Well, me and my friend are trying to create a online text-based strategy game in PHP/MySQL (yeah like that hasn't been done before >.>). He's the ideas guy, and I'm the one coding most of this.

I just have a few things that I need help with:

1. We would like to have a coordinate/land/influence system. By this, I mean that upon registration, the user will be given x and y coordinates on a virtual grid, from which his land ring and influence ring get calculated.
The problem is, I have no idea on how to be able to calculate a person's land and ring of influence, even if I know their starting point (say, (0,0)), land ring (say, 5km each way), and influence ring (say, 30km) each way. Calculating this influence ring will be needed because it will work out when you reach someone's land borders, and influence rings may cause people from other nations riot and join you instead.
I know this sounds complex, but it's an integral feature of the game. I honestly have no idea how to make it work =/

2. What sort of server-side validation would you recommend to prevent people from using SQL injection whilst logging in/registering? (I know javascrpt validation is rubbish, therefore I'm not using it). Would you recommend blocking certain certain characters, and how would you check that such characters do not occur in PHP?

3. Yet again, I want to prevent anyone compromising the security of the data, this time in the Personal Messaging system. I would like to allow users to be able to enter things like bold text and italic and etc, but in BBCode format. Would I have to then replace the [ and ] for < and > before being inserted into the MySQL database, and then just display that when the person reads a message, and then get the code to check that the user didn't enter things like <script> and similar to try and execute code on the reader's page? If so, what things would you recommend checking against?


Sorry for such long questions, but I would be really grateful if you would help, as I'm new to PHP/MySQL and therefore am not sure on how to do this.
Thank you.

1) That is some basic math, and it largely depends on the method you want to store the locations and the granulatiry. If you really want to use a lot of location based information, it might be interesting to use a GIS database to store the information, for example PostGIS (Postgres + GIS additions). Which a GIS you can let the database do the hard location calculations.

For 2 + 3:I think this is a nice toturial: http://www.dreamincode.net/forums/showtopic52374.htm

Thanks for the help, but I don't know anything about postgres or GIS lol.

I'll check out that tutorial though.

Postgres doenst differ much from MySQL, you only use different commands and the same basic SQL syntax.

With PostGIS you can use points and distances, so you dont have to worry about that in your code. It's quite basic and easy to learn, far easier than doing all of it yourself in PHP. But it's your choise anyway. If you do need help, you know where to find me

I think my host doesn't have a postgres anyway, although it does sound that it might be a lot easier.

Still not sure about how i'm going to calculate this though ('basic math' is making me feel a bit stupid).
Say, one person starts on (0,0) and has a land ring of 5km. Amother perosn starts on (10,10) and has yet another land ring of 5km. I know that their land borders meet at (5,5), but how would I get this to worked out with code .

Sorry if I'm missing something really obvious here.

are you doing actual rings? it would be much easier to do squares . i know that doesn't make as much sense when you say it, but having everything on a grid would be much easier for you and it will not leave any dead space between realms.

Well, squares would be an option, and obviously the grid would simplify it. Actually, if a circle isn't possible, i guess we'll have to go with squares. But even then, you'd have to work out the outer coordinates/corners of the square, and then all the coordinates between those corners to form the square.

For every spot you can determine the nearest center, see the Nearest Neighbour algorithm.

It's a pity you cant use postgres, it has functions for this built-in