Yessss!
Karl, buddy, that update is from May last year.
]]>Second, babies now inherit the last monument bell that their mother heard before they were born. This bell will "echo" through the genetic mother-baby connection when the baby is 0.5 years old. Thus, trans-generational pilgrimages to distant monuments is now possible (journeys that are too long to make in one lifetime).
Yessss!
]]>Is the family tree browser open source? I would like to use it on my private server.
Thank you!
The lineageServer directory in the source looks promising. I presume you've already got the source if you are running a server.
]]>Thank you!
]]>Yeah, well, those other characters are forbidden, so it wasn't a true risk.
I am processing all client-supplied strings with regex's to allow only the characters and format that I want to allow.
Turns out that single quotes are allowed in spoken words, and I just put that in the regex without thinking about it...
Fix is just to surround it with double quotes in the query, as double quotes are not allowed in spoken text.
Also, I was able to go through the log of all the failed queries and re-insert them with a fix-up, so all those "lost lives" are in there now.
You should always be using " but u can also just filter the SQL to replace " with \"
Ideally you shouldn't be writing raw SQL statements anyway. Pass your SQL through a class/object model.
Family tree browser contributes to the second view, and I like that.
]]>But a "farthest descendant" thing is coming tomorrow.
]]>I am processing all client-supplied strings with regex's to allow only the characters and format that I want to allow.
Turns out that single quotes are allowed in spoken words, and I just put that in the regex without thinking about it...
Fix is just to surround it with double quotes in the query, as double quotes are not allowed in spoken text.
Also, I was able to go through the log of all the failed queries and re-insert them with a fix-up, so all those "lost lives" are in there now.
]]>]]>Your name is '; DROP TABLE players; '
If your last words contain a ' character, it essentially counts as an SQL injection, breaking the insert query for your life and failing to log you as dead, so you never appear in the family tree.
*yikes*
]]>If your last words contain a ' character, it essentially counts as an SQL injection, breaking the insert query for your life and failing to log you as dead, so you never appear in the family tree.
I will fix this tomorrow!
]]>However I seem to have a few lives that are not appearing in the browser. For instance I was an Eve and died of starvation at 23, but there is no trace of this happening. I also had a case where I lived to 40 and never saw my character appear in the browser.
Am I missing something or is there a bug?
]]>Play the game for 9 minutes, start a family lasting 50 generations +
]]>