Request| Script To Release Stuck Char

RonShin · 01/20/2012, 22:21

hello,

im looking for a script thet can release stuck char and return him back to loa

thx for all.

~~=Warmonger=~~ · 01/21/2012, 07:54

Why don't you just make one yourself? Here I'll even give you a head start. All you should have to do is fix the query in my code below.

PHP Code:


			
<?php
  // MSSQL Info
  $mssql = array(
    'host'     => "localhost",
    'database' => "database",
    'user'     => "sa",
    'pass'     => "password"
  );
  // Sanitize Input
  function anti_inject(&$input) {
    $input = preg_replace('/[^a-z0-9_\.]/i', '', $input);
    return $input;
  }
  // Build Page Controls & Functions
  if($_POST['activ'] == '1') {
    $character = anti_inject($_POST['character']);
    $con = mssql_connect($mssql['host'],$mssql['user'],$mssql['pass']);
    $check = mssql_query("SELECT * FROM dbo".$database."USER_CHARACTER WHERE character_name = '".$character."'", $con);
    $result = mssql_num_rows($check);
    if(empty($character)) {
      echo "<center>Enter A Character Name!<br>(<a href='javascript:history.back()'>Go Back</a>)</center>";
    } elseif($result == 0) {
      echo "<center>Character Does Not Exist!<br>(<a href='javascript:history.back()'>Go Back</a>)</center>";
    } else {
      $update = mssql_query("UPDATE dbo.".$mssql['database'].".USER_CHARACTER SET XXX = '' WHERE character_name = '".$character."'", $con);
      echo "<center>Character Successfully Debuged!</center>";
    }
  } else {
    echo "<center>";
    echo "<form action='".$_SEVER['PHP_SELF']."' method='POST'>";
    echo "Enter Character Name";
    echo "<br><input type='text' name='character'>";
    echo "<br><input type='hidden' name='activ' value='1'>
          <input type='submit' value='Debug Character'>";
    echo "<br><br><i>You Must Be Logged Out Before Using!</i>";
    echo "</form>";
    echo "</center>";
  }
  // Coded By Warmonger
?>

Make sure to leave credits intact.

Download:

RonShin · 01/21/2012, 10:46

is not working bro the query code dont let me to change it

~~=Warmonger=~~ · 01/21/2012, 14:29

Quote:

Originally Posted by RonShin

is not working bro the query code dont let me to change it

I updated my code, I am practically spoon feeding you. Change out the *** in the query with the name of the column that stores the characters zone. You might have to also add in the coords you wish to place them also. But really if you cant figure it out from here, then just give up.

Decima · 01/22/2012, 02:29

warmonger, ur HTML is outdated, unless you just prefer to use prehistoric HTML code . . . .

and ur anti inject function can be bypassed easily

just sayin'

~~=Warmonger=~~ · 01/22/2012, 03:47

Quote:

Originally Posted by Decima

warmonger, ur HTML is outdated, unless you just prefer to use prehistoric HTML code . . . .

and ur anti inject function can be bypassed easily

just sayin'

It shouldn't be inject-able the way it is, if it was MySQL based I would of used mysql_escape_string() but unfortunately its not. If you can inject it feel free to post a screenshot proving otherwise. Security is least in mind for giving out fast code, let them secure it 100% this was a 2 minute write and I wasn't going to even sanitize the input as it was. And HTML has always been HTML, new revisions only add new feature sets. So its quite impossible to use "outdated" HTML code. If it was outdated it would no longer work.

Decima · 01/22/2012, 08:19

lol, i just ment the way u are using ur tags has been deprecated, like <br> should be <br /> and such, and im not even about to show anyone how to inject it, sorry :P

and just cus the game doesnt use mysql, doesnt mean you cant

ffs man, u dont always have to be a douche bag when confronted with constructive criticism . . . .

~~=Warmonger=~~ · 01/22/2012, 09:41

I think your confused between HTML and XHTML. In HTML the markup is <br> in XHTML it becomes <br />, all web browsers will parse them the same. Saying you can bypass a simple sanitize function easily, and not taking the 30 seconds to show it? Who's being a douche bag? I simply stated the obvious, seems to me your the one getting sour over nothing.