To all the haters out there. I answered this in another thread, but I would like to re-iterate this. I pay for hosting. I pay so people can come and use these FREE utilities that I have put up. I have made no money off of this site, and am still in the red. I expect to probably stay in the red. Not only do I pay, but I have put in an immense amount of time coding.

PHP is not a language I knew before starting this project, I had only ever worked in java. The allakhazam clone was incompatible, incomplete, and messy. PHPBB2 was susceptible to addbot attacks. I spend upwards of 80 hours coding on correcting errors in the alla clone, fixing addbot spammers, integrating the phpbb2 and alla clone sites together, converting the old quest system into the virtual npc center, and Doing all the custom graphics(i know they aren't pretty). These features are all FREE.

Its easy for people to come around and complain that they have to pay 10$ here or 15$ there. Please, please, if you disagree with it don't pay. Please continue to use the free stuff. Before you get upset with me consider that I'm trying to break even with the pay sections of the site which are very limited when you consider what the entire page has to offer. If i take away the pay sections, the site goes with it. I can't afford more bills.

To itchy... this isnt your plugin man... give it a rest. It would be like the moveutils guy bombarding you because you cut and pasted his dofwd routine. This version is 150 lines long. If you've downloaded a copy of it just look at the file sizes. Then run it in game and see how differently characters act.

Bottom line is... There is alot of free stuff one this site to enjoy that I am giving away to the PEQ/EQEmu community, alot of free stuff that took a great deal of my personal time, my personal money, work, and getting familiar with a new language. It's like getting upset with a guy that gives you fee movie tickets cause the seats suck.


To all the people that call me douche-bag and jerk and all that stuff... please try not to feel too guilty when your navigating through the free portions of the website(as i've seen you doing).

can I call you a douchebag for breaking the GPL?

Here you are sir

http://mqemulator.net/forum2/viewtopic.php?t=28

and honoring the VIP release system?

Please correct me if I'm wrong but Infernis.org simply looks users names up in the VIP forum to see if they have access. Which leaves the massive hole of just starting a user acct on infernis using a VIP's name from macroquest2.com. It would seem to me that that would be just as effective as using the honor system.

So, pretty please, with sugar on top. Don't download plugins if if violates the code of the VIP.

Any other gripes or complaints demonstar? If so, then I'll do what I can to accomidate you. If not, then as always please enjoy the site, glad to have you.

I've been known to send messages to accounts on MacroQuest2.com before validating. So far, everyone has checked out. There is nothing automatic about the process, I check each PM by hand (I don't do it automatically, because of this hole -- and it'd be rude to scrape their web server every time someone signed up) The whole V.I.P. thing is to not re-distribute it to non-V.I.P. members. Simply saying 'Pretty please don't download this' and then leaving something open to be downloaded is violating that release methodology and disrespecting the original authors. That's fine though, because this community is like RedGuides, TaultUnleashed, MMOBugs, etc. They have never cared about this, and you should fall in line to compete. (most of those sites have an "eqemulated" section, so I do mean compete)

REMOVED, sorry, explained below

On a more personal note, you should really look at MQ2NetAdvPath again, and quit quoting that everything in it is stolen from else-where. MQ2MoveUtils, isn't involved. Just MQ2AdvPath (where the DoFwd routine you've harped on came from, as well as most of the logic) and my own typing, all credit has been given where it's due. Before Vastlee had his macro follow macro, I had something similar but it was bulky and read from pre-defined paths in a local MySQL and later SQLite database [node based pathing, waypoints everywhere and calculating shortest distance] -- so to my knowledge, it WAS my idea and could be verified as early as Gods of War guild playing on PEQ, watching my bots run around. Hanging around Vastlee, his macro work, was just the inspiration to actually make a plug-in out of it and release it to Cornnuts, Warwar, and Drakk for testing. Then later give it to anyone who had verified MQ2 V.I.P. access. The latest in the wild (testing), uses RGB color defined on textures to determine if something is a wall or not, and avoids it. Unfortunately, I've been working on this for about a year off and on and I still have too many false positives. I haven't found a reliable method to tell if there is a tree or not, aside from timing the location movement. Not to mention, it won't work on .eqg zone files since there are a lot of negative RGB values instead of just starting at 0. I still need to figure out some of the data present in .eqg zone files but it's a real snore-fest trial and error process.

On the topic of remote exploitation of the EQEMU world server -- no information can be injected into the client process associated with that server. This isn't a client/server environment that gives local access. eqgame.exe simply doesn't have the access or subs written to do it. I've heard rumors from live where a GM is able to read files on your drive and take screen shots, during his investigation. But I doubt it, I've not ran across such a sub and I've spent countless months reverse engineering this silly game. So the only thing vulnerable, is a non-chroot/jailed environment EQEMU server. The only possible vector aside from that I can think of, is web page based after the fact. That's a stretch though. Someone is bound to find it on their own eventually, and I'm sure my mention of it is probably going to accelerate the process. But that's the beauty of open-source. It'll be found, it'll be fixed (too lazy, normally I post these things on BugTraq), and we'll all move on. I can't take all of the credit though; I may have found and written a proof of concept to share with my peers (security Nazis, like myself), but there has been hear-say coming from Image and his goons for, three years now? I've still yet to see any widespread posts about certain IP connections causing their world server to crash, or reports of any malicious behavior associated but as I stated, it's been mentioned before.

I also noticed you said something about zone server crashes. Most of intentional (if not all) zone server crashes, have to be done with a user logged in, so on that front all it takes is gdb, a coredump and time to track down Mrs. Peacock, in the study, with the wrench.

I've never said anything about being "noble" for helping PEQ track exploiters after the fact. You're misunderstanding. I just think members have a moral (by society standards, perhaps not your own) obligation, since they've provided such a service for so long nearly free of cost (bug reports are paydirt.)

Digressing, Muuss was the original author of what you're running and he handed it off to Bulle after a while due to lack of interest/time. If this is a shared hosting environment, be fore-warned that some of the queries you're making take up a lot of resources (CPU time, disk thrashing.) It's never been meant for a production server, and you have a lot of work ahead of you to sanitize all of the SQL select queries and create some cascade queries or perhaps re-index data in your tables for specific queries to use less resources. I do not envy you for the amount of work you're chewing on right now. If someone drops your database, it'll be more your fault than some malicious script kid that decided to inject something [xss, database drop] via a PHP query. Of course you could just re-upload your database in the event of a catastrophe, but at the expense of your personal time and bandwidth. Even if you're home all day, that still sucks in my book.

Seriously, did you really miss Muuss's Allakhazam on my domain that much that you decided to host your own? :wink: If my written response looks like it's crapping all over your work, I apologize. It's not meant that way!!!

Itchy,
Sorry for sanitizing those 2 paragraphs of your post, I read them carefully, digested them, and I genuinely thank you for posting them. I think I accidentally cut off the stuff about the site looking like the alla clone, sorry.

You are correct in that the site is based off of the alla clone. I've been slowly going through and fixing a lot of the SQL statement build procedures over the last week. Muuse and Bulle did a lot of good work, its really far from complete though. No disrespect to either of them but its very disorganized and error ridden.

You right about the destructive queries. One look at item.php with an item that drops in 15 diff zones by 10 diff mobs really demonstrates what your talking about. My first priority is to get through all the errors and actually have everything working correctly. I just redesigned the advanced item search query build area so that it actually functions if you select a bunch of stuff. There where careless capitalization errors, and the flow didn't make sense. It was causing SQL errors if the wrong combination of options was selected. The other thing I gotta do is do some work on the quest parser and the virtual NPC. It doesn't make sense to have to type in item id's to see if the npc accepts them. It seemed right in my head when i did it buy, yuk....

Anyway I got a lot of functional problems before I get to rebuilding tables for better performance, but I'll get there eventually.



If I made it sound as though I thought you had stolen all of your code/ideas from elsewhere I apologize. As you borrowed from AdvPath I too borrowed from you, and I'm sorry if that upsets you. I did attempt to give you due credit for having created the starting point for what I changed it into Just as you gave credit to the others you borrowed from. I understand your desire for the name change, and I intend on doing so I've just been keeping busy with other things. I've also still been tossing around names for it. I think my thing has turned into adding "Emu" on the front of everything, but "MQ2EmuNetAdvPath" is a mouth full, and the original NetAdvPath was already designed for Emu in the first place. The point of adding "Emu" to new, or altered plugins was to lend ownership to the Emu community. To help people feel like their own community instead of the mutant tail on the ass of EQ live.

I'm not sure how upset you were, or still are, but I appreciate your tone, and thank you for your post. I understand that you have different perspectives on issues that I do, but I hope to eventually maneuver to a point of co-existence. Maybe even getting to a point where you would enjoy using the tools on this site for your own benefit. I'm glad it appears as though everyone is calming, including myself.


PEQ/EQEmu Devs
I understand if PEQ, or EQEmu devs feel threatened, and I again apologize. I must insist that I'm not looking for a war. I'm not looking to push my beliefs of cheating on anyone. I'm not looking to expand the volume of people that cheat.

Just as I have posted an allakhazam like section, I don't intend on increasing the volume of people that look items up. I have also posted cheats, but I don't intend on increasing the volume of people that cheat.

My only intentions where to make a 1 stop shop for everyone in the PEQ/EQEmu community no mater if they are legit, cheaters, developers, tradeskillers, anything. I wanted a place that they could all come and find any service they where after specifically tailored for EQEmu and not EQLive. I have no intentions of converting everyone into cheaters.

I accept that there will be a "war" with identifying and correcting code that cheats here take advantage of. That is expected. I hope that it doesnt come hand-in-hand with a "war" of hatred and bickering. I encourage anyone upset by any of the opinions held by this site to please come and post, but I urge everyone to please remain civil, and calm.

If itchy can be civil and calm, then anyone can =P