xCMS

Oceanic · Sep 3, 2008

Ooops my fault, i update it

Ty for help

Master-m · Sep 3, 2008

No problem, I'm extremely bored :S xD! And you are never on msn so can't tell you about new rox functions xD

Oceanic · Sep 3, 2008

I try to come online as much as possebile.
Im online at 16:00 GMT+1

Master-m · Sep 3, 2008

0j0j0j0j koool

Mark · Sep 3, 2008

master-m said:
It is secure. Oceanic come on msn maby I got some nice features for you

Never say that something is safe before you've checked the code, I only had to check the codes for a few minutes to find many more security leaks...

Master-m · Sep 3, 2008

But you checked it, so 2 people looked at it multiple times so I guess its safe?

Mark · Sep 3, 2008

I checked it and reported security leaks, yes. Did I ever say it was safe? I normally don't have time to view thru all the code but since you said it was safe and people would probably believe you I had to check it again to make sure you were not spreading false information.

Extrom · Sep 3, 2008

I still get the error "Table 'forgottenserver.xcms_news' doesn't exist" , I would apreciate if someone could tell me how to fix it. Thx.

Master-m · Sep 3, 2008

look first post import it.

Oceanic · Sep 6, 2008

Extrom said:
I still get the error "Table 'forgottenserver.xcms_news' doesn't exist" , I would apreciate if someone could tell me how to fix it. Thx.

It says in the first post

Oceanic · Sep 7, 2008

Updated Admin security

Devhir · Sep 7, 2008

lol, im gonna start using this and help you find some error. I believe this could be the best acc yet

Gesior.pl · Sep 7, 2008

ajax:

PHP:

<?php

include "../config.php";
error_reporting($error_reporting);
mysql_connect($connection[1], $connection[2], $connection[3]) or die("Could not connect, please check your settings");
mysql_select_db($connection[4]) or die("Database dont exist");

$player_data = mysql_query("SELECT * FROM players") or die(mysql_error());
while($data = mysql_fetch_array( $player_data )){
$a[] = $data['name'];	
}

$q= mysql_escape_string($_GET["search_name"]);

if (strlen($q) > 0)
{
  $hint="";
  for($i=0; $i<count($a); $i++)
  {
  if (strtolower($q)==strtolower(substr($a[$i],0,strlen($q))))
    {
    if ($hint=="")
      {
      $hint=$a[$i];
      }
    else
      {
      $hint=$hint." ".$a[$i];
      }
    }
  }
}

$response=$hint;

echo $response;
?>

Change:

PHP:

$player_data = mysql_query("SELECT * FROM players") or die(mysql_error());

To:

PHP:

$player_data = mysql_query("SELECT name FROM players") or die(mysql_error());

Version with "*" execute time is ~0.5 sec (!) with 9500 players in database.
Version with "name" execute time is ~0.05 sec with 9500 players in database.
If you use my script (below) execute time is ~0 seconds when user enter 0-2 chars and 0.01 sec [9500 players in database, 0.005 sec when 300 players in database] when user enter more then 2 chars. My version show nicks "like" entered name. When user enter "cat" it show players "Cat Woman" "Catalog" and "I like cats" too.
This version show execute time:

PHP:

<?php
$time = time()+microtime();
$q= mysql_escape_string($_GET["search_name"]);
if (strlen($q) > 2)
{
	include "../config.php";
	error_reporting($error_reporting);
	mysql_connect($connection[1], $connection[2], $connection[3]) or die("Could not connect, please check your settings");
	mysql_select_db($connection[4]) or die("Database dont exist");
	$player_data = mysql_query("SELECT name FROM `players` WHERE `name` like '%".$q."%' ORDER BY `name`;") or die(mysql_error());
	while($data = mysql_fetch_array( $player_data ))
		$response .= ", ".$data['name'];
	$response = substr($response, 2, strlen($response));
}
else
	$response="<b>Enter 3 or more characters</b>";
echo time()+microtime()-$time."<br />".$response;
?>

RESULT-9500 characters in database said:
Suggestions: 0.0102031230927
Acroma Angel, Angel, Angel De Blood, Angel For Heaven, Angel Of Death, Angel Of Distans, Angel Of Dream, Angel Of Heaven, Angel Of Hell, Angel Of Sorcerers, Angel On Warots, Angelika Druidka, Angelo, Angelus, Angelusbeliard, Archangel, Archangel Of The Chaotic, Black Angel, Black Angels, Darkness Angel, Death Angel, Distans Archangel, Dratini Angel, Fruti Angel, Lady Angel, Lady Angela, Mr Angel, Nie Moge Wejsc Na Archangela, Shanangel, Sir Angel, The Black Angel

---------------------------------------------------------
This version execute time is 0.027 second (still fast) with 9500 players in database and 0.005 second with 300 players in database.
This version is much better for users who dont know name, but want find some with level about XX. Show levels and sort by level from highest:

PHP:

<?php
$time = time()+microtime();
$q= mysql_escape_string($_GET["search_name"]);
if (strlen($q) > 2)
{
	include "../config.php";
	error_reporting($error_reporting);
	mysql_connect($connection[1], $connection[2], $connection[3]) or die("Could not connect, please check your settings");
	mysql_select_db($connection[4]) or die("Database dont exist");
	$player_data = mysql_query("SELECT name,level FROM `players` WHERE `name` like '%".$q."%' ORDER BY `level` DESC;") or die(mysql_error());
	while($data = mysql_fetch_array( $player_data ))
		$response .= ", ".$data['name']."[".$data['level']."]";
	$response = substr($response, 2, strlen($response));
}
else
	$response="<b>Enter 3 or more characters</b>";
echo time()+microtime()-$time."<br />".$response;
?>

RESULT-9500 characters in database said:
Suggestions: 0.0266110897064
Archangel[185], Lady Angel[104], Angel Of Distans[76], Angel Of Heaven[71], Angelo[63], Distans Archangel[39], Angel Of Dream[38], Angel Of Hell[36], The Black Angel[34], Angel De Blood[25], Lady Angela[24], Angel Of Sorcerers[23], Angelusbeliard[23], Black Angel[18], Angelika Druidka[17], Angel Of Death[16], Shanangel[15], Black Angels[11], Angel For Heaven[10], Angel On Warots[9], Acroma Angel[8], Dratini Angel[8], Mr Angel[5], Fruti Angel[1], Death Angel[1], Angel[1], Archangel Of The Chaotic[1], Sir Angel[1], Nie Moge Wejsc Na Archangela[1], Angelus[1], Darkness Angel[1]

Oceanic · Sep 8, 2008

Devhir said:
lol, im gonna start using this and help you find some error. I believe this could be the best acc yet

Glad to hear that

Geisor i use your script instead.
Of course you get credits for it

Updated to 0.15

Gesior.pl · Sep 9, 2008

USE POT!

With POT all is fast (not always

), easy and safe.
With POT your acc. maker work with MySQL and SQLite databases.
With POT you must change only "pot" version to make your acc. maker work with newest/old version of TFS/OTS.
With POT (PDO) you can "escape" and execute any SQL (MySQL and SQLite!) query ( Docs For Class OTS_Base_DB ).
http://otserv-aac.info/

Master-m · Sep 9, 2008

POT = Sux

Mark · Sep 9, 2008

master-m said:
POT = Sux

Why does it suck?

Master-m · Sep 9, 2008

I just think it sucks, is my oppinion. I think its better to do it this way

Oceanic · Sep 9, 2008

master-m said:
I just think it sucks, is my oppinion. I think its better to do it this way

But POT is a nice way to do things

Master-m · Sep 9, 2008

Maybe it is.. But I always prefer to update things by myself, now if they don't update something you're screwed also.

xCMS

Php / C++ / MySQL

Need help? Just ask!

Php / C++ / MySQL

Need help? Just ask!

Administrator

Need help? Just ask!

Administrator

New Member

Need help? Just ask!

Php / C++ / MySQL

Php / C++ / MySQL

A bit of Everything

Mega Noob&LOL 2012

Php / C++ / MySQL

Mega Noob&LOL 2012

Need help? Just ask!

Administrator

Need help? Just ask!

Php / C++ / MySQL

Need help? Just ask!