view 2

 

This is the second version of my fun Tomorrow I will give psd

Regards: D 3 version will be similar to the destiny

Hey Programmers

 

I have some simple Questions:

As First i made a Player Counter for my Server in C#, it work all Fine but there some Bugs.

The first bug is then i Click on Load it show me the Player and if i again Click on load it Double the Players.. <--- Fixxed

 

And the Second bug is then i Click on "Load Players" one time, it load how many Players are online but if i click again i become this error:

 

This causes two bindings of the collection to bind to the same property.

Parameter name: binding <--- Fixxed

 

And how i can add a Second Column in the Listbox? To show in which Zone the Player are?

The Code for the IDs look so:

string sql = @"SELECT * FROM `t_users` WHERE a_zone_num <>-1 AND a_subnum=1";
MySqlConnection con;
MySqlConnectionStringBuilder csb = new MySqlConnectionStringBuilder();
csb.Server = "";
csb.UserID = "";
csb.Database = "";
csb.Password = "";

con = new MySqlConnection(csb.ConnectionString);
MySqlConnection connection = new MySqlConnection(csb.ConnectionString);
connection.Open();
DataTable datatable = new DataTable();
MySqlCommand insertBann = new MySqlCommand(sql, connection);
int i = insertBann.ExecuteNonQuery();
MySqlDataAdapter dataAdapter = new MySqlDataAdapter(sql, connection);
dataAdapter.Fill(datatable);
MySqlDataReader mdr = null;

mdr = insertBann.ExecuteReader();

while (mdr.Read())
{
sql = mdr["a_idname"].ToString();
// Here Should ad the a_zone_num row ?
listBox1.Items.Add(sql);
}
mdr.Close();

 

 

 

2

 

// With This Code it work to Show the Zones but not in a new Column:

sql = mdr["a_idname"].ToString();
sql1 = mdr["a_zone_num"].ToString();
listBox1.Items.Add(sql);
listBox1.Items.Add(sql1);
[/Code]

 

 

2

1ª As I can solve the Send Error Report that gives the Summons of Scholarly invoke when invoked using the Skill Earth or other summons in the City gives Send Error Report.. And out of town does not Send Error Report how I can fix it?.

 

2ª As I can solve the Send Error Report to change your character Juno use the EP2 / 3 when you go in with a character and when I change my character and I go in and gives Send Error Report as I can fix it?.

 

3ª How to create a Pet P1 as the Dragon or the Horse.

 

Thank you very much.

Version 1 - Admin only page

 

<?
//currently an example, change to your desired infomation
$dbuser = "root";
$dbpass = "";
$dbhost = "localhost";
$dbname = "newproject_db";
//connect to database
$msconn = mysql_connect($dbhost, $dbuser, $dbpass);
$db = mysql_select_db($dbname, $msconn);
$admin = ''; //Put here the session id that your site uses to save user info.
// Check Admin Levels On Database
$checkadmin = mysql_query("SELECT * FROM t_characters WHERE a_user_index = '$admin' AND a_admin > 0");
if(mysql_num_rows($checkadmin) > 0) {
} else {
echo "<font color='#FF0000'>You Do Not Have Access To This Page</font>";
die();
}
?>

 

Version 2 - Information only admin's can see (Credits to MaX)

 

<?
//currently an example, change to your desired infomation
$dbuser = "root";
$dbpass = "";
$dbhost = "localhost";
$dbname = "newproject_db";
//connect to database
$msconn = mysql_connect($dbhost, $dbuser, $dbpass);
$db = mysql_select_db($dbname, $msconn);
$admin = ''; //Put here the session id that your site uses to save user info.
$admin_check = mysql_query("SELECT * FROM t_characters WHERE a_account_index = '$admin'");
while($admin_check1 = mysql_fetch_array( $admin_check ))
{

//Administrators
if($admin_check1['a_admin'] == "10") //Change this to what level admin's can see this page.
{

//Info only admin's can see goes here.

}
}
?>

here is some skils.

for those who have ep1 with night shadow here are some skils

I did some riding skils pet along.

and has many custom skils

however:

root shadow stun night. only affects monsters

the green ball of night shadow cause much lag then took the green effect

And the rest is perfect =)

 

remembering only for those uses ep1 with night shadow

the buff blessing is the black chaos i dont remember i only change the efect and the magic

 

 

2

 

sorry post here xD

Well, dear Com,

Much of u just posted and posted their things but no1 really cares about.

Sofar here are little fixxes that will make ure launcher probably went working!

 

The most Type of Errors are:

1.)Launcher Crashes

2.) Corrupt Patch File

 

For 1.)

1. Do exactly the same as in guide then -> Go to ure folder where u put the notice.htm and the update.htm

2. open them

3. write something in them for example "hello"

4. save them

5. solved

For 2.)

1. Do Exactly what the guide says -> but if u got a low value of the Version like 39 or somthing like that change it to something higher like 401 -> change the Version in Version.txt to 401 and rename the .zip to 401.zip

2. go to ure client and open the vtm.brn

3. change the Version to 400

4. save it

5. solved

 

I hope that helped u!

 

Greetz Creep!

 

srry for bad english

Anyone know what are the effects of this flying demon is sitting with legs and bright red fire as you see in the picture (Sorry about the poor quality) : 2

Thanks.

here is some skils.

for those who have ep1 with night shadow here are some skils

I did some riding skils pet along.

and has many custom skils

however:

root shadow stun night. only affects monsters

the green ball of night shadow cause much lag then took the green effect

And the rest is perfect =)

 

remembering only for those uses ep1 with night shadow

the buff blessing is the black chaos i dont remember i only change the efect and the magic

 

 

2

 

sorry post here xD

Here's a site i'm releasing

Download - 2

 

Features :

News on Home (Credits to Max)

Member CP (Reset lvl, Reset red, delete character)

Full Class Ranks

Secure register (Credits to Wizatek)

Nice Design

Credits to MaX for some of his code

 

 

Email me at [email protected] if you want to buy one of my premium sites.

Hi,

 

I notice that there are many websites being used at this moment that are vulnerable of mysql injections.

U might think, what kind of harm could a sql injection really do.

Well trough a mysql injection people can influent your database, edit anything.

But that is far from all.

With a mysql injection a hacker can create a file on your server, preferably in your webroot.

This file can contain anything, and can be executed with the web browser.

Most are running their websites on their game servers, mostly logged in as Administrator.

That means this hacker can run that file, from their web browser, on your server, with Admin rights!

PHP is not limited to just doing web things, it can do a lot more, even execute other programs.

Maybe that program is also created with a mysql injection.

Maybe that program will give the hacker access to your firewall, or creates a user to login Remote Desktop.

Mysql injections are seriously dangerous!

 

 

Thats why im going to show u some techniques to stop that from happening completely

As a php scripter u probably use the mysql_ functions (mysql_connect, mysql_query, etc, etc)

These functions should no longer be used.

On the website of PHP u can find the same info

Use of this extension is discouraged. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

 

MySQLi is not my personal favorite, so today i want to show PDO_MYSQL

I am not going to explain more about how mysql injections work, and how to use it and those things.

If u are searching for that information u can find tons of websites on google or videos on youtube.

 

 

Ok lets start at the beginning.

Connecting to the server.

 

Before we used something like this

mysql_connect('server','username','password');

 

in PDO we do this slightly different.

The reason for this is that u can use the same functions for connecting to several different database systems.

MySQL, MSSQL, Oracle, etc etc

 

$server = 'localhost';
$database = 'database';
$user = 'myusername';
$password = 'mypassword';

// First we have to create a DSN
$dsn = sprintf("mysql:host=%s;dbname=%s", $server, $database);

// Then we can use that DSN to connect to the database with PDO
// I use try/catch statements to not show some to revealing error messages when the connection fails
try
{
$db = new PDO($dsn, $user, $password);
}
catch(PDOException $e)
{
die('Error connecting to the database');
}

 

That was all it takes to connect to the database.

I know its a little more work then u are used to, but the easy way isnt always the best way.

 

 

Ok now we are going to query the database and get some results.

Lets assume we want to login our game account on the website.

There is a form on the website that sends the username and password.

 

First, the wrong way

$username = $_POST['username'];
$password = $_POST['password'];

$result = mysql_query("SELECT user_code FROM bg_user WHERE user_id = '$username' AND passwd = '$password'");
$row = mysql_fetch_row($result);

 

Now the correct way

$username = $_POST['username'];
$password = $_POST['password'];

// Prepare the query with placeholders
$dbh = $db->prepare("SELECT user_code FROM bg_user WHERE user_id = :username AND passwd = :password");

// Execute the query
$dbh->execute( array( ':username' => $username,
':password' => $password ));

// Get the result
$row = $dbh->fetch();

 

Ok lets break this apart a little because it might look just as unsafe, but really, it isnt.

 

$dbh = $db->prepare("SELECT user_code FROM bg_user WHERE user_id = :username AND passwd = :password");

This prepares the query, it sends the query to the Mysql Connector with the placeholders :username and :password

The mysql connector then checks what kind of data should come in place of the :username or :password

is it a varchar, int, bigint or whatever it needs to be.

Then it will add the quotes itself, when needed.

At this point the query is prepared, and ready to be executed.

 

$dbh->execute( array( ':username' => $username,
':password' => $password ));

This is where we tell the mysql connector which values the placeholders should be replaced with.

The mysql connector then checks if the variables are from the right type, it needs a number, is it a number?

When it needs a number, and its not a number then the query will not be executed.

When it needs a string it will automatically add the slashes before every ' and " so escaping those

is not needed anymore.

 

$row = $dbh->fetch();

This will only get the results in a array for 1 row only, exactley the same like mysql_fetch_row();

 

 

Lets take the last example and change it a little to show all accounts that start with a W

 

$username = 'W%';

// Prepare the query with placeholders
$dbh = $db->prepare("SELECT user_id FROM bg_user WHERE user_id LIKE :username");

// Execute the query
$dbh->execute( array( ':username' => $username ));

// Get the result
$rows = $dbh->fetchAll();

// Show the results
foreach( $rows as $row )
{
echo $row['user_id'] . "<br />";
}

 

The reason why i use a LIKE statement here is because i want to show how to use it with prepared statements.

U can not use :username% directly in the query.

 

I want to end this little tutorial with some easy conversions

 

mysql_num_rows -> $dbh->rowCount()
mysql_error() -> $db->errorInfo()
mysql_error() -> $dbh->errorInfo()
mysql_fetch_row -> $dbh->fetch()
mysql_fetch_array -> $dbh->fetchAll()

 

This was just a really really small tutorial, but it should give enough info to get your website a lot more secure.

More info about this can be found 2 and 2

But i will be happy to answer questions about it in this thread also.