Curt Posted December 10, 2009 Share Posted December 10, 2009 A very basic mod to start off with, you can go inside your house and do various activitys... home.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. ----------------------------- EDIT TO ESTATE.PHP ----------------------------- add this under globals.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. then find where your player has successfully bought a house and add this above it : You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. SQL's You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. CRON QUERIES : 1 HOUR CRON : You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Day Cron : You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Enjoy and feel free to change it any way you want :) Quote Link to comment Share on other sites More sharing options...
albenski Posted December 10, 2009 Share Posted December 10, 2009 Fatal error: Call to a member function endpage() on a non-object in /mnt/w0810/d07/s00/b031023b/www/jgames.com/estate.php on line 61 Do you know where i went wrong to get this when i click on Estate Agent Quote Link to comment Share on other sites More sharing options...
Curt Posted December 10, 2009 Author Share Posted December 10, 2009 hmm thinking u put the code in wrong :P...u can pm me your estate and i will fix it ;) Quote Link to comment Share on other sites More sharing options...
albenski Posted December 11, 2009 Share Posted December 11, 2009 i pmed you my estate.php thank you so much for the help Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 11, 2009 Share Posted December 11, 2009 nice little mod curt, unfortunately i found a few things in the wrong withing it, so i hope ya dont mind me posting this. here are the fixes. works great now. line 337 find [mysql]$db->query("UPDATE users SET money = money - %u WHERE userid = %u",25000000,$userid));[/mysql] replace with [mysql]$db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",25000000,$userid));[/mysql] line 352 and 353 [mysql]$db->query{sprintf("UPDATE home_users SET home_bed = %u WHERE home_userid = %u",1,$userid); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",100000000,$userid);[/mysql] replace with [mysql]$db->query(sprintf("UPDATE home_users SET home_bed = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",100000000,$userid));[/mysql] lines 368 and 369 [mysql]$db->query(sprintf("UPDATE home_users SET home_refridgerator = %u WHERE home_userid = %u",1,$userid); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",15000000,$userid);[/mysql] replace with [mysql]$db->query(sprintf("UPDATE home_users SET home_refridgerator = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",15000000,$userid));[/mysql] 384 and 385 [mysql]$db->query(sprintf("UPDATE home_users SET home_stove = %u WHERE home_userid = %u",1,$userid); $db->query((sprintf"UPDATE users SET money = money - %u WHERE userid = %u",20000000,$userid);[/mysql] overwrite with [mysql]$db->query(sprintf("UPDATE home_users SET home_stove = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",20000000,$userid));[/mysql] i kept getting the same end page error as well in home.php so frusterated i removed the $h->endpage(); line from it. lol now in estate.php you dont really need to add this [mysql]if ($home['home_userid'] == $userid) { $db->query("UPDATE home_users SET home_houseID = {$_GET['property']} WHERE home_userid = {$userid}"); } else { $db->query("INSERT INTO home_users VALUES '$userid', $_GET'property']},'','','','','','','')"); }[/mysql] just add [mysql]$db->query("INSERT INTO home_users VALUES('$userid',{$_GET['property']},'','','','','','','')");[/mysql] right under [mysql]$db->query("UPDATE users SET money=money-{$np['hPRICE']},will=0,maxwill={$np['hWILL']} WHERE userid=$userid");[/mysql] get all those corrected and your good to go bro. Now how about all those users who are already in the game and have houses? lol Quote Link to comment Share on other sites More sharing options...
Curt Posted December 12, 2009 Author Share Posted December 12, 2009 now in estate.php you dont really need to add this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Actually you do need to add that, the way you have it now when ever someone upgrades their house it does a new insert instead of updating their old data. lol..i secured those querys quickly before i posted this so i guess i made a few typos :( thx for pointing that out to me :) Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 12, 2009 Share Posted December 12, 2009 i found a few other things in this too. i will post the whole thing when i get it worked over. while my little thing does not work the way it is now added one entry for each house they buy as well, looking to fix it. Quote Link to comment Share on other sites More sharing options...
albenski Posted December 12, 2009 Share Posted December 12, 2009 i have done this over about 30 times still not working and what program can i use to find out what bugs are on my game another member on this site told me my game is full of bugs and i want to know what can i use to tell me how to find bugs on the game Thank everyone on Make Web Games that has been giving me help Joker Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 12, 2009 Share Posted December 12, 2009 i have a little bit different version of this im testing now. i will post it in a few hours after the testing confirms there are no exploits of bugs in my version. Quote Link to comment Share on other sites More sharing options...
Curt Posted December 12, 2009 Author Share Posted December 12, 2009 please point out the bugs also... Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 12, 2009 Share Posted December 12, 2009 main thing was it let the users do the things over and over the checks were not working to make sure they had not done it already within the time allowed. and a couple places it just looked like you typed like i do sometimes, to fast. lol nothing serious. but i did change the way it added the house_id to the player so they gain access to the page, i have it inserted at registration. but limited it to donors only. it was a bugger getting the current players updated using my method though. lol i have a few ppl testing it now, after i get what they find (hopefully nothing) i will post it for all. Quote Link to comment Share on other sites More sharing options...
albenski Posted December 13, 2009 Share Posted December 13, 2009 Sweet cant wait over the last few days i learned a few things on adding mods than you all for all the help :thumbup: Quote Link to comment Share on other sites More sharing options...
Curt Posted December 14, 2009 Author Share Posted December 14, 2009 the first post with the code for the home.php has been updated and should work fine now... Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 14, 2009 Share Posted December 14, 2009 it looks like you got the little things it had in it. does anyone still want a slightly different version of this :?: i have it tested and working, just a little bit different to install this one tho, a little sql knowledge is needed. Quote Link to comment Share on other sites More sharing options...
Mcfarlin Posted December 15, 2009 Share Posted December 15, 2009 Not a whole lot different in this home file, the links are different so change those to your liking along with the cost and how the images are called. [mysql]<?php include "globals.php"; // CALL Your House DATA $h=$db->query("SELECT * FROM home_users WHERE home_userid={$userid}"); $home=$db->fetch_row($h); $hh=$db->query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}"); $hhh=$db->fetch_row($hh); if ($ir['donatordays']==0) { echo " Ummmm... what are you trying to do, this is for donors only."; return; } echo "<h1> INSIDE YOUR {$hhh['hNAME']} </h1><hr>"; echo " You have entered your quarters, so what you gonna do ?"; echo " "; echo "[ Buy Upgrades ]"; echo " "; echo "[ Enter Living Room ]--[ Enter Bed Room ]--[ Enter Kitchen ]"; switch($_GET['action']) { case "livingroom": living_room(); break; case "bedroom": bed_room(); break; case "kitchen": kitchen(); break; case "upgrades": home_upgrade(); break; default: index(); break; } function index() { global $db, $ir,$c,$userid,$h,$home; echo " "; echo " Each room has different things for you to do !"; } function living_room() { global $db, $ir,$c,$userid,$h,$home; echo " <h3> LIVING ROOM </h3><hr width=25%> "; $_POST['TV'] = mysql_real_escape_string($_POST['TV']); if($_POST['TV']) { if ($home['home_tv'] == 0) { echo " You do not own a TV "; return; } else { if ($ir['view_tv'] != 0) { echo " You can only watch TV once a hour. Dont be a potato dammit get back in the game bro."; return; } $db->query("UPDATE home_users SET home_microwave = 1 WHERE home_userid = $userid"); $db->query("UPDATE users SET view_tv = 1, brave=maxbrave WHERE userid = $userid"); echo " You watched your TV for a while and gain 100 % courage! "; return; } } $_POST['SIT'] = mysql_real_escape_string($_POST['SIT']); if($_POST['SIT']) { if ($home['home_couch'] == 0) { echo " You do not own a Couch ! "; return; } else { if ($ir['sleep_sofa'] != 0) { echo " You can only nap on your sofa once a hour."; return; } $will = $ir['maxwill'] * .5; $willgain= $ir['will'] + $will; if ($willgain > $ir['maxwill']) { $willgain = $ir['maxwill'];} $db->query("UPDATE users SET sleep_sofa=sleep_sofa+1, will=$willgain WHERE userid=$userid"); echo " You napped on your sofa and gained some Will! "; return; } } if ($home['home_tv'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> Once a HOUR you can view the television. You will gain 100% Courage for this action. </td> <td>"; echo " <form action='living.php?action=livingroom' method='POST'> <input type='hidden' name='TV' /> <input type='submit' value='Watch TV' name='TV' /></form> "; echo "</td></tr></table>"; } else { echo " YOU DONT OWN A TELEVISION. "; } echo " "; if ($home['home_couch'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> Once a HOUR you can take a nap on your Sofa. You will gain 50% Will for this action. </td><td>"; echo " <form action='living.php?action=livingroom' method='POST'> <input type='hidden' name='SIT' /> <input type='submit' value='Sit Down' name='SIT' /></form> "; echo "</td></tr></table>"; } else { echo " YOU DONT OWN A SOFA. "; } } function bed_room() { global $db, $ir,$c,$userid,$h,$home; echo " <h3> BED ROOM </h3><hr width=25%> "; if($_POST['SLEEP']) { if ($home['home_bed'] == 0) { echo " You do not own a Bed "; return; } else { if ($ir['sleep_bed'] >= 2) { echo " You can only Sleep in your bed 2 times a day."; return; } $db->query("UPDATE users SET sleep_bed=sleep_bed+1, energy=maxenergy, will=maxwill WHERE userid=$userid"); echo " You went to sleep for a while and gained Full Energy and Will !"; return; } } echo " "; if ($home['home_bed'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> Twice a DAY you can go to sleep on your Bed. You will gain Full Energy and Will for this action. </td><td>"; echo " <form action='living.php?action=bedroom' method='POST'> <input type='hidden' name='SLEEP' /> <input type='submit' value='Sleep' name='SLEEP' /></form> "; echo "</td></tr></table>"; } else { echo " YOU DONT OWN A BED. "; } } function kitchen() { global $db, $ir,$c,$userid,$h,$home; echo " <h3> KITCHEN </h3><hr width=25%> "; $_POST['STOVE'] = mysql_real_escape_string($_POST['STOVE']); if($_POST['STOVE']) { if ($home['home_refridgerator'] ==0) { echo " A refridgerator is required to cook meals. "; return; } else { if ($home['home_stove'] == 0) { echo " You do not own a stove "; return; } else { if ($ir['meal_eat'] >= 3) { echo " You can only eat 3 meals a day."; return; } $db->query("UPDATE users SET meal_eat=meal_eat+1, energy=maxenergy, hp=maxhp WHERE userid=$userid"); echo " You cooked a Superb Meal and gained Full Energy and Health. !"; return; } } } $_POST['MICROWAVE'] = mysql_real_escape_string($_POST['MICROWAVE']); if($_POST['MICROWAVE']) { if ($home['home_refridgerator'] ==0) { echo " A refridgerator is required to cook meals. "; return; } else { if ($home['home_microwave'] == 0) { echo " You do not own a microwave "; return; } else { if ($ir['meals_eat'] >= 3) { echo " You can only eat 3 times a day."; return; } $energy = $ir['maxenergy'] * .50; $health = $ir['maxhp'] * .50; $energygain = $ir['energy'] + $energy; if ($energygain > $ir['maxenergy']) { $energygain = $ir['maxenergy']; } $healthgain = $ir['hp'] + $health; if ($healthgain > $ir['maxhp']) { $healthgain = $ir['maxhp']; } $db->query(sprintf("UPDATE users SET meal_eat = meal_eat + %u, energy=%u, hp=%u WHERE userid = %u",1,$energygain,$healthgain,$userid)); echo " You Cooked a decent meal and gained some Energy and Health !"; return; } } } echo " "; if ($home['home_refridgerator'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> You can Eat 3 Times a day.</td> <td> NO ACTIONS </td></tr></table>"; } else { echo " YOU DONT OWN A REFRIDGERATOR. "; } echo " "; if ($home['home_stove'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> You will gain FULL Energy and Health for this action. </td><td>"; echo " <form action='living.php?action=kitchen' method='POST'> <input type='hidden' name='STOVE' /> <input type='submit' value='Cook' name='STOVE' /></form> "; echo "</td></tr></table>"; } else { echo " YOU DONT OWN A STOVE. "; } echo " "; if ($home['home_microwave'] > 0) { echo "<table width=80%> <tr> <td width='25%'></td> <td> You will gain 50% Energy and Health for this action. </td><td>"; echo " <form action='living.php?action=kitchen' method='POST'> <input type='hidden' name='MICROWAVE' /> <input type='submit' value='Cook' name='MICROWAVE' /></form> "; echo "</td></tr></table>"; } else { echo " YOU DONT OWN A MICROWAVE. "; } } function home_upgrade() { global $db, $ir,$c,$userid,$h,$home; echo " <h3> Home Upgrades </h3><hr width=25%> "; $_POST['buyTV'] = mysql_real_escape_string($_POST['buyTV']); if($_POST['buyTV']) { if ($home['home_tv'] != 0) { echo " YOU ALREADY OWN A TV. "; return;} if ($ir['money'] < 1000) { echo " You cannot afford a TV ! "; return; } $db->query(sprintf("UPDATE home_users SET home_tv = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",1000,$userid)); echo " You have successfully purchased a TV !"; return; } $_POST['buySOFA'] = mysql_real_escape_string($_POST['buySOFA']); if($_POST['buySOFA']) { if ($home['home_couch'] != 0) { echo " YOU ALREADY OWN A SOFA. "; return;} if ($ir['money'] < 2500) { echo " You cannot afford a Sofa ! "; return; } $db->query(sprintf("UPDATE home_users SET home_couch = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",2500,$userid)); echo " You have successfully purchased a Sofa !"; return; } $_POST['buyBED'] = mysql_real_escape_string($_POST['buyBED']); if($_POST['buyBED']) { if ($home['home_bed'] != 0) { echo " YOU ALREADY OWN A BED. "; return;} if ($ir['money'] < 5000) { echo " You cannot afford a Bed! "; return; } $db->query(sprintf("UPDATE home_users SET home_bed = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",5000,$userid)); echo " You have successfully purchased a bed !"; return; } $_POST['buyFRIDGE'] = mysql_real_escape_string($_POST['buyFRIDGE']); if($_POST['buyFRIDGE']) { if ($home['home_refridgerator'] != 0) { echo " YOU ALREADY OWN A REFRIDGERATOR. "; return;} if ($ir['money'] < 5500) { echo " You cannot afford a Refridgerator! "; return; } $db->query(sprintf("UPDATE home_users SET home_refridgerator = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",5500,$userid)); echo " You have successfully purchased a Refridgerator !"; return; } $_POST['buySTOVE'] = mysql_real_escape_string($_POST['buySTOVE']); if($_POST['buySTOVE']) { if ($home['home_stove'] != 0) { echo " YOU ALREADY OWN A STOVE. "; return;} if ($ir['money'] < 8500) { echo " You cannot afford a Stove! "; return; } $db->query(sprintf("UPDATE home_users SET home_stove = %u WHERE home_userid = %u",1,$userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",8500,$userid)); echo " You have successfully purchased a Stove !"; return; } $_POST['buyMICROWAVE'] = mysql_real_escape_string($_POST['buyMICROWAVE']); if($_POST['buyMICROWAVE']) { if ($home['home_microwave'] != 0) { echo " YOU ALREADY OWN A MICROWAVE. "; return;} if ($ir['money'] < 3000) { echo " You cannot afford a Microwave! "; return; } $db->query(sprintf("UPDATE home_users SET home_microwave = %u WHERE home_userid = %u",1, $userid)); $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",3000, $userid)); echo " You have successfully purchased a Microwave !"; return; } echo "<table width=80%> <th colspan=4> LIVING ROOM UPGRADES </th> </tr> <th> </th> <th> DESCRIPTION </th> <th> PRICE </th> <th> PURCHASE </th> <tr><td width=25%></td> <td> A nice addition to anyones living room !</td> <td> \$1,000 </td><td>"; if ($home['home_tv'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buyTV' /> <input type='submit' value='Buy' name='buyTV' /></form> "; } else { echo " BOUGHT "; } echo " </td></tr><tr> <td></td> <td> A very Comfortable Sofa to lounge on. </td> <td> \$2,500 </td><td>"; if ($home['home_couch'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buySOFA' /> <input type='submit' value='Buy' name='buySOFA' /></form> "; } else { echo " BOUGHT "; } echo "</td></tr> </table>"; echo " <hr width=80%> "; echo "<table width=80%> <th colspan=4> BEDROOM UPGRADES </th> </tr> <th> </th> <th> DESCRIPTION </th> <th> PRICE </th> <th> PURCHASE </th> <tr><td width=25%></td> <td> Anyone who owns a house will need a Bed !</td> <td> \$5,000 </td><td>"; if ($home['home_bed'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buyBED' /> <input type='submit' value='Buy' name='buyBED' /></form> "; } else { echo " BOUGHT "; } echo " </td></tr> </table>"; echo " <hr width=80%> "; echo "<table width=80%> <th colspan=4> KITCHEN UPGRADES </th> </tr> <th> </th> <th> DESCRIPTION </th> <th> PRICE </th> <th> PURCHASE </th> <tr><td width=25%></td> <td> Who dont need a Fridgerator ?</td> <td> \$5,500 </td><td>"; if ($home['home_refridgerator'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buyFRIDGE' /> <input type='submit' value='Buy' name='buyFRIDGE' /></form> "; } else { echo " BOUGHT "; } echo " </td></tr><tr> <td></td> <td> Best way to cook your meals. </td> <td> \$8,500 </td><td>"; if ($home['home_stove'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buySTOVE' /> <input type='submit' value='Buy' name='buySTOVE' /></form> "; } else { echo " BOUGHT "; } echo " </td></tr><tr> <td></td> <td> Cook your meals with this, not as effective as the stove but gets the job done. </td> <td> \$3,000 </td><td>"; if ($home['home_microwave'] == 0) { echo " <form action='living.php?action=upgrades' method='POST'> <input type='hidden' name='buyMICROWAVE' /> <input type='submit' value='Buy' name='buyMICROWAVE' /></form> "; } else { echo " BOUGHT "; } echo " </td></tr> </table>"; } ?>[/mysql] And use the sqls from above and you can add this to your register right after it inserts the new users stats. . [mysql]$db->query("INSERT INTO `home_users` (`home_userid`, `home_houseid`, `home_couch`, `home_tv`, `home_bed`, `home_stove`, `home_microwave`, `home_refridgerator`, `home_computer`) VALUES ($i, 1, 0, 0, 0, 0, 0, 0, 0)");[/mysql] Quote Link to comment Share on other sites More sharing options...
Lotan Kane Posted February 14, 2010 Share Posted February 14, 2010 Sorry to bring up a semi-old topic,but i am getting this error after trying to make a meal, QUERY ERROR: Unknown column 'meal_eat' in 'field list' Query was UPDATE users SET meal_eat = meal_eat + 1, energy=20, hp=300 WHERE userid = 1 Thanx for any help with this issue. Quote Link to comment Share on other sites More sharing options...
wrx Posted February 14, 2010 Share Posted February 14, 2010 Sorry to bring up a semi-old topic,but i am getting this error after trying to make a meal, QUERY ERROR: Unknown column 'meal_eat' in 'field list' Query was UPDATE users SET meal_eat = meal_eat + 1, energy=20, hp=300 WHERE userid = 1 Thanx for any help with this issue. did you add the sql .. it is looking for a column in your user table that does not exist ... "UPDATE users SET meal_eat" You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. ======== Quote Link to comment Share on other sites More sharing options...
Lotan Kane Posted February 14, 2010 Share Posted February 14, 2010 Thanx wrx.I'm a retard and must have have overlooked that in the first post.I was up for close to 24 hours when i made that post last night.Anyhow,thanx again for pointin me in the right direction,your a gentleman and a scholar. Quote Link to comment Share on other sites More sharing options...
RedQueen Posted February 24, 2010 Share Posted February 24, 2010 is there any way i could see screen shots of this ? Quote Link to comment Share on other sites More sharing options...
rowbvp Posted March 18, 2010 Share Posted March 18, 2010 sorry for the old reply but im getting error QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE home_userid = 1' at line 1 Query was UPDATE home_users SET home_microwave = WHERE home_userid = 1 when trying to watch TV Quote Link to comment Share on other sites More sharing options...
Curt Posted March 19, 2010 Author Share Posted March 19, 2010 sorry for the old reply but im getting error QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE home_userid = 1' at line 1 Query was UPDATE home_users SET home_microwave = WHERE home_userid = 1 when trying to watch TV lol..this is my fault for the very crappy coding job i did on this...lol remove line 81 and you should be fine...ill also update the first post.. Quote Link to comment Share on other sites More sharing options...
Guest Drizzle Posted March 19, 2010 Share Posted March 19, 2010 now in estate.php you dont really need to add this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Actually you do need to add that, the way you have it now when ever someone upgrades their house it does a new insert instead of updating their old data. lol..i secured those querys quickly before i posted this so i guess i made a few typos :( thx for pointing that out to me :) actually, for one thing you didnt exactly secure the queries, because sprintf formats them, but other than that, on your INSERT INTO, you could just do INSERT (var1,var2,var3) INTO VALUES('var1','var2','var3')") with all the sprintf stuff, and then anything you want it to skip gets skipped, while what you want inserted gets inserted. also, i recommend using ` ` on table names and stuff because those also help security. also, if you have prefixes on your tables, i highly recommend you use a prefix method that adds them to each table name, as it would be much harder for a game exploiter to figure out your table prefix. As long as you understand how to block query errors from being given to users, use ` ` and prefix methods, your queries will be about 110% harder to exploit. Not impossible, but close to it. also, i didnt look at your code much, but have you used a whitelist method to ensure that anything in $_GET isnt another attempt to try and use url injections. im not gonna go through all the methods, but basically, good mod, but i suggest you use the methods above for future coding :) Quote Link to comment Share on other sites More sharing options...
rowbvp Posted March 19, 2010 Share Posted March 19, 2010 Thanks that worked,great job A+ mod one more thing how do i lower gains like energy=maxenergy or will=maxwill do i just replace max with number.Sorry to be a bit of a bug,on a old post but im still learning thanks :) Quote Link to comment Share on other sites More sharing options...
Danny696 Posted March 19, 2010 Share Posted March 19, 2010 WOW, i thought i overused sprintf. $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",15000000,$userid)); cumon' even i dont sprintf for 15000000, its a number, why does it need to be outside the query itself. Quote Link to comment Share on other sites More sharing options...
Djkanna Posted March 20, 2010 Share Posted March 20, 2010 WOW, i thought i overused sprintf. $db->query(sprintf("UPDATE users SET money = money - %u WHERE userid = %u",15000000,$userid)); cumon' even i dont sprintf for 15000000, its a number, why does it need to be outside the query itself. Well at least he hasn't used a format function for an html element such as You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. :P Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.