Decepti0n

Re: Staff Function - Edit User - V2 - Enhanced Version   function deluser() { global $ir,$c,$h,$userid,$db; if($ir['user_level'] != 2) { die("403"); } $undeletable = array('1','2'); // add more IDs here, such as NPCs switch ($_GET['step']) { default: echo "<h3>Deleteing User</h3> Here you can delete a user. <form action='staff_users.php?action=deluser&step=2' method='post'> User: ".user_dropdown($c,'user')." <input type='submit' value='Delete User' /></form> OR enter a user ID to Delete: <form action='staff_users.php?action=deluser&step=2' method='post'> User: <input type='text' name='user' value='0' /> <input type='submit' value='Delete User' /></form>"; break; case 2: $target = $_POST['user']; if (!is_numeric($target)) exit; if (in_array($target,$undeletable)) { die('You cannot delete this person.'); } $d=$db->query("SELECT username FROM users WHERE userid='$target'"); $itemi=$db->fetch_row($d); print "<h3>Confirm</h3> Delete user ".$itemi["username"]."? <form action='staff_users.php?action=deluser&step=3' method='post'> <input type='hidden' name='userid' value='$target' /> <input type='submit' name='yesorno' value='Yes' /> <input type='submit' name='yesorno' value='No' onclick=\"window.location='staff_users.php?action=deluser';\" /></form>"; break; case 3: $target = $_POST['userid']; if (!is_numeric($target)) exit; if (in_array($target,$undeletable)) { die('You cannot delete this person.'); } if($_POST['yesorno']=='No') { die("User not deleted. [url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]"); } if ($_POST['yesorno'] != ("No" || "Yes")) die('Eh'); $d=$db->query("SELECT username FROM users WHERE userid='$target'"); $itemi=$db->fetch_row($d); $db->query("DELETE FROM users WHERE userid='$target'"); $db->query("DELETE FROM userstats WHERE userid='$target'"); $db->query("DELETE FROM inventory WHERE inv_userid='$target'"); $db->query("DELETE FROM fedjail WHERE fed_userid='$target'"); echo "User {$itemi['username']} Deleted. [url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]"; stafflog_add("Deleted User {$itemi['username']} [{$_POST['userid']}]"); break; } }   Wow, I remember creating that like over a year ago, good to see it's still copied and pasted thoughtlessly

Re: Slight Problem Yeah, but you'll have to split up the string and concatenate it. Trust me it'll be better in the long run if I don't just hand it to you

Re: Slight Problem   else if ($np['hPRICE'] > $ir['money']) { print "You do not have enough money to buy the {$np['hNAME']} for £{$np['hPRICE']}"; $need = number_format($np['hPRICE'] - $ir['money']); echo 'You need £' . $need . ' more to buy this house.';   You have to remember/learn where strings break, what is a string, what a string can do/contain, how its parsed

Re: Slight Problem What? House price: 100 User money: 80 100 - 80 = 20 ~ how much more they need How isn't that right? Unless you mean it just shows "You need 100 - 80", then do it outside of the string:   $need = number_format($np['hPRICE'] - $ir['money']); echo 'You need $' . $need . ' to buy the house';

Re: login.php help! Because you used Photoshops export to HTML instead of doing it properly with html/css? Don't use that funtion in photoshop, especially for production pages. It's better to slice it and code it by hand

Re: GTA VI Hah, they advance console tech to compete with each other probably. I want it on PC too, especially since my computer could easily handle it... apparently it wasn't released for the PC straight away because it's (admittedly) harder to cater to such a wide range of PCs. With consoles you know their hardware and what they're capable of, with PCs you have to make sure you can accept as much as possible, including less than elite graphics cards etc.

Re: Clocking the speed of a page load. Change it to microtime(true), then you'll get the string "msec sec", milliseconds then seconds. Use the milliseconds part. IF you use the same code on those included pages, then im not sure, but instead of getting billions of seconds you'll get the (actual) 0.whatever seconds Edit; also if you want a quick way to append/prepend files to your work, add these two lines in your <dot>htaccess file: php_value auto_prepend_file start.php php_value auto_append_file end.php Just make sure you remember that they're there

Re: House Tax [$5] Help from: Absolute Zero and Iso

Re: Anyone watch movies online now a days? Watched Jumper last night on Megavideo

Re: The Best Game Ever Released Yeah it was good for its time, good facial features as well and an awesome storyline. Its a few years old now but Mafia 2 is coming out soon. Screenshots of mafia 2

Re: The Best Game Ever Released Diablo 2 or Mafia

Re: BBCode_Engine Or you could do it yourself, or not use the one in this thread. Or make something safer. Or learn to code. Must be foreign concepts

Re: Count Users Clicks ... what?

Re: Count Users Clicks Yeah, just because it's free doesn't mean people can't criticize it. That's the worst excuse for bad feedback ever. Also, it's retarded, since after you click 100 times, every single click would get more money.

Re: [Video] Web 2.0  

Re: Ignore User Mails [$10] Please don't tell me it requires a whole new mysql table to do ..?

Re: Simple SQL Injection protection Man, so accusatory with these "mods". Anything with 'select' in the url != intrusion attempt. It's not going to be very friendly if you wind up going to a profile, say, user.php?name=selectMan, and being labelled a hacker. But sure

Re: [Competition Questions] Designing Dynamic Tables Even though its late, thought I'd chime in with a different take on it:   ob_start(); $links = array ( array('text' => "one", 'href' => "one.php"), array('text' => "two", 'href' => "two.php"), array('text' => "three", 'href' => "three.php"), array('text' => "four", 'href' => "four.php"), array('text' => "five", 'href' => "five.php"), array('text' => "six", 'href' => "six.php"), array('text' => "seven", 'href' => "seven.php"), array('text' => "eight", 'href' => "eight.php"), array('text' => "nine", 'href' => "nine.php"), array('text' => "ten", 'href' => "ten.php"), array('text' => "eleven", 'href' => "eleven.php"), array('text' => "twelve", 'href' => "twelve.php"), array('text' => "thirteen", 'href' => "thirteen.php"), ); echo '<table>'; for ($count = 0, $columns = 4; $count < (ceil(count($links) / $columns) * $columns); $count++) { echo $count % $columns == 0 ? "\n\t<tr>" : '', "\n\t\t<td>" . (array_key_exists($count, $links) ? '[url="' . $links[$count]['href'] . '"]' . $links[$count]['text'] . '[/url]' : ' ') . '</td>', $count % $columns == ($columns - 1) ? "\n\t</tr>" : ''; } echo "\n</table>"; echo '<pre>' . htmlentities(ob_get_clean()) . '</pre>';   Includes easy way to see the result for no reason

Re: How many lines of code do you have? Damn, where's everybody getting these numbers from? The most I managed on a game I built was about 30,000. Maybe we have different definitions of 'a lot of junk'. edit; made it to 500k, by scanning my entire www directory ... which half of that I didn't even make I guess. Seriously, any examples of a file that would even make a dent in 1mil rows? :\

Re: Secure Your Crons. Just put them outside the web root. Done. No need for IP checks or passwords or extra servers (<-- what the hell?). No matter how many folders deep or how long your password someone would be able to get it after a while. If its outside the web root they can't even access the page unless they're on your server, in which case you have bigger problems.

Re: [$10] Secure Password System Yes techno, you sure can actually 'decrypt' a hashing function which by definition is a one-way process. We're talking about hashes which are used only for comparison, not actually storing data, which would be encryption. There's no such thing as de-hashing @Ghetto, way to add a heap of functions together that don't need to be. Why would you base64 encode a sha256'd string? You just made it even longer.

Re: Securing Variables Just fyi, you don't/shouldn't use htmlentities when you're entering something. If they edit something in their profile, you should insert the data only escaping any quotes - HTML won't do anything to a database. When you output the info (say in their signature), then use it, to spoil any html input they try (like meta redirects or scripts)

Re: Proxy Check Quicker:   $q = $db->query("SELECT COUNT(*) as matches FROM proxylist WHERE `ip` = '".$_SERVER['REMOTE_ADDR']."'"); $f = mysql_fetch_assoc($q); if ($f['matches'] > 0) { // do whatever }   (i think, I do mine slightly different)

Re: help getting MC codes lite v101 installed Try deleting the '123' and just sending in a blank password

Re: Update MySQL Table Using An Array I made something similar, but not so many loops and not as many queries :|