From 9348c171795f0cb7e02e949c1bcdcd924db2a1cb Mon Sep 17 00:00:00 2001 From: Sky Johnson Date: Thu, 12 Dec 2024 18:36:30 -0600 Subject: [PATCH] Completely repair admin panel --- public/admin.php | 1342 +++++++++++++++++++++-------------------- public/forum.php | 4 +- public/help.php | 3 +- public/index.php | 4 +- public/install.php | 783 ++++++++++++------------ public/login.php | 4 +- public/users.php | 4 +- src/lib.php | 37 +- templates/leftnav.php | 72 +-- 9 files changed, 1134 insertions(+), 1119 deletions(-) diff --git a/public/admin.php b/public/admin.php index cab4872..a8d83bc 100644 --- a/public/admin.php +++ b/public/admin.php @@ -1,87 +1,114 @@ -game before using the control panel."); } -if ($userrow["authlevel"] != 1) { die("You must have administrator privileges to use the control panel."); } -$controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control"); -$controlrow = mysql_fetch_array($controlquery); +// admin.php :: primary administration script. -if (isset($_GET["do"])) { - $do = explode(":",$_GET["do"]); +require_once '../src/lib.php'; - if ($do[0] == "main") { main(); } - elseif ($do[0] == "items") { items(); } - elseif ($do[0] == "edititem") { edititem($do[1]); } - elseif ($do[0] == "drops") { drops(); } - elseif ($do[0] == "editdrop") { editdrop($do[1]); } - elseif ($do[0] == "towns") { towns(); } - elseif ($do[0] == "edittown") { edittown($do[1]); } - elseif ($do[0] == "monsters") { monsters(); } - elseif ($do[0] == "editmonster") { editmonster($do[1]); } - elseif ($do[0] == "levels") { levels(); } - elseif ($do[0] == "editlevel") { editlevel(); } - elseif ($do[0] == "spells") { spells(); } - elseif ($do[0] == "editspell") { editspell($do[1]); } - elseif ($do[0] == "users") { users(); } - elseif ($do[0] == "edituser") { edituser($do[1]); } - elseif ($do[0] == "news") { addnews(); } +if (!file_exists('../.installed')) redirect('install.php'); -} else { donothing(); } - -function donothing() { - - $page = "Welcome to the Dragon Knight Administration section. Use the links on the left bar to control and edit various elements of the game.

Please note that the control panel has been created mostly as a shortcut for certain individual settings. It is meant for use primarily with editing one thing at a time. If you need to completely replace an entire table (say, to replace all stock monsters with your own new ones), it is suggested that you use a more in-depth database tool such as phpMyAdmin. Also, you may want to have a copy of the Dragon Knight development kit, available from the Dragon Knight homepage.

Also, you should be aware that certain portions of the DK code are dependent on the formatting of certain database results (for example, the special attributes on item drops). While I have attempted to point these out throughout the admin script, you should definitely pay attention and be careful when editing some fields, because mistakes in the database content may result in script errors or your game breaking completely."; - admindisplay($page, "Admin Home"); +$controlrow = get_control_row(); +// Login (or verify) if not logged in. +if (($userrow = checkcookies()) === false) { + if (isset($_GET['do']) && $_GET['do'] === 'verify') redirect('users.php?do=verify'); + redirect('login.php?do=login'); } -function main() { +if ($userrow["authlevel"] !== 1) exit("You must have administrator privileges to use the control panel."); +$do = explode(':', $_GET['do'] ?? ''); +match ($do[0]) { + 'main' => primary(), + 'items' => items(), + 'edititem' => edititem($do[1]), + 'drops' => drops(), + 'editdrop' => editdrop($do[1]), + 'towns' => towns(), + 'edittown' => edittown($do[1]), + 'monsters' => monsters(), + 'editmonster' => editmonster($do[1]), + 'levels' => levels(), + 'editlevel' => editlevel(), + 'spells' => spells(), + 'editspell' => editspell($do[1]), + 'users' => users(), + 'edituser' => edituser($do[1]), + 'news' => addnews(), + default => donothing() +}; + +function donothing() +{ + $page = <<
+ Please note that the control panel has been created mostly as a shortcut for certain individual settings. It is + meant for use primarily with editing one thing at a time. If you need to completely replace an entire table + (say, to replace all stock monsters with your own new ones), it is suggested that you use a more in-depth + database tool such as phpMyAdmin. Also, you may want + to have a copy of the Dragon Knight development kit, available from the + Dragon Knight homepage. +

+ Also, you should be aware that certain portions of the DK code are dependent on the formatting of certain + database results (for example, the special attributes on item drops). While I have attempted to point these out + throughout the admin script, you should definitely pay attention and be careful when editing some fields, + because mistakes in the database content may result in script errors or your game breaking completely. + HTML; + + admindisplay($page, "Admin Home"); +} + +function primary() +{ if (isset($_POST["submit"])) { - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($gamename == "") { $errors++; $errorlist .= "Game name is required.
"; } - if (($gamesize % 5) != 0) { $errors++; $errorlist .= "Map size must be divisible by five.
"; } - if (!is_numeric($gamesize)) { $errors++; $errorlist .= "Map size must be a number.
"; } - if ($class1name == "") { $errors++; $errorlist .= "Class 1 name is required.
"; } - if ($class2name == "") { $errors++; $errorlist .= "Class 2 name is required.
"; } - if ($class3name == "") { $errors++; $errorlist .= "Class 3 name is required.
"; } + $errors = []; - if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET gamename='$gamename',gamesize='$gamesize',class1name='$class1name',class2name='$class2name',class3name='$class3name',gameopen='$gameopen',verifyemail='$verifyemail',gameurl='$gameurl',adminemail='$adminemail',shownews='$shownews',showonline='$showonline',showbabble='$showbabble' WHERE id='1' LIMIT 1", "control"); - admindisplay("Settings updated.","Main Settings"); + $gn = trim($_POST['gamename'] ?? 'Dragon Knight'); + $gs = (int) trim($_POST['gamesize'] ?? 250); + $c1n = trim($_POST['class1name'] ?? 'Mage'); + $c2n = trim($_POST['class2name'] ?? 'Warrior'); + $c3n = trim($_POST['class3name'] ?? 'Paladin'); + + if (empty($gn)) $errors[] = "Game name is required."; + if (!is_int($gs) || !($gs > 0) || ($gs % 5) != 0) $errors[] = "Map size must be a number greater than 0 and divisible by five."; + if (empty($c1n) || empty($c2n) || empty($c3n)) $errors[] = "Class names are required."; + + if (count($errors) === 0) { + db()->query('UPDATE control SET gamename=?, gamesize=?, class1name=?, class2name=?, class3name=?, gameopen=?, verifyemail=?, gameurl=?, adminemail=?, shownews=?, showonline=?, showbabble=? WHERE id=1;', [ + $gn, $gs, $c1n, $c2n, $c3n, $_POST['gameopen'] ?? 1, $_POST['verifyemail'] ?? 1, $_POST['gameurl'] ?? '', $_POST['adminemail'] ?? '', $_POST['shownews'] ?? 1, $_POST['showonline'] ?? 1, $_POST['showbabble'] ?? 1 + ]); + + admindisplay("Settings updated.", "Main Settings"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Main Settings"); } } global $controlrow; -$page = <<Main Settings
-These options control several major settings for the overall game engine.

-
- - - - - - - - - - - - - -
Game Open:
Close the game if you are upgrading or working on settings and don't want to cause odd errors for end-users. Closing the game will completely halt all activity.
Game Name:
Default is "Dragon Knight". Change this if you want to change to call your game something different.
Game URL:
Please specify the full URL to your game installation ("http://www.server.com/dkpath/index.php"). This gets used in the registration email sent to users. If you leave this field blank or incorrect, users may not be able to register correctly.
Admin Email:
Please specify your email address. This gets used when the game has to send an email to users.
Map Size:
Default is 250. This is the size of each map quadrant. Note that monster levels increase every 5 spaces, so you should ensure that you have at least (map size / 5) monster levels total, otherwise there will be parts of the map without any monsters, or some monsters won't ever get used. Ex: with a map size of 250, you should have 50 monster levels total.
Email Verification:
Make users verify their email address for added security.
Show News:
Toggle display of the Latest News box in towns.
Show Who's Online:
Toggle display of the Who's Online box in towns.
Show Babblebox:
Toggle display of the Babble Box in towns.
Class 1 Name:
Class 2 Name:
Class 3 Name:
- -
-END; + $page = <<Main Settings
+ These options control several major settings for the overall game engine.

+
+ + + + + + + + + + + + + +
Game Open:
Close the game if you are upgrading or working on settings and don't want to cause odd errors for end-users. Closing the game will completely halt all activity.
Game Name:
Default is "Dragon Knight". Change this if you want to change to call your game something different.
Game URL:
Please specify the full URL to your game installation ("http://www.server.com/dkpath/index.php"). This gets used in the registration email sent to users. If you leave this field blank or incorrect, users may not be able to register correctly.
Admin Email:
Please specify your email address. This gets used when the game has to send an email to users.
Map Size:
Default is 250. This is the size of each map quadrant. Note that monster levels increase every 5 spaces, so you should ensure that you have at least (map size / 5) monster levels total, otherwise there will be parts of the map without any monsters, or some monsters won't ever get used. Ex: with a map size of 250, you should have 50 monster levels total.
Email Verification:
Make users verify their email address for added security.
Show News:
Toggle display of the Latest News box in towns.
Show Who's Online:
Toggle display of the Who's Online box in towns.
Show Babblebox:
Toggle display of the Babble Box in towns.
Class 1 Name:
Class 2 Name:
Class 3 Name:
+ +
+ HTML; if ($controlrow["verifyemail"] == 0) { $controlrow["selectverify0"] = "selected=\"selected\" "; } else { $controlrow["selectverify0"] = ""; } if ($controlrow["verifyemail"] == 1) { $controlrow["selectverify1"] = "selected=\"selected\" "; } else { $controlrow["selectverify1"] = ""; } @@ -94,373 +121,370 @@ END; if ($controlrow["gameopen"] == 1) { $controlrow["open1select"] = "selected=\"selected\" "; } else { $controlrow["open1select"] = ""; } if ($controlrow["gameopen"] == 0) { $controlrow["open0select"] = "selected=\"selected\" "; } else { $controlrow["open0select"] = ""; } - $page = parsetemplate($page, $controlrow); - admindisplay($page, "Main Settings"); - + admindisplay(parsetemplate($page, $controlrow), "Main Settings"); } -function items() { - - $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "items"); +function items() +{ + $items = db()->query('SELECT id, name FROM items ORDER BY id;'); $page = "Edit Items
Click an item's name to edit it.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No items found.
"; - admindisplay($page, "Edit Items"); + $hasItems = false; + while ($row = $items->fetchArray(SQLITE3_BOTH)) { + $hasItems = true; + $page .= "".$row["id"]."".$row["name"]."\n"; + } + + if (!$hasItems) $page .= "No items found.\n"; + admindisplay($page . "", "Edit Items"); } -function edititem($id) { - +function edititem($id) +{ if (isset($_POST["submit"])) { + $errors = []; + $n = trim($_POST['name'] ?? ''); + $bc = (int) trim($_POST['buycost'] ?? 0); + $a = (int) trim($_POST['attribute'] ?? 0); + $s = trim($_POST['special'] ?? 'X'); - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($name == "") { $errors++; $errorlist .= "Name is required.
"; } - if ($buycost == "") { $errors++; $errorlist .= "Cost is required.
"; } - if (!is_numeric($buycost)) { $errors++; $errorlist .= "Cost must be a number.
"; } - if ($attribute == "") { $errors++; $errorlist .= "Attribute is required.
"; } - if (!is_numeric($attribute)) { $errors++; $errorlist .= "Attribute must be a number.
"; } - if ($special == "" || $special == " ") { $special = "X"; } + if (empty($n)) $errors[] = "Name is required."; + if (!is_int($bc) || !($bc >= 0)) $errors[] = 'Cost must be a number greater than or equal to 0.'; + if (!is_int($a)) $errors[] = 'Attribute must be a number.'; - if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET name='$name',type='$type',buycost='$buycost',attribute='$attribute',special='$special' WHERE id='$id' LIMIT 1", "items"); + if (count($errors) === 0) { + db()->query('UPDATE items SET name=?, type=?, buycost=?, attribute=?, special=? WHERE id=?;', [ + $n, $_POST['type'] ?? 0, $bc, $a, $s, $id + ]); admindisplay("Item updated.","Edit Items"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Items"); } - } + $item = get_item($id); - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); - $row = mysql_fetch_array($query); + $page = <<Edit Items

+
+ + + + + + + +
ID:{{id}}
Name:
Type:
Cost: gold
Attribute:
How much the item adds to total attackpower (weapons) or defensepower (armor/shields).
Special:
Should be either a special code or X to disable. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
+ +
+ Special Codes:
+ Special codes can be added in the item's Special field to give it extra user attributes. Special codes are in the format attribute,value. Attribute can be any database field from the Users table - however, it is suggested that you only use the ones from the list below, otherwise things can get freaky. Value may be any positive or negative whole number. For example, if you want a weapon to give an additional 50 max hit points, the special code would be maxhp,50.

+ Suggested user fields for special codes:
+ maxhp - max hit points
+ maxmp - max magic points
+ maxtp - max travel points
+ goldbonus - gold bonus, in percent
+ expbonus - experience bonus, in percent
+ strength - strength (which also adds to attackpower)
+ dexterity - dexterity (which also adds to defensepower)
+ attackpower - total attack power
+ defensepower - total defense power + HTML; -$page = <<Edit Items

-
- - - - - - - -
ID:{{id}}
Name:
Type:
Cost: gold
Attribute:
How much the item adds to total attackpower (weapons) or defensepower (armor/shields).
Special:
Should be either a special code or X to disable. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
- -
-Special Codes:
-Special codes can be added in the item's Special field to give it extra user attributes. Special codes are in the format attribute,value. Attribute can be any database field from the Users table - however, it is suggested that you only use the ones from the list below, otherwise things can get freaky. Value may be any positive or negative whole number. For example, if you want a weapon to give an additional 50 max hit points, the special code would be maxhp,50.

-Suggested user fields for special codes:
-maxhp - max hit points
-maxmp - max magic points
-maxtp - max travel points
-goldbonus - gold bonus, in percent
-expbonus - experience bonus, in percent
-strength - strength (which also adds to attackpower)
-dexterity - dexterity (which also adds to defensepower)
-attackpower - total attack power
-defensepower - total defense power -END; - - if ($row["type"] == 1) { $row["type1select"] = "selected=\"selected\" "; } else { $row["type1select"] = ""; } - if ($row["type"] == 2) { $row["type2select"] = "selected=\"selected\" "; } else { $row["type2select"] = ""; } - if ($row["type"] == 3) { $row["type3select"] = "selected=\"selected\" "; } else { $row["type3select"] = ""; } - - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Items"); + if ($item["type"] == 1) { $item["type1select"] = "selected=\"selected\" "; } else { $item["type1select"] = ""; } + if ($item["type"] == 2) { $item["type2select"] = "selected=\"selected\" "; } else { $item["type2select"] = ""; } + if ($item["type"] == 3) { $item["type3select"] = "selected=\"selected\" "; } else { $item["type3select"] = ""; } + admindisplay(parsetemplate($page, $item), "Edit Items"); } -function drops() { - - $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "drops"); +function drops() +{ $page = "Edit Drops
Click an item's name to edit it.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No items found.
"; - admindisplay($page, "Edit Drops"); + $drops = db()->query('SELECT id, name FROM drops ORDER BY id;'); + $has_drops = false; + while ($row = $drops->fetchArray(SQLITE3_ASSOC)) { + $has_drops = true; + $page .= "".$row["id"]."".$row["name"]."\n"; + } + + if (!$has_drops) { $page .= "No drops found.\n"; } + + admindisplay($page . "", "Edit Drops"); } -function editdrop($id) { - +function editdrop($id) +{ if (isset($_POST["submit"])) { + $errors = []; - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($name == "") { $errors++; $errorlist .= "Name is required.
"; } - if ($mlevel == "") { $errors++; $errorlist .= "Monster level is required.
"; } - if (!is_numeric($mlevel)) { $errors++; $errorlist .= "Monster level must be a number.
"; } - if ($attribute1 == "" || $attribute1 == " " || $attribute1 == "X") { $errors++; $errorlist .= "First attribute is required.
"; } - if ($attribute2 == "" || $attribute2 == " ") { $attribute2 = "X"; } + $n = trim($_POST['name'] ?? ''); + $ml = (int) trim($_POST['mlevel'] ?? 0); + $a = trim($_POST['attribute1'] ?? 'X'); + $a2 = trim($_POST['attribute2'] ?? 'X'); - if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET name='$name',mlevel='$mlevel',attribute1='$attribute1',attribute2='$attribute2' WHERE id='$id' LIMIT 1", "drops"); + if (empty($n)) $errors[] = "Name is required."; + if (!is_int($ml) || $ml < 1) $errors[] = "Monster level is required, and must be higher than 0."; + if (empty($a) || $a === 'X') $errors[] = 'First attribute is required.'; + if (empty($a2)) $a2 = 'X'; + + if (count($errors) === 0) { + db()->query('UPDATE drops SET name=?, mlevel=?, attribute1=?, attribute2=? WHERE id=?;', [ + $n, $ml, $a, $a2, $id + ]); admindisplay("Item updated.","Edit Drops"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Drops"); } - } + $drop = get_drop($id); - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "drops"); - $row = mysql_fetch_array($query); - -$page = <<Edit Drops

-
- - - - - - -
ID:{{id}}
Name:
Monster Level:
Minimum monster level that will drop this item.
Attribute 1:
Must be a special code. First attribute cannot be disabled. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
Attribute 2:
Should be either a special code or X to disable. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
- -
-Special Codes:
-Special codes are used in the two attribute fields to give the item properties. The first attribute field must contain a special code, but the second one may be left empty ("X") if you wish. Special codes are in the format attribute,value. Attribute can be any database field from the Users table - however, it is suggested that you only use the ones from the list below, otherwise things can get freaky. Value may be any positive or negative whole number. For example, if you want a weapon to give an additional 50 max hit points, the special code would be maxhp,50.

-Suggested user fields for special codes:
-maxhp - max hit points
-maxmp - max magic points
-maxtp - max travel points
-goldbonus - gold bonus, in percent
-expbonus - experience bonus, in percent
-strength - strength (which also adds to attackpower)
-dexterity - dexterity (which also adds to defensepower)
-attackpower - total attack power
-defensepower - total defense power -END; - - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Drops"); + $page = <<Edit Drops

+
+ + + + + + +
ID:{{id}}
Name:
Monster Level:
Minimum monster level that will drop this item.
Attribute 1:
Must be a special code. First attribute cannot be disabled. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
Attribute 2:
Should be either a special code or X to disable. Edit this field very carefully because mistakes to formatting or field names can create problems in the game.
+ +
+ Special Codes:
+ Special codes are used in the two attribute fields to give the item properties. The first attribute field must contain a special code, but the second one may be left empty ("X") if you wish. Special codes are in the format attribute,value. Attribute can be any database field from the Users table - however, it is suggested that you only use the ones from the list below, otherwise things can get freaky. Value may be any positive or negative whole number. For example, if you want a weapon to give an additional 50 max hit points, the special code would be maxhp,50.

+ Suggested user fields for special codes:
+ maxhp - max hit points
+ maxmp - max magic points
+ maxtp - max travel points
+ goldbonus - gold bonus, in percent
+ expbonus - experience bonus, in percent
+ strength - strength (which also adds to attackpower)
+ dexterity - dexterity (which also adds to defensepower)
+ attackpower - total attack power
+ defensepower - total defense power + HTML; + admindisplay(parsetemplate($page, $drop), "Edit Drops"); } -function towns() { - - $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "towns"); +function towns() +{ $page = "Edit Towns
Click an town's name to edit it.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No towns found.
"; - admindisplay($page, "Edit Towns"); + $towns = db()->query('SELECT id, name FROM towns ORDER BY id;'); + $has_towns = false; + while ($row = $towns->fetchArray(SQLITE3_ASSOC)) { + $has_towns = true; + $page .= "".$row["id"]."".$row["name"]."\n"; + } + + if (!$has_towns) $page .= "No towns found.\n"; + + admindisplay($page . "", "Edit Towns"); } -function edittown($id) { +function edittown($id) +{ + global $controlrow; if (isset($_POST["submit"])) { + $n = trim($_POST['name'] ?? ''); + $la = (int) trim($_POST['latitude'] ?? 0); + $lo = (int) trim($_POST['longitude'] ?? 0); + $ip = (int) trim($_POST['innprice'] ?? 0); + $mp = (int) trim($_POST['mapprice'] ?? 0); + $tp = (int) trim($_POST['travelpoints'] ?? 0); + $il = trim($_POST['itemslist'] ?? ''); - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($name == "") { $errors++; $errorlist .= "Name is required.
"; } - if ($latitude == "") { $errors++; $errorlist .= "Latitude is required.
"; } - if (!is_numeric($latitude)) { $errors++; $errorlist .= "Latitude must be a number.
"; } - if ($longitude == "") { $errors++; $errorlist .= "Longitude is required.
"; } - if (!is_numeric($longitude)) { $errors++; $errorlist .= "Longitude must be a number.
"; } - if ($innprice == "") { $errors++; $errorlist .= "Inn Price is required.
"; } - if (!is_numeric($innprice)) { $errors++; $errorlist .= "Inn Price must be a number.
"; } - if ($mapprice == "") { $errors++; $errorlist .= "Map Price is required.
"; } - if (!is_numeric($mapprice)) { $errors++; $errorlist .= "Map Price must be a number.
"; } - - if ($travelpoints == "") { $errors++; $errorlist .= "Travel Points is required.
"; } - if (!is_numeric($travelpoints)) { $errors++; $errorlist .= "Travel Points must be a number.
"; } - if ($itemslist == "") { $errors++; $errorlist .= "Items List is required.
"; } + $errors = []; + if (empty($n)) $errors[] = 'Name is required.'; + if ($la > $controlrow['gamesize'] || $la < ($controlrow['gamesize'] * -1)) + $errors[] = "Latitude must be a number and within the bounds of the game size. ({$controlrow['gamesize']}"; + if ($lo > $controlrow['gamesize'] || $la < ($controlrow['gamesize'] * -1)) + $errors[] = "Longitude must be a number and within the bounds of the game size. ({$controlrow['gamesize']}"; + if ($ip < 0) $errors[] = "Inn price must be a number greater than or equal to 0."; + if ($mp < 0) $errors[] = "Map price must be a number greater than or equal to 0."; + if ($tp < 0) $errors[] = "Travel points must be a number greater than or equal to 0."; if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET name='$name',latitude='$latitude',longitude='$longitude',innprice='$innprice',mapprice='$mapprice',travelpoints='$travelpoints',itemslist='$itemslist' WHERE id='$id' LIMIT 1", "towns"); - admindisplay("Town updated.","Edit Towns"); + db()->query('UPDATE towns SET name=?, latitude=?, longitude=?, innprice=?, mapprice=?, travelpoints=?, itemslist=? WHERE id=?;', [ + $n, $la, $lo, $ip, $mp, $tp, $il, $id + ]); + admindisplay("Town updated.", "Edit Towns"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Towns"); } - } + $row = get_town_by_id($id); - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "towns"); - $row = mysql_fetch_array($query); - -$page = <<Edit Towns

-
- - - - - - - - - -
ID:{{id}}
Name:
Latitude:
Positive or negative integer.
Longitude:
Positive or negative integer.
Inn Price: gold
Map Price: gold
How much it costs to buy the map to this town.
Travel Points:
How many TP are consumed when travelling to this town.
Items List:
Comma-separated list of item ID numbers available for purchase at this town. (Example: 1,2,3,6,9,10,13,20)
- -
-END; - - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Towns"); + $page = <<Edit Towns

+
+ + + + + + + + + +
ID:{{id}}
Name:
Latitude:
Positive or negative integer.
Longitude:
Positive or negative integer.
Inn Price: gold
Map Price: gold
How much it costs to buy the map to this town.
Travel Points:
How many TP are consumed when travelling to this town.
Items List:
Comma-separated list of item ID numbers available for purchase at this town. (Example: 1,2,3,6,9,10,13,20)
+ +
+ HTML; + admindisplay(parsetemplate($page, $row), "Edit Towns"); } -function monsters() { - +function monsters() +{ global $controlrow; - $statquery = doquery("SELECT * FROM {{table}} ORDER BY level DESC LIMIT 1", "monsters"); - $statrow = mysql_fetch_array($statquery); + $max_level = db()->query('SELECT level FROM monsters ORDER BY level DESC LIMIT 1;')->fetchArray(SQLITE3_ASSOC)['level']; + $monsters = db()->query('SELECT id, name FROM monsters ORDER BY id;'); - $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "monsters"); $page = "Edit Monsters
"; - if (($controlrow["gamesize"]/5) != $statrow["level"]) { - $page .= "Note: Your highest monster level does not match with your entered map size. Highest monster level should be ".($controlrow["gamesize"]/5).", yours is ".$statrow["level"].". Please fix this before opening the game to the public.

"; - } else { $page .= "Monster level and map size match. No further actions are required for map compatibility.

"; } + if (($controlrow['gamesize'] / 5) !== $max_level) { + $page .= "Note: Your highest monster level does not match with your entered map size. Highest monster level should be ".($controlrow["gamesize"] / 5).", yours is $max_level. Please fix this before opening the game to the public.
"; + } else { + $page .= "Monster level and map size match. No further actions are required for map compatibility.
"; + } $page .= "Click an monster's name to edit it.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No towns found.
"; - admindisplay($page, "Edit Monster"); + $has_monsters = false; + while ($row = $monsters->fetchArray(SQLITE3_ASSOC)) { + $has_monsters = true; + $page .= "".$row["id"]."".$row["name"]."\n"; + } + + if (!$has_monsters) { $page .= "No monsters found.\n"; } + + admindisplay($page."", "Edit Monster"); } -function editmonster($id) { - +function editmonster($id) +{ if (isset($_POST["submit"])) { + $n = trim($_POST['name'] ?? ''); + $mh = (int) trim($_POST['maxhp'] ?? 0); + $md = (int) trim($_POST['maxdam'] ?? 0); + $a = (int) trim($_POST['armor'] ?? 0); + $l = (int) trim($_POST['level'] ?? 0); + $me = (int) trim($_POST['maxexp'] ?? 0); + $mg = (int) trim($_POST['maxgold'] ?? 0); - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($name == "") { $errors++; $errorlist .= "Name is required.
"; } - if ($maxhp == "") { $errors++; $errorlist .= "Max HP is required.
"; } - if (!is_numeric($maxhp)) { $errors++; $errorlist .= "Max HP must be a number.
"; } - if ($maxdam == "") { $errors++; $errorlist .= "Max Damage is required.
"; } - if (!is_numeric($maxdam)) { $errors++; $errorlist .= "Max Damage must be a number.
"; } - if ($armor == "") { $errors++; $errorlist .= "Armor is required.
"; } - if (!is_numeric($armor)) { $errors++; $errorlist .= "Armor must be a number.
"; } - if ($level == "") { $errors++; $errorlist .= "Monster Level is required.
"; } - if (!is_numeric($level)) { $errors++; $errorlist .= "Monster Level must be a number.
"; } - if ($maxexp == "") { $errors++; $errorlist .= "Max Exp is required.
"; } - if (!is_numeric($maxexp)) { $errors++; $errorlist .= "Max Exp must be a number.
"; } - if ($maxgold == "") { $errors++; $errorlist .= "Max Gold is required.
"; } - if (!is_numeric($maxgold)) { $errors++; $errorlist .= "Max Gold must be a number.
"; } + $errors = []; + if (empty($n)) $errors[] = "Name is required."; + if ($mh < 1) $errors[] = "Max HP must be a number greater than or equal to 1."; + if ($md < 0) $errors[] = "Max Damage must be a number greater than or equal to 0."; + if ($a < 0) $errors[] = "Armor must be a number greater than or equal to 0."; + if ($l < 1) $errors[] = "Level must be a number greater than or equal to 1."; + if ($me < 0) $errors[] = "Max Exp must be a number greater than or equal to 0."; + if ($mg < 0) $errors[] = "Max Gold must be a number greater than or equal to 0."; - if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET name='$name',maxhp='$maxhp',maxdam='$maxdam',armor='$armor',level='$level',maxexp='$maxexp',maxgold='$maxgold',immune='$immune' WHERE id='$id' LIMIT 1", "monsters"); - admindisplay("Monster updated.","Edit monsters"); + if (count($errors) === 0) { + db()->query('UPDATE monsters SET name=?, maxhp=?, maxdam=?, armor=?, level=?, maxexp=?, maxgold=?, immune=? WHERE id=?;', [ + $n, $mh, $md, $a, $l, $me, $mg, $_POST['immune'] ?? 0, $id + ]); + admindisplay("Monster updated.", "Edit monsters"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit monsters"); } - } + $row = get_monster($id); - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "monsters"); - $row = mysql_fetch_array($query); - -$page = <<Edit Monsters

-
- - - - - - - - - - -
ID:{{id}}
Name:
Max Hit Points:
Max Damage:
Compares to player's attackpower.
Armor:
Compares to player's defensepower.
Monster Level:
Determines spawn location and item drops.
Max Experience:
Max experience gained from defeating monster.
Max Gold:
Max gold gained from defeating monster.
Immunity:
Some monsters may not be hurt by certain spells.
- -
-END; + $page = <<Edit Monsters

+
+ + + + + + + + + + +
ID:{{id}}
Name:
Max Hit Points:
Max Damage:
Compares to player's attackpower.
Armor:
Compares to player's defensepower.
Monster Level:
Determines spawn location and item drops.
Max Experience:
Max experience gained from defeating monster.
Max Gold:
Max gold gained from defeating monster.
Immunity:
Some monsters may not be hurt by certain spells.
+ +
+ HTML; if ($row["immune"] == 1) { $row["immune1select"] = "selected=\"selected\" "; } else { $row["immune1select"] = ""; } if ($row["immune"] == 2) { $row["immune2select"] = "selected=\"selected\" "; } else { $row["immune2select"] = ""; } if ($row["immune"] == 3) { $row["immune3select"] = "selected=\"selected\" "; } else { $row["immune3select"] = ""; } - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Monsters"); - + admindisplay(parsetemplate($page, $row), "Edit Monsters"); } -function spells() { - - $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "spells"); +function spells() +{ $page = "Edit Spells
Click an spell's name to edit it.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No spells found.
"; - admindisplay($page, "Edit Spells"); + $spells = db()->query('SELECT id, name FROM spells ORDER BY id;'); + $has_spells = false; + + while ($row = $spells->fetchArray(SQLITE3_ASSOC)) { + $has_spells = true; + $page .= "".$row["id"]."".$row["name"]."\n"; + } + + if (!$has_spells) { $page .= "No spells found.\n"; } + + admindisplay($page."", "Edit Spells"); } -function editspell($id) { - +function editspell($id) +{ if (isset($_POST["submit"])) { + $n = trim($_POST['name'] ?? ''); + $mp = (int) trim($_POST['mp'] ?? 0); + $a = (int) trim($_POST['attribute'] ?? 0); - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($name == "") { $errors++; $errorlist .= "Name is required.
"; } - if ($mp == "") { $errors++; $errorlist .= "MP is required.
"; } - if (!is_numeric($mp)) { $errors++; $errorlist .= "MP must be a number.
"; } - if ($attribute == "") { $errors++; $errorlist .= "Attribute is required.
"; } - if (!is_numeric($attribute)) { $errors++; $errorlist .= "Attribute must be a number.
"; } + $errors = []; + if (empty($n)) $errors[] = "Name is required."; + if ($mp < 0) $errors[] = "MP must be a number greater than or equal to 0."; + if ($a < 0) $errors[] = "Attribute must be a number greater than or equal to 0."; - if ($errors == 0) { - $query = doquery("UPDATE {{table}} SET name='$name',mp='$mp',attribute='$attribute',type='$type' WHERE id='$id' LIMIT 1", "spells"); - admindisplay("Spell updated.","Edit Spells"); + if (count($errors) === 0) { + db()->query('UPDATE spells SET name=?, mp=?, attribute=?, type=? WHERE id=?;', [ + $n, $mp, $a, $_POST['type'] ?? 0, $id + ]); + admindisplay("Spell updated.", "Edit Spells"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Spells"); } - } + $row = get_spell($id); - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "spells"); - $row = mysql_fetch_array($query); - -$page = <<Edit Spells

-
- - - - - - -
ID:{{id}}
Name:
Magic Points:
MP required to cast spell.
Attribute:
Numeric value of the spell's effect. Ties with type, below.
Type:
- Heal gives player back [attribute] hit points.
- Hurt deals [attribute] damage to monster.
- Sleep keeps monster from attacking ([attribute] is monster's chance out of 15 to stay asleep each turn).
- Uber Attack increases total attack damage by [attribute] percent.
- Uber Defense increases total defense from attack by [attribute] percent.
- -
-END; + $page = <<Edit Spells

+
+ + + + + + +
ID:{{id}}
Name:
Magic Points:
MP required to cast spell.
Attribute:
Numeric value of the spell's effect. Ties with type, below.
Type:
- Heal gives player back [attribute] hit points.
- Hurt deals [attribute] damage to monster.
- Sleep keeps monster from attacking ([attribute] is monster's chance out of 15 to stay asleep each turn).
- Uber Attack increases total attack damage by [attribute] percent.
- Uber Defense increases total defense from attack by [attribute] percent.
+ +
+ HTML; if ($row["type"] == 1) { $row["type1select"] = "selected=\"selected\" "; } else { $row["type1select"] = ""; } if ($row["type"] == 2) { $row["type2select"] = "selected=\"selected\" "; } else { $row["type2select"] = ""; } @@ -468,376 +492,382 @@ END; if ($row["type"] == 4) { $row["type4select"] = "selected=\"selected\" "; } else { $row["type4select"] = ""; } if ($row["type"] == 5) { $row["type5select"] = "selected=\"selected\" "; } else { $row["type5select"] = ""; } - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Spells"); - + admindisplay(parsetemplate($page, $row), "Edit Spells"); } -function levels() { - - $query = doquery("SELECT id FROM {{table}} ORDER BY id DESC LIMIT 1", "levels"); - $row = mysql_fetch_array($query); +function levels() +{ + $max_level = db()->query('SELECT id FROM levels ORDER BY id DESC LIMIT 1;')->fetchArray(SQLITE3_ASSOC)['id']; $options = ""; - for($i=2; $i<$row["id"]; $i++) { + for ($i = 2; $i < $max_level; $i++) { $options .= "\n"; } -$page = <<Edit Levels
Select a level number from the dropdown box to edit it.

-
- - -
-END; + $page = <<Edit Levels
+ Select a level number from the dropdown box to edit it.

+
+ + +
+ HTML; admindisplay($page, "Edit Levels"); - } -function editlevel() { - - if (!isset($_POST["level"])) { admindisplay("No level to edit.", "Edit Levels"); die(); } +function editlevel() +{ + if (!isset($_POST["level"])) admindisplay("No level to edit.", "Edit Levels"); $id = $_POST["level"]; if (isset($_POST["submit"])) { + unset($_POST['submit']); + $errors = []; + if ($_POST["one_exp"] == "") $errors[] = "Class 1 Experience is required."; + if ($_POST["one_hp"] == "") $errors[] = "Class 1 HP is required."; + if ($_POST["one_mp"] == "") $errors[] = "Class 1 MP is required."; + if ($_POST["one_tp"] == "") $errors[] = "Class 1 TP is required."; + if ($_POST["one_strength"] == "") $errors[] = "Class 1 Strength is required."; + if ($_POST["one_dexterity"] == "") $errors[] = "Class 1 Dexterity is required."; + if ($_POST["one_spells"] == "") $errors[] = "Class 1 Spells is required."; + if (!is_numeric($_POST["one_exp"])) $errors[] = "Class 1 Experience must be a number."; + if (!is_numeric($_POST["one_hp"])) $errors[] = "Class 1 HP must be a number."; + if (!is_numeric($_POST["one_mp"])) $errors[] = "Class 1 MP must be a number."; + if (!is_numeric($_POST["one_tp"])) $errors[] = "Class 1 TP must be a number."; + if (!is_numeric($_POST["one_strength"])) $errors[] = "Class 1 Strength must be a number."; + if (!is_numeric($_POST["one_dexterity"])) $errors[] = "Class 1 Dexterity must be a number."; + if (!is_numeric($_POST["one_spells"])) $errors[] = "Class 1 Spells must be a number."; - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($_POST["one_exp"] == "") { $errors++; $errorlist .= "Class 1 Experience is required.
"; } - if ($_POST["one_hp"] == "") { $errors++; $errorlist .= "Class 1 HP is required.
"; } - if ($_POST["one_mp"] == "") { $errors++; $errorlist .= "Class 1 MP is required.
"; } - if ($_POST["one_tp"] == "") { $errors++; $errorlist .= "Class 1 TP is required.
"; } - if ($_POST["one_strength"] == "") { $errors++; $errorlist .= "Class 1 Strength is required.
"; } - if ($_POST["one_dexterity"] == "") { $errors++; $errorlist .= "Class 1 Dexterity is required.
"; } - if ($_POST["one_spells"] == "") { $errors++; $errorlist .= "Class 1 Spells is required.
"; } - if (!is_numeric($_POST["one_exp"])) { $errors++; $errorlist .= "Class 1 Experience must be a number.
"; } - if (!is_numeric($_POST["one_hp"])) { $errors++; $errorlist .= "Class 1 HP must be a number.
"; } - if (!is_numeric($_POST["one_mp"])) { $errors++; $errorlist .= "Class 1 MP must be a number.
"; } - if (!is_numeric($_POST["one_tp"])) { $errors++; $errorlist .= "Class 1 TP must be a number.
"; } - if (!is_numeric($_POST["one_strength"])) { $errors++; $errorlist .= "Class 1 Strength must be a number.
"; } - if (!is_numeric($_POST["one_dexterity"])) { $errors++; $errorlist .= "Class 1 Dexterity must be a number.
"; } - if (!is_numeric($_POST["one_spells"])) { $errors++; $errorlist .= "Class 1 Spells must be a number.
"; } + if ($_POST["two_exp"] == "") $errors[] = "Class 2 Experience is required."; + if ($_POST["two_hp"] == "") $errors[] = "Class 2 HP is required."; + if ($_POST["two_mp"] == "") $errors[] = "Class 2 MP is required."; + if ($_POST["two_tp"] == "") $errors[] = "Class 2 TP is required."; + if ($_POST["two_strength"] == "") $errors[] = "Class 2 Strength is required."; + if ($_POST["two_dexterity"] == "") $errors[] = "Class 2 Dexterity is required."; + if ($_POST["two_spells"] == "") $errors[] = "Class 2 Spells is required."; + if (!is_numeric($_POST["two_exp"])) $errors[] = "Class 2 Experience must be a number."; + if (!is_numeric($_POST["two_hp"])) $errors[] = "Class 2 HP must be a number."; + if (!is_numeric($_POST["two_mp"])) $errors[] = "Class 2 MP must be a number."; + if (!is_numeric($_POST["two_tp"])) $errors[] = "Class 2 TP must be a number."; + if (!is_numeric($_POST["two_strength"])) $errors[] = "Class 2 Strength must be a number."; + if (!is_numeric($_POST["two_dexterity"])) $errors[] = "Class 2 Dexterity must be a number."; + if (!is_numeric($_POST["two_spells"])) $errors[] = "Class 2 Spells must be a number."; - if ($_POST["two_exp"] == "") { $errors++; $errorlist .= "Class 2 Experience is required.
"; } - if ($_POST["two_hp"] == "") { $errors++; $errorlist .= "Class 2 HP is required.
"; } - if ($_POST["two_mp"] == "") { $errors++; $errorlist .= "Class 2 MP is required.
"; } - if ($_POST["two_tp"] == "") { $errors++; $errorlist .= "Class 2 TP is required.
"; } - if ($_POST["two_strength"] == "") { $errors++; $errorlist .= "Class 2 Strength is required.
"; } - if ($_POST["two_dexterity"] == "") { $errors++; $errorlist .= "Class 2 Dexterity is required.
"; } - if ($_POST["two_spells"] == "") { $errors++; $errorlist .= "Class 2 Spells is required.
"; } - if (!is_numeric($_POST["two_exp"])) { $errors++; $errorlist .= "Class 2 Experience must be a number.
"; } - if (!is_numeric($_POST["two_hp"])) { $errors++; $errorlist .= "Class 2 HP must be a number.
"; } - if (!is_numeric($_POST["two_mp"])) { $errors++; $errorlist .= "Class 2 MP must be a number.
"; } - if (!is_numeric($_POST["two_tp"])) { $errors++; $errorlist .= "Class 2 TP must be a number.
"; } - if (!is_numeric($_POST["two_strength"])) { $errors++; $errorlist .= "Class 2 Strength must be a number.
"; } - if (!is_numeric($_POST["two_dexterity"])) { $errors++; $errorlist .= "Class 2 Dexterity must be a number.
"; } - if (!is_numeric($_POST["two_spells"])) { $errors++; $errorlist .= "Class 2 Spells must be a number.
"; } + if ($_POST["three_exp"] == "") $errors[] = "Class 3 Experience is required."; + if ($_POST["three_hp"] == "") $errors[] = "Class 3 HP is required."; + if ($_POST["three_mp"] == "") $errors[] = "Class 3 MP is required."; + if ($_POST["three_tp"] == "") $errors[] = "Class 3 TP is required."; + if ($_POST["three_strength"] == "") $errors[] = "Class 3 Strength is required."; + if ($_POST["three_dexterity"] == "") $errors[] = "Class 3 Dexterity is required."; + if ($_POST["three_spells"] == "") $errors[] = "Class 3 Spells is required."; + if (!is_numeric($_POST["three_exp"])) $errors[] = "Class 3 Experience must be a number."; + if (!is_numeric($_POST["three_hp"])) $errors[] = "Class 3 HP must be a number."; + if (!is_numeric($_POST["three_mp"])) $errors[] = "Class 3 MP must be a number."; + if (!is_numeric($_POST["three_tp"])) $errors[] = "Class 3 TP must be a number."; + if (!is_numeric($_POST["three_strength"])) $errors[] = "Class 3 Strength must be a number."; + if (!is_numeric($_POST["three_dexterity"])) $errors[] = "Class 3 Dexterity must be a number."; + if (!is_numeric($_POST["three_spells"])) $errors[] = "Class 3 Spells must be a number."; - if ($_POST["three_exp"] == "") { $errors++; $errorlist .= "Class 3 Experience is required.
"; } - if ($_POST["three_hp"] == "") { $errors++; $errorlist .= "Class 3 HP is required.
"; } - if ($_POST["three_mp"] == "") { $errors++; $errorlist .= "Class 3 MP is required.
"; } - if ($_POST["three_tp"] == "") { $errors++; $errorlist .= "Class 3 TP is required.
"; } - if ($_POST["three_strength"] == "") { $errors++; $errorlist .= "Class 3 Strength is required.
"; } - if ($_POST["three_dexterity"] == "") { $errors++; $errorlist .= "Class 3 Dexterity is required.
"; } - if ($_POST["three_spells"] == "") { $errors++; $errorlist .= "Class 3 Spells is required.
"; } - if (!is_numeric($_POST["three_exp"])) { $errors++; $errorlist .= "Class 3 Experience must be a number.
"; } - if (!is_numeric($_POST["three_hp"])) { $errors++; $errorlist .= "Class 3 HP must be a number.
"; } - if (!is_numeric($_POST["three_mp"])) { $errors++; $errorlist .= "Class 3 MP must be a number.
"; } - if (!is_numeric($_POST["three_tp"])) { $errors++; $errorlist .= "Class 3 TP must be a number.
"; } - if (!is_numeric($_POST["three_strength"])) { $errors++; $errorlist .= "Class 3 Strength must be a number.
"; } - if (!is_numeric($_POST["three_dexterity"])) { $errors++; $errorlist .= "Class 3 Dexterity must be a number.
"; } - if (!is_numeric($_POST["three_spells"])) { $errors++; $errorlist .= "Class 3 Spells must be a number.
"; } + if (count($errors) === 0) { + $updatequery = <<query($updatequery, [ + $one_exp, $one_hp, $one_mp, $one_tp, $one_strength, $one_dexterity, $one_spells, + $two_exp, $two_hp, $two_mp, $two_tp, $two_strength, $two_dexterity, $two_spells, + $three_exp, $three_hp, $three_mp, $three_tp, $three_strength, $three_dexterity, $three_spells, + $id + ]); + admindisplay("Level updated.", "Edit Levels"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Spells"); } - } - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "levels"); - $row = mysql_fetch_array($query); + $row = db()->query('SELECT * FROM levels WHERE id=? LIMIT 1;', [$id])->fetchArray(SQLITE3_ASSOC); + global $controlrow; + $class1name = $controlrow["class1name"]; $class2name = $controlrow["class2name"]; $class3name = $controlrow["class3name"]; -$page = <<Edit Levels

-Experience values for each level should be the cumulative total amount of experience up to this point. All other values should be only the new amount to add this level.

-
- - - + $page = <<Edit Levels

+ Experience values for each level should be the cumulative total amount of experience up to this point. All other values should be only the new amount to add this level.

+ + +
ID:{{id}}
+ - + - - - - - - - + + + + + + + - + - - - - - - - + + + + + + + - + - - - - - - - -
ID:{{id}}
 
 
$class1name Experience:
$class1name HP:
$class1name MP:
$class1name TP:
$class1name Strength:
$class1name Dexterity:
$class1name Spells:
$class1name Experience:
$class1name HP:
$class1name MP:
$class1name TP:
$class1name Strength:
$class1name Dexterity:
$class1name Spells:
 
 
$class2name Experience:
$class2name HP:
$class2name MP:
$class2name TP:
$class2name Strength:
$class2name Dexterity:
$class2name Spells:
$class2name Experience:
$class2name HP:
$class2name MP:
$class2name TP:
$class2name Strength:
$class2name Dexterity:
$class2name Spells:
 
 
$class3name Experience:
$class3name HP:
$class3name MP:
$class3name TP:
$class3name Strength:
$class3name Dexterity:
$class3name Spells:
- -
-END; - - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Levels"); + $class3name Experience: + $class3name HP: + $class3name MP: + $class3name TP: + $class3name Strength: + $class3name Dexterity: + $class3name Spells: + + + + HTML; + admindisplay(parsetemplate($page, $row), "Edit Levels"); } -function users() { - - $query = doquery("SELECT id,username FROM {{table}} ORDER BY id", "users"); +function users() +{ $page = "Edit Users
Click a username to edit the account.

\n"; - $count = 1; - while ($row = mysql_fetch_array($query)) { - if ($count == 1) { $page .= "\n"; $count = 2; } - else { $page .= "\n"; $count = 1; } - } - if (mysql_num_rows($query) == 0) { $page .= "\n"; } - $page .= "
".$row["id"]."".$row["username"]."
".$row["id"]."".$row["username"]."
No spells found.
"; - admindisplay($page, "Edit Users"); + $users = db()->query('SELECT id, username FROM users ORDER BY id;'); + $has_users = false; + + while ($row = $users->fetchArray(SQLITE3_ASSOC)) { + $has_users = true; + $page .= "".$row["id"]."".$row["username"]."\n"; + } + + if (!$has_users) { $page .= "No spells found.\n"; } + + admindisplay($page."", "Edit Users"); } -function edituser($id) { - +function edituser($id) +{ if (isset($_POST["submit"])) { - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($email == "") { $errors++; $errorlist .= "Email is required.
"; } - if ($verify == "") { $errors++; $errorlist .= "Verify is required.
"; } - if ($authlevel == "") { $errors++; $errorlist .= "Auth Level is required.
"; } - if ($latitude == "") { $errors++; $errorlist .= "Latitude is required.
"; } - if ($longitude == "") { $errors++; $errorlist .= "Longitude is required.
"; } - if ($charclass == "") { $errors++; $errorlist .= "Character Class is required.
"; } - if ($currentaction == "") { $errors++; $errorlist .= "Current Action is required.
"; } - if ($currentfight == "") { $errors++; $errorlist .= "Current Fight is required.
"; } - if ($currentmonster == "") { $errors++; $errorlist .= "Current Monster is required.
"; } - if ($currentmonsterhp == "") { $errors++; $errorlist .= "Current Monster HP is required.
"; } - if ($currentmonstersleep == "") { $errors++; $errorlist .= "Current Monster Sleep is required.
"; } - if ($currentmonsterimmune == "") { $errors++; $errorlist .= "Current Monster Immune is required.
"; } - if ($currentuberdamage == "") { $errors++; $errorlist .= "Current Uber Damage is required.
"; } - if ($currentuberdefense == "") { $errors++; $errorlist .= "Current Uber Defense is required.
"; } - if ($currenthp == "") { $errors++; $errorlist .= "Current HP is required.
"; } - if ($currentmp == "") { $errors++; $errorlist .= "Current MP is required.
"; } - if ($currenttp == "") { $errors++; $errorlist .= "Current TP is required.
"; } - if ($maxhp == "") { $errors++; $errorlist .= "Max HP is required.
"; } + $errors = []; + if ($email == "") $errors[] = "Email is required."; + if ($verify == "") $errors[] = "Verify is required."; + if ($authlevel == "") $errors[] = "Auth Level is required."; + if ($latitude == "") $errors[] = "Latitude is required."; + if ($longitude == "") $errors[] = "Longitude is required."; + if ($charclass == "") $errors[] = "Character Class is required."; + if ($currentaction == "") $errors[] = "Current Action is required."; + if ($currentfight == "") $errors[] = "Current Fight is required."; - if ($maxmp == "") { $errors++; $errorlist .= "Max MP is required.
"; } - if ($maxtp == "") { $errors++; $errorlist .= "Max TP is required.
"; } - if ($level == "") { $errors++; $errorlist .= "Level is required.
"; } - if ($gold == "") { $errors++; $errorlist .= "Gold is required.
"; } - if ($experience == "") { $errors++; $errorlist .= "Experience is required.
"; } - if ($goldbonus == "") { $errors++; $errorlist .= "Gold Bonus is required.
"; } - if ($expbonus == "") { $errors++; $errorlist .= "Experience Bonus is required.
"; } - if ($strength == "") { $errors++; $errorlist .= "Strength is required.
"; } - if ($dexterity == "") { $errors++; $errorlist .= "Dexterity is required.
"; } - if ($attackpower == "") { $errors++; $errorlist .= "Attack Power is required.
"; } + if ($currentmonster == "") $errors[] = "Current Monster is required."; + if ($currentmonsterhp == "") $errors[] = "Current Monster HP is required."; + if ($currentmonstersleep == "") $errors[] = "Current Monster Sleep is required."; + if ($currentmonsterimmune == "") $errors[] = "Current Monster Immune is required."; + if ($currentuberdamage == "") $errors[] = "Current Uber Damage is required."; + if ($currentuberdefense == "") $errors[] = "Current Uber Defense is required."; + if ($currenthp == "") $errors[] = "Current HP is required."; + if ($currentmp == "") $errors[] = "Current MP is required."; + if ($currenttp == "") $errors[] = "Current TP is required."; + if ($maxhp == "") $errors[] = "Max HP is required."; - if ($defensepower == "") { $errors++; $errorlist .= "Defense Power is required.
"; } - if ($weaponid == "") { $errors++; $errorlist .= "Weapon ID is required.
"; } - if ($armorid == "") { $errors++; $errorlist .= "Armor ID is required.
"; } - if ($shieldid == "") { $errors++; $errorlist .= "Shield ID is required.
"; } - if ($slot1id == "") { $errors++; $errorlist .= "Slot 1 ID is required.
"; } - if ($slot2id == "") { $errors++; $errorlist .= "Slot 2 ID is required.
"; } - if ($slot3id == "") { $errors++; $errorlist .= "Slot 3 ID is required.
"; } - if ($weaponname == "") { $errors++; $errorlist .= "Weapon Name is required.
"; } - if ($armorname == "") { $errors++; $errorlist .= "Armor Name is required.
"; } - if ($shieldname == "") { $errors++; $errorlist .= "Shield Name is required.
"; } + if ($maxmp == "") $errors[] = "Max MP is required."; + if ($maxtp == "") $errors[] = "Max TP is required."; + if ($level == "") $errors[] = "Level is required."; + if ($gold == "") $errors[] = "Gold is required."; + if ($experience == "") $errors[] = "Experience is required."; + if ($goldbonus == "") $errors[] = "Gold Bonus is required."; + if ($expbonus == "") $errors[] = "Experience Bonus is required."; + if ($strength == "") $errors[] = "Strength is required."; + if ($dexterity == "") $errors[] = "Dexterity is required."; + if ($attackpower == "") $errors[] = "Attack Power is required."; - if ($slot1name == "") { $errors++; $errorlist .= "Slot 1 Name is required.
"; } - if ($slot2name == "") { $errors++; $errorlist .= "Slot 2 Name is required.
"; } - if ($slot3name == "") { $errors++; $errorlist .= "Slot 3 Name is required.
"; } - if ($dropcode == "") { $errors++; $errorlist .= "Drop Code is required.
"; } - if ($spells == "") { $errors++; $errorlist .= "Spells is required.
"; } - if ($towns == "") { $errors++; $errorlist .= "Towns is required.
"; } + if ($defensepower == "") $errors[] = "Defense Power is required."; + if ($weaponid == "") $errors[] = "Weapon ID is required."; + if ($armorid == "") $errors[] = "Armor ID is required."; + if ($shieldid == "") $errors[] = "Shield ID is required."; + if ($slot1id == "") $errors[] = "Slot 1 ID is required."; + if ($slot2id == "") $errors[] = "Slot 2 ID is required."; + if ($slot3id == "") $errors[] = "Slot 3 ID is required."; + if ($weaponname == "") $errors[] = "Weapon Name is required."; + if ($armorname == "") $errors[] = "Armor Name is required."; + if ($shieldname == "") $errors[] = "Shield Name is required."; - if (!is_numeric($authlevel)) { $errors++; $errorlist .= "Auth Level must be a number.
"; } - if (!is_numeric($latitude)) { $errors++; $errorlist .= "Latitude must be a number.
"; } - if (!is_numeric($longitude)) { $errors++; $errorlist .= "Longitude must be a number.
"; } - if (!is_numeric($charclass)) { $errors++; $errorlist .= "Character Class must be a number.
"; } - if (!is_numeric($currentfight)) { $errors++; $errorlist .= "Current Fight must be a number.
"; } - if (!is_numeric($currentmonster)) { $errors++; $errorlist .= "Current Monster must be a number.
"; } - if (!is_numeric($currentmonsterhp)) { $errors++; $errorlist .= "Current Monster HP must be a number.
"; } - if (!is_numeric($currentmonstersleep)) { $errors++; $errorlist .= "Current Monster Sleep must be a number.
"; } + if ($slot1name == "") $errors[] = "Slot 1 Name is required."; + if ($slot2name == "") $errors[] = "Slot 2 Name is required."; + if ($slot3name == "") $errors[] = "Slot 3 Name is required."; + if ($dropcode == "") $errors[] = "Drop Code is required."; + if ($spells == "") $errors[] = "Spells is required."; + if ($towns == "") $errors[] = "Towns is required."; - if (!is_numeric($currentmonsterimmune)) { $errors++; $errorlist .= "Current Monster Immune must be a number.
"; } - if (!is_numeric($currentuberdamage)) { $errors++; $errorlist .= "Current Uber Damage must be a number.
"; } - if (!is_numeric($currentuberdefense)) { $errors++; $errorlist .= "Current Uber Defense must be a number.
"; } - if (!is_numeric($currenthp)) { $errors++; $errorlist .= "Current HP must be a number.
"; } - if (!is_numeric($currentmp)) { $errors++; $errorlist .= "Current MP must be a number.
"; } - if (!is_numeric($currenttp)) { $errors++; $errorlist .= "Current TP must be a number.
"; } - if (!is_numeric($maxhp)) { $errors++; $errorlist .= "Max HP must be a number.
"; } - if (!is_numeric($maxmp)) { $errors++; $errorlist .= "Max MP must be a number.
"; } - if (!is_numeric($maxtp)) { $errors++; $errorlist .= "Max TP must be a number.
"; } - if (!is_numeric($level)) { $errors++; $errorlist .= "Level must be a number.
"; } + if (!is_numeric($authlevel)) $errors[] = "Auth Level must be a number."; + if (!is_numeric($latitude)) $errors[] = "Latitude must be a number."; + if (!is_numeric($longitude)) $errors[] = "Longitude must be a number."; + if (!is_numeric($charclass)) $errors[] = "Character Class must be a number."; + if (!is_numeric($currentfight)) $errors[] = "Current Fight must be a number."; + if (!is_numeric($currentmonster)) $errors[] = "Current Monster must be a number."; + if (!is_numeric($currentmonsterhp)) $errors[] = "Current Monster HP must be a number."; + if (!is_numeric($currentmonstersleep)) $errors[] = "Current Monster Sleep must be a number."; - if (!is_numeric($gold)) { $errors++; $errorlist .= "Gold must be a number.
"; } - if (!is_numeric($experience)) { $errors++; $errorlist .= "Experience must be a number.
"; } - if (!is_numeric($goldbonus)) { $errors++; $errorlist .= "Gold Bonus must be a number.
"; } - if (!is_numeric($expbonus)) { $errors++; $errorlist .= "Experience Bonus must be a number.
"; } - if (!is_numeric($strength)) { $errors++; $errorlist .= "Strength must be a number.
"; } - if (!is_numeric($dexterity)) { $errors++; $errorlist .= "Dexterity must be a number.
"; } - if (!is_numeric($attackpower)) { $errors++; $errorlist .= "Attack Power must be a number.
"; } - if (!is_numeric($defensepower)) { $errors++; $errorlist .= "Defense Power must be a number.
"; } - if (!is_numeric($weaponid)) { $errors++; $errorlist .= "Weapon ID must be a number.
"; } - if (!is_numeric($armorid)) { $errors++; $errorlist .= "Armor ID must be a number.
"; } + if (!is_numeric($currentmonsterimmune)) $errors[] = "Current Monster Immune must be a number."; + if (!is_numeric($currentuberdamage)) $errors[] = "Current Uber Damage must be a number."; + if (!is_numeric($currentuberdefense)) $errors[] = "Current Uber Defense must be a number."; + if (!is_numeric($currenthp)) $errors[] = "Current HP must be a number."; + if (!is_numeric($currentmp)) $errors[] = "Current MP must be a number."; + if (!is_numeric($currenttp)) $errors[] = "Current TP must be a number."; + if (!is_numeric($maxhp)) $errors[] = "Max HP must be a number."; + if (!is_numeric($maxmp)) $errors[] = "Max MP must be a number."; + if (!is_numeric($maxtp)) $errors[] = "Max TP must be a number."; + if (!is_numeric($level)) $errors[] = "Level must be a number."; - if (!is_numeric($shieldid)) { $errors++; $errorlist .= "Shield ID must be a number.
"; } - if (!is_numeric($slot1id)) { $errors++; $errorlist .= "Slot 1 ID must be a number.
"; } - if (!is_numeric($slot2id)) { $errors++; $errorlist .= "Slot 2 ID must be a number.
"; } - if (!is_numeric($slot3id)) { $errors++; $errorlist .= "Slot 3 ID must be a number.
"; } - if (!is_numeric($dropcode)) { $errors++; $errorlist .= "Drop Code must be a number.
"; } + if (!is_numeric($gold)) $errors[] = "Gold must be a number."; + if (!is_numeric($experience)) $errors[] = "Experience must be a number."; + if (!is_numeric($goldbonus)) $errors[] = "Gold Bonus must be a number."; + if (!is_numeric($expbonus)) $errors[] = "Experience Bonus must be a number."; + if (!is_numeric($strength)) $errors[] = "Strength must be a number."; + if (!is_numeric($dexterity)) $errors[] = "Dexterity must be a number."; + if (!is_numeric($attackpower)) $errors[] = "Attack Power must be a number."; + if (!is_numeric($defensepower)) $errors[] = "Defense Power must be a number."; + if (!is_numeric($weaponid)) $errors[] = "Weapon ID must be a number."; + if (!is_numeric($armorid)) $errors[] = "Armor ID must be a number."; - if ($errors == 0) { -$updatequery = <<query($updatequery, [ + $email, $verify, $authlevel, $latitude, $longitude, $charclass, $currentaction, + $currentfight, $currentmonster, $currentmonsterhp, $currentmonstersleep, $currentmonsterimmune, + $currentuberdamage, $currentuberdefense, $currenthp, $currentmp, $currenttp, $maxhp, + $maxmp, $maxtp, $level, $gold, $experience, $goldbonus, $expbonus, $strength, + $dexterity, $attackpower, $defensepower, $weaponid, $armorid, $shieldid, $slot1id, + $slot2id, $slot3id, $weaponname, $armorname, $shieldname, $slot1name, $slot2name, + $slot3name, $dropcode, $spells, $towns, $id + ]); + + admindisplay("User updated.", "Edit Users"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Users"); } - } - $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "users"); - $row = mysql_fetch_array($query); + $row = db()->query('SELECT * FROM users WHERE id = ? LIMIT 1;', [$id])->fetchArray(SQLITE3_ASSOC); + global $controlrow; - $diff1name = $controlrow["diff1name"]; - $diff2name = $controlrow["diff2name"]; - $diff3name = $controlrow["diff3name"]; $class1name = $controlrow["class1name"]; $class2name = $controlrow["class2name"]; $class3name = $controlrow["class3name"]; -$page = <<Edit Users

-
- - - - - - - - + $page = <<Edit Users

+ +
ID:{{id}}
Username:{{username}}
Email:
Verify:
Register Date:{{regdate}}
Last Online:{{onlinetime}}
Auth Level:
Set to "Blocked" to temporarily (or permanently) ban a user.
+ + + + + + + - + - - - + + + - + - - - - - - - - + + + + + + + + - + - - - - - - + + + + + + - + - - - - - - - - - + + + + + + + + + - + - - - - - - - - - - - - + + + + + + + + + + + + - + - - - - -
ID:{{id}}
Username:{{username}}
Email:
Verify:
Register Date:{{regdate}}
Last Online:{{onlinetime}}
Auth Level:
Set to "Blocked" to temporarily (or permanently) ban a user.
 
 
Latitude:
Longitude:
Character Class:
Latitude:
Longitude:
Character Class:
 
 
Current Action:
Current Fight:
Current Monster:
Current Monster HP:
Current Monster Sleep:
Current Monster Immune:
Current Uber Damage:
Current Uber Defense:
Current Action:
Current Fight:
Current Monster:
Current Monster HP:
Current Monster Sleep:
Current Monster Immune:
Current Uber Damage:
Current Uber Defense:
 
 
Current HP:
Current MP:
Current TP:
Max HP:
Max MP:
Max TP:
Current HP:
Current MP:
Current TP:
Max HP:
Max MP:
Max TP:
 
 
Level:
Gold:
Experience:
Gold Bonus:
Experience Bonus:
Strength:
Dexterity:
Attack Power:
Defense Power:
Level:
Gold:
Experience:
Gold Bonus:
Experience Bonus:
Strength:
Dexterity:
Attack Power:
Defense Power:
 
 
Weapon ID:
Armor ID:
Shield ID:
Slot 1 ID:
Slot 2 ID:
Slot 3 ID:
Weapon Name:
Armor Name:
Shield Name:
Slot 1 Name:
Slot 2 Name:
Slot 3 Name:
Weapon ID:
Armor ID:
Shield ID:
Slot 1 ID:
Slot 2 ID:
Slot 3 ID:
Weapon Name:
Armor Name:
Shield Name:
Slot 1 Name:
Slot 2 Name:
Slot 3 Name:
 
 
Drop Code:
Spells:
Towns:
- -
-HTML; + Drop Code: + Spells: + Towns: + + + + HTML; if ($row["authlevel"] == 0) { $row["auth0select"] = "selected=\"selected\" "; } else { $row["auth0select"] = ""; } if ($row["authlevel"] == 1) { $row["auth1select"] = "selected=\"selected\" "; } else { $row["auth1select"] = ""; } @@ -846,40 +876,36 @@ HTML; if ($row["charclass"] == 2) { $row["class2select"] = "selected=\"selected\" "; } else { $row["class2select"] = ""; } if ($row["charclass"] == 3) { $row["class3select"] = "selected=\"selected\" "; } else { $row["class3select"] = ""; } - $page = parsetemplate($page, $row); - admindisplay($page, "Edit Users"); - + admindisplay(parsetemplate($page, $row), "Edit Users"); } -function addnews() { +function addnews() +{ + global $userrow; if (isset($_POST["submit"])) { + $c = trim($_POST['content'] ?? ''); - extract($_POST); - $errors = 0; - $errorlist = ""; - if ($content == "") { $errors++; $errorlist .= "Content is required.
"; } + $errors = []; + if (empty($c)) $errors[] = "Content is required."; - if ($errors == 0) { - $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),content='$content'", "news"); - admindisplay("News post added.","Add News"); + if (count($errors) === 0) { + db()->query('INSERT INTO news (author, content) VALUES (?, ?);', [$userrow['username'], $c]); + admindisplay("News post added.", "Add News"); } else { + $errorlist = implode('
', $errors); admindisplay("Errors:
$errorlist

Please go back and try again.", "Add News"); } - } -$page = <<Add A News Post

-
-Type your post below and then click Submit to add it.
-
- -
-END; + $page = <<Add A News Post

+
+ Type your post below and then click Submit to add it.
+
+ +
+ HTML; admindisplay($page, "Add News"); - } - -?> diff --git a/public/forum.php b/public/forum.php index 98d801b..b9e2568 100644 --- a/public/forum.php +++ b/public/forum.php @@ -2,10 +2,10 @@ // forum.php :: Internal forums script for the game. -if (!file_exists('../.installed')) redirect('install.php'); - require_once '../src/lib.php'; +if (!file_exists('../.installed')) redirect('install.php'); + $controlrow = get_control_row(); // Login (or verify) if not logged in. diff --git a/public/help.php b/public/help.php index 1c81ab2..ce0ece5 100644 --- a/public/help.php +++ b/public/help.php @@ -1,8 +1,9 @@ second(), @@ -29,17 +26,8 @@ function first() Dragon Knight Installation: Page One

- NOTE: Please ensure you have filled in the correct values in config.php before continuing. Installation will fail if these values are not correct. Also, the MySQL database needs to already exist. This installer script will take care of setting up its structure and content, but the database itself must already exist on your MySQL server before the installer will work.

Installation for Dragon Knight is a simple two-step process: set up the database tables, then create the admin user. After that, you're done.

- You have two options for database setup: complete or partial. -
    -
  • Complete Setup includes table structure and all default data (items, drops, monsters, levels, spells, towns) - after complete setup, the game is totally ready to run.
    • -
  • Partial Setup only creates the table structure, it does not populate the tables - use this if you are going to be creating and importing your own customized game data later.
    • -
- Click the appropriate button below for your preferred installation method.

-
-
- OR -
-
+ HTML; @@ -52,8 +40,6 @@ function second() { echo "Dragon Knight InstallationDragon Knight Installation: Page Two

"; - $full = isset($_POST["complete"]); - $query = db()->exec(<<exec(<<' : 'Error creating Control table.'; - $query = db()->exec("INSERT INTO control VALUES (1, 'Dragon Knight', 250, 1, '', '', 1, '', 'Mage', 'Warrior', 'Paladin', 'Easy', 1, 'Medium', 1.2, 'Hard', 1.5, 1, 1, 1, 1);"); + $query = db()->exec("INSERT INTO control VALUES (1, 'Dragon Knight', 250, 1, '', '', 'Mage', 'Warrior', 'Paladin', 1, 1, 1, 1);"); echo $query === true ? 'Control table populated.
' : 'Error populating Control table.'; @@ -108,45 +88,43 @@ function second() echo $query == true ? 'Drops table created.
' : 'Error creating Drops table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Drops table.'; - } + echo $query === true ? 'Drops table populated.
' : 'Error populating Drops table.'; $query = db()->exec(<<' : 'Error creating Items table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Items table.'; - } + echo $query === true ? 'Items table populated.
' : 'Error populating Items table.'; $query = db()->exec(<<' : 'Error creating Levels table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Levels table.'; - } + echo $query === true ? 'Levels table populated.
' : 'Error populating Levels table.'; $query = db()->exec(<<' : 'Error creating Monsters table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Monsters table.'; - } + echo $query === true ? 'Monsters table populated.
' : 'Error populating Monsters table.'; $query = db()->exec(<<' : 'Error creating News table.'; - $query = db()->exec("INSERT INTO news VALUES (1, '2004-01-01 12:00:00', 'This is the first news post. Please use the admin control panel to add another one and make this one go away.');"); + $query = db()->exec("INSERT INTO news (content) VALUES ('This is the first news post. Please use the admin control panel to add another one and make this one go away.');"); echo $query === true ? 'News table populated.
' : 'Error populating News table.'; @@ -555,32 +528,30 @@ function second() echo $query === true ? 'Spells table created.
' : 'Error creating Spells table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Spells table.'; - } + echo $query === true ? 'Spells table populated.
' : 'Error populating Spells table.'; $query = db()->exec(<<' : 'Error creating Towns table.'; - if ($full) { - $query = db()->exec(<<exec(<<' : 'Error populating Towns table.'; - } + echo $query === true ? 'Towns table populated.
' : 'Error populating Towns table.'; $query = db()->exec(<< login(), 'logout' => logout() diff --git a/public/users.php b/public/users.php index a70e627..0ebbbf8 100644 --- a/public/users.php +++ b/public/users.php @@ -2,10 +2,10 @@ // users.php :: Handles user account functions. -if (!file_exists('../.installed')) redirect('install.php'); - require_once '../src/lib.php'; +if (!file_exists('../.installed')) redirect('install.php'); + $controlrow = get_control_row(); $do = $_GET['do'] ?? 'register'; diff --git a/src/lib.php b/src/lib.php index c9789cf..3c9dffc 100644 --- a/src/lib.php +++ b/src/lib.php @@ -66,19 +66,14 @@ function is_email($email) { // Thanks to "mail(at)philipp-louis.de" from php.net } function makesafe($d) { - - $d = str_replace("\t","",$d); - $d = str_replace("<","<",$d); - $d = str_replace(">",">",$d); - $d = str_replace("\n","",$d); - $d = str_replace("|","??",$d); - $d = str_replace(" ","  ",$d); - return $d; - + return htmlentities($d); } -function admindisplay($content, $title) { // Finalize page and output to browser. - +/** + * Finalize page and output to browser. + */ +function admindisplay($content, $title) +{ global $userrow, $controlrow; if (!isset($controlrow)) { $query = db()->query('SELECT * FROM control WHERE id=1 LIMIT 1;'); @@ -292,6 +287,16 @@ function get_item(int $id): array|false return $query->fetchArray(SQLITE3_ASSOC); } +/** + * Get a drop by it's ID. + */ +function get_drop(int $id): array|false +{ + $query = db()->query('SELECT * FROM drops WHERE id=? LIMIT 1;', [$id]); + if ($query === false) return false; + return $query->fetchArray(SQLITE3_ASSOC); +} + /** * Get a spell by it's ID. */ @@ -302,6 +307,16 @@ function get_spell(int $id): array|false return $query->fetchArray(SQLITE3_ASSOC); } +/** + * Get a monster by it's ID. + */ +function get_monster(int $id): array|false +{ + $query = db()->query('SELECT * FROM monsters WHERE id=? LIMIT 1;', [$id]); + if ($query === false) return false; + return $query->fetchArray(SQLITE3_ASSOC); +} + /** * Translate a Specials keyword to it's string. */ diff --git a/templates/leftnav.php b/templates/leftnav.php index 0650209..829daf6 100644 --- a/templates/leftnav.php +++ b/templates/leftnav.php @@ -1,40 +1,44 @@ -Location - -Currently: {{currentaction}}
-Latitude: {{latitude}}
-Longitude: {{longitude}}
-View Map

-
-
-
-
- -
-
- -
+ Location + + Currently: {{currentaction}}
+ Latitude: {{latitude}}
+ Longitude: {{longitude}}
+ View Map

+
+
+
+
+ +
+
+ + + +
- - -
Towns
-{{currenttown}} -Travel To:
-{{townslist}} -

+ Towns + + {{currenttown}} + Travel To:
+ {{townslist}} + + + +
- - -
Functions
-{{forumslink}} -{{adminlink}} -Change Password
-Log Out
-Help -

-THEVERYENDOFYOU; -?> + Functions + + Home
+ {{forumslink}} + {{adminlink}} + Change Password
+ Log Out
+ Help + + +HTML;