Compare commits

..

No commits in common. "aa4d338c9631dd3d161729d09caf10fe2855fe3d" and "03e13655ce8193b4d7348c22ddad1dfb0d7acecd" have entirely different histories.

16 changed files with 86 additions and 182 deletions

View File

@ -1,7 +1,4 @@
# Dragon Knight # Dragon Knight
- See also: [Dragon Scourge](https://github.com/renderse7en/dragon-scourge)
- [Live Demo](http://dragon.se7enet.com/)
Many years ago, when I was young and dumb, I wrote a simple little game based on the game *Dragon Warrior* for the NES. It was fun, it helped me learn how to code, and a lot of people liked it. Many years ago, when I was young and dumb, I wrote a simple little game based on the game *Dragon Warrior* for the NES. It was fun, it helped me learn how to code, and a lot of people liked it.
I am now turning it over to the open source community. Fork it, do what you want, make it your own. I am now turning it over to the open source community. Fork it, do what you want, make it your own.
Couple things to keep in mind though: Couple things to keep in mind though:
@ -26,26 +23,3 @@ Couple things to keep in mind though:
5. In your browser, run `install.php` and follow the instructions. 5. In your browser, run `install.php` and follow the instructions.
6. After completing installation, delete `install.php` from your Dragon Knight directory for security. 6. After completing installation, delete `install.php` from your Dragon Knight directory for security.
7. Enjoy the game. 7. Enjoy the game.
# License
MIT License
Copyright (c) 2017 renderse7en
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View File

@ -1,7 +1,7 @@
<?php // admin.php :: primary administration script. <?php // admin.php :: primary administration script.
include('lib.php'); include('../lib.php');
include('cookies.php'); include('../cookies.php');
$link = opendb(); $link = opendb();
$userrow = checkcookies(); $userrow = checkcookies();
if ($userrow == false) { die("Please log in to the <a href=\"../login.php?do=login\">game</a> before using the control panel."); } if ($userrow == false) { die("Please log in to the <a href=\"../login.php?do=login\">game</a> before using the control panel."); }
@ -526,57 +526,57 @@ function editlevel() {
extract($_POST); extract($_POST);
$errors = 0; $errors = 0;
$errorlist = ""; $errorlist = "";
if ($_POST["one_exp"] == "") { $errors++; $errorlist .= "Class 1 Experience is required.<br />"; } if ($_POST["1_exp"] == "") { $errors++; $errorlist .= "Class 1 Experience is required.<br />"; }
if ($_POST["one_hp"] == "") { $errors++; $errorlist .= "Class 1 HP is required.<br />"; } if ($_POST["1_hp"] == "") { $errors++; $errorlist .= "Class 1 HP is required.<br />"; }
if ($_POST["one_mp"] == "") { $errors++; $errorlist .= "Class 1 MP is required.<br />"; } if ($_POST["1_mp"] == "") { $errors++; $errorlist .= "Class 1 MP is required.<br />"; }
if ($_POST["one_tp"] == "") { $errors++; $errorlist .= "Class 1 TP is required.<br />"; } if ($_POST["1_tp"] == "") { $errors++; $errorlist .= "Class 1 TP is required.<br />"; }
if ($_POST["one_strength"] == "") { $errors++; $errorlist .= "Class 1 Strength is required.<br />"; } if ($_POST["1_strength"] == "") { $errors++; $errorlist .= "Class 1 Strength is required.<br />"; }
if ($_POST["one_dexterity"] == "") { $errors++; $errorlist .= "Class 1 Dexterity is required.<br />"; } if ($_POST["1_dexterity"] == "") { $errors++; $errorlist .= "Class 1 Dexterity is required.<br />"; }
if ($_POST["one_spells"] == "") { $errors++; $errorlist .= "Class 1 Spells is required.<br />"; } if ($_POST["1_spells"] == "") { $errors++; $errorlist .= "Class 1 Spells is required.<br />"; }
if (!is_numeric($_POST["one_exp"])) { $errors++; $errorlist .= "Class 1 Experience must be a number.<br />"; } if (!is_numeric($_POST["1_exp"])) { $errors++; $errorlist .= "Class 1 Experience must be a number.<br />"; }
if (!is_numeric($_POST["one_hp"])) { $errors++; $errorlist .= "Class 1 HP must be a number.<br />"; } if (!is_numeric($_POST["1_hp"])) { $errors++; $errorlist .= "Class 1 HP must be a number.<br />"; }
if (!is_numeric($_POST["one_mp"])) { $errors++; $errorlist .= "Class 1 MP must be a number.<br />"; } if (!is_numeric($_POST["1_mp"])) { $errors++; $errorlist .= "Class 1 MP must be a number.<br />"; }
if (!is_numeric($_POST["one_tp"])) { $errors++; $errorlist .= "Class 1 TP must be a number.<br />"; } if (!is_numeric($_POST["1_tp"])) { $errors++; $errorlist .= "Class 1 TP must be a number.<br />"; }
if (!is_numeric($_POST["one_strength"])) { $errors++; $errorlist .= "Class 1 Strength must be a number.<br />"; } if (!is_numeric($_POST["1_strength"])) { $errors++; $errorlist .= "Class 1 Strength must be a number.<br />"; }
if (!is_numeric($_POST["one_dexterity"])) { $errors++; $errorlist .= "Class 1 Dexterity must be a number.<br />"; } if (!is_numeric($_POST["1_dexterity"])) { $errors++; $errorlist .= "Class 1 Dexterity must be a number.<br />"; }
if (!is_numeric($_POST["one_spells"])) { $errors++; $errorlist .= "Class 1 Spells must be a number.<br />"; } if (!is_numeric($_POST["1_spells"])) { $errors++; $errorlist .= "Class 1 Spells must be a number.<br />"; }
if ($_POST["two_exp"] == "") { $errors++; $errorlist .= "Class 2 Experience is required.<br />"; } if ($_POST["2_exp"] == "") { $errors++; $errorlist .= "Class 2 Experience is required.<br />"; }
if ($_POST["two_hp"] == "") { $errors++; $errorlist .= "Class 2 HP is required.<br />"; } if ($_POST["2_hp"] == "") { $errors++; $errorlist .= "Class 2 HP is required.<br />"; }
if ($_POST["two_mp"] == "") { $errors++; $errorlist .= "Class 2 MP is required.<br />"; } if ($_POST["2_mp"] == "") { $errors++; $errorlist .= "Class 2 MP is required.<br />"; }
if ($_POST["two_tp"] == "") { $errors++; $errorlist .= "Class 2 TP is required.<br />"; } if ($_POST["2_tp"] == "") { $errors++; $errorlist .= "Class 2 TP is required.<br />"; }
if ($_POST["two_strength"] == "") { $errors++; $errorlist .= "Class 2 Strength is required.<br />"; } if ($_POST["2_strength"] == "") { $errors++; $errorlist .= "Class 2 Strength is required.<br />"; }
if ($_POST["two_dexterity"] == "") { $errors++; $errorlist .= "Class 2 Dexterity is required.<br />"; } if ($_POST["2_dexterity"] == "") { $errors++; $errorlist .= "Class 2 Dexterity is required.<br />"; }
if ($_POST["two_spells"] == "") { $errors++; $errorlist .= "Class 2 Spells is required.<br />"; } if ($_POST["2_spells"] == "") { $errors++; $errorlist .= "Class 2 Spells is required.<br />"; }
if (!is_numeric($_POST["two_exp"])) { $errors++; $errorlist .= "Class 2 Experience must be a number.<br />"; } if (!is_numeric($_POST["2_exp"])) { $errors++; $errorlist .= "Class 2 Experience must be a number.<br />"; }
if (!is_numeric($_POST["two_hp"])) { $errors++; $errorlist .= "Class 2 HP must be a number.<br />"; } if (!is_numeric($_POST["2_hp"])) { $errors++; $errorlist .= "Class 2 HP must be a number.<br />"; }
if (!is_numeric($_POST["two_mp"])) { $errors++; $errorlist .= "Class 2 MP must be a number.<br />"; } if (!is_numeric($_POST["2_mp"])) { $errors++; $errorlist .= "Class 2 MP must be a number.<br />"; }
if (!is_numeric($_POST["two_tp"])) { $errors++; $errorlist .= "Class 2 TP must be a number.<br />"; } if (!is_numeric($_POST["2_tp"])) { $errors++; $errorlist .= "Class 2 TP must be a number.<br />"; }
if (!is_numeric($_POST["two_strength"])) { $errors++; $errorlist .= "Class 2 Strength must be a number.<br />"; } if (!is_numeric($_POST["2_strength"])) { $errors++; $errorlist .= "Class 2 Strength must be a number.<br />"; }
if (!is_numeric($_POST["two_dexterity"])) { $errors++; $errorlist .= "Class 2 Dexterity must be a number.<br />"; } if (!is_numeric($_POST["2_dexterity"])) { $errors++; $errorlist .= "Class 2 Dexterity must be a number.<br />"; }
if (!is_numeric($_POST["two_spells"])) { $errors++; $errorlist .= "Class 2 Spells must be a number.<br />"; } if (!is_numeric($_POST["2_spells"])) { $errors++; $errorlist .= "Class 2 Spells must be a number.<br />"; }
if ($_POST["three_exp"] == "") { $errors++; $errorlist .= "Class 3 Experience is required.<br />"; } if ($_POST["3_exp"] == "") { $errors++; $errorlist .= "Class 3 Experience is required.<br />"; }
if ($_POST["three_hp"] == "") { $errors++; $errorlist .= "Class 3 HP is required.<br />"; } if ($_POST["3_hp"] == "") { $errors++; $errorlist .= "Class 3 HP is required.<br />"; }
if ($_POST["three_mp"] == "") { $errors++; $errorlist .= "Class 3 MP is required.<br />"; } if ($_POST["3_mp"] == "") { $errors++; $errorlist .= "Class 3 MP is required.<br />"; }
if ($_POST["three_tp"] == "") { $errors++; $errorlist .= "Class 3 TP is required.<br />"; } if ($_POST["3_tp"] == "") { $errors++; $errorlist .= "Class 3 TP is required.<br />"; }
if ($_POST["three_strength"] == "") { $errors++; $errorlist .= "Class 3 Strength is required.<br />"; } if ($_POST["3_strength"] == "") { $errors++; $errorlist .= "Class 3 Strength is required.<br />"; }
if ($_POST["three_dexterity"] == "") { $errors++; $errorlist .= "Class 3 Dexterity is required.<br />"; } if ($_POST["3_dexterity"] == "") { $errors++; $errorlist .= "Class 3 Dexterity is required.<br />"; }
if ($_POST["three_spells"] == "") { $errors++; $errorlist .= "Class 3 Spells is required.<br />"; } if ($_POST["3_spells"] == "") { $errors++; $errorlist .= "Class 3 Spells is required.<br />"; }
if (!is_numeric($_POST["three_exp"])) { $errors++; $errorlist .= "Class 3 Experience must be a number.<br />"; } if (!is_numeric($_POST["3_exp"])) { $errors++; $errorlist .= "Class 3 Experience must be a number.<br />"; }
if (!is_numeric($_POST["three_hp"])) { $errors++; $errorlist .= "Class 3 HP must be a number.<br />"; } if (!is_numeric($_POST["3_hp"])) { $errors++; $errorlist .= "Class 3 HP must be a number.<br />"; }
if (!is_numeric($_POST["three_mp"])) { $errors++; $errorlist .= "Class 3 MP must be a number.<br />"; } if (!is_numeric($_POST["3_mp"])) { $errors++; $errorlist .= "Class 3 MP must be a number.<br />"; }
if (!is_numeric($_POST["three_tp"])) { $errors++; $errorlist .= "Class 3 TP must be a number.<br />"; } if (!is_numeric($_POST["3_tp"])) { $errors++; $errorlist .= "Class 3 TP must be a number.<br />"; }
if (!is_numeric($_POST["three_strength"])) { $errors++; $errorlist .= "Class 3 Strength must be a number.<br />"; } if (!is_numeric($_POST["3_strength"])) { $errors++; $errorlist .= "Class 3 Strength must be a number.<br />"; }
if (!is_numeric($_POST["three_dexterity"])) { $errors++; $errorlist .= "Class 3 Dexterity must be a number.<br />"; } if (!is_numeric($_POST["3_dexterity"])) { $errors++; $errorlist .= "Class 3 Dexterity must be a number.<br />"; }
if (!is_numeric($_POST["three_spells"])) { $errors++; $errorlist .= "Class 3 Spells must be a number.<br />"; } if (!is_numeric($_POST["3_spells"])) { $errors++; $errorlist .= "Class 3 Spells must be a number.<br />"; }
if ($errors == 0) { if ($errors == 0) {
$updatequery = <<<END $updatequery = <<<END
UPDATE {{table}} SET UPDATE {{table}} SET
1_exp='$one_exp', 1_hp='$one_hp', 1_mp='$one_mp', 1_tp='$one_tp', 1_strength='$one_strength', 1_dexterity='$one_dexterity', 1_spells='$one_spells', 1_exp='$1_exp', 1_hp='$1_hp', 1_mp='$1_mp', 1_tp='$1_tp', 1_strength='$1_strength', 1_dexterity='$1_dexterity', 1_spells='$1_spells',
2_exp='$two_exp', 2_hp='$two_hp', 2_mp='$two_mp', 2_tp='$two_tp', 2_strength='$two_strength', 2_dexterity='$two_dexterity', 2_spells='$two_spells', 2_exp='$2_exp', 2_hp='$2_hp', 2_mp='$2_mp', 2_tp='$2_tp', 2_strength='$2_strength', 2_dexterity='$2_dexterity', 2_spells='$2_spells',
3_exp='$three_exp', 3_hp='$three_hp', 3_mp='$three_mp', 3_tp='$three_tp', 3_strength='$three_strength', 3_dexterity='$three_dexterity', 3_spells='$three_spells' 3_exp='$3_exp', 3_hp='$3_hp', 3_mp='$3_mp', 3_tp='$3_tp', 3_strength='$3_strength', 3_dexterity='$3_dexterity', 3_spells='$3_spells'
WHERE id='$id' LIMIT 1 WHERE id='$id' LIMIT 1
END; END;
$query = doquery($updatequery, "levels"); $query = doquery($updatequery, "levels");
@ -605,33 +605,33 @@ Experience values for each level should be the cumulative total amount of experi
<tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr> <tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr>
<tr><td width="20%">$class1name Experience:</td><td><input type="text" name="one_exp" size="10" maxlength="8" value="{{1_exp}}" /></td></tr> <tr><td width="20%">$class1name Experience:</td><td><input type="text" name="1_exp" size="10" maxlength="8" value="{{1_exp}}" /></td></tr>
<tr><td width="20%">$class1name HP:</td><td><input type="text" name="one_hp" size="5" maxlength="5" value="{{1_hp}}" /></td></tr> <tr><td width="20%">$class1name HP:</td><td><input type="text" name="1_hp" size="5" maxlength="5" value="{{1_hp}}" /></td></tr>
<tr><td width="20%">$class1name MP:</td><td><input type="text" name="one_mp" size="5" maxlength="5" value="{{1_mp}}" /></td></tr> <tr><td width="20%">$class1name MP:</td><td><input type="text" name="1_mp" size="5" maxlength="5" value="{{1_mp}}" /></td></tr>
<tr><td width="20%">$class1name TP:</td><td><input type="text" name="one_tp" size="5" maxlength="5" value="{{1_tp}}" /></td></tr> <tr><td width="20%">$class1name TP:</td><td><input type="text" name="1_tp" size="5" maxlength="5" value="{{1_tp}}" /></td></tr>
<tr><td width="20%">$class1name Strength:</td><td><input type="text" name="one_strength" size="5" maxlength="5" value="{{1_strength}}" /></td></tr> <tr><td width="20%">$class1name Strength:</td><td><input type="text" name="1_strength" size="5" maxlength="5" value="{{1_strength}}" /></td></tr>
<tr><td width="20%">$class1name Dexterity:</td><td><input type="text" name="one_dexterity" size="5" maxlength="5" value="{{1_dexterity}}" /></td></tr> <tr><td width="20%">$class1name Dexterity:</td><td><input type="text" name="1_dexterity" size="5" maxlength="5" value="{{1_dexterity}}" /></td></tr>
<tr><td width="20%">$class1name Spells:</td><td><input type="text" name="one_spells" size="5" maxlength="3" value="{{1_spells}}" /></td></tr> <tr><td width="20%">$class1name Spells:</td><td><input type="text" name="1_spells" size="5" maxlength="3" value="{{1_spells}}" /></td></tr>
<tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr> <tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr>
<tr><td width="20%">$class2name Experience:</td><td><input type="text" name="two_exp" size="10" maxlength="8" value="{{2_exp}}" /></td></tr> <tr><td width="20%">$class2name Experience:</td><td><input type="text" name="2_exp" size="10" maxlength="8" value="{{2_exp}}" /></td></tr>
<tr><td width="20%">$class2name HP:</td><td><input type="text" name="two_hp" size="5" maxlength="5" value="{{2_hp}}" /></td></tr> <tr><td width="20%">$class2name HP:</td><td><input type="text" name="2_hp" size="5" maxlength="5" value="{{2_hp}}" /></td></tr>
<tr><td width="20%">$class2name MP:</td><td><input type="text" name="two_mp" size="5" maxlength="5" value="{{2_mp}}" /></td></tr> <tr><td width="20%">$class2name MP:</td><td><input type="text" name="2_mp" size="5" maxlength="5" value="{{2_mp}}" /></td></tr>
<tr><td width="20%">$class2name TP:</td><td><input type="text" name="two_tp" size="5" maxlength="5" value="{{2_tp}}" /></td></tr> <tr><td width="20%">$class2name TP:</td><td><input type="text" name="2_tp" size="5" maxlength="5" value="{{2_tp}}" /></td></tr>
<tr><td width="20%">$class2name Strength:</td><td><input type="text" name="two_strength" size="5" maxlength="5" value="{{2_strength}}" /></td></tr> <tr><td width="20%">$class2name Strength:</td><td><input type="text" name="2_strength" size="5" maxlength="5" value="{{2_strength}}" /></td></tr>
<tr><td width="20%">$class2name Dexterity:</td><td><input type="text" name="two_dexterity" size="5" maxlength="5" value="{{2_dexterity}}" /></td></tr> <tr><td width="20%">$class2name Dexterity:</td><td><input type="text" name="2_dexterity" size="5" maxlength="5" value="{{2_dexterity}}" /></td></tr>
<tr><td width="20%">$class2name Spells:</td><td><input type="text" name="two_spells" size="5" maxlength="3" value="{{2_spells}}" /></td></tr> <tr><td width="20%">$class2name Spells:</td><td><input type="text" name="2_spells" size="5" maxlength="3" value="{{2_spells}}" /></td></tr>
<tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr> <tr><td colspan="2" style="background-color:#cccccc;">&nbsp;</td></tr>
<tr><td width="20%">$class3name Experience:</td><td><input type="text" name="three_exp" size="10" maxlength="8" value="{{3_exp}}" /></td></tr> <tr><td width="20%">$class3name Experience:</td><td><input type="text" name="3_exp" size="10" maxlength="8" value="{{3_exp}}" /></td></tr>
<tr><td width="20%">$class3name HP:</td><td><input type="text" name="three_hp" size="5" maxlength="5" value="{{3_hp}}" /></td></tr> <tr><td width="20%">$class3name HP:</td><td><input type="text" name="3_hp" size="5" maxlength="5" value="{{3_hp}}" /></td></tr>
<tr><td width="20%">$class3name MP:</td><td><input type="text" name="three_mp" size="5" maxlength="5" value="{{3_mp}}" /></td></tr> <tr><td width="20%">$class3name MP:</td><td><input type="text" name="3_mp" size="5" maxlength="5" value="{{3_mp}}" /></td></tr>
<tr><td width="20%">$class3name TP:</td><td><input type="text" name="three_tp" size="5" maxlength="5" value="{{3_tp}}" /></td></tr> <tr><td width="20%">$class3name TP:</td><td><input type="text" name="3_tp" size="5" maxlength="5" value="{{3_tp}}" /></td></tr>
<tr><td width="20%">$class3name Strength:</td><td><input type="text" name="three_strength" size="5" maxlength="5" value="{{3_strength}}" /></td></tr> <tr><td width="20%">$class3name Strength:</td><td><input type="text" name="3_strength" size="5" maxlength="5" value="{{3_strength}}" /></td></tr>
<tr><td width="20%">$class3name Dexterity:</td><td><input type="text" name="three_dexterity" size="5" maxlength="5" value="{{3_dexterity}}" /></td></tr> <tr><td width="20%">$class3name Dexterity:</td><td><input type="text" name="3_dexterity" size="5" maxlength="5" value="{{3_dexterity}}" /></td></tr>
<tr><td width="20%">$class3name Spells:</td><td><input type="text" name="three_spells" size="5" maxlength="3" value="{{3_spells}}" /></td></tr> <tr><td width="20%">$class3name Spells:</td><td><input type="text" name="3_spells" size="5" maxlength="3" value="{{3_spells}}" /></td></tr>
</table> </table>
<input type="submit" name="submit" value="Submit" /> <input type="reset" name="reset" value="Reset" /> <input type="submit" name="submit" value="Submit" /> <input type="reset" name="reset" value="Reset" />
</form> </form>

View File

@ -15,7 +15,7 @@ function checkcookies() {
if (mysql_num_rows($query) != 1) { die("Invalid cookie data (Error 1). Please clear cookies and log in again."); } if (mysql_num_rows($query) != 1) { die("Invalid cookie data (Error 1). Please clear cookies and log in again."); }
$row = mysql_fetch_array($query); $row = mysql_fetch_array($query);
if ($row["id"] != $theuser[0]) { die("Invalid cookie data (Error 2). Please clear cookies and log in again."); } if ($row["id"] != $theuser[0]) { die("Invalid cookie data (Error 2). Please clear cookies and log in again."); }
if (md5($row["password"] . "--" . $dbsettings["secretword"]) !== $theuser[2]) { die("Invalid cookie data (Error 3). Please clear cookies and log in again."); } if (md5($row["password"] . "--" . $dbsettings["secretword"]) != $theuser[2]) { die("Invalid cookie data (Error 3). Please clear cookies and log in again."); }
// If we've gotten this far, cookie should be valid, so write a new one. // If we've gotten this far, cookie should be valid, so write a new one.
$newcookie = implode(" ",$theuser); $newcookie = implode(" ",$theuser);

View File

@ -3,7 +3,6 @@
function fight() { // One big long function that determines the outcome of the fight. function fight() { // One big long function that determines the outcome of the fight.
global $userrow, $controlrow; global $userrow, $controlrow;
if ($userrow["currentaction"] != "Fighting") { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
$pagearray = array(); $pagearray = array();
$playerisdead = 0; $playerisdead = 0;
@ -190,7 +189,7 @@ function fight() { // One big long function that determines the outcome of the f
foreach($userspells as $a => $b) { foreach($userspells as $a => $b) {
if ($b == $pickedspell) { $spell = true; } if ($b == $pickedspell) { $spell = true; }
} }
if ($spell != true) { display("You have not yet learned this spell. Please go back and try again.", "Error"); die(); } if ($pickedspell != true) { display("You have not yet learned this spell. Please go back and try again.", "Error"); die(); }
if ($userrow["currentmp"] < $newspellrow["mp"]) { display("You do not have enough Magic Points to cast this spell. Please go back and try again.", "Error"); die(); } if ($userrow["currentmp"] < $newspellrow["mp"]) { display("You do not have enough Magic Points to cast this spell. Please go back and try again.", "Error"); die(); }
if ($newspellrow["type"] == 1) { // Heal spell. if ($newspellrow["type"] == 1) { // Heal spell.

View File

@ -8,12 +8,7 @@ if ($userrow == false) { display("The forum is for registered players only.", "F
$controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control"); $controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control");
$controlrow = mysql_fetch_array($controlquery); $controlrow = mysql_fetch_array($controlquery);
// Close game.
if ($controlrow["gameopen"] == 0) { display("The game is currently closed for maintanence. Please check back later.","Game Closed"); die(); } if ($controlrow["gameopen"] == 0) { display("The game is currently closed for maintanence. Please check back later.","Game Closed"); die(); }
// Force verify if the user isn't verified yet.
if ($controlrow["verifyemail"] == 1 && $userrow["verify"] != 1) { header("Location: users.php?do=verify"); die(); }
// Block user if he/she has been banned.
if ($userrow["authlevel"] == 2) { die("Your account has been blocked. Please try back later."); }
if (isset($_GET["do"])) { if (isset($_GET["do"])) {
$do = explode(":",$_GET["do"]); $do = explode(":",$_GET["do"]);

View File

@ -312,12 +312,12 @@ the heal spell. These may not be used during fights, however - you have to use t
Please visit the following sites for more information:<br /> Please visit the following sites for more information:<br />
<a href="http://www.se7enet.com" target="_new">Se7enet</a> (Jamin's homepage)<br /> <a href="http://www.se7enet.com" target="_new">Se7enet</a> (Jamin's homepage)<br />
<a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a> (official DK homepage)<br /> <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a> (official DK homepage)<br />
<a href="http://se7enet.com/forums" target="_new">Forums</a> (official DK forums)<br /><br /> <a href="http://se7enet.com/eve" target="_new">Forums</a> (official DK forums)<br /><br />
All original coding and graphics for the <i>Dragon Knight</i> game engine are &copy; 2003-2005 by Jamin Seven.<br /><br /> All original coding and graphics for the <i>Dragon Knight</i> game engine are &copy; 2003-2004 by Jamin Seven.<br /><br />
[ <a href="#top">Top</a> ] [ <a href="#top">Top</a> ]
<br /><br /> <br /><br />
<table class="copyright" width="100%"><tr> <table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td> <td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
</tr></table> </tr></table>
</body> </body>
</html> </html>

View File

@ -149,7 +149,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
</table> </table>
<br /> <br />
<table class="copyright" width="100%"><tr> <table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td> <td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
</tr></table> </tr></table>
</body> </body>
</html> </html>

View File

@ -135,7 +135,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
Experience points listed are total values up until that point. All other values are just the new amount that you gain for each level. Experience points listed are total values up until that point. All other values are just the new amount that you gain for each level.
<br /><br /> <br /><br />
<table class="copyright" width="100%"><tr> <table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td> <td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
</tr></table> </tr></table>
</body> </body>
</html> </html>

View File

@ -90,7 +90,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
</table> </table>
<br /> <br />
<table class="copyright" width="100%"><tr> <table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td> <td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
</tr></table> </tr></table>
</body> </body>
</html> </html>

View File

@ -100,7 +100,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
<li /><b>+Defense</b> spells reduce the total damage you take from the monster by X percent until the end of each fight. <li /><b>+Defense</b> spells reduce the total damage you take from the monster by X percent until the end of each fight.
</ul> </ul>
<table class="copyright" width="100%"><tr> <table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td> <td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
</tr></table> </tr></table>
</body> </body>
</html> </html>

View File

@ -253,7 +253,7 @@ function babblebox() {
global $userrow; global $userrow;
if (isset($_POST["babble"])) { if (isset($_POST["submit"])) {
$safecontent = makesafe($_POST["babble"]); $safecontent = makesafe($_POST["babble"]);
if ($safecontent == "" || $safecontent == " ") { //blank post. do nothing. if ($safecontent == "" || $safecontent == " ") { //blank post. do nothing.
} else { $insert = doquery("INSERT INTO {{table}} SET id='',posttime=NOW(),author='".$userrow["charname"]."',babble='$safecontent'", "babble"); } } else { $insert = doquery("INSERT INTO {{table}} SET id='',posttime=NOW(),author='".$userrow["charname"]."',babble='$safecontent'", "babble"); }

47
lib.php
View File

@ -2,52 +2,9 @@
$starttime = getmicrotime(); $starttime = getmicrotime();
$numqueries = 0; $numqueries = 0;
$version = "1.1.11"; $version = "1.1.5";
$build = ""; $build = "";
// Handling for servers with magic_quotes turned on.
// Example from php.net.
if (get_magic_quotes_gpc()) {
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
$_POST = array_map('addslashes_deep', $_POST);
$_POST = array_map('html_deep', $_POST);
$_GET = array_map('addslashes_deep', $_GET);
$_GET = array_map('html_deep', $_GET);
$_COOKIE = array_map('addslashes_deep', $_COOKIE);
$_COOKIE = array_map('html_deep', $_COOKIE);
function stripslashes_deep($value) {
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
function addslashes_deep($value) {
$value = is_array($value) ?
array_map('addslashes_deep', $value) :
addslashes($value);
return $value;
}
function html_deep($value) {
$value = is_array($value) ?
array_map('html_deep', $value) :
htmlspecialchars($value);
return $value;
}
function opendb() { // Open database connection. function opendb() { // Open database connection.
include('config.php'); include('config.php');
@ -202,7 +159,7 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true,
if ($userrow["longitude"] < 0) { $userrow["longitude"] = $userrow["longitude"] * -1 . "W"; } else { $userrow["longitude"] .= "E"; } if ($userrow["longitude"] < 0) { $userrow["longitude"] = $userrow["longitude"] * -1 . "W"; } else { $userrow["longitude"] .= "E"; }
$userrow["experience"] = number_format($userrow["experience"]); $userrow["experience"] = number_format($userrow["experience"]);
$userrow["gold"] = number_format($userrow["gold"]); $userrow["gold"] = number_format($userrow["gold"]);
if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "<a href=\"admin.php\">Admin</a><br />"; } else { $userrow["adminlink"] = ""; } if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "<a href=\"admin/admin.php\">Admin</a><br />"; } else { $userrow["adminlink"] = ""; }
// HP/MP/TP bars. // HP/MP/TP bars.
$stathp = ceil($userrow["currenthp"] / $userrow["maxhp"] * 100); $stathp = ceil($userrow["currenthp"] / $userrow["maxhp"] * 100);

View File

@ -54,7 +54,7 @@ a:hover {
<b><u>DK Administration</u></b><br /><br /> <b><u>DK Administration</u></b><br /><br />
<b>Links:</b><br /> <b>Links:</b><br />
<a href="admin.php">Admin Home</a><br /> <a href="admin.php">Admin Home</a><br />
<a href="index.php">Game Home</a><br /><br /> <a href="../index.php">Game Home</a><br /><br />
<b>Primary Data:</b><br /> <b>Primary Data:</b><br />
<a href="admin.php?do=main">Main Settings</a><br /> <a href="admin.php?do=main">Main Settings</a><br />
<a href="admin.php?do=news">Add News Post</a><br /> <a href="admin.php?do=news">Add News Post</a><br />
@ -71,7 +71,7 @@ a:hover {
</td></tr></table> </td></tr></table>
<br /> <br />
<table class="copyright" width="90%"><tr> <table class="copyright" width="90%"><tr>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2006 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td> <td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
</center></body> </center></body>
</html> </html>
THEVERYENDOFYOU; THEVERYENDOFYOU;

View File

@ -82,7 +82,7 @@ winpops=window.open(popurl,"","width=520,height=520,scrollbars")
</tr> </tr>
</table><br /> </table><br />
<table class="copyright" width="90%"><tr> <table class="copyright" width="90%"><tr>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2006 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td> <td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2004 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
</tr></table> </tr></table>
</center></body> </center></body>
</html> </html>

View File

@ -5,7 +5,7 @@ function inn() { // Staying at the inn resets all expendable stats to their max
global $userrow, $numqueries; global $userrow, $numqueries;
$townquery = doquery("SELECT name,innprice FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); $townquery = doquery("SELECT name,innprice FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); } if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser."); }
$townrow = mysql_fetch_array($townquery); $townrow = mysql_fetch_array($townquery);
if ($userrow["gold"] < $townrow["innprice"]) { display("You do not have enough gold to stay at this Inn tonight.<br /><br />You may return to <a href=\"index.php\">town</a>, or use the direction buttons on the left to start exploring.", "Inn"); die(); } if ($userrow["gold"] < $townrow["innprice"]) { display("You do not have enough gold to stay at this Inn tonight.<br /><br />You may return to <a href=\"index.php\">town</a>, or use the direction buttons on the left to start exploring.", "Inn"); die(); }
@ -41,7 +41,7 @@ function buy() { // Displays a list of available items for purchase.
global $userrow, $numqueries; global $userrow, $numqueries;
$townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns"); $townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); } if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser."); }
$townrow = mysql_fetch_array($townquery); $townrow = mysql_fetch_array($townquery);
$itemslist = explode(",",$townrow["itemslist"]); $itemslist = explode(",",$townrow["itemslist"]);
@ -79,12 +79,6 @@ function buy2($id) { // Confirm user's intent to purchase item.
global $userrow, $numqueries; global $userrow, $numqueries;
$townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
$townrow = mysql_fetch_array($townquery);
$townitems = explode(",",$townrow["itemslist"]);
if (! in_array($id, $townitems)) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
$itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); $itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items");
$itemsrow = mysql_fetch_array($itemsquery); $itemsrow = mysql_fetch_array($itemsquery);
@ -127,12 +121,6 @@ function buy3($id) { // Update user profile with new item & stats.
global $userrow; global $userrow;
$townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
$townrow = mysql_fetch_array($townquery);
$townitems = explode(",",$townrow["itemslist"]);
if (! in_array($id, $townitems)) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
$itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items"); $itemsquery = doquery("SELECT * FROM {{table}} WHERE id='$id' LIMIT 1", "items");
$itemsrow = mysql_fetch_array($itemsquery); $itemsrow = mysql_fetch_array($itemsquery);
@ -355,9 +343,7 @@ function travelto($id, $usepoints=true) { // Send a user to a town from the Trav
if ($usepoints==true) { if ($usepoints==true) {
if ($userrow["currenttp"] < $townrow["travelpoints"]) { if ($userrow["currenttp"] < $townrow["travelpoints"]) {
display("You do not have enough TP to travel here. Please go back and try again when you get more TP.", "Travel To"); die(); display("You do not have enough TP to travel here. Please go back and try again when you get more TP.", "Travel To"); die();
} }
$mapped = explode(",",$userrow["towns"]);
if (!in_array($id, $mapped)) { display("Cheat attempt detected.<br /><br />Get a life, loser.", "Error"); }
} }
if (($userrow["latitude"] == $townrow["latitude"]) && ($userrow["longitude"] == $townrow["longitude"])) { display("You are already in this town. <a href=\"index.php\">Click here</a> to return to the main town screen.", "Travel To"); die(); } if (($userrow["latitude"] == $townrow["latitude"]) && ($userrow["longitude"] == $townrow["longitude"])) { display("You are already in this town. <a href=\"index.php\">Click here</a> to return to the main town screen.", "Travel To"); die(); }

View File

@ -29,12 +29,6 @@ function register() { // Register a new account.
if (preg_match("/[^A-z0-9_\-]/", $username)==1) { $errors++; $errorlist .= "Username must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net! if (preg_match("/[^A-z0-9_\-]/", $username)==1) { $errors++; $errorlist .= "Username must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net!
$usernamequery = doquery("SELECT username FROM {{table}} WHERE username='$username' LIMIT 1","users"); $usernamequery = doquery("SELECT username FROM {{table}} WHERE username='$username' LIMIT 1","users");
if (mysql_num_rows($usernamequery) > 0) { $errors++; $errorlist .= "Username already taken - unique username required.<br />"; } if (mysql_num_rows($usernamequery) > 0) { $errors++; $errorlist .= "Username already taken - unique username required.<br />"; }
// Process charname.
if ($charname == "") { $errors++; $errorlist .= "Character Name field is required.<br />"; }
if (preg_match("/[^A-z0-9_\-]/", $charname)==1) { $errors++; $errorlist .= "Character Name must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net!
$characternamequery = doquery("SELECT charname FROM {{table}} WHERE charname='$charname' LIMIT 1","users");
if (mysql_num_rows($characternamequery) > 0) { $errors++; $errorlist .= "Character Name already taken - unique Character Name required.<br />"; }
// Process email address. // Process email address.
if ($email1 == "" || $email2 == "") { $errors++; $errorlist .= "Email fields are required.<br />"; } if ($email1 == "" || $email2 == "") { $errors++; $errorlist .= "Email fields are required.<br />"; }
@ -44,7 +38,6 @@ function register() { // Register a new account.
if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; } if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; }
// Process password. // Process password.
if (trim($password1) == "") { $errors++; $errorlist .= "Password field is required.<br />"; }
if (preg_match("/[^A-z0-9_\-]/", $password1)==1) { $errors++; $errorlist .= "Password must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net! if (preg_match("/[^A-z0-9_\-]/", $password1)==1) { $errors++; $errorlist .= "Password must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net!
if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.<br />"; } if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.<br />"; }
$password = md5($password1); $password = md5($password1);