Isomerizer

Re: Simple user rating system v2 This isnt really major, But maybe you should secure the input variable used in the mysql query.. $ID = $_GET['ID']; ---> $ID = mysql_real_escape_string($_GET['ID']);

Re: [mccode] crystal slots   I was referring to aqib1 / gear4life and his other accounts...

Re: Simple user rating system v2 Looks alright, Tho you dont really need 2 columns for the DB. if(!$ID) { print "Error - invaild player id."; $h->endpage(); exit; } if(!$ID) { print "Error - invaild action."; $h->endpage(); exit; } Repeated, I have no idea why...

Re: [mccode] crystal slots Theres noone to stop him from spamming either :(

Re: [mccode] crystal slots   downsy007 the 2nd.

Re: [mccode] crystal slots Probaly nothing. :lol:

Re: [Free] [v1] Scuba Diving   Bah several failed attempts to teach you how to remove a few lines of text, and your still asking for v2 conversions. Some things will never change :(

Re: [mccode] View Donators   Stop spamming unnecessary shit. :x

Re: estate.php mysql query is most probaly wrong... It should update the user's happy / will bar.... Show the query and i'll have a look.

Re: THIS OR THAT? Humans.... oxygen or carbon dioxide :-D

Re: 3 Word Game to the secret

Re: PLEASE READ!!!!!! <form action="http://www.zendurl.com/s/shoping1/test3/index1.htm" method="GET" onsubmit="return checkCheckBox(this)">

Re: PLEASE READ!!!!!! Enter ?

Re: help   No it fucking isn't. When will you people realise this?? This is for TUTORIALS.

Re: PLEASE READ!!!!!!   Change them to where you want the script to take you....

Re: PLEASE READ!!!!!!   Make sure the form action is correct?

Re: i need help with v2 crons   Corns...? LOL

Re: Need help.. Got hacked?   How can it fed a non - existent user?

Re: [Free] [v1] Scuba Diving In crons open enerwillupdate.php or the energy cron Find: $query2="UPDATE users SET energy=maxenergy WHERE energy>maxenergy"; Under add: $query7="UPDATE users SET oxygen=oxygen+5 WHERE oxygen<100";   Find: mysql_query($query5,$c) or die("\nError Executing Query 5 for updating users $i to $next\n$query5\n".mysql_error()."\nError Code:".mysql_errno()); Under add: mysql_query($query7,$c) or die("\nError Executing Query 7 for updating users $i to $next\n$query7\n".mysql_error()."\nError Code:".mysql_errno());   Open explore.php and in a table w/e you like...   [url='scubadive.php']Scuba[/url]   SQL:   ALTER TABLE `users` ADD `oxygen` INT( 11 ) NOT NULL DEFAULT '100';   (If you cant find the query's in the cron file just add the code anywhere before the ?> it doesn't matter to much, happy now?)

Re: [Free] [v1] Scuba Diving   The rest will work with any version of DBS...

Re: [Free] [v1] Scuba Diving   V2:   <?php /*----------------------------------------------------- -- Isomerizer Copright 2007+. -- Scuba Dive (Free Mod) -- Property of isomerizer.com -----------------------------------------------------*/ require "globals.php"; echo "<h3>Scuba Diving</h3>"; echo "Current Oxygen: {$ir['oxygen']} / 100 Hello there im Scuba Steve, I'll be your scuba diving instructor today Would you like to go scuba diving today? (20 Oxygen required) <form action=scubadive.php method=POST><select name=scuba> <option value=yes>Yes</option> <option value=no>No</option> </select> <input type=submit value='Scuba Dive!'></form><hr />"; if (isset($_POST['scuba'])) { if ($select==no) { echo "Dont scuba dive then, Your loss!"; $h->endpage(); exit; } if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $rand=rand(1,120); //* Start Location 0 *\\ if ($rand <= 20) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); $moneyfound=rand(10,50); echo "You find a small treausure chest containing <font color=green>$$moneyfound</font>"; $query1 = sprintf("UPDATE users SET money=money+$moneyfound WHERE userid=$userid", $c); mysql_real_escape_string($moneyfound, $c); $db->query($query1, $c); $h->endpage(); exit; } //* End Location 0 *\\ //* Start Location 1 *\\ if ($rand > 20 && $rand < 41) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); $moneyfind=rand(10,50); echo "You find a small coral, and pick up <font color=green>$$moneyfind</font>"; $query2 = sprintf("UPDATE users SET money=money+$moneyfind WHERE userid=$userid", $c); mysql_real_escape_string($moneyfind, $c); $db->query($query2, $c); $h->endpage(); exit; } //* End Location 1 *\\ //* Start Location 2 *\\ if ($rand > 40 && $rand < 61) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $success=rand(1,10); $crystalfinding=rand(1,10); if ($sucess > 5) { echo "You explore the sea finding a dead whale, inside you find <font color=green>$crystalfinding</font> crystals!"; $query3 = sprintf("UPDATE users SET crystals=crystals+$crystalfinding WHERE userid=$userid", $c); mysql_real_escape_string($query3, $c); $db->query($query3, $c); $h->endpage(); exit; } if ($success <=5) { echo "A whale bash's into you, Taking away some power"; $db->query("UPDATE users SET energy=energy-1 WHERE userid=$userid", $c); $h->endpage(); exit; } } //* End Location 2 *\\ //* Start Location 3 *\\ if ($rand > 60 && $rand < 81) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $find=rand(1,2); if ($find==1) { echo "Bah, You cant seem to find anything in the sea! Except for a bit of dead sea weed!"; $h->endpage(); exit; } if ($find==2) { echo "Bah, You cant seem to find anything in the sea! Wait, you spot a bit of shark poop!"; $h->endpage(); exit; } } //* End Location 3 *\\ //* Start Location 4 *\\ if ($rand > 80 && $rand < 100) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } $unit=rand(1,2); if ($unit==1) { $cashhh=rand(50,70); echo "While swimming around you find $<font color=green>$cashhh</font>"; $query4 = sprintf("UPDATE users SET money=money+$cash WHERE userid=$userid", $c); mysql_real_escape_string($cash, $c); $db->query($query4, $c); $h->endpage(); exit; } if ($unit==2) { $crystalss=rand(3,5); echo "While swimming around you find <font color=green>$$crytalss</font>"; $query5 = sprintf("UPDATE users SET crystals=crystals+$crystalss WHERE userid=$userid", $c); mysql_real_escape_string($crystalss, $c); $db->query($query5, $c); $h->endpage(); exit; } } //* End Location 4 *\\ //* Start Location 5 *\\ if ($rand == 100) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } echo "You find a cave in it you find <font color=green>$1000</font>!"; $db->query("UPDATE users SET money=money+1000 WHERE userid=$userid", $c); $h->endpage(); exit; } //* End Location 5 *\\ //* Start Location 6 *\\ if ($rand > 100 && $rand < 121) { if ($ir['oxygen'] < 20) { echo "20 oxygen is required to scuba dive"; $h->endpage(); exit; } $db->query("UPDATE users SET oxygen=oxygen-20 WHERE userid=$userid", $c); if ($ir['hospital'] > 0 || $ir['prison'] > 0) { echo "You cannot scuba while in hospital / prison"; $h->endpage(); exit; } echo "A shark takes a chunk out of you!"; $db->query("UPDATE users SET hospital='50' WHERE userid=$userid", $c); $db->query("UPDATE users SET hospreason='Bit by a shark' WHERE userid=$userid", $c); $h->endpage(); exit; } //* End Location 6 *\\ } ?>

Re: Guess the next poster Nope, i guess mdshare :x :roll:

Re: Full Crimes Commited Last bits wrong, You didnt start the function this is correct:   function hof_crimes() { global $ir,$c,$userid; print "Showing the 20 users with the highest amount of crimes <table width=75%><tr style='background: gray'> <th>Pos</th> <th>User</th> <th>Crimes Done</th> </tr>"; $q=mysql_query("SELECT u.*,g.* FROM users u LEFT JOIN gangs g ON g.gangID=u.gang WHERE u.user_level != 0 ORDER BY crimes DESC,userid ASC LIMIT 20", $c); $p=0; while($r=mysql_fetch_array($q)) { $p++; if($r['userid'] == $userid) { $t="[b]";$et="[/b]"; } else { $t="";$et=""; } print "<tr> <td>$t$p$et</td> <td>$t{$r['gangPREF']} {$r['username']} [{$r['userid']}]$et</td> <td>$t".money_formatter($r['crimes'],'')."$et</td> </tr>"; } print "</table>"; }

Re: [Free] [v1] Profile Image Uploader   Its not done yet... The script that ferdi posted didnt work =/ I'm in a coding kinda mood. I'll try to fix. It is fixed... It should work for all versions if you convert properly. I just tested this exact script on my site worked fine...

Re: Need help.. Got hacked?   why not remove the installer script? :-o Rofl, yeah that be a good idea, Install files are not needed after installation.... I didnt even think DBS had them... Anyways, Kaotic, change pass, prefixing tables may help too. Try to secure most input variables with mysql_real_escape_string(). He may be sql injecting and gaining access some how.... Doesnt your host log ip's whos accessed your c panel, make sure he hasnt been on there...