misterme

Re: [v2]***UPDATED*** Staff Action: Full User Details[v2] Find this line and delete it Scarface   $gq=$db->query("SELECT * FROM gangs WHERE gangID={$_GET['ID']}");   Will work then

Re: Header.php [New/Imrpoved] Anone else see anything fishy here?       Your custom header, yet you dont know what would be missing ?

Re: Frustrated with Gang Banner Add Thank YOU Nyna !!!! :mrgreen: I tried all that you had suggested, although being a simple solution as the @ symbol weird but worked, Thank You for the tips, now if youll kindly contribute to my bank account as I need Rogaine for hair I pulled out over this, I appreciate the help!!!!!!!!!

Re: Frustrated with Gang Banner Add What this page? http://www.php.net/session_start Nope lol.............No Really Its not so much as a resolution as it is why this coding will not work in conjunction with other forms of the same php, what I mean by that is altering anything other is advice to which I will take into consideration. The issue I could not understand is why this would give a session error, considering nothing (that I could tell) as far as the variables with the PHP has changed considering the page worked correctly before adding the Banner add with no header error whatsoever, using the same globals page to control many other pages in the game, when I remove the coding the page is fine, so that led me to believe that the coding itself was off, so after much investigation onto the page noted above, and countless times of looking over the code added I could not find the error, as to what baffles me. The advise you give does make sense, but why should all that have to be altered in order to make an additional 5 lines of coding that causes the header error, perhaps you could elaborate on this some. BTW I do know its the coding of   function gang_staff_pic() { global $ir,$c,$userid,$gangdata; if($gangdata['gangPRESIDENT'] == $userid || $userid==1) { if(isset($_POST['subm'])) { $_POST['vp']=str_replace(array("<", ">", "\n","\'"), array("<", ">", " ","'"), $_POST['vp']); mysql_query("UPDATE gangs SET gangPIC='{$_POST['vp']}' WHERE gangID={$gangdata['gangID']}",$c); print "Gang pic changed! [url='yourgang.php?action=staff']> Back[/url]"; } else { print "Current Pic: "; if($gangdata['gangPIC']) { print "[img={$gangdata[]"; } else { print "[b]No Gang Picture[/b]"; } print"<hr /> <form action='yourgang.php?action=staff&act2=pic' method='post'> Please note that the pic must be externally hosted, [url='http://imageshack.us']ImageShack[/url] is our recommendation. Any pics that are not 468x60 will be automatically resized. <input type='hidden' name='subm' value='submit' /> tag: <input type='text' name='vp' value='http://www.domain.com/yourpic.jpg' /> <input type='submit' value='Change' /></form>"; } }   As I added each of the suggested lines of coding and testing for the header errors trying to indeed figure the issue

Re: Frustrated with Gang Banner Add No offense but Im not that new :| No space   <?php include "globals.php"; if(!$ir['gang']) { print "Your Not In A Gang"; } else { $gq=mysql_query("SELECT g.*,oc.* FROM gangs g LEFT JOIN orgcrimes oc ON g.gangCRIME=oc.ocID WHERE g.gangID={$ir['gang']}",$c); $gangdata=mysql_fetch_array($gq); print "<h3><u>Your Gang - {$gangdata['gangNAME']}</u></h3>"; if($gangdata['gangPIC']) { print "[img={$gangdata[]"; } else

Re: Frustrated with Gang Banner Add Sorry Forgot that   Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/gyunas2/public_html/yourgang.php:1) in /home/gyunas2/public_html/globals.php on line 6   Globals Lines 6 - 18   session_start(); ob_start(); if(get_magic_quotes_gpc() == 0) { foreach($_POST as $k => $v) { $_POST[$k]=addslashes($v); } foreach($_GET as $k => $v) { $_GET[$k]=addslashes($v); } }

Re: Stop Auto Refreshers and multi IP logins All based upon one line to be a "Lightweight"   So let me rephrase it to be "forum Correct"   I understand your points and agree entirely except for that nature of coming to this decision as a "lightweight" because of using partial amounts of scripting to hinder attacks such as this, which is in its proposal could be associated that you have never had an attack of the same nature performed on any site in which you are directly in "Administaration of security on" who knows. Mosts renowned hosts will only limit 50 concurrent mysql connections per 10,000 th of a second per account associated with that server in the first place, but I do agree "Let the users decide" Cant please everyone

Re: Stop Auto Refreshers and multi IP logins   HHHMMMMMMMM Cause statistically just about 12.51% of active connections are dial up and even a lower number of these users are AOL Its no wonder that novice programmers on a PHP/LEVEL dont post on your forums as everything is ridiculed by inhabitants lol, instead of trying to help said poster improve thier basis, you attack the coding within. It obvious if you look at the coding its intended purpose, Nuke antidoss was written to stop HTTP Proxies from attacking a SQL database on a server from refreshing pages at a fast amount, we go back to my first post that it was a simple script altered to work with this to serve its purpose, which was not to prevent dos attacks, but block multiple IP strings, and page refreshers such as one built into firefox. Altering databases and permissions (as I have read tons of posts on this forum) is not within your normal "novice" capabilities, as they would not know the first thing about setting said permissions to reflect this type of change that this script provides. Once again based upon the script of how SQL Flooders work   2 database cells without releasing a time frame of exectution (also notated within the script) was the point You are referencing to something completely different then its intended purpose with this line   Its obivious you would not use the script, wasnt intended for people with that type of background in SQL. I have since altered the script when used to block "Basic Dos Attacks" to ban via htaccess to relieve strain upon a database. Did I forget to mention dont run this script if the server you are sitting on is a Commodore 64? LOL The major majority of the hosts (that are worth hosting with) are running servers on shared hosting environments, are that of at least Dual Core Setups. This script has been passed by me to others suffering attacks on "Wide Open" servers (Wont mention hosting names), keeping the account from being SQL flooded as easily, they might still be able to hit the SQL, but would greatly hinder thier chances of using "Page Refreshing " flooders to do so (are you tired of hearing "Its intended purpose") We are a hosting company that bought the game from a user that didnt know anything about any PHP/SQL Functions and simply gave up, let the site go down hill, ect. We are learning more and more about how people cheat and how to stop such actions. Not to mention we have more then our fair share of server exploits/dos attacks, morons with nothing better to do, ect. Beings this said when I mention I have done my homework, this is not in the Fashion of saying I googled "How do I stop dos attacks" lol, we have limited such privs. in SQL as have mentioned, which caused other issues in the game such as errors that noobs thinking the server was down, or not responding correctly, this is a "Visual" warning to them of why the server is acting the way it is based on their actions. I dont know what intentions of forum moderators to this site are, but intentions of "Simple Fixes" to a problem that effects everyone that has a game of this nature, in relation to "Another" user suggesting that you eat a bowl of cheerios every morning for weeks on end, reading MYSQL database documentation, instead of taking what you know, applying it, and testing, is a sad cry from the truth of I dont know everything, im not posting of forums claiming too, im sure this other user can be taught tips and tricks, but one thing you dont see me doing is basing a sole decision of a script on a basis of "I wouldnt use it cause I Know this" rather then why dont you change this, or ignoring what the scripts sole purpose is designed to do. Signed The "Noob" lol

Re: Stop Auto Refreshers and multi IP logins Um because of the Obvious scenario of the site sitting or not sitting on a dedicated server LMFAO Did you read the entire post? My site is on a dedicated server we host about 160 people, I am not editing SQL restrctions as a whole on the server, to just limiting to one account as I could make a simple script that stops page refreshing to fast This inserts a row per IP on the table based upon time, hence too many connections, page refreshes, would be limited by the script itself. This is a proven method with Nuke sites, and is not subject to any injection lol your acting Like I havent done my homework on the matter in which I have Your reply was sensless in the state of what you were saying, this script was launched this morning, has reduced bandwidth usage on that site, and has obvious stopped faster page refreshes. Appreciate all comments from a non descriptive standpoint lol

Re: Frustrated with Gang Banner Add Um i run Version 2

This was a script I modified to work with mc, the IP s stop multi registering but not the same IP s from multi logins as the connections would be hard to limit considering noobs dont set up thier browsers correctly, so after many trials and tribulations, I decided to take a SQL flood preventer designed for PHP Nuke and convert it to use with MC Codes, **Notice Im not saying I wrote this Im saying I edited it to work** This counts the number of rows in a SQL Table then rejects too many if you look at the coding carefully you will see why and how it stops Cheaters of all natures ENJOY     -- phpMyAdmin SQL Dump -- version 2.11.4 -- [url]http://www.phpmyadmin.net[/url] -- -- Host: localhost -- Generation Time: Apr 29, 2008 at 07:33 AM -- Server version: 5.0.45 -- PHP Version: 5.2.3 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; -- -- Database: `yours_blah` -- -- -------------------------------------------------------- -- -- Table structure for table `_antidoss` -- DROP TABLE IF EXISTS `_antidoss`; CREATE TABLE IF NOT EXISTS `_antidoss` ( `ip_addr` varchar(48) NOT NULL default '', `time` varchar(14) NOT NULL default '', `click` varchar(14) NOT NULL default '', KEY `ip_addr` (`ip_addr`,`time`,`click`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `_antidoss` --     Create antidoss.php and the following   <?php global $prefix, $db; $ip = $_SERVER['REMOTE_ADDR']; $past = time()-2; $sql = "DELETE FROM ".$prefix."_antidoss WHERE time < '$past'"; $db->query($sql); $ctime = time(); $db->query("INSERT INTO ".$prefix."_antidoss (ip_addr, time) VALUES ('$ip', '$ctime')"); $num_row = $db->num_rows($db->query("SELECT * FROM ".$prefix."_antidoss WHERE ip_addr='$ip'")); if ($num_row >= 2) { echo "<body><center> <font color=\"#0066FF\" size=\"5\" face=\"Georgia, Times New Roman, Times, serif\"> You Have Activated The Criminal Island Flood Control Please Stop Refreshing Pages</font> Click <a href=\"javascript:location.reload(true)\">Here</a> If Page Didn't Reload In 5 Seconds</center>"; echo "<script type=\"text/javascript\">" ."function reFresh() {" ." location.reload(true)" ."}" ."window.setInterval(\"reFresh()\",5000);" ."</script>"; die(); } unset($ip); ?>     How the beginning of my header.php looks <?php define("LOAD_START", microtime(true)); class headers { function startheaders() { $userid=$_SESSION['userid']; global $ir, $set, $prefix, $db; $ip = $_SERVER['REMOTE_ADDR']; $past = time()-2; $sql = "DELETE FROM ".$prefix."_antidoss WHERE time < '$past'"; $db->query($sql); $ctime = time(); $db->query("INSERT INTO ".$prefix."_antidoss (ip_addr, time) VALUES ('$ip', '$ctime')"); $num_row = $db->num_rows($db->query("SELECT * FROM ".$prefix."_antidoss WHERE ip_addr='$ip'")); if ($num_row >= 3) { echo "<body><center> <font color=\"#0066FF\" size=\"5\" face=\"Georgia, Times New Roman, Times, serif\"> You Have Activated The Flood Control Please Stop Refreshing Pages</font> Click <a href=\"javascript:location.reload(true)\">Here</a> If Page Didn't Reload In 5 Seconds</center>"; echo "<script type=\"text/javascript\">" ."function reFresh() {" ." location.reload(true)" ."}" ."window.setInterval(\"reFresh()\",5000);" ."</script>"; die(); } unset($ip);   you may edit the following line in the header to adjust the sensitivity to your liking if ($num_row >= 3) {   Including in the header.php will make it pull to every page associated with the site

I am getting a session start error on the top of the header of my page and cant figure for the life of me where, I have edited it to make it work correctly although something is causing the header error and I cant figure it out if someone where to be so kind as to help with this would be greatly appreciated THANK YOU My yourgang.php where I have edited to add the mod   case "tag": gang_staff_tag(); break; case "pic": gang_staff_pic(); break; [url='yourgang.php?action=staff&act2=tag']Change Gang Tag[/url] [url='yourgang.php?action=staff&act2=pic']Change Gang Picture[/url] "; function gang_staff_pic() { global $ir,$c,$userid,$gangdata; if($gangdata['gangPRESIDENT'] == $userid || $userid==1) { if(isset($_POST['subm'])) { $_POST['vp']=str_replace(array("<", ">", "\n","\'"), array("<", ">", " ","'"), $_POST['vp']); mysql_query("UPDATE gangs SET gangPIC='{$_POST['vp']}' WHERE gangID={$gangdata['gangID']}",$c); print "Gang pic changed! [url='yourgang.php?action=staff']> Back[/url]"; } else { print "Current Pic: "; if($gangdata['gangPIC']) { print "[img={$gangdata[]"; } else { print "[b]No Gang Picture[/b]"; } print"<hr /> <form action='yourgang.php?action=staff&act2=pic' method='post'> Please note that the pic must be externally hosted, [url='http://imageshack.us']ImageShack[/url] is our recommendation. Any pics that are not 468x60 will be automatically resized. <input type='hidden' name='subm' value='submit' /> tag: <input type='text' name='vp' value='http://www.domain.com/yourpic.jpg' /> <input type='submit' value='Change' /></form>"; } } } function gang_staff_tag() { global $ir,$c,$userid,$gangdata; if($gangdata['gangPRESIDENT'] == $userid || $userid==1) { if(isset($_POST['subm'])) { $_POST['vp']=str_replace(array("<", ">", "\n"), array("<", ">", " "), $_POST['vp']); mysql_query("UPDATE gangs SET gangPREF='{$_POST['vp']}' WHERE gangID={$gangdata['gangID']}",$c); print "Gang tag changed! [url='yourgang.php?action=staff']> Back[/url]"; } else { print "Current Tag: {$gangdata['gangPREF']} <form action='yourgang.php?action=staff&act2=tag' method='post'> Enter the new tag. <input type='hidden' name='subm' value='submit' /> tag: <input type='text' name='vp' value='' /> <input type='submit' value='Change' /></form>"; } } }

Re: [mccode] donator day market for v2 Cause believe it or not man, some users like this mod, LOL why you get so testy this is what forums are for is sharing trials and tribulations? You have a game on your server, we have one on ours, noone makes you read posts :D

Re: [mccode] donator day market for v2 LOL let me rephrase that We edited this line   if($r['ddADDER'] == $userid) { $link = "[url='dday.php?action=remove&ID={$r[']Remove[/url]"; } else { $link = "<a href='dday.php?action=buy&ID={$r['ddID']}   To remove the possiblility of the poster from removing thier own market postings to stop this See edited code which still allows people to buy just stops the cheaters from exploiting   <?php /*----------------------------------------------------- dd market of v2 copy right of kyle -----------------------------------------------------*/ include "globals.php"; print "<h3>Donator Day Market</h3>"; $_GET['ID']=mysql_real_escape_string(abs(@intval($_GET['ID']))); switch($_GET['action']) { case "buy": crystal_buy(); break; case "remove": crystal_remove(); break; case "add": crystal_add(); break; default: ddmarket_index(); break; } function ddmarket_index() { global $db,$ir,$c,$userid,$h; print "[url='ddmarket.php?action=add']> Add A Listing[/url] Viewing all listings... <table width=75% cellspacing=1 class='table'> <tr style='background:red'> <th>Adder</th> <th>Qty</th> <th>Price each</th> <th>Price total</th> <th>Links</th> </tr>"; $q=$db->query("SELECT dd.*, u.* FROM ddmarket dd LEFT JOIN users u ON u.userid=dd.ddADDER ORDER BY ddPRICE/ddQTY ASC"); while($r=$db->fetch_row($q)) { if($r['ddADDER'] == $userid) { $link = "[url='ddmarket.php']Cannot Remove[/url]"; } else { $link = "[url='ddmarket.php?action=buy&ID={$r[']Buy[/url]"; } $each= (int) $r['ddPRICE'] / $r['ddQTY']; print "\n<tr> <td>[url='viewuser.php?u={$r[']{$r['username']}[/url] [{$r['userid']}]</td> <td>{$r['ddQTY']}</td> <td> \$" . number_format($each)."</td> <td>\$".number_format($r['ddPRICE'])."</td> <td>[$link]</td> </tr>"; } print "</table>"; } function crystal_remove() { global $db,$ir,$c,$userid,$h; $q=$db->query("SELECT * FROM ddmarket WHERE ddID={$_GET['ID']} AND ddADDER=$userid"); if(!$db->num_rows($q)) { print "Error, either these dd do not exist, or you are not the owner. [url='ddmarket.php']> Back[/url]"; $h->endpage(); exit; } $r=$db->fetch_row($q); $db->query("UPDATE users SET donatordays=donatordays+{$r['ddQTY']} where userid=$userid"); $db->query("DELETE FROM ddmarket WHERE ddID={$_GET['ID']}"); print "dd removed from market! [url='ddmarket.php']> Back[/url]"; } function crystal_buy() { global $db,$ir,$c,$userid,$h; $q=$db->query("SELECT * FROM ddmarket dd WHERE ddID={$_GET['ID']}"); if(!$db->num_rows($q)) { print "Error, either these dd do not exist, or they have already been bought. [url='ddmarket.php']> Back[/url]"; $h->endpage(); exit; } $r=$db->fetch_row($q); if($r['ddPRICE'] > $ir['money']) { print "Error, you do not have the funds to buy these dd. [url='ddmarket.php']> Back[/url]"; $h->endpage(); exit; } $db->query("UPDATE users SET donatordays=donatordays+{$r['ddQTY']} where userid=$userid"); $db->query("DELETE FROM ddmarket WHERE ddID={$_GET['ID']}"); $db->query("UPDATE users SET money=money-{$r['ddPRICE']} where userid=$userid"); $db->query("UPDATE users SET money=money+{$r['ddPRICE']} where userid={$r['ddADDER']}"); event_add($r['ddADDER'],"[url='viewuser.php?u=$userid']{$ir['username']}[/url] bought your {$r['ddQTY']} Donator Days from the market for \$".number_format($r['ddPRICE']).".",$c); print "You bought the {$r['ddQTY']} dd from the market for \$".number_format($r['ddPRICE'])."."; } function crystal_add() { global $db,$ir,$c,$userid,$h; $abvd=mysql_query("SELECT * FROM ddmarket WHERE ddADDER={$ir['userid']}"); if(mysql_num_rows($abvd)>4) { die("You cannot have more than 5 listings on this market at any given time."); } $_POST['amnt'] = abs((int) $_POST['amnt']); $_POST['price'] = abs((int) $_POST['price']); if($_POST['amnt']) { if($_POST['amnt'] > $ir['donatordays']) { die ("You are trying to add more donator days to the market than you have."); } $tp=$_POST['amnt']*$_POST['price']; $db->query("INSERT INTO ddmarket VALUES('',{$_POST['amnt']},$userid,$tp)"); $db->query("UPDATE users SET donatordays=donatordays-{$_POST['amnt']} WHERE userid=$userid"); print "dd added to market! [url='ddmarket.php']> Back[/url]"; } else { print "[b]Adding a listing...[/b] You have [b]{$ir['donatordays']}[/b] donator days that you can add to the market.<form action='ddmarket.php?action=add' method='post'><table width=50% border=2><tr> <td>Donator days:</td> <td><input type='text' name='amnt' value='{$ir['donatordays']}' /></td></tr><tr> <td>Price Each:</td> <td><input type='text' name='price' value='200' /></td></tr><tr> <td colspan=2 align=center><input type='submit' value='Add To Market' /></tr></table></form>"; } } $h->endpage(); ?>

Re: [mccode] donator day market for v2 We have a buncha skandelous peeps on our site :mrgreen: lol I had to remove the "Remove" links off the market, they can put thier days on the market at night before crons roll over and not loose days, this was a major cheat lol, as we removed the Buy and Remove links from the SQL in this file as the poster of the Sale