oh this... I've done a lot to prevent such behavior from happening, such as in breeding, pound and other scripts when users can cheat by manipulating form values, but looks like I left out this one.
What you can do is to validate the price data with database stored value, if they dont match, clearly the user cheated and you can ban the user for cheating. Or you can just use the database stored price value. I will take a look into the shop class and see what may have caused this.
Edit: After browsing the class files I actually dont see how users can cheat since the price data is pulled from database, not from user input. Can you tell me which page the cheating occurs? I will investigate from there then.
__________________
Mysidia Adoptables, a free and ever-improving script for aspiring adoptables/pets site.
|