hello,
im looking for a script thet can release stuck char and return him back to loa
thx for all.
im looking for a script thet can release stuck char and return him back to loa
thx for all.
Request| Script To Release Stuck Char
01/20/2012 22:21
RonShin#1
01/21/2012 07:54
=Warmonger=#2
Why don't you just make one yourself? Here I'll even give you a head start. All you should have to do is fix the query in my code below.
Make sure to leave credits intact.
Download: [Only registered and activated users can see links. Click Here To Register...]
PHP Code:
<?php
// MSSQL Info
$mssql = array(
'host' => "localhost",
'database' => "database",
'user' => "sa",
'pass' => "password"
);
// Sanitize Input
function anti_inject(&$input) {
$input = preg_replace('/[^a-z0-9_\.]/i', '', $input);
return $input;
}
// Build Page Controls & Functions
if($_POST['activ'] == '1') {
$character = anti_inject($_POST['character']);
$con = mssql_connect($mssql['host'],$mssql['user'],$mssql['pass']);
$check = mssql_query("SELECT * FROM dbo".$database."USER_CHARACTER WHERE character_name = '".$character."'", $con);
$result = mssql_num_rows($check);
if(empty($character)) {
echo "<center>Enter A Character Name!<br>(<a href='javascript:history.back()'>Go Back</a>)</center>";
} elseif($result == 0) {
echo "<center>Character Does Not Exist!<br>(<a href='javascript:history.back()'>Go Back</a>)</center>";
} else {
$update = mssql_query("UPDATE dbo.".$mssql['database'].".USER_CHARACTER SET XXX = '' WHERE character_name = '".$character."'", $con);
echo "<center>Character Successfully Debuged!</center>";
}
} else {
echo "<center>";
echo "<form action='".$_SEVER['PHP_SELF']."' method='POST'>";
echo "Enter Character Name";
echo "<br><input type='text' name='character'>";
echo "<br><input type='hidden' name='activ' value='1'>
<input type='submit' value='Debug Character'>";
echo "<br><br><i>You Must Be Logged Out Before Using!</i>";
echo "</form>";
echo "</center>";
}
// Coded By Warmonger
?>
Download: [Only registered and activated users can see links. Click Here To Register...]
01/21/2012 10:46
RonShin#3
is not working bro the query code dont let me to change it
01/21/2012 14:29
=Warmonger=#4
I updated my code, I am practically spoon feeding you. Change out the XXX in the query with the name of the column that stores the characters zone. You might have to also add in the coords you wish to place them also. But really if you cant figure it out from here, then just give up.Quote:
is not working bro the query code dont let me to change it
01/22/2012 02:29
Decima#5
warmonger, ur HTML is outdated, unless you just prefer to use prehistoric HTML code . . . .
and ur anti inject function can be bypassed easily
just sayin' ;)
and ur anti inject function can be bypassed easily
just sayin' ;)
01/22/2012 03:47
=Warmonger=#6
It shouldn't be inject-able the way it is, if it was MySQL based I would of used mysql_escape_string() but unfortunately its not. If you can inject it feel free to post a screenshot proving otherwise. Security is least in mind for giving out fast code, let them secure it 100% this was a 2 minute write and I wasn't going to even sanitize the input as it was. And HTML has always been HTML, new revisions only add new feature sets. So its quite impossible to use "outdated" HTML code. If it was outdated it would no longer work.Quote:
and ur anti inject function can be bypassed easily
just sayin' ;)
01/22/2012 08:19
Decima#7
lol, i just ment the way u are using ur tags has been deprecated, like <br> should be <br /> and such, and im not even about to show anyone how to inject it, sorry :P
and just cus the game doesnt use mysql, doesnt mean you cant ;)
ffs man, u dont always have to be a douche bag when confronted with constructive criticism . . . .
and just cus the game doesnt use mysql, doesnt mean you cant ;)
ffs man, u dont always have to be a douche bag when confronted with constructive criticism . . . .
01/22/2012 09:41
=Warmonger=#8
I think your confused between HTML and XHTML. In HTML the markup is <br> in XHTML it becomes <br />, all web browsers will parse them the same. Saying you can bypass a simple sanitize function easily, and not taking the 30 seconds to show it? Who's being a douche bag? I simply stated the obvious, seems to me your the one getting sour over nothing. :rolleyes: