Page 38 of 80 FirstFirst ... 2834353637383940414248 ... LastLast
Results 556 to 570 of 1191
Like Tree97Likes

Xiona KO - PK/Very light farm * Lvl 83 *

This is a discussion on Xiona KO - PK/Very light farm * Lvl 83 * within the Private Servers forums, part of the Knight Online (ko4life.com) category; Originally Posted by Jonny My point is that Warmonger's point was completely valid. You want to dispute and fight it, ...
Page: 38


  1. #556
    Banned Senior Member
    Join Date
    Jan 2010
    Posts
    733

    Default

    Quote Originally Posted by Jonny View Post
    My point is that Warmonger's point was completely valid. You want to dispute and fight it, and act like it doesn't apply to you, because you have excuses. Sorry man, they're just excuses and pretty bad ones at that.

    Instead of sulking and trying to deflect, why don't you sit down and learn something? Knowledge is power and will enable you to contribute far more as time progresses and your experience grows.
    Ight, will do.

  2. #557
    Member
    Join Date
    Jan 2013
    Location
    Seattle, WA
    Posts
    15

    Default

    Quote Originally Posted by coolboyp2 View Post
    All of the current private servers "devs" are leechers and nothing more, they just know how to edit the database which is just changing numbers to be honest.
    This is the truth, these "devs" edit tbls, edit database tables, apply patches twostars has made for them.

    They leech a website (panel) written by somebody else (probably twostars') and configure it...

    There really is no reason for them to be called developers, at most they could be called operators? And even that is quite a stretch because whenever there's a problem they ask somebody else to fix it...

  3. #558
    Banned Senior Member
    Join Date
    Mar 2006
    Location
    Israel
    Posts
    2,943

    Default

    Jonny, re-launch LSKO please! those were some of the best days in the private servers scene

  4. #559
    Member
    Join Date
    Jan 2013
    Location
    Seattle, WA
    Posts
    15

    Default

    Quote Originally Posted by coolboyp2 View Post
    Jonny, re-launch LSKO please! those were some of the best days in the private servers scene
    Haha, thanks man, that means a lot to me. Once you've been around KO for as long as I was, there's a lot of pressure as an administrator. Always people complaining, and it gets super annoying.

    If I were to get involved again, things would be a little different :P.

  5. #560
    Banned Senior Member
    Join Date
    Dec 2009
    Location
    ::1
    Posts
    51

    Default

    Quote Originally Posted by twostars View Post
    Your responses are getting pretty hilarious now. If you knew anything about writing networking code (which, you don't -- as 'your' server is a cut down version of a popular open-source MUD server, tweaked to use the KO protocol), you'd realise how ludicrous you sound.

    Point #1: Winsock is just that, Windows sockets; obviously it's tied down to the Windows platform, without a serious rewrite.
    Point #2: "WSA functions" or no, the I/O completion port model is only used by Windows (or well, nothing exactly like it's found anywhere else -- [s]Solaris[/s] Slowaris (edit: pretend there's strikethrough, d'oh forums) is about as close as it gets). Other operating systems prefer alternate models, such as epoll (*nix) & kqueue (fbsd). (NOTE: I differentiated *BSD from regular old *nix!).
    Point #3: You just realised it was heavily tied to Windows? By Winsock? What about MFC!? That's extreme Windows.

    Regardless, although I only update that project infrequently, several major changes are in motion (some not yet pushed) to rework/stabilise their code. Removal of MFC is a priority, networking code rewrite also, but porting it to other operating systems -- highly doubtful (I can imagine it would only end badly for most users).

    In addition: why the strong love for PDO? Saw someone else pressing its use? PDO isn't a must. It's great and all, but it's not a must - probably it's strongest argument for use is its emphasis on parameterization, but other drivers can handle that fine (even ODBC, in a limited form [i.e. no named parameters], which is still perfectly acceptable for use). The second strongest argument would be its use of exceptions, however exceptions are slow. For typical panel use, there's absolutely nothing wrong with raw odbc_*(), or mssql_*() functions. For larger applications sure, PDO is advisable.

    Not that any of that matters to you, or this thread. I just wish you'd try to at least start reading up on things before you start spouting nonsense... it may sound like magical flying unicorns to the typical poster here, but to the seasoned programmer all you're saying is BS. Troll elsewhere!
    Actually my source is written from scratch, I don't wish to base my source off someone else's. And I am using async BSD sockets for my project as they are cross platform capable (I explain in dept more below).

    Point #1: Winsock is windows sockets, not sure how I couldn't collaborate more on that point (Winsock).
    Point #2: WSA and the I/O completion port model is only used by Windows, if you use WSAsocket() instead socket(), or WSAAsyncSelect() instead select(), or WSASend() instead send() and so on. On *nix we use a completely different model (my KO emu uses Berkeley sockets). This way I only have to tell the compiler to use "close(socket)" instead of "closesocket(socket)" if the OS is Windows, and vise versa for the rest of the functions for cross platform capability.

    select function (Windows)
    select(2) - Linux manual page

    Point #3: I just realized? No I knew it was tied down to Windows, as soon as I opened the source and looked at both the Send() and Recv() functions. It would take a huge effort for someone to rewrite the network base for the source for it to compile cross platform. Which isn't a big deal as Windows is a fine server OS, tho *nix is so much better (and much cheaper!).

    I like using PDO as it's superior to the standard PHP library, when writing any secure website in PHP. With PDO input can be sanitized way before it even hits the SQL server. Most of your popular sites such as Facebook and others are written in PDO. It's just a superior library and something worth learning and using (even death ported his public KO panel to PDO for this reason).

    PHP Code:
    //Snippet By Warmonger
    //Register The Account
    $dbh $db->prepare("INSERT INTO bg_user (user_id,passwd) VALUES(:user, :pass);");
    $dbh->bindParam(':user'$userPDO::PARAM_STR12);
    $dbh->bindParam(':pass'$passPDO::PARAM_STR12);
    $dbh->execute(); 
    What I don't get is, you respond in a sense of trying and prove me wrong (and at the end of your argument told me I was wrong). Yet you only collaborated on top of what I already stated. I'm not wrong, and I don't need someone trying to tell me im wrong. I think the whole purpose of your post is to make out that I am wrong, but no wheres in it have you proven it. I am acceptable to input and opinions, but I don't understand the "you're right, and wrong at the same time" criticism.
    Last edited by Warmonger; 01-14-2013 at 05:33 AM.

  6. #561
    Senior Member
    Join Date
    Dec 2009
    Posts
    1,714

    Default

    Quote Originally Posted by Warmonger View Post
    What I don't get is, you respond in a sense of trying and prove me wrong (and at the end of your argument told me I was wrong). Yet you only collaborated on top of what I already stated. I'm not wrong, and I don't need someone trying to tell me im wrong. I think the whole purpose of your post is to make out that I am wrong, but no wheres in it have you proven it. I am acceptable to input and opinions, but I don't understand the "you're right, and wrong at the same time" criticism.
    You may need to brush up on your terminology and try to use it properly, as again, quite a bit of that post sounded quite ludicrous (see the top). This is all I'm trying to say: not that you're completely wrong, but not that you're completely right either (does that make more sense?).

    As for PDO, there is no silver bullet to secure your website, but knowledge, and more importantly, data validation help a lot. Yes: PDO is great for parameterization (as stated above), but its use alone still doesn't force application developers to write good, secure code (i.e. code which doesn't trust input at all). Yes, it allows the data to be passed directly to the server (as does your typical ODBC driver, and MSSQL, FYI), but despite that, application devs could still:
    - not make use of this feature (and have their query broken anyway) or
    - (as you haven't equally stressed upon) not validate input, causing unwanted and potentially abusable data in the database (leaving room for say, an XSS attack, or indirect SQL injection).

    I like PDO! I think it's neat, but implying it's a magical library that one can do no wrong with isn't the way to go to stress good programming habits, IMO. Also, as above, you can produce equally secure code using your typical drivers - so it's really not that huge a deal.

  7. #562
    Banned Senior Member
    Join Date
    Dec 2009
    Location
    ::1
    Posts
    51

    Default

    Quote Originally Posted by twostars View Post
    You may need to brush up on your terminology and try to use it properly, as again, quite a bit of that post sounded quite ludicrous (see the top). This is all I'm trying to say: not that you're completely wrong, but not that you're completely right either (does that make more sense?).

    As for PDO, there is no silver bullet to secure your website, but knowledge, and more importantly, data validation help a lot. Yes: PDO is great for parameterization (as stated above), but its use alone still doesn't force application developers to write good, secure code (i.e. code which doesn't trust input at all). Yes, it allows the data to be passed directly to the server (as does your typical ODBC driver, and MSSQL, FYI), but despite that, application devs could still:
    - not make use of this feature (and have their query broken anyway) or
    - (as you haven't equally stressed upon) not validate input, causing unwanted and potentially abusable data in the database (leaving room for say, an XSS attack, or indirect SQL injection).

    I like PDO! I think it's neat, but implying it's a magical library that one can do no wrong with isn't the way to go to stress good programming habits, IMO. Also, as above, you can produce equally secure code using your typical drivers - so it's really not that huge a deal.
    Of course it does rely heavily on the person writing the webpage, to know how to write it properly while minimizing attacks. Tho that's common sense with any type of language there is. All of us for that matter are just recipe writers, the compiler/interpreter is the real chef. Something like exampled below shouldn't be injectable (as you can parametize your queries with PDO, removing the need to escape any included variables).

    PHP Code:
    //Post Variables
    $user $_POST['user'];
    $pass $_POST['pass'];

    //Register The Account
    $dbh $db->prepare("INSERT INTO bg_user (user_id,passwd) VALUES(:user, :pass);");
    $dbh->bindParam(':user'$userPDO::PARAM_STR12);
    $dbh->bindParam(':pass'$passPDO::PARAM_STR12);
    $dbh->execute();
    $return $dbh->rowCount();

    //Code Snippet By Warmonger 
    Tho if you are like me and want to double make sure. You could always just add a function to sanitize your input like so (no way, shape, or form can this be injected).

    PHP Code:
    //Sanitize Input
    function anti_inject($input)
    {
        
    $input preg_replace("/[^a-zA-Z0-9]/"""$input);
        return 
    $input;
    }

    //Post Variables
    $user anti_inject($_POST['user']);
    $pass anti_inject($_POST['pass']);

    //Register The Account
    $dbh $db->prepare("INSERT INTO bg_user (user_id,passwd) VALUES(:user, :pass);");
    $dbh->bindParam(':user'$userPDO::PARAM_STR12);
    $dbh->bindParam(':pass'$passPDO::PARAM_STR12);
    $dbh->execute();
    $return $dbh->rowCount();

    //Code Snippet By Warmonger 
    I highly recommend using PDO over PHP's standard library. Not only is it safer (if used properly) but its also faster (plus porting the same code to another SQL server is easy). There is no "silver bullet" for web security, tho there are things like PDO there to help! Plus the code syntax is much more enjoyable on the eyes.
    Last edited by Warmonger; 01-13-2013 at 04:55 AM.

  8. #563
    Member
    Join Date
    Jan 2013
    Location
    Seattle, WA
    Posts
    15

    Default

    Quote Originally Posted by Warmonger View Post
    Of course it does rely heavily on the person writing the webpage, to know how to write it properly while minimizing attacks. Tho that's common sense with any type of language there is. All of us for that matter are just recipe writers, the compiler/interpreter is the real chef. Something like exampled below shouldn't be injectable (as PDO escapes on the fly).

    PHP Code:
    //Post Variables
    $user $_POST['user'];
    $pass $_POST['pass'];

    //Register The Account
    $dbh $db->prepare("INSERT INTO bg_user (user_id,passwd) VALUES(:user, :pass);");
    $dbh->execute(array(':user' => $user':pass' => $pass));
    $return $dbh->rowCount();


    //Code Snippet By Warmonger 
    Tho if you are like me and want to double make sure. You could always just add a function to sanitize your input like so (no way, shape, or form can this be injected).

    PHP Code:
    //Sanitize Input
    function anti_inject($input)
    {
        
    $input preg_replace("/[^a-zA-Z0-9]/"""$input);
        return 
    $input;
    }

    //Post Variables
    $user anti_inject($_POST['user']);
    $pass anti_inject($_POST['pass']);

    //Register The Account
    $dbh $db->prepare("INSERT INTO bg_user (user_id,passwd) VALUES(:user, :pass);");
    $dbh->execute(array(':user' => $user':pass' => $pass));
    $return $dbh->rowCount();

    //Code Snippet By Warmonger 
    I highly recommend using PDO over PHP's standard library. Not only is it safer (if used properly) but its also faster (plus porting the same code to another SQL server is easy). There is no "silver bullet" for web security, tho there are things like PDO there to help! Plus the code syntax is much more enjoyable on the eyes.
    PDO most definitely does not escape input on the fly, that's outrageous. It uses parameterization to send parameter data separate from the query avoiding the possibility of an sql injection. Concatenating a string together using user input will still allow the query to be manipulated...

  9. #564
    Banned Senior Member
    Join Date
    Dec 2009
    Location
    ::1
    Posts
    51

    Default

    Quote Originally Posted by Jonny View Post
    PDO most definitely does not escape input on the fly, that's outrageous. It uses parameterization to send parameter data separate from the query avoiding the possibility of an sql injection. Concatenating a string together using user input will still allow the query to be manipulated...
    My bad, fixed.

  10. #565
    epicurus Senior Member Decerto's Avatar
    Join Date
    Oct 2009
    Location
    Compton,CA.
    Posts
    1,573

    Default

    This sunday,watch "Coding wars" on XionaKO. :P
    Rocket likes this.

  11. #566
    O_o Senior Member
    Join Date
    Oct 2011
    Posts
    1,582

    Default

    I wish I could understand something.... :X

  12. #567
    Banned Senior Member
    Join Date
    Jan 2010
    Posts
    733

    Default

    Free bumps is all it is...nothing to understand

  13. #568
    ℒℰℊℯи Senior Member Oscar's Avatar
    Join Date
    Mar 2007
    Location
    Canada
    Posts
    472

    Default


  14. #569
    Banned Senior Member
    Join Date
    Aug 2012
    Posts
    1,097

    Default

    Why pick an argument with someone who clearly is more knowledgeable..

    XIONIS <3
    4YouNoHealStupiD likes this.

  15. #570
    epicurus Senior Member Decerto's Avatar
    Join Date
    Oct 2009
    Location
    Compton,CA.
    Posts
    1,573

    Default

    twostars and jonny might as well speak alien...like 10 posts and I couldn't understand shit.


Similar Threads

  1. MasteredKO - Very light farming server.
    By TheREALPenguin in forum Private Servers
    Replies: 29
    Last Post: 05-15-2012, 12:04 AM
  2. Replies: 75
    Last Post: 03-21-2011, 07:10 AM
  3. SELL VERY CHEAP ROGUE LVL 70 550KNPS (peru)
    By y4m4z4k12007 in forum Ares
    Replies: 7
    Last Post: 04-28-2007, 10:40 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •