tierrilopes

With all those questions, you basically want us to do the server for you. Kappa.

You have so many issues with basic core systems? Want an advice? Throw those files/source belong to the thrash.

Will you go alone or do i need to send you? __ Don't you act like you're a pro? Then fix it. But if you can't even read the error properly, what do you expect? To be taken serious? All you deserve is this: «ignore void».

The thread opener can fix it, hes an experienced programmer.

I was adressing to the thread opener and what he showed there. If you can read, your issue. Next time I will explain it better so simple brains like yours can process it. You're no one to tell me to shut up, specially due to your cancerous topics showing nothing but lack of knowledge, so please, crawl back to your cave.

If you have something like: Chat_type_info, lc_string("my text") to use the locale_string, you have to do it like this: "my text" "my translated text" Where "my translated text" is what will.show up at client. Or if you want to have a string appear without going to use locale_string, just remove the lc_string() (I think its lc_string the name of function, I'm not next to a pc to check it)

Yeah

He means using this instead: pkg install -y apache24 You can install everything using pkg, there's no need to build stuff from ports unless you wanna make custom installs

Read the whole topic and start implementing stuff, brute-force will have zero effect.

There is no 100% solution for anything when security is the goal. Theres always ways to improve security as theres ways to bypass it.

Yeah, both hwid and ip can be bypassed sadly. About hwid it could get more then just the mac address, ids from other parts aswell, I'm just not sure where privacy could start being an issue I used unique salt for each account, inspired by the ips account management. About 2step you're right, its good but can be annoying. Maybe ask it only for critical operations like change email, password? And for new devices, keeping a log of what devices are used to log in. Then for known devices ask only once every 30 days? That should reduce annoyance

It doesn't block brute-force, it makes the brute-force atempts useless because the password storage method is different. Yet, they can unpack your client, view the salt (I'm considering it is the same for all accounts) and adapt their brute-force. You should make an unique salt for each account, and use to make a hash (new versions of sha are nice). You can do like you said also, but it shouldn't be your first line of defense, blocking ip + hwid for 30min after 5wrong logins atempts in the last 5minutes for example. You can also implement 2-step auth on your server, check Google authenticator.

Like said above, remove your quest from locale_list/quest_list or whatever the name is in your serverfiles. Run your make.py/make.sh, it will delete the whole object folder and compile the quests that are in the locale_list/quest_list.

Serverfiles arent used, serverfiles are made.

Here you go: [Hidden Content]

item.remove() into pc.remove_item(124400, 1)

Don't do those stuff using -exp. Example why: You need 600exp to level up, you kill a mob that gives 650 exp, you will level up first and then the remove exp will take place. Use those setqf to turn on/off exp blockage and then at the case point_exp of game add a check. If the qf is 1, do a return. That way you will really block exp gain, instead of working around like in those examples.

pastebin your stl.h and monarch.cpp

ACMD (do_pvp)

I guess you're also a GPL fanboy?

For example, i sell that, but VMware instead of kvm, 1gbps, 20GB ssd, for 2.5€/month (vps).

<<Thou shall not joke again>>

[Hidden Content] [Hidden Content]

[Hidden Content] [Hidden Content]