Samurai Legend Posted June 23, 2014 Share Posted June 23, 2014 Hello all. I have bought Pauls voting script two days ago. But I have realized you can bypass votes without voting on the website. I need help for this not to happen. If anyone can help me out, please do! Quote Link to comment Share on other sites More sharing options...
sniko Posted June 23, 2014 Share Posted June 23, 2014 Pretty sure you'd need the voting site(s) to verify the vote. Unless you're magic. What voting sites can you bypass voting? Or have I misunderstood? Quote Link to comment Share on other sites More sharing options...
DidNotCompute Posted June 23, 2014 Share Posted June 23, 2014 Your question isn't very clear? Do you mean players can gain voting rewards (e.g. money or credits) without actually voting? If so, some voting sites offer the option of having HTTP requests sent which you can use to verify that the user has actually voted. Quote Link to comment Share on other sites More sharing options...
Dave Posted June 23, 2014 Share Posted June 23, 2014 Hello all. I have bought Pauls voting script two days ago. But I have realized you can bypass votes without voting on the website. I need help for this not to happen. If anyone can help me out, please do! Only some voting providers actually have this functionality. Did the mod advertise as supporting incentives? If not it may not provide security against votes. Quote Link to comment Share on other sites More sharing options...
Samurai Legend Posted June 23, 2014 Author Share Posted June 23, 2014 Nope, however I need help. I need to understand how to build in the incentive script...? Well I know that MPOGR allows you to do certain things. So I was thinking if I make the vote on my game and make the outcome link come out like this for an example - http://www.mpogr.com/vote.php?id=1225&userid=1 Once they submit it the userid in the link will get sent to my voting script and then it will allow the crediting. However I don't know how to do this or if its a good idea. Quote Link to comment Share on other sites More sharing options...
Script47 Posted June 23, 2014 Share Posted June 23, 2014 (edited) Nope, however I need help. I need to understand how to build in the incentive script...? Well I know that MPOGR allows you to do certain things. So I was thinking if I make the vote on my game and make the outcome link come out like this for an example - http://www.mpogr.com/vote.php?id=1225&userid=1 Once they submit it the userid in the link will get sent to my voting script and then it will allow the crediting. However I don't know how to do this or if its a good idea. The main reason people use voting scripts/sites is to publicize their site and keep it competitive among other players. For you to keep it local defeats the whole purpose of the voting feature. If you do want to create what you said which is what I would call daily rewards, where the users goes on a page and claims a reward you could very easily do that. I don't really write random code for people on threads but meh, my opinion is MWG is going to close soon as it has lost a lot of valuable members so why not help people before it goes down. If you find errors, try fix them. I wrote this module in the forum message box, it is late and my eyes are stinging. I could make excuses all day. In users table: ALTER TABLE `users` ADD COLUMN Reward_Collected INT NOT NULL DEFAULT 0; In Day Cron: $db->query("UPDATE `users` SET Reward_Collected = 0 WHERE Reward_Collected = 1"); dailyReward.php include 'globals.php'; echo '<h3>Daily Rewards</h3>'; echo '<a href="dailyRewards.php?claim=true&ID="'{$ir['userid']}'">Claim Reward</a>'; // If it is an empty echo blame MWG and add a line break in between. If you don't know how to do a line break well then I give up and say learn HTML first. echo '<br/>'; // Check if user is trying to claim reward. if(isset($_GET['claim']) { if(!isset($_GET['ID']) || trim(empty($_GET['ID'])) ) { // Error message as ID field is not set. return; } else if(ctype_digit($_GET['ID']) == FALSE) { // Error as ID is not integer. return; } else if($ir['Reward_Collected'] == 1) { // Error reward has already been collected. } else { $ID = htmlspecialchars(trim($_GET['ID'])); // Random money amount from between 1-1000 $randomMoney = rand(1, 1000); $updateUser = $db->query("SQL QUERY HERE UPDATING Reward_Collected FROM 0 TO 1 AND ADDING ON MONEY WHERE USERID = $ID"); if($updateUser) { // Query successful return; } else { // Query failed return; } } } Script Explained Step One The SQL query we made creates a column where by default the value is 0 which in this case means user hasn't voted. This is pretty much the only check you have so if you didn't have this the script wouldn't work as intended. Step Two The cron fires each day and changes the new column which we inserted to 0 again at the end of the day (server time). This again is important as people would not be able to collect rewards as they would be stuck on 1 forever. The important part is the code including and after the WHERE. This doesn't update every single user so it is optimized, it only updates the users who have voted. Step Three The actual script which allows user to claim the reward, is very simple. echo '<a href="dailyRewards.php?claim=true&ID="'{$ir['userid']}'">Claim Reward</a>'; The above code has the extension on following on from the ? (question mark). claim=true Will be used to see if user has clicked the link, only if they click the link or type that URL in to the URL field will the PHP code below it run. We pass the users ID through ID="'{$ir['userid']}'" this can later be accessed by GETTING (hint) the ID which is why we use $_GET. You can add a lot of parameters and all you have to do is connect each one with & then the identifier (the variable name) then an = sign then the value of that variable. I mainly use this to stop me having to create lots of files etc, so lets take the register page as an example, some people would have a form which leads to another page, where as I would set the submit form/button with a name a check using PHP if that button is set then do all the other validating/querying. But wait!? Why not use $_POST? Because we are not posting any data via a form so we can't, we are passing variables through the URL which can then be reached by GETTING them. // Check if user is trying to claim reward. if(isset($_GET['claim']) { if(!isset($_GET['ID']) || trim(empty($_GET['ID'])) ) { // Error message as ID field is not set. return; } else if(ctype_digit($_GET['ID']) == FALSE) { // Error as ID is not integer. return; } else if($ir['Reward_Collected'] == 1) { // Error reward has already been collected. } else { $ID = htmlspecialchars(trim($_GET['ID'])); // Random money amount from between 1-1000 $randomMoney = rand(1, 1000); $updateUser = $db->query("SQL QUERY HERE UPDATING Reward_Collected FROM 0 TO 1 AND ADDING ON MONEY WHERE USERID = $ID"); if($updateUser) { // Query successful return; } else { // Query failed return; } } } The above is very simple and the comments should suffice and help you understand the code, the first if() statement checks if the link is pressed, there on we check if the ID is empty and if it is not an integer (number) and give errors if you we need to (which you'll need to add). We check if the field is 1 in Reward_Collected, which mean the sneaky buggers are trying to get more or have made an honest mistake. So we give them messages again which you'll have to add. Then if all that works out without errors, then we (you) will make the query which I purposely haven't provided (hey now, you've got to do some work at least!) but I have very clearly wrote in words what you have to do. Last if() statement checks if the query ran successfully or not and you again will need to write the messages as you feel. Challenge I have coded this, time for you to learn too. I doubt many people will do it, but this is for those who wish to learn and improve. Try adding the new features listed below. The amount of money you get increases each day you vote in a row. Allow more rewards for example, items, secondary currency of your choice. Make which one you get random too. Add a staff side where you can set how much money you get as the reward. If you have tried these and are struggling or would like to show off (yes, you're allowed to do it a little). Then don't hesitate to mail me, tweet me or contact me any other way. Edited June 23, 2014 by Script47 Quote Link to comment Share on other sites More sharing options...
DidNotCompute Posted June 24, 2014 Share Posted June 24, 2014 FYI, here are some sites that allow incentives (and so send HTTP requests): http://www.top100arena.com http://www.gamingbytes.com http://www.topwebgames.com http://www.mpogr.com http://www.hotrpgames.com http://www.mgpoll.com http://www.hotbrowsergames.net http://www.browsergametoplist.com http://www.browsergamelist.net Quote Link to comment Share on other sites More sharing options...
Samurai Legend Posted June 24, 2014 Author Share Posted June 24, 2014 The main reason people use voting scripts/sites is to publicize their site and keep it competitive among other players. For you to keep it local defeats the whole purpose of the voting feature. If you do want to create what you said which is what I would call daily rewards, where the users goes on a page and claims a reward you could very easily do that. I don't really write random code for people on threads but meh, my opinion is MWG is going to close soon as it has lost a lot of valuable members so why not help people before it goes down. If you find errors, try fix them. I wrote this module in the forum message box, it is late and my eyes are stinging. I could make excuses all day. In users table: ALTER TABLE `users` ADD COLUMN Reward_Collected INT NOT NULL DEFAULT 0; In Day Cron: $db->query("UPDATE `users` SET Reward_Collected = 0 WHERE Reward_Collected = 1"); dailyReward.php include 'globals.php'; echo '<h3>Daily Rewards</h3>'; echo '<a href="dailyRewards.php?claim=true&ID="'{$ir['userid']}'">Claim Reward</a>'; // If it is an empty echo blame MWG and add a line break in between. If you don't know how to do a line break well then I give up and say learn HTML first. echo '<br/>'; // Check if user is trying to claim reward. if(isset($_GET['claim']) { if(!isset($_GET['ID']) || trim(empty($_GET['ID'])) ) { // Error message as ID field is not set. return; } else if(ctype_digit($_GET['ID']) == FALSE) { // Error as ID is not integer. return; } else if($ir['Reward_Collected'] == 1) { // Error reward has already been collected. } else { $ID = htmlspecialchars(trim($_GET['ID'])); // Random money amount from between 1-1000 $randomMoney = rand(1, 1000); $updateUser = $db->query("SQL QUERY HERE UPDATING Reward_Collected FROM 0 TO 1 AND ADDING ON MONEY WHERE USERID = $ID"); if($updateUser) { // Query successful return; } else { // Query failed return; } } } Script Explained Step One The SQL query we made creates a column where by default the value is 0 which in this case means user hasn't voted. This is pretty much the only check you have so if you didn't have this the script wouldn't work as intended. Step Two The cron fires each day and changes the new column which we inserted to 0 again at the end of the day (server time). This again is important as people would not be able to collect rewards as they would be stuck on 1 forever. The important part is the code including and after the WHERE. This doesn't update every single user so it is optimized, it only updates the users who have voted. Step Three The actual script which allows user to claim the reward, is very simple. echo '<a href="dailyRewards.php?claim=true&ID="'{$ir['userid']}'">Claim Reward</a>'; The above code has the extension on following on from the ? (question mark). claim=true Will be used to see if user has clicked the link, only if they click the link or type that URL in to the URL field will the PHP code below it run. We pass the users ID through ID="'{$ir['userid']}'" this can later be accessed by GETTING (hint) the ID which is why we use $_GET. You can add a lot of parameters and all you have to do is connect each one with & then the identifier (the variable name) then an = sign then the value of that variable. I mainly use this to stop me having to create lots of files etc, so lets take the register page as an example, some people would have a form which leads to another page, where as I would set the submit form/button with a name a check using PHP if that button is set then do all the other validating/querying. But wait!? Why not use $_POST? Because we are not posting any data via a form so we can't, we are passing variables through the URL which can then be reached by GETTING them. // Check if user is trying to claim reward. if(isset($_GET['claim']) { if(!isset($_GET['ID']) || trim(empty($_GET['ID'])) ) { // Error message as ID field is not set. return; } else if(ctype_digit($_GET['ID']) == FALSE) { // Error as ID is not integer. return; } else if($ir['Reward_Collected'] == 1) { // Error reward has already been collected. } else { $ID = htmlspecialchars(trim($_GET['ID'])); // Random money amount from between 1-1000 $randomMoney = rand(1, 1000); $updateUser = $db->query("SQL QUERY HERE UPDATING Reward_Collected FROM 0 TO 1 AND ADDING ON MONEY WHERE USERID = $ID"); if($updateUser) { // Query successful return; } else { // Query failed return; } } } The above is very simple and the comments should suffice and help you understand the code, the first if() statement checks if the link is pressed, there on we check if the ID is empty and if it is not an integer (number) and give errors if you we need to (which you'll need to add). We check if the field is 1 in Reward_Collected, which mean the sneaky buggers are trying to get more or have made an honest mistake. So we give them messages again which you'll have to add. Then if all that works out without errors, then we (you) will make the query which I purposely haven't provided (hey now, you've got to do some work at least!) but I have very clearly wrote in words what you have to do. Last if() statement checks if the query ran successfully or not and you again will need to write the messages as you feel. Challenge I have coded this, time for you to learn too. I doubt many people will do it, but this is for those who wish to learn and improve. Try adding the new features listed below. The amount of money you get increases each day you vote in a row. Allow more rewards for example, items, secondary currency of your choice. Make which one you get random too. Add a staff side where you can set how much money you get as the reward. If you have tried these and are struggling or would like to show off (yes, you're allowed to do it a little). Then don't hesitate to mail me, tweet me or contact me any other way. Hey Script47! Thanks for the help man! I really appreciate the help! You made me understand more and its getting more clear! However I did something complete different but I still a bit same to what you have. However I don't like it when you have to manually claim the reward I believe? Unless I am not understanding well. This is what I did so far - [ATTACH=CONFIG]1582[/ATTACH] Everything is done apart from the incentives. I'll try figure that part soon. As for the staff file everything is so easy to do! And add the votes in easily. Quote Link to comment Share on other sites More sharing options...
Script47 Posted June 24, 2014 Share Posted June 24, 2014 Hey Script47! Thanks for the help man! I really appreciate the help! You made me understand more and its getting more clear! However I did something complete different but I still a bit same to what you have. However I don't like it when you have to manually claim the reward I believe? Unless I am not understanding well. This is what I did so far - [ATTACH=CONFIG]1582[/ATTACH] Everything is done apart from the incentives. I'll try figure that part soon. As for the staff file everything is so easy to do! And add the votes in easily. I had the player manually click the reward link as you only want players who are online and want the reward to get it. If you need any help mail me. Quote Link to comment Share on other sites More sharing options...
Samurai Legend Posted June 24, 2014 Author Share Posted June 24, 2014 I had the player manually click the reward link as you only want players who are online and want the reward to get it. If you need any help mail me. Thanks bro! Script47 has exceeded their stored private messages quota and cannot accept further messages until they clear some space. I can't message you...And I need help :( You have Skype? Quote Link to comment Share on other sites More sharing options...
Script47 Posted June 24, 2014 Share Posted June 24, 2014 Thanks bro! Script47 has exceeded their stored private messages quota and cannot accept further messages until they clear some space. I can't message you...And I need help :( You have Skype? Second person to tell me that. xD *deletes messages.* Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted June 24, 2014 Share Posted June 24, 2014 FYI, here are some sites that allow incentives (and so send HTTP requests): www.top100arena.com www.gamingbytes.com www.topwebgames.com www.mpogr.com www.hotrpgames.com www.mgpoll.com www.hotbrowsergames.net www.browsergametoplist.com www.browsergamelist.net dont forget about https://toplistedgames.com as well Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.