boionfire81 Posted May 1, 2016 Share Posted May 1, 2016 (edited) So I'm making this thread to help myself and others find answers to some of the questions I have come across a lot. Here are some of the things I have learned. Undefined index (action). This is located for your "switch" function. In order to call a specific part of the file to run. Depending on the type of action you are calling you could use: $_GET['action'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? $_GET['action'] : null; when the ***.php?action= only uses letters You can use $_GET['action'] = isset($_GET['action']) && ctype_alnum($_GET['action']) ? $_GET['action'] : null; for when you need to use both letters and number values or $_GET['action'] = isset($_GET['action']) && ctype_digit($_GET['action']) ? $_GET['action'] : null; For only numbers ALOT of undefined functions are found in this line: global $ir,$c,$userid, $db; These are queries located in the global files. So if for instance you are trying to call $ir but your global line does not contain $ir you might get a undefined function. Simply by adding $ir to the global line can fix this in most cases. I have found $db and $h are the most common functions left out of the global line. $h is mostly to end a page, while $db is used to define the mysql or mysqli engine. They $c variable is included in a lot of the mods you will find, but basically is no longer used in the most recent version of McCodes. Using arrays over a single variable can add a wider range of functionality and choices for your members. They are no longer stuck to only one way, black & white. Now there are grey areas where a member can choose their route over a time way road. Code example thanks to [uSER=70347]NonStopCoding[/uSER] if(in_array($r['itmtype'],array(15,19,33))) Adding an item to users inventory, you would use item_add(*userid*,*itemID*,*quantity*); Removing an item from inventory item_remove(*userid*,*itemID*,*quantity*); Sending an event event_add(*userid*,*message*); Restrictions based on time - thanks to [uSER=70574]TheMasterGeneral[/uSER] require('globals.php'); $endtime=140000000; $starttime=130000000; $currenttime=time(); if ($endtime < $currenttime) { //nope } Delete logs after 24 hours - Thanks to [uSER=70574]TheMasterGeneral[/uSER] $Time=time(); $DeleteTime=$Time-86400; //86400 is 24 hours $db->query("DELETE FROM `your_logs_table` WHERE `timestamp` <= {$DeleteTime}"); I'm curious as the what are the most common questions you see asked. As in relation to a new mod install and configuration into McCodes general details. Many mods have questions specific to just themselves. I'd like to keep this as a universal thread so we don't confuse readers with details unrelated to them. (such as myself!, lol) Edited July 6, 2016 by boionfire81 Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 1, 2016 Author Share Posted May 1, 2016 (edited) My current question. Before I include in the above post is dealing with yet again the $ get/ $ post variables. What is the best form when the $_POST has various characters, including spaces? [uSER=68711]KyleMassacre[/uSER] [uSER=69001]Zettieee[/uSER] Anyways, will keep updating in this post to keep the thread clean. Edited May 4, 2016 by boionfire81 Quote Link to comment Share on other sites More sharing options...
Zettieee Posted May 1, 2016 Share Posted May 1, 2016 I think you installed the game using MYSQL driver and not MYSQLi Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted May 1, 2016 Share Posted May 1, 2016 My current question. Before I include in the above post is the error I took the line $db->fetch_array and changed to $db->fetch_row, as per a typical McCodes issue, but I still get this error a lot. Any ideas? PHP Warning: mysql_fetch_array() expects parameter 1 to be resource, object given (2) I think that is because you are still mixing. a resource is a query that was passed through $db->query(); and an object is for lack of a better term, a class initializer much like $db. If you want to use mysqli then go into your config.php and change the driver to mysqli and refrain from using mysqli_*() at all costs otherwise the scripts get confused because all your resources get passed through properties in your database class if you dont know what you are exactly doing. Also, $r is not a global variable. So new people coming here looking at this, please DONT get confused here. $r is just a commonly used variable that returns a result set for a number of different things in any given PHP script. But yes, $ir is in fact a global variable found in globals.php that stores in cache almost everything about the current logged in user. But, here we will go after the most common global variables that you mentioned inside of functions: $ir: Like I mentioned above, it stores information about the current user like everything in the users, and userstats tables. $c: Not needed. This is the connection string used for the database class. This was just something carried over from the V1/lite days $userid: This is equivalent to $_SESSION['userid'] or $ir['userid']. If you only need the user's id then use this. If you need more info for the user then use $ir. $db: Also like I said above, this is the database object to perform queries to your mysql database. As for your undefined indexes, I believe (could be wrong) since PHP 5.3 they started issuing E_WARNING/E_NOTICE for array indexes that were not checked. They do this so that the administrator can be notified of something that can potentially go wrong before it does go wrong. And for reference, the anatomy of an array: Your array is basically a multidimensional variable with an $array['key'] look. The key is also an index starting with 0 and ending with count($array) - 1. So: $array['key0'] = 1; $array['key1'] = 1; $array['key2'] = 1; $array['key3'] = 1; $array['key4'] = 1; So you will see 5 array keys but the first key would be 0 or key0 and the last would be 4 or key4. This is why PHP issues a warning so that you can prevent someone from trying to access $array[5] or $array['key5'] since it doesnt exist and trigger a critical error. The way to do this is to first check if the array key exists using (thats right) array_key_exists(). After that returns true you should check to see if the array and key => value pair match criteria that you want: //using my example above with $array if(array_key_exists('key0',$array)) // You may even get away with in_array(['key0','...'], $array) { // that key exists in this example so we will move forward if(isset($array['key0']) && ctype_digit($array['key0'])) { // the value is in fact set since it contains a value of 1 and it is a number which is what we want $myValue = $array['key0']; } else { throw new Exception('You must enter a value that is a number knuckle head!'); } } else { throw new Exception('What are you trying to pull here?'); } Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 10, 2016 Author Share Posted May 10, 2016 ok new question. When you have say a description input, what is the best $_POST to use? Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted May 10, 2016 Share Posted May 10, 2016 POST is used for POST requests generally through a form input and GET is used for GET requests which grabs the data from the URL Quote Link to comment Share on other sites More sharing options...
G7470 Posted May 10, 2016 Share Posted May 10, 2016 Are you referring to validating a $_POST request that has a description of mixed text? ~G7470 1 Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 10, 2016 Author Share Posted May 10, 2016 [uSER=70485]G7470[/uSER] exactly. simply ctype_alpha doesn't work, nor does alnum. Quote Link to comment Share on other sites More sharing options...
sniko Posted May 10, 2016 Share Posted May 10, 2016 [uSER=70485]G7470[/uSER] exactly. simply ctype_alpha doesn't work, nor does alnum. Then use preg_match() with a whitelist character set. What, exactly, are you trying to validate? An English sentence? A numerical value? A single string word? <?php if( preg_match("/^[\w]+$/", "SomeString") ) { //Matched } if( preg_match("/^[\d]+$/", "999") ) { //Matched } if( preg_match("/^[\w\s]+$/", trim("Lorem Ipsum a sentence with no punctuation")) ) { //Matched } Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 10, 2016 Author Share Posted May 10, 2016 I'm trying to validate user signatures Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted May 11, 2016 Share Posted May 11, 2016 Well that is where it gets tricky. You could look at filter_input or if you are feel like being an explorer try what sniko suggested with some RegEx. This all depends on what you want to allow and not allow and how you want to handle your data, for example are you going to validate then sanitize on input or validate and sanitize on output. Some people strongly believe that data in the DB is supposed to stay in its raw form and then sanitize on output and others feel the complete opposite. Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 15, 2016 Author Share Posted May 15, 2016 ok, how do you validate $_REQUEST Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted May 15, 2016 Share Posted May 15, 2016 The same way as GET and POST. Request basically get the value for a particular array key for the given request method. $_REQUEST['key'] will match $_POST['key'] if the current request method is POST and match $_GET['key'] if the current request method is GET Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 15, 2016 Author Share Posted May 15, 2016 (edited) thought that would work too...but I'll double check I just bought the pet attack mod, and literally bugs everywhere! A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Use of undefined constant spd - assumed 'spd' (8) Line executed: /home/public_html/pet.php:181 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Use of undefined constant pwr - assumed 'pwr' (8) Line executed: /home/public_html/pet.php:185 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Undefined variable: freespd (8) Line executed: /home/public_html/pet.php:130 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Undefined variable: freepwr (8) Line executed: /home/public_html/pet.php:131 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Undefined variable: freestr (8) Line executed: /home/public_html/pet.php:132 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Undefined variable: freesma (8) Line executed: /home/public_html/pet.php:133 A non-critical error has occurred. Page execution will continue. Below are the details: PHP Notice: Undefined variable: freelife (8) Line executed: /home/public_html/pet.php:134 $enperc=(int) ($Pet['pet_energy']/$Pet['pet_maxen']*100); $PetLvl = 100*$Pet['pet_level']; $experc=(int) ($Pet['pet_exp']/$PetLvl*100); $EN = floor($Pet['pet_energy'] / 5) * 5; if($Pet['pet_lifestat'] < 11) { $Price =number_format(5000*$Pet['pet_lifestat']); $llink="[<a href='pet.php?action=buystat&s=life'>$$Price</a>]"; } if($Pet['pet_lifestat'] == 11) { $Price =number_format(5000*$Pet['pet_lifestat']); $llink=""; } if($Pet['pet_agistat'] < 11) { $Price =number_format(5000*$Pet['pet_agistat']); $slink="[<a href='pet.php?action=buystat&s=spd'>$$Price</a>]"; } if($Pet['pet_agistat'] == 11) { $Price =number_format(5000*$Pet['pet_agistat']); $slink=""; } if($Pet['pet_strstat'] < 11) { $Price =number_format(5000*$Pet['pet_strstat']); $plink="[<a href='pet.php?action=buystat&s=pwr'>$$Price</a>]"; } if($Pet['pet_strstat'] == 11) { $Price =number_format(5000*$Pet['pet_strstat']); $plink=""; } if($Pet['pet_guardstat'] < 11) { $Price =number_format(5000*$Pet['pet_guardstat']); $stlink="[<a href='pet.php?action=buystat&s=str'>$$Price</a>]"; } if($Pet['pet_guardstat'] == 11) { $Price =number_format(5000*$Pet['pet_guardstat']); $stlink=""; } if($Pet['pet_iqstat'] < 11) { $Price =number_format(5000*$Pet['pet_iqstat']); $ilink="[<a href='pet.php?action=buystat&s=sma'>$$Price</a>]"; } if($Pet['pet_iqstat'] == 11) { $Price =number_format(5000*$Pet['pet_iqstat']); $ilink=""; } if($Pet['pet_enstat'] < 11) { $Price =number_format(5000*$Pet['pet_enstat']); $elink="[<a href='pet.php?action=buystat&s=en'>$$Price</a>]"; } if($Pet['pet_enstat'] == 11) { $Price =number_format(5000*$Pet['pet_enstat']); $elink=""; } if($Pet['pet_freestat']) { $freespd = "[<a href='pet.php?action=freestat&s=spd' title='Click for 4 free agility stats'>Free</a>]"; $freepwr = "[<a href='pet.php?action=freestat&s=pwr' title='Click for 4 free strength stats'>Free</a>]"; $freestr = "[<a href='pet.php?action=freestat&s=str' title='Click for 4 free guard stats'>Free</a>]"; $freesma = "[<a href='pet.php?action=freestat&s=sma' title='Click for 4 free iq stats'>Free</a>]"; $freelife = "[<a href='pet.php?action=freestat&s=life' title='Click for 1 free day added to your lifespan.'>Free</a>]"; } $Pet['pet_name'] = stripslashes(htmlentities($Pet['pet_name'])); echo "<center><table class='table' width='75%'><tr><th>Pet</th><th>Info</th></tr> <tr><td width='40%' valign='top'><img src='{$Pet['Pet_Pic']}'><br /><b>{$Pet['pet_name']} lvl {$Pet['pet_level']}</b><br /> <b>Agility:</b> {$Pet['pet_agility']} $freespd $slink <br /> <b>Strength:</b> {$Pet['pet_strength']} $freepwr $plink<br /> <b>Guard:</b> {$Pet['pet_guard']} $freestr $stlink<br /> <b>IQ:</b> {$Pet['pet_iq']} $freesma $ilink<br /> <b>Lifespan:</b> {$Pet['pet_lifespan']} $freelife $llink<br /></td></td> <td width='60%' valign='top'><div id='details'><b>Energy:</b> $elink {$Pet['pet_energy']}/{$Pet['pet_maxen']}</a></span><div id='stat_bar' title='{$Pet['pet_energy']}/{$Pet['pet_maxen']}'><div style='width:$enperc%'></div></div> <b>Exp: </b>".number_format($Pet['pet_exp'])."/".number_format($PetLvl)."</a></span><div id='stat_bar'><div style='width:$experc%'></div></div></div> <table><tr> <td width='50%'><a href='pet.php?action=train&stat=spd'>Train Agility</a></td><td width='50%'>[<a href='pet.php?action=train&stat=spdall'>Use $EN</a>]</td></tr> <tr><td><a href='pet.php?action=train&stat=pwr'>Train Strength</a></td><td>[<a href='pet.php?action=train&stat=pwrall'>Use $EN</a>]<br /></td></tr> <tr><td><a href='pet.php?action=train&stat=str'>Train Guard</a></td><td>[<a href='pet.php?action=train&stat=strall'>Use $EN</a>]<br /></td></tr> <tr><td><a href='pet.php?action=train&stat=sma'>Train IQ</a></td><td>[<a href='pet.php?action=train&stat=smaall'>Use $EN</a>]<br /></td></tr></table> <br /><b>Your Pet has ".number_format($Pet['pet_freestat'])." free upgrades!</b><br /> <a href='pet.php?action=rename'>Rename pet</a><br /> <a href='pet.php?action=abandon'>Abandon pet</a><br /> </td></tr></td></tr></table><br> <table class='table' width='100%'> <tr><td width='65%' valign='top'> <table class='table' width='100%'><tr><th colspan='2'>Last 20 Pet Events</th></tr>"; $c=$db->query("SELECT * FROM petevents WHERE pevPET={$Pet['pet_id']} ORDER BY pevID DESC LIMIT 20"); if($db->num_rows($c)==0) { echo "<tr><td colspan='2'>There Are no pet events.</td></tr>"; } while($cash=$db->fetch_row($c)) { $sup = date('n/j/y, g:i:s a', $cash['pevTIME']); echo "<tr><td width='25%'>$sup</td><td>".stripslashes($cash['pevTEXT'])."</td></tr>"; } echo "</table></td> <td valign='top'> <table class='table' width='100%'> <tr><th colspan='2'>List of attackable pets</th></tr>"; $c=$db->query("SELECT * FROM pets ORDER BY pet_level DESC LIMIT 20"); if($db->num_rows($c)==0) { echo "<td colspan='2'>There Are no pets.</td>"; } while($atk=$db->fetch_row($c)) { echo "<tr><td><a href='pet.php?action=view&ID={$atk['pet_id']}'>".stripslashes($atk['pet_name'])."</a> (lvl {$atk['pet_level']})</td> <td><a href='pet.php?action=fight&id={$atk['pet_id']}'>Attack</a></td></tr>"; } echo "</table></td></tr></table>"; } function pet_freestat() { global $ir,$db,$c,$userid,$h; $_REQUEST['s'] = isset($_REQUEST['s']) && ctype_alpha($_REQUEST['s']) ? $_REQUEST['s'] : null; $q=$db->query("SELECT * FROM pets WHERE pet_userid=$userid"); $Pet=$db->fetch_row($q); if(!$Pet['pet_freestat']) { echo "You don't have any more free stats. If you wish to get more you have to level your pet up."; pet_index(); $h->endpage(); exit; } if($_REQUEST['s'] == spd) { $db->query("UPDATE pets SET pet_agility=pet_agility+4,pet_freestat=pet_freestat-1 WHERE pet_userid=$userid",$c); pet_index(); } if($_REQUEST['s'] == pwr) { $db->query("UPDATE pets SET pet_strength=pet_strength+4,pet_freestat=pet_freestat-1 WHERE pet_userid=$userid",$c); pet_index(); } if($_REQUEST['s'] == str) { $db->query("UPDATE pets SET pet_guard=pet_guard+4,pet_freestat=pet_freestat-1 WHERE pet_userid=$userid",$c); pet_index(); } if($_REQUEST['s'] == sma) { $db->query("UPDATE pets SET pet_iq=pet_iq+4,pet_freestat=pet_freestat-1 WHERE pet_userid=$userid",$c); pet_index(); } if($_REQUEST['s'] == life) { $db->query("UPDATE pets SET pet_lifespan=pet_lifespan+1,pet_freestat=pet_freestat-1 WHERE pet_userid=$userid",$c); Edited May 15, 2016 by boionfire81 oi! Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted May 15, 2016 Share Posted May 15, 2016 If I remember this comes with a pet global file that needs to be included in the globals file Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted May 16, 2016 Author Share Posted May 16, 2016 yeah, I did include that Quote Link to comment Share on other sites More sharing options...
boionfire81 Posted June 20, 2016 Author Share Posted June 20, 2016 ok, another question with _GETs. How should this work as it's letters and characters if($_GET['type'] == "equip_primary") $_GET['action'] = isset($_GET['action']) && ctype_alnum($_GET['action']) ? $_GET['action'] : null; won't work. It's actually in equip_weapon.php line 54. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.