• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

[Gesior ACC] Buy / sell characters

Leesne said:
These scripts do work, but they are so easy to exploit.
By 1 simple edit client side I managed to sell a a char on the main account, for 0 coins on a fresh account then buy it on it thus transferring to my new account.
You can also put a char up for sale at 10000 points, and buy it for 1 point even those it clearly said 10000 all client side on a fresh none admin account
Click to expand...
As @Leesne said. With this script any user can:
  • sell character from other account - including GM character
  • buy any character for 0 points
  • add points to own account - by buying character for negative amount of points ex. -50

Friend asked me to block possibility to sell online characters, but I had to rewrite most of code.
Version with all security issues fixed is in included .zip.

@Znote @WibbenZ
Can any moderator replace link to .rar from first post in thread with my .zip?
Otherwise, people will visit first page of thread and install insecure version on their servers.
 

Attachments

  • myacc_character_auctions_safe_version.zip
    3.3 KB · Views: 77 · VirusTotal
Gesior.pl said:
As @Leesne said. With this script any user can:
  • sell character from other account - including GM character
  • buy any character for 0 points
  • add points to own account - by buying character for negative amount of points ex. -50

Friend asked me to block possibility to sell online characters, but I had to rewrite most of code.
Version with all security issues fixed is in included .zip.

@Znote @WibbenZ
Can any moderator replace link to .rar from first post in thread with my .zip?
Otherwise, people will visit first page of thread and install insecure version on their servers.
Click to expand...

Fixed, but please in the future report the main post with the edits you want done or in this case update files.
 
Gesior.pl said:
As @Leesne said. With this script any user can:
  • sell character from other account - including GM character
  • buy any character for 0 points
  • add points to own account - by buying character for negative amount of points ex. -50

Friend asked me to block possibility to sell online characters, but I had to rewrite most of code.
Version with all security issues fixed is in included .zip.

@Znote @WibbenZ
Can any moderator replace link to .rar from first post in thread with my .zip?
Otherwise, people will visit first page of thread and install insecure version on their servers.
Click to expand...
I'm sorry that I'm asking but are you saying this version is safe to use? or there is still some missing things (bugs)? I am not good at PHP. Thank in advance for your answer :)
 
Gesior 2012 i add to database:
CREATE TABLE IF NOT EXISTS sellchar (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(40) NOT NULL,
vocation int(11) NOT NULL,
price int(11) NOT NULL,
status varchar(40) NOT NULL,
oldid varchar(40) NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Click to expand...
copy buychar.php, sellchar.php > paste it to pages and i get this error.
Fatal error: Uncaught Error: Call to undefined method DatabaseList::eek:rderBy() in /opt/lampp/htdocs/pages/sellchar.php:12 Stack trace: #0 /opt/lampp/htdocs/system/load.page.php(7): include() #1 /opt/lampp/htdocs/index.php(37): include_once('/opt/lampp/htdo...') #2 {main} thrown in /opt/lampp/htdocs/pages/sellchar.php on line 12
Click to expand...

Is it good and safe when I just remove line 12?
PHP: 
$players_from_logged_acc->orderBy('name');


PHP: 
<?php

if ($logged) {
    $main_content .= '<center><b>Here you can put your character on sale!</center></b><br>';
    $main_content .= 'If you put your character on sale anyone can buy it, you will lose acces to that character and you wont be able to log in with that character until someone buys it, you can also delete your offer by talking to an admin!<br><b>when someone buys your character you will get the price in points!</b>';
    $main_content .= '<br>';
    $main_content .= '<TABLE BORDER=1 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR=' . $config['site']['vdarkborder'] . '><TD CLASS=white width="64px"><CENTER><B>Sell your characters</B></CENTER></TD></TR>';
    $main_content .= '<TR BGCOLOR=' . $config['site']['darkborder'] . '><TD CLASS=black width="64px"><B></B>';

    $players_from_logged_acc = $account_logged->getPlayersList();

    $players_from_logged_acc->orderBy('name');
    $main_content .= '<form action="" method="post"><select name="player_id">';
    // w option w 'value' ustawiam ID gracza, rozwiazuje to wiele problemow z nickiami gracza i ich szukaniem w bazie
    foreach ($players_from_logged_acc as $player) {
        $main_content .= '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
    }

    $main_content .= '</select>Select a character to sell<br>';
    $main_content .= '<input type="text" name="price" maxlength="5" size="4" >Select the price of the character<br>';
    $main_content .= '<input type="submit" name="submit" value="Sell character"></TD></TR>';
    $main_content .= '</form></table>';

    if (isset($_POST['submit'])) {
        // zmieniam zmienne w int, jesli ktos wpisal jakis tekst, to zamieni sie w liczbe 0
        $player_id = (int)$_POST['player_id'];
        $price = (int)$_POST['price'];

        // to znaczy, ze $player_id i $price nie są zerami
        if ($player_id && $price) {
            // cena musi byc dodatnia, inaczej ktos moze wystawic za -50 pkt, ktos to kupi i system da komus pkt. za darmo
            if ($price > 0) {
                $player = new OTS_Player();
                $player->load($player_id);

                // sprawdzamy czy gracz sie zaladowal = czy istnieje w bazie danych
                if ($player->isLoaded()) {
                    // sprawdzamy czy id konta gracza jest takie samo jak id konta zalogowanego
                    if ($player->getAccountId() == $account_logged->getId()) {
                        // sprawdzamy czy gracz nie jest online
                        if (!$player->isOnline()) {
                            $offer_info = $SQL->query("SELECT `price`, `oldid` FROM `sellchar` WHERE `name` = " . $player_id)->fetch();
                            if (!$offer_info) {
                                $vocation = $player->getVocation();
                                $old_id = $player->getAccountId();

                                $player->setAccountId(1);
                                $player->save();

                                // wszystkie zmienne sa 'int', wiec na pewno sa bezpieczne dla MySQL,
                                // nie trzeba uzywac $SQL->quote, zeby zabezpieczyc sie przez SQL Injection
                                $SQL->query(
                                    "INSERT INTO `sellchar` VALUES (NULL,'$player_id','$vocation','$price','1','$old_id')"
                                );

                                $main_content .= '<b><center>You added your character correctly, thanks!</b></center>';
                                header("Location: index.php?subtopic=buychar");
                            } else {
                                $main_content .= '<b><center>There is already sell offer for this character.</b></center>';
                            }
                        } else {
                            $main_content .= '<b><center>This character online! Logout first.</b></center>';
                        }
                    } else {
                        $main_content .= '<b><center>This character is not on your account!</b></center>';
                    }
                } else {
                    $main_content .= '<b><center>Character does not exist!</b></center>';
                }
            } else {
                $main_content .= '<b><center>Price must be higher than 0!</b></center>';
            }
        } else {
            $main_content .= '<b><center>Fill out all fields!</b></center>';
        }
    }
} else {
    $main_content .= '<b><center>Please log in first!</b></center>';
}

anyway when i delete line 12 page works nice but when i select character to sell then i select points for how much i want to sell then i click Sell character then i have another error:
Fatal error: Uncaught RuntimeException: #E-7 -Cannot load class <b>OTS_Player</b>, file <b>./classes/class.ots_player.php</b> doesn't exist in /opt/lampp/htdocs/system/load.init.php:14 Stack trace: #0 [internal function]: autoLoadClass('OTS_Player') #1 /opt/lampp/htdocs/pages/sellchar.php(32): spl_autoload_call('OTS_Player') #2 /opt/lampp/htdocs/system/load.page.php(7): include('/opt/lampp/htdo...') #3 /opt/lampp/htdocs/index.php(37): include_once('/opt/lampp/htdo...') #4 {main} thrown in /opt/lampp/htdocs/system/load.init.php on line 14
Click to expand...
:D
my load.init.php
PHP: 
<?php
if(!defined('INITIALIZED'))
    exit;

$time_start = microtime(true);
session_start();

function autoLoadClass($className)
{
    if(!class_exists($className))
        if(file_exists('./classes/' . strtolower($className) . '.php'))
            include_once('./classes/' . strtolower($className) . '.php');
        else
            throw new RuntimeException('#E-7 -Cannot load class <b>' . $className . '</b>, file <b>./classes/class.' . strtolower($className) . '.php</b> doesn\'t exist');
}
spl_autoload_register('autoLoadClass');

//load acc. maker config to $config['site']
$config = array();
include('./config/config.php');
$tmp_lua_config = new ConfigLUA(Website::getWebsiteConfig()->getValue('serverPath') . 'config.lua');
$config['server'] = $tmp_lua_config->getConfig();
 
Last edited:

Similar threads

A
  • Question
Bounty Hunter System mysql error
Replies
1
Views
248
Dakos
D
Forkz
  • Question
TFS 1.X+ TFS 1.5 - Downgrade Nekiro 7.72 - Add in-game shop OTClientv8
2
Replies
24
Views
3K
highsanta
highsanta
Back
Top