L2Αpollon

Θέλει .php κατάληξη για να τρέξουν τα scripts της php. Δοκίμασε ένα rename από html σε php.

Από το client γίνεται αυτό, ανοίγεις δλδ το system με L2 File Edit, το βρίσκεις και το αλλάζεις.

Dear L2Apollon and Lineage 2 fans, L2Apollon is making a new fresh start with it's High-Five private project at 15/10/2011, 18:00 GMT+2. We wait all of you inside to check our project and we wish all of you to have fun and enjoy our server! We also got a special bonus for organized clans that will join us, for more info check our forum! L2Apollon is a server running on OVH dedicated machine and managed by MCITP administrator. Some info about our server can be found below, it's not all but the most critical, the rest you have to explore it alone when you join us! Check also what unique features L2Apollon has to offer to players! What we offer in L2Apollon is an experienced Team that knows coding in java, knows how to secure a server and knows Lineage2 from player's point of view. We won't say big words, because our eyes have seen many in the world of Lineage2, but our first concern is to provide you a secure, stable and with no-lag server. The biggest problem nowadays is security in a Lineage2 server and from that part we are completely covered in L2Apollon. Server is located in Great Britain because datacenter is there and with one of the best dedicated server machine and connection. This server came to stay for a long-long time so feel free to come join us for a stable, secure and most of all funny Lineage2 experience! Visit www.l2apollon.com for further information! www.l2apollon.com L2Apollon Forum L2Apollon Facebook page Server Machine : - Processors: AMD Opteron 4174 (6x 2.30+ GHz) - Memory(RAM): 16 GB DDR3 - 2x 1500 GB - SATA2 No Raid - 1 Gbps Bandwidth - Unlimited Traffic - Hardware Firewall for DDOS Protection - Full Anti-Hack - Anti-Bot System - Full Protected Server both Client and Server side Server Info and Features : - L2Apollon (x50) Server: - High Five chronicle - XP: x50 - SP: x50 - Party XP/SP: x60 (1.2x50) - ADENA: x50 - Spoil: x20 - Drop: x15 - Max Enchant Rate: +16 - Safe Enchant Rate: +4 - Normal Enchant Chance: 66% - Blessed Enchant Chance: 66% - Buff Slots: 26+4 from Divine Inspirations - 13 Dances/Songs slots - Full Geodata/Cell Pathfinding - Working Hellbound - Working Chambers of Delusion - Territory Wars - All Pailaka quests work - All Kamaloka instances work - No custom items - New High Five skills, all old skills reworked - Full new H5 Lair of Antharas and Dragon Valley places with new mobs, droplists, etc. - Zaken and Frintezza working as instances as they should - Nevit's Blessing bonus system fully implemented and working - Most siegable clan halls working - Items of Gm Shop (up to A grade) inside local stores for a more 'retail-like' server experience - Global GK (inside the normal Gatekeepers) - Raid Teleporter (not to 80+ lvl bosses and Special Bosses though) - NPC Buffer with option to create personal buff scheme (3 hours buff) - Pet Buffer to buff up your pets separately (3 hours buff) - Npc Vitalizer that gives u buff to maintain full vitality for 2 hours - Noblesse Status obtainable with quest item Caradine's letter for a fee and you have to be 75 level with subclass or with Nobless Manager obtainable with main class only for a bigger fee - Top PvP-PK npc info - Colour Manager Npc that changes players title colour - Wedding Npc - No quests for class change and subclass - Max Subclass=3, Max LvL of Subclass=80 - Balanced Retail Olympiad with +8 max enchant value - Command .exp for XP/SP activation/deactivation - Offline Private Stores: Set your private store and click “Exit” - Trade zones at Giran Town, where you can set private store only on predefined areas - Trade zones around all NPC, where you can set private store only on certain distance from any NPC - Trade zones around all private stores, where you can set private store only on certain distance of another private store - All pets have retail stats and they are completely balanced - Shift+Click a mob to see droplist ingame - Automated low level PK protection - Auto-Learn skills Unique L2Apollon Features : - Server doesn't use npcs for Gm Shop or for Global Gatekeeper, everything is incorporated inside the retail npcs like local traders and local gatekeepers. With that way we want to boost participation in sieges and give to players a more 'retail-like' experience! - Server uses unique trade coins called Apollon's coins so the players can make trades with these coins. You can find these coins on special L2Apollon mobs (aka champions) and of course you can trade them with other players!

Starting day of L2Apollon has been decided: TIME HAS COME ! SERVER'S GRAND OPENING DAY ! WE ARE WAITING FOR YOU ! 30 / 04 / 2011 , 18:00 GMT+2 It's the last post of us here, we will continue posting at normal section with Live Servers.

PHP is a very easy language to learn, and many people without any sort of background in programming learn it as a way to add interactivity to their web sites. Unfortunately, that often means PHP programmers, especially those newer to web development, are unaware of the potential security risks their web applications can contain. Here are a few of the more common security problems and how to avoid them. Rule Number One: Never, Ever, Trust Your Users It can never be said enough times, you should never, ever, ever trust your users to send you the data you expect. I have heard many people respond to that with something like "Oh, nobody malicious would be interested in my site". Leaving aside that that could not be more wrong, it is not always a malicious user who can exploit a security hole - problems can just as easily arise because of a user unintentionally doing something wrong. So the cardinal rule of all web development, and I can't stress it enough, is: Never, Ever, Trust Your Users. Assume every single piece of data your site collects from a user contains malicious code. Always. That includes data you think you have checked with client-side validation, for example using JavaScript. If you can manage that, you'll be off to a good start. If PHP security is important to you, this single point is the most important to learn. SQL Injection One of PHP's greatest strengths is the ease with which it can communicate with databases, most notably MySQL. Many people make extensive use of this, and a great many sites, including this one, rely on databases to function. However, as you would expect, with that much power there are potentially huge security problems you can face. Fortunately, there are plenty of solutions. The most common security hazard faced when interacting with a database is that of SQL Injection - when a user uses a security glitch to run SQL queries on your database. Let's use a common example. Many login systems feature a line that looks a lot like this when checking the username and password entered into a form by a user against a database of valid username and password combinations, for example to control access to an administration area: $check = mysql_query("SELECT Username, Password, UserLevel FROM Users WHERE Username = '".$_POST['username']."' and Password = '".$_POST['password']."'"); Look familiar? It may well do. And on the face of it, the above does not look like it could do much damage. But let's say for a moment that I enter the following into the "username" input box in the form and submit it: ' OR 1=1 # The query that is going to be executed will now look like this: SELECT Username, Password FROM Users WHERE Username = '' OR 1=1 #' and Password = '' The hash symbol (#) tells MySQL that everything following it is a comment and to ignore it. So it will actually only execute the SQL up to that point. As 1 always equals 1, the SQL will return all of the usernames and passwords from the database. And as the first username and password combination in most user login databases is the admin user, the person who simply entered a few symbols in a username box is now logged in as your website administrator, with the same powers they would have if they actually knew the username and password. With a little creativity, the above can be exploited further, allowing a user to create their own login account, read credit card numbers or even wipe a database clean. Fortunately, this type of vulnerability is easy enough to work around. By checking for apostrophes in the items we enter into the database, and removing or neutralising them, we can prevent anyone from running their own SQL code on our database. The function below would do the trick: function make_safe($variable) { $variable = mysql_real_escape_string(trim($variable)); return $variable; } Now, to modify our query. Instead of using _POST variables as in the query above, we now run all user data through the make_safe function, resulting in the following code: $username = make_safe($_POST['username']); $password = make_safe($_POST['password']); $check = mysql_query("SELECT Username, Password, UserLevel FROM Users WHERE Username = '".$username."' and Password = '".$password."'"); Now, if a user entered the malicious data above, the query will look like the following, which is perfectly harmless. The following query will select from a database where the username is equal to "\' OR 1=1 #". SELECT Username, Password, UserLevel FROM Users WHERE Username = '\' OR 1=1 #' and Password = '' Now, unless you happen to have a user with a very unusual username and a blank password, your malicious attacker will not be able to do any damage at all. It is important to check all data passed to your database like this, however secure you think it is. HTTP Headers sent from the user can be faked. Their referral address can be faked. Their browsers User Agent string can be faked. Do not trust a single piece of data sent by the user, though, and you will be fine. Using Defaults When MySQL is installed, it uses a default username of "root" and blank password. SQL Server uses "sa" as the default user with a blank password. If someone finds the address of your database server and wants to try to log in, these are the first combinations they will try. If you have not set a different password (and ideally username as well) than the default, then you may well wake up one morning to find your database has been wiped and all your customers' credit card numbers stolen. The same applies to all software you use - if software comes with default username or password, change them. Leaving Installation Files Online Many PHP programs come with installation files. Many of these are self-deleting once run, and many applications will refuse to run until you delete the installation files. Many however, will not pay the blindest bit of attention if the install files are still online. If they are still online, they may still be usable, and someone may be able to use them to overwrite your entire site. Predictability Let us imagine for a second that your site has attracted the attention of a Bad Person. This Bad Person wants to break in to your administration area, and change all of your product descriptions to "This Product Sucks". I would hazard a guess that their first step will be to go to http://www.yoursite.com/admin/ - just in case it exists. Placing your sensitive files and folders somewhere predictable like that makes life for potential hackers that little bit easier. With this in mind, make sure you name your sensitive files and folders so that they are tough to guess. Placing your admin area at http://www.yoursite.com/jsfh8sfsifuhsi8392/ might make it harder to just type in quickly, but it adds an extra layer of security to your site. Pick something memorable by all means if you need an address you can remember quickly, but don't pick "admin" or "administration" (or your username or password). Pick something unusual. The same applies to usernames and passwords. If you have an admin area, do not use "admin" as the username and "password" as the password. Pick something unusual, ideally with both letters and numbers (some hackers use something called a "dictionary attack", trying every word in a dictionary as a password until they find a word that works - adding a couple of digits to the end of a password renders this type of attack useless). It is also wise to change your password fairly regularly (every month or two). Finally, make sure that your error messages give nothing away. If your admin area gives an error message saying "Unknown Username" when a bad username is entered and "Wrong Password" when the wrong password is entered, a malicious user will know when they've managed to guess a valid username. Using a generic "Login Error" error message for both of the above means that a malicious user will have no idea if it is the username or password he has entered that is wrong. File Systems Most hosting environments are very similar, and rather predictable. Many web developers are also very predictable. It doesn't take a genius to guess that a site's includes (and most dynamic sites use an includes directory for common files) is an www.website.com/includes/. If the site owner has allowed directory listing on the server, anyone can navigate to that folder and browse files. Imagine for a second that you have a database connection script, and you want to connect to the database from every page on your site. You might well place that in your includes folder, and call it something like connect.inc. However, this is very predictable - many people do exactly this. Worst of all, a file with the extension ".inc" is usually rendered as text and output to the browser, rather than processed as a PHP script - meaning if someone were to visit that file in a browser, they'll be given your database login information. Placing important files in predictable places with predictable names is a recipe for disaster. Placing them outside the web root can help to lessen the risk, but is not a foolproof solution. The best way to protect your important files from vulnerabilities is to place them outside the web root, in an unusually-named folder, and to make sure that error reporting is set to off (which should make life difficult for anyone hoping to find out where your important files are kept). You should also make sure directory listing is not allowed, and that all folders have a file named "index.html" in (at least), so that nobody can ever see the contents of a folder. Never, ever, give a file the extension ".inc". If you must have ".inc" in the extension, use the extension ".inc.php", as that will ensure the file is processed by the PHP engine (meaning that anything like a username and password is not sent to the user). Always make sure your includes folder is outside your web root, and not named something obvious. Always make sure you add a blank file named "index.html" to all folders like include or image folders - even if you deny directory listing yourself, you may one day change hosts, or someone else may alter your server configuration - if directory listing is allowed, then your index.html file will make sure the user always receives a blank page rather than the directory listing. As well, always make sure directory listing is denied on your web server (easily done with .htaccess or httpd.conf). I will update guide from time to time with more information as i work in that part of systems engineering, especially php developing.

Σωστό script αλλά δεν δουλεύει αν έχεις κλειστή την fsockopen από τις ρυθμίσεις της php σου. Πολλοί web-hosters όπως το papaki ας πούμε την έχουν κλειστή by default.

Updated: 14.04.2011 New server's machine info has been updated. Check Features section for more info!

Καλά ναι συμφωνώ σ'αυτό, γενικά βρίσκεις δωρεάν αξιόλογες εφαρμογές όπως είπαμε!

Homemade.

You have propably already installed Lineage 2 in your computer, check your Installed Programs about it.

Ερευνα του Κατσανέβα και της ομάδας του για τις σχολές στην Ελλάδα με βαθμολογία από το 1-5, είναι έρευνα του 2010, κατά τη γνώμη μου must read για όσους είναι 3η Λυκείου! Ελπίζω να σας βοηθήσει παιδιά, καλή τύχη στις εξετάσεις! http://www.mysep.gr/wp-content/uploads/2010/05/katsanebas2010.pdf

Γιατί το Mxc πρέπει να παρέχει support για κάθε home-made server? :D

Topic updated: 12.04.2011 Server has been moved to OVH, we are in last part of setup, when we are ready we will post news and new connection info etc...

Καλά ναι όμορφη εφαρμογή είναι, 1 ευρώ κοστίζει κιόλας, αν τη γουστάρεις τόσο why not :).

Ας πούμε για τη συγκεκριμένη δουλειά θα σου συνιστούσα την δωρεάν εφαρμογή που λέγεται Mini Info.

Added, αν και είναι πληρωτέα εφαρμογή και είπα να μείνω στις free!

Topic updated.

Did u have software protection? Like iptables on Linux or ZoneAlarm on Windows?

Νομίζω ότι πρέπει να έχεις από έκδοση Android 1.6 και πάνω για να αποθηκεύεις εφαρμογές στην SD κάρτα. Εγώ προσωπικά έχω 1.5 έκδοση σε κινητό HTC Magic και δεν γίνεται, πραγματικά μεγάλο πρόβλημα διότι με 20-30 downloaded εφαρμογές στη μνήμη έχω φρακάρει... :'(

Αντε πρόσθεσα και μερικά games για να μην λες :P Εγινε update στο αρχικό κείμενο του topic , κι' αυτό update είναι!

Σιγά-σιγά θα εμπλουτιστεί ρε συ, δεν γίνονται όλα με τη μία. Τις εφαρμογές και τα παιχνίδια σας τα διαβάζει ο κόσμος μην έχεις αμφιβολία!

You sure he had firewall protection on?Because it is offered as an extra.

My server www.l2apollon.com and www.raidfight.eu will move to that dedicated http://www.ovh.co.uk/products/dedicated_offers.xml with firewall protection from ddos attacks, overall fee about 150 euros/month.

Topic updated.

Updated: 07.04.2011 We are in the last part of setup, we will propably move server to OVH that provides hardware firewall so we are protected against ddos attacks and also we are in contact with Nekys, administrator of Raidfight, to give us some useful advices about a successful server like his. Stay tuned!