Zero-Affect

Considering how hard it is to intergrate a forum into MC properly anything below $60 is cheap for $35 well that is a bargin

a great coder once said to me with a picture you can do lots of things. put logout.php in the generic display picture preferences then goto your profile and refresh:) if that logged you out then you have a problem which trust me with the right code is very bad, considering you even block all none images files so say you only allow .png, .jpg and .gif then input logout and do .php with htmlspecialchars lol or say i setup a freewebs on somewhere like ej.am i could simply edit the htaccess file to switch .gif to .php then link http://www.site.com/images/image.gif automatically changes to http://www.site.com/images/image.php content of file being something like $db->query("UPDATE `users` SET `user_level` = 2"); now everyone is a admin, who did it? how was it done... TRUNCATE would also be a bad one... I do not take responsibility for anyone using these methods in a malicious manner, these are for soul use in educational ways.

lmfao Karlos... select *?   // post for a example: $_POST['numeric'] = (ctype_digit($_POST['numeric'])) ? $_POST['numeric'] : '' ; $_POST['example'] = (ctype_alnum($_POST['example'])) ? $_POST['example'] : '' ; if ( !$_POST['example'] OR !$_POST['numeric'] ) { echo 'Invalid Post.'; $h->endpage(); exit; } elseif ( $_POST['example'] AND $_POST['numeric'] ) { $db->query(sprintf(' UPDATE `table` SET `column` = `column` - %u WHERE `whatever` = %u', mysql_real_escape_string(htmlentities($_POST['example'])), $_POST['numeric'] )); } else { echo 'wtf...'; $h->endpage(); exit; }   sorry im just bored...

i did notice the items don't seem to be 3d deviantart can get pretty much any weapon from Deviantart sure they will allow commercial use.

Well done Sniko coming along good i see 8)

nice background... i do like them weapons :D

there is not one possible patch or fix that would make MCcodes secure therefore such things need to asked, The most common yet old: cmarket (includes peoples lovely copy and paste turnsmarket donatorday markets and so on) forum user comments (depending on the version you added) signature (depending on the version you added) blogs (why would you even want with this anyways) header.php ( find: $IP = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; replace with: $IP = $_SERVER['REMOTE_ADDR'];   also in login.php, authenticate.php and register.php)   there are afew more any issues researching the fix's i would be glad to help

Thanks floydian was looking for something which would help with this, good job mate

I personally have recoded every single PHP file for MCcodes and still have minor issues with it i have only heard of one bug with horizons game Engine yet i know of about 20 MCcodes ones off by heart, alot more if they add some code from MWG's free plugin section. Therefore renaming the users table would not be difficult to find out one error and wow the new name is shown... It is not so simple, just secure your code and then you will have no issue with changing your tables, when PHP is updated all scripts can become less secure, best to lookup on that. I do although have about 6-7 month experience with messing with MC codes script only therefore not so difficult to understand how exploits are done. behind that i have another 5 years of working with PHP.

I have actually done this idea along time ago see example at Killah-city

In your shoes i would change game engine rather than using MC codes use maybe hirizons engine or something with more security than MC codes.

Would it not be easier to use something like if ( $r['crimeSUCCESSMUNY'] ) { $money_income = mt_rand('0', $r['crimeSUCCESSMUNY']); }   Does save on the two new added columns in the database... :whistling:

Never a good idea to ask for money from someone else but state you give a free copy to another person, Nice idea though makes gang wars seem more logical but personally don't see why it would cost people for afew edits. Good luck in sales looks like a very interesting modification.

Depends on the shop if it's a news agents then highly possible with a simple flyer (Add graphics) which attracts the yout, you may ask yourself why but shops sell sweets kids buy sweets, kids play games. simple I once thought maybe giving out bumper stickers or something would be good advertising also, stick it on your car people will read it, get a nice slogan and your set. always make it something they will remember like mcdonalds is M i'm loving it.

Nice idea, good job

Good advise there mate.

What game engine and CSS normally sorts out the colours and so forth, post your CSS and maybe i can help you.

Very nice modification good job

i agree Administration should not play they are there to help a simple solution is alternative accounts one for playing the other a admin account or staff account. I on another hand normally never play but do need specific advantages due to testing everything for errors or bugs.

Your welcome, post the result may be interesting for other users to learn from.

no one figured out the other issue with item hacking yet then? oh well good luck guys sure you'll crack it eventually (check item files) 8o

ah yes i did just do a little research most of the results said ?> is not needed... it's issued to prevent injections and trailing whitespaces, i still say it should only be at the end of the file but maybe im wrong.

Yes kyle make it look pretty if ( $lol == $pretty ) { $pretty = 'im so pretty'; } else { $pretty = 'not so pretty'; }

all the options are there to filter/secure it if looked at properly, HTML Purifier only works with PHP 5 i believe

I pointed out earlier MRES will not work well with stripslashes (pointed out by kyle) so either way you put it your code would work (never said it was secure but it works as a alternative to your version above it). Regards ZA