[Tutorial]Developing site scripts for your GunZ server

[deathtaker26]

As I stated before, I like assisting those who have no clue what they're doing Site wise. So In this tutorial I will be demonstrating how to develop scripts to Access your GunZ database and create a basic php code that allows you to simple give yourself an item.

Note: since this for beginners I'm going to be using plenty of variables.

So let's get started!

Some things you will need:
An http web server. I suggest XAMPP or WAMP I use IIS7 but that's more advanced.
A tool to edit php files, I suggest notepad++, I use dreamweaver since I have my certification and I am more familiar with it.
Good focus and good intentions to learn!

Alright so the script I'm going to teach you to write is giving your character and Item through a ODBC script on your website. This is good if you'd like make a server shop or something, which using paypal IPN's are NOT simple so I won't get into that.

First thing we need to do is create some variables to access your MSSQL database. To do this we need your server name and your SQL server credentials. You can get your server name in Microsoft SQL Server Management Studio by clicking disconnect and reconnect. upon reconnecting copy the field that says "Server Name". Your username for this is usually sa unless changed upon installation, your password is whatever you set it to after installing.

Now Let's put those into PHP:
Create some $variables names $host, $user, and $pass word host will be the server name, user will be user and pass will be your password, I also like to use a $db variable for my database. don't forget to start your php code with <?php

PHP Code:

<?php
$host="WIN-MND000000\SQLEXPRESS"
$user="sa"
$password="YourDatabasePassword"
$db="GunzDB"

Now that we have our variables set up we can get started on Accessing the database through ODBC. We do this through a built in PHP Function called odbc_connect. The Odbc_connect has 3 arguments. odbc_connect($dsn, $username, $password). The argument $DSN is the trickiest one to set up. It's broken into 4 parts. The Driver, the Server, and the Database. Your driver will be "SQL Server" Your server will be your $host and your Database will of course be your $db.

This is how your set up that.
Driver={SQL Server};Server=$host;Database=$db;

The other 2 arguments will be your user and pass. We put odbc_connect as a variable called $con to store the connection. Let's put that into our code.

PHP Code:

<?php
$host="WIN-MND000000\SQLEXPRESS"
$user="sa"
$password="YourDatabasePassword"
$db="GunzDB"

$con=odbc_connect("Driver={SQL Server};Server=$host;Database=$db;", $user, $pass);

I like to include an "or die" function there to let me know if my connect didn't work.
Let's add that.

PHP Code:

<?php
$host="WIN-MND000000\SQLEXPRESS"
$user="sa"
$password="YourDatabasePassword"
$db="GunzDB"

$con=odbc_connect("Driver={SQL Server};Server=$host;Database=$db;", $user, $pass) or die("We could not connect to your MSSQL server, please contact the server administrator or try again later.");

Now let's give the user the item! To Execute an SQL code we use odbc_exec function. This function has 2 arguments. one being your odbc connect which we saved as $con and one being your SQL Query which we have to write.

Our query will contain 2 $variables. One being the CID and one being the itemID. The CID will be the CID of the character you with to give your item to. the itemID will be the itemID of the item you would like to give. For this we will use $_POST data which I will show you how to use. $_POST data allows you to take information from a form on another page and run a script. So we can insert our information using text fields and buttons.

So let's declare those variables first.

PHP Code:

$CID=$_POST['CID'];
$itemID=$_POST['itemID']; 


Put those at the bottom of your php code.
Now let's write the query.

Code:

"INSERT INTO CharacterItem(CID, ItemID) VALUES('$CharID', '$itemID')"

The CharacterItem in this is our table the (CID, ItemID) are our table rows we're editing. this table only requires 2 rows. the VALUES('$CharID', '$itemID') is the information we're inserting in.

Now let's put that into an odbc_execute function

PHP Code:

odbc_exec($con, "INSERT INTO CharacterItem(CID, ItemID) VALUES('$CharID', '$itemID')"); 


add that to the bottom of your php code and end the code with a ?> You have now finished your PHP code here's what it should look like:

PHP Code:

<?php
$host="WIN-MND000000\SQLEXPRESS"
$user="sa"
$password="YourDatabasePassword"
$db="GunzDB"

$con=odbc_connect("Driver={SQL Server};Server=$host;Database=$db;", $user, $pass) or die("We could not connect to your MSSQL server, please contact the server administrator or try again later.");

$CID=$_POST['CID'];
$itemID=$_POST['itemID'];

odbc_exec($con, "INSERT INTO CharacterItem(CID, ItemID) VALUES('$CharID', '$itemID')");
?>

But there's still one more thing to do and that's make a form to access it with. First save this code in a folder as "giveItem.php" and make a new file this one will be all html!

Write your basic page and in the body we will be inserting a form

the form requires 2 variables method and action. there are 2 methods, post and get. we used Post in our last form so we will need to use post here, our action is the PHP script it's using which we named giveItem.php.

So here's what your html code should look like:

PHP Code:

<form method="post" action="giveItem.php">

</form> 


Next we add some textboxes and a submit button. these textboxes must have the same name we used in our post function on the other page. for example we used $_POST['CID'] one of the names of our textboxes MUST be CID. text boxes use <insert type="text"/> tags and submit button is <intput type="submit" value="submit" />

Let's add those

PHP Code:

<form method="post" action="giveItem.php">
CID: <input type="text" name="CID" /><br />
ItemID: <input type="text" name="itemID" /><br />
<input type="submit" value="submit" />
</form> 


Now you're done save the html page as form.html. upload it all to your http server and test it in your web browser by opening up your form.html and filling out the form with your item ID and CharacterID

Let me know if you have any questions or errors!

[MentaL]

[Vusion]

Vulnerable to XSS and SQLi.

Code:

foreach($_GET as $key => $value)
{
	$_GET[$key]= str_replace("'", "", htmlentities($value));
}

foreach($_POST as $key => $value)
{
	$_POST[$key]= str_replace("'", "", htmlentities($value));
}

[KeyTrix]

lol dude, that's Really simple and almost everyone in RaGEZONE knows it.

[Solaire]

lol dude, that's Really simple and almost everyone in RaGEZONE knows it.

Then either create your own tutorial to teach the few people that don't know this yet, or just sit back and stfu.

[KeyTrix]

Neither one of those, I think you should mind your business and Shutup yourself kid. it's my opinion and i can say Whatever i want.

I don't have to teach peoples everything i know so Fuck off.

[jur13n]

Vulnerable to XSS and SQLi.

Code:

foreach($_GET as $key => $value)
{
	$_GET[$key]= str_replace("'", "", htmlentities($value));
}

foreach($_POST as $key => $value)
{
	$_POST[$key]= str_replace("'", "", htmlentities($value));
}

it's a fcking example, not..

on topic:

this is nothing really good,
telling people how to connect isn't really good.
beside that odbc isn't good neither..

you should explain lots of functions in php before anyone can really make a website for gunz.

lol dude, that's Really simple and almost everyone in RaGEZONE knows it.

wanna bet they don't?

Neither one of those, I think you should mind your business and Shutup yourself kid. it's my opinion and i can say Whatever i want.

I don't have to teach peoples everything i know so Fuck off.

Then either create your own tutorial to teach the few people that don't know this yet, or just sit back and stfu.

he is right...

[KeyTrix]

your opinion, He should mind his business i'm free to say whatever I want and he gotta stop playing a hero because he's not.

[Vusion]

it's a fcking example, not..

on topic:

this is nothing really good,
telling people how to connect isn't really good.
beside that odbc isn't good neither..

you should explain lots of functions in php before anyone can really make a website for gunz.



wanna bet they don't?





he is right...

Tutoring people to create vulnerable websites.

[Solaire]

Neither one of those, I think you should mind your business and Shutup yourself kid. it's my opinion and i can say Whatever i want.

You're free to state your opinion where and whenever you like. However, you're just making a fool out of yourself by doing so, resulting into lots and lots of people ignoring and hating on you.

But sure, you go ahead, it's not like any of us cares.

I don't have to teach peoples everything i know so Fuck off.

You don't have to teach people because most of them know a shitload more than you do.

[KeyTrix]

LOL kid, I don't care what you have or have NOT released in this forums it doesn't make you anything better than Anyone.

also, I believe you messed something between the Singular and Plural speak for yourself only, don't say "any of us"

and lol Mutual feeling, i don't give a fuck what you say or think or do at all.

[Solaire]

LOL kid, I don't care what you have or have NOT released in this forums it doesn't make you anything better than Anyone.

also, I believe you messed something between the Singular and Plural speak for yourself only, don't say "any of us"

and lol Mutual feeling, i don't give a fuck what you say or think or do at all.

Ok man.

[thajj]

LOL kid, I don't care what you have or have NOT released in this forums it doesn't make you anything better than Anyone.

also, I believe you messed something between the Singular and Plural speak for yourself only, don't say "any of us"

and lol Mutual feeling, i don't give a fuck what you say or think or do at all.

Your raging at everyone who just makes the slightest attempt of keeping this section alive, I don't know what's up your butt but I sure don't hope it's your dads.

[Touchwise]

Sigh typically ragezone.
And peter i tought you left RZ because of this stuff?