#1
|
|||
|
|||
Questions
There are several exploits that members have found on how to exploit with the script.
1. They have discovered that all they have to do is change the number in the adopt link (from adopt.php?id=xx) as a shortcut to getting any adoptable they want. They can even change this in this link "/doadopt.php?name=&id=28&promocode=&Submit=Adopt+Me " to get the different adoptables. 2. Refreshing the adoption page by either pressing the refresh button or ctrl+F5 to mass adopt as many as they want.... My suggestions are, some kind of mod (maybe a javascript mod) that hides the adoption link in the the status bar and the actual address bar so that they just see adopt.php and nothing to do with the id number. I have tried several different javascript mods to hide the the links from appearing, but they dont work with the latest versions of Firefox and IE. And secondly some kind of a check that means after 1 adoptable has been adopted, the member is either taken directly to their profile page or if they do decide to refresh the page, the refresh sends them back to the main adoption page. |
#2
|
|||
|
|||
RE: Exploits
Is this true? Omg what a retards people?
|
#3
|
|||
|
|||
RE: Exploits
Thank you very much and most of all, to your users for noticing that - you know userally i the first to notice - I remember when I used to test some other sites by doing that - it only got me banned, but they didnt get the point that im trying to help them - oh well, their own problem not mine!
|
#4
|
|||
|
|||
RE: Exploits
I got the PM telling me about this yesterday, i tried to create a solution to the problem myself and then i could post it here along with the exploit...but i can only seem to solve half the problem, and thats only if people are not using the latest web browsers..
What this also means is, if anyone is using the shop mod on the old script, it is now useless...unless a fix can also be applied to the old script |
#5
|
|||
|
|||
RE: Exploits
Ok, I've looked into this on my test install.
Quote:
Quote:
I hope this clears some things up for people. :) Brandon |
#6
|
|||
|
|||
RE: Exploits
Thanks for that Brandon - for clearing that up!
|
#7
|
|||
|
|||
RE: Exploits
I changed the adopt.php page to include this
PHP Code:
http://www.rusnakweb.com/forum/showthread.php?tid=914 and cheating members know what they are getting by the ID number....is there no way to hide this link in the status bar and address bar ?? And as for the ctrl+F5 exploit, thats not the same as going through the adoption process countless time to mass adopt, this is simply just keeping 1 finger on the ctrl button and then tapping F5 , limiting the number a member can adopt is not really possible when you are offering supposedly "random" adoptables that can hatch from 1 egg, members are going to want to mass adopt to try and get them all...i just dont want them to "shortcut" mass adopt seeing as that will just give them 1 of the exact same adoptable seeing as at that stage, its not random anymore... |
#8
|
|||
|
|||
RE: Exploits
You didn't mention that you modified the script... :P
The normal version of this script that is unmodified works as it should. The fact that what works under normal operation doesn't work with the custom modifications you've made is not by any means an exploit, simply a result of your custom mod not working with the script the way it was designed to work under standard conditions. No easy solution comes to the top of my head for removing the ID from the address bar. This is not something I will include in a future release as under normal operation this is not an issue. |
#9
|
|||
|
|||
RE: Questions
Even if it was not modded, the easy way to mass adopt is still there, and it is an exploit...the mod i used isnt exactly a huge mod, it just stops all of the available adoptables from being shown and instead shows 1 at random...
Hundreds can be adopted by just pressing 1 button in about a minute...on both scripts with or without mods... I have been looking at other adoptable sites that where not created by people using this script, and they all somehow manage to hide the link to there adoption system, so this is a standard thing to protect against "cheating" , and i think i have figured out how they do it, by using an external website call whoisamongstus, so i will use that :) |
#10
|
|||
|
|||
RE: Questions
Forgive my ignorance, but I don't understand how this is "cheating". How do they hurt anyone but themselves?
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
More Questions ^^'' | Brookreed | Questions and Supports | 4 | 08-08-2013 05:06 PM |
Just some Questions i have. | rickasawr | Questions and Supports | 3 | 04-30-2011 11:04 PM |
Some Questions? :) | blondbananamix | Questions and Supports | 10 | 04-25-2011 01:47 PM |
two questions | RoconzaArt | Questions and Supports | 10 | 02-24-2011 09:15 AM |
Some questions | PokePets | Questions and Supports | 7 | 07-15-2010 03:04 PM |
What's New? |
What's Hot? |
What's Popular? |