Most visitors online was 17251 , on 24 May 2024
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!If you use The new vote_do.php with my modified files then open vote_do.php and change these:Fatal error: Call to a member function RecordCount() on a non-object in C:\Xampp\htdocs\backend\vote_do.php on line 43
include ('../config.php');
include ('../includes/adodb5/adodb.inc.php');
include ('config.php');
include ('includes/adodb5/adodb.inc.php');
Please try to resolve the issue here instead of on MSN. That way, anyone that has problems in the future can use this thread as a reference. Thank you.
I mean that the messages doesnt shows up...What does "echos doesnt show up" means?
If you can add the IP CHECK,it will be awesome, and oh , this script is hackable,you can find the password of mssql.
If you can add the IP CHECK,it will be awesome, and oh , this script is hackable,you can find the password of mssql.
You mean the one that vanished and hacked the script and released it in here is the one who hack your CabalToolz 4.0?????
ALTER TABLE VoteReward
ADD UserIP VARCHAR(20)
$u=$_GET["u"];
/*...*/
$q2=mssql_query('SELECT * FROM CashAccount WHERE UserID="' . $u . '"');
/*ATTN: This is untested code, hacked together in notepad*/
if (ereg('[^A-Za-z0-9]', $u)) {
die "; DROP DATABASE my butt!";
}
else {
$q2=mssql_query('SELECT * FROM CashAccount WHERE UserID="' . $u . '"');
}
For much request on it, I did a version which has an IP check.
To use this version, you must run this query on your CabalCash database:
Code:ALTER TABLE VoteReward ADD UserIP VARCHAR(20)
You can download the version from attachments.
<?php
include ('includes/adodb5/adodb.inc.php');
$server="xxxx";
$user="xxxx";
$pass="xxxx";
$db1=ADONewConnection('mssql');
$db1->Connect($server, $user, $pass, 'CabalCash') or die("Unable to connect cash!");
$db2=ADONewConnection('mssql');
$db2->Connect($server, $user, $pass, 'ACCOUNT') or die("Unable to connect account!");
$u=$_GET["u"];
$p=$_GET["p"];
$q1=$db2->Execute('SELECT * FROM cabal_auth_table WHERE ID=?', array($u));
$rc1=$q1->RecordCount();
$r1=$q1->FetchRow();
if ($rc1>=1)
{
$pwd=md5($p);
if ($r1[2]==$pwd)
{
$con=mssql_connect($server, $user, $pass);
mssql_select_db('CabalCash', $con);
$q2=mssql_query('SELECT * FROM CashAccount WHERE UserID="' . $u . '"');
$rc2=mssql_num_rows($q2);
$r2=mssql_fetch_array($q2);
if (mssql_num_rows($q2)>=1)
{
if (isset($_COOKIE['voted']))
{
$q3=$db1->Execute('SELECT * FROM VoteReward WHERE UserID=?', array($u));
$rc3=$q3->RecordCount();
$r3=$q3->FetchRow();
if ($rc3>=1)
{
$verify=$r3[1]+60*60*12;
$time=time();
if ($time>=$verify)
{
$db1->Execute('UPDATE VoteReward SET VoteDate=? WHERE UserID=?', array($time, $u));
$newcash=$r2[4]+1;
$newcashbon=$r2[3]+1;
mssql_query('UPDATE CashAccount SET Cash="'.$newcash.'" WHERE UserID="'.$u.'"');
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>Your reward has been added successfully. Click here to go back!</a>";
}
else
{
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>You already voted! Please wait 12 hours to vote again! Click here to go back!</a>";
}
}
else
{
$time=time();;
$db1->Execute('INSERT INTO VoteReward (UserID, VoteDate) VALUES (?,?)', array($u, $time)) or die(mssql_error());
$newcash=$r2[4]+1;
$newcashbon=$r2[3]+1;
mssql_query('UPDATE CashAccount SET Cash="'.$newcash.'" WHERE UserID="'.$u.'"');
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>Your reward has been added successfully. Click here to go back!</a>";
}
}
else
{
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>You did not vote in the last 12 hours! Click here to go back!</a>";
}
}
else
{
if (isset($_COOKIE['voted']))
{
$time=time();
mssql_query('INSERT INTO CashAccount (UserID, Cash, CashBonus) VALUES ("'.$u.'",1,0)');
$db1->Execute('INSERT INTO VoteReward (UserID, VoteDate) VALUES (?,?)', array($u, $time));
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>Your reward has been added successfully. Click here to go back!</a>";
}
else
{
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>You did not vote in the last 12 hours! Click here to go back!</a>";
}
}
}
else
{
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>You have entered a wrong Password! Click here to go back!</a>";
}
}
else
{
echo "<a href='http://cabal.transilvaniagames.ro/votereward.html'>You have entered a wrong ID! Click here to go back!</a>";
}
?>
Code:$_config['vote_status']=true;
Add this line to anywhere in your config.php.
It will fix the problem.