Dragon-Scourge/cookies.php

<?php // cookies.php :: Handles cookies. (Mmm, tasty!)

//	Dragon Scourge
//
//	Program authors: Jamin Blount
//	Copyright (C) 2007 by renderse7en
//	Script Version 1.0 Beta 5 Build 20

//	You may not distribute this program in any manner, modified or
//	otherwise, without the express, written consent from
//	renderse7en.
//
//	You may make modifications, but only for your own use and
//	within the confines of the Dragon Scourge License Agreement
//	(see our website for that).

function checkcookies() {

    include('config.php');
    global $controlrow;
    
    $row = false;
    
    if (isset($_COOKIE[$controlrow["cookiename"]])) {
        
        // COOKIE FORMAT:
        // {ID} {USERNAME} {PASSWORDHASH} {REMEMBERME}
        $theuser = explode(" ",$_COOKIE[$controlrow["cookiename"]]);
        if (!is_numeric($theuser[0])) { err("Invalid cookie data (Error 0). Please clear cookies and log in again."); }
        $row = dorow(doquery("SELECT * FROM <<accounts>> WHERE username='$theuser[1]' LIMIT 1"));
        if ($row == false) { err("Invalid cookie data (Error 1). Please clear cookies and log in again."); }
        if ($row["id"] != $theuser[0]) { err("Invalid cookie data (Error 2). Please clear cookies and log in again."); }
        if (md5($row["password"] . "--" . $dbsettings["secretword"]) !== $theuser[2]) { err("Invalid cookie data (Error 3). Please clear cookies and log in again."); }
        
        // If we've gotten this far, cookie should be valid, so write a new one.
        $newcookie = implode(" ",$theuser);
        if ($theuser[3] == 1) { $expiretime = time()+31536000; } else { $expiretime = 0; }
        setcookie ($controlrow["cookiename"], $newcookie, $expiretime, "/", $controlrow["cookiedomain"], 0);
        
    }
    
    return $row;

}

?>
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00			`<?php // cookies.php :: Handles cookies. (Mmm, tasty!)`

Beta 5 Build 19 07.28.2007 - Build 19 (Consolation Prize): - Added "moddedby" column to controlrow. Will display next to normal Scourge copyright. - Added SigBot, which lets players display their character stats in forum signature images. - PVP fights now properly escape the opposing player's $userrow before updating. - Fixed misspellings of 'bonusdefense' in spells.php. - Fixed error that occurred when you failed to select a spell slot when adding new spells. - Minor changes to err() output. 2017-02-05 12:01:47 -06:00			`// Dragon Scourge`
			`//`
			`// Program authors: Jamin Blount`
			`// Copyright (C) 2007 by renderse7en`
Beta 5 Build 20 9.2.2007 - Build 20 (Consolation Prize Part Deux): - Fixed incorrect story values in install.sql. - Some changes to the version/copyright/moddedby display. 2017-02-05 12:02:56 -06:00			`// Script Version 1.0 Beta 5 Build 20`
Beta 5 Build 19 07.28.2007 - Build 19 (Consolation Prize): - Added "moddedby" column to controlrow. Will display next to normal Scourge copyright. - Added SigBot, which lets players display their character stats in forum signature images. - PVP fights now properly escape the opposing player's $userrow before updating. - Fixed misspellings of 'bonusdefense' in spells.php. - Fixed error that occurred when you failed to select a spell slot when adding new spells. - Minor changes to err() output. 2017-02-05 12:01:47 -06:00
			`// You may not distribute this program in any manner, modified or`
			`// otherwise, without the express, written consent from`
			`// renderse7en.`
			`//`
			`// You may make modifications, but only for your own use and`
			`// within the confines of the Dragon Scourge License Agreement`
			`// (see our website for that).`

Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00			`function checkcookies() {`

			`include('config.php');`
Beta 4 Build 18 09.03.2006 - Build 18 (Joe Camel): - Fixed function redeclaration with Blessed Strike & Stone Skin spells. - When you're all alone, you no longer have a little blue "undefined" orb to keep you company. - Changing worlds after a quest now gives you the world's starting town to avoid panel errors. - Minor optimization fix for item building. - Unique items no longer drop with prefixes/suffixes, and you can no longer buy unique items. - Removed alphanumeric requirement for passwords. - hpleech(monster) now properly accounts for difficulty multiplier when checking against the monster's maxhp. - Added Deposit/Withdraw All links to the Bank. - Fixed PVP and Post office bugs related to the new doquery syntax. - Fixed single-quote bugs in mymail(). - Removed verbiage from the levelup template that was no longer necessary. - Fixed some more verbiage in the registration message that was also no longer necessary. - Added admin-definable cookie name and cookie domain to controlrow. 2017-02-05 11:58:57 -06:00			`global $controlrow;`
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00
			`$row = false;`

Beta 4 Build 18 09.03.2006 - Build 18 (Joe Camel): - Fixed function redeclaration with Blessed Strike & Stone Skin spells. - When you're all alone, you no longer have a little blue "undefined" orb to keep you company. - Changing worlds after a quest now gives you the world's starting town to avoid panel errors. - Minor optimization fix for item building. - Unique items no longer drop with prefixes/suffixes, and you can no longer buy unique items. - Removed alphanumeric requirement for passwords. - hpleech(monster) now properly accounts for difficulty multiplier when checking against the monster's maxhp. - Added Deposit/Withdraw All links to the Bank. - Fixed PVP and Post office bugs related to the new doquery syntax. - Fixed single-quote bugs in mymail(). - Removed verbiage from the levelup template that was no longer necessary. - Fixed some more verbiage in the registration message that was also no longer necessary. - Added admin-definable cookie name and cookie domain to controlrow. 2017-02-05 11:58:57 -06:00			`if (isset($_COOKIE[$controlrow["cookiename"]])) {`
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00
			`// COOKIE FORMAT:`
			`// {ID} {USERNAME} {PASSWORDHASH} {REMEMBERME}`
Beta 4 Build 18 09.03.2006 - Build 18 (Joe Camel): - Fixed function redeclaration with Blessed Strike & Stone Skin spells. - When you're all alone, you no longer have a little blue "undefined" orb to keep you company. - Changing worlds after a quest now gives you the world's starting town to avoid panel errors. - Minor optimization fix for item building. - Unique items no longer drop with prefixes/suffixes, and you can no longer buy unique items. - Removed alphanumeric requirement for passwords. - hpleech(monster) now properly accounts for difficulty multiplier when checking against the monster's maxhp. - Added Deposit/Withdraw All links to the Bank. - Fixed PVP and Post office bugs related to the new doquery syntax. - Fixed single-quote bugs in mymail(). - Removed verbiage from the levelup template that was no longer necessary. - Fixed some more verbiage in the registration message that was also no longer necessary. - Added admin-definable cookie name and cookie domain to controlrow. 2017-02-05 11:58:57 -06:00			`$theuser = explode(" ",$_COOKIE[$controlrow["cookiename"]]);`
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00			`if (!is_numeric($theuser[0])) { err("Invalid cookie data (Error 0). Please clear cookies and log in again."); }`
Beta 4 Build 17 8.09.2006 - Build 17 (Haiku): - Moved stylesheets into .css files. - Added javascript tooltips for the class info when creating a new character. - Changed doquery() format - rewrote all calls to this function to match the new format. - Various changes to the structure of lib.php. - Implemented Anman's increased attack and defense spells (Blessed Strike & Stone Skin). - Fixed class display in profile view. - Began admin control panel. - Various little bitty fixes. - You can no longer gamble 0 gold. - Added new level stat type: life. - Monsters can now do excellent hits, and you can now dodge monsters. - Removed several columns from controlrow that are no longer used. 2017-02-05 11:57:55 -06:00			`$row = dorow(doquery("SELECT * FROM <<accounts>> WHERE username='$theuser[1]' LIMIT 1"));`
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00			`if ($row == false) { err("Invalid cookie data (Error 1). Please clear cookies and log in again."); }`
			`if ($row["id"] != $theuser[0]) { err("Invalid cookie data (Error 2). Please clear cookies and log in again."); }`
			`if (md5($row["password"] . "--" . $dbsettings["secretword"]) !== $theuser[2]) { err("Invalid cookie data (Error 3). Please clear cookies and log in again."); }`

			`// If we've gotten this far, cookie should be valid, so write a new one.`
			`$newcookie = implode(" ",$theuser);`
			`if ($theuser[3] == 1) { $expiretime = time()+31536000; } else { $expiretime = 0; }`
Beta 4 Build 18 09.03.2006 - Build 18 (Joe Camel): - Fixed function redeclaration with Blessed Strike & Stone Skin spells. - When you're all alone, you no longer have a little blue "undefined" orb to keep you company. - Changing worlds after a quest now gives you the world's starting town to avoid panel errors. - Minor optimization fix for item building. - Unique items no longer drop with prefixes/suffixes, and you can no longer buy unique items. - Removed alphanumeric requirement for passwords. - hpleech(monster) now properly accounts for difficulty multiplier when checking against the monster's maxhp. - Added Deposit/Withdraw All links to the Bank. - Fixed PVP and Post office bugs related to the new doquery syntax. - Fixed single-quote bugs in mymail(). - Removed verbiage from the levelup template that was no longer necessary. - Fixed some more verbiage in the registration message that was also no longer necessary. - Added admin-definable cookie name and cookie domain to controlrow. 2017-02-05 11:58:57 -06:00			`setcookie ($controlrow["cookiename"], $newcookie, $expiretime, "/", $controlrow["cookiedomain"], 0);`
Beta 2 Build 12 12.10.2005 - Build 12 (Eggs): - Members can now leave the Guild without requiring an officer to demote them to zero. - Rank 5 members can now edit/update Guild settings. - # of Members is now set to 1 when a Guild is created, and updated correctly when an application is approved. - The Guild founder is now notified via the Post Office when someone applies to join. - Members can now arbitrarily deposit money to the Guild bank. - You can no longer send guild money to yourself. Checks and balances, man! - Fixed image format selection so that it actually works. - Removed Language selection from account registration/settings. 2017-02-05 11:51:02 -06:00
			`}`

			`return $row;`

			`}`

			`?>`