Jump to content
MakeWebGames

MCC v2.0.3

ColdBlooded

By ColdBlooded
in General Discussion

 Share

Recommended Posts

ColdBlooded Newbie

ColdBlooded

Posted
Posted

Finally, a full patched MCCode engine V2. Branded as v2.0.3.

Pretty much all the files has been updated along with php version upgrade. Few extra features added around the place - thorough list of fixes and upgraded features be posted soon, being prepared. Believe it or not, finally we have MCC V2 fully secured as we believe. Test it yourself ;) exploit it, please.

http://v203.mccodes.com/

This will be released for sale on MCCodes.com replacing V2 (2.0.2c). Also it will free downloadable for clients in client section anytime, patch it up! We be releasing more information on V3 shortly; however before v3 release, we have a little suprize.

NO LONGER need to pay others to add security to your game 8o

  • Replies 123
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Equinox Newbie

Equinox

Posted
Posted

I'm sure Paul is perfectly capable of finding a different source of money, he's capable of things outside of McCodes.

Although I hate him and would like to stamp on his face, he has some skill that puts him above the IQ of an apple which is commonly found in this forum.

:)

Blade Maker Newbie

Blade Maker

Posted
Posted

Not much of a big error but when going to staff.php while not a staff member you get this error:

Fatal error: Call to a member function endpage() on a non-object in /home/paul/public_html/sglobals.php on line 68

Like I said, nothing big, maybe not big enough to post so if so don't flame me please.

 

EDIT: Just a question, when you try to send a message why does it say: "OR Enter a username to send to:" before the input field where you put the username? There is nothing before OR?

 

EDIT: Never mind I just read it and noticed you are not looking for errors but instead hacks, I will still leave this out there though so people can fix it.

Djkanna Apprentice

Djkanna

Posted
Posted

Hmm, lets see.

I can delete a mail that doesn't belong to me, nor does it exist.

"Congratulations, you paid $1000 and travelled to Default City on the monorail!" - Fun, I am already there. *bug*

QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND `bl_ADDER` = 2' at line 1

Query was SELECT `bl_COMMENT` FROM `blacklist` WHERE `bl_ID` = AND `bl_ADDER` = 2

That shouldn't happen.

Perhaps giving us more to play with?

Dayo Experienced

Dayo

Posted
Posted

:roll: i still wouldn't buy the script, tbh I just wouldn't trust your coding ... Ild still probably go and get some one to check it over so Ild still have to pay out ...

Uridium Rising Star

Uridium

Posted
Posted

You havent listened to any of the Ideas people have given you on here and v2.0.3 is just another mcc version fit for the dump..

Nothing major has been done and even the Exploits are still there. Your making something that used to be decent look worse..

Danny696 Newbie

Danny696

Posted
Posted

ROLF, after you said that illusions i checked it out, seems we are still able to find money from securing Mcc... Didnt think a company with 10 year old owners, who can bearly code, with inscure codes, could get a worse image..

Ever thought about getting someone to secure it..... Awww, will that take the babays money....

Blade Maker Newbie

Blade Maker

Posted
Posted
Hmm, lets see.

I can delete a mail that doesn't belong to me, nor does it exist.

"Congratulations, you paid $1000 and travelled to Default City on the monorail!" - Fun, I am already there. *bug*

 

QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND `bl_ADDER` = 2' at line 1

Query was SELECT `bl_COMMENT` FROM `blacklist` WHERE `bl_ID` = AND `bl_ADDER` = 2

That shouldn't happen.

Perhaps giving us more to play with?

 

Nice finds, I was gonna check the mail but did not see the get being used, but I should have looked into it further xD.

And I think you guys should have posted a demo, and asked us to find the bugs or something....most of us do not have time to do it so idk.

Djkanna Apprentice

Djkanna

Posted
Posted
ROLF, after you said that illusions i checked it out, seems we are still able to find money from securing Mcc... Didnt think a company with 10 year old owners, who can bearly code, with inscure codes, could get a worse image..

Ever thought about getting someone to secure it..... Awww, will that take the babays money....

I don't think that's fair, as far as I am aware they did outsource for it, and for the most part it's okay (I haven't got the license to look at the code), sure there is a few bugs (mail one, events one etc).

Other than that it is a lot better than it was previously, so maybe you should get of your high horse for a minute and take a gander at the script before judging it.

rulerofzu Newbie

rulerofzu

Posted
Posted

As its not available for download yet then I would judge the demo as the beta of this release and for them to be able to catch anything overlooked before its made available for download.

My suggestion would be to get mantis and open up a bug tracker so you can monitor errors and work on them. Update the tracker and get it done.

sniko Apprentice

sniko

Posted
Posted

Possible things to fix;

 

  • I can mail myself
  • If i input "-1 or 1=1--" (without quotes) on the black list it doesn't submit
  • Admin is banned
    • By himself

    [*]ID 3 has no name

    [*]I can delete events, which doesn't belong to me nor exist

Dominion Newbie

Dominion

Posted
Posted
You havent listened to any of the Ideas people have given you on here and v2.0.3 is just another mcc version fit for the dump..

Nothing major has been done and even the Exploits are still there. Your making something that used to be decent look worse..

It's a security update not an update to the engines function. I would assume if they have paid attention to anything people want that would be part of v3, and not part of a v2 update...

@mcc – post a file so we can see something of this updated source? I am sure the idea of this post was to see what bugs we could find before the download was made available so why not post a file that has been secured by someone else, and is on here free, so we can see your upgrade. Just something like preferences or the cmarket so we can see the common bugs are gone. Might stop some of the posts above if we could see the level of this update.

Dabomstew Newbie

Dabomstew

Posted
Posted

Response to feedback

Ignoring the few immature posts, there's some nice feedback here that I will respond to.

Regarding deletion of mail/events: This is not a bug, simply a visual oddity. Events/mails that are not yours are not actually deleted, even though the page says they are. This has been the case since the first v2 release, as far as I'm aware. We will probably patch the visual side of this regardless.

Staff panel while not a staff member: As you said, not a big deal. May be altered slightly regardless.

Traveling to your own location: Will be patched.

Deleting non-existent stuff: Not really a huge deal, but we may look into it, if not for this version then for a future patch.

Mantis bug tracker: We do have this setup but haven't really integrated it well into development yet, or provided a way for the public to submit bugs. Expect an improvement in this regard in the near future.

Mailing yourself: Can actually be useful (another way of storing notes), we don't consider it a bug.

Black list input: Not sure about this, not specifically an exploit but will check it out.

Admin banned (by himself): This demo hasn't really been locked off like the v1/v2 current demos. We will sort it out before making the official final demo.

ID 3 has no name: Not sure about this.

Further constructive feedback is welcomed - further flaming isn't. Don't cross the line!

I have also restored access to the 2 advertised accounts for now.

Djkanna Apprentice

Djkanna

Posted
Posted
Ignoring the few immature posts, there's some nice feedback here that I will respond to.

Regarding deletion of mail/events: This is not a bug, simply a visual oddity. Events/mails that are not yours are not actually deleted, even though the page says they are. This has been the case since the first v2 release, as far as I'm aware. We will probably patch the visual side of this regardless.

Your right my bad, it has been like that since the v2 release.

function mail_delete()
{
global $db,$ir,$c,$userid,$h;
$db->query("DELETE FROM mail WHERE mail_id={$_GET['ID']} AND mail_to=$userid");
print "Message deleted.

[url='mailbox.php']> Back[/url]";
}

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...