Isomerizer

Re: 3 Word Game due to a

Re: [mccode] Diamond gems, with a Diamondtemple.php for v2.0   Well done, for pressing ctrl + h and replacing "Crystals" with "Diamonds".

Anyone had the patients / knowledge to go through there game and make it strict xhtml valid? I went to a validator today and validated a few of my pages and there were loads of xhtml errors -_-. Is it really worth correcting it all? Is there any advantages? Ive never really understood xhtml too well :| So is anyones game W3C correct? :P

Re: [Free] [v1] Profile Image Uploader   What doesnt work? A bit more detail please. PHP error? Images wont upload? I can only fix it if i know the exactly whats wrong.

Re: [Free] [v1] Monkey Slaves   I think this is the cron code, Ive updated now, it shouldnt go into negative monkeys :P

Re: [Free] [v1] Monkey Slaves   Should be able to buy them now.

Ok, Well this mod isnt the most complex mod, but i havent made any mods for a while, And i was meening to make this for my game anyways, Simple add on that can give user's something else to work on, And is another reason while there stay active in your game.. So here it is....Monkey Slaves... Updated 25/6/08 Create new monkeys.php:   <?php /*----------------------------------------------------- -- Isomerizer Copyright 2008+. -- Monkey Slaves (Free Mod) -- Property of isomerizer.com -----------------------------------------------------*/ require("globals.php"); $valid_go = array('search', 'feed'); if (!in_array($_GET['go'], $valid_go)) { echo 'Error - Invalid action!'; $h->endpage(); exit; } switch($_GET['go']) { case 'search': _search(); break; case 'feed': _feed(); break; default: _index(); break; } function _back() { echo ' [url="'.$_SERVER['PHP_SELF'].'"]Back[/url]'; $h->endpage(); exit; } function _index() { global $ir, $userid, $h echo 'Monkey Slaves Monkey Stats - Monkey Slaves: '.$ir['monkeys'].' - Monkey Hunger: '.$ir['monkey_hunger'].' Monkey Options Buy Monkeys: ($2000 per monkey) [ [url="'.$_SERVER['PHP_SELF'].'?go='.urlencode('feed').'"]Feed Monkeys ($1000 per monkey)[/url] ] [ [url="'.$_SERVER['PHP_SELF'].'?go='.urlencode('search').'"]Search (10 Hunger & 25 Energy)[/url] ] '; if ($_POST['amount']>'0') { $_POST['amount'] = abs(@intval($_POST['amount'])); $price = $_POST['amount'] * 2000; // Price of monkeys if ($price > $ir['money']) { echo 'Sorry you do not have enough to purchase these monkeys!'; _back(); } echo 'You bought '.$_POST['amount'].' Monkey Slave(s)!'; mysql_query( sprintf("UPDATE `users` SET `monkeys` = `monkeys` - %u, `money` = `money` - %u WHERE `userid` = %u", mysql_real_escape_string($_POST['amount']), mysql_real_escape_string($price), mysql_real_escape_string($userid)); _back(); } } function _feed() { global $ir, $userid, $h; $moneyrequired = $ir['monkeys'] * 1000; if ($moneyrequired > $ir['money']) { echo 'You cannot afford to feed your monkeys!'; _back(); } if ($ir['monkey_hunger'] >= '100') { echo 'Your monkeys dont need feeding!'; _back(); } mysql_query( sprintf("UPDATE `users` SET `monkey_hunger` = 100, `money` = `money` - %u WHERE `userid` = %u", mysql_real_escape_string($moneyrequired), mysql_real_escape_string($userid))); echo 'You fed your monkeys!'; _back(); } function _search() { global $ir, $userid, $h if ($ir['energy'] < 3) { echo 'You dont have enough energy!'; _back(); } if ($ir['monkeys'] < 1) { echo 'You have no monkeys!'; _back(); } if ($ir['monkey_hunger'] < 10) { echo 'Your monkeys are to hungry to search!'; _back(); } $rand = mt_rand(1,3); if ($rand == 1) { echo 'Your monkeys find '.$ir['monkeys'].' crystals all over the place! [url="'.$_SERVER['PHP_SELF'].'?go='.urlencode('search').'"]Try Again[/url]'; $crystals = $ir['monkeys'] + $ir['crystals']; mysql_query( sprintf("UPDATE `users` SET `crystals` = `crystals` + %u, `energy` - `energy` - 3 , `monkey_hunger` - `monkey_hunger` - 10 WHERE `userid` = %u", mysql_real_escape_string($crystals), mysql_real_escape_string($userid))); _back(); } if ($rand=='2') { $randcash = mt_rand(1,50); $cash = $ir['monkeys'] * $randcash; echo 'Your monkeys found you '.money_formatter($cash).'! [url="'.$_SERVER['PHP_SELF'].'?go='.urlencode('search').'"]Try Again[/url]'; mysql_query( sprintf("UPDATE `users` SET `money` = `money` + %u, `energy` - `energy` - 3 , `monkey_hunger` - `monkey_hunger` - 10 WHERE `userid` = %u", mysql_real_escape_string($cash), mysql_real_escape_string($userid))); _back(); } if ($rand=='3') { echo 'Your monkeys found jack all, Unlucky! [url="'.$_SERVER['PHP_SELF'].'?go='.urlencode('search').'"]Try Again[/url]'; mysql_query( sprtinf("UPDATE `users` SET `energy` = `energy` - 3, `monkey_hunger` - `monkey_hunger` - 10 WHERE `userid` = %u", mysql_real_escape_string($userid))); _back(); } } $h->endpage(); ?>   In Energy Cron:   $query8 = "UPDATE `users` SET `monkeys` = `monkeys` - 1 WHERE `monkey_hunger` <= 0 AND `monkeys`> 0"; $query9 = "UPDATE `users` SET `monkey_hunger` = `monkey_hunger` - 5 WHERE `monkey_hunger` > 0"; mysql_query($query8,$c) or die("\nError Executing Query 8 for updating users $i to $next\n$query8\n".mysql_error()."\nError Code:".mysql_errno()); mysql_query($query9,$c) or die("\nError Executing Query 9 for updating users $i to $next\n$query9\n".mysql_error()."\nError Code:".mysql_errno());   In mainmenu.php add:   [url='monkeys.php']Monkeys[/url]   SQL:   ALTER TABLE `users` ADD `monkey_hunger` INT( 25 ) NOT NULL DEFAULT '100'; ALTER TABLE `users` ADD `monkeys` INT( 25 ) NOT NULL DEFAULT '0';   Enjoy..

Re: Idea about donator cyber bank Lol Godhand... This makes me laugh, Yesterday Scarlet posted this http://criminalexistence.com/forum/inde ... ic=14173.0 Soming up that all coding / DBS help shouldnt be here. And literally not even 1 day after posted you post this asking for help..... :|

Re: Online Cricket Management Game   You cannot see... Force: +3/-2 [Light] [Dark] ?

Re: Online Cricket Management Game   Quite a few errors in that, This is what it should be...   <?php $runs=rand(1,10); if ($runs <= 7) { //mySQL query here } if ($runs > 7) { // mySQL query here } ?>

Re: Seanybob's Official Mod Corner   Mods » Questions Bot » Honors/Awards » Arcade » User Sifter Cron » Forums » High/Low

Re: [Free] [v1] User Verification [Captcha] Ok ive managed to fix the browser bug. Its been updated so now it should work with all browsers. :wink: The extra function to put in your cron, clears the image/captcha directory every 10 minutes to make sure it doesnt overload. Enjoy :D

Re: [Free] [v1] User Verification [Captcha]   Headers... header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");   Tried all that .... Nothing works. :(

Re: Supporter Days{v1}   Agreed.

Re: Anti-sql injection function Hmm should save me alot of time. Thanks for these great functions. Also Absolute, One small error, You missed an ; after return $string

Re: [Free] [v1] User Verification [Captcha] Slightly Updated. Theres a small bug for it in IE, the cache doesnt clear. So the image stays the same unless they clear cache manually. You should inform user's about this.

Re: Securing Variables Ok i think i am starting to understand, Though i must realise when the functions are needed and when they are not. Hopefully i'll get used to it soon enough :)

Re: Securing Variables   Ok, thanks Ferdi. Ive been reading up about them functions, and trying to work out when there needed excactly... This is a part of my authenticate.php (DBS v1) i just re-wrote.   $username=htmlspecialchars(mysql_real_escape_string($_POST['username']), ENT_QUOTES); $password=htmlspecialchars(mysql_real_escape_string($_POST['password']), ENT_QUOTES); $uq=mysql_query("SELECT userid FROM users WHERE login_name='$username' AND `userpass`=md5('$password')",$c) or die(mysql_error());   Is this now secure enough? Or am i still missing something?

Re: 3 Word Game old fish named

Hey, So i was going to go through my game and attempt to secure all the variables in every file. Someone said your suppose to secure every single input variables, I thought only mysql query involved variables had to be secured. I was wrong. Anyways i have learnt the mysql_real_escape_string() function, striplash() function and sprintf() function, will using them functions on variables secure them enough? Or are other functions needed? Sorry if this sounds dumb, but i have never really learnt to much of the security side of php. Nows a time to start. Thanks.

Re: [Free] [V1] Random Explore Mod Updated. :-)

Re: attack ban in attack.php just add something like if ($ir['id']=='id here') { echo "Your banned from attacking"; endpage(); exit; }

Re: [Free] [v1] User Verification [Captcha]   Not sure allways worked fine for me, Didnt have to create the image did it automatically. Have you even tryed creating the image? Should try it, I may not be 100% correct.

Re: [Free] [v1] Jail   Show me the code.... And you want it to give you 100% bust success rate... ?

Re: [Free] [v1] Jail Try this... Ive just tested it, Bust works... Bail Works.... And the attempt to escape has a few rand functions in the escape.php that determine the success rate.   <?php /*----------------------------------------------------- -- Isomerizer Copyright 2007 -----------------------------------------------------*/ session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php"); exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); $bail=$_GET['bail']; $bust=$_GET['bust']; if ($bail=="" && $bust=="") { print "<h3>The Local Prison</h3>"; if ($ir['prison']!=0) { print "<a href=escape.php>[Attempt to escape]</a> "; } print "<table width='75%' border='2'><tr bgcolor='#004400'><th>ID</th><th>Name</th> <th>Level</th> <th>Time</th><th>Reason</th><th>Options</th></tr>"; $q=mysql_query("SELECT u.*,c.* FROM users u LEFT JOIN gangs c ON u.gang=c.gangID WHERE u.prison > 0 ORDER BY u.prison DESC",$c); while($r=mysql_fetch_array($q)) { $blah=$r['userid']; print "\n<tr><td>{$r['userid']}</td><td>{$r['gangPREFIX']} [url='viewuser.php?u={$r[']{$r['username']}[/url] [{$r['userid']}]</td><td> {$r['level']}</td><td>{$r['prison']} minutes</td><td>{$r['prisonreason']}</td><td><form action=prison.php method=GET><a href=prison.php?bust={$r['userid']}>Bust</a> | <a href=prison.php?bail={$r['userid']}>Bail</a></form></td></tr>"; } print "</table>"; } if ($bust!="") { if ($ir['energy']<1) { print "You need 7 power to bust! <a href=prison.php>Back</a>"; exit; } if ($bust==$userid) { print "You cannot bust yourself out! <a href=prison.php>Back</a>"; exit; } $bustlvl=$ir['bustlvl']; $randd=rand(1,300); $rand=$randd*$bustlvl; $lvllrand=rand(1,50); $lvlrand=$lvllrand*$bustlvl-5; if ($rand<=200) { $eeeeee=mysql_query("SELECT u.*,c.* FROM users u LEFT JOIN gangs c ON u.gang=c.gangID WHERE u.prison > 0 ORDER BY u.prison DESC",$c); while($eee=mysql_fetch_array($eeeeee)) { $busterr=$eee['userid']; $bustooo=$eee['username']; if ($ir['hospital']!="0") { print "You cannot bust out while in Hospital!"; exit; } if ($ir['prison']!="0") { print "You cannot bust out while in Prison!"; exit; } print "You were caught trying to bust $bustooo out of prison and thrown in prison yourself!"; mysql_query("UPDATE users SET energy=energy-1 WHERE userid=$userid", $c); event_add($busterr, "<a href=viewuser.php?u={$ir['userid']}>{$ir['username']}</a> was caught trying to bust you out!", $c); mysql_query("UPDATE users SET prison='100' WHERE userid=$userid", $c); mysql_query("UPDATE users SET totalprison=totalprison+1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET prisonreason='Attempting to bust $bustooo out of prison' WHERE userid=$userid", $c); exit; $h->endpage(); } } if ($rand>100 && $lvlrand<10) { $e=mysql_query("SELECT u.*,c.* FROM users u LEFT JOIN gangs c ON u.gang=c.gangID WHERE u.prison > 0 ORDER BY u.prison DESC",$c); while($eee=mysql_fetch_array($e)) { $bustingg=$eee['userid']; $bustingge=$eee['username']; if ($ir['hospital']!="0") { print "You cannot bust out while in Hospital!"; exit; } if ($ir['prison']!="0") { print "You cannot bust out while in Prison!"; exit; } print "You Busted $bustingge out of prison! And your bust level went up!"; mysql_query("UPDATE users SET bustlvl=bustlvl+1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET energy=energy-1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET totalbust=totalbust+1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET prison=0 WHERE userid=$bustingg", $c); event_add($bustingg, "<a href=viewuser.php?u={$ir['userid']}>{$ir['username']}</a> busted you out of prison!", $c); exit; $h->endpage(); } } if ($rand>110) { $e=mysql_query("SELECT u.*,c.* FROM users u LEFT JOIN gangs c ON u.gang=c.gangID WHERE u.prison > 0 ORDER BY u.prison DESC",$c); while($ee=mysql_fetch_array($e)) { $busting=$ee['userid']; $busto=$ee['username']; if ($ir['hospital']!="0") { print "You cannot bust out while in Hospital!"; exit; } if ($ir['prison']!="0") { print "You cannot bust out while in Prison!"; exit; } print "You Busted $busto out of prison!"; mysql_query("UPDATE users SET totalbust=totalbust+1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET energy=energy-1 WHERE userid=$userid", $c); mysql_query("UPDATE users SET prison=0 WHERE userid=$busting", $c); event_add($busting, "<a href=viewuser.php?u={$ir['userid']}>{$ir['username']}</a> busted you out of prison!", $c); exit; $h->endpage(); } } } if ($bail!="") { $eeee=mysql_query("SELECT u.*,c.* FROM users u LEFT JOIN gangs c ON u.gang=c.gangID WHERE u.prison > 0 ORDER BY u.prison DESC",$c); while($eeeee=mysql_fetch_array($eeee)) { $bustingee=$eeeee['userid']; $bustee=$eeeee['username']; if ($ir['money']<10000) { print "You dont have that sort of cash"; exit; } if ($ir['hospital']!="0") { print "You cannot bail out while in Hospital!"; exit; } if ($ir['prison']!="0") { print "You cannot bail out while in Prison!"; exit; } print "You payed $1000 to bail $bustee out of prison!"; mysql_query("UPDATE users SET money=money-10000 WHERE userid=$userid", $c); mysql_query("UPDATE users SET prison=0 WHERE userid=$bustingee", $c); } } $h->endpage(); ?>