Miks Posted March 24, 2015 Share Posted March 24, 2015 I have created a feature which works a lot like Searching The Streets. The problem that I am having is you can see the random event number in the url like so: google.com/mountainhatch.php?hatch=search&search=8 So if a user realizes that event 8 can potentially give you money then they can sit there hitting refresh and continuously earn money. The search the streets feature has the same issue. I could create multiple IF and Else statements for event 8 so its not easy for them to get the result there after but I would like to add special items which can only be found with certain events. Anyway is there a way to hide the event number from the url? Heres the code $Type = mt_rand(1, 10); Take the path that leads left <a href='?hatch=search&search=".$Type."'>Left</a><BR> Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 24, 2015 Share Posted March 24, 2015 It's called vanity urls and if event 8 gives money then don't use $_GET. Quote Link to comment Share on other sites More sharing options...
G7470 Posted March 24, 2015 Share Posted March 24, 2015 It's called vanity urls and if event 8 gives money then don't use $_GET. Agreed. If particular events will give players rewards, then I would suggest not using $_GET. $_POST would be more appropriate for that. ~G7470 Quote Link to comment Share on other sites More sharing options...
Dave Posted March 24, 2015 Share Posted March 24, 2015 Agreed. If particular events will give players rewards, then I would suggest not using $_GET. $_POST would be more appropriate for that. ~G7470 $_POST could still be altered within the request. Simply change the request to ?hatch=search and move the mt_rand code into that action? There's no reason to generate it before that pages request. Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 24, 2015 Share Posted March 24, 2015 $_POST could still be altered within the request. Simply change the request to ?hatch=search and move the mt_rand code into that action? There's no reason to generate it before that pages request. Yep have your code randomly select what event to occur simply after the user has clicked search, don't have the code use $_GET. Now for your urls Google Apache mod_rewrite. At the start it will seem like gibberish to you. But after a while you get used to the patterns and understand it better Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 (edited) I have tried numerous ways to implement what you have told me but I cant get it to work The below code is what I'm working with, how would I implement $_post and how would I add mt_rand to the function I changed all the GETs to POSTs but that didnt work, I'm guessing theres more to just changing GET to POST Anyway I'm stuck and would appreciate a helping hand <?php $noturns = "<div class='desc2'> <div class='citstat'>It requires a player to have a certain amount of Skill to enter the hatch which you dont have<BR> <a href='mountains.php'>Home</a>"; include(DIRNAME(__FILE__) . '/globals.php'); if($ir['brave'] <= 0) { echo $noturns; $h->endpage(); exit; } if($ir['jail'] or $ir['hospital']) { print "<div class='desc2'> <div class='citstat'>How can you enter the hatch when you're in jail or recovering in hospital<BR><a href='mountains.php'>Leave</a>"; $h->endpage(); exit; } $_GET['hatch'] = isset($_GET['hatch']) && is_string($_GET['hatch']) ? trim($_GET['hatch']) : ""; switch($_GET['hatch']) { case 'search': search_hatch(); break; default: index(); break; } function index() { global $db, $ir, $userid, $h, $db; $Type = mt_rand(1, 10); echo " <style type='text/css'> .style1 { text-align: center; } </style> <div class='desc2'> <div class='citstat'> <table class='mytable'> <h2>Inside The Hatch</h2>"; echo " <tr><td><center><BR> You climb down some old wooden ladders which take you to a large, dark, poorly light underground<br> room with 3 tunnels leading off in different directions. Which way do you want to go?<BR><br> Take the path that leads straight ahead <a href='?hatch=search&search=$Type'>Ahead</a><BR> Take the path that leads left <a href='?hatch=search&search=$Type'>Left</a><BR> Take the path that leads right <a href='?hatch=search&search=$Type'>Right</a><BR> Climb back up the ladders <a href='mountains.php'>Leave</a><BR><br></center></td></tr></table> "; } function search_hatch() { global $db, $ir, $userid, $h; /*----------------------------------------------------- # Start Config # -----------------------------------------------------*/ $nonrecorded = "What you doing here?<br /><a href='index.php'>Go back</a>"; $rand = mt_rand(0,2); $randhard = mt_rand(0,3); $randharder = mt_rand(0,6); $randmoney = mt_rand(1,100); $randcrystals = mt_rand(1,8); $itemidsearch2 = 155; //Item id for search 2 $quantitysearch2 = 1; //Item quantity for search 2 $itemidsearch4 = 159; //Item id for search 4 $quantitysearch4 = 1; //Item quantity for search 4 $itemidsearch5 = 131; //Item id for search 5 $quantitysearch5 = 1; //Item quantity for search 5 $itemidsearch7 = 160; //Item id for search 7 $quantitysearch7 = 1; //Item quantity for search 7 $itemidsearch8 = 150; //Item id for search 8 $quantitysearch8 = 1; //Item quantity for search 8 $itemidsearch9 = 150; //Item id for search 9 $quantitysearch9 = 1; //Item quantity for search 9 /*----------------------------------------------------- # End Config # -----------------------------------------------------*/ $_GET['search'] = abs(@intval($_GET['search'])); if(!$_GET['search']) { echo $nonrecorded; $h->endpage(); exit; } $db->query("UPDATE `users` SET `brave`=`brave`-1 WHERE `userid`=$userid"); if($_GET['search'] == 1) { echo " <div class='desc2'> <div class='citstat'> <span style='color:red;font-weight:700;'>Unlucky!</span><br />You didnt find anything down this path<br /> Take the path that leads straight ahead <a href='?hatch=search&search=".$Type."'>Ahead</a><BR> Take the path that leads left <a href='?hatch=search&search=".$Type."'>Left</a><BR> Turn back <a href='?hatch=search&search=".$Type."'>Back</a><BR>"; } else if($_GET['search'] == 2) { if($rand == 1) { $db->query("INSERT INTO `inventory` VALUES('',$itemidsearch2,$userid,$quantitysearch2)"); echo "<div class='desc2'> <div class='citstat'><span style='color:green;font-weight:700;'>Success</span><br />While searching ".$cityname." you found a mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='mountainhatch.php'>Streets</a>"; } else { $Time = mt_rand(2,10); echo "<div class='desc2'> <div class='citstat'><span style='color:red;font-weight:700;'>Unlucky!</span><br />As you walk down the dark scary looking path you here something creep up behind you<BR>Before you can turn around you feel a blade pushed into your back <br /><a href='hospital.php'>Hospital</a>"; $db->query(sprintf("UPDATE `users` SET `hospital` = %u, `hospreason` = 'While searching %s you got stabbed' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 3) { if($rand == 1) { $db->query("UPDATE `users` SET `money`=`money`+".$randmoney." WHERE `userid`=$userid"); echo "<div class='desc2'> <div class='citstat'><font color = 'green'><b>Sucess</b></font><br />You earned ".money_formatter($randmoney)." for robbing an old man of his pension"; } else { $Time = mt_rand(2,10); echo "<div class='desc2'> <div class='citstat'><span style='color:red;font-weight:700;'>Unlucky!</span><br />While searching ".$cityname." you got shot.<br /><a href='hospital.php'>Click Here</a>"; $db->query(sprintf("UPDATE `users` SET `hospital` = %u, `hospreason` = 'While searching %s they got shot' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 4) { if($randhard == 1) { $db->query("INSERT INTO inventory VALUES('',$itemidsearch4,$userid,$quantitysearch4)"); echo "<div class='desc2'> <div class='citstat'><span style='color:green;font-weight:700;'>Success</span><br />While searching ".$cityname." you found an mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='streets.php'>Streets</a>"; } else { echo "<div class='desc2'> <div class='citstat'><span style='color:red;font-weight:700;'>Unlucky!</span><br />While searching ".$cityname." you found NOTHING!<br /><a href='streets.php'>Click Here</a>"; } } else if($_GET['search'] == 5) { $db->query("INSERT INTO inventory VALUES('',$itemidsearch5,$userid,$quantitysearch5)"); echo "<div class='desc2'> <div class='citstat'><span style='color:green;font-weight:700;'>Success</span><br />While searching underground you found an mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='streets.php'>Streets</a>"; } else if($_GET['search'] == 6) { if($rand == 1) { $db->query("UPDATE users SET `crystals`=`crystals`+".$randcrystals." WHERE userid=$userid"); echo "<div class='desc2'> <div class='citstat'><span style='color:green;font-weight:700;'>Success</span><br />While searching ".$cityname." You fell down a hole and found a crystal mine , You took ".number_format($randcrystals)."<br /><a href='streets.php'>Click Here</a>"; } else { $Time = mt_rand(2,10); echo "<div class='desc2'> <div class='citstat'><span style='color:red;font-weight:700;'>Unlucky!</span><br />While searching ".$cityname." a police officer arrested you.<br /><a href='jail.php'>Jail</a>"; $db->query(sprintf("UPDATE `users` SET `jail` = %u, `jail_reason` = 'Arrested for hanging around %s' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 7) { if($rand == 1) { $db->query("INSERT INTO inventory VALUES('',$itemidsearch7,$userid,$quantitysearch7)"); echo "<div class='desc2'> <div class='citstat'><span style='color:green;font-weight:700;'>Success</span><br />While searching ".$cityname." You found an mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='streets.php'>Streets</a>"; } else { $Time = mt_rand(2,10); echo "<div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> <span style='color:red;font-weight:700;'>Unlucky!</span><br />While searching ".$cityname." a police officer arrested you.<br /><a href='jail.php'>Click Here</a><br><BR></center></td></tr></table>"; $db->query(sprintf("UPDATE `users` SET `jail` = %u, `jail_reason` = 'Arrested for hanging around %s' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 8) { if($randhard == 1) { $db->query("INSERT INTO inventory VALUES('',$itemidsearch8,$userid,$quantitysearch8)"); echo "<div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> <span style='color:green;font-weight:700;'>Success</span><br />While searching you found an mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='streets.php'>Streets</a><br><BR></center></td></tr></table>"; } else { $Time = mt_rand(2,8); echo "<div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> <span style='color:red;font-weight:700;'>The tunnel collapsed!</span><br />The tunnel collapsed! and you fell into an old tomb<br> <a href='hospital.php'>Click Here</a><br><BR></center></td></tr></table>"; $db->query(sprintf("UPDATE `users` SET `hospital` = %u, `hospreason` = 'Hospitalized for falling into an old tomb %s' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 9) { if($randhard == 1) { $db->query("INSERT INTO inventory VALUES('',$itemidsearch8,$userid,$quantitysearch8)"); echo "<div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> <span style='color:green;font-weight:700;'>Success</span><br />While searching you found an mysterious item. Go to your inventory to find out what<br /><a href='inventory.php'>Inventory</a><br /><a href='streets.php'>Streets</a><br><BR></center></td></tr></table>"; } else { $Time = mt_rand(2,8); echo "<div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> <span style='color:red;font-weight:700;'>The path collapsed!</span><br />The path collapsed and you fell into an old tomb<br /><a href='hospital.php'>Click Here</a><BR><br></center></td></tr></table>"; $db->query(sprintf("UPDATE `users` SET `hospital` = %u, `hospreason` = 'Hospitalized for falling into an old tomb %s' WHERE `userid` = %u", $Time, $cityname, $userid)); } } else if($_GET['search'] == 10) { if($rand == 1) { echo " <div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> You didnt find anything down this path<br><br> Take the path to the right <a href='?hatch=search&search=".$Type."'>Ahead</a><BR> Take the path that leads left <a href='?hatch=search&search=".$Type."'>Left</a><BR> Turn back <a href='?hatch=search&search=".$Type."'>Back</a><BR><BR> </center></td></tr></table> "; } else { echo " <div class='desc2'> <div class='citstat'> <table class='mytable'> <tr><td><center><BR> You didnt find anything down this path<br><br> You see a hole in the ground with ladders going down <a href='?hatch=search&search=".$Type."'>Down</a><BR> Follow the path straight ahead <a href='?hatch=search&search=".$Type."'>Ahead</a><BR> Take the path that leads left <a href='?hatch=search&search=".$Type."'>Left</a><BR> Take the path that leads right <a href='?hatch=search&search=".$Type."'>Right</a><BR> Turn back <a href='?hatch=search&search=".$Type."'>Back</a><BR> <BR></center></td></tr></table> "; } } } $h->endpage(); ?> Edited March 25, 2015 by Miks Quote Link to comment Share on other sites More sharing options...
TheMasterGeneral Posted March 25, 2015 Share Posted March 25, 2015 Hey hud, try something like this: <?php require('globals.php'); //Your user tests $chance=mt_rand(1,10); if ($chance == 1) { //then me } //continue for the rest of the outputs. That code should be used for a rough guess. I'm not on my main PC, so I have no formatting colors. Lol. If you have further questions, ask here or PM me directly. -TMG Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 [MENTION=70574]TheMasterGeneral[/MENTION] Thank you I will use your method :) Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 (edited) Nearly there So I have adopted what [MENTION=70574]TheMasterGeneral[/MENTION] has suggested and its now doing what I wanted but I have one more problem that I cant work out :( I have two random variables i.e $chance=mt_rand(1,3); $hchance=mt_rand(1,5); $chance represents which random event to trigger $hchance will be used to trigger another event once $chance has been triggered Anyway everything that runs under an IF statement works fine but if you look at my code and see where event 3 is I have added an else statement but cant get that to trigger. Does anyone know why? $chance=mt_rand(2,3); $hchance=mt_rand(1,1); require('globals.php'); //Your user tests if($ir['brave'] <= 0) { echo $noturns; $h->endpage(); exit; } if($ir['jail']) { print "<div class='desc2'> <div class='citstat'> <table class='mytable'><tr><td><center><BR> How can you enter the hatch when you're in jail <BR><a href='jail.php'>Go back to jail</a> <BR><BR></center></td></tr></table>"; $h->endpage(); exit; } if($ir['hospital']) { print "<div class='desc2'> <div class='citstat'> <table class='mytable'><tr><td><center><BR> How can you enter the hatch when you're in hospital recovering<<BR>a href='hospital.php'>Go back to Hospital</a> <BR><BR></center></td></tr></table>"; $h->endpage(); exit; } // The events $db->query("UPDATE `users` SET `brave`=`brave`-1 WHERE `userid`=$userid"); If ($chance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='http://yupi.md/wp-content/uploads/2014/12/1692009144053.jpg' width='500px' height='300px'><BR><BR> Its dark, you cant see anything but you hear a sound down one of the tunnels<BR><BR> Take the tunnel straight <a href=''>Ahead</a><BR> Take the tunnel on the <a href=''>Left</a><BR> Take the next tunnel on the <a href=''>Right</a><BR> Time to leave <a href=''>Leave</a><BR> <BR></center></td></tr></table>"; } if ($chance == 2) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'><BR><BR> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch<BR><BR> Take the stairs <a href=''>Down</a><BR> Take the tunnel on the <a href=''>Left</a><BR> Take the next tunnel on the <a href=''>Right</a><BR> Look for an exit <a href=''>Leave</a><BR> <BR></center></td></tr></table>"; } else if ($chance == 3) { if ($hchance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'><BR><BR> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch<BR><BR> Take the stairs <a href=''>Down</a><BR> Take the tunnel on the <a href=''>Left</a><BR> Take the next tunnel on the <a href=''>Right</a><BR> Look for an exit <a href=''>Leave</a><BR> <BR></center></td></tr></table>"; } else { $Time = mt_rand(2,5); echo " As you walk down the dark and scary looking tunnel you here something creep up behind you<BR>Before you can turn around you feel a blade pushed into your back <br /><a href='hospital.php'>Hospital</a>"; $db->query(sprintf("UPDATE users SET hospital = $time , hospreason = 'While searching you got stabbed' WHERE `userid` = $userid")); } } Edited March 25, 2015 by Miks Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 $chance=mt_rand(1,3); $hchance=mt_rand(1,5); require('globals.php'); //Your user tests if($ir['brave'] <= 0) { echo $noturns; $h->endpage(); exit; } if($ir['jail']) { print "<div class='desc2'> <div class='citstat'> <table class='mytable'><tr><td><center> How can you enter the hatch when you're in jail <a href='jail.php'>Go back to jail</a> </center></td></tr></table>"; $h->endpage(); exit; } if($ir['hospital']) { print "<div class='desc2'> <div class='citstat'> <table class='mytable'><tr><td><center> How can you enter the hatch when you're in hospital recovering<a href='hospital.php'>Go back to Hospital</a> </center></td></tr></table>"; $h->endpage(); exit; } // The events $db->query("UPDATE `users` SET `brave`=`brave`-1 WHERE `userid`=$userid"); if ($chance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='http://yupi.md/wp-content/uploads/2014/12/1692009144053.jpg' width='500px' height='300px'> Its dark, you cant see anything but you hear a sound down one of the tunnels Take the tunnel straight <a href=''>Ahead</a> Take the tunnel on the <a href=''>Left</a> Take the next tunnel on the <a href=''>Right</a> Time to leave <a href=''>Leave</a> </center></td></tr></table>"; }else if ($chance == 2) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch Take the stairs <a href=''>Down</a> Take the tunnel on the <a href=''>Left</a> Take the next tunnel on the <a href=''>Right</a> Look for an exit <a href=''>Leave</a> </center></td></tr></table>"; } else if ($chance == 3) { if ($hchance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch Take the stairs <a href=''>Down</a> Take the tunnel on the <a href=''>Left</a> Take the next tunnel on the <a href=''>Right</a> Look for an exit <a href=''>Leave</a> </center></td></tr></table>"; } else { $Time = mt_rand(2,5); echo " As you walk down the dark and scary looking tunnel you here something creep up behind youBefore you can turn around you feel a blade pushed into your back <a href='hospital.php'>Hospital</a>"; $db->query(sprintf("UPDATE users SET hospital = $time , hospreason = 'While searching you got stabbed' WHERE `userid` = $userid")); } } try that Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 [MENTION=65530]Coly010[/MENTION] Thanks but that didnt work unfortunately :( same issue as before Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 (edited) [MENTION=65530]Coly010[/MENTION] Thanks but that didnt work unfortunately :( same issue as before Tell us then. what error are you getting? How do you know if the event is not firing, could it be down to the fact that your mt_rand isn't generating a number other 1? if your mt_rand is mt_rand(1,1) like you had it in your original code, your else statement will never be needed Edited March 25, 2015 by Coly010 Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 (edited) Sorry for the confusion I thought by making $hchance=mt_rand(1,1) and $chance=mt_rand(3,3) it would force it to select those appropriate results so I can test and tell when its working as it will trigger the second result i.e $hchance to put the user in hospital I am not getting any error message, all its doing is displaying the "else if" statement which is just taking into consideration only the $chance variable and not then looking at the "if" statement i.e $hchance and triggering that result The if statement is the one that is not triggering Edited March 25, 2015 by Miks Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 Sorry for the confusion I thought by making $hchance=mt_rand(1,1) and $chance=mt_rand(3,3) it would force it to select those appropriate results so I can test and tell when its working as it will trigger the second result i.e $hchance to put the user in hospital I am not getting any error message, all its doing is displaying the "else if" statement which is just taking into consideration only the $chance variable and not then looking at the "if" statement i.e $hchance and triggering that result The if statement is the one that is not triggering Well your else statement isnt going to be used if your forcing mt_rand to be 1 as your if statement says if($hchance==1) { // code }} else { //code } ? think about it, you want your mt_rand to not be 1 if you want the else part to work Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 This is the part I'm talking about $chance=mt_rand(3,3); $hchance=mt_rand(1,1); else if ($chance == 3) { if ($hchance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch Take the stairs <a href=''>Down</a> Take the tunnel on the <a href=''>Left</a> Take the next tunnel on the <a href=''>Right</a> Look for an exit <a href=''>Leave</a> </center></td></tr></table>"; } else { $Time = mt_rand(2,5); echo " As you walk down the dark and scary looking tunnel you here something creep up behind youBefore you can turn around you feel a blade pushed into your back <a href='hospital.php'>Hospital</a>"; $db->query(sprintf("UPDATE users SET hospital = $time , hospreason = 'While searching you got stabbed' WHERE `userid` = $userid")); } } The second statement i.e "else" the one that puts the user in hospital isnt appearing i.e the text and the db query isnt happening, this is the one that I want to happen when I load the page. All its doing is displaying the top statement which it shouldnt be doing. I'm new to this but to me it reads If chance == 3 and hchance == 1 put the user in hospital But what it is doing is If chance == 3 and hchance == something other than 1 then display the top statement Its the first time I'm doing something like this but if I have got it wrong then show me because I really dont understand at the moment Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 if ($hchance == 1) { echo " <table class='mytable'><tr><td><center><h2>In The Hatch</h2> <img src='img/stairs.jpg' width='500px' height='300px'> You end up in a large room with 2 tunnels leading off and a stairs leading deeper down into the underground hatch Take the stairs <a href=''>Down</a> Take the tunnel on the <a href=''>Left</a> Take the next tunnel on the <a href=''>Right</a> Look for an exit <a href=''>Leave</a> </center></td></tr></table>"; } else { $Time = mt_rand(2,5); echo " As you walk down the dark and scary looking tunnel you here something creep up behind youBefore you can turn around you feel a blade pushed into your back <a href='hospital.php'>Hospital</a>"; $db->query(sprintf("UPDATE users SET hospital = $time , hospreason = 'While searching you got stabbed' WHERE `userid` = $userid")); } this is what you have. You code is saying, If $hchance equals 1 then show information about ending up in a large room. If $hchance does not equal 1 then put user in hospital... You have forced your random to always equal 1 and therefore it will never be able to put the user in hospital because your $hchance always equals 1 and therefore the else statement is not being used. Can you look up how to use If~Else Statements before posting here saying your code doesn't work, as it does, its working exactly as it should, you have just failed to understand it. Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 Ok I think I may see now where I have gone wrong.... I was originally basing this on the search the streets feature but wanted to hide the event from the url. So I started using this way as it was one of a few suggestions. The search the street feature does it this way else if($_GET['search'] == 3) { if($rand == 1) { I now see what you mean :( Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 The code you have works, just change the $hchance = mt_rand(1,1); to something like $hchance = mt_rand(1,100); You'll see that it does put user in hospital Quote Link to comment Share on other sites More sharing options...
Miks Posted March 25, 2015 Author Share Posted March 25, 2015 Thank you Quote Link to comment Share on other sites More sharing options...
Jax Posted March 25, 2015 Share Posted March 25, 2015 (edited) % is the key - a little simple math. Example: assuming we want to limit the potential range of values present in a GET variable to 34,359,738,368 (32^7), we could cloak the number 1 as : (1 * 5513821138855354025239443855326722937375776141979) % 34359738368 = 28633821851 Hardly an obvious result. The reverse is equally easy: (28633821851 * 24455685011) % 34359738368 = 1 As for how did I arrive at the two large numbers? 5513821138855354025239443855326722937375776141979 is simply a 50 digit prime while 24455685011 is its modular inverse with respect to 34359738368 With these numbers, you can safely encode from 1 to 34359738367 *without repetition, and due to the size of the large prime, and the fact that both it and your range value will be secret to your site, it becomes impossible with existing hardware to decode in any reasonable amount of time. Obviously, you would need to pick a different large prime though those are easy to generate in this type of range, and the limit can be set to something like 2^32 without any problem. I'd probably further this by adding in perhaps something from session data - the ID perhaps, as well as time ensuring that the sequence of numbers that a player would see is not deterministic *without* aid. POST data can be manipulated just almost as easily as GET data so I'd favour cloaking data through POST in this way. It certainly works for the large social networks, it can easily be adapted to smaller projects. Complex? No - This is high school maths - something that can be easily learnt. Further example: Given a prime of 65323, a limit of 100, this yields a modular inverse of 87 which if we look at the potential output of numbers: 1 * 65323 % 100 = 23 2 * 65323 % 100 = 46 3 * 65323 % 100 = 69 4 * 65323 % 100 = 92 5 * 65323 % 100 = 15 6 * 65323 % 100 = 38 7 * 65323 % 100 = 61 8 * 65323 % 100 = 84 9 * 65323 % 100 = 7 10 * 65323 % 100 = 30 11 * 65323 % 100 = 53 12 * 65323 % 100 = 76 13 * 65323 % 100 = 99 14 * 65323 % 100 = 22 15 * 65323 % 100 = 45 16 * 65323 % 100 = 68 17 * 65323 % 100 = 91 18 * 65323 % 100 = 14 19 * 65323 % 100 = 37 20 * 65323 % 100 = 60 21 * 65323 % 100 = 83 22 * 65323 % 100 = 6 23 * 65323 % 100 = 29 24 * 65323 % 100 = 52 25 * 65323 % 100 = 75 ... 90 * 65323 % 100 = 70 91 * 65323 % 100 = 93 92 * 65323 % 100 = 16 93 * 65323 % 100 = 39 94 * 65323 % 100 = 62 95 * 65323 % 100 = 85 96 * 65323 % 100 = 8 97 * 65323 % 100 = 31 98 * 65323 % 100 = 54 99 * 65323 % 100 = 77 Looks pretty random to me. Edited March 25, 2015 by Jax Added further example Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 25, 2015 Share Posted March 25, 2015 % is the key - a little simple math. Example: assuming we want to limit the potential range of values present in a GET variable to 34,359,738,368 (32^7), we could cloak the number 1 as : (1 * 5513821138855354025239443855326722937375776141979) % 34359738368 = 28633821851 Hardly an obvious result. The reverse is equally easy: (28633821851 * 24455685011) % 34359738368 = 1 As for how did I arrive at the two large numbers? 5513821138855354025239443855326722937375776141979 is simply a 50 digit prime while 24455685011 is its modular inverse with respect to 34359738368 With these numbers, you can safely encode from 1 to 34359738367 *without repetition, and due to the size of the large prime, and the fact that both it and your range value will be secret to your site, it becomes impossible with existing hardware to decode in any reasonable amount of time. Obviously, you would need to pick a different large prime though those are easy to generate in this type of range, and the limit can be set to something like 2^32 without any problem. I'd probably further this by adding in perhaps something from session data - the ID perhaps, as well as time ensuring that the sequence of numbers that a player would see is not deterministic *without* aid. POST data can be manipulated just almost as easily as GET data so I'd favour cloaking data through POST in this way. It certainly works for the large social networks, it can easily be adapted to smaller projects. You've completely missed the point of the topic, despite your vast knowledge. Nor did you need to make that post. He wasn't asking about cloaking $_GET and POST he was asking how to hide GET requests in the beginning and then he asked why his code was working. What you've written despite being informative is in the wrong place imo. Put it on a blog or something, don't put it somewhere a person who doesn't understand how to use if ~ else statements properly as a potential answer to his problem. 1. He won't understand half of anything you wrote 2. You'll scare him away from coding 3. It's not exactly relevant to the problem at hand Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted March 26, 2015 Share Posted March 26, 2015 The easiest would be a simple switch //your includes..... $outcome = rand(1,5) //change to whatever and no need to argue rand() vs. mt_rand() on this if(isset($_GET['some']) && $_GET['some'] == 'action') { switch($outcome) { case 1: //do something break; //And repeat default: print "This isn't supposed to happen"; break; } } print "<a href='?some=action'>Go</a>"; Basically similar to what Dave Mac said Quote Link to comment Share on other sites More sharing options...
SRB Posted March 26, 2015 Share Posted March 26, 2015 You've completely missed the point of the topic, despite your vast knowledge. Nor did you need to make that post. He wasn't asking about cloaking $_GET and POST he was asking how to hide GET requests in the beginning and then he asked why his code was working. What you've written despite being informative is in the wrong place imo. Put it on a blog or something, don't put it somewhere a person who doesn't understand how to use if ~ else statements properly as a potential answer to his problem. 1. He won't understand half of anything you wrote 2. You'll scare him away from coding 3. It's not exactly relevant to the problem at hand I guess we all have opinions on this - and some will differ. Yes, the answer may seem a little too much for the question that the OP asked -- but since this is a forum and will be read by more than just the OP, it could benefit other people. Want me to take hold of your hand while you jump down from that high horse you have found yourself riding upon? Quote Link to comment Share on other sites More sharing options...
Coly010 Posted March 26, 2015 Share Posted March 26, 2015 I'm on no such high horse I just see the post as being far too much for the question at hand, and like I said it would be better on a blog rather than to attempt to provide an answer to the OP's question. Think of it like this, if the OP tried to implement that to his script, it would not have solved the problem occuring Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.