MaKaVeLLi

To much writing at the bottom of what page? Also, I guess I should have wrote, I wanted a review on the gameplay. I am not concerned to much on appearance, since I am going to have a nice layout put in place. However, I have been to many games that have great layouts and graphics, which only become a blanket for the horrible basic lame game features that mirror the same features as every other game lol.

Come check out a Browser based game now in REAL TIME! Completely reformatted and redone with new attacking, crime system and much more! 2452TheGame

Come check out http://worldofdeception.com and experience a whole new style of PBBG gaming!

Re: IPN info... Did you add turn on IPN notifications through your paypal account as well.

Re: Levels   Go into your global file as they stated below your first post and you can just add in a "while" statement. This will make a player jump to the correct level on the very next click no matter how many levels they need to catch up to their EXP gain.

Re: Maximum amt   hmmm, they are pretty low indeed... maybe you need a bigint^15... Tht ought to be enough no? :| Yes you can use decimal (65,0) which will obviously give you money values with 65 places before the zero. You really need to be careful and make sure you files are coded correctly to not start buggin out if you want values that high.

Re: Important Security Issue For All McCode Owners ! Um, I believe that is what I posted 4 pages back, lol. Just kidding wanted to give ya a little crap. Maybe ya missed it. :-D

Re: Important Security Issue For All McCode Owners ! Yes you can add the functions into a global file and call them up as was stated above.

Re: Important Security Issue For All McCode Owners !   I tested the exploit with what you have added above. It didn't work so I would assume it would be safe for many to use. Just figured I would add my comment. :-)

Re: Crons, Timestamp or none? I have been running the employment/job feature in my game without crons for quite sometime. It works excellent. They punch in to go to work and get paid for time work etc. No need for crons, and it works great. Just my 2 cents.

Re: Important Security Issue For All McCode Owners ! Yes bro.

Re: Important Security Issue For All McCode Owners !     Yes it did, thanks for the slap in the face.... I didn't mean anything bad just didn't understand why this has now just been brought up with all the smarties we have on this site.. Thanks again. Sp1d3r www.chaosrelic.com You wanna know why it hasn't been brought up? Not directing this towards ALL, but if the shoe fits wear it....It hasn't been brought up because from little kids to grown adults trying to make a legit and fun game, some on these sites don't want or like to see anyone getting a peace of the TEXT GAME PIE! Its money out of their pockets. They feel threatened and don't be surprised if half of them know what it is that I am doing to prove this exploit and have been using themselves. Many have good hearts, but even more are greedy as hell. I will be hated by those that knew about this for bringing this to light. Oh well, let them hate me, I don't need anymore friends, I have enough. :wink:

Re: Important Security Issue For All McCode Owners ! Thank you so much for the plus 1, I am glad it helped ya out. :-)

Re: Important Security Issue For All McCode Owners ! Yeah true, I have fallen victim too. I guess that is still why I feel bad. With this type of thing though, I feel that something like this is much different than your abs(int), cleaning your html input etc. This remains in many owners game files who have been around awhile and they had no clue that such a thing was open to ruin a game. You would be very surprised at some of the new games out with thousands , i means thousands of players that this worked on. If one of the owners is reading this, they know who they are I am helped them quickly and quietly.

Re: Important Security Issue For All McCode Owners ! True many could be kids. Either way, I just figured it should be addressed. Let them do their thing be it experienced, novice, beginner, whatever in php. I hate to see so many #$%%$holes running around doing this crap. It just ain't cool.

Re: Important Security Issue For All McCode Owners ! Using anything with the "forwarded for" thus far has allowed the game to be compromised when I have tested. I am not saying that code will not work, and sorry if I started a stir but I have just tried 3 out of 3 games from owners that messaged me, and all 3 were compromised easily.

Re: Important Security Issue For All McCode Owners !   Absolutely not bro. Its nothing like that.

Re: Important Security Issue For All McCode Owners !   Searching for a fix when Makaveli already told what to do? @Makaveli: you only found those out these days? without wanting to be mean... but those are old news! Yes my point exactly, they are very old news. However, I was surprised to see how many don't know about. Again, so old news that nobody ever posted a fix for it. I mean cmon, some of the noobs trying to get into the gaming community are being raped because of this kinda stuff. I am not trying to be a super hero, just trying to help.

Re: Important Security Issue For All McCode Owners ! Why don't you quit being a .... and go back and read my post. The fix is there.

Re: Important Security Issue For All McCode Owners !   Just signed up and made myself level 10. Is that fake enough for you?

Re: Important Security Issue For All McCode Owners !   Listen here, please don't insult me with your quick bit of cash quote. I have been running sites for over 3 years now. Anyways, if you are still using this $_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR']: $_SERVER['REMOTE_ADDR']; in the suggested files and other files, you are exploitable. I will keep it simple with this below: Your files to check: header.php login.php register.php You can safely replace the code above with only $_SERVER['REMOTE_ADDR']; It will secure the files. You can also escape the variable you are using to define the ip as well.

Re: Important Security Issue For All McCode Owners !   Maybe they have but let me just say that I have even visited many of the same games you see in the top ten on voting sites and even those were not able to stop it. Take it like a grain of salt if you must, I am not trying to b.s. anyone, just trying to help.

I am writing this message to inform all game owners of a huge issue with any website using v1 or v2 code. Note this is not any type of SQL injection or any other similar issue. This breach can easily compromise a game without anyone knowing that it is being used. I am fairly good with coding and I assure you that it has nothing to do with the usual php security. I have been to many sites already to notify many of you, or have already helped fix it. I cannot stress enough how serious this issue is for any owner taking their game serious. For security purposes, I will not post the exact issue here because there are still thousands of players that have no idea about it. Posting here would only allow them to exploit your games and/or just make the problem worse. Please be advised, I will NOT disclose what is being done but I will gladly test your website by simply signing up for your game. I don't need staff or website access, or any of that crap. You can message me here but I can be reached much easier if you contact me on the website listed on my profile. I am player id [4] on the site. When contacting me, please refer me to this message I am posting. I hope to save many games from destruction because I know how much pride I take in owning and coding my sites. MdShare - If you read this, please make this issue a hot topic. I am very serious and hope to help the gaming community with this problem.