Offline shop by Ken (Latest - Bug-Report)

[dako12 7]

Hi community,

Something is bothering me the last days, I can't seem to calm my thoughts about possible bugs or duplications methods using the latest NOT public version of the offline shop by Ken.

In your time using this feature in your server have you encountered any bugs or item duplication problems?

Also if you are using the sash system by LennT v0.3 that is smoothly combined to the offline shop through the adaptations made by ken, are there any duplicating sash problems?

Thanks all for interacting with the topic, I am waiting for your personal experiences with the above systems, any info contribution is welcome.

Edited June 22, 2020 by dako12
Edited, to remove the yellow top header

[TMP4 10476]

I remember one thing what was not fixed in most server, but maybe Ken later fixed it since you said you have the non-public newer version.

Price change do not have p2p packet so if you change price from other core, the guests will not kick out. There was some nasty player who did post lots of items for 1 yang what cost more, quickly changed channel and he fastly changed the price to higher, and the victims thought they buy items for 1 yang, but they bought for 999.999.999 if the nasty player had luck...

 

Either make the p2p packet or at price change at offlineshop_manager.cpp write a return if the npc is not available.

But as i say, maybe Ken fixed this later... If so don't judge me please.

 

As of sash, i don't use LennT version but the official-ish one, but if you check if offline shop is open (as simple shop, safebox, trade etc) you will not have problems with that.

Edited June 22, 2020 by TMP4

[Flourine 102]

In ::AddItem instead of pItem->RemoveFromCharacter use ITEM_MANAGER::instance().RemoveItem(pItem);

[dako12 7]

14 minutes ago, Flourine said:

In ::AddItem instead of pItem->RemoveFromCharacter use ITEM_MANAGER::instance().RemoveItem(pItem);

You are reffering in offlineshop_manager.cpp but why we should change it?

Also ken have checkname in the title so not possible to add name with spaces or specials chars anymore but I think it's worth to keep it that way as I don't have as much knowledge in C+ to choose what's best for security (offtopic)

Edited June 22, 2020 by dako12

[Flourine 102]

2 minutes ago, dako12 said:

You are reffering in offlineshop_manager.cpp but why we should change it?

Also ken have checkname in the title so not possible to add name with spaces or specials chars anymore but I think it's worth to keep it that way as I don't have as much knowledge in C+ to choose what's best for security (offtopic)

Because there is a bug with additem so you can copy them

 

Also you can use base64 title encoding so it won't be problems with title of shop (sqli ect)

[TMP4 10476]

39 minutes ago, dako12 said:

Also ken have checkname in the title so not possible to add name with spaces or specials chars anymore but I think it's worth to keep it that way as I don't have as much knowledge in C+ to choose what's best for security (offtopic)

 

This was a problem what i had to solve when i was a dev at a srv, i removed the checkname function and extended the navicat/player/banword table with the suspecius characters like : ; ' " % @ -- so we were good. Banword check are default in Ken's offshop, it is right under the check_name.

[WeedHex 626]

Ken offline shop depend of what version is a time bomb.

[dako12 7]

Incomprehensible.


Just kidding  

 

What do you actually mean, are you reffering lets say to TimebombFix? 
Or that a version not up to date is a time bomb ready to explode? haha

Edited June 22, 2020 by dako12