Thread: Graal Stock Market
View Single Post
  #1  
Old 01-03-2013, 04:59 PM
BlueMelon BlueMelon is offline
asdfg
BlueMelon's Avatar
Join Date: Sep 2008
Posts: 1,481
BlueMelon is a splendid one to beholdBlueMelon is a splendid one to beholdBlueMelon is a splendid one to beholdBlueMelon is a splendid one to behold
PHP Code:
  if(params[0] == "Buy"){
    temp.rate Stocks.stock_price.(@params[1]);
    temp.amnt params[2];
    temp.price amnt*rate;
    if(clientr.stockcash >= price){
      clientr.stockcash -= price;
      clientr.stocks.(@int(random(1,9999999)))= {params[1], rateamnt};
      clientr.stockcash clientr.stockcash.substring(0clientr.stockcash.pos(".") + 3);
    }
  }
  if(params[0] == "Sell"){
    temp.rate Stocks.stock_price.(@params[1]);
    for(temp.getstringkeys("clientr.stocks.")){
      temp.amnt clientr.stocks.(@i)[2];
      temp.price amnt*rate;
      temp.checkname clientr.stocks.(@i)[0];
      if(checkname == params[1]){
        temp.checkrate clientr.stocks.(@i)[1];
        if(checkrate.pos(params[2]) >= 0){
          temp.checkquantity clientr.stocks.(@i)[2];
          if(checkquantity == params[3]){;
            if(clientr.stocks.(@i) == null) return;
            clientr.stocks.(@i) = null;
            clientr.stockcash += price;
            return;
          }
        }
      }
    }
  } 
No validation? Huge security holes... What if params[1] or params[2] was negative?
clientr.stockcash -= -(price);

See where I'm going?
__________________
http://i.imgur.com/OOJbW.jpg
Reply With Quote