Originale 136 Posted February 25, 2014 Share Posted February 25, 2014 M2 Download Center This is the hidden content, please Sign In or Sign Up ( Internal ) Hello to all Here is a quest Bank with a threshold of 9,223,372,036,854,775,807 Yangs Banquiere.quest quest troqueuse begin state start begin when 20090.chat."Mon compte" with pc.is_gm() begin say("Bonjour, je suis ici pour gerer votre compte.") say("La limite de yangs entreposable s'élève à :") say("9223372036854775807") local player_id = get_player_id(pc.getname()) local verification = get_true_banque(player_id) if verification == 0 then say("Vous n'avez pas encore de compte chez nous.") say("Voulez vous en ouvrir un?") local a = select("Ouvrir","Annuler") if a == 2 then return elseif a == 1 then say("Choisir un mot de passe!") say("Laissez vide pour ne pas en utiliser.") local mdp_choice = input() say("Vous avez choisit le mot de passe suivant:") say(mdp_choice) local zero = 0 local un = 1 local b = select("Valider","Annuler") if b == 2 then return elseif b == 1 then mysql_query("INSERT INTO player.banque VALUES owner_id = '"..player_id.."', yangs = '"..zero.."', mdp = '"..mdp_choice.."' ") mysql_query("UPDATE account.account SET banque = '"..un.."' where owner_id = '".. player_id .."'") end end elseif verification == 1 then say("Quelle opération voulez vous executer?") local c = select("Retirer","Stocker","Fermer") if c == 3 then return elseif c == 1 then local yangs_banque = get_yangs(player_id) if yangs_banque == 0 then say("Vous n'avez pas encore stocker d'argent dans votre banque.") say("Revenez quand ce seras fait.") else say("Quel est votre mot de passe?") local mdp = input() local mdp_banque = get_pass(player_id) if mdp == mdp_banque then say("Combien de yangs voulez vous retirez?") local yang_destock = input() if yangs_destock > 0 and yangs_destock < 9999999999 then if yangs_destock > yangs_banque then say("Vous ne pouvez pas retirez plus de yangs que vous ne possedez.") else local yangs_limite = yangs_destock + yangs_banque if yangs_limite > 2000000000 then say("Vous ne pouvez pas stocker autant de yang dans votre inventaire.") else local yangs_limite_banque = yangs_banque - yangs_destock if yangs_limite_banque < 0 then say("Vous ne pouvez pas retirez plus de yang que vous ne possedez.") else update_yangs(player_id, yangs_limite_banque) pc.give_gold(yangs_destock) say("Opération effectuée avec succès!") end end end else say("Vous ne pouvez pas stocker autant de yangs ou") say("la valeur que vous avez entrer n'est pas valide.") end else say_red("Les deux mots de passe ne corespondent pas.") end end elseif c == 2 then say("Combien de yangs voulez vous stocker?") local yang_stock = input() if yangs_stock > 0 and yangs_stock < 9999999999 then if pc.get_gold > yangs_stock then local yangs_banque = get_yangs(player_id) local banque_limite = yangs_stock + yangs_banque if banque_limite < 9200000000000000000 then update_yangs(player_id, banque_limite) pc.give_gold(-yang_stock) say("opération effectuée avec succès!") else say("Vous ne pouvez pas stocker autant de yangs dans votre banque.") end else say("Vous ne pouvez pas stocker plus de yangs que vous ne possedez.") end else say("Vous ne pouvez pas stocker autant de yangs ou") say("la valeur que vous avez entrer n'est pas valide.") end end else say("Erreure de gestion de la banque!") end end when 20090.chat."test compte gm" with pc.is_gm() begin local player_id = get_player_id(pc.getname()) local un = 1 local mdp_choice = "123456" -- mysql_query("INSERT INTO player.banque VALUES owner_id = '"..player_id.."', yangs = '"..un.."', mdp = '"..mdp_choice.."' ") insert_banque(player_id,un,mdp_choice) update_account_banque(player_id) say(player_id) end end end Banque.sql /* Navicat MySQL Data Transfer Source Server : 46.105.39.160_3306 Source Server Version : 50173 Source Host : 46.105.39.160:3306 Source Database : player2 Target Server Type : MYSQL Target Server Version : 50173 File Encoding : 65001 Date: 2013-12-20 12:29:51 */ SET FOREIGN_KEY_CHECKS=0; -- ---------------------------- -- Table structure for `banque` -- ---------------------------- DROP TABLE IF EXISTS `banque`; CREATE TABLE `banque` ( `owner_id` int(11) NOT NULL DEFAULT '0', `yang` bigint(20) DEFAULT NULL, `mdp` char(255) DEFAULT '', PRIMARY KEY (`owner_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- ---------------------------- -- Records of banque -- ---------------------------- Cdt Originale for your pleasure 4 12 Link to comment Share on other sites More sharing options...
propc 9 Posted March 1, 2014 Share Posted March 1, 2014 thx for share it useful I'm going to try it 1 Link to comment Share on other sites More sharing options...
SøηGøku® 10 Posted March 2, 2014 Share Posted March 2, 2014 Does this quest have the bug? When you put the signal "-" in the input it gives you more yang. Let me show you an example: Input: -150000000 - If you don't have that amount, it will give you that amount when you extract because of the signal "-" before. Does this system have this bug? Best Regards. Link to comment Share on other sites More sharing options...
.TeodorPL 22 Posted March 9, 2014 Share Posted March 9, 2014 Good, but I can use the SQL Injection. Link to comment Share on other sites More sharing options...
Samesaoul 0 Posted August 25 Share Posted August 25 (edited) local zero = 0 local un = 1 mysql_query("INSERT INTO player.banque VALUES owner_id = '"..player_id.."', yangs = '"..zero.."', mdp = '"..mdp_choice.."' ") Bonjour, si local zero = 0 et local un = 1 pourquoi utiliser des local "..zero.." et "..un.." utilise directement la valeur dans ton injection mysql Good morning, if local zero = 0 and local un = 1 why use local "..zero.." and "..un.." use the value directly in your mysql injection mysql_query("INSERT INTO player.banque VALUES owner_id = '"..player_id.."', yangs = '0', mdp = '"..mdp_choice.."' ") mysql_query("INSERT INTO player.banque VALUES owner_id = '"..player_id.."', yangs = '1', mdp = '"..mdp_choice.."' ") Sinon merci pour avoir partagé ta quête Otherwise, thank you for sharing your quest. Edited August 25 by Samesaoul translate Link to comment Share on other sites More sharing options...
Recommended Posts