rtg

ok this only shows the users what crimes they can do and hides the other ones behind cheeky text. just look in your criminal.php file and replace the same lines with the following. print "[b]Criminal Activities[/b] <table width='75%'><tr><th>Crime</th><th>Cost</th><th>Do</th></tr>"; while($r=mysql_fetch_array($q)) { print "<tr style='background-color:gray'><td colspan='3'>{$r['cgNAME']}</td></tr>"; $q2=mysql_query("SELECT * FROM crimes WHERE crimeGROUP={$r['cgID']}",$c); while ($r2=mysql_fetch_array($q2)) { if($r2['crimeBRAVE']>$ir['maxbrave']) { $crim="Yeah right as if your good enough for this crime"; $do="dream on"; } else { $crim="{$r2['crimeNAME']}"; $do="[url='docrime.php?c={$r2[']Do[/url]"; } print "<tr><td>$crim</td><td>{$r2['crimeBRAVE']} Bottle</td><td>$do</td></tr>"; } }

Re: IMO a better mailbox than the other FREE ah thank you. Code now changed and inserted below. I will look at all the other Get functions i have tho its not that many now as most have been changed to post where it matters.

Re: IMO a better mailbox than the other FREE but thats what im saying. I cant see where i am going wrong. I addslashes, removeslashes, replace strings, stop html. Apart from mysql_escape_string i cant see what else i can do. If you no more then please tell me. I shall rewrite the code and repost it.

Re: IMO a better mailbox than the other FREE meh? Where should that get done like i thought i had all the strips and adds sorted

This mailbox is for V1 as you folks refer to it. It keeps the subject in the line when you are replying to it and also it lets you know if the person has read the mail or not. It also gives you a select function to delete. It has smilies in it as well. In your header.php file add this java script code. <script type="text/javascript"> function selectAll(x) { for(var i=0,l=x.form.length; i<l; i++) if(x.form[i].type == 'checkbox' && x.form[i].name != 'sAll') x.form[i].checked=x.form[i].checked?false:true } </script> Mailbox.php file is as follows:   <?php /*----------------------------------------------------- Jockwars Copyright Written By RTG/KOW/MAGIC8. -----------------------------------------------------*/ session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT * FROM users WHERE userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); $lv=date('F j, Y, g:i a',$ir['laston']); $fm=money_formatter($ir['money']); $h->userdata($ir,$lv); $h->menuarea(); function strip_html_tags($text) { return preg_replace("/<(.+?)>/is","", $text); } if ($ir['stocks']) { $gchk=mysql_query("Select * from stocks where userid={$ir['userid']} and gag=1",$c); if (mysql_num_rows($gchk)) { die ("AYE Right You were gagged for a reason...? [url='stocks.php'] BACK [/url]"); } } if($ir['mailban']) { die("<font color=red><h3>! ERROR</h3> You have been mail banned for {$ir['mailban']} days. [b]Reason: {$ir['mb_reason']}</font>[/b]"); } print "<table width=75% border=2><tr><td>[url='mailbox.php?action=inbox']Inbox[/url]</td> <td>[url='mailbox.php?action=outbox1']Unread Sent Messages[/url]</td><td>[url='mailbox.php?action=outbox']All Sent Messages[/url]</td> <td>[url='mailbox.php?action=compose']Compose Message[/url]</td> <td>[url='mailbox.php?action=delall']Delete All Messages[/url]</td> <td>[url='mailbox.php?action=archive']Archive Messages[/url]</td></tr> </table> "; if(!$_POST['del']) { switch(@$_GET['action']) { case 'inbox': mail_inbox(); break; case 'outbox': mail_outbox(); break; case 'outbox1': mail_outbox1(); break; case 'compose': mail_compose(); break; case 'delete': mail_delete(); break; case 'send': mail_send(); break; case 'delall': mail_delall(); break; case 'delall2': mail_delall2(); break; case 'archive': mail_archive(); break; default: mail_inbox(); break; } } switch($_POST['del']) { case 'seldel': seldel(); break; } function mail_inbox() { global $ir,$c,$userid,$h; print "Only the last 25 messages sent to you are visible. <table width=75% border=2><tr style='background:gray'><form action='mailbox.php' method='post'><input type='checkbox' name='sAll' onclick='selectAll(this)' /> (Select all) <th>From</th><th>Subject/Message</th><th>Mark for Deletion</th></tr>"; $q=mysql_query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC LIMIT 25",$c); while($r=mysql_fetch_array($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); print "<tr><td>"; if($r['userid']) { print "[url='viewuser.php?u={$r[']{$r['username']}[/url] [{$r['userid']}]"; } else { print "SYSTEM"; } $fm=urlencode($r['mail_text']); $codes = array(":)", ";)", ":o",":O", ":d",":D", ":s", ":S", ":(", ":red", ":clown", ":bashful", ":x", ":green", ":|", ";(", ":]", ":horny", ":cool"); $images = array("<img src=/smilies/smiley1.gif>", "<img src=/smilies/smiley2.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley6.gif>", "<img src=/smilies/smiley7.gif>", "<img src=/smilies/smiley8.gif>", "<img src=/smilies/smiley9.gif>", "<img src=/smilies/smiley10.gif>", "<img src=/smilies/smiley11.gif>", "<img src=/smilies/smiley12.gif>", "<img src=/smilies/smiley13.gif>", "<img src=/smilies/smiley14.gif>", "<img src=/smilies/smiley15.gif>", "<img src=/smilies/smiley16.gif>"); $msg=$r['mail_text']; $r['mail_text'] = str_replace($codes, $images, $msg); $r['mail_text']=StripSlashes($r['mail_text']); print "</td>\n<td>{$r['mail_subject']}</td></tr><tr><td>Sent at: $sent [url='mailbox.php?action=compose&ID={$r[']Reply[/url] [url='mailbox.php?action=delete&ID={$r[']Delete[/url] [url='preport.php?ID={$r[']Report[/url]</td><td>{$r['mail_text']}</td><td><input type='hidden' name='del' value='seldel'><input type='checkbox' name='id[]' value='{$r['mail_id']}'</td></tr>"; } print "</table> <input type='submit' value='Delete Selected'/></form>"; mysql_query("UPDATE mail SET mail_read=1 WHERE mail_to=$userid",$c); } function mail_outbox() { global $ir,$c,$userid,$h; print "Only the last 25 messages you have sent are visible. <table width=75% border=2><tr style='background:gray'><th>To</th><th>Subject/Message</th></tr>"; $q=mysql_query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC LIMIT 25",$c); while($r=mysql_fetch_array($q)) { $bo1=""; $bo2=""; if($r['mail_read']==0) { $bo1="[b]"; $bo2="[/b]"; } $sent=date('F j, Y, g:i:s a',$r['mail_time']); $r['mail_text']=StripSlashes($r['mail_text']); print "<tr><td>[url='viewuser.php?u={$r[']{$r['username']}[/url] [{$r['userid']}]</td><td>$bo1{$r['mail_subject']}$bo2</td></tr><tr><td>Sent at: $sent </td><td>{$r['mail_text']}</td></tr>"; } } function mail_outbox1() { global $ir,$c,$userid,$h; print "Only the last 25 unread messages you have sent are visible. <table width=75% border=2><tr style='background:gray'><th>To</th><th>Subject/Message</th></tr>"; $q=mysql_query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid and m.mail_read=0 ORDER BY mail_time DESC LIMIT 25",$c); while($r=mysql_fetch_array($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); $r['mail_text']=StripSlashes($r['mail_text']); print "<tr><td>[url='viewuser.php?u={$r[']{$r['username']}[/url] [{$r['userid']}]</td><td>$bo1{$r['mail_subject']}$bo2</td></tr><tr><td>Sent at: $sent </td><td>{$r['mail_text']}</td></tr>"; } } function mail_compose() { global $ir,$c,$userid,$h; if(@$_GET['subject']=="") @$_GET['subject']="no subject"; else $_GET['subject']="re:{$_GET['subject']}"; $_GET['subject']=str_replace(array("re:re:"),array("re:"),strip_tags($_GET['subject'])); print "<form action='mailbox.php?action=send' method='post'> <table width=75% border=2> <tr> <td>ID to send to:</td> <td><input type='text' name='userid' value='{$_GET['ID']}' /></td></tr><tr> <td>Subject:</td> <td><input type='text' name='subject' value='{$_GET['subject']}'/></td></tr><tr> <td>Message:</td> <td><textarea rows=5 cols=40 name='message'></textarea> [img=/smilies/smiley1.gif] = :) [img=/smilies/smiley2.gif] = ;) [img=/smilies/smiley3.gif] = :o [img=/smilies/smiley4.gif] = :D [img=/smilies/smiley5.gif] = :s [img=/smilies/smiley6.gif] = :( [img=/smilies/smiley7.gif] = :red [img=/smilies/smiley8.gif] = :clown [img=/smilies/smiley9.gif] = :bashful [img=/smilies/smiley10.gif] = :x [img=/smilies/smiley11.gif] = :green [img=/smilies/smiley12.gif] = :| [img=/smilies/smiley13.gif] = ;( [img=/smilies/smiley14.gif] = :] [img=/smilies/smiley15.gif] = :horny</td></tr><tr> <td colspan=2> <input type='submit' value='Send' /></td></tr></table></form>"; if($_GET['ID']) { print " <table width=75% border=2><tr><td colspan=2>[b]Your last 5 mails to/from this person:[/b]</td></tr>"; $id = isset($_GET['ID']) && is_string($_GET['ID']) && preg_match("`^\d+$`ims", $_GET['ID']) ? @intval($_GET['ID']) : 0; $sql = sprintf ( "SELECT m.*, u1.username as sender ". "FROM mail m ". "LEFT JOIN users u1 ON (m.mail_from = u1.userid) ". "WHERE (((m.mail_from = %u) AND (m.mail_to = %u)) OR ((m.mail_to = %u) AND (m.mail_from = %u))) ". "ORDER BY m.mail_time ". "DESC LIMIT 5", $userid, $id, $userid, $id ); $q = mysql_query( $sql ); while($r=mysql_fetch_array($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); $fm=urlencode($r['mail_text']); $codes = array(":)", ";)", ":o",":O", ":d",":D", ":s", ":S", ":(", ":red", ":clown", ":bashful", ":x", ":green", ":|", ";(", ":]", ":horny", ":cool"); $images = array("<img src=/smilies/smiley1.gif>", "<img src=/smilies/smiley2.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley6.gif>", "<img src=/smilies/smiley7.gif>", "<img src=/smilies/smiley8.gif>", "<img src=/smilies/smiley9.gif>", "<img src=/smilies/smiley10.gif>", "<img src=/smilies/smiley11.gif>", "<img src=/smilies/smiley12.gif>", "<img src=/smilies/smiley13.gif>", "<img src=/smilies/smiley14.gif>", "<img src=/smilies/smiley15.gif>", "<img src=/smilies/smiley16.gif>"); $msg=$r['mail_text']; $r['mail_text'] = str_replace($codes, $images, $msg); print "<tr><td>$sent</td> <td>[b]{$r['sender']} wrote:[/b] {$r['mail_text']}</td></tr>"; } print "</table>"; } } function mail_send() { global $ir,$c,$userid,$h; $subj=str_replace(array("\n","re:re:"),array(" ","re:"),strip_tags($_POST['subject'])); $msg=str_replace(array("\n"),array(" "),strip_tags($_POST['message'])); /*$msg=str_replace("'","","{$msg}"); $subj=str_replace("'","","{$subj}");*/ $codes = array(":)", ";)", ":o",":O", ":d",":D", ":s", ":S", ":(", ":red", ":clown", ":bashful", ":x", ":green", ":|", ";(", ":]", ":horny", ":cool"); $images = array("<img src=/smilies/smiley1.gif>", "<img src=/smilies/smiley2.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley3.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley4.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley5.gif>", "<img src=/smilies/smiley6.gif>", "<img src=/smilies/smiley7.gif>", "<img src=/smilies/smiley8.gif>", "<img src=/smilies/smiley9.gif>", "<img src=/smilies/smiley10.gif>", "<img src=/smilies/smiley11.gif>", "<img src=/smilies/smiley12.gif>", "<img src=/smilies/smiley13.gif>", "<img src=/smilies/smiley14.gif>", "<img src=/smilies/smiley15.gif>", "<img src=/smilies/smiley16.gif>"); $newmsg = str_replace($codes, $images, $msg); $to= (int) $_POST['userid']; $subj=AddSlashes($subj); $msg=AddSlashes($msg); $msg=strip_html($msg); $subj=strip_html($subj); $msg=mysql_escape_string($msg); $subj=mysql_escape_string($subj); mysql_query("INSERT INTO mail VALUES ('',0,$userid,$to,unix_timestamp(),'$subj','$msg')",$c) or die(mysql_error()); print "Message sent. [url='mailbox.php']> Back[/url]"; } function mail_delete() { global $ir,$c,$userid,$h; $m=mysql_query("SELECT * FROM mail where mail_to=$userid and mail_id={$_GET['ID']} ",$c); while ($mail=mysql_fetch_array($m)) { $mail['mail_subject']=AddSlashes($mail['mail_subject']); $mail['mail_text']=AddSlashes($mail['mail_text']); mysql_query("INSERT into deletedmail VALUES ({$mail['mail_id']},{$mail['mail_read']},{$mail['mail_from']},{$mail['mail_to']},{$mail['mail_time']},'{$mail['mail_subject']}','{$mail['mail_text']}')",$c) or die(mysql_error()); } mysql_query("DELETE FROM mail WHERE mail_id={$_GET['ID']} AND mail_to=$userid",$c); print "Message deleted. [url='mailbox.php']> Back[/url]"; } function seldel() { global $c,$ir,$userid; if($_POST['id']) { for ($i=0; $i<count($_POST['id']);$i++) { $mailid=$_POST['id'][$i]; $m=mysql_query("SELECT * FROM mail where mail_to=$userid and mail_id=$mailid",$c); $mail=mysql_fetch_array($m); $mail['mail_subject']=AddSlashes($mail['mail_subject']); $mail['mail_text']=AddSlashes($mail['mail_text']); mysql_query("INSERT into deletedmail VALUES ({$mail['mail_id']},{$mail['mail_read']},{$mail['mail_from']},{$mail['mail_to']},{$mail['mail_time']},'{$mail['mail_subject']}','{$mail['mail_text']}')",$c) or die(mysql_error()); mysql_query("DELETE FROM mail WHERE mail_id=$mailid AND mail_to=$userid",$c); } echo"Mail deleted. [url='mailbox.php']Back To Mailbox[/url]"; } } function mail_delall() { global $ir,$c,$userid,$h; print "This will delete all the messages in your inbox. There is [b]NO[/b] undo, so be sure. [url='mailbox.php?action=delall2']> Yes, delete all messages[/url] [url='mailbox.php']> No, go back[/url]"; } function mail_delall2() { global $ir,$c,$userid,$h; $m=mysql_query("SELECT * FROM mail where mail_to=$userid",$c); while ($mail=mysql_fetch_array($m)) { $mail['mail_subject']=AddSlashes($mail['mail_subject']); $mail['mail_text']=AddSlashes($mail['mail_text']); mysql_query("INSERT into deletedmail VALUES ({$mail['mail_id']},{$mail['mail_read']},{$mail['mail_from']},{$mail['mail_to']},{$mail['mail_time']},'{$mail['mail_subject']}','{$mail['mail_text']}')",$c) or die(mysql_error()); } mysql_query("DELETE FROM mail WHERE mail_to=$userid",$c); print "All ".mysql_affected_rows($c)." mails in your inbox were deleted. [url='mailbox.php']> Back[/url]"; } function mail_archive() { global $ir,$c,$userid,$h; print "This tool will download an archive of all your messages. [url='dlarchive.php?a=inbox']> Download Inbox[/url] [url='dlarchive.php?a=outbox']> Download Outbox[/url]"; } $h->endpage(); ?>

Ive just made this on my own game and its looking pretty bug free. This is how i used it. Auction the right for 2 users to run their own bookies - this is a gambling / betting shop for all you non scots ;) Once the auction is over move the users into the bookies. It is then up to them to enter the games which they want the users to bet on. Quite a lot of code - it takes money out of the game instantly and generally gives users a very good spirit in trying to bankrupt the bookies. You can mail me @ [email protected] with your offer for this mod. Only serious offers will be responded to. Thanks. P.S. if you play jockwars and see something you like which i have coded then drop me a line as well to discuss modification.