Make playable

This commit is contained in:
Sky Johnson 2024-08-08 12:55:08 -05:00
parent ae49476b96
commit 6f782914ca
9 changed files with 1385 additions and 328 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
config.php

View File

@ -3,6 +3,12 @@ Changelog
***** BETA FIVE ***** ***** BETA FIVE *****
8.8.2024 - Build 21 (Make Playable):
- Add a mysql_ shim to replace old database functions
- Modify some SQL to make it work with MySQL 8.0+
- Create botcheck folder and add a .gitkeep to pass tests
- Remove magic quotes functions as they have entirely been removed
9.2.2007 - Build 20 (Consolation Prize Part Deux): 9.2.2007 - Build 20 (Consolation Prize Part Deux):
- Fixed incorrect story values in install.sql. - Fixed incorrect story values in install.sql.
- Some changes to the version/copyright/moddedby display. - Some changes to the version/copyright/moddedby display.
@ -192,7 +198,7 @@ Changelog
- Fights happen slightly less often now (1/5 rather than 1/4). - Fights happen slightly less often now (1/5 rather than 1/4).
- Added anti-macro image verification for protection against space robots. - Added anti-macro image verification for protection against space robots.
4.1.2005 - Build 03 (Holy Hand Grenade): 4.1.2005 - Build 03 (Holy Hand Grenade):
- Fixed problem that prevented users from registering. - Fixed problem that prevented users from registering.
- Fixed exploit in the Bank and Post Office that allowed users to withdraw/deposit/send negative numbers. - Fixed exploit in the Bank and Post Office that allowed users to withdraw/deposit/send negative numbers.
- Added God Mode cheat: index.php?do=iddqd - Added God Mode cheat: index.php?do=iddqd
@ -236,4 +242,4 @@ Changelog
- Added language indexes for x_submit and x_reset. - Added language indexes for x_submit and x_reset.
7.19.2004 - Build 20 (pr0n): 7.19.2004 - Build 20 (pr0n):
- Initial public testing release. - Initial public testing release.

View File

@ -15,11 +15,11 @@
// (see our website for that). // (see our website for that).
$dbsettings = Array( $dbsettings = Array(
"server" => "localhost", // MySQL server name. (Usually localhost.) "server" => "127.0.0.1", // MySQL server name. (Usually localhost.)
"user" => "", // MySQL username. "user" => "root", // MySQL username.
"pass" => "", // MySQL password. "pass" => "root", // MySQL password.
"name" => "", // MySQL database name. "name" => "scourge", // MySQL database name.
"prefix" => "sx", // Prefix for table names. "prefix" => "sx", // Prefix for table names.
"secretword" => ""); // Secret word used when hashing information for cookies. "secretword" => "poop"); // Secret word used when hashing information for cookies.
?> ?>

0
images/botcheck/.gitkeep Normal file
View File

View File

@ -14,16 +14,10 @@
// within the confines of the Dragon Scourge License Agreement // within the confines of the Dragon Scourge License Agreement
// (see our website for that). // (see our website for that).
require_once 'shim.php';
opendb(); opendb();
// Handling for servers with magic_quotes turned on.
if (get_magic_quotes_gpc()) {
$_POST = array_map('uber_ss', $_POST);
$_GET = array_map('uber_ss', $_GET);
$_COOKIE = array_map('uber_ss', $_COOKIE);
}
$_POST = array_map('uber_mres', $_POST); $_POST = array_map('uber_mres', $_POST);
$_POST = array_map('uber_hsc', $_POST); $_POST = array_map('uber_hsc', $_POST);
$_GET = array_map('uber_mres', $_GET); $_GET = array_map('uber_mres', $_GET);
@ -43,30 +37,30 @@ switch ($page) {
} }
function uber_ss($value) { function uber_ss($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_ss', $value) : array_map('uber_ss', $value) :
stripslashes($value); stripslashes($value);
return $value; return $value;
} }
function uber_mres($value) { function uber_mres($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_mres', $value) : array_map('uber_mres', $value) :
mysql_real_escape_string($value); mysql_real_escape_string($value);
return $value; return $value;
} }
function uber_hsc($value) { function uber_hsc($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_hsc', $value) : array_map('uber_hsc', $value) :
htmlspecialchars($value); htmlspecialchars($value);
return $value; return $value;
} }
function opendb() { // Open database connection. function opendb() { // Open database connection.
@ -85,27 +79,27 @@ function opendb() { // Open database connection.
define("DBRESULT", true); define("DBRESULT", true);
} }
} }
return $link; //return $link;
} }
function doquery($query) { // Something of a tiny little database abstraction layer. function doquery($query) { // Something of a tiny little database abstraction layer.
include('config.php'); include('config.php');
$sqlquery = mysql_query(preg_replace("/<<([a-zA-Z0-9_\-]+)>>/", $dbsettings["prefix"]."_$1", $query)); $sqlquery = mysql_query(preg_replace("/<<([a-zA-Z0-9_\-]+)>>/", $dbsettings["prefix"]."_$1", $query));
if ($sqlquery == false) { if ($sqlquery == false) {
die(mysql_error() . "<br /><br />" . $query); die(mysql_error() . "<br /><br />" . $query);
} }
return $sqlquery; return $sqlquery;
} }
function dorow($sqlquery, $force = "") { // Abstraction layer part deux. function dorow($sqlquery, $force = "") { // Abstraction layer part deux.
switch (mysql_num_rows($sqlquery)) { switch (mysql_num_rows($sqlquery)) {
case 0: case 0:
$row = false; $row = false;
break; break;
@ -128,11 +122,11 @@ function dorow($sqlquery, $force = "") { // Abstraction layer part deux.
} }
} }
break; break;
} }
return $row; return $row;
} }
// Thanks to Predrag Supurovic from php.net for this function! // Thanks to Predrag Supurovic from php.net for this function!
@ -153,11 +147,11 @@ function dobatch($p_query) {
/***** DONE WITH ALL THE SETUP STUFF, SO ACTUALLY START INSTALLING. *****/ /***** DONE WITH ALL THE SETUP STUFF, SO ACTUALLY START INSTALLING. *****/
function one() { function one() {
// Test file permissions. // Test file permissions.
$botcheck = false; $botcheck = false;
$f = fopen("images/botcheck/test.txt", "a"); $f = fopen("images/botcheck/test.txt", "a");
if ($f) { if ($f) {
if (fwrite($f,"test")) { if (fwrite($f,"test")) {
$botcheck = true; $botcheck = true;
fclose($f); fclose($f);
@ -166,20 +160,20 @@ function one() {
} }
$users = false; $users = false;
$f = fopen("images/users/test.txt", "a"); $f = fopen("images/users/test.txt", "a");
if ($f) { if ($f) {
if (fwrite($f,"test")) { if (fwrite($f,"test")) {
$users = true; $users = true;
fclose($f); fclose($f);
unlink("images/users/test.txt"); unlink("images/users/test.txt");
} }
} }
// Display status. // Display status.
if ($botcheck) { $botcheck = "<span style=\"color: Green;\">Pass</span>"; } else { $botcheck = "<span style=\"color: red;\">Fail</span>"; } if ($botcheck) { $botcheck = "<span style=\"color: Green;\">Pass</span>"; } else { $botcheck = "<span style=\"color: red;\">Fail</span>"; }
if ($users) { $users = "<span style=\"color: Green;\">Pass</span>"; } else { $users = "<span style=\"color: red;\">Fail</span>"; } if ($users) { $users = "<span style=\"color: Green;\">Pass</span>"; } else { $users = "<span style=\"color: red;\">Fail</span>"; }
if (MYSQLRESULT) { $mysqlresult = "<span style=\"color: Green;\">Pass</span>"; } else { $mysqlresult = "<span style=\"color: red;\">Fail</span>"; } if (MYSQLRESULT) { $mysqlresult = "<span style=\"color: Green;\">Pass</span>"; } else { $mysqlresult = "<span style=\"color: red;\">Fail</span>"; }
if (DBRESULT) { $dbresult = "<span style=\"color: Green;\">Pass</span>"; } else { $dbresult = "<span style=\"color: red;\">Fail</span>"; } if (DBRESULT) { $dbresult = "<span style=\"color: Green;\">Pass</span>"; } else { $dbresult = "<span style=\"color: red;\">Fail</span>"; }
// Done. Show page. // Done. Show page.
$page = <<<THEVERYENDOFYOU $page = <<<THEVERYENDOFYOU
<html> <html>
@ -195,7 +189,7 @@ $page = <<<THEVERYENDOFYOU
</head> </head>
<body><center> <body><center>
<div class="main" style="width: 700px;"> <div class="main" style="width: 700px;">
<h3>Dragon Scourge :: Installation (Step 1)</h3> <h3>Dragon Scourge :: Installation (Step 1)</h3>
<ol> <ol>
<li><b>Verify Settings</b></li> <li><b>Verify Settings</b></li>
@ -203,7 +197,7 @@ $page = <<<THEVERYENDOFYOU
<li>Primary Game Settings</li> <li>Primary Game Settings</li>
<li>Create Admin User</li> <li>Create Admin User</li>
</ol> </ol>
<table border="1"> <table border="1">
<tr><th colspan="2">Verify Settings</th></tr> <tr><th colspan="2">Verify Settings</th></tr>
<tr><td>MySQL Connection</td><td>$mysqlresult</td></tr> <tr><td>MySQL Connection</td><td>$mysqlresult</td></tr>
@ -211,16 +205,16 @@ $page = <<<THEVERYENDOFYOU
<tr><td>File Permissions: /images/users/</td><td>$users</td></tr> <tr><td>File Permissions: /images/users/</td><td>$users</td></tr>
<tr><td>File Permissions: /images/botcheck/</td><td>$botcheck</td></tr> <tr><td>File Permissions: /images/botcheck/</td><td>$botcheck</td></tr>
</table><br /><br /> </table><br /><br />
If any of the above settings display <span style="color: red;">Fail</span>, please go back and make sure everything is correct.<br /><br /> If any of the above settings display <span style="color: red;">Fail</span>, please go back and make sure everything is correct.<br /><br />
For failures on either MySQL Connection or MySQL Database, please ensure that you have inserted the correct values for your server configuration into config.php, and make sure that the database to which you will be installing Dragon Scourge already exists on your server.<br /><br /> For failures on either MySQL Connection or MySQL Database, please ensure that you have inserted the correct values for your server configuration into config.php, and make sure that the database to which you will be installing Dragon Scourge already exists on your server.<br /><br />
For failures on either of the two File Permissions settings, make sure that the appropriate folders have been CHMODed to 0777 (on Unix/Linux servers), or are not set to read-only (on Windows servers). If you need help with this, <a href="http://www.stadtaus.com/en/tutorials/chmod-ftp-file-permissions.php" target="_new">click here</a> for tutorials on how to do this in several major FTP clients.<br /><br /> For failures on either of the two File Permissions settings, make sure that the appropriate folders have been CHMODed to 0777 (on Unix/Linux servers), or are not set to read-only (on Windows servers). If you need help with this, <a href="http://www.stadtaus.com/en/tutorials/chmod-ftp-file-permissions.php" target="_new">click here</a> for tutorials on how to do this in several major FTP clients.<br /><br />
Once you have checked all the appropriate settings, reload this page and make sure that all four tests indicate <span style="color: green;">Pass</span> before continuing.<br /><br /> Once you have checked all the appropriate settings, reload this page and make sure that all four tests indicate <span style="color: green;">Pass</span> before continuing.<br /><br />
Once all tests pass, click the link below to continue to step two.<br /><br /> Once all tests pass, click the link below to continue to step two.<br /><br />
<a href="install.php?page=two">Continue to Step Two: Install Database</a><br /> <a href="install.php?page=two">Continue to Step Two: Install Database</a><br />
Installing the database may take several seconds. Please click the link only once. Installing the database may take several seconds. Please click the link only once.
</div> </div>
</center></body> </center></body>
</html> </html>
@ -230,10 +224,10 @@ die($page);
} }
function two() { function two() {
$installsql = file_get_contents("install.sql"); $installsql = file_get_contents("install.sql");
$status = dobatch($installsql); $status = dobatch($installsql);
$page = <<<THEVERYENDOFYOU $page = <<<THEVERYENDOFYOU
<html> <html>
<head> <head>
@ -248,7 +242,7 @@ $page = <<<THEVERYENDOFYOU
</head> </head>
<body><center> <body><center>
<div class="main" style="width: 700px;"> <div class="main" style="width: 700px;">
<h3>Dragon Scourge :: Installation (Step 2)</h3> <h3>Dragon Scourge :: Installation (Step 2)</h3>
<ol> <ol>
<li>Verify Settings</li> <li>Verify Settings</li>
@ -256,11 +250,11 @@ $page = <<<THEVERYENDOFYOU
<li>Primary Game Settings</li> <li>Primary Game Settings</li>
<li>Create Admin User</li> <li>Create Admin User</li>
</ol> </ol>
The database installation is now complete. Click the link below to set up your initial game settings.<br /><br /> The database installation is now complete. Click the link below to set up your initial game settings.<br /><br />
<a href="install.php?page=three">Continue to Step Three: Primary Game Settings</a> <a href="install.php?page=three">Continue to Step Three: Primary Game Settings</a>
</div> </div>
</center></body> </center></body>
</html> </html>
@ -270,7 +264,7 @@ die($page);
} }
function three() { function three() {
// Path stuff. Easy. // Path stuff. Easy.
$gamepath = str_replace("install.php","",__FILE__); $gamepath = str_replace("install.php","",__FILE__);
$gamepath = str_replace("\\","/",$gamepath); $gamepath = str_replace("\\","/",$gamepath);
@ -278,8 +272,8 @@ function three() {
$gameurl = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"]; $gameurl = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"];
$gameurl = str_replace("install.php","",$gameurl); $gameurl = str_replace("install.php","",$gameurl);
$avatarurl = $gameurl . "images/users/"; $avatarurl = $gameurl . "images/users/";
$page = <<<THEVERYENDOFYOU $page = <<<THEVERYENDOFYOU
<html> <html>
<head> <head>
@ -295,7 +289,7 @@ $page = <<<THEVERYENDOFYOU
</head> </head>
<body><center> <body><center>
<div class="main" style="width: 700px;"> <div class="main" style="width: 700px;">
<h3>Dragon Scourge :: Installation (Step 3)</h3> <h3>Dragon Scourge :: Installation (Step 3)</h3>
<ol> <ol>
<li>Verify Settings</li> <li>Verify Settings</li>
@ -303,7 +297,7 @@ $page = <<<THEVERYENDOFYOU
<li><b>Primary Game Settings</b></li> <li><b>Primary Game Settings</b></li>
<li>Create Admin User</li> <li>Create Admin User</li>
</ol> </ol>
<form action="install.php?page=four" method="post"> <form action="install.php?page=four" method="post">
<table cellspacing="0" cellpadding="5" width="98%"> <table cellspacing="0" cellpadding="5" width="98%">
<tr><td width="25%">Game Name</td><td><input type="text" name="gamename" size="20" maxlength="50" value="Dragon Scourge" /><br /><span class="grey">The name of your game. Used in page titles and when sending email to new users.</span><br /><br /></td></tr> <tr><td width="25%">Game Name</td><td><input type="text" name="gamename" size="20" maxlength="50" value="Dragon Scourge" /><br /><span class="grey">The name of your game. Used in page titles and when sending email to new users.</span><br /><br /></td></tr>
@ -332,7 +326,7 @@ $page = <<<THEVERYENDOFYOU
</center></td></tr> </center></td></tr>
</table> </table>
</form> </form>
</div> </div>
</center></body> </center></body>
</html> </html>
@ -342,7 +336,7 @@ die($page);
} }
function four() { function four() {
// Check for errors. // Check for errors.
$requires = array("gamename","gamepath","gameurl","avatarpath","avatarurl","avatarmaxsize","adminemail","botcheck","pvprefresh","pvptimeout","guildstartup","guildstartlvl","guildjoinlvl","guildupdate"); $requires = array("gamename","gamepath","gameurl","avatarpath","avatarurl","avatarmaxsize","adminemail","botcheck","pvprefresh","pvptimeout","guildstartup","guildstartlvl","guildjoinlvl","guildupdate");
$numerics = array("avatarmaxsize","botcheck","pvprefresh","pvptimeout","guildstartup","guildstartlvl","guildjoinlvl","guildupdate"); $numerics = array("avatarmaxsize","botcheck","pvprefresh","pvptimeout","guildstartup","guildstartlvl","guildjoinlvl","guildupdate");
@ -355,15 +349,15 @@ function four() {
if (!is_numeric($_POST[$b])) { $errors .= "$b field must contain numbers only.<br />"; } if (!is_numeric($_POST[$b])) { $errors .= "$b field must contain numbers only.<br />"; }
} }
if ($errors != "") { die("The following errors occurred. Please go back and correct these errors before continuing.<br /><br />$errors"); } if ($errors != "") { die("The following errors occurred. Please go back and correct these errors before continuing.<br /><br />$errors"); }
// Check toggles. // Check toggles.
foreach($toggles as $a => $b) { foreach($toggles as $a => $b) {
if (!isset($_POST[$b])) { $_POST[$b] = "0"; } if (!isset($_POST[$b])) { $_POST[$b] = "0"; }
} }
// No errors, so set up the table. // No errors, so set up the table.
extract($_POST); extract($_POST);
doquery("INSERT INTO <<control>> SET doquery("INSERT INTO <<control>> SET
id='1', id='1',
gamename='$gamename', gamename='$gamename',
gameopen='1', gameopen='1',
@ -393,7 +387,7 @@ function four() {
guildjoinlvl='$guildjoinlvl', guildjoinlvl='$guildjoinlvl',
guildupdate='$guildupdate' guildupdate='$guildupdate'
"); ");
// Done with the controlrow creator. Now show admin user creation form.' // Done with the controlrow creator. Now show admin user creation form.'
$page = <<<THEVERYENDOFYOU $page = <<<THEVERYENDOFYOU
<html> <html>
@ -410,7 +404,7 @@ $page = <<<THEVERYENDOFYOU
</head> </head>
<body><center> <body><center>
<div class="main" style="width: 700px;"> <div class="main" style="width: 700px;">
<h3>Dragon Scourge :: Installation (Step 4)</h3> <h3>Dragon Scourge :: Installation (Step 4)</h3>
<ol> <ol>
<li>Verify Settings</li> <li>Verify Settings</li>
@ -418,7 +412,7 @@ $page = <<<THEVERYENDOFYOU
<li>Primary Game Settings</li> <li>Primary Game Settings</li>
<li><b>Create Admin User</b></li> <li><b>Create Admin User</b></li>
</ol> </ol>
<form action="install.php?page=five" method="post"> <form action="install.php?page=five" method="post">
<table cellspacing="0" cellpadding="5" width="98%"> <table cellspacing="0" cellpadding="5" width="98%">
<tr><td width="25%">Username</td><td><input type="text" name="username" size="20" maxlength="30" value="" /><br /><br /></td></tr> <tr><td width="25%">Username</td><td><input type="text" name="username" size="20" maxlength="30" value="" /><br /><br /></td></tr>
@ -429,7 +423,7 @@ $page = <<<THEVERYENDOFYOU
</center></td></tr> </center></td></tr>
</table> </table>
</form> </form>
</div> </div>
</center></body> </center></body>
</html> </html>
@ -438,7 +432,7 @@ die($page);
} }
function five() { function five() {
// Check for errors. // Check for errors.
$requires = array("username","password","emailaddress"); $requires = array("username","password","emailaddress");
$errors = ""; $errors = "";
@ -446,12 +440,12 @@ function five() {
if (!isset($_POST[$b]) || trim($_POST[$b])=="") { $errors .= "$b field is required.<br />"; } if (!isset($_POST[$b]) || trim($_POST[$b])=="") { $errors .= "$b field is required.<br />"; }
} }
if ($errors != "") { die("The following errors occurred. Please go back and correct these errors before continuing.<br /><br />$errors"); } if ($errors != "") { die("The following errors occurred. Please go back and correct these errors before continuing.<br /><br />$errors"); }
// No errors, so set up the table. // No errors, so set up the table.
extract($_POST); extract($_POST);
$password = md5($password); $password = md5($password);
doquery("INSERT INTO <<accounts>> SET doquery("INSERT INTO <<accounts>> SET
id='1', id='1',
username='$username', username='$username',
password='$password', password='$password',
@ -466,7 +460,7 @@ function five() {
imageformat='.png', imageformat='.png',
minimap='1' minimap='1'
"); ");
// Done with the controlrow creator. Now show admin user creation form.' // Done with the controlrow creator. Now show admin user creation form.'
$page = <<<THEVERYENDOFYOU $page = <<<THEVERYENDOFYOU
<html> <html>
@ -483,12 +477,12 @@ $page = <<<THEVERYENDOFYOU
</head> </head>
<body><center> <body><center>
<div class="main" style="width: 700px;"> <div class="main" style="width: 700px;">
<h3>Dragon Scourge :: Installation Complete</h3> <h3>Dragon Scourge :: Installation Complete</h3>
Dragon Scourge Installation has now completed. Congratulations.<br /><br /> Dragon Scourge Installation has now completed. Congratulations.<br /><br />
For security reasons, <b>please delete install.php and install.sql from your game directory at this time!</b><br /><br /> For security reasons, <b>please delete install.php and install.sql from your game directory at this time!</b><br /><br />
<a href="login.php?do=login">Click here</a> to log into your game for the first time. Once you log in, you will be asked to create your first Character. <a href="login.php?do=login">Click here</a> to log into your game for the first time. Once you log in, you will be asked to create your first Character.
</div> </div>
</center></body> </center></body>
</html> </html>
@ -496,4 +490,4 @@ THEVERYENDOFYOU;
die($page); die($page);
} }
?> ?>

View File

@ -5,7 +5,7 @@ CREATE TABLE `<<accounts>>` (
`password` varchar(32) NOT NULL default '', `password` varchar(32) NOT NULL default '',
`emailaddress` varchar(200) NOT NULL default '', `emailaddress` varchar(200) NOT NULL default '',
`verifycode` varchar(32) NOT NULL default '', `verifycode` varchar(32) NOT NULL default '',
`regdate` datetime NOT NULL default '0000-00-00 00:00:00', `regdate` datetime NOT NULL default NOW(),
`regip` varchar(16) NOT NULL default '', `regip` varchar(16) NOT NULL default '',
`authlevel` tinyint(3) unsigned NOT NULL default '1', `authlevel` tinyint(3) unsigned NOT NULL default '1',
`language` varchar(30) NOT NULL default '', `language` varchar(30) NOT NULL default '',
@ -14,18 +14,18 @@ CREATE TABLE `<<accounts>>` (
`imageformat` varchar(4) NOT NULL default '0', `imageformat` varchar(4) NOT NULL default '0',
`minimap` tinyint(3) unsigned NOT NULL default '0', `minimap` tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<babblebox>>`; DROP TABLE IF EXISTS `<<babblebox>>`;
CREATE TABLE `<<babblebox>>` ( CREATE TABLE `<<babblebox>>` (
`id` int(11) unsigned NOT NULL auto_increment, `id` int(11) unsigned NOT NULL auto_increment,
`posttime` datetime NOT NULL default '0000-00-00 00:00:00', `posttime` datetime NOT NULL default NOW(),
`charname` varchar(30) NOT NULL default '', `charname` varchar(30) NOT NULL default '',
`charid` int(11) unsigned NOT NULL default '0', `charid` int(11) unsigned NOT NULL default '0',
`content` varchar(255) NOT NULL default '', `content` varchar(255) NOT NULL default '',
`guild` int(10) unsigned NOT NULL default '0', `guild` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<classes>>`; DROP TABLE IF EXISTS `<<classes>>`;
CREATE TABLE `<<classes>>` ( CREATE TABLE `<<classes>>` (
@ -39,9 +39,9 @@ CREATE TABLE `<<classes>>` (
`mpperenergy` float unsigned NOT NULL default '0', `mpperenergy` float unsigned NOT NULL default '0',
`description` text NOT NULL, `description` text NOT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<classes>>` (`id`, `name`, `expbonus`, `goldbonus`, `damageperstrength`, `defenseperdex`, `hpperlife`, `mpperenergy`, `description`) VALUES INSERT INTO `<<classes>>` (`id`, `name`, `expbonus`, `goldbonus`, `damageperstrength`, `defenseperdex`, `hpperlife`, `mpperenergy`, `description`) VALUES
(1, 'Barbarian', 0, 0, 3, 1, 2, 1, 'Barbarians specialize in physical damage. 3 damage per strength point, 1 defense per dexterity point, 2 hp per life point, 1 mp per energy point.'), (1, 'Barbarian', 0, 0, 3, 1, 2, 1, 'Barbarians specialize in physical damage. 3 damage per strength point, 1 defense per dexterity point, 2 hp per life point, 1 mp per energy point.'),
(2, 'Sorceress', 0, 0, 1, 1, 2, 3, 'Sorceresses specialize in magical damage. 1 damage per strength point, 1 defense per dexterity point, 2 hp per life point, 3 mp per energy point.'), (2, 'Sorceress', 0, 0, 1, 1, 2, 3, 'Sorceresses specialize in magical damage. 1 damage per strength point, 1 defense per dexterity point, 2 hp per life point, 3 mp per energy point.'),
(3, 'Paladin', 0, 0, 1, 2, 3, 1, 'Paladins specialize in staying alive. 1 damage per strength point, 2 defense per dexterity point, 3 hp per life point, 1 mp per energy point.'); (3, 'Paladin', 0, 0, 1, 2, 3, 1, 'Paladins specialize in staying alive. 1 damage per strength point, 2 defense per dexterity point, 3 hp per life point, 1 mp per energy point.');
@ -77,7 +77,7 @@ CREATE TABLE `<<control>>` (
`guildjoinlvl` int(10) unsigned NOT NULL default '0', `guildjoinlvl` int(10) unsigned NOT NULL default '0',
`guildupdate` int(10) unsigned NOT NULL default '0', `guildupdate` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<difficulties>>`; DROP TABLE IF EXISTS `<<difficulties>>`;
CREATE TABLE `<<difficulties>>` ( CREATE TABLE `<<difficulties>>` (
@ -88,9 +88,9 @@ CREATE TABLE `<<difficulties>>` (
`multiplier` float NOT NULL default '0', `multiplier` float NOT NULL default '0',
`deathpenalty` tinyint(3) unsigned NOT NULL default '0', `deathpenalty` tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<difficulties>>` (`id`, `name`, `expbonus`, `goldbonus`, `multiplier`, `deathpenalty`) VALUES INSERT INTO `<<difficulties>>` (`id`, `name`, `expbonus`, `goldbonus`, `multiplier`, `deathpenalty`) VALUES
(1, 'Easy', 0, 0, 1, 0), (1, 'Easy', 0, 0, 1, 0),
(2, 'Medium', 3, 3, 1.5, 3), (2, 'Medium', 3, 3, 1.5, 3),
(3, 'Hard', 5, 5, 2, 7); (3, 'Hard', 5, 5, 2, 7);
@ -102,7 +102,7 @@ CREATE TABLE `<<guildapps>>` (
`charid` int(10) unsigned NOT NULL default '0', `charid` int(10) unsigned NOT NULL default '0',
`charname` varchar(30) NOT NULL default '', `charname` varchar(30) NOT NULL default '',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<guilds>>`; DROP TABLE IF EXISTS `<<guilds>>`;
CREATE TABLE `<<guilds>>` ( CREATE TABLE `<<guilds>>` (
@ -127,7 +127,7 @@ CREATE TABLE `<<guilds>>` (
`statement` text NOT NULL, `statement` text NOT NULL,
`news` text NOT NULL, `news` text NOT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<itembase>>`; DROP TABLE IF EXISTS `<<itembase>>`;
CREATE TABLE `<<itembase>>` ( CREATE TABLE `<<itembase>>` (
@ -157,9 +157,9 @@ CREATE TABLE `<<itembase>>` (
`mod6name` varchar(50) NOT NULL default '', `mod6name` varchar(50) NOT NULL default '',
`mod6attr` smallint(5) unsigned NOT NULL default '0', `mod6attr` smallint(5) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<itembase>>` (`id`, `name`, `slotnumber`, `isunique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`, `mod1name`, `mod1attr`, `mod2name`, `mod2attr`, `mod3name`, `mod3attr`, `mod4name`, `mod4attr`, `mod5name`, `mod5attr`, `mod6name`, `mod6attr`) VALUES INSERT INTO `<<itembase>>` (`id`, `name`, `slotnumber`, `isunique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`, `mod1name`, `mod1attr`, `mod2name`, `mod2attr`, `mod3name`, `mod3attr`, `mod4name`, `mod4attr`, `mod5name`, `mod5attr`, `mod6name`, `mod6attr`) VALUES
(1, 'Pointy Stick', 1, 0, 1, 10, 5, 1, 0, 0, 0, 'physattack', 3, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0), (1, 'Pointy Stick', 1, 0, 1, 10, 5, 1, 0, 0, 0, 'physattack', 3, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0),
(2, 'Big Stick', 1, 0, 1, 15, 8, 1, 0, 0, 0, 'physattack', 4, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0), (2, 'Big Stick', 1, 0, 1, 15, 8, 1, 0, 0, 0, 'physattack', 4, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0),
(3, 'Dagger', 1, 0, 1, 20, 10, 1, 0, 0, 0, 'physattack', 5, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0), (3, 'Dagger', 1, 0, 1, 20, 10, 1, 0, 0, 0, 'physattack', 5, '', 0, '', 0, '', 0, '', 0, '', 0, '', 0),
@ -341,9 +341,9 @@ CREATE TABLE `<<itemmodnames>>` (
`prettyname` varchar(50) NOT NULL default '', `prettyname` varchar(50) NOT NULL default '',
`percent` tinyint(3) unsigned NOT NULL default '0', `percent` tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<itemmodnames>>` (`id`, `fieldname`, `prettyname`, `percent`) VALUES INSERT INTO `<<itemmodnames>>` (`id`, `fieldname`, `prettyname`, `percent`) VALUES
(1, 'expbonus', 'Experience Bonus', 1), (1, 'expbonus', 'Experience Bonus', 1),
(2, 'goldbonus', 'Gold Bonus', 1), (2, 'goldbonus', 'Gold Bonus', 1),
(3, 'maxhp', 'Max HP', 0), (3, 'maxhp', 'Max HP', 0),
@ -381,9 +381,9 @@ CREATE TABLE `<<itemprefixes>>` (
`basename` varchar(50) NOT NULL default '', `basename` varchar(50) NOT NULL default '',
`baseattr` smallint(5) unsigned NOT NULL default '0', `baseattr` smallint(5) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<itemprefixes>>` (`id`, `name`, `slotnumber`, `unique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`) VALUES INSERT INTO `<<itemprefixes>>` (`id`, `name`, `slotnumber`, `unique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`) VALUES
(1, 'Sharp', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'physattack', 2), (1, 'Sharp', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'physattack', 2),
(2, 'Magic', 1, 0, 0, 8, 4, 1, 0, 0, 0, 'magicattack', 5); (2, 'Magic', 1, 0, 0, 8, 4, 1, 0, 0, 0, 'magicattack', 5);
@ -403,16 +403,16 @@ CREATE TABLE `<<itemsuffixes>>` (
`basename` varchar(50) NOT NULL default '', `basename` varchar(50) NOT NULL default '',
`baseattr` smallint(5) unsigned NOT NULL default '0', `baseattr` smallint(5) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<itemsuffixes>>` (`id`, `name`, `slotnumber`, `unique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`) VALUES INSERT INTO `<<itemsuffixes>>` (`id`, `name`, `slotnumber`, `unique`, `willdrop`, `buycost`, `sellcost`, `reqlevel`, `reqstrength`, `reqdexterity`, `reqenergy`, `basename`, `baseattr`) VALUES
(1, 'of the Vampire', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'hpleech', 5), (1, 'of the Vampire', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'hpleech', 5),
(2, 'of the Bear', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'strength', 5); (2, 'of the Bear', 1, 0, 0, 5, 3, 1, 0, 0, 0, 'strength', 5);
DROP TABLE IF EXISTS `<<messages>>`; DROP TABLE IF EXISTS `<<messages>>`;
CREATE TABLE `<<messages>>` ( CREATE TABLE `<<messages>>` (
`id` int(10) unsigned NOT NULL auto_increment, `id` int(10) unsigned NOT NULL auto_increment,
`postdate` datetime NOT NULL default '0000-00-00 00:00:00', `postdate` datetime NOT NULL default NOW(),
`senderid` int(10) unsigned NOT NULL default '0', `senderid` int(10) unsigned NOT NULL default '0',
`sendername` varchar(30) NOT NULL default '', `sendername` varchar(30) NOT NULL default '',
`recipientid` int(10) unsigned NOT NULL default '0', `recipientid` int(10) unsigned NOT NULL default '0',
@ -422,7 +422,7 @@ CREATE TABLE `<<messages>>` (
`message` text NOT NULL, `message` text NOT NULL,
`gold` int(10) unsigned NOT NULL default '0', `gold` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<monsters>>`; DROP TABLE IF EXISTS `<<monsters>>`;
CREATE TABLE `<<monsters>>` ( CREATE TABLE `<<monsters>>` (
@ -449,9 +449,9 @@ CREATE TABLE `<<monsters>>` (
`newstory` int(10) unsigned NOT NULL default '0', `newstory` int(10) unsigned NOT NULL default '0',
`hpleech` tinyint(3) unsigned NOT NULL default '0', `hpleech` tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<monsters>>` (`id`, `name`, `world`, `level`, `maxexp`, `maxgold`, `maxhp`, `physattack`, `physdefense`, `magicattack`, `magicdefense`, `fireattack`, `firedefense`, `lightattack`, `lightdefense`, `spell1`, `spell2`, `spellimmune1`, `spellimmune2`, `boss`, `newstory`, `hpleech`) VALUES INSERT INTO `<<monsters>>` (`id`, `name`, `world`, `level`, `maxexp`, `maxgold`, `maxhp`, `physattack`, `physdefense`, `magicattack`, `magicdefense`, `fireattack`, `firedefense`, `lightattack`, `lightdefense`, `spell1`, `spell2`, `spellimmune1`, `spellimmune2`, `boss`, `newstory`, `hpleech`) VALUES
(1, 'Small Slime', 1, 1, 4, 2, 3, 3, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0), (1, 'Small Slime', 1, 1, 4, 2, 3, 3, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),
(2, 'Shade', 1, 1, 4, 2, 3, 4, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0), (2, 'Shade', 1, 1, 4, 2, 3, 4, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),
(3, 'Slime', 1, 2, 4, 2, 3, 3, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0), (3, 'Slime', 1, 2, 4, 2, 3, 3, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),
@ -673,7 +673,7 @@ CREATE TABLE `<<pvp>>` (
`turntime` timestamp NOT NULL, `turntime` timestamp NOT NULL,
`fightrow` text NOT NULL, `fightrow` text NOT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<spells>>`; DROP TABLE IF EXISTS `<<spells>>`;
CREATE TABLE `<<spells>>` ( CREATE TABLE `<<spells>>` (
@ -686,9 +686,9 @@ CREATE TABLE `<<spells>>` (
`classonly` int(10) unsigned NOT NULL default '0', `classonly` int(10) unsigned NOT NULL default '0',
`classexclude` int(10) unsigned NOT NULL default '0', `classexclude` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<spells>>` (`id`, `name`, `fname`, `value`, `mp`, `minlevel`, `classonly`, `classexclude`) VALUES INSERT INTO `<<spells>>` (`id`, `name`, `fname`, `value`, `mp`, `minlevel`, `classonly`, `classexclude`) VALUES
(1, 'Heal 1', 'heal', 5, 2, 5, 2, 0), (1, 'Heal 1', 'heal', 5, 2, 5, 2, 0),
(2, 'Heal 2', 'heal', 10, 5, 10, 0, 0), (2, 'Heal 2', 'heal', 10, 5, 10, 0, 0),
(3, 'Heal 3', 'heal', 20, 10, 15, 0, 0), (3, 'Heal 3', 'heal', 20, 10, 15, 0, 0),
@ -783,9 +783,9 @@ CREATE TABLE `<<story>>` (
`rewardname` varchar(30) NOT NULL default '', `rewardname` varchar(30) NOT NULL default '',
`rewardattr` int(11) NOT NULL default '0', `rewardattr` int(11) NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<story>>` (`id`, `title`, `story`, `world`, `latitude`, `longitude`, `nextstory`, `targetmonster`, `targetitem`, `targetworld`, `targetlat`, `targetlon`, `targetaction`, `rewardname`, `rewardattr`) VALUES INSERT INTO `<<story>>` (`id`, `title`, `story`, `world`, `latitude`, `longitude`, `nextstory`, `targetmonster`, `targetitem`, `targetworld`, `targetlat`, `targetlon`, `targetaction`, `rewardname`, `rewardattr`) VALUES
(1, 'Prologue', 'The light has forsaken this land, and not for the first time. Centuries ago, it was overrun by darkness and then saved by a hero whose lifelong quest was to eradicate evil. The hero succeeded, and in the end, Lucifuge, King of the Dragons, was destroyed... at least for the time being. In the many long years since that time, Lucifuge has been gathering his forces and his power, and has finally regained enough of his former strength to return.\r\n\r\nSo the land is once again in need of a saviour. It will be no easy task, dear adventurer. In the last age, Lucifuge and his minions controlled but a small country. This time, he has sent his forces to sow chaos and darkness throughout the world. Only a brave adventurer will be able to conquer him and restore peace and order to the world.\r\n\r\nContinue on, dear adventurer. You shall be tested dearly, but the rewards will be great.', 1, 0, 0, 2, 0, '', 1, 0, 0, '', '', 0), (1, 'Prologue', 'The light has forsaken this land, and not for the first time. Centuries ago, it was overrun by darkness and then saved by a hero whose lifelong quest was to eradicate evil. The hero succeeded, and in the end, Lucifuge, King of the Dragons, was destroyed... at least for the time being. In the many long years since that time, Lucifuge has been gathering his forces and his power, and has finally regained enough of his former strength to return.\r\n\r\nSo the land is once again in need of a saviour. It will be no easy task, dear adventurer. In the last age, Lucifuge and his minions controlled but a small country. This time, he has sent his forces to sow chaos and darkness throughout the world. Only a brave adventurer will be able to conquer him and restore peace and order to the world.\r\n\r\nContinue on, dear adventurer. You shall be tested dearly, but the rewards will be great.', 1, 0, 0, 2, 0, '', 1, 0, 0, '', '', 0),
(2, 'Queen of Demons', 'You come to a great stone door, with the inscription ''RAZORA'' carved in the Language of the Fallen. Next to the door lie the skeletons of several dead warriors who failed to enter. One of the skeletons is holding a scrap of paper, which reads:\r\n\r\n"We finally made it. The legends are true, Razora does exist. As I write this, we are standing outside the demon queen''s throneroom. Something is following us, though, and has been for several days. We''re making camp tonight, and we''ll head inside in the morning. After the months of travelling, we definitely need our rest if we''re really preparing to face Razora. We''ve survived this far, surely whatever is following us will hold off one more night..."\r\n\r\nYou are now faced with a choice, dear adventurer. Are you ready to face the demon queen Razora, or do you still need more preparation?', 1, 100, -100, 0, 201, '', 0, 0, 0, '', '', 0), (2, 'Queen of Demons', 'You come to a great stone door, with the inscription ''RAZORA'' carved in the Language of the Fallen. Next to the door lie the skeletons of several dead warriors who failed to enter. One of the skeletons is holding a scrap of paper, which reads:\r\n\r\n"We finally made it. The legends are true, Razora does exist. As I write this, we are standing outside the demon queen''s throneroom. Something is following us, though, and has been for several days. We''re making camp tonight, and we''ll head inside in the morning. After the months of travelling, we definitely need our rest if we''re really preparing to face Razora. We''ve survived this far, surely whatever is following us will hold off one more night..."\r\n\r\nYou are now faced with a choice, dear adventurer. Are you ready to face the demon queen Razora, or do you still need more preparation?', 1, 100, -100, 0, 201, '', 0, 0, 0, '', '', 0),
(3, 'Fallen Queen', 'Razora, the Demon Queen, lies dead at your feet. Even now, her body and all the black blood spilled from it are melting away into the nether. Soon, all that''s left is her heart, which you take with you as proof that you destroyed her.\r\n\r\nOne section of the wall crumbles and falls, and leads to a doorway, guarded by a large statue of an angel. In the angel''s hand is a sword with flames engraved in the blade.\r\n\r\nIt wouldn''t be too much trouble to take the sword, and it does seem like your right to take it, after all the trouble you went through to kill Razora. You can now take the sword and continue through the doorway, or just continue on without it.', 1, 100, -100, 4, 0, '', 2, 0, 0, '', 'maxhp', 50), (3, 'Fallen Queen', 'Razora, the Demon Queen, lies dead at your feet. Even now, her body and all the black blood spilled from it are melting away into the nether. Soon, all that''s left is her heart, which you take with you as proof that you destroyed her.\r\n\r\nOne section of the wall crumbles and falls, and leads to a doorway, guarded by a large statue of an angel. In the angel''s hand is a sword with flames engraved in the blade.\r\n\r\nIt wouldn''t be too much trouble to take the sword, and it does seem like your right to take it, after all the trouble you went through to kill Razora. You can now take the sword and continue through the doorway, or just continue on without it.', 1, 100, -100, 4, 0, '', 2, 0, 0, '', 'maxhp', 50),
@ -820,9 +820,9 @@ CREATE TABLE `<<towns>>` (
`itemminlvl` int(10) unsigned NOT NULL default '0', `itemminlvl` int(10) unsigned NOT NULL default '0',
`itemmaxlvl` int(10) unsigned NOT NULL default '0', `itemmaxlvl` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<towns>>` (`id`, `name`, `world`, `latitude`, `longitude`, `innprice`, `mapprice`, `travelpoints`, `itemminlvl`, `itemmaxlvl`) VALUES INSERT INTO `<<towns>>` (`id`, `name`, `world`, `latitude`, `longitude`, `innprice`, `mapprice`, `travelpoints`, `itemminlvl`, `itemmaxlvl`) VALUES
(1, 'Middleton', 1, 0, 0, 5, 0, 0, 1, 5), (1, 'Middleton', 1, 0, 0, 5, 0, 0, 1, 5),
(2, 'Norfolk', 1, 25, 25, 10, 25, 5, 3, 8), (2, 'Norfolk', 1, 25, 25, 10, 25, 5, 3, 8),
(3, 'Calentia', 1, 50, -50, 25, 50, 15, 6, 11), (3, 'Calentia', 1, 50, -50, 25, 50, 15, 6, 11),
@ -853,9 +853,9 @@ DROP TABLE IF EXISTS `<<users>>`;
CREATE TABLE `<<users>>` ( CREATE TABLE `<<users>>` (
`id` int(10) unsigned NOT NULL auto_increment, `id` int(10) unsigned NOT NULL auto_increment,
`account` int(10) unsigned NOT NULL default '0', `account` int(10) unsigned NOT NULL default '0',
`birthdate` datetime NOT NULL default '0000-00-00 00:00:00', `birthdate` datetime NOT NULL default NOW(),
`lastip` varchar(16) NOT NULL default '', `lastip` varchar(16) NOT NULL default '',
`onlinetime` datetime NOT NULL default '0000-00-00 00:00:00', `onlinetime` datetime NOT NULL default NOW(),
`exploreverify` varchar(6) NOT NULL default '', `exploreverify` varchar(6) NOT NULL default '',
`exploreverifyimage` varchar(12) NOT NULL default '', `exploreverifyimage` varchar(12) NOT NULL default '',
`explorefailed` int(10) unsigned NOT NULL default '0', `explorefailed` int(10) unsigned NOT NULL default '0',
@ -953,7 +953,7 @@ CREATE TABLE `<<users>>` (
`bonusdefense` smallint(5) unsigned NOT NULL default '0', `bonusdefense` smallint(5) unsigned NOT NULL default '0',
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
FULLTEXT KEY `item1name` (`item1name`) FULLTEXT KEY `item1name` (`item1name`)
) TYPE=MyISAM ; );
DROP TABLE IF EXISTS `<<worlds>>`; DROP TABLE IF EXISTS `<<worlds>>`;
CREATE TABLE `<<worlds>>` ( CREATE TABLE `<<worlds>>` (
@ -961,11 +961,11 @@ CREATE TABLE `<<worlds>>` (
`name` varchar(30) NOT NULL default '', `name` varchar(30) NOT NULL default '',
`size` smallint(5) unsigned NOT NULL default '0', `size` smallint(5) unsigned NOT NULL default '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM ; );
INSERT INTO `<<worlds>>` (`id`, `name`, `size`) VALUES INSERT INTO `<<worlds>>` (`id`, `name`, `size`) VALUES
(1, 'Raenslide', 100), (1, 'Raenslide', 100),
(2, 'Lorenfall', 100), (2, 'Lorenfall', 100),
(3, 'Borderlands', 100), (3, 'Borderlands', 100),
(4, 'Inferno', 100), (4, 'Inferno', 100),
(5, 'Unreality', 100); (5, 'Unreality', 100);

97
lib.php
View File

@ -20,24 +20,19 @@
//if (file_exists("install.php")) { die("Please remove the <b>install.php</b> and <b>install.sql</b> files from your game directory before continuing."); } //if (file_exists("install.php")) { die("Please remove the <b>install.php</b> and <b>install.sql</b> files from your game directory before continuing."); }
//if (file_exists("install.sql")) { die("Please remove the install.php file from your game directory before continuing."); } //if (file_exists("install.sql")) { die("Please remove the install.php file from your game directory before continuing."); }
require_once 'shim.php';
// Setup for superglobal stuff that can't go in globals.php. // Setup for superglobal stuff that can't go in globals.php.
$starttime = getmicrotime(); $starttime = getmicrotime();
$numqueries = 0; $numqueries = 0;
$link = opendb(); $link = opendb();
$version = "Beta 5"; $version = "Beta 5";
$bnumber = "20"; $bnumber = "21";
$bname = "Consolation Prize Part Deux"; $bname = "Make Playable";
$bdate = "9.2.2007"; $bdate = "8.8.2024";
include("lib2.php"); include("lib2.php");
// Handling for servers with magic_quotes turned on. // Handling for servers with magic_quotes turned on.
if (get_magic_quotes_gpc()) {
$_POST = array_map('uber_ss', $_POST);
$_GET = array_map('uber_ss', $_GET);
$_COOKIE = array_map('uber_ss', $_COOKIE);
}
$_POST = array_map('uber_mres', $_POST); $_POST = array_map('uber_mres', $_POST);
$_POST = array_map('uber_hsc', $_POST); $_POST = array_map('uber_hsc', $_POST);
$_GET = array_map('uber_mres', $_GET); $_GET = array_map('uber_mres', $_GET);
@ -46,30 +41,30 @@ $_COOKIE = array_map('uber_mres', $_COOKIE);
$_COOKIE = array_map('uber_hsc', $_COOKIE); $_COOKIE = array_map('uber_hsc', $_COOKIE);
function uber_ss($value) { function uber_ss($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_ss', $value) : array_map('uber_ss', $value) :
stripslashes($value); stripslashes($value);
return $value; return $value;
} }
function uber_mres($value) { function uber_mres($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_mres', $value) : array_map('uber_mres', $value) :
mysql_real_escape_string($value); mysql_real_escape_string($value);
return $value; return $value;
} }
function uber_hsc($value) { function uber_hsc($value) {
$value = is_array($value) ? $value = is_array($value) ?
array_map('uber_hsc', $value) : array_map('uber_hsc', $value) :
htmlspecialchars($value); htmlspecialchars($value);
return $value; return $value;
} }
function opendb() { // Open database connection. function opendb() { // Open database connection.
@ -83,7 +78,7 @@ function opendb() { // Open database connection.
} }
function doquery($query) { // Something of a tiny little database abstraction layer. function doquery($query) { // Something of a tiny little database abstraction layer.
include('config.php'); include('config.php');
global $numqueries, $controlrow; global $numqueries, $controlrow;
$sqlquery = mysql_query(preg_replace('/<<([a-zA-Z0-9_\-]+)>>/', $dbsettings["prefix"].'_$1', $query)); $sqlquery = mysql_query(preg_replace('/<<([a-zA-Z0-9_\-]+)>>/', $dbsettings["prefix"].'_$1', $query));
@ -91,16 +86,16 @@ function doquery($query) { // Something of a tiny little database abstraction la
if ($sqlquery == false) { if ($sqlquery == false) {
if ($controlrow["debug"] == 1) { die(mysql_error() . "<br /><br />" . $query); } else { die("A MySQL query error occurred. Please contact the game administrator for more help."); } if ($controlrow["debug"] == 1) { die(mysql_error() . "<br /><br />" . $query); } else { die("A MySQL query error occurred. Please contact the game administrator for more help."); }
} }
$numqueries++; $numqueries++;
return $sqlquery; return $sqlquery;
} }
function dorow($sqlquery, $force = "") { // Abstraction layer part deux. function dorow($sqlquery, $force = "") { // Abstraction layer part deux.
switch (mysql_num_rows($sqlquery)) { switch (mysql_num_rows($sqlquery)) {
case 0: case 0:
$row = false; $row = false;
break; break;
@ -123,34 +118,34 @@ function dorow($sqlquery, $force = "") { // Abstraction layer part deux.
} }
} }
break; break;
} }
return $row; return $row;
} }
function gettemplate($templatename) { // SQL query for the template. function gettemplate($templatename) { // SQL query for the template.
$filename = "templates/" . $templatename . ".php"; $filename = "templates/" . $templatename . ".php";
include("$filename"); include("$filename");
return $template; return $template;
} }
function parsetemplate($template, $array) { // Replace template with proper content. Also does languages. function parsetemplate($template, $array) { // Replace template with proper content. Also does languages.
foreach($array as $a => $b) { foreach($array as $a => $b) {
$template = str_replace("{{{$a}}}", $b, $template); $template = str_replace("{{{$a}}}", $b, $template);
} }
return $template; return $template;
} }
function getmicrotime() { // Used for timing script operations. function getmicrotime() { // Used for timing script operations.
list($usec, $sec) = explode(" ",microtime()); list($usec, $sec) = explode(" ",microtime());
return ((float)$usec + (float)$sec); return ((float)$usec + (float)$sec);
} }
@ -164,18 +159,18 @@ function mymail($to, $title, $body, $from = '') { // thanks to arto dot PLEASE d
global $controlrow; global $controlrow;
extract($controlrow); extract($controlrow);
$from = trim($from); $from = trim($from);
if (!$from) { if (!$from) {
$from = "<$adminemail>"; $from = "<$adminemail>";
} }
$rp = $adminemail; $rp = $adminemail;
$org = "$gameurl"; $org = "$gameurl";
$mailer = "PHP"; $mailer = "PHP";
$head = ""; $head = "";
$head .= "Content-Type: text/plain \r\n"; $head .= "Content-Type: text/plain \r\n";
$head .= "Date: ". date('r'). " \r\n"; $head .= "Date: ". date('r'). " \r\n";
@ -187,26 +182,26 @@ function mymail($to, $title, $body, $from = '') { // thanks to arto dot PLEASE d
$head .= "X-Sender: $from \r\n"; $head .= "X-Sender: $from \r\n";
$head .= "X-Priority: 3 \r\n"; $head .= "X-Priority: 3 \r\n";
$head .= "X-Mailer: $mailer \r\n"; $head .= "X-Mailer: $mailer \r\n";
$body = str_replace("\r\n", "\n", $body); $body = str_replace("\r\n", "\n", $body);
$body = str_replace("\n", "\r\n", $body); $body = str_replace("\n", "\r\n", $body);
return mail($to, $title, $body, $head); return mail($to, $title, $body, $head);
} }
function err($error, $system = false, $panels = true) { // Basic little error handler. function err($error, $system = false, $panels = true) { // Basic little error handler.
$errmsg = "One or more errors have occurred:<br /><br /><b>$error</b><br /><br />Please <a href=\"javascript:history.go(-1);\">go back</a> and try again."; $errmsg = "One or more errors have occurred:<br /><br /><b>$error</b><br /><br />Please <a href=\"javascript:history.go(-1);\">go back</a> and try again.";
display("Error", $errmsg, $panels); display("Error", $errmsg, $panels);
} }
function display($title, $content, $panels = true) { // Finalize page and output to browser. function display($title, $content, $panels = true) { // Finalize page and output to browser.
include('config.php'); include('config.php');
global $controlrow, $userrow, $worldrow, $numqueries, $starttime, $version, $build; global $controlrow, $userrow, $worldrow, $numqueries, $starttime, $version, $build;
if (!isset($controlrow)) { if (!isset($controlrow)) {
$controlrow = dorow(doquery("SELECT * FROM <<control>> WHERE id='1' LIMIT 1")); $controlrow = dorow(doquery("SELECT * FROM <<control>> WHERE id='1' LIMIT 1"));
} }
@ -216,7 +211,7 @@ function display($title, $content, $panels = true) { // Finalize page and output
. "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n" . "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"DTD/xhtml1-transitional.dtd\">\n"
. "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n"; . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n";
$page .= gettemplate("primary"); $page .= gettemplate("primary");
// Setup for primary page array indexes. // Setup for primary page array indexes.
$row = array(); $row = array();
$row["gamename"] = $controlrow["gamename"]; $row["gamename"] = $controlrow["gamename"];
@ -232,24 +227,24 @@ function display($title, $content, $panels = true) { // Finalize page and output
} else { } else {
$row["info"] = "Version <a href=\"index.php?do=version\">" . $row["version"] . "</a> " . $row["debug"]; $row["info"] = "Version <a href=\"index.php?do=version\">" . $row["version"] . "</a> " . $row["debug"];
} }
// Setup for side panels. // Setup for side panels.
include("panels.php"); include("panels.php");
if ($panels == true) { if ($panels == true) {
$row["leftnav"] = panelleft(); $row["leftnav"] = panelleft();
$row["rightnav"] = panelright(); $row["rightnav"] = panelright();
$row["topnav"] = paneltop(true); $row["topnav"] = paneltop(true);
$row["bottomnav"] = panelbottom(); $row["bottomnav"] = panelbottom();
$row["middlenav"] = panelmiddle(); $row["middlenav"] = panelmiddle();
} else { } else {
$row["leftnav"] = ""; $row["leftnav"] = "";
$row["rightnav"] = ""; $row["rightnav"] = "";
$row["topnav"] = paneltop(false); $row["topnav"] = paneltop(false);
$row["bottomnav"] = ""; $row["bottomnav"] = "";
} }
$page = rtrim($page, "<-!"); $page = rtrim($page, "<-!");
$page .= <<<THEVERYENDOFYOU $page .= <<<THEVERYENDOFYOU
<table cellspacing="0" cellpadding="3" style="width: 95px; color: #ffffff; border: solid 1px #ffffff; background-color: #000000; margin-top: 2px;"> <table cellspacing="0" cellpadding="3" style="width: 95px; color: #ffffff; border: solid 1px #ffffff; background-color: #000000; margin-top: 2px;">
<tr> <tr>
@ -267,13 +262,13 @@ $page .= <<<THEVERYENDOFYOU
</center></body> </center></body>
</html> </html>
THEVERYENDOFYOU; THEVERYENDOFYOU;
// Finalize control array for output. // Finalize control array for output.
$page = parsetemplate($page, $row); $page = parsetemplate($page, $row);
if ($controlrow["compression"] == 1) { ob_start("ob_gzhandler"); } if ($controlrow["compression"] == 1) { ob_start("ob_gzhandler"); }
echo $page; echo $page;
die(); die();
} }
?> ?>

1061
shim.php Normal file

File diff suppressed because it is too large Load Diff

340
users.php
View File

@ -20,7 +20,7 @@ include("globals.php");
if(isset($_GET["do"])) { if(isset($_GET["do"])) {
$do = explode(":",$_GET["do"]); $do = explode(":",$_GET["do"]);
switch ($do[0]) { switch ($do[0]) {
case "register": register(); break; case "register": register(); break;
case "profile": profile(); break; case "profile": profile(); break;
case "characters": characters(); break; case "characters": characters(); break;
@ -30,26 +30,26 @@ if(isset($_GET["do"])) {
case "levelup": levelup(); break; case "levelup": levelup(); break;
case "levelspell": levelspell(); break; case "levelspell": levelspell(); break;
default: donothing(); default: donothing();
} }
} else { } else {
donothing(); donothing();
} }
function donothing() { function donothing() {
die(header("Location: index.php")); die(header("Location: index.php"));
} }
function register() { function register() {
if(isset($_POST["submit"])) { if(isset($_POST["submit"])) {
extract($_POST); extract($_POST);
global $controlrow; global $controlrow;
$errors = 0; $errorlist = ""; $errors = 0; $errorlist = "";
// Process username. // Process username.
if (trim($username) == "") { $errors++; $errorlist .= "Username field is required.<br />"; } if (trim($username) == "") { $errors++; $errorlist .= "Username field is required.<br />"; }
if (preg_match("/[^A-z0-9_\-]/", $username)==1) { $errors++; $errorlist .= "Username must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net! if (preg_match("/[^A-z0-9_\-]/", $username)==1) { $errors++; $errorlist .= "Username must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net!
@ -60,20 +60,20 @@ function register() {
if (trim($password1) == "") { $errors++; $errorlist .= "Password fields is required.<br />"; } if (trim($password1) == "") { $errors++; $errorlist .= "Password fields is required.<br />"; }
if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.<br />"; } if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.<br />"; }
$password = md5($password1); $password = md5($password1);
// Process email address. // Process email address.
if (trim($email1) == "") { $errors++; $errorlist .= "Email field is required.<br />"; } if (trim($email1) == "") { $errors++; $errorlist .= "Email field is required.<br />"; }
if ($email1 != $email2) { $errors++; $errorlist .= "Emails don't match.<br />"; } if ($email1 != $email2) { $errors++; $errorlist .= "Emails don't match.<br />"; }
if (! is_email($email1)) { $errors++; $errorlist .= "Email isn't valid.<br />"; } if (! is_email($email1)) { $errors++; $errorlist .= "Email isn't valid.<br />"; }
$emailquery = doquery("SELECT emailaddress FROM <<accounts>> WHERE emailaddress='$email1' LIMIT 1"); $emailquery = doquery("SELECT emailaddress FROM <<accounts>> WHERE emailaddress='$email1' LIMIT 1");
if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; } if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; }
// Process other stuff. // Process other stuff.
if ($imageformat != ".png" && $imageformat != ".gif") { $errors++; $errorlist .= "Invalid input for image format selection.<br />"; } if ($imageformat != ".png" && $imageformat != ".gif") { $errors++; $errorlist .= "Invalid input for image format selection.<br />"; }
if (!is_numeric($minimap)) { $errors++; $errorlist .= "Invalid input for minimap selection.<br />"; } if (!is_numeric($minimap)) { $errors++; $errorlist .= "Invalid input for minimap selection.<br />"; }
if ($errors == 0) { if ($errors == 0) {
if ($controlrow["verifyemail"] == 1) { if ($controlrow["verifyemail"] == 1) {
$verifycode = ""; $verifycode = "";
for ($i=0; $i<8; $i++) { for ($i=0; $i<8; $i++) {
@ -83,10 +83,10 @@ function register() {
} else { } else {
$verifycode='1'; $verifycode='1';
} }
// Now update. // Now update.
$query = doquery("INSERT INTO <<accounts>> SET id='',regdate=NOW(),regip='".$_SERVER["REMOTE_ADDR"]."',verifycode='$verifycode',username='$username',password='$password',emailaddress='$email1',language='English',imageformat='$imageformat', minimap='$minimap'") or die(mysql_error()); $query = doquery("INSERT INTO <<accounts>> SET id='',regdate=NOW(),regip='".$_SERVER["REMOTE_ADDR"]."',verifycode='$verifycode',username='$username',password='$password',emailaddress='$email1',language='English',imageformat='$imageformat', minimap='$minimap'") or die(mysql_error());
// Send confirmation email if necessary. // Send confirmation email if necessary.
if ($controlrow["verifyemail"] == 1) { if ($controlrow["verifyemail"] == 1) {
if (sendregmail($email1, $verifycode) == true) { if (sendregmail($email1, $verifycode) == true) {
@ -97,34 +97,34 @@ function register() {
} else { } else {
$page = "Your account was created succesfully.<br /><br />You may now continue to the <a href=\"login.php?do=login\">Login Page</a> and continue playing ".$controlrow["gamename"]."!"; $page = "Your account was created succesfully.<br /><br />You may now continue to the <a href=\"login.php?do=login\">Login Page</a> and continue playing ".$controlrow["gamename"]."!";
} }
} else { } else {
// Die gracefully on errors. // Die gracefully on errors.
$page = "The following error(s) occurred when your account was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=register\">go back</a> and try again."; $page = "The following error(s) occurred when your account was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=register\">go back</a> and try again.";
} }
display("Register", $page, false); display("Register", $page, false);
} }
$row["imageformat"] = "<option value=\".png\">PNG</option><option value=\".gif\">GIF</option>"; $row["imageformat"] = "<option value=\".png\">PNG</option><option value=\".gif\">GIF</option>";
$row["minimap"] = "<option value=\"1\">Yes</option><option value=\"0\">No</option>"; $row["minimap"] = "<option value=\"1\">Yes</option><option value=\"0\">No</option>";
display("Register", parsetemplate(gettemplate("users_register1"), $row), false); display("Register", parsetemplate(gettemplate("users_register1"), $row), false);
} }
function sendregmail($emailaddress, $vercode) { function sendregmail($emailaddress, $vercode) {
global $controlrow; global $controlrow;
extract($controlrow); extract($controlrow);
$verurl = $gameurl . "verify.php?code=$vercode"; $verurl = $gameurl . "verify.php?code=$vercode";
$email = <<<END $email = <<<END
You or someone using your email address recently signed up for an account on the $gamename server, located at $gameurl. You or someone using your email address recently signed up for an account on the $gamename server, located at $gameurl.
This email is sent to verify your registration email. In order to begin using your account, you must verify your email address. This email is sent to verify your registration email. In order to begin using your account, you must verify your email address.
Please click on the link below or copy/paste it into your browser to activate your account. You will not be able to play the game until your account is activated. Please click on the link below or copy/paste it into your browser to activate your account. You will not be able to play the game until your account is activated.
Verification URL: Verification URL:
@ -135,15 +135,15 @@ END;
$status = mymail($emailaddress, "$gamename Account Verification", $email); $status = mymail($emailaddress, "$gamename Account Verification", $email);
return $status; return $status;
} }
function profile() { function profile() {
global $userrow; global $userrow;
$newuserrow = $userrow; $newuserrow = $userrow;
$template = "users_profile"; $template = "users_profile";
// Setup for viewing other people's profiles. // Setup for viewing other people's profiles.
if(isset($_GET["uid"])) { if(isset($_GET["uid"])) {
if (!is_numeric($_GET["uid"])) { err("Invalid UID."); } if (!is_numeric($_GET["uid"])) { err("Invalid UID."); }
@ -151,10 +151,10 @@ function profile() {
if ($newuserrow == false) { err("No such UID."); } if ($newuserrow == false) { err("No such UID."); }
$template = "users_onlinechar"; $template = "users_onlinechar";
} }
if ($newuserrow["guild"] != 0) { if ($newuserrow["guild"] != 0) {
$newuserrow["newcharname"] = "[<span style=\"color: ".$newuserrow["tagcolor"].";\">".$newuserrow["guildtag"]."</span>]<span style=\"color: ".$newuserrow["namecolor"].";\">".$newuserrow["charname"]."</span>"; $newuserrow["newcharname"] = "[<span style=\"color: ".$newuserrow["tagcolor"].";\">".$newuserrow["guildtag"]."</span>]<span style=\"color: ".$newuserrow["namecolor"].";\">".$newuserrow["charname"]."</span>";
} else { } else {
$newuserrow["newcharname"] = $newuserrow["charname"]; $newuserrow["newcharname"] = $newuserrow["charname"];
} }
@ -163,83 +163,83 @@ function profile() {
} else { } else {
$newuserrow["profcharpicture"] = "<img src=\"images/users/nopicture.gif\" alt=\"".$newuserrow["charname"]."\" />"; $newuserrow["profcharpicture"] = "<img src=\"images/users/nopicture.gif\" alt=\"".$newuserrow["charname"]."\" />";
} }
$newuserrow["formatexperience"] = number_format($newuserrow["experience"]); $newuserrow["formatexperience"] = number_format($newuserrow["experience"]);
$newuserrow["formatgold"] = number_format($newuserrow["gold"]); $newuserrow["formatgold"] = number_format($newuserrow["gold"]);
if ($newuserrow["expbonus"] == 0) { $newuserrow["expbonus"] = ""; } else { if ($newuserrow["expbonus"]>0) { $expsign="+"; } else { $expsign=""; } $newuserrow["expbonus"] = "($expsign".$newuserrow["expbonus"]."%)"; } if ($newuserrow["expbonus"] == 0) { $newuserrow["expbonus"] = ""; } else { if ($newuserrow["expbonus"]>0) { $expsign="+"; } else { $expsign=""; } $newuserrow["expbonus"] = "($expsign".$newuserrow["expbonus"]."%)"; }
if ($newuserrow["goldbonus"] == 0) { $newuserrow["goldbonus"] = ""; } else { if ($newuserrow["goldbonus"]>0) { $goldsign="+"; } else { $goldsign=""; }$newuserrow["goldbonus"] = "($goldsign".$newuserrow["goldbonus"]."%)"; } if ($newuserrow["goldbonus"] == 0) { $newuserrow["goldbonus"] = ""; } else { if ($newuserrow["goldbonus"]>0) { $goldsign="+"; } else { $goldsign=""; }$newuserrow["goldbonus"] = "($goldsign".$newuserrow["goldbonus"]."%)"; }
// Next level. // Next level.
$leveltotal = 15; $leveltotal = 15;
$leveladd = 15; $leveladd = 15;
$i = 2; $i = 2;
while ($i < ($newuserrow["level"] + 1)) { while ($i < ($newuserrow["level"] + 1)) {
$levelstart = $leveltotal; $levelstart = $leveltotal;
if ($i < 4) { if ($i < 4) {
$leveladd = ceil($leveladd * 2.0); $leveladd = ceil($leveladd * 2.0);
} elseif ($i < 13) { } elseif ($i < 13) {
$leveladd = floor($leveladd * 1.45); $leveladd = floor($leveladd * 1.45);
} elseif ($i < 40) { } elseif ($i < 40) {
$leveladd = floor($leveladd * 1.20); $leveladd = floor($leveladd * 1.20);
} elseif ($i < 60) { } elseif ($i < 60) {
$leveladd = 150000; $leveladd = 150000;
} elseif ($i < 80) { } elseif ($i < 80) {
$leveladd = 200000; $leveladd = 200000;
} elseif ($i < 100) { } elseif ($i < 100) {
$leveladd = 300000; $leveladd = 300000;
} elseif ($i >= 100) { } elseif ($i >= 100) {
$leveladd = 500000; $leveladd = 500000;
} }
$leveltotal = $levelstart + $leveladd; $leveltotal = $levelstart + $leveladd;
$i++; $i++;
} }
$newuserrow["formatnextlvl"] = number_format($leveltotal); $newuserrow["formatnextlvl"] = number_format($leveltotal);
// Level points. // Level points.
if ($newuserrow["levelup"] != 0 || $newuserrow["levelspell"] != 0) { $newuserrow["levelpointscharnotice"] = "You have Level/Spell Points available."; } else { $newuserrow["levelpointscharnotice"] = ""; } if ($newuserrow["levelup"] != 0 || $newuserrow["levelspell"] != 0) { $newuserrow["levelpointscharnotice"] = "You have Level/Spell Points available."; } else { $newuserrow["levelpointscharnotice"] = ""; }
// Class. // Class.
$class = dorow(doquery("SELECT * FROM <<classes>> WHERE id='".$newuserrow["charclass"]."' LIMIT 1")); $class = dorow(doquery("SELECT * FROM <<classes>> WHERE id='".$newuserrow["charclass"]."' LIMIT 1"));
$newuserrow["charclass"] = $class["name"]; $newuserrow["charclass"] = $class["name"];
display("Extended Profile",parsetemplate(gettemplate($template),$newuserrow)); display("Extended Profile",parsetemplate(gettemplate($template),$newuserrow));
} }
function settings() { function settings() {
global $acctrow; global $acctrow;
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
extract($_POST); extract($_POST);
$errors = 0; $errors = 0;
$errorlist = ""; $errorlist = "";
// Process password. // Process password.
if (trim($password1) != "") { if (trim($password1) != "") {
if (md5($oldpassword) != $acctrow["password"]) { $errors++; $errorlist .= "Incorrect old password.<br />"; } if (md5($oldpassword) != $acctrow["password"]) { $errors++; $errorlist .= "Incorrect old password.<br />"; }
if ($password1 != $password2) { $errors++; $errorlist .= "New passwords don't match.<br />"; } if ($password1 != $password2) { $errors++; $errorlist .= "New passwords don't match.<br />"; }
$password = "password='".md5($password1)."',"; $password = "password='".md5($password1)."',";
$newpass = true; $newpass = true;
} else { $password = ""; } } else { $password = ""; }
// Process email address. // Process email address.
if (trim($email) == "") { $errors++; $errorlist .= "Email field is required.<br />"; } if (trim($email) == "") { $errors++; $errorlist .= "Email field is required.<br />"; }
if (! is_email($email)) { $errors++; $errorlist .= "Email isn't valid.<br />"; } if (! is_email($email)) { $errors++; $errorlist .= "Email isn't valid.<br />"; }
$emailquery = doquery("SELECT emailaddress FROM <<accounts>> WHERE emailaddress='$email' AND id != '".$acctrow["id"]."' LIMIT 1"); $emailquery = doquery("SELECT emailaddress FROM <<accounts>> WHERE emailaddress='$email' AND id != '".$acctrow["id"]."' LIMIT 1");
if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; } if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; }
// Process other stuff. // Process other stuff.
if ($imageformat != ".png" && $imageformat != ".gif") { $errors++; $errorlist .= "Invalid input for image format selection.<br />"; } if ($imageformat != ".png" && $imageformat != ".gif") { $errors++; $errorlist .= "Invalid input for image format selection.<br />"; }
if (!is_numeric($minimap)) { $errors++; $errorlist .= "Invalid input for minimap selection.<br />"; } if (!is_numeric($minimap)) { $errors++; $errorlist .= "Invalid input for minimap selection.<br />"; }
if ($errors == 0) { if ($errors == 0) {
$query = doquery("UPDATE <<accounts>> SET $password emailaddress='$email', imageformat='$imageformat', minimap='$minimap' WHERE id='".$acctrow["id"]."' LIMIT 1"); $query = doquery("UPDATE <<accounts>> SET $password emailaddress='$email', imageformat='$imageformat', minimap='$minimap' WHERE id='".$acctrow["id"]."' LIMIT 1");
if (isset($newpass)) { if (isset($newpass)) {
setcookie("scourge", "", (time()-3600), "/", "", 0); setcookie("scourge", "", (time()-3600), "/", "", 0);
$page = "Your information was updated successfully. Because you changed your password, you have been logged out to avoid cookie errors.<br /><br />Please use the Log In link above to log back into the game and continue playing."; $page = "Your information was updated successfully. Because you changed your password, you have been logged out to avoid cookie errors.<br /><br />Please use the Log In link above to log back into the game and continue playing.";
unset($GLOBALS["acctrow"]); unset($GLOBALS["acctrow"]);
@ -248,18 +248,18 @@ function settings() {
$page = "Your information was updated successfully. You may now continue <a href=\"index.php\">playing</a>."; $page = "Your information was updated successfully. You may now continue <a href=\"index.php\">playing</a>.";
display("Account Settings", $page); display("Account Settings", $page);
} }
} else { } else {
err("The following error(s) occurred when your account was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=settings\">go back</a> and try again."); err("The following error(s) occurred when your account was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=settings\">go back</a> and try again.");
} }
} }
$row["emailaddress"] = $acctrow["emailaddress"]; $row["emailaddress"] = $acctrow["emailaddress"];
$row["language"] = "<option value=\"English\">English</option>"; $row["language"] = "<option value=\"English\">English</option>";
if ($acctrow["imageformat"] == ".png") { if ($acctrow["imageformat"] == ".png") {
$row["imageformat"] = "<option value=\".png\" selected=\"selected\">PNG</option><option value=\".gif\">GIF</option>"; $row["imageformat"] = "<option value=\".png\" selected=\"selected\">PNG</option><option value=\".gif\">GIF</option>";
} else { } else {
$row["imageformat"] = "<option value=\".png\">PNG</option><option value=\".gif\" selected=\"selected\">GIF</option>"; $row["imageformat"] = "<option value=\".png\">PNG</option><option value=\".gif\" selected=\"selected\">GIF</option>";
@ -270,15 +270,15 @@ function settings() {
$row["minimap"] = "<option value=\"1\">Yes</option><option value=\"0\">No</option>"; $row["minimap"] = "<option value=\"1\">Yes</option><option value=\"0\">No</option>";
} }
display("Account Settings", parsetemplate(gettemplate("users_settings"), $row)); display("Account Settings", parsetemplate(gettemplate("users_settings"), $row));
} }
function characters() { function characters() {
global $acctrow, $userrow, $controlrow; global $acctrow, $userrow, $controlrow;
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
// Change the active character for the account. // Change the active character for the account.
if (!is_numeric($_POST["makeactive"])) { err("Invalid UID."); } if (!is_numeric($_POST["makeactive"])) { err("Invalid UID."); }
$newuserrow = dorow(doquery("SELECT * FROM <<users>> WHERE id='".$_POST["makeactive"]."' LIMIT 1")); $newuserrow = dorow(doquery("SELECT * FROM <<users>> WHERE id='".$_POST["makeactive"]."' LIMIT 1"));
@ -286,12 +286,12 @@ function characters() {
if ($newuserrow["account"] != $acctrow["id"]) { err("You don't own that UID."); } if ($newuserrow["account"] != $acctrow["id"]) { err("You don't own that UID."); }
$setnewchar = doquery("UPDATE <<accounts>> SET activechar='".$_POST["makeactive"]."' WHERE id='".$acctrow["id"]."' LIMIT 1"); $setnewchar = doquery("UPDATE <<accounts>> SET activechar='".$_POST["makeactive"]."' WHERE id='".$acctrow["id"]."' LIMIT 1");
die(header("Location: users.php?do=characters")); die(header("Location: users.php?do=characters"));
} }
if ($userrow != false) { if ($userrow != false) {
// Pagerow setup. // Pagerow setup.
$row["characters"] = $acctrow["characters"]; $row["characters"] = $acctrow["characters"];
$row["remaining"] = 4 - $acctrow["characters"]; $row["remaining"] = 4 - $acctrow["characters"];
$row["activecharname"] = $userrow["charname"]; $row["activecharname"] = $userrow["charname"];
@ -300,26 +300,26 @@ function characters() {
if($row["characters"] < 4) { if($row["characters"] < 4) {
$row["newcharlink"] = "<a href=\"users.php?do=charnew\">Click here to create a new character.</a><br />"; $row["newcharlink"] = "<a href=\"users.php?do=charnew\">Click here to create a new character.</a><br />";
} else { $row["newcharlink"] = ""; } } else { $row["newcharlink"] = ""; }
// Grab characters. // Grab characters.
$charrow = dorow(doquery("SELECT *, DATE_FORMAT(birthdate, '%m.%d.%Y') AS fregdate FROM <<users>> WHERE account='".$acctrow["id"]."' ORDER BY birthdate"), "id"); $charrow = dorow(doquery("SELECT *, DATE_FORMAT(birthdate, '%m.%d.%Y') AS fregdate FROM <<users>> WHERE account='".$acctrow["id"]."' ORDER BY birthdate"), "id");
foreach($charrow as $a=>$b) { foreach($charrow as $a=>$b) {
if ($b["id"] == $acctrow["activechar"]) { if ($b["id"] == $acctrow["activechar"]) {
$row["selectcharlist"] .= "<option value=\"".$b["id"]."\" selected=\"selected\">".$b["charname"]." (Default)</option>"; $row["selectcharlist"] .= "<option value=\"".$b["id"]."\" selected=\"selected\">".$b["charname"]." (Default)</option>";
$b["isdefault"] = "<span class=\"red\">(Default)</span>"; $b["isdefault"] = "<span class=\"red\">(Default)</span>";
} else { } else {
$row["selectcharlist"] .= "<option value=\"".$b["id"]."\">".$b["charname"]."</option>"; $row["selectcharlist"] .= "<option value=\"".$b["id"]."\">".$b["charname"]."</option>";
$b["isdefault"] = ""; $b["isdefault"] = "";
} }
if ($b["charpicture"] != "") { if ($b["charpicture"] != "") {
$b["avatar"] = "<img src=\"".$b["charpicture"]."\" alt=\"".$b["charname"]."\" />"; $b["avatar"] = "<img src=\"".$b["charpicture"]."\" alt=\"".$b["charname"]."\" />";
} else { } else {
$b["avatar"] = "<img src=\"images/users/nopicture.gif\" alt=\"".$b["charname"]."\" />"; $b["avatar"] = "<img src=\"images/users/nopicture.gif\" alt=\"".$b["charname"]."\" />";
} }
if ($controlrow["showsigbot"] == 1) { if ($controlrow["showsigbot"] == 1) {
$sigboturl = $controlrow["gameurl"] . "sigbot/" . $userrow["id"] . ".png"; $sigboturl = $controlrow["gameurl"] . "sigbot/" . $userrow["id"] . ".png";
$b["sigboturl"] = "SigBot URL: <a href=\"$sigboturl\" target=\"_new\">$sigboturl</a><br />"; $b["sigboturl"] = "SigBot URL: <a href=\"$sigboturl\" target=\"_new\">$sigboturl</a><br />";
@ -327,107 +327,107 @@ function characters() {
$b["sigboturl"] = ""; $b["sigboturl"] = "";
} }
$row["fullcharlist"] .= parsetemplate(gettemplate("users_charlistrow"), $b); $row["fullcharlist"] .= parsetemplate(gettemplate("users_charlistrow"), $b);
} }
display("Characters", parsetemplate(gettemplate("users_charlist"), $row)); display("Characters", parsetemplate(gettemplate("users_charlist"), $row));
} else { } else {
display("Characters", gettemplate("users_charlistnew")); display("Characters", gettemplate("users_charlistnew"));
} }
} }
function charnew() { function charnew() {
global $controlrow, $acctrow; global $controlrow, $acctrow;
if ($acctrow["characters"] >= 4) { err("You are not allowed to make any more new characters."); } if ($acctrow["characters"] >= 4) { err("You are not allowed to make any more new characters."); }
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
extract($_POST); extract($_POST);
$errors = 0; $errors = 0;
$errorlist = ""; $errorlist = "";
// Process charname. // Process charname.
if (trim($charname) == "") { $errors++; $errorlist .= "Character Name field is required.<br />"; } if (trim($charname) == "") { $errors++; $errorlist .= "Character Name field is required.<br />"; }
if (preg_match("/[^A-z\ 0-9_\-]/", $charname)==1) { $errors++; $errorlist .= "Character names can only contain letters, numbers, spaces and hyphens.<br />"; } // Thanks to "Carlos Pires" from php.net! if (preg_match("/[^A-z\ 0-9_\-]/", $charname)==1) { $errors++; $errorlist .= "Character names can only contain letters, numbers, spaces and hyphens.<br />"; } // Thanks to "Carlos Pires" from php.net!
$characternamequery = doquery("SELECT charname FROM <<users>> WHERE charname='$charname' LIMIT 1"); $characternamequery = doquery("SELECT charname FROM <<users>> WHERE charname='$charname' LIMIT 1");
if (mysql_num_rows($characternamequery) > 0) { $errors++; $errorlist .= "Character Name already taken - unique Character Name required.<br />"; } if (mysql_num_rows($characternamequery) > 0) { $errors++; $errorlist .= "Character Name already taken - unique Character Name required.<br />"; }
// Upload new charpicture, if required. // Upload new charpicture, if required.
if ($_FILES["intavatar"]["error"] != 4) { if ($_FILES["intavatar"]["error"] != 4) {
$allowed = array(".gif",".jpg",".png"); $allowed = array(".gif",".jpg",".png");
$type = substr($_FILES["intavatar"]["name"],-4); $type = substr($_FILES["intavatar"]["name"],-4);
// Errors. // Errors.
if (!in_array(strtolower($type),$allowed)) { die("Unallowed filetype for avatar."); } if (!in_array(strtolower($type),$allowed)) { die("Unallowed filetype for avatar."); }
if ($_FILES["intavatar"]["size"] > $controlrow["avatarmaxsize"]) { die("Avatar filesize too big."); } if ($_FILES["intavatar"]["size"] > $controlrow["avatarmaxsize"]) { die("Avatar filesize too big."); }
$imagesize = getimagesize($_FILES["intavatar"]["tmp_name"]); $imagesize = getimagesize($_FILES["intavatar"]["tmp_name"]);
if (($imagesize[0]>50) || ($imagesize[1]>50)) { die("Avatar dimensions too big."); } if (($imagesize[0]>50) || ($imagesize[1]>50)) { die("Avatar dimensions too big."); }
// Move file and finish. // Move file and finish.
$randomext = ""; $randomext = "";
for($i=0; $i<8; $i++) { $randomext .= rand(0,9); } for($i=0; $i<8; $i++) { $randomext .= rand(0,9); }
$uploadfile = $controlrow["avatarpath"] . $acctrow["username"] . $randomext . $type; $uploadfile = $controlrow["avatarpath"] . $acctrow["username"] . $randomext . $type;
if (!move_uploaded_file($_FILES["intavatar"]["tmp_name"], $uploadfile)) { die("Unable to upload avatar."); } if (!move_uploaded_file($_FILES["intavatar"]["tmp_name"], $uploadfile)) { die("Unable to upload avatar."); }
$newcharpicture = $controlrow["avatarurl"] . $acctrow["username"] . $randomext . $type; $newcharpicture = $controlrow["avatarurl"] . $acctrow["username"] . $randomext . $type;
} }
// Process everything else important. // Process everything else important.
if (!is_numeric($charclass)) { $errors++; $errorlist .= "Invalid character class.<br />"; } if (!is_numeric($charclass)) { $errors++; $errorlist .= "Invalid character class.<br />"; }
if (!is_numeric($difficulty)) { $errors++; $errorlist .= "Invalid character class.<br />"; } if (!is_numeric($difficulty)) { $errors++; $errorlist .= "Invalid character class.<br />"; }
// Get bonuses and multipliers from classes/difficulties tables. // Get bonuses and multipliers from classes/difficulties tables.
$expbonus = 0; $expbonus = 0;
$goldbonus = 0; $goldbonus = 0;
$classes = dorow(doquery("SELECT * FROM <<classes>> WHERE id='$charclass' LIMIT 1")); $classes = dorow(doquery("SELECT * FROM <<classes>> WHERE id='$charclass' LIMIT 1"));
if ($classes != false) { if ($classes != false) {
$expbonus += $classes["expbonus"]; $expbonus += $classes["expbonus"];
$goldbonus += $classes["goldbonus"]; $goldbonus += $classes["goldbonus"];
} else { $errors++; $errorlist .= "Invalid character class"; } } else { $errors++; $errorlist .= "Invalid character class"; }
$difficulties = dorow(doquery("SELECT * FROM <<difficulties>> WHERE id='$difficulty' LIMIT 1")); $difficulties = dorow(doquery("SELECT * FROM <<difficulties>> WHERE id='$difficulty' LIMIT 1"));
if ($difficulties != false) { if ($difficulties != false) {
$expbonus += $difficulties["expbonus"]; $expbonus += $difficulties["expbonus"];
$goldbonus += $difficulties["goldbonus"]; $goldbonus += $difficulties["goldbonus"];
$difficulty = $difficulties["multiplier"]; $difficulty = $difficulties["multiplier"];
$deathpenalty = $difficulties["deathpenalty"]; $deathpenalty = $difficulties["deathpenalty"];
} else { $errors++; $errorlist .= "Invalid character class"; } } else { $errors++; $errorlist .= "Invalid character class"; }
if ($errors == 0) { if ($errors == 0) {
// Now everything's cool. Create new character row. // Now everything's cool. Create new character row.
$query = doquery("INSERT INTO <<users>> SET id='', account='".$acctrow["id"]."', birthdate=NOW(), lastip='".$_SERVER["REMOTE_ADDR"]."', onlinetime=NOW(), charname='$charname', charpicture='$newcharpicture', charclass='$charclass', difficulty='$difficulty', deathpenalty='$deathpenalty', expbonus='$expbonus', goldbonus='$goldbonus'"); $query = doquery("INSERT INTO <<users>> SET account='".$acctrow["id"]."', birthdate=NOW(), lastip='".$_SERVER["REMOTE_ADDR"]."', onlinetime=NOW(), charname='$charname', charpicture='$newcharpicture', charclass='$charclass', difficulty='$difficulty', deathpenalty='$deathpenalty', expbonus='$expbonus', goldbonus='$goldbonus'");
// Update account row. // Update account row.
$default = ""; $default = "";
if (isset($setdefault)) { $default = "activechar='".mysql_insert_id()."', "; } if (isset($setdefault)) { $default = "activechar='".mysql_insert_id()."', "; }
if ($acctrow["characters"] == 0) { $default = "activechar='".mysql_insert_id()."', "; } if ($acctrow["characters"] == 0) { $default = "activechar='".mysql_insert_id()."', "; }
$query2 = doquery("UPDATE <<accounts>> SET $default characters=characters+1 WHERE id='".$acctrow["id"]."' LIMIT 1"); $query2 = doquery("UPDATE <<accounts>> SET $default characters=characters+1 WHERE id='".$acctrow["id"]."' LIMIT 1");
// And we're finished. // And we're finished.
die(header("Location: users.php?do=characters")); die(header("Location: users.php?do=characters"));
} else { } else {
// Die gracefully on errors. // Die gracefully on errors.
if ($acctrow["characters"] != 0) { if ($acctrow["characters"] != 0) {
err("The following error(s) occurred when your character was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=charnew\">go back</a> and try again."); err("The following error(s) occurred when your character was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=charnew\">go back</a> and try again.");
} else { } else {
die("The following error(s) occurred when your character was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=charnew\">go back</a> and try again."); die("The following error(s) occurred when your character was being made:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"users.php?do=charnew\">go back</a> and try again.");
} }
} }
} }
$classes = dorow(doquery("SELECT * FROM <<classes>> ORDER BY id")); $classes = dorow(doquery("SELECT * FROM <<classes>> ORDER BY id"));
$row["charclass"] = ""; $row["charclass"] = "";
$row["classdesc"] = ""; $row["classdesc"] = "";
@ -443,108 +443,108 @@ function charnew() {
foreach($difficulty as $a=>$b) { foreach($difficulty as $a=>$b) {
$row["difficulty"] .= "<option value=\"".$b["id"]."\">".$b["name"]."</option>"; $row["difficulty"] .= "<option value=\"".$b["id"]."\">".$b["name"]."</option>";
} }
if ($acctrow["characters"] == 0) { $row["defaultenabled"] = "disabled=\"disabled\""; } else { $row["defaultenabled"] = ""; } if ($acctrow["characters"] == 0) { $row["defaultenabled"] = "disabled=\"disabled\""; } else { $row["defaultenabled"] = ""; }
$row["maxsize"] = round($controlrow["avatarmaxsize"] / 1000, 1); $row["maxsize"] = round($controlrow["avatarmaxsize"] / 1000, 1);
display("Characters", parsetemplate(gettemplate("users_charnew"), $row), false); display("Characters", parsetemplate(gettemplate("users_charnew"), $row), false);
} }
function charedit() { function charedit() {
global $controlrow, $acctrow; global $controlrow, $acctrow;
// Change the active character for the account. // Change the active character for the account.
if (!is_numeric($_GET["uid"])) { err("Invalid UID."); } if (!is_numeric($_GET["uid"])) { err("Invalid UID."); }
$newuserrow = dorow(doquery("SELECT * FROM <<users>> WHERE id='".$_GET["uid"]."' LIMIT 1")); $newuserrow = dorow(doquery("SELECT * FROM <<users>> WHERE id='".$_GET["uid"]."' LIMIT 1"));
if ($newuserrow == false) { err("No such UID."); } if ($newuserrow == false) { err("No such UID."); }
if ($newuserrow["account"] != $acctrow["id"]) { err("You don't own that UID."); } if ($newuserrow["account"] != $acctrow["id"]) { err("You don't own that UID."); }
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
extract($_POST); extract($_POST);
// Upload new charpicture, if required. // Upload new charpicture, if required.
if ($_FILES["intavatar"]["error"] != 4) { if ($_FILES["intavatar"]["error"] != 4) {
$allowed = array(".gif",".jpg",".png"); $allowed = array(".gif",".jpg",".png");
$type = substr($_FILES["intavatar"]["name"],-4); $type = substr($_FILES["intavatar"]["name"],-4);
// Errors. // Errors.
if (!in_array(strtolower($type),$allowed)) { err("Unallowed filetype for avatar."); } if (!in_array(strtolower($type),$allowed)) { err("Unallowed filetype for avatar."); }
if ($_FILES["intavatar"]["size"] > $controlrow["avatarmaxsize"]) { err("Avatar filesize too big."); } if ($_FILES["intavatar"]["size"] > $controlrow["avatarmaxsize"]) { err("Avatar filesize too big."); }
$imagesize = getimagesize($_FILES["intavatar"]["tmp_name"]); $imagesize = getimagesize($_FILES["intavatar"]["tmp_name"]);
if (($imagesize[0]>50) || ($imagesize[1]>50)) { err("Avatar dimensions too big."); } if (($imagesize[0]>50) || ($imagesize[1]>50)) { err("Avatar dimensions too big."); }
// Move file and finish. // Move file and finish.
$randomext = ""; $randomext = "";
for($i=0; $i<8; $i++) { $randomext .= rand(0,9); } for($i=0; $i<8; $i++) { $randomext .= rand(0,9); }
$uploadfile = $controlrow["avatarpath"] . $acctrow["username"] . $randomext . $type; $uploadfile = $controlrow["avatarpath"] . $acctrow["username"] . $randomext . $type;
if (!move_uploaded_file($_FILES["intavatar"]["tmp_name"], $uploadfile)) { err("Unable to upload avatar."); } if (!move_uploaded_file($_FILES["intavatar"]["tmp_name"], $uploadfile)) { err("Unable to upload avatar."); }
$newcharpicture = $controlrow["avatarurl"] . $acctrow["username"] . $randomext . $type; $newcharpicture = $controlrow["avatarurl"] . $acctrow["username"] . $randomext . $type;
if ($newuserrow["charpicture"] != "") { if ($newuserrow["charpicture"] != "") {
$oldav = ltrim($newuserrow["charpicture"], $controlrow["avatarurl"]); $oldav = ltrim($newuserrow["charpicture"], $controlrow["avatarurl"]);
unlink($controlrow["avatarpath"] . $oldav); unlink($controlrow["avatarpath"] . $oldav);
} }
} }
// Now everything's cool. // Now everything's cool.
$query = doquery("UPDATE <<users>> SET charpicture='$newcharpicture' WHERE id='".$newuserrow["id"]."' LIMIT 1"); $query = doquery("UPDATE <<users>> SET charpicture='$newcharpicture' WHERE id='".$newuserrow["id"]."' LIMIT 1");
die(header("Location: users.php?do=characters")); die(header("Location: users.php?do=characters"));
} elseif (isset($_POST["delete"])) { } elseif (isset($_POST["delete"])) {
if ($acctrow["characters"] == 1) { err("You only have one character on your account. If you wish to delete this character, please make a new one first before trying to delete this one."); } if ($acctrow["characters"] == 1) { err("You only have one character on your account. If you wish to delete this character, please make a new one first before trying to delete this one."); }
display("Characters", parsetemplate(gettemplate("users_chardelete"), $newuserrow)); display("Characters", parsetemplate(gettemplate("users_chardelete"), $newuserrow));
} elseif (isset($_POST["ultrakill"])) { } elseif (isset($_POST["ultrakill"])) {
// First we delete the char. // First we delete the char.
$query = doquery("DELETE FROM <<users>> WHERE id='".$newuserrow["id"]."'"); $query = doquery("DELETE FROM <<users>> WHERE id='".$newuserrow["id"]."'");
// Then we gotta update acctrow accordingly. // Then we gotta update acctrow accordingly.
$query2 = dorow(doquery("SELECT * FROM <<users>> WHERE account='".$acctrow["id"]."' ORDER BY id LIMIT 1")); $query2 = dorow(doquery("SELECT * FROM <<users>> WHERE account='".$acctrow["id"]."' ORDER BY id LIMIT 1"));
$query3 = doquery("UPDATE <<accounts>> SET characters=characters-1, activechar='".$query2["id"]."' WHERE id='".$acctrow["id"]."' LIMIT 1"); $query3 = doquery("UPDATE <<accounts>> SET characters=characters-1, activechar='".$query2["id"]."' WHERE id='".$acctrow["id"]."' LIMIT 1");
die(header("Location: users.php?do=characters")); die(header("Location: users.php?do=characters"));
} elseif (isset($_POST["wimpout"])) { } elseif (isset($_POST["wimpout"])) {
die(header("Location: users.php?do=characters")); die(header("Location: users.php?do=characters"));
} }
$newuserrow["maxsize"] = round($controlrow["avatarmaxsize"] / 1000, 1); $newuserrow["maxsize"] = round($controlrow["avatarmaxsize"] / 1000, 1);
display("Characters", parsetemplate(gettemplate("users_charedit"), $newuserrow)); display("Characters", parsetemplate(gettemplate("users_charedit"), $newuserrow));
} }
function levelup() { function levelup() {
global $userrow; global $userrow;
if ($userrow["levelup"] == 0) { err("You do not currently have any Level Points to spend."); } if ($userrow["levelup"] == 0) { err("You do not currently have any Level Points to spend."); }
$classrow = dorow(doquery("SELECT * FROM <<classes>> WHERE id='".$userrow["charclass"]."' LIMIT 1")); $classrow = dorow(doquery("SELECT * FROM <<classes>> WHERE id='".$userrow["charclass"]."' LIMIT 1"));
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
unset($_POST["submit"]); unset($_POST["submit"]);
// Check to make sure they didn't mess with the input names. // Check to make sure they didn't mess with the input names.
foreach($_POST as $a=>$b) { foreach($_POST as $a=>$b) {
if (!is_numeric($a)) { err("Invalid input format."); } if (!is_numeric($a)) { err("Invalid input format."); }
} }
// Loop through and add points where appropriate. // Loop through and add points where appropriate.
// Note that we loop through the number of points in $userrow, rather than the number of fields. // Note that we loop through the number of points in $userrow, rather than the number of fields.
// This is to ensure that people don't edit the source to just add more fields. // This is to ensure that people don't edit the source to just add more fields.
$total = $userrow["levelup"]; $total = $userrow["levelup"];
for($i=0; $i<$total; $i++) { for($i=0; $i<$total; $i++) {
switch($_POST[$i]) { switch($_POST[$i]) {
case "str": case "str":
$userrow["strength"]++; $userrow["strength"]++;
$userrow["physattack"] += (1 * $classrow["damageperstrength"]); $userrow["physattack"] += (1 * $classrow["damageperstrength"]);
$userrow["levelup"]--; $userrow["levelup"]--;
@ -570,19 +570,19 @@ function levelup() {
break; break;
} }
} }
// Round down any fractions. // Round down any fractions.
$userrow["physattack"] = floor($userrow["physattack"]); $userrow["physattack"] = floor($userrow["physattack"]);
$userrow["physdefense"] = floor($userrow["physdefense"]); $userrow["physdefense"] = floor($userrow["physdefense"]);
$userrow["maxhp"] = floor($userrow["maxhp"]); $userrow["maxhp"] = floor($userrow["maxhp"]);
$userrow["maxmp"] = floor($userrow["maxmp"]); $userrow["maxmp"] = floor($userrow["maxmp"]);
// Finish. // Finish.
updateuserrow(); updateuserrow();
display("Level Points", parsetemplate(gettemplate("users_levelup2"), $userrow)); display("Level Points", parsetemplate(gettemplate("users_levelup2"), $userrow));
} else { } else {
$row["dropdowns"] = ""; $row["dropdowns"] = "";
for($i=0; $i<$userrow["levelup"]; $i++) { for($i=0; $i<$userrow["levelup"]; $i++) {
$row["dropdowns"] .= "<div style=\"padding-bottom: 5px;\"><select name=\"$i\"><option value=\"0\">Pick One</option><option value=\"str\">Strength</option><option value=\"dex\">Dexterity</option><option value=\"lif\">Life</option><option value=\"enr\">Energy</option></select></div>\n"; $row["dropdowns"] .= "<div style=\"padding-bottom: 5px;\"><select name=\"$i\"><option value=\"0\">Pick One</option><option value=\"str\">Strength</option><option value=\"dex\">Dexterity</option><option value=\"lif\">Life</option><option value=\"enr\">Energy</option></select></div>\n";
@ -593,31 +593,31 @@ function levelup() {
$row["hpperlife"] = $classrow["hpperlife"]; $row["hpperlife"] = $classrow["hpperlife"];
$row["mpperenergy"] = $classrow["mpperenergy"]; $row["mpperenergy"] = $classrow["mpperenergy"];
$row["levelup"] = $userrow["levelup"]; $row["levelup"] = $userrow["levelup"];
display("Level Points", parsetemplate(gettemplate("users_levelup1"), $row)); display("Level Points", parsetemplate(gettemplate("users_levelup1"), $row));
} }
} }
function levelspell() { function levelspell() {
global $userrow, $spells; global $userrow, $spells;
if ($userrow["levelspell"] == 0) { err("You do not currently have any Spell Points to spend."); } if ($userrow["levelspell"] == 0) { err("You do not currently have any Spell Points to spend."); }
if (isset($_POST["submit"])) { if (isset($_POST["submit"])) {
unset($_POST["submit"]); unset($_POST["submit"]);
// Check to make sure they didn't mess with the input names. // Check to make sure they didn't mess with the input names.
foreach($_POST as $a=>$b) { foreach($_POST as $a=>$b) {
$a = ltrim($a,"spelot"); $a = ltrim($a,"spelot");
if (!is_numeric($a)) { err("Invalid input format."); } if (!is_numeric($a)) { err("Invalid input format."); }
} }
// Loop through and add points where appropriate. // Loop through and add points where appropriate.
// Note that we loop through the number of points in $userrow, rather than the number of fields. // Note that we loop through the number of points in $userrow, rather than the number of fields.
// This is to ensure that people don't edit the source to just add more fields. // This is to ensure that people don't edit the source to just add more fields.
$total = $userrow["levelspell"]; $total = $userrow["levelspell"];
for($i=0; $i<$total; $i++) { for($i=0; $i<$total; $i++) {
@ -629,19 +629,19 @@ function levelspell() {
$userrow["levelspell"]--; $userrow["levelspell"]--;
} }
} }
// Finish. // Finish.
updateuserrow(); updateuserrow();
display("Spell Points", parsetemplate(gettemplate("users_levelspell2"), $userrow)); display("Spell Points", parsetemplate(gettemplate("users_levelspell2"), $userrow));
} else { } else {
if ($userrow["levelspell"] != 0) { if ($userrow["levelspell"] != 0) {
$row["spelldropdowns"] = ""; $row["spelldropdowns"] = "";
for ($j=0; $j<$userrow["levelspell"]; $j++) { for ($j=0; $j<$userrow["levelspell"]; $j++) {
$row["spelldropdowns"] .= "<select name=\"spell$j\"><option value=\"0\">Pick One</option>\n"; $row["spelldropdowns"] .= "<select name=\"spell$j\"><option value=\"0\">Pick One</option>\n";
foreach($spells as $a=>$b) { foreach($spells as $a=>$b) {
if (($b["minlevel"] <= $userrow["level"]) && ($b["classonly"] == $userrow["charclass"] ^ $b["classexclude"] != $userrow["charclass"])) { if (($b["minlevel"] <= $userrow["level"]) && ($b["classonly"] == $userrow["charclass"] ^ $b["classexclude"] != $userrow["charclass"])) {
$row["spelldropdowns"] .= "<option value=\"".$b["id"]."\">".$b["name"]."</option>\n"; $row["spelldropdowns"] .= "<option value=\"".$b["id"]."\">".$b["name"]."</option>\n";
} }
} }
@ -649,7 +649,7 @@ function levelspell() {
for ($k=1; $k<11; $k++) { for ($k=1; $k<11; $k++) {
if ($userrow["spell".$k."id"] != 0) { if ($userrow["spell".$k."id"] != 0) {
$row["spelldropdowns"] .= "<option value=\"$k\">Slot $k: ".$userrow["spell".$k."name"]."</option>"; $row["spelldropdowns"] .= "<option value=\"$k\">Slot $k: ".$userrow["spell".$k."name"]."</option>";
} else { } else {
$row["spelldropdowns"] .= "<option value=\"$k\">Slot $k: Empty</option>"; $row["spelldropdowns"] .= "<option value=\"$k\">Slot $k: Empty</option>";
} }
} }
@ -657,13 +657,13 @@ function levelspell() {
} }
$row["spelldropdowns"] .= "<br />"; $row["spelldropdowns"] .= "<br />";
} }
$row["levelspell"] = $userrow["levelspell"]; $row["levelspell"] = $userrow["levelspell"];
display("Spell Points", parsetemplate(gettemplate("users_levelspell1"), $row)); display("Spell Points", parsetemplate(gettemplate("users_levelspell1"), $row));
} }
} }
?> ?>