Restricting pages

[boionfire81]

So, right now I've got several of my features going. But they all seem to be just open to whoever 24/7. Right now I'm wanting to restrict pages based on specific qualifiers. My first qualifier would be by housing id. I could go with if houseid = 1 then show this content. But obviously if there are 20 houses and it can get rather redundant. And in order to avoid future game additions, my thought is how to restrict based on multiple id numbers. Not a range i.e. if <5 or if >= 6. But rather if houseid = 1,2,7, 9, 12 then show. So without being redundant while still allowing further housing how can I do this?

Sorry, 6am here and still sleepy.

[Coly010]

Use an array

$restriced = [1, 4, 6, 7, 8];
if (in_array($ir['houseid'], $restricted)){
  // restrict page
} else {
  // show page
}

 

You could even create a table

In the database which you can use to populate the array, making it more dynamic

Edited April 10, 2016 by Coly010

[KyleMassacre]

I think you have your variables backwards [uSER=65530]Coly010[/uSER] haha. the $restricted should be allowed

[Coly010]

I think you have your variables backwards [uSER=65530]Coly010[/uSER] haha. the $restricted should be allowed

 

Thanks for pointing that out haha. I didnt notice

[boionfire81]

Ok,

so I'm being the restricted part of my project.

Right now at this step I'm trying to disallow access unless property upgrade = 8, 10

Using

 

  
$db->query("SELECT `upgrades` from `property_mod_user` WHERE `userid` = $userid, `upgrades` = $upgrades");
if (in_array($ir['upgrades'] = 8)) {
}
else {
echo " You do not own this";
}

 

But I'm getting [h=1]Critical Error[/h] A critical error has occurred, and page execution has stopped. Below are the details:

PHP Warning: Cannot modify header information - headers already sent by

[Coly010]

You haven't grasped the concept of working with databases in PHP.

What you have done is selected the field upgrades from the table property_mod_user using two other fields in it to determine which row to select.

However, this code isn't what has caused the Critical Error. We cannot help with the error unless you show us the correct piece of code relating to the error.

For your PHP code to work, you need to ask the database for the resulting field and value which can be done as follows:

$q = $db->query("SELECT `upgrades` from `property_mod_user` WHERE `userid` = $userid, `upgrades` = $upgrades");
$result = $db->fetch_row($q);
if(in_array($ir['upgrades'], $result)){
   // Allow
} else {
   // Dont
}

 

The in_array() function takes a value as it's first parameter and an array as it's second parameter.

It will search through the array until it finds the value that is specified in the first parameter. If it finds it, it returns true, if it doesn't it returns false.

Some more information on some of these concepts:

Arrays

http://php.net/manual/en/language.types.array.php

http://www.w3schools.com/php/php_arrays.asp

in_array()

http://php.net/manual/en/function.in-array.php

Database Results

http://www.w3schools.com/php/php_mysql_intro.asp

http://www.w3schools.com/php/php_mysql_select.asp

[boionfire81]

Yeah, it looked like the issue was something with my login status. I looked and it said the error was in globals where the login stuff was.

Went to check the rest of the site, and saw I was logged out. I logged in and refreshed with no errors.

But what, I need to do is find the house they live in. Which is sql - users - houseid_row

Then check if that house is upgraded properly. sql - property_mod_users - houseid & upgrades

Then lastly if the house they live in has been upgraded with either 8, 10, 11, then and only then display the page.

Dude, BELIEVE me, this is very hard to grasp. Considering I'm learning hands on how to use read/write php and only began a month or so ago. I don't think I'm doing to bad yet.

I think most of you guys don't realize that I've only been looking at php for just over a month. Bare with me guys :)

And yeah w3schools.com is much easier to understand than php.net

 

[boionfire81]

Ok, mission of the day (switching off others to avoid sever brain damage)

I've created a file called access.php

 

<?php
$eon = mysqli_fetch_array($db->query("SELECT * FROM cities WHERE cityid = '{$ir['location']}'"));
if($ir['traveltime'] > 0)
{
die("You are travelling for {$ir['traveltime']} minutes. Please wait until you arrive at your destination to access this page.");
}
if ( $ir['jail'] > 0)
{
   die("This page cannot be accessed while in the {$eon['cityname']} jail.");
}

if ( $ir['hospital'] > 0)
{
   die("This page cannot be accessed while in the {$eon['cityname']} hospital.");
}
if ( $ir['fishing_time'] > 0)
{
   die("This page cannot be accessed while fishing.");
}
if ( $ir['hunting_time'] > 0)
{
   die("This page cannot be accessed while hunting.");
}
if ( $ir['mining_time'] > 0)
{
   die("This page cannot be accessed while mining.");
}
if ( $ir['refine_time'] > 0)
{
   die("This page cannot be accessed while refining metal.");
}

?>

 

As I prefer hunting, fishing, etc to take time (even if small increments). Without it, the game would simply be to easy. Clcik this, click that, you made 1mill dollars. So start is going time based.

But if in jail I think people should still be able to visit their gang. But with the above code, it's all or nothing. Can this file be included on a page, and exclude specific urls per instance. i.e. if fishing disallow hunting, mining, etc. but allow fishing page. Or if hosp allow only company/if jail allow only gangs. etc?

Anyone know of an edit?

[Dominion]

It's all or nothing because you have it set-up that way.If you want to limit who can access it use a function, and pass the circumstances you want blocked/allowed. Right now you're just including a file with a bunch of if() statements that block access.

[boionfire81]

I did that to minimized space usage. Have it in a single file. But of course, it was my belief that there would be some type of function somewhere in php library of resources that would allow an exception line to be written. So your saying there is no line of code that can add an exception?

[Dominion]

Of course you can. In this case I'd ask why you're including the file on a those pages at all...

[KyleMassacre]

What you can possibly do is create a function inside your global functions that checks the current script name and see if it's in the "allowed" list of scripts or a "black list" of scripts depending on how you wish to do it. And if it is in the list then perform the checks. Then just call that function in globals.php.

function isNotAllowed(){
   $denied = [] // put all the allowed file names in here. Hardcode them or put them in the db.
   $page = isset($_SERVER['SCRIPT_NAME']) ? db->escape($_SERVER['SCRIPT_NAME'] : false;
   if($page)
   {
       if(!in_array($page,$denied))
       {
           return false;
       }
       else
       {
           // put all your conditions in here
       }
   }
}

Yes sloppy, and will need some work

Edited April 19, 2016 by KyleMassacre
Updated code

[boionfire81]

Ok, kyle I see the allowed pages in the db but it's more on a per instance basis. So would the allow feature work?

Having the access.php file would be a great addition I think. But I was think of something more like this

 

 <?php
$eon = mysqli_fetch_array($db->query("SELECT * FROM cities WHERE cityid = '{$ir['location']}'"));
if($ir['traveltime'] > 0)
{
die("You are travelling for {$ir['traveltime']} minutes. Please wait until you arrive at your destination to access this page.");
exception (inventory.php*,events.php*,mailbox.php*)
}
if ( $ir['jail'] > 0)
{
   die("This page cannot be accessed while in the {$eon['cityname']} jail.");
exception (events.php*,mailbox.php*, chapel.php*,gang.php*)
}

if ( $ir['hospital'] > 0)
{
   die("This page cannot be accessed while in the {$eon['cityname']} hospital.");
exception (chapel.php, mycompany.php*, mailbox.php*)
}
if ( $ir['fishing_time'] > 0)
{
   die("This page cannot be accessed while fishing.");
}
if ( $ir['hunting_time'] > 0)
{
   die("This page cannot be accessed while hunting.");
}
if ( $ir['mining_time'] > 0)
{
   die("This page cannot be accessed while mining.");
}
if ( $ir['refine_time'] > 0)
{
   die("This page cannot be accessed while refining metal.");
}

?>   

 

Just seems simpler to add override rules for urls with a wildcard for functions. Not to mention, this would be a really good mod for MWG if we can get exceptions to work. Instead of several lines in each file for each file, just 1 file and 1 line change.

[KyleMassacre]

You can do what I mentioned and use a switch I guess to change the files around

[boionfire81]

Try to explain in lamens terms. Never heard of switch. But outside of me, if we can make this mod work, it can go to mcc as a free mod. That's why Im hoping for a fairly easy edit, like urls

[Coly010]

A switch is similar to if and if else and if elseif else statements.

It takes the form:

$id = 1;
switch($id) {
  case 1:
       // run code
   break;
    case 2:
         // run code
     break;
      default:
         // run code for no matches
       break;
}

 

It checks the variable passed in for a match in ease of the cases. If it does it runs all the code up to a break;

A function similar to the one Kyle suggested is the best option for restricting specific pages based on other rules

[boionfire81]

What you can possibly do is create a function inside your global functions that checks the current script name and see if it's in the "allowed" list of scripts or a "black list" of scripts depending on how you wish to do it. And if it is in the list then perform the checks. Then just call that function in globals.php.

check_allowed(){
$allowed = [] // put all the allowed file names in here. Hardcore them or put them in the db.
$page = isset($_SERVER['SCRIPT_NAME']) ? db->escape($_SERVER['SCRIPT_NAME'] : false;
if($page) {
if(in_array($page,$allowed))
{
return true;
}
else
{
// put all your conditions in here
}
}
}

Yes sloppy, and will need some work

After [uSER=65530]Coly010[/uSER] post I realized I must of missed something. But now I see why. Bro, defines are seriously over my head. I've already started talking with [uSER=70347]NonStopCoding[/uSER] to pay him just to fix the 19 undefined errors I have on my site currently. Thankfully he fixed 2 of them already.

ok so what am I do with $allowed? gangs.php? .php? Gangs? My guess would be the first. Then the Script name what replaces that???

I really do feel so stupid talking here sometimes. I try to let you know, I'm "self" taught from this forum working, but yet I feel like if I don't know what you guys are referring to, then why should I bother? I bother cause I want to learn and working to make a game was a fun idea to me. But I really do feel stupid when I have to reply to ask what to me does seem like basic details.

[KyleMassacre]

Yes, that server var will take the pagename.php. And you would put in the now "denied" array a list of pages you want to block. For example:

$denied = ['gangs.php','explore.php'];

The only issue would be your requirements. If you more skilled you could create a relationship table. Which is basically a table with all the pages and then a table with all the requirements, then just loop through those and see if they meet the requirements. :p

To achieve that you can look at MySQL joins.

[Coly010]

[uSER=72582]boionfire81[/uSER] don't worry about getting overwhelmed. There's a lot to take in.

You don't replace SCRIPT_NAME with anything. This allows the server to find the file that was requested. It returns the full file name. So if someone clicked on explore, the value of it would be explore.php

Therefore in your $denied variable you would need to write "explore.php" or whatever pages you don't want to allow access to

[boionfire81]

Just thought I'd post an update. Since pages like the club would be unavailable during most things like traveling, jail, hosp, etc. I simply included this line in the pages to override the inclusion of the script when it would not be needed. Much simplier :)

:)

 

if ($ir['club'] = 0)  {
include "access.php";}

[boionfire81]

It was ok, until I ran into the to drunk to do anything lol! Typically the denies were a simple 1 or 0. But now it's a matter of an increasing number. Not sure how to approach this. For the most part drunk is whatever, but if you are soooo drunk you wouldn't be able to walk, smart thing is to wait it out or sober up. Meaning spending in game cash, meaning now is a shot at making money. Any idea's?

[KyleMassacre]

So I take it that like you said, it was 0s and 1s basically for true/false. So what you can do is something like:

$drunk = $ir['drunk'];
switch($drunk) {
   case $drunk > 1 && $drunk < 10:
       echo "You are getting pretty tipsy, you should slow down";
   break;
   case $drunk > 11 && $drunk < 20
       echo "Now your even more drunk";
   break;
   // Just keep going with what you want to do here
}