diff --git a/public/index.php b/public/index.php index fb0acd4..cb9280b 100644 --- a/public/index.php +++ b/public/index.php @@ -1,63 +1,77 @@ -install.php from your Dragon Knight directory before continuing."); } -include('lib.php'); -include('cookies.php'); -$link = opendb(); -$controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control"); -$controlrow = mysql_fetch_array($controlquery); +// index.php :: Primary program script, evil alien overlord, you decide. + +if (!file_exists('../.installed')) { + header('Location: install.php'); + exit; +} + +require_once '../src/lib.php'; + +$controlrow = get_control_row(); // Login (or verify) if not logged in. -$userrow = checkcookies(); -if ($userrow == false) { - if (isset($_GET["do"])) { - if ($_GET["do"] == "verify") { header("Location: users.php?do=verify"); die(); } +if (($userrow = checkcookies()) === false) { + if (isset($_GET['do']) && $_GET['do'] === 'verify') { + header("Location: users.php?do=verify"); + exit; } - header("Location: login.php?do=login"); die(); + + header("Location: login.php?do=login"); + exit; } + // Close game. -if ($controlrow["gameopen"] == 0) { display("The game is currently closed for maintanence. Please check back later.","Game Closed"); die(); } +if ((bool) $controlrow["gameopen"] === false) { + display("The game is currently closed for maintanence. Please check back later.", "Game Closed"); + exit; +} + // Force verify if the user isn't verified yet. -if ($controlrow["verifyemail"] == 1 && $userrow["verify"] != 1) { header("Location: users.php?do=verify"); die(); } +if ((bool) $controlrow["verifyemail"] && (bool) $userrow["verify"] === false) { + header("Location: users.php?do=verify"); + exit; +} + // Block user if he/she has been banned. -if ($userrow["authlevel"] == 2) { die("Your account has been blocked. Please try back later."); } +if ($userrow["authlevel"] === 2) { + exit("Your account has been blocked."); +} -if (isset($_GET["do"])) { - $do = explode(":",$_GET["do"]); - - // Town functions. - if ($do[0] == "inn") { include('towns.php'); inn(); } - elseif ($do[0] == "buy") { include('towns.php'); buy(); } - elseif ($do[0] == "buy2") { include('towns.php'); buy2($do[1]); } - elseif ($do[0] == "buy3") { include('towns.php'); buy3($do[1]); } - elseif ($do[0] == "sell") { include('towns.php'); sell(); } - elseif ($do[0] == "maps") { include('towns.php'); maps(); } - elseif ($do[0] == "maps2") { include('towns.php'); maps2($do[1]); } - elseif ($do[0] == "maps3") { include('towns.php'); maps3($do[1]); } - elseif ($do[0] == "gotown") { include('towns.php'); travelto($do[1]); } - - // Exploring functions. - elseif ($do[0] == "move") { include('explore.php'); move(); } - - // Fighting functions. - elseif ($do[0] == "fight") { include('fight.php'); fight(); } - elseif ($do[0] == "victory") { include('fight.php'); victory(); } - elseif ($do[0] == "drop") { include('fight.php'); drop(); } - elseif ($do[0] == "dead") { include('fight.php'); dead(); } - - // Misc functions. - elseif ($do[0] == "verify") { header("Location: users.php?do=verify"); die(); } - elseif ($do[0] == "spell") { include('heal.php'); healspells($do[1]); } - elseif ($do[0] == "showchar") { showchar(); } - elseif ($do[0] == "onlinechar") { onlinechar($do[1]); } - elseif ($do[0] == "showmap") { showmap(); } - elseif ($do[0] == "babblebox") { babblebox(); } - elseif ($do[0] == "ninja") { ninja(); } - -} else { donothing(); } +require_once '../src/towns.php'; +require_once '../src/explore.php'; +require_once '../src/fight.php'; +require_once '../src/heal.php'; -function donothing() { - +$do = explode(':', $_GET['do'] ?? ''); +match ($do[0]) { + 'inn' => inn(), + 'buy' => buy(), + 'buy2' => buy2($do[1]), + 'buy3' => buy3($do[1]), + // 'sell' => sell(), + 'maps' => maps(), + 'maps2' => maps2($do[1]), + 'maps3' => maps3($do[1]), + 'gotown' => travelto($do[1]), + 'move' => move(), + 'fight' => fight(), + 'victory' => victory(), + 'drop' => drop(), + 'dead' => dead(), + 'verify' => header("Location: users.php?do=verify"), + 'spell' => healspells($do[1]), + 'showchar' => showchar(), + 'onlinechar' => onlinechar($do[1]), + 'showmap' => showmap(), + 'babblebox' => babblebox(), + 'ninja' => ninja(), + default => donothing() +}; + +function donothing() +{ global $userrow; if ($userrow["currentaction"] == "In Town") { @@ -70,92 +84,108 @@ function donothing() { $page = dofight(); $title = "Fighting"; } - + display($page, $title); - } -function dotown() { // Spit out the main town page. - - global $userrow, $controlrow, $numqueries; - - $townquery = doquery("SELECT * FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); - if (mysql_num_rows($townquery) == 0) { display("There is an error with your user account, or with the town data. Please try again.","Error"); } - $townrow = mysql_fetch_array($townquery); - +/** + * Spit out the main town page. + */ +function dotown() +{ + global $userrow, $controlrow; + + $townquery = db()->query('SELECT * FROM towns WHERE latitude = ? AND longitude = ? LIMIT 1;', [$userrow["latitude"], $userrow["longitude"]]); + if ($townquery === false) display("There is an error with your user account, or with the town data. Please try again.", "Error"); + $townrow = $townquery->fetchArray(SQLITE3_ASSOC); + if ($townrow === false) display("There is an error with your user account, or with the town data. Please try again.","Error"); + // News box. Grab latest news entry and display it. Something a little more graceful coming soon maybe. - if ($controlrow["shownews"] == 1) { - $newsquery = doquery("SELECT * FROM {{table}} ORDER BY id DESC LIMIT 1", "news"); - $newsrow = mysql_fetch_array($newsquery); + if ($controlrow["shownews"] == 1) { + $newsrow = db()->query('SELECT * FROM news ORDER BY id DESC LIMIT 1;')->fetchArray(SQLITE3_ASSOC); $townrow["news"] = "
Latest News
\n"; $townrow["news"] .= "[".prettydate($newsrow["postdate"])."]
".nl2br($newsrow["content"]); $townrow["news"] .= "
\n"; - } else { $townrow["news"] = ""; } - + } else { + $townrow["news"] = ""; + } + // Who's Online. Currently just members. Guests maybe later. if ($controlrow["showonline"] == 1) { - $onlinequery = doquery("SELECT * FROM {{table}} WHERE UNIX_TIMESTAMP(onlinetime) >= '".(time()-600)."' ORDER BY charname", "users"); + $onlinequery = db()->query("SELECT * FROM news WHERE strftime('%s', onlinetime) >= strftime('%s', 'now') - 600 ORDER BY charname"); + + $online_count = 0; + $online_rows = []; + + foreach ($onlinequery->fetchArray(SQLITE3_ASSOC) as $onlinerow) { + $online_count++; + $online_rows[] = "".$onlinerow["charname"]."" . ", "; + } + $townrow["whosonline"] = "
Who's Online
\n"; - $townrow["whosonline"] .= "There are " . mysql_num_rows($onlinequery) . " user(s) online within the last 10 minutes: "; - while ($onlinerow = mysql_fetch_array($onlinequery)) { $townrow["whosonline"] .= "".$onlinerow["charname"]."" . ", "; } - $townrow["whosonline"] = rtrim($townrow["whosonline"], ", "); + $townrow["whosonline"] .= "There are $online_count user(s) online within the last 10 minutes: "; + $townrow["whosonline"] .= rtrim(implode(', ', $online_rows), ', '); $townrow["whosonline"] .= "
\n"; - } else { $townrow["whosonline"] = ""; } - + } else { + $townrow["whosonline"] = ""; + } + if ($controlrow["showbabble"] == 1) { $townrow["babblebox"] = "
Babble Box
\n"; $townrow["babblebox"] .= ""; $townrow["babblebox"] .= "
\n"; - } else { $townrow["babblebox"] = ""; } - + } else { + $townrow["babblebox"] = ""; + } + $page = gettemplate("towns"); $page = parsetemplate($page, $townrow); - - return $page; - -} - -function doexplore() { // Just spit out a blank exploring page. - - // Exploring without a GET string is normally when they first log in, or when they've just finished fighting. - -$page = << -Exploring - -You are exploring the map, and nothing has happened. Continue exploring using the direction buttons or the Travel To menus. - - -END; return $page; - } -function dofight() { // Redirect to fighting. - +/** + * Just spit out a blank exploring page. Exploring without a GET string is normally when they first log in, or when + * they've just finished fighting. + */ +function doexplore() +{ + return << + Exploring + + You are exploring the map, and nothing has happened. Continue exploring using the direction buttons or the Travel To menus. + + + HTML; +} + +/** + * Redirect to fighting. + */ +function dofight() +{ header("Location: index.php?do=fight"); - } -function showchar() { - +function showchar() +{ global $userrow, $controlrow; - + // Format various userrow stuffs. $userrow["experience"] = number_format($userrow["experience"]); $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["expbonus"] > 0) { - $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; + if ($userrow["expbonus"] > 0) { + $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; } elseif ($userrow["expbonus"] < 0) { $userrow["plusexp"] = "(".$userrow["expbonus"]."%)"; } else { $userrow["plusexp"] = ""; } - if ($userrow["goldbonus"] > 0) { - $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; - } elseif ($userrow["goldbonus"] < 0) { + if ($userrow["goldbonus"] > 0) { + $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; + } elseif ($userrow["goldbonus"] < 0) { $userrow["plusgold"] = "(".$userrow["goldbonus"]."%)"; } else { $userrow["plusgold"] = ""; } - + $levelquery = doquery("SELECT ". $userrow["charclass"]."_exp FROM {{table}} WHERE id='".($userrow["level"]+1)."' LIMIT 1", "levels"); $levelrow = mysql_fetch_array($levelquery); if ($userrow["level"] < 99) { $userrow["nextlevel"] = number_format($levelrow[$userrow["charclass"]."_exp"]); } else { $userrow["nextlevel"] = "None"; } @@ -163,11 +193,11 @@ function showchar() { if ($userrow["charclass"] == 1) { $userrow["charclass"] = $controlrow["class1name"]; } elseif ($userrow["charclass"] == 2) { $userrow["charclass"] = $controlrow["class2name"]; } elseif ($userrow["charclass"] == 3) { $userrow["charclass"] = $controlrow["class3name"]; } - + if ($userrow["difficulty"] == 1) { $userrow["difficulty"] = $controlrow["diff1name"]; } elseif ($userrow["difficulty"] == 2) { $userrow["difficulty"] = $controlrow["diff2name"]; } elseif ($userrow["difficulty"] == 3) { $userrow["difficulty"] = $controlrow["diff3name"]; } - + $spellquery = doquery("SELECT id,name FROM {{table}}","spells"); $userspells = explode(",",$userrow["spells"]); $userrow["magiclist"] = ""; @@ -181,40 +211,39 @@ function showchar() { } } if ($userrow["magiclist"] == "") { $userrow["magiclist"] = "None"; } - + // Make page tags for XHTML validation. $xml = "\n" . "\n" . "\n"; - + $charsheet = gettemplate("showchar"); $page = $xml . gettemplate("minimal"); $array = array("content"=>parsetemplate($charsheet, $userrow), "title"=>"Character Information"); echo parsetemplate($page, $array); die(); - } function onlinechar($id) { - + global $controlrow; $userquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "users"); if (mysql_num_rows($userquery) == 1) { $userrow = mysql_fetch_array($userquery); } else { display("No such user.", "Error"); } - + // Format various userrow stuffs. $userrow["experience"] = number_format($userrow["experience"]); $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["expbonus"] > 0) { - $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; + if ($userrow["expbonus"] > 0) { + $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; } elseif ($userrow["expbonus"] < 0) { $userrow["plusexp"] = "(".$userrow["expbonus"]."%)"; } else { $userrow["plusexp"] = ""; } - if ($userrow["goldbonus"] > 0) { - $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; - } elseif ($userrow["goldbonus"] < 0) { + if ($userrow["goldbonus"] > 0) { + $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; + } elseif ($userrow["goldbonus"] < 0) { $userrow["plusgold"] = "(".$userrow["goldbonus"]."%)"; } else { $userrow["plusgold"] = ""; } - + $levelquery = doquery("SELECT ". $userrow["charclass"]."_exp FROM {{table}} WHERE id='".($userrow["level"]+1)."' LIMIT 1", "levels"); $levelrow = mysql_fetch_array($levelquery); $userrow["nextlevel"] = number_format($levelrow[$userrow["charclass"]."_exp"]); @@ -222,37 +251,37 @@ function onlinechar($id) { if ($userrow["charclass"] == 1) { $userrow["charclass"] = $controlrow["class1name"]; } elseif ($userrow["charclass"] == 2) { $userrow["charclass"] = $controlrow["class2name"]; } elseif ($userrow["charclass"] == 3) { $userrow["charclass"] = $controlrow["class3name"]; } - + if ($userrow["difficulty"] == 1) { $userrow["difficulty"] = $controlrow["diff1name"]; } elseif ($userrow["difficulty"] == 2) { $userrow["difficulty"] = $controlrow["diff2name"]; } elseif ($userrow["difficulty"] == 3) { $userrow["difficulty"] = $controlrow["diff3name"]; } - + $charsheet = gettemplate("onlinechar"); $page = parsetemplate($charsheet, $userrow); display($page, "Character Information"); - + } function showmap() { - - global $userrow; - + + global $userrow; + // Make page tags for XHTML validation. $xml = "\n" . "\n" . "\n"; - + $page = $xml . gettemplate("minimal"); $array = array("content"=>"
\"Map\"
", "title"=>"Map"); echo parsetemplate($page, $array); die(); - + } function babblebox() { - + global $userrow; - + if (isset($_POST["babble"])) { $safecontent = makesafe($_POST["babble"]); if ($safecontent == "" || $safecontent == " ") { //blank post. do nothing. @@ -260,17 +289,17 @@ function babblebox() { header("Location: index.php?do=babblebox"); die(); } - + $babblebox = array("content"=>""); $bg = 1; $babblequery = doquery("SELECT * FROM {{table}} ORDER BY id DESC LIMIT 20", "babble"); while ($babblerow = mysql_fetch_array($babblequery)) { if ($bg == 1) { $new = "
[".$babblerow["author"]."] ".$babblerow["babble"]."
\n"; $bg = 2; } - else { $new = "
[".$babblerow["author"]."] ".stripslashes($babblerow["babble"])."
\n"; $bg = 1; } + else { $new = "
[".$babblerow["author"]."] ".stripslashes($babblerow["babble"])."
\n"; $bg = 1; } $babblebox["content"] = $new . $babblebox["content"]; } $babblebox["content"] .= "

"; - + // Make page tags for XHTML validation. $xml = "\n" . "\n" @@ -281,8 +310,10 @@ function babblebox() { } -function ninja() { - header("Location: http://www.se7enet.com/img/shirtninja.jpg"); +/** + * NINJA! 🥷 + */ +function ninja(): void +{ + exit('NINJA! 🥷'); } - -?> \ No newline at end of file diff --git a/public/install.php b/public/install.php index c07334a..430274a 100644 --- a/public/install.php +++ b/public/install.php @@ -1,15 +1,13 @@ second(), 3 => third(), 4 => fourth(), @@ -17,13 +15,12 @@ match ((int) $_GET['page'] ?? 0) { default => first(), }; - /** * First page - show warnings and gather info */ function first() { - echo << Dragon Knight Installation @@ -44,7 +41,7 @@ function first() - END; + HTML; exit; } @@ -58,18 +55,18 @@ function second() $full = isset($_POST["complete"]); - $query = db()->exec(<<exec(<<' : 'Error creating Babble Box table.'; - $query = db()->exec(<<exec(<<' : 'Error creating Control table.'; @@ -101,7 +98,7 @@ function second() echo $query === true ? 'Control table populated.
' : 'Error populating Control table.'; - $query = db()->exec(<<exec(<<' : 'Error creating Drops table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Drops table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating Forum table.'; - $query = db()->exec(<<exec(<<' : 'Error creating Items table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Items table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating Levels table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Levels table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating Monsters table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Monsters table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating News table.'; @@ -549,7 +546,7 @@ function second() echo $query === true ? 'News table populated.
' : 'Error populating News table.'; - $query = db()->exec(<<exec(<<' : 'Error creating Spells table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Spells table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating Towns table.'; if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Towns table.'; } - $query = db()->exec(<<exec(<<' : 'Error creating Users table.'; @@ -686,7 +683,7 @@ function second() */ function third() { - echo << Dragon Knight Installation @@ -708,7 +705,7 @@ function third() - END; + HTML; exit; } @@ -764,7 +761,7 @@ function fourth() file_put_contents('../.installed', date('Y-m-d H:i:s')); - echo << Dragon Knight Installation @@ -782,7 +779,7 @@ function fourth() click here. - END; + HTML; exit; } @@ -796,7 +793,7 @@ function fifth() die('Dragon Knight was unable to send your URL. Please go back and try again, or just continue on to the game.'); } - echo << Dragon Knight Installation @@ -807,7 +804,7 @@ function fifth() You are now ready to play the game. Note that you must log in through the public section before being allowed into the control panel. Once logged in, an "Admin" link will appear in the Functions box of the left sidebar panel. - END; + HTML; exit; } diff --git a/public/login.php b/public/login.php index d056fb9..482f1d9 100644 --- a/public/login.php +++ b/public/login.php @@ -1,42 +1,47 @@ - login(), + 'logout' => logout() +}; + +function login() +{ + if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $u = trim($_POST['username'] ?? ''); + + $query = db()->query('SELECT * FROM users WHERE username = ? LIMIT 1;', [$u]); + if ($query === false) die("Invalid username or password. Please go back and try again."); + $row = $query->fetchArray(SQLITE3_ASSOC); + if (!password_verify($_POST['password'] ?? '', $row['password'])) die("Invalid username or password. Please go back and try again."); + + $expiretime = isset($_POST["rememberme"]) ? time() + 31536000 : 0; + $rememberme = isset($_POST["rememberme"]) ? 1 : 0; + $cookie = implode(' ', [$row['id'], $row['username'], $row['password'], $rememberme]); + + set_cookie("dkgame", $cookie, $expiretime); header("Location: index.php"); - die(); - - } - + exit; + } + $page = gettemplate("login"); $title = "Log In"; display($page, $title, false, false, false, false); - } - -function logout() { - - setcookie("dkgame", "", time()-100000, "/", "", 0); + +function logout() +{ + set_cookie("dkgame", "", -3600); header("Location: login.php?do=login"); die(); - } - -?> \ No newline at end of file diff --git a/database.php b/src/database.php similarity index 100% rename from database.php rename to src/database.php diff --git a/public/explore.php b/src/explore.php similarity index 100% rename from public/explore.php rename to src/explore.php diff --git a/public/fight.php b/src/fight.php similarity index 100% rename from public/fight.php rename to src/fight.php diff --git a/public/heal.php b/src/heal.php similarity index 100% rename from public/heal.php rename to src/heal.php diff --git a/lib.php b/src/lib.php similarity index 90% rename from lib.php rename to src/lib.php index d8bb741..88af80b 100644 --- a/lib.php +++ b/src/lib.php @@ -2,22 +2,21 @@ require_once __DIR__ . '/database.php'; -$starttime = getmicrotime(); -$numqueries = 0; -$version = "1.1.11"; -$build = ""; +define('VERSION', '1.1.11'); +define('BUILD', ''); +define('START', microtime(true)); /** - * Open/get SQLite database connection. + * Open or get SQLite database connection. */ function db(): Database { - return $GLOBALS['database'] ??= new Database(__DIR__ . '/database.db'); + return $GLOBALS['database'] ??= new Database(__DIR__ . '/../database.db'); } function gettemplate($templatename) { // SQL query for the template. - $filename = "templates/" . $templatename . ".php"; + $filename = __DIR__ . "/../templates/" . $templatename . ".php"; include("$filename"); return $template; @@ -71,19 +70,19 @@ function makesafe($d) { function admindisplay($content, $title) { // Finalize page and output to browser. - global $numqueries, $userrow, $controlrow, $starttime, $version, $build; + global $userrow, $controlrow; if (!isset($controlrow)) { $query = db()->query('SELECT * FROM control WHERE id=1 LIMIT 1;'); $controlrow = $query->fetchArray(SQLITE3_ASSOC); } $page = parsetemplate(gettemplate("admin"), [ - "title"=>$title, - "content"=>$content, - "totaltime"=>round(getmicrotime() - $starttime, 4), - "numqueries"=>$numqueries, - "version"=>$version, - "build"=>$build + "title" => $title, + "content" => $content, + "totaltime" => round(getmicrotime() - START, 4), + "numqueries" => db()->count, + "version" => VERSION, + "build" => BUILD ]); echo "\n" . $page; @@ -194,16 +193,16 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true, } $page = parsetemplate(gettemplate("primary"), [ - "dkgamename"=>$controlrow["gamename"], - "title"=>$title, - "content"=>$content, - "rightnav"=>parsetemplate($rightnav,$userrow), - "leftnav"=>parsetemplate($leftnav,$userrow), - "topnav"=>$topnav, - "totaltime"=>round(microtime(true) - $starttime, 4), - "numqueries"=>$numqueries, - "version"=>$version, - "build"=>$build + "dkgamename" => $controlrow["gamename"], + "title" => $title, + "content" => $content, + "rightnav" => parsetemplate($rightnav, $userrow), + "leftnav" => parsetemplate($leftnav, $userrow), + "topnav" => $topnav, + "totaltime" => round(getmicrotime() - START, 4), + "numqueries" => db()->count, + "version" => VERSION, + "build" => BUILD ]); echo "\n" . $page; @@ -245,3 +244,13 @@ function set_cookie($name, $value, $expires) 'samesite' => 'Strict' // Enforce SameSite=Strict ]); } + +/** + * Get the current control row from the database. + */ +function get_control_row(): array|false +{ + $query = db()->query('SELECT * FROM control WHERE id = 1 LIMIT 1;'); + if ($query === false) return false; + return $query->fetchArray(SQLITE3_ASSOC); +} diff --git a/public/towns.php b/src/towns.php similarity index 96% rename from public/towns.php rename to src/towns.php index 8481e79..fea5ab3 100644 --- a/public/towns.php +++ b/src/towns.php @@ -1,56 +1,56 @@
Get a life, loser.", "Error"); } $townrow = mysql_fetch_array($townquery); - + if ($userrow["gold"] < $townrow["innprice"]) { display("You do not have enough gold to stay at this Inn tonight.

You may return to town, or use the direction buttons on the left to start exploring.", "Inn"); die(); } - + if (isset($_POST["submit"])) { - + $newgold = $userrow["gold"] - $townrow["innprice"]; $query = doquery("UPDATE {{table}} SET gold='$newgold',currenthp='".$userrow["maxhp"]."',currentmp='".$userrow["maxmp"]."',currenttp='".$userrow["maxtp"]."' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); $title = "Inn"; $page = "You wake up feeling refreshed and ready for action.

You may return to town, or use the direction buttons on the left to start exploring."; - + } elseif (isset($_POST["cancel"])) { - + header("Location: index.php"); die(); - + } else { - + $title = "Inn"; $page = "Resting at the inn will refill your current HP, MP, and TP to their maximum levels.

\n"; $page .= "A night's sleep at this Inn will cost you " . $townrow["innprice"] . " gold. Is that ok?

\n"; $page .= "
\n"; $page .= " \n"; $page .= "
\n"; - + } - + display($page, $title); - + } function buy() { // Displays a list of available items for purchase. - + global $userrow, $numqueries; - + $townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } $townrow = mysql_fetch_array($townquery); - + $itemslist = explode(",",$townrow["itemslist"]); $querystring = ""; foreach($itemslist as $a=>$b) { $querystring .= "id='$b' OR "; } $querystring = rtrim($querystring, " OR "); - + $itemsquery = doquery("SELECT * FROM {{table}} WHERE $querystring ORDER BY id", "items"); $page = "Buying weapons will increase your Attack Power. Buying armor and shields will increase your Defense Power.

Click an item name to purchase it.

The following items are available at this town:

\n"; $page .= "\n"; @@ -70,28 +70,28 @@ function buy() { // Displays a list of available items for purchase. $page .= "

\n"; $page .= "If you've changed your mind, you may also return back to town.\n"; $title = "Buy Items"; - + display($page, $title); - + } function buy2($id) { // Confirm user's intent to purchase item. - + global $userrow, $numqueries; - + $townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } $townrow = mysql_fetch_array($townquery); $townitems = explode(",",$townrow["itemslist"]); if (! in_array($id, $townitems)) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } - + $itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); $itemsrow = mysql_fetch_array($itemsquery); - + if ($userrow["gold"] < $itemsrow["buycost"]) { display("You do not have enough gold to buy this item.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Items"); die(); } - + if ($itemsrow["type"] == 1) { - if ($userrow["weaponid"] != 0) { + if ($userrow["weaponid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["weaponid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); $page = "If you are buying the ".$itemsrow["name"].", then I will buy your ".$itemsrow2["name"]." for ".ceil($itemsrow2["buycost"]/2)." gold. Is that ok?

"; @@ -99,7 +99,7 @@ function buy2($id) { // Confirm user's intent to purchase item. $page = "You are buying the ".$itemsrow["name"].", is that ok?

"; } } elseif ($itemsrow["type"] == 2) { - if ($userrow["armorid"] != 0) { + if ($userrow["armorid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["armorid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); $page = "If you are buying the ".$itemsrow["name"].", then I will buy your ".$itemsrow2["name"]." for ".ceil($itemsrow2["buycost"]/2)." gold. Is that ok?

"; @@ -107,7 +107,7 @@ function buy2($id) { // Confirm user's intent to purchase item. $page = "You are buying the ".$itemsrow["name"].", is that ok?

"; } } elseif ($itemsrow["type"] == 3) { - if ($userrow["shieldid"] != 0) { + if ($userrow["shieldid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["shieldid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); $page = "If you are buying the ".$itemsrow["name"].", then I will buy your ".$itemsrow2["name"]." for ".ceil($itemsrow2["buycost"]/2)." gold. Is that ok?

"; @@ -115,39 +115,39 @@ function buy2($id) { // Confirm user's intent to purchase item. $page = "You are buying the ".$itemsrow["name"].", is that ok?

"; } } - + $title = "Buy Items"; display($page, $title); - + } function buy3($id) { // Update user profile with new item & stats. - + if (isset($_POST["cancel"])) { header("Location: index.php"); die(); } - + global $userrow; - + $townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } $townrow = mysql_fetch_array($townquery); $townitems = explode(",",$townrow["itemslist"]); if (! in_array($id, $townitems)) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } - + $itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); $itemsrow = mysql_fetch_array($itemsquery); - + if ($userrow["gold"] < $itemsrow["buycost"]) { display("You do not have enough gold to buy this item.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Items"); die(); } - + if ($itemsrow["type"] == 1) { // weapon - + // Check if they already have an item in the slot. - if ($userrow["weaponid"] != 0) { + if ($userrow["weaponid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["weaponid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); } else { $itemsrow2 = array("attribute"=>0,"buycost"=>0,"special"=>"X"); } - + // Special item fields. $specialchange1 = ""; $specialchange2 = ""; @@ -167,7 +167,7 @@ function buy3($id) { // Update user profile with new item & stats. if ($tochange2 == "strength") { $userrow["attackpower"] -= $special2[1]; } if ($tochange2 == "dexterity") { $userrow["defensepower"] -= $special2[1]; } } - + // New stats. $newgold = $userrow["gold"] + ceil($itemsrow2["buycost"]/2) - $itemsrow["buycost"]; $newattack = $userrow["attackpower"] + $itemsrow["attribute"] - $itemsrow2["attribute"]; @@ -177,20 +177,20 @@ function buy3($id) { // Update user profile with new item & stats. if ($userrow["currenthp"] > $userrow["maxhp"]) { $newhp = $userrow["maxhp"]; } else { $newhp = $userrow["currenthp"]; } if ($userrow["currentmp"] > $userrow["maxmp"]) { $newmp = $userrow["maxmp"]; } else { $newmp = $userrow["currentmp"]; } if ($userrow["currenttp"] > $userrow["maxtp"]) { $newtp = $userrow["maxtp"]; } else { $newtp = $userrow["currenttp"]; } - + // Final update. $updatequery = doquery("UPDATE {{table}} SET $specialchange1 $specialchange2 gold='$newgold', attackpower='$newattack', weaponid='$newid', weaponname='$newname', currenthp='$newhp', currentmp='$newmp', currenttp='$newtp' WHERE id='$userid' LIMIT 1", "users"); - + } elseif ($itemsrow["type"] == 2) { // Armor // Check if they already have an item in the slot. - if ($userrow["armorid"] != 0) { + if ($userrow["armorid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["armorid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); } else { $itemsrow2 = array("attribute"=>0,"buycost"=>0,"special"=>"X"); } - + // Special item fields. $specialchange1 = ""; $specialchange2 = ""; @@ -210,7 +210,7 @@ function buy3($id) { // Update user profile with new item & stats. if ($tochange2 == "strength") { $userrow["attackpower"] -= $special2[1]; } if ($tochange2 == "dexterity") { $userrow["defensepower"] -= $special2[1]; } } - + // New stats. $newgold = $userrow["gold"] + ceil($itemsrow2["buycost"]/2) - $itemsrow["buycost"]; $newdefense = $userrow["defensepower"] + $itemsrow["attribute"] - $itemsrow2["attribute"]; @@ -220,20 +220,20 @@ function buy3($id) { // Update user profile with new item & stats. if ($userrow["currenthp"] > $userrow["maxhp"]) { $newhp = $userrow["maxhp"]; } else { $newhp = $userrow["currenthp"]; } if ($userrow["currentmp"] > $userrow["maxmp"]) { $newmp = $userrow["maxmp"]; } else { $newmp = $userrow["currentmp"]; } if ($userrow["currenttp"] > $userrow["maxtp"]) { $newtp = $userrow["maxtp"]; } else { $newtp = $userrow["currenttp"]; } - + // Final update. $updatequery = doquery("UPDATE {{table}} SET $specialchange1 $specialchange2 gold='$newgold', defensepower='$newdefense', armorid='$newid', armorname='$newname', currenthp='$newhp', currentmp='$newmp', currenttp='$newtp' WHERE id='$userid' LIMIT 1", "users"); } elseif ($itemsrow["type"] == 3) { // Shield // Check if they already have an item in the slot. - if ($userrow["shieldid"] != 0) { + if ($userrow["shieldid"] != 0) { $itemsquery2 = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["shieldid"]."' LIMIT 1", "items"); $itemsrow2 = mysql_fetch_array($itemsquery2); } else { $itemsrow2 = array("attribute"=>0,"buycost"=>0,"special"=>"X"); } - + // Special item fields. $specialchange1 = ""; $specialchange2 = ""; @@ -253,7 +253,7 @@ function buy3($id) { // Update user profile with new item & stats. if ($tochange2 == "strength") { $userrow["attackpower"] -= $special2[1]; } if ($tochange2 == "dexterity") { $userrow["defensepower"] -= $special2[1]; } } - + // New stats. $newgold = $userrow["gold"] + ceil($itemsrow2["buycost"]/2) - $itemsrow["buycost"]; $newdefense = $userrow["defensepower"] + $itemsrow["attribute"] - $itemsrow2["attribute"]; @@ -263,32 +263,32 @@ function buy3($id) { // Update user profile with new item & stats. if ($userrow["currenthp"] > $userrow["maxhp"]) { $newhp = $userrow["maxhp"]; } else { $newhp = $userrow["currenthp"]; } if ($userrow["currentmp"] > $userrow["maxmp"]) { $newmp = $userrow["maxmp"]; } else { $newmp = $userrow["currentmp"]; } if ($userrow["currenttp"] > $userrow["maxtp"]) { $newtp = $userrow["maxtp"]; } else { $newtp = $userrow["currenttp"]; } - + // Final update. - $updatequery = doquery("UPDATE {{table}} SET $specialchange1 $specialchange2 gold='$newgold', defensepower='$newdefense', shieldid='$newid', shieldname='$newname', currenthp='$newhp', currentmp='$newmp', currenttp='$newtp' WHERE id='$userid' LIMIT 1", "users"); - + $updatequery = doquery("UPDATE {{table}} SET $specialchange1 $specialchange2 gold='$newgold', defensepower='$newdefense', shieldid='$newid', shieldname='$newname', currenthp='$newhp', currentmp='$newmp', currenttp='$newtp' WHERE id='$userid' LIMIT 1", "users"); + } - + display("Thank you for purchasing this item.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Items"); } function maps() { // List maps the user can buy. - + global $userrow, $numqueries; - + $mappedtowns = explode(",",$userrow["towns"]); - + $page = "Buying maps will put the town in your Travel To box, and it won't cost you as many TP to get there.

\n"; $page .= "Click a town name to purchase its map.

\n"; $page .= "\n"; - + $townquery = doquery("SELECT * FROM {{table}} ORDER BY id", "towns"); while ($townrow = mysql_fetch_array($townquery)) { - + if ($townrow["latitude"] >= 0) { $latitude = $townrow["latitude"] . "N,"; } else { $latitude = ($townrow["latitude"]*-1) . "S,"; } if ($townrow["longitude"] >= 0) { $longitude = $townrow["longitude"] . "E"; } else { $longitude = ($townrow["longitude"]*-1) . "W"; } - + $mapped = false; foreach($mappedtowns as $a => $b) { if ($b == $townrow["id"]) { $mapped = true; } @@ -298,76 +298,76 @@ function maps() { // List maps the user can buy. } else { $page .= "\n"; } - + } - + $page .= "
".$townrow["name"]."Already mapped.Location: $latitude $longitudeTP: ".$townrow["travelpoints"]."

\n"; $page .= "If you've changed your mind, you may also return back to town.\n"; - + display($page, "Buy Maps"); - + } function maps2($id) { // Confirm user's intent to purchase map. - + global $userrow, $numqueries; - + $townquery = doquery("SELECT name,mapprice FROM {{table}} WHERE id='$id' LIMIT 1", "towns"); $townrow = mysql_fetch_array($townquery); - + if ($userrow["gold"] < $townrow["mapprice"]) { display("You do not have enough gold to buy this map.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Maps"); die(); } - + $page = "You are buying the ".$townrow["name"]." map. Is that ok?

"; - + display($page, "Buy Maps"); - + } function maps3($id) { // Add new map to user's profile. - + if (isset($_POST["cancel"])) { header("Location: index.php"); die(); } - + global $userrow, $numqueries; - + $townquery = doquery("SELECT name,mapprice FROM {{table}} WHERE id='$id' LIMIT 1", "towns"); $townrow = mysql_fetch_array($townquery); - + if ($userrow["gold"] < $townrow["mapprice"]) { display("You do not have enough gold to buy this map.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Maps"); die(); } - + $mappedtowns = $userrow["towns"].",$id"; $newgold = $userrow["gold"] - $townrow["mapprice"]; - + $updatequery = doquery("UPDATE {{table}} SET towns='$mappedtowns',gold='$newgold' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); - + display("Thank you for purchasing this map.

You may return to town, store, or use the direction buttons on the left to start exploring.", "Buy Maps"); - + } function travelto($id, $usepoints=true) { // Send a user to a town from the Travel To menu. - + global $userrow, $numqueries; - + if ($userrow["currentaction"] == "Fighting") { header("Location: index.php?do=fight"); die(); } - + $townquery = doquery("SELECT name,travelpoints,latitude,longitude FROM {{table}} WHERE id='$id' LIMIT 1", "towns"); $townrow = mysql_fetch_array($townquery); - - if ($usepoints==true) { - if ($userrow["currenttp"] < $townrow["travelpoints"]) { - display("You do not have enough TP to travel here. Please go back and try again when you get more TP.", "Travel To"); die(); + + if ($usepoints==true) { + if ($userrow["currenttp"] < $townrow["travelpoints"]) { + display("You do not have enough TP to travel here. Please go back and try again when you get more TP.", "Travel To"); die(); } $mapped = explode(",",$userrow["towns"]); if (!in_array($id, $mapped)) { display("Cheat attempt detected.

Get a life, loser.", "Error"); } } - + if (($userrow["latitude"] == $townrow["latitude"]) && ($userrow["longitude"] == $townrow["longitude"])) { display("You are already in this town. Click here to return to the main town screen.", "Travel To"); die(); } - + if ($usepoints == true) { $newtp = $userrow["currenttp"] - $townrow["travelpoints"]; } else { $newtp = $userrow["currenttp"]; } - + $newlat = $townrow["latitude"]; $newlon = $townrow["longitude"]; $newid = $userrow["id"]; - + // If they got here by exploring, add this town to their map. $mapped = explode(",",$userrow["towns"]); $town = false; @@ -375,19 +375,16 @@ function travelto($id, $usepoints=true) { // Send a user to a town from the Trav if ($b == $id) { $town = true; } } $mapped = implode(",",$mapped); - if ($town == false) { + if ($town == false) { $mapped .= ",$id"; $mapped = "towns='".$mapped."',"; - } else { + } else { $mapped = "towns='".$mapped."',"; } - + $updatequery = doquery("UPDATE {{table}} SET currentaction='In Town',$mapped currenttp='$newtp',latitude='$newlat',longitude='$newlon' WHERE id='$newid' LIMIT 1", "users"); - + $page = "You have travelled to ".$townrow["name"].". You may now enter this town."; display($page, "Travel To"); - -} - -?> \ No newline at end of file +}