Bladewolf2010: Is he trusted

[criminal wars]

well guys i have found some one that has offered me $50 for full game secured but i want to know to prevent getting scammed how do i know the scripts are secured like is there way i can test the scripts to make sure he secured everything...

btw the person who is going to secure it for me is : BLADEWOLf2010

just wannted to know any one familliar with him and is he trust wortyh

also did any one ever have any trouble with him....

[Paul Evans]

didn't someone say if your paying less than 150 your defo being scammed... somewhere

[criminal wars]

secure

thanks paul an the other who contacted me regarding this lokks like bladewolf2010 doesnt have the skill or is going to be doing some files like 3 of them for $50 and not the full well am not giving it to him and also just wanted to know how can i check if they are secured

[bladewolf2010]

Haha, love how much people say so much yet no one here has ever seen my work. :P oh well

[W3Theory || Peter]

Haha, love how much people say so much yet no one here has ever seen my work. :P oh well

That could be one of the main reasons they say something, as they don't see your post anything so just have that to go off of.

[Blade Maker]

No really bladewolf has good skill, he is trust worthy, and has been here for awhile so you should hire him.

[Dominion]

didn't someone say if your paying less than 150 your defo being scammed... somewhere

You can get it done for less then $150... mcc is php you just need to look around. Mwg is not the only site.

Look at his posts to see if he has helped people or even ask for him to post something to prove he can do what he is offering. Unfortunately it would probably take being able to do it yourself to know when the code is secure. As I said ask him for an example, and for permission to post it for review.

[bladewolf2010]

No really bladewolf has good skill, he is trust worthy, and has been here for awhile so you should hire him.

Thank you blade..

[Paul Evans]

Valid point Dom, but it's trusting the person which counts.

Bladewolf, post more something of yours... a snippet or something

[Joshua]

if(gamesecurity == 50)

{

die('amg to pricey');

return;

}

there is my leet skills.

[Paul Evans]

lol i know that's a joke but why return when you've died :)

overkill?

[Danny696]

hehe, pwnd :)

Both the blades on here ask for help, so i dont think they have the skills now to secure a game. And for $50, i highly doubt that any good person would do it. Treble it, then your alright :)

[Djkanna]

We cannot tell you if you can or cannot trust him, that you have to figure out for yourself.

As for making sure, you could always get someone on here to take a look.

[Paul Evans]

DJK does have a point i would suggest using whoever you feel would do the work to your standards.

[bladewolf2010]

@Danny everyone asks for help at some point. Just because I do it for $50 don't mean nothing.. Maybe I'm just being nice or got nothing better to do. Price don't have to deal with anything.

[Danny696]

Yes, everyone asks for help, but it was about last month you were asking for help about vars.

[bladewolf2010]

Link me.

[rulerofzu]

Well I would suggest looking at this from a MWG past history point of view.

bladewolf2010 has only ever posted two mods. One didnt work...

[mccode v2.x] city owning

the 2nd didnt clean the output which whilst not being a bad thing but relies on your input is secured......

[mccode v2.x] Stafflist

Other than that you have a good 7 pages from 300 posts most of them asking for help.

Now choose if you think you should hire the person for the job or not.

[Paul Evans]

think Zu kind of said it all for this topic.

[Kieran-R]

A while ago when I was looking for security, he offered me some for like $35 I think... I asked for an example, and this is what I got:

 

<?php
$housequery=1;
$atkpage=1;
include "globals.php"; 
$userid=$_SESSION['userid']; 
if (eregi("[^0-9]", $_GET[iD])) {
print"Click... Click.. BOOM";
mysql_query("INSERT INTO fedjail VALUES('',".$ir['userid'].",999999,1,'Attempted URL Injection in a file.')");
mysql_query("UPDATE users SET fedjail=1 WHERE userid=$userid");
exit;
}
/*+++++++++++++++++++++++++++++++++++++*/
/*            SQL Protection Start                                      */
/*+++++++++++++++++++++++++++++++++++++*/
//check if incomingData is not empty and of the expected length
function checkIncomingData($idata, $minsize, $maxsize) 
{
if ( 
  strlen($idata)<$minsize
  or  
  strlen($idata)>$maxsize 
  ) 
{
return false;
}
  else
{
  return true;
  }
}
//make sure that nothing bad can be entered by the user (-->sql injection attack)
function cleanIncomingData($idata) 
{
$cleaned = trim($idata); 
$cleaned = mysql_real_escape_string($cleaned);
return $cleaned;
}
/*+++++++++++++++++++++++++++++++++++++*/
/*            SQL Protection  Ended                                  */
/*+++++++++++++++++++++++++++++++++++++*/
if($ir['fedjail'])

{

print "Error - while in fedjail you cannot access this page ";

$h->endpage();

exit;

}
print "<h3>Bank</h3>";
if($ir['bankmoney']>-1)
{
switch($_GET['action'])
{
case "deposit":
deposit();
break;

case "withdraw":
withdraw();
break;

default:
index();
break;
}

}
else
{
if(isset($_GET['buy']))
{
if($ir['money']>49999)
{
print "Congratulations, you bought a bank account for \$50,000!

[url='bank.php']Start using my account[/url]";
$db->query("UPDATE users SET money=money-50000,bankmoney=0 WHERE userid=$userid");
}
else
{
print "You do not have enough money to open an account.
[url='explore.php']Back to town...[/url]";
}
}
else
{
print "Open a bank account today, just \$50,000!

[url='bank.php?buy']> Yes, sign me up![/url]";
}
}
function index()
{
global $db, $ir,$c,$userid,$h;
print "\n[b]You currently have \${$ir['bankmoney']} in the bank.[/b]

At the end of each day, your bank balance will go up by 2% for donators for balances up to 200 Trillion.

And you have to be active within the last 4 days.

<table width='75%' cellspacing=1 class='table'> <tr> <td width='50%'>[b]Deposit Money[/b]

It will cost you 1% of the money you deposit if the deposit is $1,000,000 or more. <form action='bank.php?action=deposit' method='post'>
Amount: <input type='text' name='deposit' value='{$ir['money']}' />

<input type='submit' value='Deposit' /></form></td> <td>
[b]Withdraw Money[/b]

There is no fee on withdrawals.<form action='bank.php?action=withdraw' method='post'>
Amount: <input type='text' name='withdraw' value='{$ir['bankmoney']}' />

<input type='submit' value='Withdraw' /></form></td> </tr> </table>";
}
function deposit()
{
global $db,$ir,$c,$userid,$h;
$_POST['deposit']=$_POST['deposit'];
if($_POST['deposit'] < 0)
{
print"Click... Click.. BOOM";
mysql_query("INSERT INTO fedjail VALUES('',".$ir['userid'].",5000,1,'Exploiting a game bug.')");
mysql_query("UPDATE users SET fedjail=1 WHERE userid=$userid");
    exit;
}
if($_POST['deposit'] > $ir['money'])
{
print "You do not have enough money to deposit this amount.";
}
else
{
$fee=ceil($_POST['deposit']*1/100);
if($fee < 10001) { $fee=0; }
$gain=$_POST['deposit'] - $fee;
$ir['bankmoney']+=$gain;
$db->query("UPDATE users SET bankmoney=bankmoney+$gain, money=money-{$_POST['deposit']} where userid=$userid");
print "You hand over \${$_POST['deposit']} to be deposited, 

after the fee is taken $ $fee, \$$gain is added to your account. 

[b]You now have \${$ir['bankmoney']} in the bank.[/b]

[url='bank.php']> Back[/url]";
}
}
function withdraw()
{
global $db,$ir,$c,$userid,$h;
$_POST['withdraw']=$_POST['withdraw'];
if($_POST['withdraw'] < 0)
{
print"Click... Click.. BOOM";
mysql_query("INSERT INTO fedjail VALUES('',".$ir['userid'].",5000,1,'Exploiting a game bug.')");
mysql_query("UPDATE users SET fedjail=1 WHERE userid=$userid");
    exit;
}
if($_POST['withdraw'] > $ir['bankmoney'])
{
print "You do not have enough banked money to withdraw this amount.";
}
else
{

$gain=$_POST['withdraw'];
$left=($ir['bankmoney']-$gain);
$db->query("UPDATE users SET bankmoney=bankmoney-$gain, money=money+$gain where userid=$userid");
print "You ask to withdraw $gain, 

the banking lady grudgingly hands it over. 

[b]You now have \$$left in the bank.[/b]

[url='bank.php']> Back[/url]";
}
}
$h->endpage();
?>

 

Quite clearly putting a useless function at the top of a file WILL NOT secure your game...

[rulerofzu]

LMAO sorry cant type much more....laughing too much.

[Djkanna]

(*Doesn't comment on the bad parts*)

if (eregi("[^0-9]", $_GET[iD])) {

print"Click... Click.. BOOM";

mysql_query("INSERT INTO fedjail VALUES('',".$ir['userid'].",999999,1,'Attempted URL Injection in a file.')");

mysql_query("UPDATE users SET fedjail=1 WHERE userid=$userid");

exit;

}

:cries here: And the point of this being?

To clarify I know what it does but what's the point?? Not to mention your reasoning for the actual fed jail.

I'm going to go lay down for a little while now.

[Paul Evans]

WOW i should bow down to the elite coding... i apologise it must be worth millions... oh wait wasn't that posted on CE like 4 years ago god i mean ereg is deprecated... EPIC FAILURE!

Don't use a quick cure, i once spent 3 days on just the forums.php just to perfect the script and make sure it was fully secure.

[Jordan Palmer]

If someone is charging less then $150 it'll probably mean they're not so sure of themselves hencing the price being so cheap. I don't see a big problem with that as long as the user is warned.

As for the example posted, I can only laugh.

Rulerofzu actually finished the topic for us I reckon =)

[Joshua]

Wow, I havent seen that scrips in quite a while.

 

Yes, I like overkill Paul! :O