Zero-Affect

Clever solution Dayo.

it maybe common knowledge as was X-FORWARD-FOR but look at the issues with that, it's just basically a refresher for people or a update for people who dislike to use google for more than porn... lol

Yeah i told Sohaib i don't think he's done anything about it.

But i would much prefer to trust a Verified customer on MCC than ... actually lol to of bought it at it's level of coding i'd prefer to trust a non verified customer...

No problem mate, good idea making it a setting i use a function to build the urls because i use index.php?page=index but if i ever wanted to change that to index/page=index or something like that i only edit a single line and the htaccess

Some people may have noticed i have posted a few posts regarding PHP_SELF being insecure well this is true and i am just making this thread so that others don't make any mistakes like i did. So the following is just a few examples of how it can be used against you and some examples on fixing the issue. The issue code: $_SERVER['PHP_SELF'] Fixes: '.basename($_SERVER['SCRIPT_FILENAME']).' basename(__file__) Issue in action: http://www.gameurl.com/ask_staff.php/"<iframe src=http://www.crimgame.com></iframe> - will output a iframe to crimgame.com where ever $_SERVER['PHP_SELF'] is. Screenshot example: Source of fake_login.php: <?php echo ' <h2>Form method</h2> <form name="login" action="'.$_SERVER['PHP_SELF'].'" method="post"> [b]Name[/b]: <input type="text" name="name" value="" /> [b]Password[/b]:<input type="password" name="password" value="" /> <input type="submit" value="login" /> </form> <h2>Echo method</h2> '.$_SERVER['PHP_SELF']; ?> Thanks to Zeggy and/or Djkanna i forget who notified me of the issue in my code.

CTRL + H Replace: '.$_SERVER['PHP_SELF'].' With: '.basename($_SERVER['SCRIPT_FILENAME']).' OR: basename(__file__) Issue being for example http://www.gameurl.com/ask_staff.php/”<iframe src=http://www.crimgame.com></iframe> should put the iframe in there.

a minor issue with that would be like myself i got my mcv2 from killah city which Haunted Dawg said was a legit copy so is my copy legit or illegal (Note: if illegal ill simply recode it or run it via CG).

Yeah the colours are by the customers i just think some of them are colour blind because some of his works colours ruin it. I was actually saying black + red would be good but... Looks weird because it's a unusual red and it's blacked up by another red with like a gold font with green icons, it needs brightened up. Like i said though i don't mean any offence it just seems all your work is dark and dull colours make them seem weird to me, i love bright and stable colours.

Think you need to be a bit more descriptive mate^

Alain could he not argue that he bought a licence from ravenscript therefore being a customer and not aware of the issues with raven script is version is kind of valid if MC make ravenscript pay for all sold copies (i would).

Mafios i don't think so Dayo is still working on bug which i think is admirable considering MCC never did trial and error he's doing very well.

good point the above is my old way i use a build_link function so never no issue on CG.

i was thinking more like grab all the .php files from a DIR then list them and have check boxes for the ones you want to close or a check box for them all...

I do like the idea of this mod but could there not be a more advanced version of loading the files in public_html or in my case public_html/cg/internal_files? scandir for example... with a little tweaking

CTRL + H Replace: '.$_SERVER['PHP_SELF'].' With: '.basename($_SERVER['SCRIPT_FILENAME']).' Issue being for example http://www.gameurl.com/ask_staff.php/”<iframe src=http://www.crimgame.com></iframe> should put the iframe in there. @Adam alright you mug :) lol

CTRL + H Replace: '.$_SERVER['PHP_SELF'].' With: '.basename($_SERVER['SCRIPT_FILENAME']).' Issue being for example http://www.gameurl.com/ask_staff.php/”<iframe src=http://www.crimgame.com></iframe> should put the iframe in there.

[mysql]$q=$db->query("SELECT cb.*,u.*,c.npcid,cy.cityname FROM challengebots cb LEFT JOIN users u ON cb.cb_npcid=u.userid AND u.location='.$ir['location'].' LEFT JOIN challengesbeaten c ON c.npcid=u.userid AND c.userid=$userid LEFT JOIN cities cy ON u.location=cy.cityid ORDER BY RAND() LIMIT 5");[/mysql] May wanna edit out the *'s though...

I submitted them to php.net in notes so im sure people will use them.

Also thought i'd make up another version which works on string rather than array (im sure the two could be collided). function avgvals($avg_vals,$avg_delimiter=',') { if ( (is_string($avg_vals) && strlen($avg_vals) > 2) && (is_string($avg_delimiter) && !empty($avg_delimiter)) ) { $average_vals = explode($avg_delimiter, $avg_vals); $return_vals = ( array_sum($average_vals) / count($average_vals) ); } elseif ( (is_string($avg_vals) && strlen($avg_vals) <= 2) && (is_string($avg_delimiter) && !empty($avg_delimiter)) ) { $return_vals = $avg_vals; } else { $return_vals = FALSE; } return $return_vals; } echo avgvals('6,11,7'); // outputs 8 echo avgvals('6-11-7', '-'); // outputs 8 echo avgvals('6'); // outputs 6

Sounds interesting but i must agree with Alain it does seem a little fishy.

I would suggest learning security a little more, when you get it done give me a shout ill take a look externally for free, if you ever want real security give me a shout. [mp]118[/mp]

but for example you have a load of members you need to update but they have nothing in common you could do something like   # If your wanting to use an array it's a little different /* $mem_array = array(1,3,6,8,9,12,172,1829,2991); $mem_val = ''; $mem_cnt = 1; foreach ( $mem_array as $value ) { $mem_val .= $value.''.(($mem_cnt < count($mem_array)) ? ',' : '' ).''; $mem_cnt++; } $members = $mem_val;*/ # End array method $members = '1,3,6,8,9,12,172,1829,2991'; $updated_creds = 100; mysql_query('UPDATE `members` SET `credits` = `credits` + '.$updated_creds.' WHERE `id` IN('.$members.')');

Well mate work definitely comes first, hope everything is alright.

I was watching Cube and came up with a idea for a function, i have no idea if it already exists though but it may come in helpful. function avgval($avg_vals) { if ( is_array($avg_vals) && count($avg_vals) > 1 ) { $return_vals = ( array_sum($avg_vals) / count($avg_vals) ); } elseif ( is_array($avg_vals) && count($avg_vals) == 1 ) { $return_vals = current($avg_vals); } else { $return_vals = FALSE; } return $return_vals; } echo avgval(array(6,11,7)); // outputs 8 echo avgval(array(6)); // outputs 6