Eternal

Re: 8 Lines to secure your site from known sql injections. thats your problems mate hahahah as noted in here it is secure to use fetch_row and that will work well with your forums

Re: 8 Lines to secure your site from known sql injections. Well this is nice kyle give you 10/10 what this prevents is the injections of exploiting the forums so far i only noticed one line of code to do it but that is still testing with new types of injections.. By exploiting the forums you can query the database to send you any information you want by a simple union all select from 'tablename' with a few extra features i leave out for security purpose's.... what this actually does is help you out by not having to go through the whole forums clearing out every get request with $_GET['ID'] = abs((int) $_GET['ID']); which i tell you is a long task... this form is quite nice though and i suggest more people use it or something similar it isn't going to prevent all injections i know of but will slow it down :)

Re: would this be possible :mrgreen:   well my idea to this is you will never stop multies so you need to give the user the need to not use them and simple scripts like no same ip sending will be ok but then you still have pplz on prox'ies and there is alot of other ways to get around this like flushing your dns and some similar ways like have a thing like you can have 2 accounts of some stufff and have the second account take a diff path on the game like have EG::::ninjas and pirates// but only set paths can have set items and such..... you have to be creative to make the user want to play one account .... the main idea of a multi is to get higher in the game get extra amount of certain items and such so making a selective range and making them non transferable to each user will be only relying on their own account ////// I have never seen the point of a item market as some accounts that are like level 300 and such can bust their a$$ to get those items to only sell them to a user that has not played the game as much which is technically cheating thahacker07

Re: Hi I Got An Error :mrgreen:   so the answer to the error is::: if you ever have a error Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 11 in /home/ufruh/public_html/class/class_db_mysql.php on line 94 or any like it that means that you have set up a table // field with no data input so you check up on what data you have and insert a field into it :evil:

Re: Hi I Got An Error :mrgreen: killah999 what was the answer to your question so other gamers can fix this error when they come across it plz exlain thanx |thahacker07|

:mrgreen: if this is in the wrong section i am SORRY Hello it is me again ////// to let you all know i am a noob at coding still "but i am learning verrrry quickly" BUT I CAN CODE well the purpose of this topic is Phaos and mccodes as i like the layout and form of phaos and mccodes well why not make it into one game which is a huge step for me now all i am asking is that anyone who would like to help / put ideas / special mods of their own / or any requests that are in each of these two good game engines to post in this thread or drop a email to [email protected] i will be trying my hardest to make this game complete and rich full of features if anyone would like to help me in this plz PM me or leaver me an email and will follow from there

Re: [mccode] Improved Estate Agents for v2.0   <?php include "globals.php"; $mpq=$db->query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}"); $mp=$db->fetch_row($mpq); $_GET['property']=abs((int) $_GET['property']); if($_GET['property']) { $npq=$db->query("SELECT * FROM houses WHERE hID={$_GET['property']}"); $np=$db->fetch_row($npq); if($np['hWILL'] < $mp['hWILL']) { print "You cannot go backwards in houses!"; } else if ($np['hPRICE'] > $ir['money']) { print "You do not have enough money to buy the {$np['hNAME']}."; } else { $db->query("UPDATE users SET money=money-{$np['hPRICE']},will=0,maxwill={$np['hWILL']} WHERE userid=$userid"); print "Congrats, you bought the {$np['hNAME']} for \${$np['hPRICE']}!"; } } else if (isset($_GET['sellhouse'])) { $npq=$db->query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}"); $np=$db->fetch_row($npq); if($ir['maxwill'] == 100) { print "You already live in the lowest property!"; } else { $db->query("UPDATE users SET money=money+{$np['hPRICE']},will=0,maxwill=100 WHERE userid=$userid"); print "You sold your {$np['hNAME']} and went back to your shed."; } } else { print "<center>Your current property: <font color=blue>[b]{$mp['hNAME']}[/b]</font> The houses you can buy are listed below. Click a house to buy it. "; print "[url='estate.php?sellhouse']Sell Your House[/url] "; if($ir['willmax'] > 100) { } $hq=$db->query("SELECT * FROM houses WHERE hWILL>{$ir['maxwill']} ORDER BY hWILL ASC"); while($r=$db->fetch_row($hq)) { print " <table cellspacing=2 class='table'><tr style='background:gray;'><th>House</th><th>House Price</th><th>House Will</th><th>Buy?</th></tr>"; $hq=mysql_query("SELECT * FROM houses WHERE hWILL>{$ir['maxwill']} ORDER BY hWILL ASC",$c); while($r=$db->fetch_row($hq)) { print "<tr><td>{$r['hNAME']}</a></td><td>\$$t".money_formatter($r['hPRICE'],'')."</td> <td>{$r['hWILL']}</td> <td><a href='estate.php?property={$r['hID']}'>Buy</tr>"; } print "</table>"; } } $h->endpage(); ?>   that should be the right one for v2.0 as i have tried all the above and this works