Videos 1-20

Location of the Videos
Post Reply
Phill94
Posts: 10
Joined: Fri Mar 05, 2010 2:43 pm

Re: Videos 1-20

Post by Phill94 »

Ah yeah, thanks Halls.

I've noticed another tiny thing... Did you remove the random selection of creatures when going to battle them? I can't find any random-code in the script + I am always fighting the orc.
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Videos 1-20

Post by hallsofvallhalla »

what video are you on?

I am going to make video 21 a complete clean up of the code and ensure everything is golden :)
Top
User avatar
KunoNoOni
Posts: 61
Joined: Sun May 09, 2010 1:54 am

Re: Videos 1-20

Post by KunoNoOni »

Awesome! I totally look forward to this video! :)

-KunoNoOni
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Videos 1-20

Post by hallsofvallhalla »

should be soon, I just dropped about 3 projects as of 1 hour ago. Going to concentrate on only the import things and important places.
Top
Phill94
Posts: 10
Joined: Fri Mar 05, 2010 2:43 pm

Re: Videos 1-20

Post by Phill94 »

Well, I'm not in any video :) But if I was, it would be video 20 or so. Hmm.. I looked at the earlier video scripts, see here what I mean:

Video 7's battle.php

Code: Select all

    <?php
    include_once 'connect.php';
    session_start();

    if (isset($_SESSION['player']))
    {
      $player=$_SESSION['player'];
    }
    else
    {
      echo "Not Logged in <br><br> <A href='login.php'>Login</a>";
      exit;
    }
    $playerinfo="SELECT * from players where name='$player'";
    $playerinfo2=mysql_query($playerinfo) or die("could not get player stats!");
    $playerinfo3=mysql_fetch_array($playerinfo2);

    $playerhp = $playerinfo3['hpoints'];
    $playerattack = $playerinfo3['attack'];
    $playerdefense = $playerinfo3['defense'];

    ////////////////new for video 7///////////////
    if (isset($_GET['randid']))
    {
       $randid=$_GET['randid'];
       $iteminfo="SELECT * from inventory where randid='$randid'";
    $iteminfo2=mysql_query($iteminfo) or die("could not get item stats!");
    $iteminfo3=mysql_fetch_array($iteminfo2);

    if (!$iteminfo3['name'])
    {
    }
    else
    {

    $name = $iteminfo3['name'];
    $stats = $iteminfo3['stats'];
    $statadd = $iteminfo3['statadd'];
    $type = $iteminfo3['type'];

    if ($type == "healing")
    {
       $newhp = $statadd + $playerhp;
       if ($newhp > $playerinfo3['maxhp'])
       {
        $newhp = $playerinfo3['maxhp'];
       }
        $updateplayer="update players set hpoints='$newhp' where name='$player'";
      mysql_query($updateplayer) or die("Could not update player");

        $updateitem="DELETE from inventory where name='$name' AND randid='$randid' limit 1";
      mysql_query($updateitem) or die("Could not delete item");
       
       $playerhp = $newhp;
     
      echo "Used " . $name . " and recovered " . $statadd . ".<br>";
    }

    }}
    ////////////////////////////////



    if (isset($_GET['creature']))
    {
       $creature=$_GET['creature'];
       $creatureinfo="SELECT * from creatures where name = '$creature'";
    $creatureinfo2=mysql_query($creatureinfo) or die("could not get the creature you were fighting!");
    $creatureinfo3=mysql_fetch_array($creatureinfo2);

    }
    else
    {
      $creatureinfo="SELECT * from creatures order by rand() limit 1"; // SEE HERE - It selects randomly a creature.
    $creatureinfo2=mysql_query($creatureinfo) or die("could get a creature!");
    $creatureinfo3=mysql_fetch_array($creatureinfo2);
    }

    $creature = $creatureinfo3['name'];
    $creaturehp = $creatureinfo3['hpoints'];
    $creatureattack = $creatureinfo3['attack'];
    $creaturedefense = $creatureinfo3['defense'];

    /////player info
    echo "<u> " . $playerinfo3['name'] . "</u><br>";
    echo "Hit points = " . $playerhp . "<br>";
    echo "Attack = " . $playerattack . "<br>";
    echo "Defense = " . $playerdefense . "<br><br><br>";




    ///////creature info
    echo "<u> " . $creatureinfo3['name'] . "</u><br>";
    echo "Hit points = " . $creaturehp . "<br>";
    echo "Attack = " . $creatureattack . "<br>";
    echo "Defense = " . $creaturedefense . "<br><br><br>";

    echo "<a href='attack.php?creature=$creature'>Attack!";

    ///////////////////new for tutorial 7/////////////////////
    echo "<br><a href='useitem.php?creature=$creature'>Use Item";
    echo "<br><a href='store.php?creature=$creature'>Go to Store";

    ?>

Newest battle.php:

Code: Select all

<?php
include_once 'connect.php';
session_start();

include_once 'logo.php';
?>
 <link href="style.css" rel="stylesheet" type="text/css" />
<div id="login2" div align="center">


<?php

 


if (isset($_SESSION['player']))
{
  $player=$_SESSION['player'];
}
else
{
  echo "Not Logged in <br><br> <A href='login.php'>Login</a>";
  exit;
}
?>
</div>
<?php
$playerinfo="SELECT * from players where name='$player'";
$playerinfo2=mysql_query($playerinfo) or die("could not get player stats!");
$playerinfo3=mysql_fetch_array($playerinfo2);

include_once 'statpanel.php';

$pid = $playerinfo3['id'];
$name = $playerinfo3['name'];
$playerhp = $playerinfo3['hpoints'];
$playerattack = $playerinfo3['attack'];
$playerdefense = $playerinfo3['defense'];
$pllocation = $playerinfo3['location'];

?>
<div id="table">
<?php

 if (isset($_GET['randid']))
{
   $randid=$_GET['randid'];
   $iteminfo="SELECT * from inventory where randid='$randid' AND id ='$pid'";
$iteminfo2=mysql_query($iteminfo) or die("could not get item stats!");
$iteminfo3=mysql_fetch_array($iteminfo2);

if (!$iteminfo3['name'])
{
}
else
{

$iname = $iteminfo3['name'];
$stats = $iteminfo3['stats'];
$statadd = $iteminfo3['statadd'];
$type = $iteminfo3['type'];
 
 if ($type == "healing")
 {
   $newhp = $statadd + $playerhp;
   if ($newhp > $playerinfo3['maxhp'])
   {
    $newhp = $playerinfo3['maxhp'];
   }
    $updateplayer="update players set hpoints='$newhp' where id='$pid'";
  mysql_query($updateplayer) or die("Could not update player");

    $updateitem="DELETE from inventory where id='$pid' AND randid='$randid' limit 1";
  mysql_query($updateitem) or die("Could not delete item");
   
   $playerhp = $newhp;
  
  echo "Used " . $iname . " and recovered " . $statadd . ".<br>";
 }

}}

 
 


$creature = $playerinfo3['creature'];
 if ($creature != 0)
{
 $creatureinfo="SELECT * from creatures where id='$creature'"; // SEE HERE - It doesn't randomly select, and I am ONLY fighting the orc all the time.
$creatureinfo2=mysql_query($creatureinfo) or die("could not get the creature you were fighting!");
$creatureinfo3=mysql_fetch_array($creatureinfo2);

}
else
{
////////////////////new for video 20
$areaninfo="SELECT * from locations where location='$pllocation' AND type='arena'";
$areaninfo2=mysql_query($areaninfo) or die("could not get arena");
$areaninfo3=mysql_fetch_array($areaninfo2);
$arenalevel = $areaninfo3['level'];

  $creatureinfo="SELECT * from creatures where level <= '$arenalevel' order by rand() limit 1";
$creatureinfo2=mysql_query($creatureinfo) or die("could get a creature!");
$creatureinfo3=mysql_fetch_array($creatureinfo2);
$cid = $creatureinfo3['id'];
$updateplayer="update players set creature='$cid' where name='$name'";
  mysql_query($updateplayer) or die("Could not update player");
}

$creature = $creatureinfo3['name'];
$creaturehp = $creatureinfo3['hpoints'];
$creatureattack = $creatureinfo3['attack'];
$creaturedefense = $creatureinfo3['defense'];



?>
</div>
<div id="player">
<?php
/////player info
echo "<u> " . $playerinfo3['name'] . "</u><br>";
echo "Hit points = " . $playerhp . "<br>";
echo "Attack = " . $playerattack . "<br>";
echo "Defense = " . $playerdefense . "<br><br><br>";
?>
</div>
<div id="creature">
<?php
///////creature info
echo "<u> " . $creatureinfo3['name'] . "</u><br>";
echo "Hit points = " . $creaturehp . "<br>";
echo "Attack = " . $creatureattack . "<br>";
echo "Defense = " . $creaturedefense . "<br><br><br>";

echo "<a href='attack.php'>Attack</a>";
echo "<br><a href='usemagic.php'>Use Magic</a>";
echo "<br><a href='useitem.php'>Use Item</a>";
echo "<br><a href='index.php'>Exit Arena</a>";


?>
</div>

<div id="logout">
<?php
echo "<br><a href='logout.php'><img src='images/logout.gif'>";
?>
</div>
See?
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Videos 1-20

Post by hallsofvallhalla »

that's because that query is only running if a creature has already been selected. Look at the next query...

make sure you have more than one creature in the DB and that you and it are the same level

do this to test. Create 2 creatures exactly like the orc you keep fighting, change only the name, orc2, orc 3.

run through fighting a couple times...if you still are getting the same orc then check to be sure the creature in the players table is being reset.
Top
Phill94
Posts: 10
Joined: Fri Mar 05, 2010 2:43 pm

Re: Videos 1-20

Post by Phill94 »

Ahh, yeah I see now. Thanks.
Top
Phill94
Posts: 10
Joined: Fri Mar 05, 2010 2:43 pm

Re: Videos 1-20

Post by Phill94 »

Hey guys, a quick thing that is really important.
I found a little hole in the login. If your password is fx. "test", thats 4 characters, you can enter another password that is as long as the real password, and still get in.
If you didnt really understand that, try to understand this.. On my local I got my user Bill, with the password test. I can login with those informations without problems. If I enter a different password, and it is as long as my real password (test = 4 characters), for example "fuck", I can login too.

Thats a problem. You can try it out yourself and see the problem yourself.
But the solution is here, just copy and paste this into your authenticate.php:

Code: Select all

<?php
include_once 'connect.php';
session_start();

if (isset($_POST['submit']))
{
  $player=$_POST['player'];
  $password=$_POST['password'];
  $player=strip_tags($player);
  $password=strip_tags($password);
  $password=md5($password);
  $ldate=date("d.m.y H:i");

  $query = "select name,password from players where name='$player' and '$password'";
  $result = mysql_query($query) or die("Could not query players");
  $result2 = mysql_fetch_array($result);
  if ($player == $result2['name'] and $password == $result2['password']) // I have changed it from $result2. This checks if it is the correct username and password you're entering, and then letting you in.
  {
    $_SESSION['player']=$player;

    echo "<big>Logged in successfully<br>";
    echo "<A href='index.php'>Continue</a></big>";
  }
  else
  {
   echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
  }
}
?>
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Videos 1-20

Post by hallsofvallhalla »

this is why

Code: Select all

$query = "select name,password from players where name='$player' and '$password'";
needs to be

Code: Select all

$query = "select name,password from players where name='$player' and password = '$password'";
this error I MADE has been biting me in the arse since I made it :)
Top
Phill94
Posts: 10
Joined: Fri Mar 05, 2010 2:43 pm

Re: Videos 1-20

Post by Phill94 »

Oh, didn't notice that, lol. Oh well, now there is two ways to do it :) Halls' way is the easiest though.
Halls, in the new videos, which kinds of security are you going to add?
And now where I am on it, I got some ideas for new stuff:

News system (an option, people should know after all the vids, how to make it themselves :P )
User profiles (already suggested, but it is an cool idea)
Character mental status (you know, how hungry you are and how thirsty you are (will require food to get full))

Thats all I got for now.
Top
Post Reply

Return to “Older Browser MMO Videos”