diff --git a/public/admin.php b/public/admin.php index 77325c4..806fbc7 100644 --- a/public/admin.php +++ b/public/admin.php @@ -11,7 +11,7 @@ $controlrow = mysql_fetch_array($controlquery); if (isset($_GET["do"])) { $do = explode(":",$_GET["do"]); - + if ($do[0] == "main") { main(); } elseif ($do[0] == "items") { items(); } elseif ($do[0] == "edititem") { edititem($do[1]); } @@ -28,18 +28,18 @@ if (isset($_GET["do"])) { elseif ($do[0] == "users") { users(); } elseif ($do[0] == "edituser") { edituser($do[1]); } elseif ($do[0] == "news") { addnews(); } - + } else { donothing(); } function donothing() { - + $page = "Welcome to the Dragon Knight Administration section. Use the links on the left bar to control and edit various elements of the game.

Please note that the control panel has been created mostly as a shortcut for certain individual settings. It is meant for use primarily with editing one thing at a time. If you need to completely replace an entire table (say, to replace all stock monsters with your own new ones), it is suggested that you use a more in-depth database tool such as phpMyAdmin. Also, you may want to have a copy of the Dragon Knight development kit, available from the Dragon Knight homepage.

Also, you should be aware that certain portions of the DK code are dependent on the formatting of certain database results (for example, the special attributes on item drops). While I have attempted to point these out throughout the admin script, you should definitely pay attention and be careful when editing some fields, because mistakes in the database content may result in script errors or your game breaking completely."; admindisplay($page, "Admin Home"); - + } function main() { - + if (isset($_POST["submit"])) { extract($_POST); $errors = 0; @@ -51,22 +51,17 @@ function main() { if ($class1name == "") { $errors++; $errorlist .= "Class 1 name is required.
"; } if ($class2name == "") { $errors++; $errorlist .= "Class 2 name is required.
"; } if ($class3name == "") { $errors++; $errorlist .= "Class 3 name is required.
"; } - if ($diff1name == "") { $errors++; $errorlist .= "Difficulty 1 name is required.
"; } - if ($diff2name == "") { $errors++; $errorlist .= "Difficulty 2 name is required.
"; } - if ($diff3name == "") { $errors++; $errorlist .= "Difficulty 3 name is required.
"; } - if ($diff2mod == "") { $errors++; $errorlist .= "Difficulty 2 value is required.
"; } - if ($diff3mod == "") { $errors++; $errorlist .= "Difficulty 3 value is required.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET gamename='$gamename',gamesize='$gamesize',forumtype='$forumtype',forumaddress='$forumaddress',compression='$compression',class1name='$class1name',class2name='$class2name',class3name='$class3name',diff1name='$diff1name',diff2name='$diff2name',diff3name='$diff3name',diff2mod='$diff2mod',diff3mod='$diff3mod',gameopen='$gameopen',verifyemail='$verifyemail',gameurl='$gameurl',adminemail='$adminemail',shownews='$shownews',showonline='$showonline',showbabble='$showbabble' WHERE id='1' LIMIT 1", "control"); admindisplay("Settings updated.","Main Settings"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Main Settings"); } } - + global $controlrow; - + $page = <<Main Settings
These options control several major settings for the overall game engine.

@@ -87,11 +82,6 @@ These options control several major settings for the overall game engine.
< Class 1 Name:
Class 2 Name:
Class 3 Name:
-Difficulty 1 Name:
-Difficulty 2 Name:
-Difficulty 2 Value:
Default is 1.2. Specify factoral value for medium difficulty here. -Difficulty 3 Name:
-Difficulty 3 Value:
Default is 1.5. Specify factoral value for hard difficulty here. @@ -119,7 +109,7 @@ END; } function items() { - + $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "items"); $page = "Edit Items
Click an item's name to edit it.

\n"; $count = 1; @@ -130,13 +120,13 @@ function items() { if (mysql_num_rows($query) == 0) { $page .= "\n"; } $page .= "
No items found.
"; admindisplay($page, "Edit Items"); - + } function edititem($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -146,17 +136,17 @@ function edititem($id) { if ($attribute == "") { $errors++; $errorlist .= "Attribute is required.
"; } if (!is_numeric($attribute)) { $errors++; $errorlist .= "Attribute must be a number.
"; } if ($special == "" || $special == " ") { $special = "X"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET name='$name',type='$type',buycost='$buycost',attribute='$attribute',special='$special' WHERE id='$id' LIMIT 1", "items"); admindisplay("Item updated.","Edit Items"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Items"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); $row = mysql_fetch_array($query); @@ -186,18 +176,18 @@ dexterity - dexterity (which also adds to defensepower)
attackpower - total attack power
defensepower - total defense power END; - + if ($row["type"] == 1) { $row["type1select"] = "selected=\"selected\" "; } else { $row["type1select"] = ""; } if ($row["type"] == 2) { $row["type2select"] = "selected=\"selected\" "; } else { $row["type2select"] = ""; } if ($row["type"] == 3) { $row["type3select"] = "selected=\"selected\" "; } else { $row["type3select"] = ""; } - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Items"); - + } function drops() { - + $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "drops"); $page = "Edit Drops
Click an item's name to edit it.

\n"; $count = 1; @@ -208,13 +198,13 @@ function drops() { if (mysql_num_rows($query) == 0) { $page .= "\n"; } $page .= "
No items found.
"; admindisplay($page, "Edit Drops"); - + } function editdrop($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -223,17 +213,17 @@ function editdrop($id) { if (!is_numeric($mlevel)) { $errors++; $errorlist .= "Monster level must be a number.
"; } if ($attribute1 == "" || $attribute1 == " " || $attribute1 == "X") { $errors++; $errorlist .= "First attribute is required.
"; } if ($attribute2 == "" || $attribute2 == " ") { $attribute2 = "X"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET name='$name',mlevel='$mlevel',attribute1='$attribute1',attribute2='$attribute2' WHERE id='$id' LIMIT 1", "drops"); admindisplay("Item updated.","Edit Drops"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Drops"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "drops"); $row = mysql_fetch_array($query); @@ -262,14 +252,14 @@ dexterity - dexterity (which also adds to defensepower)
attackpower - total attack power
defensepower - total defense power END; - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Drops"); - + } function towns() { - + $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "towns"); $page = "Edit Towns
Click an town's name to edit it.

\n"; $count = 1; @@ -280,13 +270,13 @@ function towns() { if (mysql_num_rows($query) == 0) { $page .= "\n"; } $page .= "
No towns found.
"; admindisplay($page, "Edit Towns"); - + } function edittown($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -303,17 +293,17 @@ function edittown($id) { if ($travelpoints == "") { $errors++; $errorlist .= "Travel Points is required.
"; } if (!is_numeric($travelpoints)) { $errors++; $errorlist .= "Travel Points must be a number.
"; } if ($itemslist == "") { $errors++; $errorlist .= "Items List is required.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET name='$name',latitude='$latitude',longitude='$longitude',innprice='$innprice',mapprice='$mapprice',travelpoints='$travelpoints',itemslist='$itemslist' WHERE id='$id' LIMIT 1", "towns"); admindisplay("Town updated.","Edit Towns"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Towns"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "towns"); $row = mysql_fetch_array($query); @@ -333,26 +323,26 @@ $page = << END; - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Towns"); - + } function monsters() { - + global $controlrow; - + $statquery = doquery("SELECT * FROM {{table}} ORDER BY level DESC LIMIT 1", "monsters"); $statrow = mysql_fetch_array($statquery); - + $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "monsters"); $page = "Edit Monsters
"; - + if (($controlrow["gamesize"]/5) != $statrow["level"]) { $page .= "Note: Your highest monster level does not match with your entered map size. Highest monster level should be ".($controlrow["gamesize"]/5).", yours is ".$statrow["level"].". Please fix this before opening the game to the public.

"; } else { $page .= "Monster level and map size match. No further actions are required for map compatibility.

"; } - + $page .= "Click an monster's name to edit it.

\n"; $count = 1; while ($row = mysql_fetch_array($query)) { @@ -362,13 +352,13 @@ function monsters() { if (mysql_num_rows($query) == 0) { $page .= "\n"; } $page .= "
No towns found.
"; admindisplay($page, "Edit Monster"); - + } function editmonster($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -385,17 +375,17 @@ function editmonster($id) { if (!is_numeric($maxexp)) { $errors++; $errorlist .= "Max Exp must be a number.
"; } if ($maxgold == "") { $errors++; $errorlist .= "Max Gold is required.
"; } if (!is_numeric($maxgold)) { $errors++; $errorlist .= "Max Gold must be a number.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET name='$name',maxhp='$maxhp',maxdam='$maxdam',armor='$armor',level='$level',maxexp='$maxexp',maxgold='$maxgold',immune='$immune' WHERE id='$id' LIMIT 1", "monsters"); admindisplay("Monster updated.","Edit monsters"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit monsters"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "monsters"); $row = mysql_fetch_array($query); @@ -416,18 +406,18 @@ $page = << END; - + if ($row["immune"] == 1) { $row["immune1select"] = "selected=\"selected\" "; } else { $row["immune1select"] = ""; } if ($row["immune"] == 2) { $row["immune2select"] = "selected=\"selected\" "; } else { $row["immune2select"] = ""; } if ($row["immune"] == 3) { $row["immune3select"] = "selected=\"selected\" "; } else { $row["immune3select"] = ""; } - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Monsters"); - + } function spells() { - + $query = doquery("SELECT id,name FROM {{table}} ORDER BY id", "spells"); $page = "Edit Spells
Click an spell's name to edit it.

\n"; $count = 1; @@ -438,13 +428,13 @@ function spells() { if (mysql_num_rows($query) == 0) { $page .= "\n"; } $page .= "
No spells found.
"; admindisplay($page, "Edit Spells"); - + } function editspell($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -453,17 +443,17 @@ function editspell($id) { if (!is_numeric($mp)) { $errors++; $errorlist .= "MP must be a number.
"; } if ($attribute == "") { $errors++; $errorlist .= "Attribute is required.
"; } if (!is_numeric($attribute)) { $errors++; $errorlist .= "Attribute must be a number.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("UPDATE {{table}} SET name='$name',mp='$mp',attribute='$attribute',type='$type' WHERE id='$id' LIMIT 1", "spells"); admindisplay("Spell updated.","Edit Spells"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Edit Spells"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "spells"); $row = mysql_fetch_array($query); @@ -486,43 +476,43 @@ END; if ($row["type"] == 3) { $row["type3select"] = "selected=\"selected\" "; } else { $row["type3select"] = ""; } if ($row["type"] == 4) { $row["type4select"] = "selected=\"selected\" "; } else { $row["type4select"] = ""; } if ($row["type"] == 5) { $row["type5select"] = "selected=\"selected\" "; } else { $row["type5select"] = ""; } - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Spells"); - + } function levels() { $query = doquery("SELECT id FROM {{table}} ORDER BY id DESC LIMIT 1", "levels"); $row = mysql_fetch_array($query); - + $options = ""; for($i=2; $i<$row["id"]; $i++) { $options .= "\n"; } - + $page = <<Edit Levels
Select a level number from the dropdown box to edit it.

+
END; admindisplay($page, "Edit Levels"); - + } function editlevel() { if (!isset($_POST["level"])) { admindisplay("No level to edit.", "Edit Levels"); die(); } $id = $_POST["level"]; - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; @@ -555,7 +545,7 @@ function editlevel() { if (!is_numeric($_POST["two_strength"])) { $errors++; $errorlist .= "Class 2 Strength must be a number.
"; } if (!is_numeric($_POST["two_dexterity"])) { $errors++; $errorlist .= "Class 2 Dexterity must be a number.
"; } if (!is_numeric($_POST["two_spells"])) { $errors++; $errorlist .= "Class 2 Spells must be a number.
"; } - + if ($_POST["three_exp"] == "") { $errors++; $errorlist .= "Class 3 Experience is required.
"; } if ($_POST["three_hp"] == "") { $errors++; $errorlist .= "Class 3 HP is required.
"; } if ($_POST["three_mp"] == "") { $errors++; $errorlist .= "Class 3 MP is required.
"; } @@ -571,7 +561,7 @@ function editlevel() { if (!is_numeric($_POST["three_dexterity"])) { $errors++; $errorlist .= "Class 3 Dexterity must be a number.
"; } if (!is_numeric($_POST["three_spells"])) { $errors++; $errorlist .= "Class 3 Spells must be a number.
"; } - if ($errors == 0) { + if ($errors == 0) { $updatequery = <<Errors:
$errorlist

Please go back and try again.", "Edit Spells"); - } - - } - - + } + + } + + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "levels"); $row = mysql_fetch_array($query); global $controlrow; @@ -636,14 +626,14 @@ Experience values for each level should be the cumulative total amount of experi END; - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Levels"); - + } function users() { - + $query = doquery("SELECT id,username FROM {{table}} ORDER BY id", "users"); $page = "Edit Users
Click a username to edit the account.

\n"; $count = 1; @@ -658,23 +648,21 @@ function users() { } function edituser($id) { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; if ($email == "") { $errors++; $errorlist .= "Email is required.
"; } if ($verify == "") { $errors++; $errorlist .= "Verify is required.
"; } - if ($charname == "") { $errors++; $errorlist .= "Character Name is required.
"; } if ($authlevel == "") { $errors++; $errorlist .= "Auth Level is required.
"; } if ($latitude == "") { $errors++; $errorlist .= "Latitude is required.
"; } if ($longitude == "") { $errors++; $errorlist .= "Longitude is required.
"; } - if ($difficulty == "") { $errors++; $errorlist .= "Difficulty is required.
"; } if ($charclass == "") { $errors++; $errorlist .= "Character Class is required.
"; } if ($currentaction == "") { $errors++; $errorlist .= "Current Action is required.
"; } if ($currentfight == "") { $errors++; $errorlist .= "Current Fight is required.
"; } - + if ($currentmonster == "") { $errors++; $errorlist .= "Current Monster is required.
"; } if ($currentmonsterhp == "") { $errors++; $errorlist .= "Current Monster HP is required.
"; } if ($currentmonstersleep == "") { $errors++; $errorlist .= "Current Monster Sleep is required.
"; } @@ -714,17 +702,16 @@ function edituser($id) { if ($dropcode == "") { $errors++; $errorlist .= "Drop Code is required.
"; } if ($spells == "") { $errors++; $errorlist .= "Spells is required.
"; } if ($towns == "") { $errors++; $errorlist .= "Towns is required.
"; } - + if (!is_numeric($authlevel)) { $errors++; $errorlist .= "Auth Level must be a number.
"; } if (!is_numeric($latitude)) { $errors++; $errorlist .= "Latitude must be a number.
"; } if (!is_numeric($longitude)) { $errors++; $errorlist .= "Longitude must be a number.
"; } - if (!is_numeric($difficulty)) { $errors++; $errorlist .= "Difficulty must be a number.
"; } if (!is_numeric($charclass)) { $errors++; $errorlist .= "Character Class must be a number.
"; } if (!is_numeric($currentfight)) { $errors++; $errorlist .= "Current Fight must be a number.
"; } if (!is_numeric($currentmonster)) { $errors++; $errorlist .= "Current Monster must be a number.
"; } if (!is_numeric($currentmonsterhp)) { $errors++; $errorlist .= "Current Monster HP must be a number.
"; } if (!is_numeric($currentmonstersleep)) { $errors++; $errorlist .= "Current Monster Sleep must be a number.
"; } - + if (!is_numeric($currentmonsterimmune)) { $errors++; $errorlist .= "Current Monster Immune must be a number.
"; } if (!is_numeric($currentuberdamage)) { $errors++; $errorlist .= "Current Uber Damage must be a number.
"; } if (!is_numeric($currentuberdefense)) { $errors++; $errorlist .= "Current Uber Defense must be a number.
"; } @@ -735,7 +722,7 @@ function edituser($id) { if (!is_numeric($maxmp)) { $errors++; $errorlist .= "Max MP must be a number.
"; } if (!is_numeric($maxtp)) { $errors++; $errorlist .= "Max TP must be a number.
"; } if (!is_numeric($level)) { $errors++; $errorlist .= "Level must be a number.
"; } - + if (!is_numeric($gold)) { $errors++; $errorlist .= "Gold must be a number.
"; } if (!is_numeric($experience)) { $errors++; $errorlist .= "Experience must be a number.
"; } if (!is_numeric($goldbonus)) { $errors++; $errorlist .= "Gold Bonus must be a number.
"; } @@ -746,18 +733,18 @@ function edituser($id) { if (!is_numeric($defensepower)) { $errors++; $errorlist .= "Defense Power must be a number.
"; } if (!is_numeric($weaponid)) { $errors++; $errorlist .= "Weapon ID must be a number.
"; } if (!is_numeric($armorid)) { $errors++; $errorlist .= "Armor ID must be a number.
"; } - + if (!is_numeric($shieldid)) { $errors++; $errorlist .= "Shield ID must be a number.
"; } if (!is_numeric($slot1id)) { $errors++; $errorlist .= "Slot 1 ID must be a number.
"; } if (!is_numeric($slot2id)) { $errors++; $errorlist .= "Slot 2 ID must be a number.
"; } if (!is_numeric($slot3id)) { $errors++; $errorlist .= "Slot 3 ID must be a number.
"; } if (!is_numeric($dropcode)) { $errors++; $errorlist .= "Drop Code must be a number.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $updatequery = <<Errors:
$errorlist

Please go back and try again.", "Edit Users"); - } - - } - + } + + } + $query = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "users"); $row = mysql_fetch_array($query); global $controlrow; @@ -793,7 +780,6 @@ $page = <<
- @@ -802,7 +788,6 @@ $page = << - @@ -869,33 +854,30 @@ END; if ($row["charclass"] == 1) { $row["class1select"] = "selected=\"selected\" "; } else { $row["class1select"] = ""; } if ($row["charclass"] == 2) { $row["class2select"] = "selected=\"selected\" "; } else { $row["class2select"] = ""; } if ($row["charclass"] == 3) { $row["class3select"] = "selected=\"selected\" "; } else { $row["class3select"] = ""; } - if ($row["difficulty"] == 1) { $row["diff1select"] = "selected=\"selected\" "; } else { $row["diff1select"] = ""; } - if ($row["difficulty"] == 2) { $row["diff2select"] = "selected=\"selected\" "; } else { $row["diff2select"] = ""; } - if ($row["difficulty"] == 3) { $row["diff3select"] = "selected=\"selected\" "; } else { $row["diff3select"] = ""; } - + $page = parsetemplate($page, $row); admindisplay($page, "Edit Users"); - + } function addnews() { - + if (isset($_POST["submit"])) { - + extract($_POST); $errors = 0; $errorlist = ""; if ($content == "") { $errors++; $errorlist .= "Content is required.
"; } - - if ($errors == 0) { + + if ($errors == 0) { $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),content='$content'", "news"); admindisplay("News post added.","Add News"); } else { admindisplay("Errors:
$errorlist

Please go back and try again.", "Add News"); - } - - } - + } + + } + $page = <<Add A News Post

@@ -904,9 +886,9 @@ Type your post below and then click Submit to add it.
END; - + admindisplay($page, "Add News"); - + } - -?> \ No newline at end of file + +?> diff --git a/public/forum.php b/public/forum.php index a7554df..54332dc 100644 --- a/public/forum.php +++ b/public/forum.php @@ -17,12 +17,12 @@ if ($userrow["authlevel"] == 2) { die("Your account has been blocked. Please try if (isset($_GET["do"])) { $do = explode(":",$_GET["do"]); - + if ($do[0] == "thread") { showthread($do[1], $do[2]); } elseif ($do[0] == "new") { newthread(); } elseif ($do[0] == "reply") { reply(); } elseif ($do[0] == "list") { donothing($do[1]); } - + } else { donothing(0); } function donothing($start=0) { @@ -30,9 +30,9 @@ function donothing($start=0) { $query = doquery("SELECT * FROM {{table}} WHERE parent='0' ORDER BY newpostdate DESC LIMIT 20", "forum"); $page = "
Username:{{username}}
Email:
Verify:
Character Name:
Register Date:{{regdate}}
Last Online:{{onlinetime}}
Auth Level:
Set to "Blocked" to temporarily (or permanently) ban a user.
Latitude:
Longitude:
Difficulty:
Character Class:
 
\n"; $count = 1; - if (mysql_num_rows($query) == 0) { + if (mysql_num_rows($query) == 0) { $page .= "\n"; - } else { + } else { while ($row = mysql_fetch_array($query)) { if ($count == 1) { $page .= "\n"; @@ -44,9 +44,9 @@ function donothing($start=0) { } } $page .= "
New Thread
ThreadRepliesLast Post
No threads in forum.
".$row["title"]."".$row["replies"]."".$row["newpostdate"]."
"; - + display($page, "Forum"); - + } function showthread($id, $start) { @@ -67,36 +67,36 @@ function showthread($id, $start) { } $page .= "
"; $page .= "
Reply To This Thread:

"; - + display($page, "Forum"); - + } function reply() { global $userrow; extract($_POST); - $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),newpostdate=NOW(),author='".$userrow["charname"]."',parent='$parent',replies='0',title='$title',content='$content'", "forum"); + $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),newpostdate=NOW(),author='".$userrow["username"]."',parent='$parent',replies='0',title='$title',content='$content'", "forum"); $query2 = doquery("UPDATE {{table}} SET newpostdate=NOW(),replies=replies+1 WHERE id='$parent' LIMIT 1", "forum"); header("Location: forum.php?do=thread:$parent:0"); die(); - + } function newthread() { global $userrow; - + if (isset($_POST["submit"])) { extract($_POST); - $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),newpostdate=NOW(),author='".$userrow["charname"]."',parent='0',replies='0',title='$title',content='$content'", "forum"); + $query = doquery("INSERT INTO {{table}} SET id='',postdate=NOW(),newpostdate=NOW(),author='".$userrow["username"]."',parent='0',replies='0',title='$title',content='$content'", "forum"); header("Location: forum.php"); die(); } - + $page = "
Make A New Post:

Title:


Message:


"; display($page, "Forum"); - + } - -?> \ No newline at end of file + +?> diff --git a/public/help.php b/public/help.php index 25d52fb..b00e8d9 100644 --- a/public/help.php +++ b/public/help.php @@ -1,5 +1,5 @@ -
  • Introduction
  • Character Classes -
  • Difficulty Levels
  • Playing The Game: In Town
  • Playing The Game: Exploring & Fighting
  • Playing The Game: Status Panels @@ -93,16 +92,16 @@ a:hover {

    Introduction

    -Firstly, I'd like to say thank you for playing my game. The Dragon Knight game engine is the result of several months of -planning, coding and testing. The original idea was to create a web-based tribute to the NES game, Dragon -Warrior. In its current iteration, only the underlying fighting system really resembles that game, as almost +Firstly, I'd like to say thank you for playing my game. The Dragon Knight game engine is the result of several months of +planning, coding and testing. The original idea was to create a web-based tribute to the NES game, Dragon +Warrior. In its current iteration, only the underlying fighting system really resembles that game, as almost everything else in DK has been made bigger and better. But you should still recognize bits and pieces as stemming from Dragon Warrior and other RPGs of old.

    This is the first game I've ever written, and it has definitely been a positive experience. It got difficult at times, admittedly, but it was still a lot of fun to write, and even more fun to play. And I hope to use this experience so that if I ever want to create another game it will be even better than this one.

    If you are a site administrator, and would like to install a copy of DK on your own server, you may visit the -development site for Dragon Knight. This page +development site for Dragon Knight. This page includes the downloadable game souce code, as well as some other resources that developers and administrators may find valuable.

    Once again, thanks for playing!

    @@ -163,22 +162,6 @@ for the game. If your administrator has used his/her own class setup, this infor


    -

    Difficulty Levels

    - includes the ability to play using one of three difficulty levels. -All monster statistics in the game are set at a base number. However, using a difficulty multiplier, certain statistics -are increased. The amount of hit points a monster has goes up, which means it will take longer to kill. But the amount -of experience and gold you gain from killing it also goes up. So the game is a little bit harder, but it is also more -rewarding. The following are the three difficulty levels and their statistic multiplier, which applies to the monster's -HP, experience drop, and gold drop. -
      -
    • " . $controlrow["diff1mod"] . ""; ?> -
    • " . $controlrow["diff2mod"] . ""; ?> -
    • " . $controlrow["diff3mod"] . ""; ?> -
    -[ Top ] - -


    -

    Playing The Game: In Town

    When you begin a new game, the first thing you see is the Town screen. Towns serve four primary functions: healing, buying items, buying maps, and displaying game information.

    @@ -206,10 +189,10 @@ administrator, a list of players who have been online recently, and the Babble B Once you're done in town, you are free to start exploring the world. Use the compass buttons on the left status panel to move around. The game world is basically a big square, divided into four quadrants. Each quadrant is spaces square. The first town is usually located at (0N,0E). Click the North button from the first town, and now you'll be at (1N,0E). -Likewise, if you now click the West button, you'll be at (1N,1W). Monster levels increase with every 5 spaces you move outward +Likewise, if you now click the West button, you'll be at (1N,1W). Monster levels increase with every 5 spaces you move outward from (0N,0E).

    While you're exploring, you will occasionally run into monsters. As in pretty much any other RPG game, you and the monster take turns -hitting each other in an attempt to reduce each other's hit points to zero. Once you run into a monster, the Exploring screen changes +hitting each other in an attempt to reduce each other's hit points to zero. Once you run into a monster, the Exploring screen changes to the Fighting screen.

    When a fight begins, you'll see the monster's name and hit points, and the game will ask you for your first command. You then get to pick whether you want to fight, use a spell, or run away. Note, though, that sometimes the monster has the chance to hit you @@ -320,4 +303,4 @@ All original coding and graphics for the Dragon Knight game engine are &c Powered by Dragon Knight© 2003-2006 by renderse7en - \ No newline at end of file + diff --git a/public/index.php b/public/index.php index cb9280b..ad685d5 100644 --- a/public/index.php +++ b/public/index.php @@ -2,10 +2,7 @@ // index.php :: Primary program script, evil alien overlord, you decide. -if (!file_exists('../.installed')) { - header('Location: install.php'); - exit; -} +if (!file_exists('../.installed')) redirect('install.php'); require_once '../src/lib.php'; @@ -81,8 +78,7 @@ function donothing() $page = doexplore(); $title = "Exploring"; } elseif ($userrow["currentaction"] == "Fighting") { - $page = dofight(); - $title = "Fighting"; + redirect('index.php?do=fight'); } display($page, $title); @@ -95,53 +91,53 @@ function dotown() { global $userrow, $controlrow; - $townquery = db()->query('SELECT * FROM towns WHERE latitude = ? AND longitude = ? LIMIT 1;', [$userrow["latitude"], $userrow["longitude"]]); - if ($townquery === false) display("There is an error with your user account, or with the town data. Please try again.", "Error"); - $townrow = $townquery->fetchArray(SQLITE3_ASSOC); + $townrow = get_town_by_xy($userrow['longitude'], $userrow['latitude']); if ($townrow === false) display("There is an error with your user account, or with the town data. Please try again.","Error"); + $townrow["news"] = ""; + $townrow["whosonline"] = ""; + $townrow["babblebox"] = ""; + // News box. Grab latest news entry and display it. Something a little more graceful coming soon maybe. if ($controlrow["shownews"] == 1) { $newsrow = db()->query('SELECT * FROM news ORDER BY id DESC LIMIT 1;')->fetchArray(SQLITE3_ASSOC); $townrow["news"] = "
    Latest News
    \n"; $townrow["news"] .= "[".prettydate($newsrow["postdate"])."]
    ".nl2br($newsrow["content"]); $townrow["news"] .= "
    \n"; - } else { - $townrow["news"] = ""; - } + } // Who's Online. Currently just members. Guests maybe later. if ($controlrow["showonline"] == 1) { - $onlinequery = db()->query("SELECT * FROM news WHERE strftime('%s', onlinetime) >= strftime('%s', 'now') - 600 ORDER BY charname"); + $onlinequery = db()->query("SELECT id, username FROM users WHERE strftime('%s', onlinetime) >= strftime('%s', 'now') - 600 ORDER BY username"); $online_count = 0; $online_rows = []; - foreach ($onlinequery->fetchArray(SQLITE3_ASSOC) as $onlinerow) { + while ($onlinerow = $onlinequery->fetchArray(SQLITE3_ASSOC)) { $online_count++; - $online_rows[] = "".$onlinerow["charname"]."" . ", "; + $online_rows[] = "".$onlinerow["username"]."" . ", "; } $townrow["whosonline"] = "
    Who's Online
    \n"; $townrow["whosonline"] .= "There are $online_count user(s) online within the last 10 minutes: "; $townrow["whosonline"] .= rtrim(implode(', ', $online_rows), ', '); $townrow["whosonline"] .= "
    \n"; - } else { - $townrow["whosonline"] = ""; - } + } if ($controlrow["showbabble"] == 1) { - $townrow["babblebox"] = "
    Babble Box
    \n"; - $townrow["babblebox"] .= ""; - $townrow["babblebox"] .= "
    \n"; - } else { - $townrow["babblebox"] = ""; - } + $townrow["babblebox"] = << + Babble Box + + + + + HTML; + } - $page = gettemplate("towns"); - $page = parsetemplate($page, $townrow); - - return $page; + return parsetemplate(gettemplate("towns"), $townrow); } /** @@ -160,154 +156,104 @@ function doexplore() HTML; } -/** - * Redirect to fighting. - */ -function dofight() -{ - header("Location: index.php?do=fight"); -} - function showchar() { global $userrow, $controlrow; - // Format various userrow stuffs. - $userrow["experience"] = number_format($userrow["experience"]); - $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["expbonus"] > 0) { - $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; - } elseif ($userrow["expbonus"] < 0) { - $userrow["plusexp"] = "(".$userrow["expbonus"]."%)"; - } else { $userrow["plusexp"] = ""; } - if ($userrow["goldbonus"] > 0) { - $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; - } elseif ($userrow["goldbonus"] < 0) { - $userrow["plusgold"] = "(".$userrow["goldbonus"]."%)"; - } else { $userrow["plusgold"] = ""; } + $userrow["experience"] = number_format($userrow["experience"]); + $userrow["gold"] = number_format($userrow["gold"]); - $levelquery = doquery("SELECT ". $userrow["charclass"]."_exp FROM {{table}} WHERE id='".($userrow["level"]+1)."' LIMIT 1", "levels"); - $levelrow = mysql_fetch_array($levelquery); - if ($userrow["level"] < 99) { $userrow["nextlevel"] = number_format($levelrow[$userrow["charclass"]."_exp"]); } else { $userrow["nextlevel"] = "None"; } + $userrow["plusexp"] = $userrow["expbonus"] != 0 + ? "(" . ($userrow["expbonus"] > 0 ? "+" : "") . $userrow["expbonus"] . "%)" + : ""; - if ($userrow["charclass"] == 1) { $userrow["charclass"] = $controlrow["class1name"]; } - elseif ($userrow["charclass"] == 2) { $userrow["charclass"] = $controlrow["class2name"]; } - elseif ($userrow["charclass"] == 3) { $userrow["charclass"] = $controlrow["class3name"]; } + $userrow["plusgold"] = $userrow["goldbonus"] != 0 + ? "(" . ($userrow["goldbonus"] > 0 ? "+" : "") . $userrow["goldbonus"] . "%)" + : ""; - if ($userrow["difficulty"] == 1) { $userrow["difficulty"] = $controlrow["diff1name"]; } - elseif ($userrow["difficulty"] == 2) { $userrow["difficulty"] = $controlrow["diff2name"]; } - elseif ($userrow["difficulty"] == 3) { $userrow["difficulty"] = $controlrow["diff3name"]; } + $levelrow = db()->query("SELECT `{$userrow["charclass"]}_exp` FROM levels WHERE id=? LIMIT 1;", [$userrow['level'] + 1])->fetchArray(SQLITE3_ASSOC); + $userrow["nextlevel"] = $userrow['level'] < 99 ? number_format($levelrow[$userrow["charclass"]."_exp"]) : 'None'; - $spellquery = doquery("SELECT id,name FROM {{table}}","spells"); - $userspells = explode(",",$userrow["spells"]); - $userrow["magiclist"] = ""; - while ($spellrow = mysql_fetch_array($spellquery)) { + $userrow['charclass'] = match ((int) $userrow['charclass']) { + 1 => $controlrow["class1name"], + 2 => $controlrow["class2name"], + 3 => $controlrow["class3name"] + }; + + $spells = db()->query('SELECT id, name FROM spells;'); + $userspells = explode(',', $userrow['spells']); + $userrow["magiclist"] = ''; + while ($spellrow = $spells->fetchArray(SQLITE3_ASSOC)) { $spell = false; - foreach($userspells as $a => $b) { - if ($b == $spellrow["id"]) { $spell = true; } - } - if ($spell == true) { - $userrow["magiclist"] .= $spellrow["name"]."
    "; - } + foreach($userspells as $b) if ($b == $spellrow["id"]) $spell = true; + if ($spell == true) $userrow["magiclist"] .= $spellrow["name"]."
    "; } - if ($userrow["magiclist"] == "") { $userrow["magiclist"] = "None"; } + if ($userrow["magiclist"] == "") $userrow["magiclist"] = "None"; - // Make page tags for XHTML validation. - $xml = "\n" - . "\n" - . "\n"; - - $charsheet = gettemplate("showchar"); - $page = $xml . gettemplate("minimal"); - $array = array("content"=>parsetemplate($charsheet, $userrow), "title"=>"Character Information"); - echo parsetemplate($page, $array); - die(); + $array = ["content" => parsetemplate(gettemplate("showchar"), $userrow), "title" => "Character Information"]; + echo parsetemplate("\n" . gettemplate("minimal"), $array); } -function onlinechar($id) { - +function onlinechar($id) +{ global $controlrow; - $userquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "users"); - if (mysql_num_rows($userquery) == 1) { $userrow = mysql_fetch_array($userquery); } else { display("No such user.", "Error"); } - // Format various userrow stuffs. + $query = db()->query('SELECT * FROM users WHERE id=? LIMIT 1;', [$id]); + if ($query !== false) { $userrow = $query->fetchArray(SQLITE3_ASSOC); } else { display("No such user.", "Error"); } + unset($userrow['password']); + $userrow["experience"] = number_format($userrow["experience"]); - $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["expbonus"] > 0) { - $userrow["plusexp"] = "(+".$userrow["expbonus"]."%)"; - } elseif ($userrow["expbonus"] < 0) { - $userrow["plusexp"] = "(".$userrow["expbonus"]."%)"; - } else { $userrow["plusexp"] = ""; } - if ($userrow["goldbonus"] > 0) { - $userrow["plusgold"] = "(+".$userrow["goldbonus"]."%)"; - } elseif ($userrow["goldbonus"] < 0) { - $userrow["plusgold"] = "(".$userrow["goldbonus"]."%)"; - } else { $userrow["plusgold"] = ""; } + $userrow["gold"] = number_format($userrow["gold"]); - $levelquery = doquery("SELECT ". $userrow["charclass"]."_exp FROM {{table}} WHERE id='".($userrow["level"]+1)."' LIMIT 1", "levels"); - $levelrow = mysql_fetch_array($levelquery); - $userrow["nextlevel"] = number_format($levelrow[$userrow["charclass"]."_exp"]); + $userrow["plusexp"] = $userrow["expbonus"] != 0 + ? "(" . ($userrow["expbonus"] > 0 ? "+" : "") . $userrow["expbonus"] . "%)" + : ""; - if ($userrow["charclass"] == 1) { $userrow["charclass"] = $controlrow["class1name"]; } - elseif ($userrow["charclass"] == 2) { $userrow["charclass"] = $controlrow["class2name"]; } - elseif ($userrow["charclass"] == 3) { $userrow["charclass"] = $controlrow["class3name"]; } + $userrow["plusgold"] = $userrow["goldbonus"] != 0 + ? "(" . ($userrow["goldbonus"] > 0 ? "+" : "") . $userrow["goldbonus"] . "%)" + : ""; - if ($userrow["difficulty"] == 1) { $userrow["difficulty"] = $controlrow["diff1name"]; } - elseif ($userrow["difficulty"] == 2) { $userrow["difficulty"] = $controlrow["diff2name"]; } - elseif ($userrow["difficulty"] == 3) { $userrow["difficulty"] = $controlrow["diff3name"]; } + $levelrow = db()->query("SELECT `{$userrow["charclass"]}_exp` FROM levels WHERE id=? LIMIT 1;", [$userrow['level'] + 1])->fetchArray(SQLITE3_ASSOC); + $userrow["nextlevel"] = $userrow['level'] < 99 ? number_format($levelrow[$userrow["charclass"]."_exp"]) : 'None'; - $charsheet = gettemplate("onlinechar"); - $page = parsetemplate($charsheet, $userrow); - display($page, "Character Information"); + $userrow['charclass'] = match ((int) $userrow['charclass']) { + 1 => $controlrow["class1name"], + 2 => $controlrow["class2name"], + 3 => $controlrow["class3name"] + }; + display(parsetemplate(gettemplate("onlinechar"), $userrow), "Character Information"); } -function showmap() { - - global $userrow; - - // Make page tags for XHTML validation. - $xml = "\n" - . "\n" - . "\n"; - - $page = $xml . gettemplate("minimal"); - $array = array("content"=>"
    \"Map\"
    ", "title"=>"Map"); - echo parsetemplate($page, $array); - die(); - +function showmap() +{ + $array = ["content" => "
    \"Map\"
    ", "title" => "Map"]; + echo parsetemplate("\n" . gettemplate("minimal"), $array); } -function babblebox() { - +function babblebox() +{ global $userrow; if (isset($_POST["babble"])) { $safecontent = makesafe($_POST["babble"]); - if ($safecontent == "" || $safecontent == " ") { //blank post. do nothing. - } else { $insert = doquery("INSERT INTO {{table}} SET id='',posttime=NOW(),author='".$userrow["charname"]."',babble='$safecontent'", "babble"); } - header("Location: index.php?do=babblebox"); - die(); + if (!empty($safecontent)) { + db()->query('INSERT INTO babble (posttime, author, babble) VALUES (CURRENT_TIMESTAMP, ?, ?);', [$userrow['username'], $safecontent]); + } + redirect('index.php?do=babblebox'); } - $babblebox = array("content"=>""); + $babblebox = ["content" => ""]; $bg = 1; - $babblequery = doquery("SELECT * FROM {{table}} ORDER BY id DESC LIMIT 20", "babble"); - while ($babblerow = mysql_fetch_array($babblequery)) { + $query = db()->query('SELECT * FROM babble ORDER BY id DESC LIMIT 20;'); + while ($babblerow = $query->fetchArray(SQLITE3_ASSOC)) { if ($bg == 1) { $new = "
    [".$babblerow["author"]."] ".$babblerow["babble"]."
    \n"; $bg = 2; } else { $new = "
    [".$babblerow["author"]."] ".stripslashes($babblerow["babble"])."
    \n"; $bg = 1; } $babblebox["content"] = $new . $babblebox["content"]; } $babblebox["content"] .= "

    "; - // Make page tags for XHTML validation. - $xml = "\n" - . "\n" - . "\n"; - $page = $xml . gettemplate("babblebox"); - echo parsetemplate($page, $babblebox); - die(); - + echo parsetemplate("\n" . gettemplate("babblebox"), $babblebox); } /** diff --git a/public/install.php b/public/install.php index 430274a..41cf178 100644 --- a/public/install.php +++ b/public/install.php @@ -7,7 +7,8 @@ if (file_exists('../.installed')) { require_once '../src/lib.php'; -match ((int) $_GET['page'] ?? 1) { +$page = $_GET['page'] ?? 1; +match ((int) $page) { 2 => second(), 3 => third(), 4 => fourth(), @@ -42,8 +43,6 @@ function first() HTML; - - exit; } /** @@ -628,7 +627,6 @@ function second() `authlevel` INTEGER NOT NULL default 0, `latitude` INTEGER NOT NULL default 0, `longitude` INTEGER NOT NULL default 0, - `difficulty` INTEGER NOT NULL default 0, `charclass` INTEGER NOT NULL default 0, `currentaction` TEXT NOT NULL default 'In Town', `currentfight` INTEGER NOT NULL default 0, @@ -675,7 +673,6 @@ function second() $time = round((microtime(true) - START), 4); echo "
    Database setup complete in $time seconds.

    Click here to continue with installation."; - exit; } /** @@ -699,15 +696,12 @@ function third() Email Address: Verify Email:


    Character Class: - Difficulty: HTML; - - exit; } /** @@ -780,8 +774,6 @@ function fourth() HTML; - - exit; } /** @@ -790,7 +782,7 @@ function fourth() function fifth() { if (mail("sky@sharkk.net", "Dragon Knight Call Home", $_SERVER["SERVER_NAME"].$_SERVER["PHP_SELF"]) !== true) { - die('Dragon Knight was unable to send your URL. Please go back and try again, or just continue on to the game.'); + exit('Dragon Knight was unable to send your URL. Please go back and try again, or just continue on to the game.'); } echo << HTML; - - exit; } diff --git a/public/login.php b/public/login.php index 482f1d9..b19be3e 100644 --- a/public/login.php +++ b/public/login.php @@ -19,7 +19,7 @@ function login() if ($_SERVER['REQUEST_METHOD'] === 'POST') { $u = trim($_POST['username'] ?? ''); - $query = db()->query('SELECT * FROM users WHERE username = ? LIMIT 1;', [$u]); + $query = db()->query('SELECT id, username, password FROM users WHERE username = ? LIMIT 1;', [$u]); if ($query === false) die("Invalid username or password. Please go back and try again."); $row = $query->fetchArray(SQLITE3_ASSOC); if (!password_verify($_POST['password'] ?? '', $row['password'])) die("Invalid username or password. Please go back and try again."); diff --git a/public/users.php b/public/users.php index 4f2826b..34439eb 100644 --- a/public/users.php +++ b/public/users.php @@ -4,53 +4,47 @@ include('lib.php'); $link = opendb(); if (isset($_GET["do"])) { - + $do = $_GET["do"]; if ($do == "register") { register(); } elseif ($do == "verify") { verify(); } elseif ($do == "lostpassword") { lostpassword(); } elseif ($do == "changepassword") { changepassword(); } - + } function register() { // Register a new account. - + $controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control"); $controlrow = mysql_fetch_array($controlquery); - + if (isset($_POST["submit"])) { - + extract($_POST); - + $errors = 0; $errorlist = ""; - + // Process username. if ($username == "") { $errors++; $errorlist .= "Username field is required.
    "; } if (preg_match("/[^A-z0-9_\-]/", $username)==1) { $errors++; $errorlist .= "Username must be alphanumeric.
    "; } // Thanks to "Carlos Pires" from php.net! $usernamequery = doquery("SELECT username FROM {{table}} WHERE username='$username' LIMIT 1","users"); if (mysql_num_rows($usernamequery) > 0) { $errors++; $errorlist .= "Username already taken - unique username required.
    "; } - - // Process charname. - if ($charname == "") { $errors++; $errorlist .= "Character Name field is required.
    "; } - if (preg_match("/[^A-z0-9_\-]/", $charname)==1) { $errors++; $errorlist .= "Character Name must be alphanumeric.
    "; } // Thanks to "Carlos Pires" from php.net! - $characternamequery = doquery("SELECT charname FROM {{table}} WHERE charname='$charname' LIMIT 1","users"); - if (mysql_num_rows($characternamequery) > 0) { $errors++; $errorlist .= "Character Name already taken - unique Character Name required.
    "; } - + // Process email address. if ($email1 == "" || $email2 == "") { $errors++; $errorlist .= "Email fields are required.
    "; } if ($email1 != $email2) { $errors++; $errorlist .= "Emails don't match.
    "; } if (! is_email($email1)) { $errors++; $errorlist .= "Email isn't valid.
    "; } $emailquery = doquery("SELECT email FROM {{table}} WHERE email='$email1' LIMIT 1","users"); if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.
    "; } - + // Process password. if (trim($password1) == "") { $errors++; $errorlist .= "Password field is required.
    "; } if (preg_match("/[^A-z0-9_\-]/", $password1)==1) { $errors++; $errorlist .= "Password must be alphanumeric.
    "; } // Thanks to "Carlos Pires" from php.net! if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.
    "; } $password = md5($password1); - + if ($errors == 0) { - + if ($controlrow["verifyemail"] == 1) { $verifycode = ""; for ($i=0; $i<8; $i++) { @@ -59,9 +53,9 @@ function register() { // Register a new account. } else { $verifycode='1'; } - - $query = doquery("INSERT INTO {{table}} SET id='',regdate=NOW(),verify='$verifycode',username='$username',password='$password',email='$email1',charname='$charname',charclass='$charclass',difficulty='$difficulty'", "users") or die(mysql_error()); - + + $query = doquery("INSERT INTO {{table}} SET id='',regdate=NOW(),verify='$verifycode',username='$username',password='$password',email='$email1',charclass='$charclass'", "users") or die(mysql_error()); + if ($controlrow["verifyemail"] == 1) { if (sendregmail($email1, $verifycode) == true) { $page = "Your account was created successfully.

    You should receive an Account Verification email shortly. You will need the verification code contained in that email before you are allowed to log in. Once you have received the email, please visit the Verification Page to enter your code and start playing."; @@ -71,32 +65,32 @@ function register() { // Register a new account. } else { $page = "Your account was created succesfully.

    You may now continue to the Login Page and continue playing ".$controlrow["gamename"]."!"; } - + } else { - + $page = "The following error(s) occurred when your account was being made:
    $errorlist
    Please go back and try again."; - + } - + } else { - + $page = gettemplate("register"); - if ($controlrow["verifyemail"] == 1) { + if ($controlrow["verifyemail"] == 1) { $controlrow["verifytext"] = "
    A verification code will be sent to the address above, and you will not be able to log in without first entering the code. Please be sure to enter your correct email address."; } else { $controlrow["verifytext"] = ""; } $page = parsetemplate($page, $controlrow); - + } - + $topnav = "\"Log\"Register\"\"Help\""; display($page, "Register", false, false, false); - + } function verify() { - + if (isset($_POST["submit"])) { extract($_POST); $userquery = doquery("SELECT username,email,verify FROM {{table}} WHERE username='$username' LIMIT 1","users"); @@ -112,11 +106,11 @@ function verify() { $page = gettemplate("verify"); $topnav = "\"Log\"Register\"\"Help\""; display($page, "Verify Email", false, false, false); - + } function lostpassword() { - + if (isset($_POST["submit"])) { extract($_POST); $userquery = doquery("SELECT email FROM {{table}} WHERE email='$email' LIMIT 1","users"); @@ -137,11 +131,11 @@ function lostpassword() { $page = gettemplate("lostpassword"); $topnav = "\"Log\"Register\"\"Help\""; display($page, "Lost Password", false, false, false); - + } function changepassword() { - + if (isset($_POST["submit"])) { extract($_POST); $userquery = doquery("SELECT * FROM {{table}} WHERE username='$username' LIMIT 1","users"); @@ -158,18 +152,18 @@ function changepassword() { } $page = gettemplate("changepassword"); $topnav = "\"Log\"Register\"\"Help\""; - display($page, "Change Password", false, false, false); - + display($page, "Change Password", false, false, false); + } function sendpassemail($emailaddress, $password) { - + $controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control"); $controlrow = mysql_fetch_array($controlquery); extract($controlrow); - + $email = << \ No newline at end of file +?> diff --git a/src/database.php b/src/database.php index 1f988fc..5416432 100644 --- a/src/database.php +++ b/src/database.php @@ -22,7 +22,6 @@ class Database extends SQLite3 { $p = strpos($query, '?') !== false; $stmt = $this->prepare($query); - foreach ($params ?? [] as $k => $v) $stmt->bindValue($p ? $k + 1 : $k, $v, $this->getSQLiteType($v)); $start = microtime(true); diff --git a/src/explore.php b/src/explore.php index 252ee96..ebc7b5e 100644 --- a/src/explore.php +++ b/src/explore.php @@ -1,37 +1,31 @@ - $controlrow["gamesize"]) { $latitude = $controlrow["gamesize"]; } } if (isset($_POST["south"])) { $latitude--; if ($latitude < ($controlrow["gamesize"]*-1)) { $latitude = ($controlrow["gamesize"]*-1); } } if (isset($_POST["east"])) { $longitude++; if ($longitude > $controlrow["gamesize"]) { $longitude = $controlrow["gamesize"]; } } if (isset($_POST["west"])) { $longitude--; if ($longitude < ($controlrow["gamesize"]*-1)) { $longitude = ($controlrow["gamesize"]*-1); } } - - $townquery = doquery("SELECT id FROM {{table}} WHERE latitude='$latitude' AND longitude='$longitude' LIMIT 1", "towns"); - if (mysql_num_rows($townquery) > 0) { - $townrow = mysql_fetch_array($townquery); - include('towns.php'); + + $townquery = db()->query('SELECT id FROM towns WHERE latitude = ? AND longitude = ? LIMIT 1;', [$latitude, $longitude]); + if ($townquery !== false) { + $townrow = $townquery->fetchArray(SQLITE3_ASSOC); + require_once __DIR__ . '/towns.php'; travelto($townrow["id"], false); - die(); - } - - $chancetofight = rand(1,5); - if ($chancetofight == 1) { - $action = "currentaction='Fighting', currentfight='1',"; - } else { - $action = "currentaction='Exploring',"; + exit; } - - $updatequery = doquery("UPDATE {{table}} SET $action latitude='$latitude', longitude='$longitude', dropcode='0' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); + $chancetofight = rand(1, 5); + $action = $chancetofight === 1 ? "currentaction='Fighting', currentfight='1'," : "currentaction='Exploring',"; + + db()->query("UPDATE users SET $action latitude = ?, longitude = ?, dropcode = 0 WHERE id = ?;", [$latitude, $longitude, $userrow['id']]); header("Location: index.php"); - } - -?> \ No newline at end of file diff --git a/src/fight.php b/src/fight.php index b51f22b..d18bd4b 100644 --- a/src/fight.php +++ b/src/fight.php @@ -1,12 +1,12 @@
    Get a life, loser.", "Error"); } $pagearray = array(); $playerisdead = 0; - + $pagearray["magiclist"] = ""; $userspells = explode(",",$userrow["spells"]); $spellquery = doquery("SELECT id,name FROM {{table}}", "spells"); @@ -22,50 +22,48 @@ function fight() { // One big long function that determines the outcome of the f } if ($pagearray["magiclist"] == "") { $pagearray["magiclist"] = "\n"; } $magiclist = $pagearray["magiclist"]; - + $chancetoswingfirst = 1; // First, check to see if we need to pick a monster. if ($userrow["currentfight"] == 1) { - + if ($userrow["latitude"] < 0) { $userrow["latitude"] *= -1; } // Equalize negatives. if ($userrow["longitude"] < 0) { $userrow["longitude"] *= -1; } // Ditto. $maxlevel = floor(max($userrow["latitude"]+5, $userrow["longitude"]+5) / 5); // One mlevel per five spaces. if ($maxlevel < 1) { $maxlevel = 1; } $minlevel = $maxlevel - 2; if ($minlevel < 1) { $minlevel = 1; } - - + + // Pick a monster. $monsterquery = doquery("SELECT * FROM {{table}} WHERE level>='$minlevel' AND level<='$maxlevel' ORDER BY RAND() LIMIT 1", "monsters"); $monsterrow = mysql_fetch_array($monsterquery); $userrow["currentmonster"] = $monsterrow["id"]; $userrow["currentmonsterhp"] = rand((($monsterrow["maxhp"]/5)*4),$monsterrow["maxhp"]); - if ($userrow["difficulty"] == 2) { $userrow["currentmonsterhp"] = ceil($userrow["currentmonsterhp"] * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $userrow["currentmonsterhp"] = ceil($userrow["currentmonsterhp"] * $controlrow["diff3mod"]); } $userrow["currentmonstersleep"] = 0; $userrow["currentmonsterimmune"] = $monsterrow["immune"]; - + $chancetoswingfirst = rand(1,10) + ceil(sqrt($userrow["dexterity"])); if ($chancetoswingfirst > (rand(1,7) + ceil(sqrt($monsterrow["maxdam"])))) { $chancetoswingfirst = 1; } else { $chancetoswingfirst = 0; } - + unset($monsterquery); unset($monsterrow); - + } - + // Next, get the monster statistics. $monsterquery = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["currentmonster"]."' LIMIT 1", "monsters"); $monsterrow = mysql_fetch_array($monsterquery); $pagearray["monstername"] = $monsterrow["name"]; - + // Do run stuff. if (isset($_POST["run"])) { $chancetorun = rand(4,10) + ceil(sqrt($userrow["dexterity"])); if ($chancetorun > (rand(1,5) + ceil(sqrt($monsterrow["maxdam"])))) { $chancetorun = 1; } else { $chancetorun = 0; } - - if ($chancetorun == 0) { + + if ($chancetorun == 0) { $pagearray["yourturn"] = "You tried to run away, but were blocked in front!

    "; $pagearray["monsterhp"] = "Monster's HP: " . $userrow["currentmonsterhp"] . "

    "; $pagearray["monsterturn"] = ""; @@ -80,8 +78,6 @@ function fight() { // One big long function that determines the outcome of the f } if ($userrow["currentmonstersleep"] == 0) { // Only do this if the monster is awake. $tohit = ceil(rand($monsterrow["maxdam"]*.5,$monsterrow["maxdam"])); - if ($userrow["difficulty"] == 2) { $tohit = ceil($tohit * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $tohit = ceil($tohit * $controlrow["diff3mod"]); } $toblock = ceil(rand($userrow["defensepower"]*.75,$userrow["defensepower"])/4); $tododge = rand(1,150); if ($tododge <= sqrt($userrow["dexterity"])) { @@ -109,19 +105,19 @@ function fight() { // One big long function that determines the outcome of the f $updatequery = doquery("UPDATE {{table}} SET currentaction='Exploring' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); header("Location: index.php"); die(); - + // Do fight stuff. } elseif (isset($_POST["fight"])) { - + // Your turn. $pagearray["yourturn"] = ""; $tohit = ceil(rand($userrow["attackpower"]*.75,$userrow["attackpower"])/3); $toexcellent = rand(1,150); if ($toexcellent <= sqrt($userrow["strength"])) { $tohit *= 2; $pagearray["yourturn"] .= "Excellent hit!
    "; } - $toblock = ceil(rand($monsterrow["armor"]*.75,$monsterrow["armor"])/3); + $toblock = ceil(rand($monsterrow["armor"]*.75,$monsterrow["armor"])/3); $tododge = rand(1,200); - if ($tododge <= sqrt($monsterrow["armor"])) { - $tohit = 0; $pagearray["yourturn"] .= "The monster is dodging. No damage has been scored.
    "; + if ($tododge <= sqrt($monsterrow["armor"])) { + $tohit = 0; $pagearray["yourturn"] .= "The monster is dodging. No damage has been scored.
    "; $monsterdamage = 0; } else { $monsterdamage = $tohit - $toblock; @@ -138,7 +134,7 @@ function fight() { // One big long function that determines the outcome of the f header("Location: index.php?do=victory"); die(); } - + // Monster's turn. $pagearray["monsterturn"] = ""; if ($userrow["currentmonstersleep"] != 0) { // Check to wake up. @@ -152,8 +148,6 @@ function fight() { // One big long function that determines the outcome of the f } if ($userrow["currentmonstersleep"] == 0) { // Only do this if the monster is awake. $tohit = ceil(rand($monsterrow["maxdam"]*.5,$monsterrow["maxdam"])); - if ($userrow["difficulty"] == 2) { $tohit = ceil($tohit * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $tohit = ceil($tohit * $controlrow["diff3mod"]); } $toblock = ceil(rand($userrow["defensepower"]*.75,$userrow["defensepower"])/4); $tododge = rand(1,150); if ($tododge <= sqrt($userrow["dexterity"])) { @@ -176,14 +170,14 @@ function fight() { // One big long function that determines the outcome of the f $playerisdead = 1; } } - + // Do spell stuff. } elseif (isset($_POST["spell"])) { - + // Your turn. $pickedspell = $_POST["userspell"]; if ($pickedspell == 0) { display("You must select a spell first. Please go back and try again.", "Error"); die(); } - + $newspellquery = doquery("SELECT * FROM {{table}} WHERE id='$pickedspell' LIMIT 1", "spells"); $newspellrow = mysql_fetch_array($newspellquery); $spell = false; @@ -192,7 +186,7 @@ function fight() { // One big long function that determines the outcome of the f } if ($spell != true) { display("You have not yet learned this spell. Please go back and try again.", "Error"); die(); } if ($userrow["currentmp"] < $newspellrow["mp"]) { display("You do not have enough Magic Points to cast this spell. Please go back and try again.", "Error"); die(); } - + if ($newspellrow["type"] == 1) { // Heal spell. $newhp = $userrow["currenthp"] + $newspellrow["attribute"]; if ($userrow["maxhp"] < $newhp) { $newspellrow["attribute"] = $userrow["maxhp"] - $userrow["currenthp"]; $newhp = $userrow["currenthp"] + $newspellrow["attribute"]; } @@ -223,16 +217,16 @@ function fight() { // One big long function that determines the outcome of the f } elseif ($newspellrow["type"] == 5) { // +Defense spell. $userrow["currentuberdefense"] = $newspellrow["attribute"]; $userrow["currentmp"] -= $newspellrow["mp"]; - $pagearray["yourturn"] = "You have cast the ".$newspellrow["name"]." spell, and will gain ".$newspellrow["attribute"]."% defense until the end of this fight.

    "; + $pagearray["yourturn"] = "You have cast the ".$newspellrow["name"]." spell, and will gain ".$newspellrow["attribute"]."% defense until the end of this fight.

    "; } - + $pagearray["monsterhp"] = "Monster's HP: " . $userrow["currentmonsterhp"] . "

    "; if ($userrow["currentmonsterhp"] <= 0) { $updatequery = doquery("UPDATE {{table}} SET currentmonsterhp='0',currenthp='".$userrow["currenthp"]."',currentmp='".$userrow["currentmp"]."' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); header("Location: index.php?do=victory"); die(); } - + // Monster's turn. $pagearray["monsterturn"] = ""; if ($userrow["currentmonstersleep"] != 0) { // Check to wake up. @@ -246,8 +240,6 @@ function fight() { // One big long function that determines the outcome of the f } if ($userrow["currentmonstersleep"] == 0) { // Only do this if the monster is awake. $tohit = ceil(rand($monsterrow["maxdam"]*.5,$monsterrow["maxdam"])); - if ($userrow["difficulty"] == 2) { $tohit = ceil($tohit * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $tohit = ceil($tohit * $controlrow["diff3mod"]); } $toblock = ceil(rand($userrow["defensepower"]*.75,$userrow["defensepower"])/4); $tododge = rand(1,150); if ($tododge <= sqrt($userrow["dexterity"])) { @@ -270,7 +262,7 @@ function fight() { // One big long function that determines the outcome of the f $playerisdead = 1; } } - + // Do a monster's turn if person lost the chance to swing first. Serves him right! } elseif ( $chancetoswingfirst == 0 ) { $pagearray["yourturn"] = "The monster attacks before you are ready!

    "; @@ -287,8 +279,6 @@ function fight() { // One big long function that determines the outcome of the f } if ($userrow["currentmonstersleep"] == 0) { // Only do this if the monster is awake. $tohit = ceil(rand($monsterrow["maxdam"]*.5,$monsterrow["maxdam"])); - if ($userrow["difficulty"] == 2) { $tohit = ceil($tohit * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $tohit = ceil($tohit * $controlrow["diff3mod"]); } $toblock = ceil(rand($userrow["defensepower"]*.75,$userrow["defensepower"])/4); $tododge = rand(1,150); if ($tododge <= sqrt($userrow["dexterity"])) { @@ -317,7 +307,7 @@ function fight() { // One big long function that determines the outcome of the f $pagearray["monsterhp"] = "Monster's HP: " . $userrow["currentmonsterhp"] . "

    "; $pagearray["monsterturn"] = ""; } - + $newmonster = $userrow["currentmonster"]; $newmonsterhp = $userrow["currentmonsterhp"]; @@ -327,9 +317,9 @@ function fight() { // One big long function that determines the outcome of the f $newuberdefense = $userrow["currentuberdefense"]; $newfight = $userrow["currentfight"] + 1; $newhp = $userrow["currenthp"]; - $newmp = $userrow["currentmp"]; - -if ($playerisdead != 1) { + $newmp = $userrow["currentmp"]; + +if ($playerisdead != 1) { $pagearray["command"] = <<
    @@ -342,41 +332,37 @@ END; } else { $pagearray["command"] = "You have died.

    As a consequence, you've lost half of your gold. However, you have been given back a portion of your hit points to continue your journey.

    You may now continue back to town, and we hope you fair better next time."; } - + // Finalize page and display it. $template = gettemplate("fight"); $page = parsetemplate($template,$pagearray); - + display($page, "Fighting"); - + } function victory() { - + global $userrow, $controlrow; - + if ($userrow["currentmonsterhp"] != 0) { header("Location: index.php?do=fight"); die(); } if ($userrow["currentfight"] == 0) { header("Location: index.php"); die(); } - + $monsterquery = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["currentmonster"]."' LIMIT 1", "monsters"); $monsterrow = mysql_fetch_array($monsterquery); - + $exp = rand((($monsterrow["maxexp"]/6)*5),$monsterrow["maxexp"]); if ($exp < 1) { $exp = 1; } - if ($userrow["difficulty"] == 2) { $exp = ceil($exp * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $exp = ceil($exp * $controlrow["diff3mod"]); } if ($userrow["expbonus"] != 0) { $exp += ceil(($userrow["expbonus"]/100)*$exp); } $gold = rand((($monsterrow["maxgold"]/6)*5),$monsterrow["maxgold"]); if ($gold < 1) { $gold = 1; } - if ($userrow["difficulty"] == 2) { $gold = ceil($gold * $controlrow["diff2mod"]); } - if ($userrow["difficulty"] == 3) { $gold = ceil($gold * $controlrow["diff3mod"]); } if ($userrow["goldbonus"] != 0) { $gold += ceil(($userrow["goldbonus"]/100)*$exp); } if ($userrow["experience"] + $exp < 16777215) { $newexp = $userrow["experience"] + $exp; $warnexp = ""; } else { $newexp = $userrow["experience"]; $exp = 0; $warnexp = "You have maxed out your experience points."; } if ($userrow["gold"] + $gold < 16777215) { $newgold = $userrow["gold"] + $gold; $warngold = ""; } else { $newgold = $userrow["gold"]; $gold = 0; $warngold = "You have maxed out your experience points."; } - + $levelquery = doquery("SELECT * FROM {{table}} WHERE id='".($userrow["level"]+1)."' LIMIT 1", "levels"); if (mysql_num_rows($levelquery) == 1) { $levelrow = mysql_fetch_array($levelquery); } - + if ($userrow["level"] < 100) { if ($newexp >= $levelrow[$userrow["charclass"]."_exp"]) { $newhp = $userrow["maxhp"] + $levelrow[$userrow["charclass"]."_hp"]; @@ -387,13 +373,13 @@ function victory() { $newattack = $userrow["attackpower"] + $levelrow[$userrow["charclass"]."_strength"]; $newdefense = $userrow["defensepower"] + $levelrow[$userrow["charclass"]."_dexterity"]; $newlevel = $levelrow["id"]; - + if ($levelrow[$userrow["charclass"]."_spells"] != 0) { $userspells = $userrow["spells"] . ",".$levelrow[$userrow["charclass"]."_spells"]; $newspell = "spells='$userspells',"; $spelltext = "You have learned a new spell.
    "; } else { $spelltext = ""; $newspell=""; } - + $page = "Congratulations. You have defeated the ".$monsterrow["name"].".
    You gain $exp experience. $warnexp
    You gain $gold gold. $warngold

    You have gained a level!

    You gain ".$levelrow[$userrow["charclass"]."_hp"]." hit points.
    You gain ".$levelrow[$userrow["charclass"]."_mp"]." magic points.
    You gain ".$levelrow[$userrow["charclass"]."_tp"]." travel points.
    You gain ".$levelrow[$userrow["charclass"]."_strength"]." strength.
    You gain ".$levelrow[$userrow["charclass"]."_dexterity"]." dexterity.
    $spelltext
    You can now continue exploring."; $title = "Courage and Wit have served thee well!"; $dropcode = ""; @@ -408,13 +394,13 @@ function victory() { $newlevel = $userrow["level"]; $newspell = ""; $page = "Congratulations. You have defeated the ".$monsterrow["name"].".
    You gain $exp experience. $warnexp
    You gain $gold gold. $warngold

    "; - + if (rand(1,30) == 1) { $dropquery = doquery("SELECT * FROM {{table}} WHERE mlevel <= '".$monsterrow["level"]."' ORDER BY RAND() LIMIT 1", "drops"); $droprow = mysql_fetch_array($dropquery); $dropcode = "dropcode='".$droprow["id"]."',"; $page .= "This monster has dropped an item. Click here to reveal and equip the item, or you may also move on and continue exploring."; - } else { + } else { $dropcode = ""; $page .= "You can now continue exploring."; } @@ -424,79 +410,79 @@ function victory() { } $updatequery = doquery("UPDATE {{table}} SET currentaction='Exploring',level='$newlevel',maxhp='$newhp',maxmp='$newmp',maxtp='$newtp',strength='$newstrength',dexterity='$newdexterity',attackpower='$newattack',defensepower='$newdefense', $newspell currentfight='0',currentmonster='0',currentmonsterhp='0',currentmonstersleep='0',currentmonsterimmune='0',currentuberdamage='0',currentuberdefense='0',$dropcode experience='$newexp',gold='$newgold' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); - + display($page, $title); - + } function drop() { - + global $userrow; - + if ($userrow["dropcode"] == 0) { header("Location: index.php"); die(); } - + $dropquery = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["dropcode"]."' LIMIT 1", "drops"); $droprow = mysql_fetch_array($dropquery); - + if (isset($_POST["submit"])) { - + $slot = $_POST["slot"]; - + if ($slot == 0) { display("Please go back and select an inventory slot to continue.","Error"); } - + if ($userrow["slot".$slot."id"] != 0) { - + $slotquery = doquery("SELECT * FROM {{table}} WHERE id='".$userrow["slot".$slot."id"]."' LIMIT 1", "drops"); $slotrow = mysql_fetch_array($slotquery); - + $old1 = explode(",",$slotrow["attribute1"]); if ($slotrow["attribute2"] != "X") { $old2 = explode(",",$slotrow["attribute2"]); } else { $old2 = array(0=>"maxhp",1=>0); } $new1 = explode(",",$droprow["attribute1"]); if ($droprow["attribute2"] != "X") { $new2 = explode(",",$droprow["attribute2"]); } else { $new2 = array(0=>"maxhp",1=>0); } - + $userrow[$old1[0]] -= $old1[1]; $userrow[$old2[0]] -= $old2[1]; if ($old1[0] == "strength") { $userrow["attackpower"] -= $old1[1]; } if ($old1[0] == "dexterity") { $userrow["defensepower"] -= $old1[1]; } if ($old2[0] == "strength") { $userrow["attackpower"] -= $old2[1]; } if ($old2[0] == "dexterity") { $userrow["defensepower"] -= $old2[1]; } - + $userrow[$new1[0]] += $new1[1]; $userrow[$new2[0]] += $new2[1]; if ($new1[0] == "strength") { $userrow["attackpower"] += $new1[1]; } if ($new1[0] == "dexterity") { $userrow["defensepower"] += $new1[1]; } if ($new2[0] == "strength") { $userrow["attackpower"] += $new2[1]; } if ($new2[0] == "dexterity") { $userrow["defensepower"] += $new2[1]; } - + if ($userrow["currenthp"] > $userrow["maxhp"]) { $userrow["currenthp"] = $userrow["maxhp"]; } if ($userrow["currentmp"] > $userrow["maxmp"]) { $userrow["currentmp"] = $userrow["maxmp"]; } if ($userrow["currenttp"] > $userrow["maxtp"]) { $userrow["currenttp"] = $userrow["maxtp"]; } - + $newname = addslashes($droprow["name"]); $query = doquery("UPDATE {{table}} SET slot".$_POST["slot"]."name='$newname',slot".$_POST["slot"]."id='".$droprow["id"]."',$old1[0]='".$userrow[$old1[0]]."',$old2[0]='".$userrow[$old2[0]]."',$new1[0]='".$userrow[$new1[0]]."',$new2[0]='".$userrow[$new2[0]]."',attackpower='".$userrow["attackpower"]."',defensepower='".$userrow["defensepower"]."',currenthp='".$userrow["currenthp"]."',currentmp='".$userrow["currentmp"]."',currenttp='".$userrow["currenttp"]."',dropcode='0' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); - + } else { - + $new1 = explode(",",$droprow["attribute1"]); if ($droprow["attribute2"] != "X") { $new2 = explode(",",$droprow["attribute2"]); } else { $new2 = array(0=>"maxhp",1=>0); } - + $userrow[$new1[0]] += $new1[1]; $userrow[$new2[0]] += $new2[1]; if ($new1[0] == "strength") { $userrow["attackpower"] += $new1[1]; } if ($new1[0] == "dexterity") { $userrow["defensepower"] += $new1[1]; } if ($new2[0] == "strength") { $userrow["attackpower"] += $new2[1]; } if ($new2[0] == "dexterity") { $userrow["defensepower"] += $new2[1]; } - + $newname = addslashes($droprow["name"]); $query = doquery("UPDATE {{table}} SET slot".$_POST["slot"]."name='$newname',slot".$_POST["slot"]."id='".$droprow["id"]."',$new1[0]='".$userrow[$new1[0]]."',$new2[0]='".$userrow[$new2[0]]."',attackpower='".$userrow["attackpower"]."',defensepower='".$userrow["defensepower"]."',dropcode='0' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); - + } $page = "The item has been equipped. You can now continue exploring."; display($page, "Item Drop"); - + } - + $attributearray = array("maxhp"=>"Max HP", "maxmp"=>"Max MP", "maxtp"=>"Max TP", @@ -506,35 +492,35 @@ function drop() { "dexterity"=>"Dexterity", "expbonus"=>"Experience Bonus", "goldbonus"=>"Gold Bonus"); - + $page = "The monster dropped the following item: ".$droprow["name"]."

    "; $page .= "This item has the following attribute(s):
    "; - + $attribute1 = explode(",",$droprow["attribute1"]); $page .= $attributearray[$attribute1[0]]; if ($attribute1[1] > 0) { $page .= " +" . $attribute1[1] . "
    "; } else { $page .= $attribute1[1] . "
    "; } - - if ($droprow["attribute2"] != "X") { + + if ($droprow["attribute2"] != "X") { $attribute2 = explode(",",$droprow["attribute2"]); $page .= $attributearray[$attribute2[0]]; if ($attribute2[1] > 0) { $page .= " +" . $attribute2[1] . "
    "; } else { $page .= $attribute2[1] . "
    "; } } - + $page .= "
    Select an inventory slot from the list below to equip this item. If the inventory slot is already full, the old item will be discarded."; $page .= "
    "; $page .= "You may also choose to just continue exploring and give up this item."; - + display($page, "Item Drop"); - + } - + function dead() { - + $page = "You have died.

    As a consequence, you've lost half of your gold. However, you have been given back a portion of your hit points to continue your journey.

    You may now continue back to town, and we hope you fair better next time."; - + } -?> \ No newline at end of file +?> diff --git a/src/lib.php b/src/lib.php index 88af80b..7cacfe7 100644 --- a/src/lib.php +++ b/src/lib.php @@ -14,6 +14,15 @@ function db(): Database return $GLOBALS['database'] ??= new Database(__DIR__ . '/../database.db'); } +/** + * Redirect to a different URL, exit. + */ +function redirect(string $location): void +{ + header("Location: $location"); + exit; +} + function gettemplate($templatename) { // SQL query for the template. $filename = __DIR__ . "/../templates/" . $templatename . ".php"; @@ -164,7 +173,7 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true, $spellquery = db()->query('SELECT id, name, type FROM spells;'); $userspells = explode(",",$userrow["spells"]); $userrow["magiclist"] = ""; - foreach ($spellquery->fetchArray(SQLITE3_ASSOC) as $spellrow) { + while ($spellrow = $spellquery->fetchArray(SQLITE3_ASSOC)) { $spell = false; foreach($userspells as $a => $b) { if ($b == $spellrow["id"] && $spellrow["type"] == 1) { $spell = true; } @@ -179,7 +188,7 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true, $townslist = explode(",",$userrow["towns"]); $townquery2 = db()->query('SELECT * FROM towns ORDER BY id;'); $userrow["townslist"] = ""; - foreach ($townquery2->fetchArray(SQLITE3_ASSOC) as $townrow2) { + while ($townrow2 = $townquery2->fetchArray(SQLITE3_ASSOC)) { $town = false; foreach($townslist as $a => $b) { if ($b == $townrow2["id"]) { $town = true; } @@ -217,14 +226,14 @@ function checkcookies() // COOKIE FORMAT: // {ID} {USERNAME} {PASSWORDHASH} {REMEMBERME} $theuser = explode(" ",$_COOKIE["dkgame"]); - $query = db()->query('SELECT * FROM users WHERE id = ?, username = ?, password = ? LIMIT 1;', [$theuser[0], $theuser[1], $theuser[2]]); + $query = db()->query('SELECT * FROM users WHERE id = ? AND username = ? AND password = ? LIMIT 1;', [$theuser[0], $theuser[1], $theuser[2]]); if ($query === false) { set_cookie('dkgame', '', -3600); die("Invalid cookie data. Please log in again."); } $row = $query->fetchArray(SQLITE3_ASSOC); set_cookie('dkgame', implode(" ", $theuser), (int) $theuser[3] === 1 ? time() + 31536000 : 0); - db()->exec('UPDATE users SET onlinetime = CURRENT_TIMESTAMP WHERE id = ? LIMIT 1;', [$theuser[0]]); + db()->exec('UPDATE users SET onlinetime = CURRENT_TIMESTAMP WHERE id = ?;', [$theuser[0]]); } return $row; @@ -254,3 +263,13 @@ function get_control_row(): array|false if ($query === false) return false; return $query->fetchArray(SQLITE3_ASSOC); } + +/** + * Get a town's data by it's coordinates. + */ +function get_town_by_xy(int $x, int $y): array|false +{ + $query = db()->query('SELECT * FROM towns WHERE longitude = ? AND latitude = ? LIMIT 1;', [$x, $y]); + if ($query === false) return false; + return $query->fetchArray(SQLITE3_ASSOC); +} diff --git a/src/towns.php b/src/towns.php index fea5ab3..b49f64a 100644 --- a/src/towns.php +++ b/src/towns.php @@ -1,39 +1,41 @@ -
    Get a life, loser.", "Error"); } - $townrow = mysql_fetch_array($townquery); + $townrow = get_town_by_xy($userrow["longitude"], $userrow["latitude"]); + if ($townrow === false) { display("Cheat attempt detected.

    Get a life, loser.", "Error"); } - if ($userrow["gold"] < $townrow["innprice"]) { display("You do not have enough gold to stay at this Inn tonight.

    You may return to town, or use the direction buttons on the left to start exploring.", "Inn"); die(); } + if ($userrow["gold"] < $townrow["innprice"]) { + display("You do not have enough gold to stay at this Inn tonight.

    You may return to town, or use the direction buttons on the left to start exploring.", "Inn"); + } if (isset($_POST["submit"])) { - $newgold = $userrow["gold"] - $townrow["innprice"]; - $query = doquery("UPDATE {{table}} SET gold='$newgold',currenthp='".$userrow["maxhp"]."',currentmp='".$userrow["maxmp"]."',currenttp='".$userrow["maxtp"]."' WHERE id='".$userrow["id"]."' LIMIT 1", "users"); + db()->query( + 'UPDATE users SET gold=?, currenthp=?, currentmp=?, currenttp=? WHERE id=?', + [$newgold, $userrow['maxhp'], $userrow['maxmp'], $userrow['maxtp'], $userrow['id'] + ]); $title = "Inn"; $page = "You wake up feeling refreshed and ready for action.

    You may return to town, or use the direction buttons on the left to start exploring."; - } elseif (isset($_POST["cancel"])) { - - header("Location: index.php"); die(); - + redirect('index.php'); } else { - $title = "Inn"; $page = "Resting at the inn will refill your current HP, MP, and TP to their maximum levels.

    \n"; $page .= "A night's sleep at this Inn will cost you " . $townrow["innprice"] . " gold. Is that ok?

    \n"; $page .= "
    \n"; $page .= " \n"; $page .= "
    \n"; - } display($page, $title); - } function buy() { // Displays a list of available items for purchase. diff --git a/templates/onlinechar.php b/templates/onlinechar.php index e9763ca..023ff23 100644 --- a/templates/onlinechar.php +++ b/templates/onlinechar.php @@ -1,41 +1,39 @@ {{charname}}.

    -When you're finished, you may return to town.

    - - - +
    Character
    -{{charname}}

    +$template = <<{{username}}.

    + When you're finished, you may return to town.

    + + + -
    Character
    + {{username}}

    -Difficulty: {{difficulty}}
    -Class: {{charclass}}

    + Class: {{charclass}}

    -Level: {{level}}
    -Experience: {{experience}}
    -Gold: {{gold}}
    -Hit Points: {{currenthp}} / {{maxhp}}
    -Magic Points: {{currentmp}} / {{maxmp}}
    -Travel Points: {{currenttp}} / {{maxtp}}

    + Level: {{level}}
    + Experience: {{experience}}
    + Gold: {{gold}}
    + Hit Points: {{currenthp}} / {{maxhp}}
    + Magic Points: {{currentmp}} / {{maxmp}}
    + Travel Points: {{currenttp}} / {{maxtp}}

    -Strength: {{strength}}
    -Dexterity: {{dexterity}}
    -Attack Power: {{attackpower}}
    -Defense Power: {{defensepower}}
    -

    + Strength: {{strength}}
    + Dexterity: {{dexterity}}
    + Attack Power: {{attackpower}}
    + Defense Power: {{defensepower}}
    +

    - - - -
    Inventory
    - - - - -
    WeaponWeapon: {{weaponname}}
    ArmorArmor: {{armorname}}
    ShieldShield: {{shieldname}}
    -Slot 1: {{slot1name}}
    -Slot 2: {{slot2name}}
    -Slot 3: {{slot3name}} -

    -THEVERYENDOFYOU; -?> \ No newline at end of file + + + +
    Inventory
    + + + + +
    WeaponWeapon: {{weaponname}}
    ArmorArmor: {{armorname}}
    ShieldShield: {{shieldname}}
    + Slot 1: {{slot1name}}
    + Slot 2: {{slot2name}}
    + Slot 3: {{slot3name}} +

    +HTML; diff --git a/templates/register.php b/templates/register.php index 0fd2f5b..039e4fc 100644 --- a/templates/register.php +++ b/templates/register.php @@ -7,12 +7,10 @@ $template = <<Verify Password:
    Passwords must be 10 alphanumeric characters or less.


    Email Address: Verify Email:{{verifytext}}


    -Character Name: Character Class: -Difficulty: -See Help for more information about character classes and difficulty levels.

    +See Help for more information about character classes.

    THEVERYENDOFYOU; -?> \ No newline at end of file +?> diff --git a/templates/rightnav.php b/templates/rightnav.php index f6f422b..17d8e24 100644 --- a/templates/rightnav.php +++ b/templates/rightnav.php @@ -3,7 +3,7 @@ $template = << Character -{{charname}}
    +{{username}}
    Level: {{level}}
    Exp: {{experience}}
    Gold: {{gold}}
    @@ -36,4 +36,4 @@ Slot 3: {{slot3name}}
    THEVERYENDOFYOU; -?> \ No newline at end of file +?> diff --git a/templates/showchar.php b/templates/showchar.php index 8eb4418..d80ae89 100644 --- a/templates/showchar.php +++ b/templates/showchar.php @@ -3,9 +3,8 @@ $template = << Character -{{charname}}

    +{{username}}

    -Difficulty: {{difficulty}}
    Class: {{charclass}}

    Level: {{level}}
    @@ -44,4 +43,4 @@ Slot 3: {{slot3name}}
    THEVERYENDOFYOU; -?> \ No newline at end of file +?>