on how to stop other people from running your crons. Ok im posting this because previusly ive seen some games have problems with other people running there crons. Add another table to the database: CREATE TABLE `cron_runner` ( `cID` int(11) NOT NULL auto_increment, `cIP` varchar(255) NOT NULL, `cTIME` int(11) NOT NULL default '0', PRIMARY KEY (`cID`) ) TYPE=MyISAM AUTO_INCREMENT=1;   Now go to the minute cron and put this into it: $IP = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO cron_runner VALUES(null,'{$IP}',unix_timestamp())") or die(mysql_error());   Then let your cron run using the cron manager. Dont run it by your self. After the cron minute ran go into your database and look at the table cron_runner then look at the ip that it gives ok since you got that now add this: $ip_giv = "put the ip given in the database here"; $IP = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if($IP != $ip_giv) { die("Ha Ha Ha Ha, really thought you can get away with it huh?"); }   This is basicly a v1 code because v2 has a code already set to the crons to run. Hope you can get rid of those buggers trying to run the crons themselfs.

Re: Quick help please Yes floydian but it was a suggestion since the header will run using the $h->startheaders(); and i thought if the $r global is in the start headers function it would carry on. I have not tested it but i know it should not work.

Re: My Newist Discovery No i wanted to know if you wanted to know what the exploit is so in further on in the year if some one asks you to secure there game you know where to secure 1 part of it.

Re: My Newist Discovery BTW for those who want to know the click click BOOM code: if($_GET['ID'] != abs(@intval($_GET['ID']))) { die("click... click... KABOOM!"); }

Re: My Newist Discovery Well iseeyou i am kyle in the first place and nyna that atleast stops all sql injections most known to rpg games wich are done via the cmarket.php if you want to know how its done just pm me nyna. I have a better one that secures all posts and all gets wich i am selling for $10 but meh. And no matt im not pissed off. I dont see why my i must contribute stuff to here when so called "friends" hate me. :lol:

Re: Free 2 - Roulette Nice script i modified it a bit and added another session so that they can not refresh the hole time.

Re: Hi Peeps Maybe she posted wrong maybe it was 13 or 3 years experiance.

Re: Help please Your welcome floydian. @ nyna: Some gamers like using name[space]other like [Haunted Dawg] so if its using yours not allowing them not to use spaces it would be [HauntedDawg] lol. But the spacer thing could be good for signups.

Re: [v1] Issue a Threat [FREE] Deisel80 why dont you just post it here: http://criminalexistence.com/ceforums/i ... ic=17845.0 I made that becuase of what he did to me or you can go view his blog of mine: http://www.pimps-ghetto.com/_stoner_/ If you want me to add any proof of any illegal activity of _stoner_ then please add me @ [email protected] and the list can grow to those who want me to add stuff for you.

Re: New mail system, New game, HELP!!! That wont work since every session has its own link. for example: If i own www.killah-city.com and i add a session as a logged in like my game now it will stay available for 15 minutes inactive time. If i own www.killah-city.com/main/index.php then it wont because there are dif links.

Re: Help please Floydian you forgot to add   if ($_GET['newname']) { $newname = htmlentities(mysql_real_escape_string($_GET['newname'])); mysql_query("UPDATE users SET username='{$newname}' WHERE userid='{$ir['userid']}'") or die(mysql_error()); echo 'Your name has been changed to '.$newname.''; exit; }   Then it will actualy update there username using ur type. And as for floydians function display_name_form(); here is a better one i guess:   function display_name_form() { if (!isset($_POST['newname'])) { $_POST['newname'] = null; } echo <<<EOT <form action="preferences.php" method="get"> <input type="text" name="newname" value="{$_POST['newname']}"> <input type="submit" value="Change"> </form> EOT; }

Re: Hi Peeps Yes i know its rude to ask a lady there age but seriusly u telling us your like 48? because you cant start learning mysql and that stuff at the age of 1-10 if you were in your 30s. I find it unbelievable that you have 30 years with experiance of php and stuff.