Eternal

Re: [mccodes v2] Magic 8 Ball   but having everything else brought to the table we can. You don't need a answer=4 or so to preform a sql injection. basicly anything is injectable and securing it against sql inputs was the go i have a chat script that used name inputs to get the user and it had no other sql only include globals now how did i manage to dump my database into the chat???

Re: [mccodes v2] Magic 8 Ball I may be wrong i just thought this would be a time to learn how to write it without looking up everything.. i am a noob at this still so i hope it works...!   <?php include "globals.php"; $question=mysql_real_escape_string(nl2br(strip_tags($_POST['question']))); $ask=" <form action=magic8ball.php method=POST>Question: <input type=text name=question> <input type=submit value=Ask></form>"; print "<h3>Magic 8 Ball</h3> Welcome to the magic 8 ball. Here you can type in a question about anything and the magic 8 ball will reveal the answer to you. Please note: Yes and no questions are the ones which are best answered. "; if ($question=="") { print $ask; $h->endpage(); exit; } else { $answer=array(1 =>"No.",2 =>"Yes.",3 =>"I cant answer that.",4 => "Very unlikely.", 5 => "That is not correct.", 6 => "The stars say no.", 7 => "Definitely not.",8 =>"That is correct.",9 =>"Excuse me?.",10 =>"I do not understand.",11 =>"Of course.",12 =>"Is that so?",13 =>"Right....",14 =>"That is 100% true.",15 =>"Dont ask me that.",16 =>"Wouldnt you like to know.",17 =>"The stars seem to be saying thats true.",18 =>"No way!",19 =>"That depends really.",20 =>"I will not answer that.",21 =>"That is not up to me to decide.",22 =>"Im not sure.",23 =>"I refuse to answer.",24 =>"Yup.",25 =>"No way at all!"); { if ($question=="$question") { $answer2=(int) rand(1,25); if(in_array($answer,$answer2)) { $pic=$answer; } } print "<hr />[b]$question[/b] "; print " "; print " [b]"; print "<table width=174 height=156 border=0 cellpadding=0 cellspacing=0> <tr><td background='magic8ball.png'><center>$pic</td></tr></table> "; print "$ask"; $h->endpage(); exit; } } $h->endpage(); ?>

Re: Question.. v1 and lite are almost the same maybe the same.. i would go through your v1 lite source and then go through v1 source and notice any differences on the coding style like   mysql_query() is $db->query in v1 to v2 also You are using in v1 the include userdata where v2 is in the globals.. so just research it in your scripts and find the answer...

Re: Question..   First this isn't help section and there is a conversion table in the other forum topic..

Re: [mccode v2] Factions ORG-CRIME Armoury You have to have the v2 org crimes for gangs. the staff menu section. I can't post the scripts here as they not mine but they in the forums...

Re: [mccode v2] Anolog Clock LoL

Re: [mccode v2] Factions ORG-CRIME Armoury   But being a host of a game i think that you should learn all coding languages that are in the game so you know. i could easily put in a backdoor to your site without you knowing...

Re: [mccode v2] Brothel Non exploitable First i am a noob and i don't know if this works but i am putting the idea out and testing i havent yet uploaded on a site to test it, i think this will reduce some url manipulation. hopefully   <?php include("globals.php"); echo '<h2>Brothel</h2>'; $whore_woman = array ( 1 => array("Roxy",500), 2 => array("Kelly",1000), 3 => array("Shanique",1500), 4 => array("Rhonda",2000), 5 => array("Elizabeth",10000) ); $whore_men = array ( 1 => array("Bill",500), 2 => array("Marcus",1000), 3 => array("Greg",1500), 4 => array("Sam",2000), 5 => array("Kyle",10000) ); if($_SESSION['female'] != '' && $_SESSION['female1'] != '') { $x = abs(@intval($_GET['x'])); $will = rand(1,5); mysql_query("UPDATE users SET will=will+".$will.", money=money-".$whore_woman[$x][1]." WHERE userid=".$ir['userid']); echo 'You payed '.money_formatter($whore_woman[$x][1]).' to take '.$whore_woman[$x][0].' to the room and you gained '.$will.' will.'; $_SESSION['female'] = ''; $_SESSION['female1'] = ''; $h->endpage(); exit; } elseif($_SESSION['male'] != '' && $_SESSION['male1'] != '') { $x = abs(@intval($_GET['x'])); $will = rand(1,5); mysql_query("UPDATE users SET will=will+".$will.", money=money-".$whore_men[$x][1]." WHERE userid=".$ir['userid']); echo 'You payed '.money_formatter($whore_men[$x][1]).' to take '.$whore_men[$x][0].' to the room and you gained '.$will.' will.'; $_SESSION['male'] =''; $_SESSION['male1'] = ''; $h->endpage(); exit; } else { echo ' Woman: <table border="1" cellspacing="0" class="table" width="50%"> <tr> <th>Name</th> <th>Price</th> <th>Rent</th> </tr> <tr>'; $i = 0; while($i < 5) { $i++; $_SESSION['female'] =$whore_woman[$i][0]; $_SESSION['female1'] =$whore_woman[$i][1]; echo ' <td>'.$_SESSION['female'].'</td> <td>'.money_formatter($_SESSION['female1']).'</td> <td>[url="'.$_SERVER['PHP_SELF'].'?x='.$i.'"]Rent[/url]</td> <tr>'; } echo ' </tr> </table> Men: <table border="1" cellspacing="0" class="table" width="50%"> <tr> <th>Name</th> <th>Price</th> <th>Rent</th> </tr> <tr>'; $i = 0; while($i < 5) { $i++; $_SESSION['male'] =$whore_men[$i][0]; $_SESSION['male1'] =$whore_men[$i][1]; echo ' <td>'.$_SESSION['male'].'</td> <td>'.money_formatter($_SESSION['male1']).'</td> <td>[url="'.$_SERVER['PHP_SELF'].'?x='.$i.'"]">Rent[/url]</td> <tr>'; } echo ' </tr> </table>'; } $h->endpage(); ?>

Re: [V2] User Comments   Does it matter ??? if people done all the work for everyone then why learn the code just hop in here and get free mods.

Re: [mccode v2] Factions ORG-CRIME Armoury   lol Why charge when it is a simple task on things... if you have to pay someone to do mods for your game then why host a game at all :P

Re: [mccode v2] Item Descryption.   really and how exactly are you going to do that? research i hope... using wztooltips is kinda easy :P It is when you modify the standard base script in and then that is a peice of work.. il put up the new javascript i am working on soon .

Re: [mccode v2] Item Descryption. give me a few and il submit on how zero i s doing his.

Re: [mccode v2] Factions ORG-CRIME Armoury   they use the orriginal org crimes pannel which is found on here. i am working on a complete factions staff pannel soon

Re: [mccode V2] Factions ORG-CRIME Armoury   function donate_armory() { global $db,$ir,$c,$userid,$h; if ($_POST['amount'] AND $_POST['item']) { $_POST['amount'] = abs((int) $_POST['amount']); $_POST['item'] = abs((int) $_POST['item']); $sql = sprintf("SELECT * FROM `inventory` inv LEFT JOIN `items` i ON (i.itmid = inv.inv_itemid) WHERE inv_userid = %d AND (inv.inv_id = %u)", $ir['userid'], mysql_real_escape_string($_POST['item'])); $q = $db->query($sql); $ir['itmHAVE'] = mysql_num_rows($q); $r = mysql_fetch_array($q); if(!$ir['itmHAVE']) { print " You do not own that item. <hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } else if($r['inv_qty'] < $_POST['amount']) { print " You dont have enough of this item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else { $ins = sprintf("INSERT INTO `faction_armoury` (`fiID`, `fiFACTION`, `fiUSER`, `fiITEM`, `fiAMOUNT`) VALUES ('NULL','%d', '%d', '%d', '%d')", $ir['faction'], $ir['userid'], $r['itmid'], $_POST['amount']); if ($r['inv_qty'] > $_POST['amount']) { $use = sprintf("UPDATE `inventory` SET inv_qty = inv_qty - %d WHERE inv_userid = %d AND (inv_id = %u)", mysql_real_escape_string($_POST['amount']), mysql_real_escape_string($ir['userid']), mysql_real_escape_string($_POST['item'])); } else { $use = sprintf("DELETE FROM `inventory` WHERE (inv_id = %u)", mysql_real_escape_string($_POST['item'])); } $db->query($ins); $db->query($use); print " You donated ".number_format($_POST['amount'])." {$r['itmname']}'s to the faction. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } } else { $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $q = $db->query($sql); print "<table width='90%' cellspacing='1'><tr bgcolor='#AAAAAA'> <th width='40%'>Item</th><th width='40%'>Donator</th><th width='20%'>Amount</th></tr>"; while ($r = mysql_fetch_array($q)) { print "<tr><td>{$r['itmname']}</td><td>[url='viewuser.php?u={$r[']{$r['username']}[/url]</td><td>{$r['fiAMOUNT']}</td></tr>"; } print "</table> [b]Donate:[/b] <form action='manage_faction.php?step=armory' method='post'> <select name='item' type='dropdown'> <option value='0'>None</option>"; $itm = sprintf("SELECT * FROM `inventory` inv LEFT JOIN `items` i ON (i.itmid = inv.inv_itemid) WHERE (inv.inv_userid = %u)", $ir['userid']); $itm = $db->query($itm); while($it = mysql_fetch_array($itm)) { print "<option value='{$it['inv_id']}'>{$it['itmname']}</option>"; } print "</select> <input type='text' name='amount' size='5' maxlength='3'> <input type='submit' value='Submit'></form>"; print "<hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } } function give_armory() { global $db,$ir,$c,$userid,$h; $sql2 = sprintf("SELECT * FROM `factions` fa WHERE (faID = %u)", mysql_real_escape_string($ir['faction'])); $q2 = $db->query($sql2); $r2 = mysql_fetch_array($q2); if ($r2['faLEADER'] != $userid) { print " You are not authorised to access this page. <hr width='90%'>> [url='factions.php']Back[/url]<hr width='90%'>"; } else if ($_POST['amount'] AND $_POST['item'] AND $_POST['user']) { $_POST['amount'] = abs((int) $_POST['amount']); $_POST['item'] = abs((int) $_POST['item']); $_POST['user'] = abs((int) $_POST['user']); $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = %d) WHERE fiFACTION = %d AND (fi.fiITEM = %d)", $_POST['user'], $ir['faction'], mysql_real_escape_string($_POST['item'])); $q = $db->query($sql); $ir['itmHAVE'] = mysql_num_rows($q); $r = mysql_fetch_array($q); if(!$ir['itmHAVE']) { print " Your faction does not own that item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else if($r['fiAMOUNT'] < $_POST['amount']) { print " Your faction does not have enough of this item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else { $ins = sprintf("INSERT INTO `inventory` (`inv_itemid`, `inv_userid`, `inv_qty`) VALUES (".$_POST['item'].", ".$_POST['user'].", ".$_POST['amount'].")"); if ($r['fiAMOUNT'] > $_POST['amount']) { $use = sprintf("UPDATE `faction_armoury` SET fiAMOUNT = fiAMOUNT - %d WHERE fiFACTION = %d AND (fiID = %u)", mysql_real_escape_string($_POST['amount']), mysql_real_escape_string($ir['faction']), mysql_real_escape_string($_POST['item'])); } else { $use = sprintf("DELETE FROM `faction_armoury` WHERE (fiITEM = %u)", mysql_real_escape_string($_POST['item'])); } $db->query($ins); $db->query($use); event_add($r['userid'],"Your Gang leader sent you an item"); print " You gave ".number_format($_POST['amount'])." {$r['itmname']}'s to {$r['username']}. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } } else { $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $q = $db->query($sql); print "<table width='90%' cellspacing='1'><tr bgcolor='#AAAAAA'> <th width='40%'>Item</th><th width='40%'>Donator</th><th width='20%'>Amount</th></tr>"; while ($r = mysql_fetch_array($q)) { print "<tr><td>{$r['itmname']}</td><td>[url='viewuser.php?u={$r[']{$r['username']}[/url]</td><td>{$r['fiAMOUNT']}</td></tr>"; } print "</table> [b]Give:[/b] <form action='manage_faction.php?step=agive' method='post'> <select name='item' type='dropdown'> <option value='0'>None</option>"; $itm = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $itm = $db->query($itm); while($it = mysql_fetch_array($itm)) { print "<option value='{$it['itmid']}'>{$it['itmname']}</option>"; } print "</select> <select name='user' type='dropdown'> <option value='0'>None</option>"; $usr = sprintf("SELECT * FROM `users` WHERE (faction = %u)", $ir['faction']); $usr = $db->query($usr); while($us = mysql_fetch_array($usr)) { print "<option value='{$us['userid']}'>{$us['username']}</option>"; } print "</select> <input type='text' name='amount' size='5' maxlength='3'> <input type='submit' value='Submit'></form>"; print "<hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } } sorry i have a extra feild on my inventory table   also i missed one sql for it ALTER TABLE factions ADD faCHOURS INT(11) NOT NULL DEFAULT 0;

Re: [mccode V2] Item Descryption.   DUDE Took me 30 seconds.. in this little box here... <? require "global_func.php"; include "mysql.php"; $result= mysql_query("SELECT * FROM `items` WHERE `itmid` = '".$_GET['id']."'"); $worked= mysql_fetch_array($result); ?> <html> <head> <title><?= $worked['itmname'] ?></title> <style> * { font-family: tahoma; font-size: 12px; color: #FFFFFF; } body { background-color: #000000; margin: 15px; } .wrap { background-color: #202020; border: 1px solid #444; } .header { background-color: #111; border: 1px solid #444; } .head_text { padding: 5px; border: 1px solid #444; background-color: #111; color: #999999; font-weight: bold; } .head_text2l { padding: 5px; border-left: 1px solid #444; border-bottom: 1px solid #444; background-color: #555555; color: #999999; font-weight: bold; } .head_text2r { padding: 5px; border-right: 1px solid #444; border-bottom: 1px solid #444; background-color: #555555; color: #999999; font-weight: bold; } .head_text2 { padding: 5px; border-bottom: 1px solid #444; background-color: #555555; color: #999999; font-weight: bold; } .head_text3 { padding: 5px; border-left: 1px solid #444; border-right: 1px solid #444; border-bottom: 1px solid #444; background-color: #333333; color: #333333; } .textl { padding: 5px; border-left: 1px solid #444; border-bottom: 1px solid #444; background-color: #333333; } .textr { padding: 5px; border-right: 1px solid #444; border-bottom: 1px solid #444; background-color: #333333; } .text { padding: 5px; border-bottom: 1px solid #444; background-color: #333333; } .textl2 { padding: 5px; border-left: 1px solid #444; border-bottom: 1px solid #444; background-color: #444444; } .textr2 { padding: 5px; border-right: 1px solid #444; border-bottom: 1px solid #444; background-color: #444444; } .text2 { padding: 5px; border-bottom: 1px solid #444; background-color: #444444; } .textm { padding: 5px; background-color: #333333; border-left: 1px solid #444; border-right: 1px solid #444; border-bottom: 1px solid #444; } .textm2 { padding: 5px; background-color: #333333; border-left: 1px solid #444; border-right: 1px solid #444; border-bottom: 1px solid #444; } .style1 {padding: 5px; border: 1px solid #444444; background-color: #111; color: #FFFFFF; font-weight: bold; } .style2 {padding: 5px; border: 1px solid #444; background-color: #111; color: #FFFFFF; font-weight: bold; } </style> </head> <body> <table class='wrap' width='100%' height='100%' cellpadding='5' cellspacing='0' align='center'> <tr> <td valign='top'> <table class='header' width='100%' cellpadding='5' cellspacing='0' align='center'> <tr> <td><p style='color:white;font-size:16px;font-weight:bold;'><center><?= $worked['itmname'] ?></center></p></td> </tr> </table> <table width='100%' cellpadding='4' cellspacing='0'> <tr> <td colspan='2' class='style1'>.: Description</td> </tr> <tr> <td class='textl' align='center'>[img=<?= $worked[]' width='100' height='100' style='border: 1px solid #333333'></td> <td class='textm2'><?= $worked['itmdesc'] ?></td> </tr> </table> <table width='100%' cellpadding='4' cellspacing='0'> <tr> <td colspan='4' class='style2'>.: Details</td> </tr> <tr> <td class='textm'>Name: </td> <td class='textr'><?= $worked['itmname'] ?></td> </tr> <tr> <td class='textm'>Sell Value: </td> <td class='textr'>$<?= $worked['itmsellprice'] ?></td> </tr> <tr> <td class='textm'>Shop Cost: </td> <td class='textr'>$<?= $worked['itmbuyprice'] ?></td> </tr> <tr> <td class='textm' valign='top'>Attack Modifier: </td> <td class='textr'> +<?= $worked['weapon'] ?>% </td> </tr> <tr> <td class='textm' valign='top'>Defense Modifier: </td> <td class='textr'> +<?= $worked['armor'] ?>% </td> </tr> </table> </td> </tr> </table> </body> </table>   Also I suppose You can use the same other codes in main post

Re: [mccode V2] Factions ORG-CRIME Armoury   lol Well i prefer this gangs// Factions so easy to mod into it Also i fixed all the errors on the previous topics where the armoury didn't give out items and the org crimes didnt even load lol..

Re: [mccode V2] Factions ORG-CRIME Armoury Also Replace Faction apply with function faction_apply() { global $ir,$c,$userid,$h; if ($ir['faction']) { print " You are already in a faction at this time. <hr width='90%'>> [url='factions.php']Back[/url]<hr width='90%'>"; } else if (!$_GET['act']) { print " Please type an application to this faction below: <form action='factions.php?step=apply&act=submit&ID={$_GET['ID']}' method='post'> <textarea type='text' name='app' cols='50' rows='8'>Type your application here</textarea> <input type='submit' value='Submit'></form> <hr width='90%'>> [url='factions.php?step=profile&ID={$_GET[']Back[/url]<hr width='90%'>"; } else if ($_GET['act'] == 'submit') { if ($_POST['app']) { $ins = sprintf("INSERT INTO `faction_apps` (`fpID`, `fpUSER`, `fpFACTION`, `fpAPP`, `fpTIME`) VALUES ('NULL','%d', '%d', '%s', '%d')", mysql_real_escape_string($ir['userid']), mysql_real_escape_string($_GET['ID']), mysql_real_escape_string($_POST['app']), time()); mysql_query($ins); $sql = sprintf("SELECT * FROM `factions` WHERE (faID = %u)", mysql_real_escape_string($_GET['ID'])); $q = mysql_query($sql); $r = mysql_fetch_array($q); event_add($r['faLEADER'], "[url='viewuser.php?u=$userid']{$ir['username']}[/url] Applied to your Faction! ", $c); print " Your application was submitted! <hr width='90%'>> [url='factions.php?step=profile&ID={$_GET[']Back[/url]<hr width='90%'>"; } else { print " You did not type an application to send! <hr width='90%'>> [url='factions.php?step=apply&ID={$_GET[']Back[/url]<hr width='90%'>"; } } } and replace leave_faction with function leave_faction() { global $db,$ir,$c,$userid,$h; $sql = sprintf("SELECT * FROM `factions` fa WHERE (faID = %u)", mysql_real_escape_string($ir['faction'])); $q = $db->query($sql); $r = mysql_fetch_array($q); if (!$_GET['act']) { print " Would you like to leave the {$r['faNAME']} faction: [b] If Owner The faction is deleted! <form action='manage_faction.php?step=leave&act=conf' method='post'> <input type='submit' value='Leave'></form> <hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } else if ($_GET['act'] == 'conf') { if ($_POST['user'] AND ($r['faLEADER'] != $_POST['user']) ) { $sql3 = sprintf("UPDATE `users` SET `faction` = '%d' WHERE (`userid` = %u)", 0, $userid); $db->query($sql3); print " You left the faction! <hr width='90%'>> [url='explore.php']Back[/url]<hr width='90%'>"; } else { $sql3 = sprintf("DELETE FROM `factions` WHERE (`faID` = %u)", $ir['faction']); $db->query($sql3); $sql4 = sprintf("UPDATE `users` SET `faction` = '%d' WHERE (`userid` = %u)", 0, $userid); $db->query($sql4); print " You Deleted Your Faction.! "; } } }

first i got this mod from http://criminalexistence.com/ceforums/i ... ic=26678.0 and from http://criminalexistence.com/ceforums/i ... ic=27044.0 I have gone through and fixed everything up :) The Cron hour :) $db->query("UPDATE factions SET faCHOURS=faCHOURS-1 WHERE faCRIME>0"); $q=$db->query("SELECT fa.*,oc.* FROM factions fa LEFT JOIN orgcrimes oc ON fa.faCRIME=oc.ocID WHERE fa.faCRIME > 0 AND fa.faCHOURS = 0"); while($r=$db->fetch_row($q)) { $suc=rand(0,1); if($suc) { $log=$r['ocSTARTTEXT'].$r['ocSUCCTEXT']; $muny=(int) (rand($r['ocMINMONEY'],$r['ocMAXMONEY'])); $log=str_replace(array("{muny}","'"),array($muny,"''"),$log); $db->query("UPDATE factions SET faVAULT=faVAULT+$muny,faCRIME=0 WHERE faID={$r['faID']}"); $db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['faID']}, '$log', 'success', $muny, '{$r['ocNAME']}', unix_timestamp())"); $i=$db->insert_id(); $qm=$db->query("SELECT * FROM users WHERE factions={$r['faID']}"); while($rm=$db->fetch_row($qm)) { event_add($rm['userid'],"Your Gang's Organised Crime Succeeded. Go [url='oclofa.php?ID=$i']here[/url] to view the details.",$c); } } else { $log=$r['ocSTARTTEXT'].$r['ocFAILTEXT']; $muny=0; $log=str_replace(array("{muny}","'"),array($muny,"''"),$log); $db->query("UPDATE factions SET faCRIME=0 WHERE faID={$r['faID']}"); $db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['faID']}, '$log', 'failure', $muny, '{$r['ocNAME']}', unix_timestamp())"); $i=$db->insert_id(); $qm=$db->query("SELECT * FROM users WHERE faction={$r['faID']}"); while($rm=$db->fetch_row($qm)) { event_add($rm['userid'],"Your Gang's Organised Crime Failed. Go [url='oclofa.php?ID=$i']here[/url] to view the details.",$c); } } } Donate and give armoury function donate_armory() { global $db,$ir,$c,$userid,$h; if ($_POST['amount'] AND $_POST['item']) { $_POST['amount'] = abs((int) $_POST['amount']); $_POST['item'] = abs((int) $_POST['item']); $sql = sprintf("SELECT * FROM `inventory` inv LEFT JOIN `items` i ON (i.itmid = inv.inv_itemid) WHERE inv_userid = %d AND (inv.inv_id = %u)", $ir['userid'], mysql_real_escape_string($_POST['item'])); $q = $db->query($sql); $ir['itmHAVE'] = mysql_num_rows($q); $r = mysql_fetch_array($q); if(!$ir['itmHAVE']) { print " You do not own that item. <hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } else if($r['inv_qty'] < $_POST['amount']) { print " You dont have enough of this item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else { $ins = sprintf("INSERT INTO `faction_armoury` (`fiID`, `fiFACTION`, `fiUSER`, `fiITEM`, `fiAMOUNT`) VALUES ('NULL','%d', '%d', '%d', '%d')", $ir['faction'], $ir['userid'], $r['itmid'], $_POST['amount']); if ($r['inv_qty'] > $_POST['amount']) { $use = sprintf("UPDATE `inventory` SET inv_qty = inv_qty - %d WHERE inv_userid = %d AND (inv_id = %u)", mysql_real_escape_string($_POST['amount']), mysql_real_escape_string($ir['userid']), mysql_real_escape_string($_POST['item'])); } else { $use = sprintf("DELETE FROM `inventory` WHERE (inv_id = %u)", mysql_real_escape_string($_POST['item'])); } $db->query($ins); $db->query($use); print " You donated ".number_format($_POST['amount'])." {$r['itmname']}'s to the faction. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } } else { $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $q = $db->query($sql); print "<table width='90%' cellspacing='1'><tr bgcolor='#AAAAAA'> <th width='40%'>Item</th><th width='40%'>Donator</th><th width='20%'>Amount</th></tr>"; while ($r = mysql_fetch_array($q)) { print "<tr><td>{$r['itmname']}</td><td>[url='viewuser.php?u={$r[']{$r['username']}[/url]</td><td>{$r['fiAMOUNT']}</td></tr>"; } print "</table> [b]Donate:[/b] <form action='manage_faction.php?step=armory' method='post'> <select name='item' type='dropdown'> <option value='0'>None</option>"; $itm = sprintf("SELECT * FROM `inventory` inv LEFT JOIN `items` i ON (i.itmid = inv.inv_itemid) WHERE (inv.inv_userid = %u)", $ir['userid']); $itm = $db->query($itm); while($it = mysql_fetch_array($itm)) { print "<option value='{$it['inv_id']}'>{$it['itmname']}</option>"; } print "</select> <input type='text' name='amount' size='5' maxlength='3'> <input type='submit' value='Submit'></form>"; print "<hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } } function give_armory() { global $db,$ir,$c,$userid,$h; $sql2 = sprintf("SELECT * FROM `factions` fa WHERE (faID = %u)", mysql_real_escape_string($ir['faction'])); $q2 = $db->query($sql2); $r2 = mysql_fetch_array($q2); if ($r2['faLEADER'] != $userid) { print " You are not authorised to access this page. <hr width='90%'>> [url='factions.php']Back[/url]<hr width='90%'>"; } else if ($_POST['amount'] AND $_POST['item'] AND $_POST['user']) { $_POST['amount'] = abs((int) $_POST['amount']); $_POST['item'] = abs((int) $_POST['item']); $_POST['user'] = abs((int) $_POST['user']); $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = %d) WHERE fiFACTION = %d AND (fi.fiITEM = %d)", $_POST['user'], $ir['faction'], mysql_real_escape_string($_POST['item'])); $q = $db->query($sql); $ir['itmHAVE'] = mysql_num_rows($q); $r = mysql_fetch_array($q); if(!$ir['itmHAVE']) { print " Your faction does not own that item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else if($r['fiAMOUNT'] < $_POST['amount']) { print " Your faction does not have enough of this item. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } else { $ins = sprintf("INSERT INTO `inventory` (`inv_itemid`, `inv_userid`, `inv_qty`,`inv_lent`) VALUES (".$_POST['item'].", ".$_POST['user'].", ".$_POST['amount'].",'0')"); if ($r['fiAMOUNT'] > $_POST['amount']) { $use = sprintf("UPDATE `faction_armoury` SET fiAMOUNT = fiAMOUNT - %d WHERE fiFACTION = %d AND (fiID = %u)", mysql_real_escape_string($_POST['amount']), mysql_real_escape_string($ir['faction']), mysql_real_escape_string($_POST['item'])); } else { $use = sprintf("DELETE FROM `faction_armoury` WHERE (fiITEM = %u)", mysql_real_escape_string($_POST['item'])); } $db->query($ins); $db->query($use); event_add($r['userid'],"Your Gang leader sent you an item"); print " You gave ".number_format($_POST['amount'])." {$r['itmname']}'s to {$r['username']}. <hr width='90%'>> [url='manage_faction.php?step=armory']Back[/url]<hr width='90%'>"; } } else { $sql = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $q = $db->query($sql); print "<table width='90%' cellspacing='1'><tr bgcolor='#AAAAAA'> <th width='40%'>Item</th><th width='40%'>Donator</th><th width='20%'>Amount</th></tr>"; while ($r = mysql_fetch_array($q)) { print "<tr><td>{$r['itmname']}</td><td>[url='viewuser.php?u={$r[']{$r['username']}[/url]</td><td>{$r['fiAMOUNT']}</td></tr>"; } print "</table> [b]Give:[/b] <form action='manage_faction.php?step=agive' method='post'> <select name='item' type='dropdown'> <option value='0'>None</option>"; $itm = sprintf("SELECT * FROM `faction_armoury` fi LEFT JOIN `items` i ON (i.itmid = fi.fiITEM) LEFT JOIN `users` u ON (u.userid = fi.fiUSER) WHERE (fi.fiFACTION = %u)", $ir['faction']); $itm = $db->query($itm); while($it = mysql_fetch_array($itm)) { print "<option value='{$it['itmid']}'>{$it['itmname']}</option>"; } print "</select> <select name='user' type='dropdown'> <option value='0'>None</option>"; $usr = sprintf("SELECT * FROM `users` WHERE (faction = %u)", $ir['faction']); $usr = $db->query($usr); while($us = mysql_fetch_array($usr)) { print "<option value='{$us['userid']}'>{$us['username']}</option>"; } print "</select> <input type='text' name='amount' size='5' maxlength='3'> <input type='submit' value='Submit'></form>"; print "<hr width='90%'>> [url='manage_faction.php']Back[/url]<hr width='90%'>"; } } Faction org crimes and view crimes function faction_staff_orgcrimes() { global $db,$ir,$c,$userid,$h; $_POST['crime'] = abs(@intval($_POST['crime'])); if($_POST['crime']) { $sql = sprintf("SELECT * FROM `factions` fa WHERE (faID = %u)", mysql_real_escape_string($ir['faction'])); $q = $db->query($sql); $r = mysql_fetch_array($q); if($r['faCRIME'] != 0) { echo 'Your Faction is already doing a crime!'; $h->endpage(); exit; } else { $chour = rand(1,4); $UpdateCrime = sprintf( "UPDATE `factions` SET `faCRIME` ='%u', `faCHOURS` ='".$chour."' WHERE (`faID` = '%u')", @intval($_POST['crime']), @intval($ir['faction'])); $db->query($UpdateCrime) or die (mysql_error()); echo 'You have started to plan this crime. It will take '.$chour.' hours.'; $h->endpage(); exit; } } else { echo '<h3>Organised Crimes</h3> <form action="manage_faction.php?step=crimes2" method="post"> Choose a crime that your faction should commit. <select name="crime" type="dropdown">'; $cnt=$db->query("SELECT username FROM users WHERE faction={$ir['faction']}") or die (mysql_error()); $membs=$db->num_rows($cnt); $q=$db->query("SELECT * FROM orgcrimes WHERE ocUSERS <= $membs") or die (mysql_error()); while($r=$db->fetch_row($q)) { echo '<option value="'.$r['ocID'].'">'.$r['ocNAME'].' ('.$r['ocUSERS'].' members needed)</option>'; } echo '</select> <input type="submit" value="Commit!" /> </form>'; } } function faction_crimes() { global $db,$ir,$c,$userid; $sql = sprintf("SELECT * FROM `factions` WHERE (faID = %u)", mysql_real_escape_string($ir['faction'])); $q = $db->query($sql); $r = mysql_fetch_array($q); if($r['faCRIME']) { $l=$db->query("SELECT * FROM orgcrimes WHERE ocID = '{$r['faCRIME']}'") or die (mysql_error()); $o=$db->fetch_row($l); print "This is the crime your faction is planning at the moment. [b]Crime:[/b] {$o['ocNAME']} [b]Hours Left:[/b] {$r['faCHOURS']}"; } else { print "Your faction is not currently planning a crime."; } }

Re: [mccode v2] userADS Wamp Uses correct <?PHP instead of <? So replace all instances of <? to <?PHP and it will show.

Re: Some crons not working   <?php include "config.php"; global $_CONFIG; if($_GET['code'] != $_CONFIG['code']) { die(""); } define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $db->query("UPDATE fedjail set fed_days=fed_days-1"); $q=$db->query("SELECT * FROM fedjail WHERE fed_days=0"); $ids=array(); while($r=$db->fetch_row($q)) { $ids[]=$r['fed_userid']; } if(count($ids) > 0) { $db->query("UPDATE users SET fedjail=0 WHERE userid IN(".implode(",", $ids).")"); } $db->query("UPDATE users SET csmuggling=csmuggling+10 WHERE csmuggling > 0"); $db->query("DELETE FROM fedjail WHERE fed_days=0"); $db->query("UPDATE users SET daysingang=daysingang+1 WHERE gang > 0"); $db->query("UPDATE users SET daysold=daysold+1, boxes_opened=0"); $db->query("UPDATE users SET daysmarried=daysmarried+1 WHERE married !=0"); $db->query("UPDATE users SET userCONTRACT = userCONTRACT - 1 WHERE userCONTRACT > 0"); $db->query("UPDATE users SET userBANKAMMT = userBANKAMMT + (userBANKAMMT/100*5.5) WHERE userBANKAMMT > 0 AND investlevel = 1"); $db->query("UPDATE users SET userBANKAMMT = userBANKAMMT + (userBANKAMMT/100*3.0) WHERE userBANKAMMT > 0 AND investlevel = 0"); $db->query("UPDATE users SET userBANKAMMT = userBANKAMMT + (userBANKAMMT/100*7.2) WHERE userBANKAMMT > 0 AND investlevel = 2"); $db->query("UPDATE users SET userDAYS = userDAYS - 1 WHERE userDAYS != 0"); $db->query("UPDATE users SET mailban=mailban-1 WHERE mailban > 0"); $db->query("UPDATE users SET turns=100"); $db->query("UPDATE users SET donatordays=donatordays-1 WHERE donatordays > 0"); $db->query("UPDATE users SET rates=1"); $db->query("UPDATE passreset SET time=time-1 WHERE time > 0") or die(mysql_error()); $db->query("DELETE FROM passreset WHERE time<=0") or die(mysql_error()); $db->query("UPDATE users SET cdays=cdays-1 WHERE course > 0"); $db->query("UPDATE users SET bankmoney=bankmoney+(bankmoney/50) where bankmoney>0 && bankmoney < 15000000000"); $db->query("UPDATE users SET cybermoney=cybermoney+(cybermoney/100*7) where cybermoney>0 && cybermoney < 750000000000"); $q=$db->query("SELECT * FROM users WHERE cdays=0 AND course > 0"); while($r=$db->fetch_row($q)) { $cd=$db->query("SELECT * FROM courses WHERE crID={$r['course']}"); $coud=$db->fetch_row($cd); $userid=$r['userid']; $db->query("INSERT INTO coursesdone VALUES({$r['userid']},{$r['course']})"); $upd=""; $ev=""; if($coud['crSTR'] > 0) { $upd.=",us.strength=us.strength+{$coud['crSTR']}"; $ev.=", {$coud['crSTR']} strength"; } if($coud['crGUARD'] > 0) { $upd.=",us.guard=us.guard+{$coud['crGUARD']}"; $ev.=", {$coud['crGUARD']} guard"; } if($coud['crLABOUR'] > 0) { $upd.=",us.labour=us.labour+{$coud['crLABOUR']}"; $ev.=", {$coud['crLABOUR']} labour"; } if($coud['crAGIL'] > 0) { $upd.=",us.agility=us.agility+{$coud['crAGIL']}"; $ev.=", {$coud['crAGIL']} agility"; } if($coud['crIQ'] > 0) { $upd.=",us.IQ=us.IQ+{$coud['crIQ']}"; $ev.=", {$coud['crIQ']} IQ"; } $ev=substr($ev,1); if ($upd) { $db->query("UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET us.userid=us.userid $upd WHERE u.userid=$userid"); } $db->query("INSERT INTO events VALUES('',$userid,unix_timestamp(),0,'Congratulations, you completed the {$coud['crNAME']} and gained $ev!')"); } $db->query("UPDATE users SET course=0 WHERE cdays=0"); $db->query("TRUNCATE TABLE votes;"); ?> also try runing in your browser http://www.yourgame.com/cron_day.php?code=your config code It seems to be ok just maybe one spelling mistake on your tables???

Re: [mccode V2] Attack :) Thanx people.. This is more of a beta stage on what i will have going.. Just working out everything together..

First of all backup your old attack page.. also more modifications to come for this.. Any trouble please feel free to ask XD <?php $menuhide=0; $atkpage=1; include "globals.php"; $user_class=$ir; $q=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}"); $attack_person=$db->fetch_row($q); $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid={$user_class['equip_primary']}"); $user_class1=$db->fetch_row($qo); $q1=$db->query("SELECT i.* FROM items i WHERE i.itmid={$user_class['equip_armor']}"); $user_class2=$db->fetch_row($q1); $weapon= "{$user_class1['itmname']}"; if(mysql_num_rows($qo) == 0) { $weapon="Fists"; } $eq=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); if(mysql_num_rows($eq) == 0) { $wep="Fists"; } else { $cnt=0; while($r=$db->fetch_row($eq)) { $enweps[]=$r; $cnt++; } $weptouse=rand(0,$cnt-1); $wep=$enweps[$weptouse]['itmname']; } $enperc=(int) ($ir['energy']/$ir['maxenergy']*100); $gq=$db->query("SELECT * FROM gangs WHERE gangID={$attack_person['gang']}"); $ga=$db->fetch_row($gq); $error = ($enperc < 25) ? "You need to have at least 25% of your energy if you want to attack someone." : $error; $error = ($user_class['jail'] > 0) ? "You can't attack someone if you are in jail." : $error; $error = ($user_class['hospital'] > 0) ? "You can't attack someone if you are in the hospital." : $error; $error = ($_GET['ID'] == "") ? "You didn't choose someone to attack." : $error; $error = ($_GET['ID'] == $userid) ? "You can't attack yourself." : $error; $error = ($attack_person['location'] != $user_class['location']) ? "You must be in the same city as the person you are attacking. Duh." : $error; $error = ($attack_person['username'] == "") ? "That person doesn't exist." : $error; $error = ($attack_person['hospital'] > 0) ? "You can't attack someone that is in the hospital." : $error; $error = ($attack_person['jail'] > 0) ? "You can't attack someone that is in jail." : $error; //$error = ($user_class['level'] > 5 && $attack_person['level'] < 6) ? "You can't attack someone that is level 5 or below because you are higher than level 5." : $error; ////////////// ^^ if you like to have it so noobs stay alive longer ?><div id="main " style="a"><center><?PHP if (isset($error)){ echo ($error); $h->endpage(); exit; } if ($user_class['energy'] >= $user_class['maxenergy']/4) { $user_class['energy']-= floor($user_class['maxenergy']/4); $me=floor($user_class['maxenergy']/4); $db->query("UPDATE users SET energy=energy- {$me} WHERE userid=$userid"); $_SESSION['attacklog']=""; $_SESSION['attackdmg']=0; } $yourhp = $user_class['hp']; $theirhp = $attack_person['hp']; $damagestat = number_format($user_class['strength']) ; $itstat = $user_class1['weapon']; $damplu = $damagestat * ($itstat*100); $ratio=($user_class['level']*100)/($attack_person['level']*100); print "<center>Pirate Battles <font color=yellow>The fight Ratio is ".$ratio."%</font> You are in a Battle with ".$attack_person['username']." </center>"; echo " You come in with your ".$weapon." With a Strenght of ".$damplu." (+".$itstat."%) "; $wait = ($user_class['agility'] > $attack_person['agility']) ? 1 : 0; $hospital = 600; $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); $r1=$db->fetch_row($qo); $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$attack_person['equip_primary']})"); $r2=$db->fetch_row($qo); $damage = (int) (($user_class1['weapon']*$user_class['strength']/($attack_person['guard']/1.5))); $theirdamage = (int) (($r1['weapon']*$attack_person['strength']/($user_class['guard']/1.5))); while($yourhp > 0 && $theirhp > 0){ $damage = ($damage < 1) ? 1 : $damage; $theirdamage = ($theirdamage < 1) ? 1 : $theirdamage; if($wait == 0){ $yourhp = $yourhp - $theirdamage; echo "<font color=red>".$attack_person['usename']."Takes their turn to swing at you!</font> "; echo $attack_person['username']. " hit you for " .number_format($theirdamage). " damage using their ".$wep.". "; } else { $wait = 0; } if($yourhp > 0) { $damage = (int) (($user_class1['weapon']*$user_class['strength']/($attack_person['guard']/1.5))); $damage = ($damage < 1) ? 1 : $damage; $theirhp = $theirhp - $damage; echo "<font color=green>You swing at them!</font> "; echo "You hit " .$attack_person['username']. " for " . number_format($damage) . " damage using your ".$weapon.". "; } if($theirhp <= 0){ // attacker won $winner = $user_class['ID']; $theirhp = 0; $moneywon = floor($attack_person['money'] /10); $expwon = 150 - (25 * ($user_class['level'] - $attack_person['level'])); $expwon = ($expwon < 0) ? 0 : $expwon; $hosptime=20; $hospreason = "Attacked by ".$user_class['username']."" ; $newexp = $expwon + $user_class['exp']; $newmoney = $user_class['money'] + $moneywon; $result = $db->query("UPDATE `users` SET `exp` = '".$newexp."', money = '".$newmoney."' WHERE `userid`='".$user_class['userid']."'"); $newmoney = $attack_person['money'] - $moneywon; $result = $db->query("UPDATE `users` SET `hp`= 1,`hospital` ='".$hosptime."', `money` = '".$newmoney."', `hospreason` = '".$hospreason."' WHERE `userid`='".$attack_person['userid']."'"); $atklog=mysql_escape_string($_SESSION['attacklog']); $db->query("INSERT INTO attacklogs VALUES('',".$user_class['userid'].",".$attack_person['userid'].",'won',unix_timestamp(),".$moneywon.",'$atklog');"); event_add($attack_person['userid'], "You were hospitalized by ".$user_class['username']." for 20 minutes."); $final ="<center>You hospitalized " .$attack_person['username']. ". You gain $expwon exp and stole $".$moneywon." from " .$attack_person['username']. ". </center>"; $pwnd =""; $warq=$db->query("SELECT * FROM gangwars WHERE (warDECLARER={$user_class['gang']} AND warDECLARED={$attack_person['gang']}) OR (warDECLARED={$user_class['gang']} AND warDECLARER={$attack_person['gang']})"); if ($db->num_rows($warq) > 0) { $war=$db->fetch_row($warq); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT-2 WHERE gangID={$attack_person['gang']}"); $ga['gangRESPECT']-=2; $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT+2 WHERE gangID={$user_class['gang']}"); $pwnd =" You earnt 2 respect for your gang!"; } if ($ga['gangRESPECT']<=0 && $attack_person['gang']) { $db->query("UPDATE users SET gang=0 WHERE gang={$attack_person['gang']}"); $db->query("DELETE FROM gangs WHERE gangRESPECT<='0'"); $db->query("DELETE FROM gangwars WHERE warDECLARER={$ga['gangID']} or warDECLARED={$ga['gangID']}"); } $bots=array(96,94,5,97,98,99,142,138,138,140,141,146,143,144,145);//Your Battle Tent Bots $moneys=array(96 =>5000,94 =>5000,5 => 500,97 => 5000, 98 => 500, 99 => 10000, 142 => 1500,138 =>10000,140 =>10000,141 =>10000,146 =>20000,143 =>15000,144 =>15000,145 =>15000); if(in_array($attack_person['userid'],$bots)) { $gain=$moneys[$attack_person['userid']]; $db->query("UPDATE users SET money=money+$gain WHERE userid=$userid",$c); $finalbot =""; $finalbot =" Congrats, for beating the Challenge Bot {$attack_person['username']}, you have earnt \$$gain!"; } } if($yourhp <= 0){ // defender won $winner = $attack_person['ID']; $yourhp = 0; $moneywon = floor($user_class['money'] /10); $expwon = 100 - (25 * ($attack_person['level'] - $user_class['level'])); $expwon = ($expwon < 0) ? 0 : $expwon; $hosplost = "Lost to ".$attack_person['username']."" ; $hosptime=20; $newexp = $expwon + $attack_person['exp']; $newmoney = $attack_person['money'] + $moneywon; $result = $db->query("UPDATE `users` SET `exp` = '".$newexp."', money = '".$newmoney."' WHERE `userid`='".$attack_person['userid']."'"); $newmoney = $user_class['money'] - $moneywon; $result = $db->query("UPDATE `users` SET `hp`= 1,`hospital` ='".$hosptime."' ,`money` = '".$newmoney."', `hospreason` = '".$hosplost."' WHERE `userid`='".$user_class['userid']."'"); $atklog=mysql_escape_string($_SESSION['attacklog']); $db->query("INSERT INTO attacklogs VALUES('',".$attack_person['userid'].",".$user_class['userid'].",'won',unix_timestamp(),".$moneywon.",'$atklog');"); $final = $attack_person2 . " beat you and stole $".$moneywon." from you."; $pwnd =""; $warq=$db->query("SELECT * FROM gangwars WHERE (warDECLARER={$user_class['gang']} AND warDECLARED={$attack_person['gang']}) OR (warDECLARED={$user_class['gang']} AND warDECLARER={$attack_person['gang']})"); if ($db->num_rows($warq) > 0) { $war=$db->fetch_row($warq); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT+1 WHERE gangID={$attack_person['gang']}"); $db->query("UPDATE gangs SET gangRESPECT=gangRESPECT-1 WHERE gangID={$user_class['gang']}"); $pwnd =" You lost 1 respect for your gang!"; } } } echo "$final"; echo "$pwnd "; echo "$finalbot"; $h->endpage(); ?></div></center>

Re: [mccode v2] userADS   //get cost $cost2=($ir['level']/2); if ($ir['level'] < 10) {$cost2 ==50;} $cost = (strlen($title) + strlen($message)) * $cost2;

Re: [mccode v2] userADS     What drugs you on The second post is the correct one.. The first one is to do with my setup as i send the id as the poster and negative in cash i am sure you can read $error = ($cost > $ir['money']) ? "You don't have enough money for that!" : $error;

Re: [mccode v2] userADS A little update :D i must of been sleepy when i posted this.. CREATE TABLE IF NOT EXISTS `ads` ( `when` int(20) NOT NULL, `poster` varchar(100) collate latin1_general_ci NOT NULL, `title` varchar(100) collate latin1_general_ci NOT NULL, `message` text collate latin1_general_ci NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; <?php include "globals.php"; if (isset($_POST['submit'])) { $error = ($cost > $ir['money']) ? "You don't have enough money for that!" : $error; $error = ($_POST['title'] == "") ? "You need to have a title!" : $error; $error = ($_POST['message'] == "") ? "You need to have a message!" : $error; //filter data $title = mysql_real_escape_string(strip_tags($_POST['title'])); $message = mysql_real_escape_string(nl2br(strip_tags($_POST['message']))); //get cost $cost = (strlen($title) + strlen($message)) * 50; if($error == ""){ $newmoney = $ir['money'] - $cost; $time = time(); $newsql = $db->query("UPDATE `users` SET `money` = '".$newmoney."' WHERE userid=$userid"); $postername = $ir['username']; $_POST['message'] = strip_tags($_POST['message']); $result= $db->query("INSERT INTO `ads` VALUES('".$time."', '".$postername." ', '".$title."', '".$message."')"); echo "You have posted a classified ad for $".$cost; } else { echo $error; } } ?> <h3>Classified Ads<h3> Here you can post any thing your heart desires. Careful though, as it costs $50 per character in the title and in the message. <form method='post'> <table width='100%'> <tr> <td width='25%'>Title:</td> <td width='25%'> <input type='text' name='title' size='40' maxlength='100'> </td> </tr> <tr> <td width='25%'>Message:</td> <td width='25%'> <textarea name='message' cols='60' rows='4' ></textarea> </td> </tr> <tr> <td width='25%'>Submit:</td> <td width='25%'> <input type='submit' name='submit' value='Post'><input type='button' value='Cost$' onClick='countit(this)'> <input type='text' name='displaycount' size='5'> </div> </td> </tr> </table> </form> <script language="JavaScript"> function countit(what){ formcontent=(what.form.title.value+what.form.message.value) what.form.displaycount.value=formcontent.length*50 } </script> <? //// MADE //// by //// THAHACKER07 $result = mysql_query("SELECT * from `ads` ORDER BY `when` DESC LIMIT 10"); while($ads=$db->fetch_row($result)) { if($ads['when'] > 0) { $la=time()-$ads['when']; $unit="seconds"; if($la >= 60) { $la=(int) ($la/60); $unit="minutes"; } if($la >= 60) { $la=(int) ($la/60); $unit="hours"; if($la >= 24) { $la=(int) ($la/24); $unit="days"; } } $str="$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } ?> <table width=75% cellspacing=1 class='table'><tr style='background:white'> <tr> <td width='15%'><?= $str ; ?></td> <td width='45%'>[b]Title[/b]: <font color=red><?= $ads['title']; ?></font></td> <td width='15%'>[b]Poster[/b]:</td> <td width='45%'><center>[b]<?= $ads['poster'] ; ?>[/b]</center></td> </tr> <tr> <td width='100%' colspan='4' style='background:white'>[b]<?= $ads['message'] ?>[/b]</td> </tr> </table> <? } ?> <? $h->endpage(); ?>