Criminal Posted February 22, 2008 Posted February 22, 2008 Hey i think this is a bug when i go to attack some 1 when i press attack on some ones profile it Say's bad bad bad girl <?php $menuhide=1; $atkpage=1; include "globals.php"; $_GET['ID'] == (int) $_GET['ID']; if(!$_GET['ID']) { print "WTF you doing, bro?"; $h->endpage(); exit; } else if($_GET['ID'] == $userid) { print "Only the crazy attack themselves."; $h->endpage(); exit; } else if ($ir['hp'] <= 1) { print "Only the crazy attack when their unconscious. Back"; $h->endpage(); exit; } else if ($_SESSION['attacklost'] == 1) { print "Only the losers of all their EXP attack when they've already lost. Back"; $_SESSION['attacklost']=0; $h->endpage(); exit; } //get player data $youdata=$ir; $q=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}"); $odata=$db->fetch_row($q); $myabbr=($ir['gender']=="Male") ? "his" : "her"; $oabbr=($ir['gender']=="Male") ? "his" : "her"; if($ir['attacking'] && $ir['attacking'] != $_GET['ID']) { print "Bad, bad, bad girl. Back"; $_SESSION['attacklost']=0; $h->endpage(); exit; } if($odata['hp'] == 1) { print "This player is unconscious. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } else if($odata['hospital']) { print "This player is in hospital. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } else if($ir['hospital']) { print "While in hospital you can't attack. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } else if($odata['jail']) { print "This player is in jail. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } else if($ir['jail']) { print "While in jail you can't attack. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } else if($odata['travelling']) { print "That player is travelling. > Back"; $h->endpage(); $_SESSION['attacking']=0; $ir['attacking']=0; $db->query("UPDATE users SET attacking=0 WHERE userid=$userid"); exit; } print "<table width=100%><tr><td colspan=2 align=center>"; if($_GET['wepid']) { if($_SESSION['attacking']==0 && $ir['attacking'] == 0) { if ($youdata['energy'] >= $youdata['maxenergy']/2) { $youdata['energy']-= floor($youdata['maxenergy']/2); $me=floor($youdata['maxenergy']/2); $db->query("UPDATE users SET energy=energy- {$me} WHERE userid=$userid"); $_SESSION['attacklog']=""; $_SESSION['attackdmg']=0; } else { print "You can only attack someone when you have 50% energy"; $h->endpage(); exit; } } $_SESSION['attacking']=1; $ir['attacking']=$odata['userid']; $db->query("UPDATE users SET attacking={$ir['attacking']} WHERE userid=$userid"); $_GET['wepid'] = (int) $_GET['wepid']; $_GET['nextstep'] = (int) $_GET['nextstep']; //damage if($_GET['wepid'] != $ir['equip_primary'] && $_GET['wepid'] != $ir['equip_secondary']) { print "Stop trying to abuse a game bug. You can lose all your EXP for that. > Home"; $db->query("UPDATE users SET exp=0 where userid=$userid",$c); die(""); } $qo=$db->query("SELECT i.* FROM items i WHERE i.itmid={$_GET['wepid']}"); $r1=$db->fetch_row($qo); $mydamage=(int) (($r1['weapon']*$youdata['strength']/($odata['guard']/1.5))*(rand(8000,12000)/10000)); $hitratio=max(10,min(60*$ir['agility']/$odata['agility'],95)); if(rand(1,100) <= $hitratio ) { $q3=$db->query("SELECT i.armor FROM items i WHERE itmid={$odata['equip_armor']} ORDER BY rand()"); if($db->num_rows($q3)) { $mydamage-=$db->fetch_single($q3); } if($mydamage < -100000) { $mydamage=abs($mydamage); } else if($mydamage < 1) { $mydamage=1; } $crit=rand(1,40); if($crit==17) { $mydamage*=rand(20,40)/10; } else if($crit==25 or $crit == 8) { $mydamage/=(rand(20,40)/10); } $mydamage=round($mydamage); $odata['hp']-=$mydamage; if($odata['hp']==1) { $odata['hp']=0;$mydamage+=1; } $db->query("UPDATE users SET hp=hp-$mydamage WHERE userid={$_GET['ID']}"); print "<font color=red>{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font> \n"; $_SESSION['attackdmg']+=$mydamage; $_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})</font> \n"; } else { print "<font color=red>{$_GET['nextstep']}. You tried to hit {$odata['username']} but missed ({$odata['hp']})</font> \n"; $_SESSION['attacklog'].="<font color=red>{$_GET['nextstep']}. {$ir['username']} tried to hit {$odata['username']} but missed ({$odata['hp']})</font> \n"; } if($odata['hp'] <= 0) { $odata['hp']=0; $_SESSION['attackwon']=$_GET['ID']; $db->query("UPDATE users SET hp=0 WHERE userid={$_GET['ID']}"); print " What do you want to do with {$odata['username']} now? <form action='attackwon.php?ID={$_GET['ID']}' method='post'><input type='submit' value='Mug Them' /></form> <form action='attackbeat.php?ID={$_GET['ID']}' method='post'><input type='submit' value='Hospitalize Them' /></form> <form action='attacktake.php?ID={$_GET['ID']}' method='post'><input type='submit' value='Leave Them' /></form>"; } else { //choose opp gun $eq=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$odata['equip_primary']}, {$odata['equip_secondary']})"); if(mysql_num_rows($eq) == 0) { $wep="Fists"; $dam=(int)((((int) ($odata['strength']/$ir['guard']/100)) +1)*(rand(8000,12000)/10000)); } else { $cnt=0; while($r=$db->fetch_row($eq)) { $enweps[]=$r; $cnt++; } $weptouse=rand(0,$cnt-1); $wep=$enweps[$weptouse]['itmname']; $dam=(int) (($enweps[$weptouse]['weapon']*$odata['strength']/($youdata['guard']/1.5))*(rand(8000,12000)/10000)); } $hitratio=max(10,min(60*$odata['agility']/$ir['agility'],95)); if(rand(1,100) <= $hitratio) { $q3=$db->query("SELECT i.armor FROM items i WHERE itmid={$ir['equip_armor']} ORDER BY rand()"); if($db->num_rows($q3)) { $dam-=$db->fetch_single($q3); } if($dam < -100000) { $dam=abs($dam); } else if($dam < 1) { $dam=1; } $crit=rand(1,40); if($crit==17) { $dam*=rand(20,40)/10; } else if($crit==25 or $crit == 8) { $dam/=(rand(20,40)/10); } $dam=round($dam); $youdata['hp']-=$dam; if ($youdata['hp']==1) { $dam+=1; $youdata['hp']=0; } $db->query("UPDATE users SET hp=hp-$dam WHERE userid=$userid"); $ns=$_GET['nextstep']+1; print "<font color=blue>{$ns}. Using $oabbr $wep {$odata['username']} hit you doing $dam damage ({$youdata['hp']})</font> \n"; $_SESSION['attacklog'].="<font color=blue>{$ns}. Using $oabbr $wep {$odata['username']} hit {$ir['username']} doing $dam damage ({$youdata['hp']})</font> \n"; } else { $ns=$_GET['nextstep']+1; print "<font color=red>{$ns}. {$odata['username']} tried to hit you but missed ({$youdata['hp']})</font> \n"; $_SESSION['attacklog'].="<font color=blue>{$ns}. {$odata['username']} tried to hit {$ir['username']} but missed ({$youdata['hp']})</font> \n"; } if($youdata['hp'] <= 0) { $youdata['hp']=0; $_SESSION['attacklost']=1; $db->query("UPDATE users SET hp=0 WHERE userid=$userid"); print "<form action='attacklost.php?ID={$_GET['ID']}' method='post'><input type='submit' value='Continue' />"; } } } else if ($odata['hp'] < 5) { print "You can only attack those who have health"; $h->endpage(); exit; } else if ($ir['gang'] == $odata['gang'] && $ir['gang'] > 0) { print "You are in the same gang as {$odata['username']}! What are you smoking today dude!"; $h->endpage(); exit; } else if ($youdata['energy'] < $youdata['maxenergy']/2) { print "You can only attack someone when you have 50% energy"; $h->endpage(); exit; } else if ($youdata['location'] != $odata['location']) { print "You can only attack someone in the same location!"; $h->endpage(); exit; } else { } print "</td></tr>"; if($youdata['hp'] <= 0 || $odata['hp'] <= 0) { print "</table>"; } else { $vars['hpperc']=round($youdata['hp']/$youdata['maxhp']*100); $vars['hpopp']=100-$vars['hpperc']; $vars2['hpperc']=round($odata['hp']/$odata['maxhp']*100); $vars2['hpopp']=100-$vars2['hpperc']; $mw=$db->query("SELECT i.* FROM items i WHERE i.itmid IN({$ir['equip_primary']}, {$ir['equip_secondary']})"); print "<tr><td colspan=2 align='center'>Attack with: "; if($db->num_rows($mw) > 0) { while($r=$db->fetch_row($mw)) { if(!$_GET['nextstep']) { $ns=1; } else { $ns=$_GET['nextstep']+2; } if($r['itmid']==$ir['equip_primary']) { print "Primary Weapon: "; } if($r['itmid']==$ir['equip_secondary']) { print "Secondary Weapon: "; } print "{$r['itmname']} "; } } else { print "You have nothing to fight with."; } print "</table>"; print "<table width='50%' align='center'><tr><td align=right>Your Health: </td><td><img src=greenbar.png width={$vars['hpperc']} height=10><img src=redbar.png width={$vars['hpopp']} height=10></td><tr><td align=right>Opponents Health: </td><td><img src=greenbar.png width={$vars2['hpperc']} height=10><img src=redbar.png width={$vars2['hpopp']} height=10></td></tr></table>"; } $h->endpage(); ?> i'll try figering it out but i cant do can u please fix it thanks Quote
Criminal Posted February 22, 2008 Author Posted February 22, 2008 Re: Hospital bug oh sorry its line 42 where it starts bad bad bad girl { print "Bad, bad, bad girl. [url='index.php']Back[/url]"; $_SESSION['attacklost']=0; $h->endpage(); exit; } Quote
Criminal Posted February 22, 2008 Author Posted February 22, 2008 Re: Hospital bug anyway its fixed i removed if($ir['attacking'] && $ir['attacking'] != $_GET['ID']) { print "Bad, bad, bad girl. [url='index.php']Back[/url]"; $_SESSION['attacklost']=0; $h->endpage(); exit; } Silver helped me thanks to him Quote
Klikoka Posted February 23, 2008 Posted February 23, 2008 Re: Hospital bug How Is This A Hospital Bug :? Quote
$$ ?????? $$ Posted February 26, 2008 Posted February 26, 2008 Re: Hospital bug lol it isn't a bug someone added it into your file which blocks you from clicking on a users profile. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.