Attack Mod

Damond · December 26, 2014

Hope everyone had a happy holiday.

So let me give you a little background so you can understand why I am trying to do what I am trying to do.

All the characters in my game are "born" with two forms of attack that stay with them through out the whole game. As users level these attack automatically get stronger. The base attack codes are fine with a little tweaking to fit my needs.

Since you already have two forms of attack that you can never change I decided to add a third even if it is going to be in a limited way.

The first attack is a bite/claw attack. You have unlimited use of this.

The second is a breath weapon. For this one you start out limited to using it only twice per attack session. As you level that goes up

The third is a spell of your choosing. This one will start out limited to twice a day as the spells get very powerful. Again as you level the number of spells per day you can cast goes up as well as maybe the number that can be equipped.

Now to try and keep things organized and easy for the user to find when you buy a spell it is listed in your Spell book which is an extension of your inventory.

I have added a new tables to store spells and spell types and spell effects...

All my queries for listing the spells in your spell book and as an equipped spell work just fine. My problem is coming in on the attack screen.

Because I don't want the effectiveness you your spells to be based on strength or defense, because lets face it just because your strong does not make your mind strong, I decided to base them on IQ. This means that I needed a second set of attack codes.


//damage 

if($_GET['wepid'] != $ir['equip_primary'] && $_GET['wepid'] != $ir['equip_secondary'] && $_GET['wepid'] != $ir['equip_spell1'] && $_GET['wepid'] != $ir['equip_spell2'])
{
print "<div class='box-style7'>
<div class='title12'>
	<h2>Stop trying to abuse a game bug.</h2>
</div>
<a href='index.php'><button>Back</button></a>
</div>";
$db->query("UPDATE users SET exp=0 where userid=$userid",$c);
die("");
}
// if you use normal bite or breath weapon
if($_GET['wepid'] == $ir['equip_primary'] || $ir['equip_secondary']){
$qo=$db->query("SELECT i.* FROM items i   WHERE i.itmid={$_GET['wepid']}");
$r1=$db->fetch_row($qo);
$mydamage=(int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000));
$hitratio=max(10,min(60*$ir['agility']/$odata['speed'],95));
	if(rand(1,100) <= $hitratio )
	{
		$q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
		if($db->num_rows($q3))
		{
			$mydamage-=$db->fetch_single($q3);
		}
	if($mydamage < -100000) { $mydamage=abs($mydamage); }
	else if($mydamage < 1) { $mydamage=1; }
	$crit=rand(1,40);
	if($crit==17) { 
	$mydamage*=rand(20,40)/10; 
	} 
	else if($crit==25 or $crit == 8) 
	{ 
	$mydamage/=(rand(20,40)/10); 
	} 
	$mydamage=round($mydamage);
	$odata['hp']-=$mydamage;
		if($odata['hp']==1) { 
		$odata['hp']=0;$mydamage+=1; 
		}
	$db->query("UPDATE users SET hp=hp-$mydamage WHERE userid={$_GET['ID']}");
	print "<font color=red>{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	$_SESSION['attackdmg']+=$mydamage;
	$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	if ($_GET['wepid'] == $ir['equip_secondary'] and $ir['breath_use']>0){
		$db->query("UPDATE users SET breath_use=breath_use-1 WHERE userid=$userid");
		}
	}
}
//If you use spells
else if ($_GET['wepid'] == $ir['equip_spell1'] || $ir['equip_spell2']){

$qq=$db->query("SELECT s.* FROM spells s  WHERE s.spellid={$_GET['wepid']}");
$r2=$db->fetch_row($qq);
$mydamage2=(int) (($r2['weapon']*$youdata['IQ']/($odata['IQ']/1.5))*(rand(8000,12000)/10000));
$hitratio=max(10,min(60*$ir['agility']/$odata['speed'],95));
	if(rand(1,100) <= $hitratio )
	{
		$q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
		if($db->num_rows($q3))
		{
			$mydamage-=$db->fetch_single($q3);
		}
	if($mydamage2 < -100000) { $mydamage2=abs($mydamage2); }
	else if($mydamage2 < 1) { $mydamage2=1; }
	$crit=rand(1,40);
	if($crit==17) { 
	$mydamage2*=rand(20,40)/10; 
	} 
	else if($crit==25 or $crit == 8) 
	{ 
	$mydamage2/=(rand(20,40)/10); 
	} 
	$mydamage2=round($mydamage2);
	$odata['hp']-=$mydamage2;
		if($odata['hp']==1) { 
		$odata['hp']=0;$mydamage2+=1; 
		}
	$db->query("UPDATE users SET hp=hp-$mydamage2 WHERE userid={$_GET['ID']}");
	print "<font color=red>{$_GET['nextstep']}. Using your {$r2['spellname']} you hit {$odata['username']} doing $mydamage2 damage ({$odata['hp']})</font><br />\n";
	$_SESSION['attackdmg']+=$mydamage2;
	$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r2['spellname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	if ($_GET['wepid'] == $ir['equip_spell1'] || $ir['equip_spell2'] and $ir['spell_use']>0){
		$db->query("UPDATE users SET spell_use=spell_use-1 WHERE userid=$userid");
		}
	}
}

I was sure this would work. A simple if/else if/else statement with the two primary weapons in the "IF" and the two spells in the "Else if" BUT using else if it seems to ignore that statement altogether.

The primary weapons "If" works fine.

When I attack with a spell I get

1. Using your you hit Demo with doing 1 damage.

No spell name no actual damage and my spell use count does not change.

Now if I change that "else if" to just "if" I get

1. Using your you hit Demo with doing 1 damage.

1. Using your Acid Orb you hit Demo doing 26 damage.

2. Using his Bite/Claw Demo hit you doing 17 damage.

And the spell count goes down as it is supposed to.

I don't understand why it is ignoring my 'else if' or why it is giving me the line with no weapon name and only one damage.

Edit:

After a little more research I understand now that it is giving me two attack lines when I use 'if' for the spells line because it is in fact running both lines. Any advice on how I could combined the two?

If the user picks bite claw or breath run the first code

else if the user casts a spell run the second

Edited December 26, 2014 by Damond
Additional information

Damond · December 26, 2014

From reading another thread I decided to try using switch.

I'm sure I have it in place correctly. At least as correctly as I can see. I am getting no errors anyplace but I am still not getting the right read out when I try and attack with a spell.

With my claw/bite or breath weapon everything works fine. Then when I move to try and use the next case spells I am back to getting:

Using your you hit Demo doing 1 damage.

Spell use counter is not counting down either. Again I feel it is just skipping my code for some reason.

switch ($_GET['wepid']){
case $ir['equip_primary'] || $ir['equip_secondary']:

$qo=$db->query("SELECT i.* FROM items i   WHERE i.itmid={$_GET['wepid']}");
$r1=$db->fetch_row($qo);
$mydamage=(int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000));
$hitratio=max(10,min(60*$ir['agility']/$odata['speed'],95));

	if(rand(1,100) <= $hitratio )
	{
		$q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
		if($db->num_rows($q3))
		{
			$mydamage-=$db->fetch_single($q3);
		}
	if($mydamage < -100000) { $mydamage=abs($mydamage); }
	else if($mydamage < 1) { $mydamage=1; }
	$crit=rand(1,40);
	if($crit==17) { 
	$mydamage*=rand(20,40)/10; 
	} 
	else if($crit==25 or $crit == 8) 
	{ 
	$mydamage/=(rand(20,40)/10); 
	} 
	$mydamage=round($mydamage);
	$odata['hp']-=$mydamage;
		if($odata['hp']==1) { 
		$odata['hp']=0;$mydamage+=1; 
		}
	$db->query("UPDATE users SET hp=hp-$mydamage WHERE userid={$_GET['ID']}");
	print "<font color=red>{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	$_SESSION['attackdmg']+=$mydamage;
	$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	if ($_GET['wepid'] == $ir['equip_secondary'] and $ir['breath_use']>0){
		$db->query("UPDATE users SET breath_use=breath_use-1 WHERE userid=$userid");
		}
	}

break;
//If you use spells
case $ir['equip_spell1'] || $ir['equip_spell2']:
$qq=$db->query("SELECT s.* FROM spells s WHERE s.spellid={$_GET['wepid']}");
$r2=$db->fetch_row($qq);
$mydamage2=(int) (($r2['weapon']*$youdata['IQ']/($odata['IQ']/1.5))*(rand(8000,12000)/10000));
$hitratio=max(10,min(60*$ir['agility']/$odata['speed'],95));
	if(rand(1,100) <= $hitratio )
	{
		$q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
		if($db->num_rows($q3))
		{
			$mydamage-=$db->fetch_single($q3);
		}
	if($mydamage2 < -100000) { $mydamage2=abs($mydamage2); }
	else if($mydamage2 < 1) { $mydamage2=1; }
	$crit=rand(1,40);
	if($crit==17) { 
	$mydamage2*=rand(20,40)/10; 
	} 
	else if($crit==25 or $crit == 8) 
	{ 
	$mydamage2/=(rand(20,40)/10); 
	} 
	$mydamage2=round($mydamage2);
	$odata['hp']-=$mydamage2;
		if($odata['hp']==1) { 
		$odata['hp']=0;$mydamage2+=1; 
		}
	$db->query("UPDATE users SET hp=hp-$mydamage2 WHERE userid={$_GET['ID']}");
	print "<font color=red>{$_GET['nextstep']}. Using your {$r2['spellname']} you hit {$odata['username']} doing $mydamage2 damage ({$odata['hp']})</font><br />\n";
	$_SESSION['attackdmg']+=$mydamage2;
	$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r2['spellname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
	if ($_GET['wepid'] == $ir['equip_spell1'] || $ir['equip_spell2'] and $ir['spell_use']>0){
		$db->query("UPDATE users SET spell_use=spell_use-1 WHERE userid=$userid");
		}
	}

break;

default:
print "<font color=red>{$_GET['nextstep']}. You tried to hit {$odata['username']} but missed ({$odata['hp']})</font><br />\n";
$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. {$ir['username']} tried to hit {$odata['username']} but missed ({$odata['hp']})</font><br />\n";
}

Coly010 · December 26, 2014

I'd assume its either down to you not referencing the correct column name in the database for the spell name or the query is failing and you aren't being alerted to it :/

try this:

//If you use spells
   case $ir['equip_spell1'] || $ir['equip_spell2']:
   $qq=$db->query("SELECT  FROM spells WHERE spellid='{$_GET['wepid']}'");
   $r2=$db->fetch_row($qq);
   $mydamage2=(int) (($r2['weapon']*$youdata['IQ']/($odata['IQ']/1.5))*(rand(8000,12000)/10000));
   $hitratio=max(10,min(60*$ir['agility']/$odata['speed'],95));
       if(rand(1,100) <= $hitratio )
       {
           $q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
           if($db->num_rows($q3))
           {
               $mydamage-=$db->fetch_single($q3);
           }
       if($mydamage2 < -100000) { $mydamage2=abs($mydamage2); }
       else if($mydamage2 < 1) { $mydamage2=1; }
       $crit=rand(1,40);
       if($crit==17) { 
       $mydamage2*=rand(20,40)/10; 
       } 
       else if($crit==25 or $crit == 8) 
       { 
       $mydamage2/=(rand(20,40)/10); 
       } 
       $mydamage2=round($mydamage2);
       $odata['hp']-=$mydamage2;
           if($odata['hp']==1) { 
           $odata['hp']=0;$mydamage2+=1; 
           }
       $db->query("UPDATE users SET hp=hp-$mydamage2 WHERE userid='{$_GET['ID']}'");
       print "<font color=red>{$_GET['nextstep']}. Using your {$r2['spellname']} you hit {$odata['username']} doing $mydamage2 damage ({$odata['hp']})</font>\n";
       $_SESSION['attackdmg']+=$mydamage2;
       $_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r2['spellname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font>\n";
       if ($_GET['wepid'] == $ir['equip_spell1'] || $ir['equip_spell2'] and $ir['spell_use']>0){
           $db->query("UPDATE users SET spell_use=spell_use-1 WHERE userid='$userid'");
           }
       }

break;

all i have done is escape your variables but i've noticed that this can sometimes cause it to fail, also is the $db created using:


$db = new Mysqli($host, $user, $pass, $dbname);

?

Damond · December 26, 2014

My SQL is correct. If you read in my first post using an if/elseif/else I was getting the right read out but it was running both lines of code. So which ever one I was chosing was correct while the other was coming up blank.

I will try escaping all the variables like you suggested and see if that makes a difference.

Coly010 · December 26, 2014

ok after reading it again i think your problem lies here:

if($_GET['wepid'] == $ir['equip_primary'] || $ir['equip_secondary']){

}

I'm not 100% sure but is this not simply asking the if statement:

return true if ( $_GET['wepid'] == $ir['equip_primary'] ) or if ($ir['equip_secondary'] is true )

and if you have it in your database that $ir['equip_secondary'] has any sort of value even 0, it should return true ?

im not sure though, i've never used if the way you have, i prefer to do:

if($_GET['wepid'] == $ir['equip_primary'] || $_GET['wepid'] == $ir['equip_secondary']){

}

otherwise im not sure how to actually help, everything else seems in order

Script47 · December 27, 2014

The PHP if() statement cannot be used like that, you have to specify both times what you're comparing. Try the code Coly gave.

Edit #1:

As far as I'm aware it looks as though you aren't validating $_GET['wepid'] and are using it in queries. Validate/santize all user input.

Edited December 27, 2014 by Script47

Coly010 · December 27, 2014

The PHP if() statement cannot be used like that, you have to specify both times what you're comparing. Try the code Coly gave.
Edit #1:

As far as I'm aware it looks as though you're aren't validating $_GET['wepid'] and are using in queries. Validate/santize all user input.

so i was correct in my thinking lol, i wasn't too sure, was the first time I had ever seen that.

if your $_GET['wepid'] is a number, and a positive number then you can use this to sanitise it:

$wepid = abs((int) $_GET['wepid']) + 0;

the abs() function makes sure the number is positive (it returns the absolute value of the number, or the magnitude/size, whatever you like to call it.

the (int) casts the number to an integer, basically making sure there is no decimals

the +0 is something i like to do, you can't add zero to a string variable type so its another way of forcing the input to a number

:)

Script47 · December 27, 2014

so i was correct in my thinking lol, i wasn't too sure, was the first time I had ever seen that.
if your $_GET['wepid'] is a number, and a positive number then you can use this to sanitise it:
$wepid = abs((int) $_GET['wepid']) + 0;
the abs() function makes sure the number is positive (it returns the absolute value of the number, or the magnitude/size, whatever you like to call it.

the (int) casts the number to an integer, basically making sure there is no decimals

the +0 is something i like to do, you can't add zero to a string variable type so its another way of forcing the input to a number

:)

Technically as far as I'm aware if you validate a field properly then no need to sanitize it, that is if you're 100% sure it has been validated correctly and completely, an example is shown below:

/**
* Validate input value to make sure it is an integer.
* @param $int - The input value you want to validate.
* @return - If is int it will return the original value, otherwise false.
*/
function validateInt($int) {
   return $int = is_int($int) || ctype_digit($int) ? $int : false;
}

// Check if it is int.
if (validateInt($_GET['wepid']) == false) {
   exit("Weapon ID must be an integer.");
}
// If the code reaches here then the input is an int therefore can't have other malicious text.
$wepID = $_GET['wepid'];

Edited December 27, 2014 by Script47

KyleMassacre · December 27, 2014

I would say good practice is to do both because of the fact that a good amount of times variables are reused across the script(s). Who knows, you may be creating some sort of math equation for an attack formula which may return a float but your database is not set up for a float and it's only setup for an int. Your validation may have passed but now you want to display the result so now your getting something back that isn't right.

I i know my example here isn't very good and should pose 0 risk but moral of the story is its best practice to sanitize and validate. It will help to make sure your getting the results your hoping for.

Coly010 · December 27, 2014

Personally I'd feel safer if I sanitise the variables, but I might add in the extra step of validating them also from now on.

Damond · January 3, 2015

Reduced Damage

So here I go again messing with my attack file. I got a nice little bit of help from [MENTION=50378]Guest[/MENTION] and finally got it working just the way I want it too, and now I'm going to go messing with it again. Just another one of those little things that will make my game unique.

So there are several weapons in my game but they all come in four basic types. Fire, Ice, Lightning, and Poison. I added an extra column to my items table so that each of these can have their own type other than itm_type. Its very simple types 1 - 4.

Now the theory is both player A and player B are using a type 1 weapon. Because they are both using a type 1 weapon we want them to cause less damage. It is hard coded in the game that these types of weapons MUST be equip_secondary.

Here is what we are starting with:

if ($_GET['wepid'] == $ir['equip_primary'] || $_GET['wepid'] == $ir['equip_secondary']) {
			$qo       = $db->query("SELECT i.* FROM items i   WHERE i.itmid={$_GET['wepid']}"); // selecting all from items
		$r1		  = $db->fetch_row($qo);
		$mydamage = (int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000));
		$hitratio = max(10,min(60*$ir['agility']/$odata['speed'],95));

		if (rand(1,100) <= $hitratio) {
			$q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
			if ($db->num_rows($q3)) {
				$mydamage-=$db->fetch_single($q3);
			}
			if ($mydamage < -100000) { 
				$mydamage=abs($mydamage); 
			}
			else if ($mydamage < 1) { 
				$mydamage=1; 
			}
			$crit=rand(1,40);
			if ($crit==17) { 
				$mydamage*=rand(20,40)/10; 
			} 
			else if ($crit==25 or $crit == 8) { 
				$mydamage/=(rand(20,40)/10); 
			}
			$mydamage=round($mydamage);
			$odata['hp']-=$mydamage;
			if ($odata['hp']==1) { 
				$odata['hp']=0;$mydamage+=1; 
			}
			$db->query("UPDATE users SET hp=hp-$mydamage WHERE userid={$_GET['ID']}");
			print "<font color=red>{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
			$_SESSION['attackdmg']+=$mydamage;
			$_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font><br />\n";
			if ($_GET['wepid'] == $ir['equip_secondary'] and $ir['breath_use']>0) {
				$db->query("UPDATE users SET breath_use=breath_use-1 WHERE userid=$userid");
			}
		}

We are already selecting all from the items table. I have been scratching my head all day in how to code the next part correctly for the call the the row "type" in my items as it relates to the weapons being used.

if ($_GET['wepid'] == $ir['equip_secondary'] && $ir['weapon type'] == $odata['weapon type'] {   //insert call here
    $mydamage = (int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000)/3);
}
else if {
    $mydamage = (int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000));
}

I'm telling you its staring me right in the face and I just can't put my finger on it. Any ideas? Thanks in advance.

Edited January 3, 2015 by Damond

SRB · January 3, 2015

       if ($_GET['wepid'] == $ir['equip_primary'] || $_GET['wepid'] == $ir['equip_secondary']) {
           $qo       = $db->query("SELECT i.* FROM items i   WHERE i.itmid={$_GET['wepid']}"); // selecting all from items
           $r1       = $db->fetch_row($qo);
           $mydamage = (int) (($r1['weapon']*$youdata['strength']/($odata['defense']/1.5))*(rand(8000,12000)/10000));
           $hitratio = max(10,min(60*$ir['agility']/$odata['speed'],95));

           if (rand(1,100) <= $hitratio) {
               $q3=$db->query("SELECT i.armor FROM items i   WHERE itmid={$odata['equip_armor']} ORDER BY rand()");
               if ($db->num_rows($q3)) {
                   $mydamage-=$db->fetch_single($q3);
               }
               if ($mydamage < -100000) { 
                   $mydamage=abs($mydamage); 
               }

               /*
                   Since $mydamage is last defined here (At a level that's not simply to calculate criticals or <0's)
                   We insert the part we need here.


                   Conditions;
                       1. Check the weapon being used is in the secondary slot.
                       2. You have called the item into $r1 return, so match type id there
                          ** Check the field name for itmtype, it may not be correct [may be itmtypeid]
               */


               if (($_GET['wepid'] == $ir['equip_secondary']) && $r1['itmtype'] == $item_type_number) {
                   $mydamage = $mydamage / 3;
               }


               /*
                   End of the **** you need
               */


               if ($mydamage < 1) { 
                   $mydamage=1; 
               }


               $crit=rand(1,40);
               if ($crit==17) { 
                   $mydamage*=rand(20,40)/10; 
               } 
               else if ($crit==25 or $crit == 8) { 
                   $mydamage/=(rand(20,40)/10); 
               }
               $mydamage=round($mydamage);
               $odata['hp']-=$mydamage;
               if ($odata['hp']==1) { 
                   $odata['hp']=0;$mydamage+=1; 
               }
               $db->query("UPDATE users SET hp=hp-$mydamage WHERE userid={$_GET['ID']}");
               print "<font color=red>{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font>\n";
               $_SESSION['attackdmg']+=$mydamage;
               $_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font>\n";
               if ($_GET['wepid'] == $ir['equip_secondary'] and $ir['breath_use']>0) {
                   $db->query("UPDATE users SET breath_use=breath_use-1 WHERE userid=$userid");
               }
           }

Think this is what you need;

Attack Mod

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation