Send cash and send crystals problem

gazsr123 · November 21, 2010

Hi

It seems that whenever anyone sends any game money or crystals to another member, it classes them as a MULTI in the cash and crystal logs.

I have the basic V2 sendcrys.php and the sendcash.php and I am not sure how to fix this problem.

Some help would be great. Thanks. :)

Jordan Palmer · November 21, 2010

What have you defined the $IP variable as?

Rasheed saeed · November 21, 2010

I'm not sure if this is an option, but is there anything you have put in your header?

gazsr123 · November 21, 2010

What do you mean mate?

Jordan Palmer · November 21, 2010

In header.php, What is $IP defined as..

gazsr123 · November 21, 2010

I remember inserting this into my header to stop admin hacks:

$ip = mysql_real_escape_string($ip);

if ( isset($_SESSION['HTTP_USER_AGENT']) ) {

if ( $_SESSION['HTTP_USER_AGENT'] != sha1( $_SERVER['HTTP_USER_AGENT'] )) {

session_unset();

session_destroy();

header("Location: login.php");

}

} else {

$_SESSION['HTTP_USER_AGENT'] = sha1( $_SERVER['HTTP_USER_AGENT'] );

}

Jordan Palmer · November 21, 2010

$ip = mysql_real_escape_string($ip);

thats why...

Replace the whole IP variable with

$IP = $_SERVER['remote_addr'];

gazsr123 · November 21, 2010

But if I replace that with the code you said, will not prevent the admin hack?

Also I did it but still saying MULTI in the logs and I retested by sending accs money.

However it's because I followed a security tutorial on MWG.

Although in my authenticate.php I have this:

$_SESSION['userid']=$mem['userid'];

$IP = ($_SERVER['HTTP_X_FORWARDED_FOR'])

? $_SERVER['HTTP_X_FORWARDED_FOR']

: $_SERVER['REMOTE_ADDR'];

Equinox · November 21, 2010

Yes it will.

$ip = $_SERVER['remote_addr']; < Nothing wrong with this.

gazsr123 · November 21, 2010

In my register I also have:

$IP = ($_SERVER['HTTP_X_FORWARDED_FOR'])

? $_SERVER['HTTP_X_FORWARDED_FOR']

: $_SERVER['REMOTE_ADDR'];

twice..

so may the problem because of this i have in my register authenticate.php ?

Danny696 · November 21, 2010

change it to

$IP = $_SERVER['REMOTE_ADDR'];

gazsr123 · November 22, 2010

Hi I done that, however still on the cash and crystals logs it shows all transfers as MULTI'S when I even sent other staff money to test.

Dominion · November 22, 2010

Have you made any edits to the staff file or the send files?

gazsr123 · November 22, 2010

Nope. The only edits I done was created a staff password file and edited the dp's.

Jordan Palmer · November 22, 2010

Show us your scripts.

gazsr123 · November 22, 2010

my staff protected file is only used on staff.php so it doesn't interfere with the logs + it doesnt have no $ip inside the file as it's only some html.

Dominion · November 22, 2010

my staff protected file is only used on staff.php so it doesn't interfere with the logs + it doesnt have no $ip inside the file as it's only some html.

It may not be the send files could be the logs asking if $senderid is the same as $senderid or something silly like that we all do it now and then ;)

gazsr123 · November 22, 2010

Okay lol.

Shall i post the send cash logs bud?

Dominion · November 23, 2010

Okay lol.
Shall i post the send cash logs bud?

Post what the file you think has the issue ;)

Jordan Palmer · November 24, 2010

As this hasn't been resolved as of yet, Later today I'll fix this via MSN.

Make sure you have Teamviewer installed so you can watch

gazsr123 · November 25, 2010

Hi guys thanks for the support I finally fixed the error, it was just a few mins job and a litle mistake I found.

Sign In

Send cash and send crystals problem

Recommended Posts

gazsr123

Jordan Palmer

Rasheed saeed

gazsr123

Jordan Palmer

gazsr123

Jordan Palmer

gazsr123

Equinox

gazsr123

Danny696

gazsr123

Dominion

gazsr123

Jordan Palmer

gazsr123

Dominion

gazsr123

Dominion

Jordan Palmer

gazsr123

Join the conversation

Browse

Activity

Hosting