Zero-Affect

Alan and Jordan have already pointed this out... [mysql]$userst = $db->query('SELECT * FROM `userstats` WHERE `userid` = '.$r['userid);[/mysql]How come people on here never get to the bloody point, gets bloody annoying when someone says you have a issue yet doesn't do anything about it.

I got a little bored hope you don't mind... <?php include_once (DIRNAME(__FILE__) . '/globals.php'); # $_GET['to'] = isset($_GET['to']) && is_numeric($_GET['to']) ? abs((int) $_GET['to']) : false; # Always wondered why people added abs((int) $var) ctype_digit will basically do a check on variables and won't output if it's actually numeric... $_GET['to'] = ( isset($_GET['to']) AND ctype_digit($_GET['to']) ) ? $_GET['to'] : 0 ; if ( empty($_GET['to']) ) { echo ' Welcome to the Monorail Station. Where would you like to travel today? '; $q = $db->query('SELECT `cityname`, `citydesc`, `cityminlevel`, `citycost`, `cityid` FROM `cities` WHERE `cityid` != '.$ir['location'].' AND `cityminlevel` <= '.$ir['level']); echo ' <table width="75%" cellspacing="1" class="table"> <tr style="background:gray"> <th>Name</th> <th>Description</th> <th>Min Level</th> <th>Cost</th> <th></th> </tr> '; while( $r = $db->fetch_row($q) ) { echo ' <tr> <td>'.$r['cityname'].'</td> <td>'.$r['citydesc'].'</td> <td>'.$r['cityminlevel'].'</td> <td>'.money_formatter($r['citycost']).'</td> <td>[url="monorail.php?to='.$r['cityid'].'"]Go[/url]</td> </tr> '; } echo '</table>'; } else { /* if ( $ir['money'] < $r['citycost'] ) { echo 'You don\'t have enough money. You need '.$r['citycost'].' to travel to '.$r['cityname']; } else # The above is pointless unless you have predefined $r if( ((int) $_GET['to']) != $_GET['to']) { // <= lmao echo 'Invalid city ID'; } else {*/ $qq = $db->query('SELECT `citycost`, `cityname` FROM `cities` WHERE `cityid` = '.$_GET['to'].' AND `cityminlevel` <= '.$ir['level']); if(!$db->num_rows($qq)) { print "Error, this city either does not exist or you cannot go there."; } else { $r = $db->fetch_row($qq); if ( $ir['money'] < $r['citycost'] ) { echo 'You don\'t have enough money. You need '.$r['citycost'].' to travel to '.$r['cityname']; } $db->query('UPDATE `users` SET `money` = `money` - '.$r['citycost'].', `location` = '.$_GET['to'].' WHERE `userid` = '.$ir['userid']); echo 'Congratulations, you paid '.money_formatter($r['citycost']).' and travelled to '.$r['cityname'].' on the monorail!'; } # } } $h->endpage(); ?> i added some notes but if that's generic MCC that not defined $r issue will be on all the generic monorail modifications, surprised no one noticed it...

<?php /* * Made By: Djkanna. * For: All the forums that have something to do with MC Codes I guess. * Idea/Request: Kyleh112 @ [url]http://makewebgames.io/user/15704/kyleh112/[/url] */ require_once (dirname (__file__) .'/globals.php'); $users = $db->query ("SELECT u.`userid`, u.`username`, u.`level`, u.`hp`, u.`gang`, g.`gangname`, g.`gangPREF` FROM `users` u LEFT JOIN `gangs` g ON `gangID` = u.`gang` "); echo '<table width="100%" class="table"> <tr> <th>Player</th><th>Status</th><th>Level</th><th>Clan</th><th>Options</th> </tr> '; while ($u = $db->fetch_row ($users) ) { echo ' <tr> <td> '; echo ( $u['gang'] != 0 ) ? "[".$u['gangPREF']."]".stripslashes(htmlentities($u['username'], ENT_QUOTES)) : "".stripslashes(htmlentities($u['username'], ENT_QUOTES)); echo '</td> <td> '; echo ( $u['hp'] <= 1 ) ? "<span style='font-color: red;'>Not Alive</span>" : "<span style='font-color: green;'>Alive</span>"; echo '</td> <td>'.number_format($u['level']).'</td> <td> '; echo ( $u['gang'] != 0 ) ? "[url='gangs.php?action=view&ID=".$u[']".stripslashes(htmlentities($u['gangname'], ENT_QUOTES))."[/url]" : "<span>No Gang</span>"; echo '</td> <td> '; echo ( $u['hp'] <= 1 ) ? "<span style='font-color: #999; text-decoration: line-through;'>Attack</span>" : "[url='attack.php?ID=".$u[']<span style='font-color: red;'>Attack</span>[/url]"; echo '</td> </tr> '; } echo ' </table> '; $h->endpage(); ?> The above is just edited to my preference and untested.

i don't actually get what he wants so i can't really help but KyleH112 if you explain more ill try and help.

You do have a valid point right there, without the people needing help most of us wouldn't have much work.

shot twice with a AK 47 am i the only one who finds that a little weird

Welcome back Albenski, If you need security then please don't hesitate to refer to the following: [mp]17[/mp]

I am pretty bored and knackered so i didn't test this but it may help (can tell i've been working with arrays lately...) $error_victim = array( 'jail' => 'You can\'t attack someone that is in jail.', 'hospital' => 'You can\'t attack someone that is in the hospital.', ); foreach ( $error_victim AS $key => $value ) { for ( $num = 1; $num <= count($error_victim); $num++ ) { if ( !empty($attack_person['.$key.']) ) { echo $value; $h->endpage(); exit; } } } I noticed when completing that it would need a little more editing to work with username and location but hell knock yourselves out im off to bed lol

Ah AB you do have a point most people do only want the code done for them rather than learning from examples but them people are needed as a community we need all types of people. Well i can see the point in that but it's always best to just post your search file and im sure someone would add to it for you.

Dayo what method did you use to secure the image? When are you thinking about doing a demo for potential customers to preview/test, if it's secure im wanting a copy for CrimGame (just need edit it abit for me which ill do).

Well what seany said and with scripts they basically filter the inputs and switch a url with the out.php?url=link simple really could use it on the bbcode praser in MCC.

give us a example...

i find it best to use a include when doing something like that which leaves the files there but makes it look like it's all in one file (think alot of people will agree it's better). index?function=mail would be mailbox.php really simple i will be using something along them lines on CrimGame

wonder who brought that to peoples attentions... lol   You do have a point there.   you do have a valid point there JS/Ajax is the future.

I'm sure not even header will fully secure global variables i mean yes super globals could be secured but not always the best solutions work via sanitising them in header. This maybe my personal persona though but even stuff like display picture or forum avatar use different ways of sanitising.

ah wow your correct 127 not 126 and yes it could be dropped down to about 80.

i'd say on generic your best editing all 126 files but 50 minimum is moderate security. [mp]17[/mp]

Will take to private message.

i actually laughed when watching this i basically skipped most of it since i was bored, i don't see what the yank were to scared of... Personally i liked movies like Fear dot com

Depends on the size of the project really.

wow people made it into 30-40 files... that takes a unique skill...

$ql = $db->query('SELECT c.`text`, `id`, `user`, u.`username` FROM `chat` LEFT JOIN `users` ON c.`user` = u.`userid` ORDER BY `id` DESC LIMIT 5 '); // this is a example you will need to edit this to your settings while ( $chat = $db->fetch_row($ql) ) { // grab query and loop $grab_ignore = $db->fetch_row($db->query('SELECT COUNT(`id`) AS `ig_CNT` FROM `ignore` WHERE `blocked` IN('.$chat['user'].') AND `userid` = '.$userid])); // check if the grabbed user is in the blocked list of the viewing user if ( empty($grab_ignore['ig_CNT']) ) { // if the viewing user does have the grabbed user in blocked list then do the following # add something like echo 'ignored user spoke.'; } else { // if the viewing user doesn't have the grabbed user in blocked list then do the following # echo text from chat... } // end else } // end while what don't you understand in that, use php.net for looking up functions and so forth ie(while, empty) then use a mysql reference website ie(count or in clause).

[mccode] Advanced Merit System [$10.00] could be of some help or maybe a better solution would be honor awards.

No one reads books these days (i said on keyboards).

Nein