ok here is my question, i am updating my database to reflect all doors are open and taking flags out and such, now from what i am seeing the min_status field should reflect basically the quest part of the instanced and is cross referencing the flags/keys if i set these areas to zero in this field will that break the instanced zones or just open it up as a regular zone instead of an instanced zone? or will it stay instanced and just change every time you zone in?

min_status is done to lock zones from access to non-GMs, generally. min_status refers to the accounts status ( i.e. 0 = player, 100 = guide, 250 = GM, etc. ). status has nothing to do with flagging, though, i guess you could "bend" it to that purpose, but that is a possible security nightmare.

== sfisque

ok so what kind of a risk is it exactly? , if anyone that logs into my server has status 0 already, and i have to flag thier account to 100 or 250 depending on access level, it really shouldn't make a difference on the zone access level and to keep level 1 people out of the zone a min level cap to the zone. i was looking at the min_status to the zones and i see that over half, the normal zones, are already marked with 0 already. sorry i just don't understand what you mean as a security risk but thank you for your advice, would you mind elaborating a little bit for me though?

conceptual security risk:

server A uses min_status to control access to flagged zones.

zone azone01 requires min_status = 15.

player01 does the flagging quest, and has their status bumped from 0 to 15. player01 then, tries doing the quest again, to see what happens (lets face it, players are curious by nature). upon completing the quest, their status gets elevated from 15 to 30 (the quest writer forgot to test whether they already had the status set appropriately). now the player has status 30. they repeat this endeaveor a few more times, eventually gaining a status of 255+ which gives them GM status. they then run rampant through the server overwriting mob entries in the database, etc.

moral of the story: variables should not serve multiple exclusive purposes, except in specific context (careful bit masking, tight memory conditions, etc.)

why you see alot of zones set to status = 100. the PEQ crew generally keep zones set to 100 when they are not complete. case in point, PoNightmare is set to 100. it has mobs, spawns, loot, etc. but the factions are not complete, and most of the mobs are incorrectly indifferent. when was the last time you walked through PoN (on Live) fully visible and shook hands with a Scourge Hobgoblin who con'ed indifferent?

== sfisque

ya ok i see what your saying then, i did not know what the risk could possibly be, so i had to ask. ok so with me taking out the required flags and the keyitem and removing the lockpick ability and removing the level limit(for now) should do the trick then? or i should say clearing the flag fields and setting the other fields to 0 skill/item number? i am not really worried about this particular server as it is only a test server, i keep the minilogin active for a backup of what i am doing so i risk little with someone ever overwriting values,if it ever happened, so i am updating two servers at a time. i have marked my server as a test server so nobody would get the idea it was a live one for people to play on as it goes up and down a little more often, this is just till i have it set the way i want it. i have alot of updating mobs to make them one groupable. if i am going about it the wrong way please let me know. thanks for the info again

what you listed appears sane. setting min_status should be ok if you want people to just cavort around and "try stuff out". just remember to set it back to something higher until that zone is ready for "prime time".

and enjoy.

theres a million ways to fubar a server but you can always re-import the database, so experiment and have fun. :)

== sfisque

thanks again sfisque 8)