[ABD] Activity MOD

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Locked
fleccy
Registered User
Posts: 275
Joined: Mon Oct 27, 2003 8:26 am
Location: Manchester, UK

Post by fleccy »

ok maybe it could be fixed with dummy files for total confusion to the cheetah :P

Broken Staple
Registered User
Posts: 10
Joined: Wed Mar 31, 2004 7:20 pm

Post by Broken Staple »

I posted this earlier, but I don't want it to get buried.

Is there a way to stop users from starting threads in certain forums if their points level drops below a specified number?
Last edited by Broken Staple on Wed Mar 31, 2004 10:26 pm, edited 1 time in total.

whoo
Registered User
Posts: 575
Joined: Fri Mar 07, 2003 4:12 am

Post by whoo »

Broken Staple, wrong topic dude

[Cinder777]
Registered User
Posts: 31
Joined: Fri Mar 26, 2004 2:36 am
Contact:

Post by [Cinder777] »

does anyone know how i can remove some "cheat highscores" without having to erase the scores on every single game?

thanks

User avatar
Rat
Registered User
Posts: 102
Joined: Wed Oct 23, 2002 4:46 am
Location: Houston, TX
Contact:

Post by Rat »

[Cinder777] wrote: does anyone know how i can remove some "cheat highscores" without having to erase the scores on every single game?

thanks


go to myphpadmin and search for that game score and manually take it off.
Rat

[Cinder777]
Registered User
Posts: 31
Joined: Fri Mar 26, 2004 2:36 am
Contact:

Post by [Cinder777] »

Rat wrote:
[Cinder777] wrote:does anyone know how i can remove some "cheat highscores" without having to erase the scores on every single game?

thanks


go to myphpadmin and search for that game score and manually take it off.


I'm not too sure what to do. At phpmyadmin, i have 6 tables. iNA, iNA_GAMES, iNA_SCORES, phpbb_iNA_data, phpbb_iNA_games and phpbb_iNA_scores

transm
Registered User
Posts: 99
Joined: Mon Feb 09, 2004 2:26 pm

Post by transm »

whoo wrote: checking the score via a file that has been written to wouldnt solve much, as far as I can see. All thats accomplished by that is adding a middle man of sorts to the proccess. Whether you write immediately to the db, or write after checking a file.. think about it.. there is NO way to tell if a score is legit using that method, anymore than the current method. vbull's two arcade hacks solve this by opening the game in the same page, for one thing.. the mod could be rewritten, using switches within the main page to load the games, record scores, etc..Ive thought about playing around with it, but bah, its not in my job description, and anyway, rat seems to think I wouldnt be able to. He knows me better than I do apparantly -- so ill just stick to perl and tcl :P


When I mentioned writing to a file, I meant that the flash game could do that (I don't know if flash is able to do that - also the directory on the server would have to permit it). That way it woud be impossible to cheat because a user won't be able to upload any files.

User avatar
LaZeR
Registered User
Posts: 671
Joined: Sat Jun 29, 2002 8:38 pm
Contact:

Post by LaZeR »

I guess I'm understanding some of the concept behind this cheat "hole" but not really grasping why it can't be resolved. If the session is being set to the actual game window that is open in the browser and the requirements in the newscore.php demand that only that page is allowed to send, why isn't this enough? Is the problem in the way what I described is being implimented OR am I wrong in assuming it should work that way?

transm
Registered User
Posts: 99
Joined: Mon Feb 09, 2004 2:26 pm

Post by transm »

Another problem with some games is when you can click the save button more than once. It causes a security error by mistake too (I am using the updated 'security fix' version).

Lazer, could you explain with some code how to implement the session check? I don't think it uses sesion ids at the moment.

User avatar
LaZeR
Registered User
Posts: 671
Joined: Sat Jun 29, 2002 8:38 pm
Contact:

Post by LaZeR »

transm wrote: Lazer, could you explain with some code how to implement the session check? I don't think it uses sesion ids at the moment.


I'm probably thinking over my head but something like an assignment in the ACP when you add or edit a game. Then a requirement in the newscore.php code to include the given $value for Page session or something to that nature. Another words the way I'm thinking this, we need to force the send score routine to require it be made by ONLY the flash window-box-page er whatever :?

transm
Registered User
Posts: 99
Joined: Mon Feb 09, 2004 2:26 pm

Post by transm »

what about sending the variables using POST instead of GET, Flash has a command called LoadVars.send which can send variables using either method to a file. I found out you can't save to a text file using flash.

I think I'm right in saying you can specify to get the POST variables in the PHP file and discard any GET variables but I don't know.

defender39
Registered User
Posts: 169
Joined: Wed Nov 26, 2003 9:22 am

How to save flash scores in phpbb as a module!

Post by defender39 »

If you run phpbb as a module then you may be having a hard time saving your score. The reason is that it seems the flash files are hard coded with the url. So while you want it to go to modules.php?phpbb&mode=whatever... it actually just looks for newscore.php in root so here is the simple solution and it works really easy.

Catch the variables in a new newscore.php that you place in your root modules folder....more than likely wherever modules.php is.

Here is the code for it

Code: Select all

<?php 
	$game_name = (!empty($HTTP_POST_VARS['game_name'])) ? $HTTP_POST_VARS['game_name'] : $HTTP_GET_VARS['game_name'];
	$score = (!empty($HTTP_POST_VARS['score'])) ? $HTTP_POST_VARS['score'] : $HTTP_GET_VARS['score'];
	$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];

?>
<html>
<head>
<title>Score</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="refresh" content="0;URL=modules.php?op=modload&name=phpbb2&file=newscore.php&mode=<?php echo $mode; ?>&game_name=<?php echo $game_name; ?>&score=<?php echo $score; ?>">
</head>
<body bgcolor="#000000" text="#000000">
</body>
</html>
Enjoy.

defender39
Registered User
Posts: 169
Joined: Wed Nov 26, 2003 9:22 am

Post by defender39 »

Funny I just posted the above info without reading the last few posts. My code could also be used to check cheats I think...change your newscore.php to postscore.php and check inside postscore.php that the variable are coming from my newscore.php. If referrer is not newscore.php then the script can die, redirect, or error out...or even worse...check who the user is and take away all thier points.
:-)

Simple fix.

whoo
Registered User
Posts: 575
Joined: Fri Mar 07, 2003 4:12 am

Post by whoo »

2 things..

defender, your talking about modules is somewhat lost to most of us, i think, as I dont think the majority of us are running phpbb as a module, ie within post nuke.. atleast I am not.
second, for whoever mentioned session ids.. the modded games DO NOT send any session data, as they arecurrently coded. If you re-read my earlier post, vbulletin uses session ids.. though I believe the main of them is to record the playing time. Secondly, re-modding ALL of the games to do so would be quite a task (for someone).. and I clearly wouldnt even attemp it for the few games Ive modded until someone had done the necessary changes within the php files themselves.

defender39
Registered User
Posts: 169
Joined: Wed Nov 26, 2003 9:22 am

Post by defender39 »

whoo wrote: 2 things..

defender, your talking about modules is somewhat lost to most of us, i think, as I dont think the majority of us are running phpbb as a module, ie within post nuke.. atleast I am not.


This is why I started my post:
If you run phpbb as a module then you may be having a hard time saving your score.


I also posted how my fix for nuke could also serve as a defense from cheaters.

Locked

Return to “[2.0.x] MODs in Development”