Jump to content

OG KingFox

Member
  • Content count

    68
  • Joined

  • Last visited

About OG KingFox

  • Rank
    Iron Member
  • Birthday 10/21/1990

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. you did not modify the Database class whatsoever and all you did elsewhere was change a few variables, so idk why you even put your name on anything...
  2. $res1 is only being used to check the database for the name to see if they have a vote less than 12 hours [code] $res1 = $con->query("SELECT * FROM ".db_tabl." WHERE username='".$name."'"); // if they do, we check scan thru all the user's votes and see if the last votes was less then 12 hours ago. // if so, the vote is denied. if ($res1) { while ($data = $res1->fetch_assoc()) { $time = $data['timeVoted']; if (time() - $time < 43200) { echo ''.(43200 - (time() - $time)).' seconds remaining until next vote allowed'; exit; } } } [/code] outside of that, its not used. The only purpose it has is strictly to see if theres been a vote made with that same name i nthe past 24 hours, regardless of status. I aggree it could be optimized some. Like so: [code] $timeDiff = time() + 43200; $res1 = $con->query("SELECT * FROM ".db_tabl." WHERE username='".$name."' AND timeVoted < $timeDiff"); if ($res1->num_rows > 0) { $data = $res1->fetch_assoc(); $time = $data['timeVoted']; echo ''.(43200 - (time() - $time)).' seconds remaining until next vote allowed'; exit; } [/code] EDIT: nvm, this wont work, dont u dare say nuffin XD
  3. [quote name='Hope']This does [B]not[/B] make it secure. [code] define("runelocus_ip", "69.65.40.220"); // IP to runelocus, to prevent injections [/code] Also, you have an auto incrementing field 'id' which is fine and all, but you never actually deleted the old row. If you're not updating (which you aren't) and you aren't deleting, you're going to end up with a table like this: 1 myusername ect ect ect 2 myusername ect ect ect With repeated username instances. You either need to delete the instance of the old one, or update an existing row with a primary index of the username. [code] while ($data = $res1->fetch_assoc()) { [/code] ^ Should not be scanning through multiple results, since there shouldn't be multiple results UNLESS you're sorting the results in descending order from the most recent time.[/QUOTE] The loop is actually for going thru all votes to pull each time and see if they've voted already within 12 hours, could probably just remove that block of code for whatever reasons u might have =.= . Checking the ip address of the server it's being access from IS secure actually. I'e had a buddy of mine run a script to check it for exploits and it came back nothin because it cant get past that code. [code] // then we check the ip address of who is visiting the page. If its not runelocus, NOPE if (!isset($_SERVER['REMOTE_ADDR']) || empty($_SERVER['REMOTE_ADDR']) || $_SERVER['REMOTE_ADDR'] != runelocus_ip) { echo 'NOPE'; exit; } [/code] Only way you could fake that is if you modify the information, which i do think is possible, but haven't had any attempts for the past 4 years of hosting my server and using runelocus as my primary voting script. And what you're taking about is deleting the entry, this is a way to log each vote so if someone says they voted and didnt receive a reward, you can see their name and claimed=1 if they actually claimed it, or 0 if it's unclaimed. [code]db.executeUpdate("UPDATE "+databaseTable+" SET claimed=1 WHERE id="+rowId+"");[/code] server side sets claimed=1 so it wont be read when user tries to claim it again. Maybe if u had actually read both server and website part of it you'd notice that =.= Bah, it works fine, too much typing to explain every little thing =.=
  4. Got bored and wrote a very secure callback for RuneLocus. Probably a little too secure, but hey, cant ever be secure enough nowadays... If your host supports remote sql, you will need to allow the remote connection via cPanel using the Remote SQL option. You just input your VPS ip. If it does not support remote SQL, such as a free webhost, then gf. First things first, make sure you have a database with a username and password set. If you already have one you want to use, then good deal. Move on to next step: Create a new PHP file and put this in it: <?php define("db_host", "localhost"); // typically localhost unless your database is off-site define("db_user", ""); // database username define("db_pass", ""); // database password define("db_name", ""); // name of the database define("db_tabl", ""); // the name of the table define("runelocus_ip", "69.65.40.220"); // IP to runelocus, to prevent injections // here we check if the variable "usr" is set in the url like so: ?usr=someName if (!isset($_GET['usr']) || empty($_GET['usr']) || !is_string($_GET['usr']) && !is_numeric($_GET['usr'])) { echo 'NOPE'; exit; } // then we check the ip address of who is visiting the page. If its not runelocus, NOPE if (!isset($_SERVER['REMOTE_ADDR']) || empty($_SERVER['REMOTE_ADDR']) || $_SERVER['REMOTE_ADDR'] != runelocus_ip) { echo 'NOPE'; exit; } // we then filter the name to prevent non alphanumerical characters $name = cleanString($_GET['usr']); // after that, we make a conection to the database $con = new mysqli(db_host, db_user, db_pass, db_name) or die ($con->$error); // we now query the database to see if the user has any votes $res1 = $con->query("SELECT * FROM ".db_tabl." WHERE username='".$name."'"); // if they do, we check scan thru all the user's votes and see if the last votes was less then 12 hours ago. // if so, the vote is denied. if ($res1) { while ($data = $res1->fetch_assoc()) { $time = $data['timeVoted']; if (time() - $time < 43200) { echo ''.(43200 - (time() - $time)).' seconds remaining until next vote allowed'; exit; } } } // We fetch the IP on the user and store it in a variable $ipAddr = $_SERVER['REMOTE_ADDR']; // then insert the username, claim status (0 to denote it as not being claimed) $res = $con->query("INSERT INTO ".db_tabl." (username, claimed, timeVoted, ipAddr) VALUES ('".$name."', '0', '".time()."', '".$ipAddr."')"); // if connected and inserted, we print Success... if ($con && $res) { echo 'Successfully inserted vote entry for '.$name.''; } else { echo 'Failed inserting vote entry for '.$name.''; } ?>[/CODE] I've provided a few notes in there to show each thing as it's process and what it does. Upload the script to your website's root folder (some hosts use htdocs, wwwroot, or inetpub, depending on the web-server they use) Now that we have a callback, goto RuneLocus and edit the callback url for your server to match your website url and the path you uploaded it to. New votes should be inserted in the database, if not you didnt insert something correctly or you're possibly using wrong version of PHP. This script was written using Php 5.3. SERVER SIDE WOOOOOT First, make a new class called "Database.java" and put it in any desired package. Just remember it cause we'll need it later, and make put this in it: [code] package com.rs.game.mysql; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class Database { private Connection conn; private Statement stmt; private String host = ""; private String user = ""; private String pass = ""; private String database = ""; public Database(String host, String user, String pass, String data) { this.host = host; this.user = user; this.pass = pass; this.database = data; } public boolean init() { try { this.conn = DriverManager.getConnection("jdbc:mysql://"+host+":3306/"+database, user, pass); return true; } catch (SQLException e) { e.printStackTrace(); return false; } } public int executeUpdate(String query) { try { this.stmt = this.conn.createStatement(1005, 1008); int results = stmt.executeUpdate(query); return results; } catch (SQLException ex) { ex.printStackTrace(); } return -1; } public ResultSet executeQuery(String query) { try { this.stmt = this.conn.createStatement(1005, 1008); ResultSet results = stmt.executeQuery(query); return results; } catch (SQLException ex) { ex.printStackTrace(); } return null; } public void destroyAll() { try { conn.close(); stmt.close(); conn = null; stmt = null; } catch(Exception e) { e.printStackTrace(); } } } Next, make a new class called "Vote.java" and put this in it: package com.rs.game.mysql.impl; import java.sql.ResultSet; import com.rs.game.mysql.Database; import com.rs.game.player.Player; import com.rs.utils.Utils; public class Vote implements Runnable { private static final String databaseTable = "voters"; // change this to your database table private Player player; public Vote(Player player) { this.player = player; } [MENTION=15855]Over[/MENTION]ride public void run() { try { // edit this Database db = new Database("localhost", "db_user", "db_pass", "db_name"); if (!db.init()) { System.err.println("[MySQL] Failed connecting to database."); return; } String username = Utils.formatPlayerNameForDisplay(player.getUsername()); // only pulling one result at a time where they have not claimed. ResultSet rs = db.executeQuery("SELECT * FROM "+databaseTable+" WHERE username='"+username+"' AND claimed=0 LIMIT 1"); if (rs.next()) { int rowId = rs.getInt("id"); int timeVoted = rs.getInt("timeVoted"); int epochTime = (int) (Utils.currentTimeMillis() / 1000); if (epochTime - timeVoted < 43200) { // if the vote was less than 12 hours ago, give reward. if not, make em do it again :I // your rewards go here. // updates the current row to show it's been claimed int results = db.executeUpdate("UPDATE "+databaseTable+" SET claimed=1 WHERE id="+rowId+""); System.out.println("[MySQL] Updated "+results+" database rows"); db.destroyAll(); // destroy connections return; } } db.destroyAll(); // destroy connections } catch (Exception e) { e.printStackTrace(); } } } so now if you've done this correctly, you should have a fairly decent auto vote system and stuff, hopefully. Hopefully i also didnt mess up cause i havent tested server-side, but i have indeed tested website and it works fine :P How to use: new Thread(new Vote(player)).start(); I've made this work on a seperate thread so it doesnt interfere with the main thread of the game. Database structure: CREATE TABLE IF NOT EXISTS `voters` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(255) NOT NULL, `claimed` tinyint(1) NOT NULL, `timeVoted` bigint(15) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;[/CODE] To add a runelocus vote form your your website, it's super easy. Just simply add this to your template wherever you wish: [CODE]<form action="http://www.runelocus.com/toplist/index.php" method="GET"> <input type="hidden" name="action" value="vote"> <input type="hidden" name="id" value="38552"> <!--YOUR RUNELOCUS VOTE ID, THIS CAN BE FOUND IN THE VOTING URL --> <input type="text" name="id2" placeholder="Server username" required> <button type="submit">Vote Now</button> </form>[/CODE] And there you have it, pretty sure I've included EVERYTHING for this..but if not just post a reply :P
  5. bro seriously, u took the screenshots right off my page.... [url]http://foxtrot-rsps.com[/url] ......
  6. [quote name='Samj1990']Webclient doesn't work & i get an error when downloading direct client launcher doesn't open the client either.[/QUOTE] i just had to fix the client, sorry about that :c
  7. [quote name='imakillau']Meh, cheaper than others atleast ;).[/QUOTE] What's that suppose to mean :C
  8. [FONT=impact][SIZE=6][COLOR="#B22222"]Custom Highscores v3[/COLOR][/SIZE][/FONT] with a new layout and theme This new Highscores script features a new look and feel with super fast loading. It's also built with Bootstrap, so it's mobile ready and uses Font-Awesome icon and Google Fonts. It's fast and easy to setup, and you can change various options from Settings.php [COLOR="#B22222"]I am currently asking $20 for the entire script including setup. ($15 without setup) Just add me on skype: live:guardian_rsps[/COLOR] [U][SIZE=4][B]Features:[/B][/SIZE][/U] - Safe to use, no injections - Built with Bootstrap - Super fast load times - Pagination (multi-page) - Clean modern layout - Searching and Comparing - Sorted by Overal XP (can change) - Includes Setup if necessary - Prestige can easily be removed via Settings.php - Back to Top button scrolls smoothly - Jquery 1.10 - FontAwesome Icons 4.1 - CSS3 & HTML5 Compliant - CSS3 Transitions [B][U][SIZE=4]Previews:[/SIZE][/U][/B] Full Layout: [IMG]http://i.imgur.com/HUBak4U.png[/IMG] [HR][/HR] Skill Icons w/ smooth transition Effects: [IMG]http://i.imgur.com/B23WmZv.png[/IMG] [HR][/HR] Player Lookup: [IMG]http://i.imgur.com/au4D8zh.png[/IMG] [HR][/HR] Comparing: [IMG]http://i.imgur.com/mbVKpTw.png[/IMG] [HR][/HR] Pagination: [IMG]http://i.imgur.com/sTiLE0O.png[/IMG] [HR][/HR] Available Settings: [IMG]http://i.imgur.com/JVFxpOS.png[/IMG] [HR][/HR] Return to Top Button: [img]http://i.imgur.com/AI74PLz.png[/img] [HR][/HR] Footer: [img]http://i.imgur.com/oyimAAq.png[/img] Previous Vouches: [quote name='Adam200214']I vouch for this amazing guy, all of his work is neat and well coded! VOUCH![/QUOTE] [quote name='Motherboard']Vouch for King Fox. ;d Sold me alot of his work +1[/QUOTE] [quote name='Deansta']Vouch: Very friendly and no hassle. recommend him![/QUOTE] [quote name='rebornMike']Vouch for King Fox![/QUOTE] [quote name='Fabrice L']vouch for this guy xD KNOWLEDGE SURE IS POWER[/QUOTE] [quote name='Al4n']Vouch for king fox good luck bro[/QUOTE] [quote name='Bear_']vouch for king fox.[/QUOTE] [quote name='Titanium']vouch king fox :)[/QUOTE]
  9. OG KingFox

    Sad

    sad to see u go, but even more sad they hacked ur site. What pathetic moron needs players so bad they hack other sites...sounds like a bunch of money whores..
  10. [CENTER][COLOR=#000000][FONT=impact][SIZE=7]~Bootstrap Highscores~[/SIZE][/FONT][/COLOR] Built from scratch with Bootstrap and Bootswatch themes. (also for some reason includes my playercard generator) [URL="http://i.imgur.com/pqLWS51.png"]Clicky for Preview[/URL] [URL="https://mega.co.nz/#!EIJllCyR!HSwsHawKllOgUbniwLUB7JMq4WhrKYmVlhUVNeb8JIU"][SIZE=3]Download Files[/SIZE][/URL][/CENTER] Features: [LIST] [*]Pagination (Multiple pages) [*]Search & Compare [*]100% Safe from XSS, Injections, etc. [*]Playercards Included [*]Fully Responsive (iphone & ipad compatible) [*]5+ Different themes included [/LIST] Alrighty, first thing is first, setup your highscores database (You can call it whatever you like, but remember we'll need it later). Below is the SQL query you're going to run on this database (If you already have an existing database with this structure, then you can skip this part): [code] CREATE TABLE IF NOT EXISTS `hs_users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(40) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `rights` int(1) NOT NULL DEFAULT '0', `overall_xp` bigint(20) NOT NULL, `attack_xp` int(11) NOT NULL, `defence_xp` int(11) NOT NULL, `strength_xp` int(11) NOT NULL, `constitution_xp` int(11) NOT NULL, `ranged_xp` int(11) NOT NULL, `prayer_xp` int(11) NOT NULL, `magic_xp` int(11) NOT NULL, `cooking_xp` int(11) NOT NULL, `woodcutting_xp` int(11) NOT NULL, `fletching_xp` int(11) NOT NULL, `fishing_xp` int(11) NOT NULL, `firemaking_xp` int(11) NOT NULL, `crafting_xp` int(11) NOT NULL, `smithing_xp` int(11) NOT NULL, `mining_xp` int(11) NOT NULL, `herblore_xp` int(11) NOT NULL, `agility_xp` int(11) NOT NULL, `thieving_xp` int(11) NOT NULL, `slayer_xp` int(11) NOT NULL, `farming_xp` int(11) NOT NULL, `runecrafting_xp` int(11) NOT NULL, `hunter_xp` int(11) NOT NULL, `construction_xp` int(11) NOT NULL, `summoning_xp` int(11) NOT NULL, `dungeoneering_xp` int(11) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=0; [/code] Now then, download and unzip the archive, you should now have a highscores folder. Upload this to your webhost. If your website is not premium, its most likely that it does not support RemoteSQL and you will NOT be able to continue. Ope nthis folder and navigate to templates/highscores/connect.php There you will find everything related to the making a connect to the database. This applies to all of the pages within highscores, and on the playercard generator. Just edit this one page, and all SQL stuff will work right. [code] define ("site_name", "Foxtrot"); #site name define ("hs_host", "localhost"); #database host, usually localhost define ("hs_user", "root"); # sql username define ("hs_pass", ""); #sql password define ("hs_name", ""); #sql database name define ("hs_table", "hs_users"); #database table define ("site_url", "http://yoursite.com/highscores/"); #used for playercard links define ("max_results", 25); # results per page define ("max_pages", 30); # max number of pages $con = new mysqli(hs_host, hs_user, hs_pass, hs_name) or die($con->error); [/code] The website part should now be setup and full working. That's all there is to it :3. Im afraid I cannot help much with the server since each server has SQL setup differently, but here is an example code. If your server does not have MySQL, then you won't be able to continue this. Sry ;_; EXAMPLE: [code] public static final String[] SKILLS = {"Attack", "Defence", "Strength", "Constitution", "Ranged", "Prayer", "Magic", "Cooking", "Woodcutting", "Fletching", "Fishing", "Firemaking", "Crafting", "Smithing", "Mining", "Herblore", "Agility", "Thieving", "Slayer", "Farming", "Runecrafting", "Hunter", "Construction", "Summoning", "Dungeoneering" }; [/code] [code] rs.updateString("username", username); rs.updateInt("rights", player.getRights()); rs.updateLong("overall_xp", getTotalXp(player)); for (int i = 0; i < 25; i++) { rs.updateInt(""+Skills.SKILLS[i].toLowerCase()+"_xp", (int)player.getSkills().getXp(i)); } rs.updateRow(); [/code] [code] public static long getTotalXp(Player player) { long totalxp = 0; for (double xp : player.getSkills().getXp()) { totalxp += xp; } return totalxp; } [/code] Should be it I hope. Has fun ;3
  11. [quote name='Im Chaz']Honestly doesn't have much, but nice release.[/QUOTE] doesnt have much? you're blind. >_>
×