bourbouli8ras

loipon paides ta diavasa ola ta post alla na sai kala re palikari kai edoses to sfalma,loipon auto to sfalma p s petaei to patheno ki ego otan den grafo kati sosta mesa sto dat file...akou na deis..kata tin gnomi m to fileedit einai i pio megali malakia gia na editareis ta system file alla pros to paron den exo brei kati better alla tespa... kai na s po gt?gt einai poli diskolo na bgaleis akri me tis kolostiles ton stats tou kathe id gt apo ena simeio kai meta berdeuontai kai einai ola to ena kato apo to allo opos na nai,ego sinithos anoigo excel kai ta copy-paste ekei kai etc bgazo mia akri alla meta den ginetai to anapodo...molis to kano copy paste apo to excel troo to idio sfalma me sena...opote pao siga siga kai allazo oti thelo prosexontas ti sbino kai ti grafo...thelei xrono kai ipomoni...an ta grapseis sosta den tha iparxei problima...an pali den boreseis pes mas ti theleis kai sto grafoume emeis.

If you don't know what SQL injection is, all you need to know about it as it relates to your server's website is that a malicious user could use your own php scripts to modify your server's database or potentially even take full control of your MySQL database. With the following scripts you can have better security.. (One word of caution: SQL Injection may still be possible if a user finds a way to pass a "change charset" command to your MySQL database. I can't think of a way to do that through any of these scripts, so they *should* be safe.) Account registration: PHP code: <?php //set host, username and password for MySQL $dbhost = "localhost"; $dbuser = "YOURMYSQLUSERNAME"; $dbpass = "YOURMYSQLPASSWORD"; //connect to MySQL or return an error $conn = mysql_connect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect: ' . mysql_error()); //set database name $dbname = "l2jdb"; //select database or return an error $dbselect = mysql_select_db("$dbname") or die ('Could not select database'); //get username and password info from the form, protecting against SQL injection $pass = mysql_real_escape_string($_POST["pass"]); $confirm = mysql_real_escape_string($_POST["confirm"]); $user = mysql_real_escape_string($_POST["name"]); //validate user input if(!preg_match('/^[a-zA-Z0-9]{5,20}$/',$user)) { die ('Error: Usernames can only contain alphanumeric characters and must be between 5 and 20 characters in length.'); } if(!preg_match('/^[a-zA-Z0-9]{5,20}$/',$pass)) { die ('Error: Passwords can only contain alphanumeric characters and must be between 5 and 20 characters in length.'); } if($pass != $confirm) { die ('Error: Passwords do not match.'); } //make sure user doesn't already exist and if it doesn't, add new record to the database $result = mysql_query("SELECT login FROM accounts WHERE login='$user'"); if(mysql_num_rows($result)>0) { die ('Error: Username already exists.'); }else{ mysql_query("INSERT INTO accounts (login, password, access_level) VALUES ('".$_POST['name']."', '".base64_encode(pack('H*', sha1($_POST['pass'])))."', 0)") or die ('Error: ' . mysql_error()); } //report successful registration echo "Account created successfully."; //close MySQL connection mysql_close(); ?> Save this as acc.php and then use the following html to add the account registration form to your webpage <form action="acc.php" method=post> UserID: <input type="text" name="name" size=20><br><br> Password: <input type="password" name="pass" size=20><br><br> Confirm Password: <input type="password" name="confirm" size=20><br><br> <input type=submit name="submit" value="Create"></form> The script has built in protection against SQL injection and also forces the user to submit a username and password that are between 5 and 20 characters in length, and limits them to only alphanumeric characters. Password reset scripts are even more subject to SQL injection exploits, so here is a (to the best of my knowledge) secure password reset script. <?php //set host, username and password for MySQL $dbhost = "localhost"; $dbuser = "YOURMYSQLUSERNAME"; $dbpass = "YOURMYSQLPASSWORD"; //connect to MySQL or return an error $conn = mysql_connect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect: ' . mysql_error()); //set database name $dbname = "l2jdb"; //select database or return an error $dbselect = mysql_select_db("$dbname") or die ('Could not select database'); //get username and password info from the form, protecting against SQL injection $user = mysql_real_escape_string($_POST["name"]); $currentpass = mysql_real_escape_string($_POST["currentpass"]); $newpass = mysql_real_escape_string($_POST["newpass"]); $confirm = mysql_real_escape_string($_POST["confirm"]); //username and password should already be valid and newpass and confirm should match or this script will die //so just validate the newpass and then check to see if newpass and confirm are the same if(!preg_match('/^[a-zA-Z0-9]{5,20}$/',$newpass)) { die ('Error: Passwords can only contain alphanumeric characters and must be between 5 and 20 characters in length.'); } if($newpass != $confirm) { die ('Error: New passwords do not match.'); } //encrypt the passwords $currentpass = base64_encode(pack('H*', sha1($currentpass))); $newpass = base64_encode(pack('H*', sha1($newpass))); //if the user input passed all the checks, make sure the account exists and then update the password $result = mysql_query("SELECT login,password FROM accounts WHERE login='$user' AND password='$currentpass'"); if(mysql_num_rows($result)>0) { mysql_query("UPDATE accounts SET password='$newpass' WHERE login='$user' AND password='$currentpass'"); echo "Password succesfully updated."; }else{ die ('Error: Account does not exist or password is incorrect.'); } //close MySQL connection mysql_close(); ?> Save the preceding as changepass.php and use the following HTML to insert a change password form into your website. <form action="changepass.php" method=post> UserID:<input type="text" name="name" size=20><br><br> Password: <input type="password" name="currentpass" size=20><br><br> New password: <input type="password" name="newpass" size=20><br><br> Confirm password:<input type="password" name="confirm" size=20><br><br> <input type=submit name="submit" value="Update Password"> This script uses the same protection as the registration script, and should be safe against all the SQL injection exploits that I can come up with. Server status scripts don't take any input from the user, and thus are not susceptible to SQL injection, but here is a server status script that is tested and working, and as a bonus will use graphics to display your server status. <?php //set server, port and timeout information $server = "localhost"; $portg = "7777"; $portl = "2106"; $timeout = "1"; //try to open a connection to the game and login server $game = @fsockopen("$server", $portg, $errno, $errstr, $timeout); $login = @fsockopen("$server", $portl, $errno, $errstr, $timeout); //let us know if the servers are up or not echo $game ? "<img src=\"gameonline.jpg\">" : "<img src=\"gameoffline.jpg\">"; echo $login ? "<img src=\"loginonline.jpg\">" : "<img src=\"loginoffline.jpg\">"; ?> All you have to do with this one is create a few graphics and insert the preceding php directly into your HTML whever you want the server status displayed. If the script isn't self-explanatory, the graphics you need to create are gameonline.jpg, gameoffline.jpg, loginonline.jpg and loginoffline.jpg. And last but not least, here is a little script that will display the number of users currently online as a graphic on your webpage. <?php //set host, username and password for MySQL $dbhost = "localhost"; $dbuser = "YOURMYSQLUSERNAME"; $dbpass = "YOURMYSQLPASSWORD"; //connect to MySQL or return an error $conn = mysql_connect("$dbhost", "$dbuser", "$dbpass") or die('Could not connect: ' . mysql_error()); //set database name $dbname = "l2jdb"; //select database or return an error $dbselect = mysql_select_db("$dbname") or die ('Could not select database'); //select all records from the characters table where that character is currently online $chars = mysql_query("SELECT online FROM characters where online='1'") or die ('Query failed: ' . mysql_error()); //count how many online characters there are $rows = mysql_num_rows($chars); //convert the number of online characters to a string $count =(string)$rows; //convert each digit in the string to a graphic for ($i=0; $i < strlen($count); $i++) { echo('<img src="' . $count{$i} . '.jpg">'); } //close MySQL connection mysql_close(); ?> Save this as onlineplayers.php and then insert the following code into your html where you want to display the number of online players. <?php include 'onlineplayers.php'; ?> Now all you need to do is create a graphic for each digit and save them as 0.jpg, 1.jpg, 2.jpg, 3.jpg, 4.jpg, 5.jpg, 6.jpg, 7.jpg, 8.jpg, and 9.jpg. The script will find the number of players currently online and use the graphics you created to diplay the number on your page. credits to:threadreaper

http://rapidshare.com/files/20557616/ChaosKastle.zip Its to basically make multibuy lists with ease has blanks you click, then hit compile and it compiles it will all data filled in the blanks, with blanks saved for easier editing for same priced items. "NOTE" it wasn't bug fixed so if you click in the Yellow/pink (depends on your monitor) area your list is surly to get messed up. Just use the edit boxes at the top compile to add your item to your list, (Automatically numbers them), and save as a .xml file and your done. Hope you will like it. credits:progFX

sounds nice,strange rates though but its ok..maybe you should edit and write the client?

well i wanna say good luck with the server and i cant w8 to see this happening..i am waiting for you to open it:)

thank you,thats very nice of you,you really helped me for my site.

omg,very long name..hehe

you need the right version of l2fileedit and ofcorse unRAR the files...

i think the wep you mean V-eGa is just the one handed axe of mordor weapons

this site GeRi is tested by yours?i mean we can trust it and rend a server?or may close in one month or smth and take the money and disapear?

yep...your icons are messed up a bit..hehe open them with fileedit end change them

naiiii,erxontai at last...pisteuo na bro tickets...:P

haha lol,really funny but coulnt read it all,its too big..

very good guide,the best i have ever seen of this type.man you deserved the karma,gg plz give us link for the programs you use and your guide will deserve sticky,has everything you need to compile your server.

nice guide,but can you give us some links about the tools that you are talking about?

can you give us some more informations plz?

hehe seems really good,nice npc names lol:)

good but you could be more specific on the part you say open 2 windows...2 of what?what program and where i insert?if you make this part clearer this guide is good for beginners.

wow,very good stefoulis,winter duals rocks man!!and the sheld is pretty good.hmm in the second picture with the shield the d.elf holds a custom weapon,am i right?

yioupi,+1 karma given to vent00za at last:) on topic now:very good idea vent00za,its your own creation or just a share that you found? anyway i like it very much,less lag and very conviinient NPC.congratzz

thank you:)apreciate that,im working on mob weapons now,i will make a great share soon,keep tuned in devepoping sections:)

nice share,i like this skill:)

looks great to write greek in l2 hehe

OMGGGGGGG sticky this thread:) very gooood share of games,i will start testing them but are so many...

nice and easy guide for changing the html text,not smth difficult but for a starter its ok,ty anyway