First of all, gj of integrating it in the main site. This really adds to the idea of a reatime ranking
Ok, a small suggestion: Make the records based on playername, not on IP.
For example, see ID 405 vs ID 69.
Which brings us to the second suggestion: the forum's tags do not support certain characters in the url, like '+' or '%'.
This makes entering urls with certain PHP/SQL formatted arguments a pain.
Also, the old GIP shown on the right is still vulnerable for the ampersand character '&'. Not much evil cn be done with it, but I thought I'd still tell it.
First of all, gj of integrating it in the main site. This really adds to the idea of a reatime ranking ;-)
Ok, a small suggestion: Make the records based on playername, not on IP.
For example, see [url=http://www.jazzjackrabbit.net/zstats/showtable.php?page=&pname=aEs wKtK]ID 405 vs ID 69[/url].
Which brings us to the second suggestion: the forum's [url][/url] tags do not support certain characters in the url, like '+' or '%'.
This makes entering urls with certain PHP/SQL formatted arguments a pain.
Also, the old GIP shown on the right is still vulnerable for the ampersand character '&'. Not much evil cn be done with it, but I thought I'd still tell it.
Thanks, great job on the site sofar.
Dunno if Jake still reads this forum every now and then. I just copied some code from one of his scripts and tried to make it fit ok in the front page layout
Dunno if Jake still reads this forum every now and then. I just copied some code from one of his scripts and tried to make it fit ok in the front page layout :)
It's actually to prevent someone with personal issues to destroy someone else's stats
Ah, yes that makes sense. In that case, maybe you could offer users a function that let's them merge results with the same ingame name, but ONLY if they're on the same IP as the result the other record(s) get merged into...
[quote]It's actually to prevent someone with personal issues to destroy someone else's stats :)[/quote]
Ah, yes that makes sense. In that case, maybe you could offer users a function that let's them merge results with the same ingame name, but ONLY if they're on the same IP as the result the other record(s) get merged into...
important: remove the underscore from '&_amp;' in these snippets. I had to add it, to prevent the forum from displaying it as a plain '&' character... same goes for '&_lt;' and '&_gt;'.
Ok, I haven't had a chance to test it, seeing as my firewall doesn't seem to like fsockopen making outward connections -_-.
Code:
function gipke () {
//Write start of table
$r = "\n".'<table border="0" align="center">'."\n".'';
/*
* Open connection. Use the url of the listserver here.
* Timeout changed from 1 to 2 seconds, to avoid timeouts on lag.
* If desired, change back to 1 to let the site load a bit faster
* when the server is experiencing lag.
*
* Addresses to use:
* list.digiex.net - Defaults to a working one?
* list1.digiex.net - The first and main digiex server, back up again.
* list2.digiex.net - Secondary digiex server, seems down atm...
* Djazz' server - Can't find it because his site's down atm. Ask him.
* list.lun4rsoft.info - wKtK's expirimental listserver. Not stable atm, don't use yet.
*/
$connection = fsockopen("list.digiex.net", 10057, $errno, $errstr,2);
if (!$connection) return false; //Connection failed.
$list = ''; //Received data accumulated here
while (!feof($connection)) $list .= fread($connection, 8192); //Read raw data
fclose($connection);
$number = count($list) - 1; //always one too much, according to cataphract's script
for ($counter=0; $counter<$number; $counter++) {
$server = explode(" ",$list[$counter],8);
/*
* Local fix for ampersands '&' in servernames.
* Please read the long comment below this line for a
* better solution.
*/
$server[7] = str_replace("&","&_amp;",$server[7];
/*
* Below here, the function 'sl_remlixo(String)' gets called.
* After some searching, I found this function in a php file
* for download on J2O. This function replaces the paragraph sign
* and the pipe character ('§' and '|') in servernames.
*
* While I provide a local fix here, a better solution would be to
* add the following line to the 'sl_remlixo()' function:
* $v = str_replace("&","&_amp;",$v);
* add it just before the return statement, after the replace that
* handles the '|' pipe character.
*
* I'll also include the fixed sl_remlixo() function.
* ~wKtK.
*/
$r .= '<tr>'."\n".'<td>'.sl_remlixo($server[7].'</td>'."\n".''; //name
Another site suggestion: fix the codeblock displaying smileys that get copied as 'emo', or & tags getting displayed as the value they represent. not good, not good :p
[color=red]important: remove the underscore from '&_amp;' in these snippets. I had to add it, to prevent the forum from displaying it as a plain '&' character... same goes for '&_lt;' and '&_gt;'.[/color]
Ok, I haven't had a chance to test it, seeing as my firewall doesn't seem to like fsockopen making outward connections -_-.
[code]function gipke () {
//Write start of table
$r = "\n".'<table border="0" align="center">'."\n".'';
/*
* Open connection. Use the url of the listserver here.
* Timeout changed from 1 to 2 seconds, to avoid timeouts on lag.
* If desired, change back to 1 to let the site load a bit faster
* when the server is experiencing lag.
*
* Addresses to use:
* list.digiex.net - Defaults to a working one?
* list1.digiex.net - The first and main digiex server, back up again.
* list2.digiex.net - Secondary digiex server, seems down atm...
* Djazz' server - Can't find it because his site's down atm. Ask him.
* list.lun4rsoft.info - wKtK's expirimental listserver. Not stable atm, don't use yet.
*/
$connection = fsockopen("list.digiex.net", 10057, $errno, $errstr,2);
if (!$connection) return false; //Connection failed.
$list = ''; //Received data accumulated here
while (!feof($connection)) $list .= fread($connection, 8192); //Read raw data
fclose($connection);
$list = str_replace("<", "&_lt;", $list);
$list = str_replace(">", "&_gt;", $list);
$list = nl2br($list);
$list = str_replace(" ", " ", $list);
$list = str_replace("1.24 x", "1.24x", $list);
$list = str_replace("1.24 s", "1.24s", $list);
$list = str_replace("1.21 s", "1.21s", $list);
$list = str_replace("1.20 s", "1.20s", $list);
$list = str_replace("1.21", "1.23", $list);
$list = explode("\n", $list);
$number = count($list) - 1; //always one too much, according to cataphract's script
for ($counter=0; $counter<$number; $counter++) {
$server = explode(" ",$list[$counter],8);
/*
* Local fix for ampersands '&' in servernames.
* Please read the long comment below this line for a
* better solution.
*/
$server[7] = str_replace("&","&_amp;",$server[7]);
/*
* Below here, the function 'sl_remlixo(String)' gets called.
* After some searching, I found this function in a php file
* for download on J2O. This function replaces the paragraph sign
* and the pipe character ('§' and '|') in servernames.
*
* While I provide a local fix here, a better solution would be to
* add the following line to the 'sl_remlixo()' function:
* $v = str_replace("&","&_amp;",$v);
* add it just before the return statement, after the replace that
* handles the '|' pipe character.
*
* I'll also include the fixed sl_remlixo() function.
* ~wKtK.
*/
$r .= '<tr>'."\n".'<td>'.sl_remlixo($server[7]).'</td>'."\n".''; //name
if ($server[2] == "private") $r .= '<td><img src="nyckel.png" width="14" height="6" alt="private"/></td>'."\n".''; //private?
else $r .= "<td> </td>\n";
$r .= "<td>".$server[4]."</td>\n"; //versuib
$r .= "<td>".str_replace("unknown","?",str_replace("treasure","trs",str_replace("battle","btl",$server[3])))."</td>\n"; //type
// $r .= "<td>".$server[6]."</td>";//players in server
list($players,$capacity) = explode("/",str_replace(array("[","]"),"",$server[6]));
$r .= "<td>[".str_pad($players, 2, 0, STR_PAD_LEFT)."/".str_pad($capacity, 2, 0, STR_PAD_LEFT)."]</td>\n";
$r .= "</tr>\n";
}
return $r."</table>\n";
}[/code]
If you choose to update [b]sl_remlixo()[/b], here is the updated version that handles ampersands (Remember, remove the underscore from '&_amp;'):
[code]function sl_remlixo($v) {
while (($n = strpos($v,"§")) !== FALSE) {
$v = substr($v,0,$n).substr($v,$n +2);
}
$v = str_replace("|","",$v);
$v = str_replace("&","&_amp;",$v);
return $v;
}[/code]
Another site suggestion: fix the codeblock displaying smileys that get copied as 'emo', or & tags getting displayed as the value they represent. not good, not good :p
The original idea for ZStats was that the code should search for the playername and see if theres a match in usernames on JJ.net and then get the IP from there. If the IP is a match, then the data is saved. If there is no match for the playername, the current system would be used. Since the IP on JJ.net is updated everytime you visit it, you could easily update it and avoid duplicates.
"The myth that women should not lift heavy is advanced only by women who fear effort and men who fear women." -Eric Midkiff
The original idea for ZStats was that the code should search for the playername and see if theres a match in usernames on JJ.net and then get the IP from there. If the IP is a match, then the data is saved. If there is no match for the playername, the current system would be used. Since the IP on JJ.net is updated everytime you visit it, you could easily update it and avoid duplicates.
maybe you could offer users a function that let's them merge results with the same ingame name, but ONLY if they're on the same IP as the result the other record(s) get merged into...
Nice idea. I could do that at some point.
[quote]maybe you could offer users a function that let's them merge results with the same ingame name, but ONLY if they're on the same IP as the result the other record(s) get merged into...[/quote]
Nice idea. I could do that at some point.
Does it recognise clantags? So in other words, as long as I visit jj.net first it will be fine? any delay before it gets updated?
It would, if it ever gets coded. And no delay.
"The myth that women should not lift heavy is advanced only by women who fear effort and men who fear women." -Eric Midkiff
[quote]Does it recognise clantags? So in other words, as long as I visit jj.net first it will be fine? any delay before it gets updated?[/quote]
It would, if it ever gets coded. And no delay.
Ah, that explains it. The reason I asked is because I had visited jj.net a few times already on this IP over the course of a few days, before ZStats made a duplicate entry.
So the reason for that is probably that my jj.net username is 'wKtK' and my ingame name is 'aEs wKtK'...
Ah, that explains it. The reason I asked is because I had visited jj.net a few times already on this IP over the course of a few days, before ZStats made a duplicate entry.
So the reason for that is probably that my jj.net username is 'wKtK' and my ingame name is 'aEs wKtK'...
Ah, that explains it. The reason I asked is because I had visited jj.net a few times already on this IP over the course of a few days, before ZStats made a duplicate entry.
So the reason for that is probably that my jj.net username is 'wKtK' and my ingame name is 'aEs wKtK'...
No, the reason is that this function is NOT coded yet!
"The myth that women should not lift heavy is advanced only by women who fear effort and men who fear women." -Eric Midkiff
[quote]Ah, that explains it. The reason I asked is because I had visited jj.net a few times already on this IP over the course of a few days, before ZStats made a duplicate entry.
So the reason for that is probably that my jj.net username is 'wKtK' and my ingame name is 'aEs wKtK'...[/quote]
No, the reason is that this function is NOT coded yet! ;)
From the following name "1&_gt;2&_gt;3" (again, remove the underscores) that should be "1>2>3", it seems that the ampersand values don't get translated to their correct meaning...
I'll look into this.
From the following name "1&_gt;2&_gt;3" (again, remove the underscores) that should be "1>2>3", it seems that the ampersand values don't get translated to their correct meaning...
I'll look into this.
I believe this is because list1.digiex.net is down again, in favour of list2.digiex.net.
If you want, I can write a version of the above code that checks multiple listservers until it finds a working one, like Jazz2 does.
Any demand for this?
The GIP seems broken again.
I believe this is because list1.digiex.net is down again, in favour of list2.digiex.net.
If you want, I can write a version of the above code that checks multiple listservers until it finds a working one, like Jazz2 does.
Any demand for this? :)
Added the functionality to check multiple listservers.
I haven't had a chance to test it yet, due to PHP needing some configuration on my webserver.
If it doesn't work and it's not an easy fix, just show me the output (errors/warnings etc) and I'll fix it
Added the functionality to check multiple listservers.
I haven't had a chance to test it yet, due to PHP needing some configuration on my webserver.
If it doesn't work and it's not an easy fix, just show me the output (errors/warnings etc) and I'll fix it :)
[url=http://pastebin.com/bBNyZeJH]http://pastebin.com/bBNyZeJH[/url]
Sorry for doublepost, but...
I kinda found a vulnerabillity in zstats. Both the small jj.net widget thingy and the table itself do not escape tags and ampersands.
Explanation? check ZStats: [url=http://www.jazzjackrabbit.net/zstats/showtable.php]ZStats[/url].
My name has <i><u></u></i> around it, and another entry I tested had <!-- in it.
This should be prevented, I guess... I kept the score of the <!-- one low (~20.1) so it won't interfere much.
PS: Others can do evil, really evil, with <iframe> here. Even infect everyone simply visiting jj.net, so I thought I'd let you know.
JJnet user
.'</td>'."\n".''; //name
JJnet user
JJnet admin
JJnet user