athena26 Posted June 3, 2021 Share Posted June 3, 2021 Everything in my game going up by 2, item use, leveling up,crime exp, I've check the global func and everything seems fine can anyone help me fix this ? Quote Link to comment Share on other sites More sharing options...
Sim Posted June 3, 2021 Share Posted June 3, 2021 Sounds like u got exploited 🙂 Check DB class? Or directory search files on server and your backup copy for '+2' or '+ 2'. If your lucky your find the issue. The real issue is, how did it happen. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 3, 2021 Author Share Posted June 3, 2021 I've been looking everywhere for this error will check the dB class This happened since I changed all MySQL queries to $db->query . Quote Link to comment Share on other sites More sharing options...
Sim Posted June 3, 2021 Share Posted June 3, 2021 Maybe a trigger has been attached? @Magictallguy @KyleMassacre @Dayo @Dave gagging the experts. Quote Link to comment Share on other sites More sharing options...
Dayo Posted June 3, 2021 Share Posted June 3, 2021 Isnt this McCodes? Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 3, 2021 Author Share Posted June 3, 2021 Yes it's mccodes and I don't know what triggered this. I've checked the db,global func, everything and everything I see seems fine , however everything going up by 2 in the inventory. function itemtype_dropdown($connection, $ddname = "item_type", $selected = -1) { global $db; $ret = "<select name='$ddname' type='dropdown'>"; $q = $db->query("SELECT * FROM itemtypes ORDER BY itmtypename ASC"); if ($selected == -1) { $first = 0; } else { $first = 1; } while ($r = $db->fetch_row($q)) { $ret .= "\n<option value='{$r['itmtypeid']}'"; if ($selected == $r['itmtypeid'] || $first == 0) { $ret .= " selected='selected'"; $first = 1; } $ret .= ">{$r['itmtypename']}</option>"; } $ret .= "\n</select>"; return $ret; } function item_dropdown($connection, $ddname = "item", $selected = -1) { global $db; $ret = "<select name='$ddname' type='dropdown'>"; $q = $db->query("SELECT * FROM items ORDER BY itmname ASC"); if ($selected == -1) { $first = 0; } else { $first = 1; } while ($r = $db->fetch_row($q)) { $ret .= "\n<option value='{$r['itmid']}'"; if ($selected == $r['itmid'] || $first == 0) { $ret .= " selected='selected'"; $first = 1; } $ret .= ">{$r['itmname']}</option>"; } $ret .= "\n</select>"; return $ret; } function item2_dropdown($connection, $ddname = "item", $selected = -1) { global $db; $ret = "<select name='$ddname' type='dropdown'>"; $q = $db->query("SELECT * FROM items ORDER BY itmname ASC"); if ($selected < 1) { $ret .= "<option value='0' selected='selected'>-- None --</option>"; } else { $ret .= "<option value='0'>-- None --</option>"; } while ($r = $db->fetch_row($q)) { $ret .= "\n<option value='{$r['itmid']}'"; if ($selected == $r['itmid']) { $ret .= " selected='selected'"; $first = 1; } $ret .= ">{$r['itmname']}</opJavaScripttion>"; } $ret .= "\n</select>"; return $ret; } This is the function that I have in globals func. Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted June 3, 2021 Share Posted June 3, 2021 That is just a function to make the drop downs. You want to look at the item_add function (I think that’s what it’s called lol) Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 4, 2021 Author Share Posted June 4, 2021 The item function itemuse.php is fine I've checked everything This is happening on everything ,itemuse, Brave, leveling up, streets, turns , item buy <a href='itemuse.php?ID={$_GET['ID']}'>Use Again</a> | <a href='inventory.php'>Inventory</a> </div></div> "; item_remove($userid, $r['inv_itemid'], 1); } } $h->endpage(); Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted June 4, 2021 Share Posted June 4, 2021 Hey, @athena26! See this icon on the toolbar? Click that before posting code, please! Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 4, 2021 Author Share Posted June 4, 2021 I'm using android I never seem to find that bottom, sorry. Quote Link to comment Share on other sites More sharing options...
Sim Posted June 4, 2021 Share Posted June 4, 2021 1 hour ago, athena26 said: I'm using android I never seem to find that bottom, sorry. Change mode to desktop mode and that button will be displayed. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 4, 2021 Author Share Posted June 4, 2021 How do I do that sim . Willing to pay 10$ to whoever fixes this for me . Quote Link to comment Share on other sites More sharing options...
Sim Posted June 4, 2021 Share Posted June 4, 2021 Now the <> code tag button will be displayed. 3dots on right. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 5, 2021 Author Share Posted June 5, 2021 Nice found it , can you help me fix this issue sim? I'll pay you I'll pay anyone to fix this ! Quote Link to comment Share on other sites More sharing options...
Sim Posted June 5, 2021 Share Posted June 5, 2021 1 hour ago, athena26 said: Nice found it , can you help me fix this issue sim? I'll pay you I just did. 😂 $10plz 1 Quote Link to comment Share on other sites More sharing options...
Veramys Posted June 5, 2021 Share Posted June 5, 2021 Items aren't having multiples used at one time. I checked that. As for the leveling stuff you have crime exp set so high that when they do some crimes some of them gain massive amounts of exp and that in turn causes them to have levels stored up. So every page load will cause them to level up until they run out of exp. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 5, 2021 Author Share Posted June 5, 2021 But I have 0 exp and me and everyone else is using 2000 brave but wastes 4000 same for item use , trust me there is a issue there I don't know how you ain't seeing it even when they use donator items so o should lower the crime to int? So what's causing this issue for everyone else ? Quote Link to comment Share on other sites More sharing options...
Sim Posted June 5, 2021 Share Posted June 5, 2021 Do you have some kind of VIP/donator thing giving to only certain members. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 6, 2021 Author Share Posted June 6, 2021 I have the donation system from Dave, and I have daily rewards and a starter pack. And VIP gym training labour and rob skill .. Quote Link to comment Share on other sites More sharing options...
SwiftGameR Posted June 10, 2021 Share Posted June 10, 2021 On 6/3/2021 at 4:10 PM, athena26 said: I've been looking everywhere for this error will check the dB class This happened since I changed all MySQL queries to $db->query . check your Database for any inserted JS or CSS code On 6/3/2021 at 11:17 PM, KyleMassacre said: That is just a function to make the drop downs. You want to look at the item_add function (I think that’s what it’s called lol) Plus if hes double clicking its going to block the entry from first time he sent the form information. Quote I've been looking everywhere for this error will check the dB class This happened since I changed all MySQL queries to $db->query . I guess you have went from v1 to v2 make sure both mysql and mysqli driver are not both running causing double queries.. V2.05b is secure to what i know of lol but its already converted to the mysqli driver selected upon installation. <?php require_once __DIR__.'/globals.php'; // Run this code in a file on its own and see if which number returns. Scans userid from the ```users``` table and if it finds a result it will show below which we are going to fetch single item no point in wasting unesserry resources. $UserCount = $db->query('SELECT COUNT(userid) FROM users WHERE user_level > 0 ORDER BY userid'); // because we are only need 1 item from the column which is Count() function with column userid which scans database faster plus saves resources.. // Below we are echo or printing out the result from the query but instead of making new variables and shit we will do it this way. echo !$db->fetch_single($UserCount) ? "Could not find any users in the game." : '.money_formatter($db->fetch_single($UserCount)).' members in your game. // So basicly if there is no records in the users table that Message "Could not find any users in the game." will display on there screen otherwise it will show something like this (1,000 players so the result should echo out 1,000 members in your game. (example it rounds the records in the table well columns) // or just scan your whole database and make sure there is no xss attacks my theroey is both old MYSQL DRIVER AND THE MYSQLI drivers are running at same time doubling the query. /* Some Steps to follow to try fix. 1. Make sure both MYSQL & MYSQLI drivers are not running at sane time. (try Remove the old one and keep the MYSQLI one) 2. Can't you do a copy + paste into a subdomsin see if issue pressists. 3. Do freah install of Mccodes V2.05b which works fine accept the staff files (*COUGH STILL NOT FIXED A WORKAROUND FOR INSERTING 0 INTO THE DATABASE LAST TIME I CHECKED IT WAS NOT IF IT HAS BEEN FIXED NOW MY APPOLIGIES IF NOT THEN AH WELL SHOW THEM THE FIX UP TO WHOEVER USES IT...)*/ # If your having issues inserting 0s into the staff files you need to find the checks where they check if its empty(either post or get variable but ninetimes out of 10 it will be post for staff side unless editing.. // base code example if (empty($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } // but if you add a small bit of logic to it to make it inserts 0's and avove. if (empty($_POST['buyable']) && !is_numeric($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } # Done now u can set 0s in staff files. Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 11, 2021 Author Share Posted June 11, 2021 6 hours ago, SwiftGameR said: check your Database for any inserted JS or CSS code Plus if hes double clicking its going to block the entry from first time he sent the form information. I guess you have went from v1 to v2 make sure both mysql and mysqli driver are not both running causing double queries.. V2.05b is secure to what i know of lol but its already converted to the mysqli driver selected upon installation. <?php require_once __DIR__.'/globals.php'; // Run this code in a file on its own and see if which number returns. Scans userid from the ```users``` table and if it finds a result it will show below which we are going to fetch single item no point in wasting unesserry resources. $UserCount = $db->query('SELECT COUNT(userid) FROM users WHERE user_level > 0 ORDER BY userid'); // because we are only need 1 item from the column which is Count() function with column userid which scans database faster plus saves resources.. // Below we are echo or printing out the result from the query but instead of making new variables and shit we will do it this way. echo !$db->fetch_single($UserCount) ? "Could not find any users in the game." : '.money_formatter($db->fetch_single($UserCount)).' members in your game. // So basicly if there is no records in the users table that Message "Could not find any users in the game." will display on there screen otherwise it will show something like this (1,000 players so the result should echo out 1,000 members in your game. (example it rounds the records in the table well columns) // or just scan your whole database and make sure there is no xss attacks my theroey is both old MYSQL DRIVER AND THE MYSQLI drivers are running at same time doubling the query. /* Some Steps to follow to try fix. 1. Make sure both MYSQL & MYSQLI drivers are not running at sane time. (try Remove the old one and keep the MYSQLI one) 2. Can't you do a copy + paste into a subdomsin see if issue pressists. 3. Do freah install of Mccodes V2.05b which works fine accept the staff files (*COUGH STILL NOT FIXED A WORKAROUND FOR INSERTING 0 INTO THE DATABASE LAST TIME I CHECKED IT WAS NOT IF IT HAS BEEN FIXED NOW MY APPOLIGIES IF NOT THEN AH WELL SHOW THEM THE FIX UP TO WHOEVER USES IT...)*/ # If your having issues inserting 0s into the staff files you need to find the checks where they check if its empty(either post or get variable but ninetimes out of 10 it will be post for staff side unless editing.. // base code example if (empty($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } // but if you add a small bit of logic to it to make it inserts 0's and avove. if (empty($_POST['buyable']) && !is_numeric($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } # Done now u can set 0s in staff files. <?php require_once __DIR__.'/globals.php'; // Run this code in a file on its own and see if which number returns. Scans userid from the ```users``` table and if it finds a result it will show below which we are going to fetch single item no point in wasting unesserry resources. $UserCount = $db->query('SELECT COUNT(userid) FROM users WHERE user_level > 0 ORDER BY userid'); // because we are only need 1 item from the column which is Count() function with column userid which scans database faster plus saves resources.. // Below we are echo or printing out the result from the query but instead of making new variables and shit we will do it this way. echo !$db->fetch_single($UserCount) ? "Could not find any users in the game." : '.money_formatter($db->fetch_single($UserCount)).' members in your game. // So basicly if there is no records in the users table that Message "Could not find any users in the game." will display on there screen otherwise it will show something like this (1,000 players so the result should echo out 1,000 members in your game. (example it rounds the records in the table well columns) // or just scan your whole database and make sure there is no xss attacks my theroey is both old MYSQL DRIVER AND THE MYSQLI drivers are running at same time doubling the query. /* Some Steps to follow to try fix. 1. Make sure both MYSQL & MYSQLI drivers are not running at sane time. (try Remove the old one and keep the MYSQLI one) 2. Can't you do a copy + paste into a subdomsin see if issue pressists. 3. Do freah install of Mccodes V2.05b which works fine accept the staff files (*COUGH STILL NOT FIXED A WORKAROUND FOR INSERTING 0 INTO THE DATABASE LAST TIME I CHECKED IT WAS NOT IF IT HAS BEEN FIXED NOW MY APPOLIGIES IF NOT THEN AH WELL SHOW THEM THE FIX UP TO WHOEVER USES IT...)*/ # If your having issues inserting 0s into the staff files you need to find the checks where they check if its empty(either post or get variable but ninetimes out of 10 it will be post for staff side unless editing.. // base code example if (empty($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } // but if you add a small bit of logic to it to make it inserts 0's and avove. if (empty($_POST['buyable']) && !is_numeric($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } # Done now u can set 0s in staff files. I've checked everything and this also includes crimes for brave. Exp,item use , levelling,buying items , everything really just goes up by 2 6 hours ago, SwiftGameR said: check your Database for any inserted JS or CSS code Plus if hes double clicking its going to block the entry from first time he sent the form information. I guess you have went from v1 to v2 make sure both mysql and mysqli driver are not both running causing double queries.. V2.05b is secure to what i know of lol but its already converted to the mysqli driver selected upon installation. <?php require_once __DIR__.'/globals.php'; // Run this code in a file on its own and see if which number returns. Scans userid from the ```users``` table and if it finds a result it will show below which we are going to fetch single item no point in wasting unesserry resources. $UserCount = $db->query('SELECT COUNT(userid) FROM users WHERE user_level > 0 ORDER BY userid'); // because we are only need 1 item from the column which is Count() function with column userid which scans database faster plus saves resources.. // Below we are echo or printing out the result from the query but instead of making new variables and shit we will do it this way. echo !$db->fetch_single($UserCount) ? "Could not find any users in the game." : '.money_formatter($db->fetch_single($UserCount)).' members in your game. // So basicly if there is no records in the users table that Message "Could not find any users in the game." will display on there screen otherwise it will show something like this (1,000 players so the result should echo out 1,000 members in your game. (example it rounds the records in the table well columns) // or just scan your whole database and make sure there is no xss attacks my theroey is both old MYSQL DRIVER AND THE MYSQLI drivers are running at same time doubling the query. /* Some Steps to follow to try fix. 1. Make sure both MYSQL & MYSQLI drivers are not running at sane time. (try Remove the old one and keep the MYSQLI one) 2. Can't you do a copy + paste into a subdomsin see if issue pressists. 3. Do freah install of Mccodes V2.05b which works fine accept the staff files (*COUGH STILL NOT FIXED A WORKAROUND FOR INSERTING 0 INTO THE DATABASE LAST TIME I CHECKED IT WAS NOT IF IT HAS BEEN FIXED NOW MY APPOLIGIES IF NOT THEN AH WELL SHOW THEM THE FIX UP TO WHOEVER USES IT...)*/ # If your having issues inserting 0s into the staff files you need to find the checks where they check if its empty(either post or get variable but ninetimes out of 10 it will be post for staff side unless editing.. // base code example if (empty($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } // but if you add a small bit of logic to it to make it inserts 0's and avove. if (empty($_POST['buyable']) && !is_numeric($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } # Done now u can set 0s in staff files. <?php require_once __DIR__.'/globals.php'; // Run this code in a file on its own and see if which number returns. Scans userid from the ```users``` table and if it finds a result it will show below which we are going to fetch single item no point in wasting unesserry resources. $UserCount = $db->query('SELECT COUNT(userid) FROM users WHERE user_level > 0 ORDER BY userid'); // because we are only need 1 item from the column which is Count() function with column userid which scans database faster plus saves resources.. // Below we are echo or printing out the result from the query but instead of making new variables and shit we will do it this way. echo !$db->fetch_single($UserCount) ? "Could not find any users in the game." : '.money_formatter($db->fetch_single($UserCount)).' members in your game. // So basicly if there is no records in the users table that Message "Could not find any users in the game." will display on there screen otherwise it will show something like this (1,000 players so the result should echo out 1,000 members in your game. (example it rounds the records in the table well columns) // or just scan your whole database and make sure there is no xss attacks my theroey is both old MYSQL DRIVER AND THE MYSQLI drivers are running at same time doubling the query. /* Some Steps to follow to try fix. 1. Make sure both MYSQL & MYSQLI drivers are not running at sane time. (try Remove the old one and keep the MYSQLI one) 2. Can't you do a copy + paste into a subdomsin see if issue pressists. 3. Do freah install of Mccodes V2.05b which works fine accept the staff files (*COUGH STILL NOT FIXED A WORKAROUND FOR INSERTING 0 INTO THE DATABASE LAST TIME I CHECKED IT WAS NOT IF IT HAS BEEN FIXED NOW MY APPOLIGIES IF NOT THEN AH WELL SHOW THEM THE FIX UP TO WHOEVER USES IT...)*/ # If your having issues inserting 0s into the staff files you need to find the checks where they check if its empty(either post or get variable but ninetimes out of 10 it will be post for staff side unless editing.. // base code example if (empty($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } // but if you add a small bit of logic to it to make it inserts 0's and avove. if (empty($_POST['buyable']) && !is_numeric($_POST['buyable'])) { echo "This must be set a price.; $h->endpage(); exit; } # Done now u can set 0s in staff files. Also I only have the class mysqli when I went from v1 to V2 after changing all queries to $db-> I deleted the file of class keeping only class mysqli and I've checked every query's every CSS file and the issue still continues 😞 Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 12, 2021 Author Share Posted June 12, 2021 Willing to pay 40$ to whoever can fix all my bugs on my website ! 1 Quote Link to comment Share on other sites More sharing options...
Sim Posted June 12, 2021 Share Posted June 12, 2021 1 hour ago, athena26 said: Willing to pay 40$ to whoever can fix all my bugs on my website ! I done offered. It's been a week now and still hasn't gotten any files Quote Link to comment Share on other sites More sharing options...
athena26 Posted June 12, 2021 Author Share Posted June 12, 2021 36 minutes ago, Sim said: I done offered. It's been a week now and still hasn't gotten any files I've messaged you Quote Link to comment Share on other sites More sharing options...
SwiftGameR Posted June 13, 2021 Share Posted June 13, 2021 some like someone has hacked ur site somehow one of ur mods might be not secured or secured and checks in place etc. would of had a look but 2 late hehe Sim is a great developer he will find the cause 😛 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.