seanybob

Fine idea for a simple mod. For your question, the following pseudocode: a = query(SELECT userid FROM users WHERE gang=$ir['gang']) while (b = fetch_row(a)) { event_add("event text here", b['userid'] }

If the traffic has no incentive ties, I'd drop $125 for 100,000 hits for my new site. It's game oriented - but not a game itself.

I HIGHLY recommend that if you use that jailshout, you set parse the user input through some BBCODE engine or an html purifier. It was a free mod for a reason - it had the barebones that works, but no security. Search these forums for topics related to BBCODE, or google html purifier - either should do the trick.

Does it occur EVERY time? It does sound like an overflow problem. Can you look up the stats of your BODYGUARD in your SQL tables and post them here? I'm betting that's where the issue is.

I'd suggest something like so: out.php <?php //cleanse input with some function $url = clean($_GET['url']); print" Note! You clicked a link that is taking you off-site to $url To continue, <a href=$url>click here</a> "; ?>   Then in your user input that may contain links to outside scripts, do something like: $usertext = str_replace("http://", "out.php?url=http://", $usertext); Since, to get a user to click a link that leads out of your domain, it has to have the http (I believe). If they just made a link in a private message something like <a href=mwg.com>click me</a> that would direct them to http://mygame.com/mwg.com Just for starters. Somebody else will make this more elegant.

Move this if ($r['married'] != 0) { die("This person is already married. Sorry. Try someone else."); } Under this $m=$db->query("SELECT * FROM users WHERE userid=".abs(intval($_POST['propose'])).""); $r=$db->fetch_row($m); Your $r variable was not defined.

I'm not really interested, but felt I'd give a bit of advice to anybody who takes this on.   Already there is a 'sell' feature within inventory. All that needs to be done is to essentially move the link from the inventory to a new file, styled after the other shops. If this one takes someone more than 5 minutes they are trying too hard :P   Open up docrimes.php. Find $ir['brave']-=$r['crimeBRAVE']; Below it add $r['crimeSUCCESSMUNY'] = $r['crimeSUCCESSMUNY'] * ((rand(1,10))/100 + 1); That'll give a random amount of money for each crime that fluctuates between 10% of the set amount.   Crimgame posted one that looked ok. I also made one back in the day - if I find it, perhaps I'll post it for free. Regardless - anyone who codes this, you DO NOT need a separate file for each award. PHP is a dynamic language. Use it as such. It really pissed me off when people started making these and they would have 30-40 php files in their 'mod'. Do it right.   Meh, no advice here. Whoever does this though better not copy off the 'free' car mod that was released a long time ago. That mod sucked. I'd take on this mod for $400, as it sounds mildly complicated, and enough to engage my brain for a bit, but you can undoubtedly find someone to do it cheaper.

The most common method I'm aware of for session hijacking via bbcode with the img tag involves escaping the 'src' tag when the bbcode is parsed. And... to do that, they have to find a site that has a bbcode parser that doesn't strip apostrophes and/or allows spaces (depending on how it is parsed). Do a php str replace on all bbcode img tags, and replace spaces, single quotes, and double quotes with an empty string. That'll take care of skiddies. I doubt you'll have to worry about some of the more creative techniques.

If (amt > money) ... Am I missing something in the question? :P

First: You get points for having the longest title I've ever seen on a thread. Second: Honestly, if I were you, I'd give up. The code you posted here is some of the simplest code there is, and yet you demonstrated you don't understand anything about it at all. You need to take a step back and spend a week or two reading about different data types, arrays, what curly braces are and how they are used, etc - specifically in php. I understand everybody starts somewhere, but I've never seen people make the mistakes that you made in that code buddy. You need to do a bit of studying. To respond to posts saying I should not 'diss' the guy but should try to help him: How do you explain color to a blind man? I can't really explain to this guy about matching curly braces or how to use array keys when he obviously doesn't know what a curly brace is used for, nor what an array key is, nor how a string is formed.

Ok, I decided to add a bit of incentive. If you find me a webhosting service that can provide the two things listed above for under $20 for one month, I'll give you my four single player casino mods (video poker, blackjack, roulette, slots) for free. If you allocate me temporary space on your server that has the above services installed for just a week or two, I will give you one license of my texas hold 'em script for free (or some cash if you don't want the script).

1) Has the php class ssh2 installed. A function to test if it's installed: ssh2_connect() 2) Support for SFTP connection. Lunarpages (as far as I can tell) supports only ftp. Note, sftp is NOT ftps, nor is it 'ftp with ssl'. SFTP is it's own deal. Number 1 is far more important. I've found some ftp websites that allow you to rent an ftp with sftp access (which covers number 2), but would prefer combining it into a hosting account that also supports number 1 from above. I do not want a dedicated server. I want to pay by the month - I may only need it for one month. Shared servers are prefered just because they are cheaper, but anything works. There will be no 'real' traffic to it - and thus very little bandwith used, just tons of testing with some scripts for a company I work for. Anybody got some insight into this or places to look? Been googling for a while now, and haven't got lucky.

Looks great. My only complaint is the word 'view'. You constantly spelled it 'veiw', which, if I was coding and had to call that function, would make me crazy.

That's like letting a kid steal a cookie from the cookie jar, then chasing him around the kitchen trying to get it back. You're doing it wrong. If you just secure user input, you don't have to worry about people stealing sessions. Make sure (especially) that profile signatures, forum signatures, mail messages, and any type of 'comment' posts have their content secured properly. It's better to lock up the cookie jar than go chasing around trying to catch the kid.

Well... First, all the javascript and junk for cookies is unnecessary. If I remember correctly, the default McCodes login page was (and is) crap. The login form worked, and that was it - none of the cookies stuff worked, you'll have to recode your own for that if you want it (but it's not necessary, the session is stored just fine). So in reality, all you need is the form and the elements within it from the McCodes code. I'd say grab that template again, start from the beginning on it, and just insert your login form into it (instead of all the code from the mccodes login.php).

I took a class for (and mastered) the LC3 programming language... it's a psuedo-assembly language, in a sense. Been recently teaching myself real assembly programming and it's use in 'cracking'. (I'm not cracking people's programs or any of that junk myself - just learning how other people do it to protect my own programs. Successfully done it on some test programs) I could post some basic tutorials on it, but probably won't - too many script kiddies around here, not enough people who want to learn just for the sake of learning. I'll give it some thought though.

Doh. Crimgame, after seeing your response I actually went up and checked the code he posted. I assumed it had just been his inventory script, but now see it did have his itembuy code... Glad you're not as lazy as me. Ya SHAD, crimgame nailed your problem. The function he pointed out combines like items when it adds them, getting rid of your problem.

The problem, then, is not with your inventory but with your itembuy script. Post that up here and I'll help you out.

Just a joke :P

:P <3   Sounds... kinky.

Finally, another programmer in the forums who knows some real coding languages ;) I'm familiar with all those except C#. I've also done quite a bit with good 'ole C, Java, and some macro languages like AutoIt. Welcome to the forums mate.

Yes, from what I understand so does (int). echo (int) '+53'; would output 53 echo (int) '-53'; would output -53 echo abs((int)'-53'); would output 53 Correct?

I get that part, my question is more of why intval instead of (int). Casting it should perform the same function... right? *heads over to php.net*

Why? (Not challenging you, genuinely curious)

I'd do it, and have it dynamically get the winners and upcoming games from other sites with that info. Oh, but I'd charge $75 a license. I don't do McCodes work unless it financially makes sense for me to do so ;) Let me know