Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-04-26 01:09:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

bye bye trailing whitespaces (#442)

Browse Source
This commit is contained in:
Evil Puncker 2020-08-02 09:48:13 -03:00 committed by GitHub
parent aa016fc0b1
commit a00dbcfabd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
77 changed files with 1056 additions and 1064 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Lua/TFS_02/creaturescript firstitems/firstitems.lua
View File

@ -47,13 +47,13 @@ function onLogin(cid)
for i = 1, table.getn(sorcItems), 1 do
doPlayerAddItem(cid, sorcItems[i], 1, false)
end
elseif getPlayerVocation(cid) == 2 then
-- Druid
for i = 1, table.getn(druidItems), 1 do
doPlayerAddItem(cid, druidItems[i], 1, false)
end
elseif getPlayerVocation(cid) == 3 then
-- Paladin
for i = 1, table.getn(pallyItems), 1 do
@ -61,7 +61,7 @@ function onLogin(cid)
end
-- 8 arrows
doPlayerAddItem(cid, 2544, 8, false)
elseif getPlayerVocation(cid) == 4 then
-- Knight
for i = 1, table.getn(kinaItems), 1 do

4
Lua/TFS_02/talkaction shopsystem/znoteshop.lua
View File

@ -19,7 +19,7 @@ function onSay(cid, words, param)
print("Player: " .. getCreatureName(cid) .. " triggered !shop talkaction.")
-- Create the query
local orderQuery = db.storeQuery("SELECT `id`, `type`, `itemid`, `count` FROM `znote_shop_orders` WHERE `account_id` = " .. accid .. ";")
local served = false
local served = false
-- Detect if we got any results
if orderQuery ~= false then
@ -30,7 +30,7 @@ function onSay(cid, words, param)
local q_count = result.getDataInt(orderQuery, "count")
local description = "Unknown or custom type"
if type_desc[q_type] ~= nil then
if type_desc[q_type] ~= nil then
description = type_desc[q_type]
end
print("Processing type "..q_type..": ".. description)

6
Lua/TFS_03/talkaction shopsystem/znoteshop.lua
View File

@ -19,7 +19,7 @@ function onSay(cid, words, param)
print("Player: " .. getCreatureName(cid) .. " triggered !shop talkaction.")
-- Create the query
local orderQuery = db.storeQuery("SELECT `id`, `type`, `itemid`, `count` FROM `znote_shop_orders` WHERE `account_id` = " .. accid .. ";")
local served = false
local served = false
-- Detect if we got any results
if orderQuery ~= false then
@ -31,7 +31,7 @@ function onSay(cid, words, param)
local q_count = result.getDataInt(orderQuery, "count")
local description = "Unknown or custom type"
if type_desc[q_type] ~= nil then
if type_desc[q_type] ~= nil then
description = type_desc[q_type]
end
print("Processing type "..q_type..": ".. description)
@ -57,7 +57,7 @@ function onSay(cid, words, param)
if(not gotItem) then
doPlayerSendTextMessage(cid, MESSAGE_STATUS_WARNING, "You have no available space in backpack to receive that item.")
end
end
else
doPlayerSendTextMessage(cid, MESSAGE_STATUS_WARNING, "Need more CAP and Need ProtectZone!")
end

18
Lua/TFS_10/creaturescript sync outfits/syncoutfit.lua
View File

@ -1,9 +1,9 @@
-- Sync outfits that player own with Znote AAC
-- So its possible to see which full sets player
-- has in characterprofile.php
-- Sync outfits that player own with Znote AAC
-- So its possible to see which full sets player
-- has in characterprofile.php
znote_outfit_list = {
{ -- Female outfits
{ -- Female outfits
136, 137, 138, 139, 140, 141, 142, 147, 148,
149, 150, 155, 156, 157, 158, 252, 269, 270,
279, 288, 324, 329, 336, 366, 431, 433, 464,
@ -15,7 +15,7 @@ znote_outfit_list = {
1187, 1203, 1205, 1207, 1211, 1246, 1244,
1252, 1271, 1280, 1283, 1289, 1293, 1332
},
{ -- Male outfits
{ -- Male outfits
128, 129, 130, 131, 132, 133, 134, 143, 144,
145, 146, 151, 152, 153, 154, 251, 268, 273,
278, 289, 325, 328, 335, 367, 430, 432, 463,
@ -31,14 +31,14 @@ znote_outfit_list = {
}
function onLogin(player)
-- storage_value + 1000 storages (highest outfit id) must not be used in other script.
-- storage_value + 1000 storages (highest outfit id) must not be used in other script.
-- Must be identical to Znote AAC config.php: $config['EQ_shower'] -> storage_value
local storage_value = 10000
-- Loop through outfits
for _, outfit in pairs(znote_outfit_list[player:getSex() + 1]) do
if player:hasOutfit(outfit,3) then
if player:getStorageValue(storage_value + outfit) ~= 3 then
player:setStorageValue(storage_value + outfit, 3)
if player:hasOutfit(outfit,3) then
if player:getStorageValue(storage_value + outfit) ~= 3 then
player:setStorageValue(storage_value + outfit, 3)
end
end
end

18
Lua/TFS_10/globalevent powergamers/powergamers.lua
View File

@ -1,4 +1,4 @@
-- getEternalStorage and setEternalStorage
-- getEternalStorage and setEternalStorage
-- can be added to data/global.lua if you want to use eternal storage for another purpose than this.
-- Regular TFS global storage values get reset every time server reboots. This does not.
local function getEternalStorage(key, parser)
@ -25,14 +25,14 @@ end
-- SQL Query to execute: --
--[[
ALTER TABLE `znote_players` ADD `exphist_lastexp` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist1` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist2` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist3` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist4` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist5` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist6` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist7` BIGINT(255) NOT NULL DEFAULT '0',
ALTER TABLE `znote_players` ADD `exphist_lastexp` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist1` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist2` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist3` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist4` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist5` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist6` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist7` BIGINT(255) NOT NULL DEFAULT '0',
ADD `onlinetimetoday` BIGINT(20) NOT NULL DEFAULT '0',
ADD `onlinetime1` BIGINT(20) NOT NULL DEFAULT '0',
ADD `onlinetime2` BIGINT(20) NOT NULL DEFAULT '0',

24
Lua/TFS_10/globalevent shopsystem/znoteshop.lua
View File

@ -7,11 +7,11 @@ function onThink(interval, lastExecution)
table.insert(shopTypes, 6);
end
local orderQuery = db.storeQuery([[
SELECT
SELECT
MIN(`po`.`player_id`) AS `player_id`,
`shop`.`id`,
`shop`.`type`,
`shop`.`itemid`,
`shop`.`id`,
`shop`.`type`,
`shop`.`itemid`,
`shop`.`count`
FROM `players_online` AS `po`
INNER JOIN `players` AS `p`
@ -32,7 +32,7 @@ function onThink(interval, lastExecution)
"Mounts",
"Instant house purchase"
}
repeat
repeat
local player_id = result.getNumber(orderQuery, 'player_id')
local orderId = result.getNumber(orderQuery, 'id')
local orderType = result.getNumber(orderQuery, 'type')
@ -44,7 +44,7 @@ function onThink(interval, lastExecution)
if player ~= nil then
local description = "Unknown or custom type"
if type_desc[orderType] ~= nil then
if type_desc[orderType] ~= nil then
description = type_desc[orderType]
end
print("Processing type "..orderType..": ".. description)
@ -66,11 +66,11 @@ function onThink(interval, lastExecution)
player:addItem(orderItemId, orderCount)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. "!")
print("Process complete. [".. player:getName() .."] has received " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
else -- not enough slots
else -- not enough slots
player:sendTextMessage(MESSAGE_STATUS_WARNING, "Your main backpack is full. You need to free up "..needslots.." available slots to get " .. orderCount .. " " .. ItemType(orderItemId):getName() .. "!")
print("Process canceled. [".. player:getName() .."] need more space in his backpack to get " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
end
else -- not enough cap
else -- not enough cap
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You need more CAP to carry this order!")
print("Process canceled. [".. player:getName() .."] need more cap to carry " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
end
@ -98,7 +98,7 @@ function onThink(interval, lastExecution)
player:addOutfitAddon(outfitId, orderCount)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received a new outfit!")
print("Process complete. [".. player:getName() .."] has received outfit: ["..outfitId.."] with addon: ["..orderCount.."]")
else -- Already has outfit
else -- Already has outfit
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You already have this outfit and addon!")
print("Process canceled. [".. player:getName() .."] already have outfit: ["..outfitId.."] with addon: ["..orderCount.."].")
end
@ -114,7 +114,7 @@ function onThink(interval, lastExecution)
player:addMount(orderItemId)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received a new mount!")
print("Process complete. [".. player:getName() .."] has received mount: ["..orderItemId.."]")
else -- Already has mount
else -- Already has mount
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You already have this mount!")
print("Process canceled. [".. player:getName() .."] already have mount: ["..orderItemId.."].")
end
@ -145,11 +145,11 @@ function onThink(interval, lastExecution)
if not served then -- If this order hasn't been processed yet (missing type handling?)
print("Znote shop: Type ["..orderType.."] not properly processed. Missing Lua code?")
end
else -- Not in protection zone
else -- Not in protection zone
player:sendTextMessage(MESSAGE_INFO_DESCR, 'You have a pending shop order, please enter protection zone.')
print("Skipped one shop order. Reason: Player: [".. player:getName() .."] is not inside protection zone.")
end
else -- player not logged in
else -- player not logged in
print("Skipped one shop order. Reason: Player with id [".. player_id .."] is not online.")
end

18
Lua/TFS_10/revscriptsys/powergamers.lua
View File

@ -1,5 +1,5 @@
-- getEternalStorage and setEternalStorage
-- getEternalStorage and setEternalStorage
-- can be added to data/global.lua if you want to use eternal storage for another purpose than this.
-- Regular TFS global storage values get reset every time server reboots. This does not.
local function getEternalStorage(key, parser)
@ -26,14 +26,14 @@ end
-- SQL Query to execute: --
--[[
ALTER TABLE `znote_players` ADD `exphist_lastexp` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist1` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist2` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist3` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist4` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist5` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist6` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist7` BIGINT(255) NOT NULL DEFAULT '0',
ALTER TABLE `znote_players` ADD `exphist_lastexp` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist1` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist2` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist3` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist4` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist5` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist6` BIGINT(255) NOT NULL DEFAULT '0',
ADD `exphist7` BIGINT(255) NOT NULL DEFAULT '0',
ADD `onlinetimetoday` BIGINT(20) NOT NULL DEFAULT '0',
ADD `onlinetime1` BIGINT(20) NOT NULL DEFAULT '0',
ADD `onlinetime2` BIGINT(20) NOT NULL DEFAULT '0',

24
Lua/TFS_10/revscriptsys/shopsystem_globalevent.lua
View File

@ -7,11 +7,11 @@ function globalevent.onThink(...)
table.insert(shopTypes, 6);
end
local orderQuery = db.storeQuery([[
SELECT
SELECT
MIN(`po`.`player_id`) AS `player_id`,
`shop`.`id`,
`shop`.`type`,
`shop`.`itemid`,
`shop`.`id`,
`shop`.`type`,
`shop`.`itemid`,
`shop`.`count`
FROM `players_online` AS `po`
INNER JOIN `players` AS `p`
@ -32,7 +32,7 @@ function globalevent.onThink(...)
"Mounts",
"Instant house purchase"
}
repeat
repeat
local player_id = result.getNumber(orderQuery, 'player_id')
local orderId = result.getNumber(orderQuery, 'id')
local orderType = result.getNumber(orderQuery, 'type')
@ -44,7 +44,7 @@ function globalevent.onThink(...)
if player ~= nil then
local description = "Unknown or custom type"
if type_desc[orderType] ~= nil then
if type_desc[orderType] ~= nil then
description = type_desc[orderType]
end
print("Processing type "..orderType..": ".. description)
@ -66,11 +66,11 @@ function globalevent.onThink(...)
player:addItem(orderItemId, orderCount)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. "!")
print("Process complete. [".. player:getName() .."] has received " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
else -- not enough slots
else -- not enough slots
player:sendTextMessage(MESSAGE_STATUS_WARNING, "Your main backpack is full. You need to free up "..needslots.." available slots to get " .. orderCount .. " " .. ItemType(orderItemId):getName() .. "!")
print("Process canceled. [".. player:getName() .."] need more space in his backpack to get " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
end
else -- not enough cap
else -- not enough cap
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You need more CAP to carry this order!")
print("Process canceled. [".. player:getName() .."] need more cap to carry " .. orderCount .. "x " .. ItemType(orderItemId):getName() .. ".")
end
@ -98,7 +98,7 @@ function globalevent.onThink(...)
player:addOutfitAddon(outfitId, orderCount)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received a new outfit!")
print("Process complete. [".. player:getName() .."] has received outfit: ["..outfitId.."] with addon: ["..orderCount.."]")
else -- Already has outfit
else -- Already has outfit
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You already have this outfit and addon!")
print("Process canceled. [".. player:getName() .."] already have outfit: ["..outfitId.."] with addon: ["..orderCount.."].")
end
@ -114,7 +114,7 @@ function globalevent.onThink(...)
player:addMount(orderItemId)
player:sendTextMessage(MESSAGE_INFO_DESCR, "Congratulations! You have received a new mount!")
print("Process complete. [".. player:getName() .."] has received mount: ["..orderItemId.."]")
else -- Already has mount
else -- Already has mount
player:sendTextMessage(MESSAGE_STATUS_WARNING, "You already have this mount!")
print("Process canceled. [".. player:getName() .."] already have mount: ["..orderItemId.."].")
end
@ -145,11 +145,11 @@ function globalevent.onThink(...)
if not served then -- If this order hasn't been processed yet (missing type handling?)
print("Znote shop: Type ["..orderType.."] not properly processed. Missing Lua code?")
end
else -- Not in protection zone
else -- Not in protection zone
player:sendTextMessage(MESSAGE_INFO_DESCR, 'You have a pending shop order, please enter protection zone.')
print("Skipped one shop order. Reason: Player: [".. player:getName() .."] is not inside protection zone.")
end
else -- player not logged in
else -- player not logged in
print("Skipped one shop order. Reason: Player with id [".. player_id .."] is not online.")
end

4
Lua/TFS_10/revscriptsys/shopsystem_talkaction.lua
View File

@ -19,7 +19,7 @@ function talkaction.onSay(player)
print("Player: " .. player:getName() .. " triggered !shop talkaction.")
-- Create the query
local orderQuery = db.storeQuery("SELECT `id`, `type`, `itemid`, `count` FROM `znote_shop_orders` WHERE `account_id` = " .. player:getAccountId() .. ";")
local served = false
local served = false
-- Detect if we got any results
if orderQuery ~= false then
@ -31,7 +31,7 @@ function talkaction.onSay(player)
local q_count = result.getNumber(orderQuery, "count")
local description = "Unknown or custom type"
if type_desc[q_type] ~= nil then
if type_desc[q_type] ~= nil then
description = type_desc[q_type]
end
print("Processing type "..q_type..": ".. description)

18
Lua/TFS_10/revscriptsys/sync_outfit.lua
View File

@ -1,11 +1,11 @@
local creatureevent = CreatureEvent("SincOutfit")
-- Sync outfits that player own with Znote AAC
-- So its possible to see which full sets player
-- has in characterprofile.php
-- Sync outfits that player own with Znote AAC
-- So its possible to see which full sets player
-- has in characterprofile.php
znote_outfit_list = {
{ -- Female outfits
{ -- Female outfits
136, 137, 138, 139, 140, 141, 142, 147, 148,
149, 150, 155, 156, 157, 158, 252, 269, 270,
279, 288, 324, 329, 336, 366, 431, 433, 464,
@ -17,7 +17,7 @@ znote_outfit_list = {
1187, 1203, 1205, 1207, 1211, 1246, 1244,
1252, 1271, 1280, 1283, 1289, 1293, 1332
},
{ -- Male outfits
{ -- Male outfits
128, 129, 130, 131, 132, 133, 134, 143, 144,
145, 146, 151, 152, 153, 154, 251, 268, 273,
278, 289, 325, 328, 335, 367, 430, 432, 463,
@ -33,14 +33,14 @@ znote_outfit_list = {
}
function creatureevent.onLogin(player)
-- storage_value + 1000 storages (highest outfit id) must not be used in other script.
-- storage_value + 1000 storages (highest outfit id) must not be used in other script.
-- Must be identical to Znote AAC config.php: $config['EQ_shower'] -> storage_value
local storage_value = 10000
-- Loop through outfits
for _, outfit in pairs(znote_outfit_list[player:getSex() + 1]) do
if player:hasOutfit(outfit,3) then
if player:getStorageValue(storage_value + outfit) ~= 3 then
player:setStorageValue(storage_value + outfit, 3)
if player:hasOutfit(outfit,3) then
if player:getStorageValue(storage_value + outfit) ~= 3 then
player:setStorageValue(storage_value + outfit, 3)
end
end
end

4
Lua/TFS_10/talkaction shopsystem/znoteshop.lua
View File

@ -19,7 +19,7 @@ function onSay(player, words, param)
print("Player: " .. player:getName() .. " triggered !shop talkaction.")
-- Create the query
local orderQuery = db.storeQuery("SELECT `id`, `type`, `itemid`, `count` FROM `znote_shop_orders` WHERE `account_id` = " .. player:getAccountId() .. ";")
local served = false
local served = false
-- Detect if we got any results
if orderQuery ~= false then
@ -31,7 +31,7 @@ function onSay(player, words, param)
local q_count = result.getNumber(orderQuery, "count")
local description = "Unknown or custom type"
if type_desc[q_type] ~= nil then
if type_desc[q_type] ~= nil then
description = type_desc[q_type]
end
print("Processing type "..q_type..": ".. description)

20
README.md
View File

@ -3,17 +3,17 @@ ZnoteAAC
[![CodeFactor](https://www.codefactor.io/repository/github/znote/znoteaac/badge)](https://www.codefactor.io/repository/github/znote/znoteaac)
### What is Znote AAC?
Znote AAC is a full-fledged website used together with an Open Tibia(OT) server.
It aims to be super easy to install and compatible with all the popular OT distributions.
It is created in PHP with a simple custom procedural framework.
Znote AAC is a full-fledged website used together with an Open Tibia(OT) server.
It aims to be super easy to install and compatible with all the popular OT distributions.
It is created in PHP with a simple custom procedural framework.
### Where do I download?
We use github to distribute our versions, stable are tagged as releases, while development is the latest commit.
We use github to distribute our versions, stable are tagged as releases, while development is the latest commit.
* [Stable](https://github.com/Znote/ZnoteAAC/releases)
* [Development](https://github.com/Znote/ZnoteAAC/archive/master.zip)
**NOTE:** Development version supports TFS 1.3, but you can expect bugs to occur.
**NOTE:** Development version supports TFS 1.3, but you can expect bugs to occur.
### Compatible OT distributions
Znote AAC primarily aims to be compatible with [Forgotten Server](https://github.com/otland/forgottenserver)
@ -26,7 +26,7 @@ Forgotten Server is commonly known as TFS (The Forgotten Server) and Znote AAC s
* PHP Version 5.6 or higher. Mostly tested on 5.6 and 7.4. Most web stacks ships with this as default these days.
### Optionals
* For email registration verification and account recovery: [PHPMailer](https://github.com/PHPMailer/PHPMailer/releases) Version 6.x, extracted and renamed to just "PHPMailer" in Znote AAC directory.
* For email registration verification and account recovery: [PHPMailer](https://github.com/PHPMailer/PHPMailer/releases) Version 6.x, extracted and renamed to just "PHPMailer" in Znote AAC directory.
* PHP extension curl for PHPMailer, paypal and google reCaptcha services.
* PHP extension openssl for google reCaptcha services.
@ -36,8 +36,8 @@ Forgotten Server is commonly known as TFS (The Forgotten Server) and Znote AAC s
Without modifying config.php, enter the website and wait for mysql connection error.
This will show you the rest of the instructions as well as the mysql schema.
2: Edit config.php and:
- modify $config['ServerEngine'] with correct TFS version you are running. (TFS_02, TFS_03, TFS_10, OTHIRE).
2: Edit config.php and:
- modify $config['ServerEngine'] with correct TFS version you are running. (TFS_02, TFS_03, TFS_10, OTHIRE).
- modify $config['page_admin_access'] with your admin account username(s).
3: Before inserting correct SQL connection details, visit the website ( http://127.0.0.1/ ), it will generate a mysql schema you should import to your OT servers database.
@ -48,7 +48,7 @@ This will show you the rest of the instructions as well as the mysql schema.
6: Enjoy Znote AAC. You can look around [HERE](https://otland.net/forums/website-applications.118/) for plugins and resources to Znote AAC, for instance various free templates to use.
7: Please note that you need PHP cURL enabled to make Paypal payments work.
7: Please note that you need PHP cURL enabled to make Paypal payments work.
8: You may need to change directory access rights of /engine/cache to allow writing.
@ -60,7 +60,7 @@ Znote AAC is very rich feature wise, here is an attempt at summarizing what we o
- TFS 0.2
- TFS 0.3/4
- TFS 1.x
- Distributions based on these (such as OTX).
- Distributions based on these (such as OTX).
#### General
- Server wide latest death list

16
admin.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
if(!isset($_SESSION['csrf_token'])){
$_SESSION['csrf_token'] = bin2hex(random_bytes_compat(5, $crypto_strong));
@ -9,7 +9,7 @@ if(!isset($_SESSION['csrf_token'])){
protect_page();
admin_only($user_data);
// Encryption (if select field has $key 0, it will return false, so add $enc + $key will return 100, subtract and you get 0, not false).
// Encryption (if select field has $key 0, it will return false, so add $enc + $key will return 100, subtract and you get 0, not false).
$enc = 100;
// Don't bother to think about cross site scripting here, since they can't access the page unless they are admin anyway.
@ -35,14 +35,14 @@ if (empty($_POST) === false) {
$time = (int)$_POST['ban_time'] - $enc;
$comment = $_POST['ban_comment'];
//var_dump($charname, $typeid, $actionid, $reasonid, $time, $comment);
if (set_rule_violation($charname, $typeid, $actionid, $reasonid, $time, $comment)) {
$errors[] = 'Violation entry has been set for '. hhb_tohtml($charname) .'.';
} else {
$errors[] = 'Website character name: '. hhb_tohtml($config['website_char']) .' does not exist. Create this character name or configure another name in config.php';
$errors[] = 'Website failed to recognize a character it can represent while inserting a rule violation.';
}
} else {
$errors[] = 'Character '. hhb_tohtml(getValue($_POST['ban_char'])) .' does not exist.';
}
@ -90,8 +90,8 @@ if (empty($_POST) === false) {
data_dump(
array(
'Old:' => $znote_account['points'],
'New:' => $points,
'Old:' => $znote_account['points'],
'New:' => $points,
'Total:' => ($znote_account['points'] + $points)
),
false,
@ -175,7 +175,7 @@ echo "Last cached on: ". hhb_tohtml(getClock($basic['cached'], true)) .".<br>";
</p>
<ul>
<li>
<b>Permanently delete/erase character from database:</b>
<b>Permanently delete/erase character from database:</b>
<form type="submit" action="" method="post">
<input type="hidden" name="csrf_token" value="<?php echo hhb_tohtml($_SESSION['csrf_token']);?>" />
<input type="text" name="del_name" placeholder="Character name...">
@ -223,7 +223,7 @@ echo "Last cached on: ". hhb_tohtml(getClock($basic['cached'], true)) .".<br>";
<!-- row 3 -->
<tr>
<td>
Ban reason:
Ban reason:
<select name="ban_reason">
<?php
foreach ($config['ban_reason'] as $key=>$value) {

464
admin_auction.php
View File

@ -1,232 +1,232 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
$auction = $config['shop_auction'];
$step = $auction['step'];
$step_duration = $auction['step_duration'];
$loadOutfits = ($config['show_outfits']['highscores']) ? true : false;
function toDuration($is) {
$duration['day'] = $is / (24 * 60 * 60);
if (($duration['day'] - (int)$duration['day']) > 0)
$duration['hour'] = ($duration['day'] - (int)$duration['day']) * 24;
if (isset($duration['hour'])) {
if (($duration['hour'] - (int)$duration['hour']) > 0)
$duration['minute'] = ($duration['hour'] - (int)$duration['hour']) * 60;
if (isset($duration['minute'])) {
if (($duration['minute'] - (int)$duration['minute']) > 0)
$duration['second'] = ($duration['minute'] - (int)$duration['minute']) * 60;
}
}
$tmp = array();
foreach ($duration as $type => $value) {
if ($value >= 1) {
$pluralType = ((int)$value === 1) ? $type : $type . 's';
if ($type !== 'second') $tmp[] = (int)$value . " $pluralType";
else $tmp[] = (int)$value . " $pluralType";
}
}
return implode(', ', $tmp);
}
// start
// Passive check to see if bid period has expired and someone won a deal
$time = time();
$expired_auctions = mysql_select_multi("
SELECT `id`
FROM `znote_auction_player`
WHERE `sold` = 0
AND `time_end` < {$time}
AND `bidder_account_id` > 0
");
//data_dump($expired_auctions, $this_account_id, "expired_auctions");
if ($expired_auctions !== false) {
$soldIds = array();
foreach ($expired_auctions as $a) {
$soldIds[] = $a['id'];
}
if (!empty($soldIds)) {
mysql_update("
UPDATE `znote_auction_player`
SET `sold`=1
WHERE `id` IN(".implode(',', $soldIds).")
LIMIT ".COUNT($soldIds).";
");
}
}
// end passive check
// Pending auctions
$pending = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`id` AS `player_id`,
`p`.`name`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `p`.`account_id` = {$auction['storage_account_id']}
AND `za`.`claimed` = 0
AND `za`.`sold` = 1
ORDER BY `za`.`time_end` desc
");
// ongoing auctions
$ongoing = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `p`.`account_id` = {$auction['storage_account_id']}
AND `za`.`sold` = 0
ORDER BY `za`.`time_end` desc;
");
// Completed auctions
$completed = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`id` AS `player_id`,
`p`.`name`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `za`.`claimed` = 1
ORDER BY `za`.`time_end` desc
");
?>
<h1>Character Auction History</h1>
<p><strong>Let players sell, buy and bid on characters.</strong>
<br>Creates a deeper shop economy, encourages players to spend more money in shop for points.
<br>Pay to win/progress mechanic, but also lets people who can barely afford points to gain it
<br>by leveling characters to sell. It can also discourages illegal/risky third-party account
<br>services. Since players can buy officially & support the server, dodgy competitors have to sell for cheaper.
<br>Without admin interference this is organic to each individual community economy inflation.</p>
<?php data_dump($config['shop_auction'], false, "config.php: shop_auction") ?>
<h2>Pending orders to be claimed</h2>
<?php if ($pending !== false): ?>
<table class="auction_char">
<tr class="yellow">
<td>Player</td>
<td>Level</td>
<td>Vocation</td>
<td>Price</td>
<td>Bid</td>
</tr>
<?php foreach($pending as $character): ?>
<tr>
<td><a href="/characterprofile.php?name=<?php echo $character['name']; ?>"><?php echo $character['name']; ?></a></td>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
</tr>
<tr>
<td style="text-align: right;"><strong>Added:</strong></td>
<td><?php echo getClock($character['time_begin'], true); ?></td>
<td style="text-align: right;"><strong>Ended:</strong></td>
<td colspan="2"><?php echo getClock($character['time_end'], true); ?></td>
</tr>
<tr class="yellow">
<td colspan="5"></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
<h2>Ongoing auctions</h2>
<?php if (is_array($ongoing) && !empty($ongoing)): ?>
<table class="auction_char">
<tr class="yellow">
<td>Level</td>
<td>Vocation</td>
<td>Details</td>
<td>Price</td>
<td>Bid</td>
<td>Added</td>
<td>Type</td>
</tr>
<?php foreach($ongoing as $character): ?>
<tr>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><a href="/auctionChar.php?action=view&zaid=<?php echo $character['zaid']; ?>">VIEW</a></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
<td><?php
$ended = (time() > $character['time_end']) ? true : false;
echo getClock($character['time_begin'], true);
?>
</td>
<td><?php echo ($ended) ? 'Instant' : 'Bidding<br>('.toDuration(($character['time_end'] - time())).')'; ?></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
<h2>Completed auctions</h2>
<?php
if ($completed !== false): ?>
<table class="auction_char">
<tr class="yellow">
<td>Player</td>
<td>Level</td>
<td>Vocation</td>
<td>Price</td>
<td>Bid</td>
</tr>
<?php foreach($completed as $character): ?>
<tr>
<td><a href="/characterprofile.php?name=<?php echo $character['name']; ?>"><?php echo $character['name']; ?></a></td>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
</tr>
<tr>
<td style="text-align: right;"><strong>Added:</strong></td>
<td><?php echo getClock($character['time_begin'], true); ?></td>
<td style="text-align: right;"><strong>Ended:</strong></td>
<td colspan="2"><?php echo getClock($character['time_end'], true); ?></td>
</tr>
<tr class="yellow">
<td colspan="5"></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif;
// end
include 'layout/overall/footer.php'; ?>
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
$auction = $config['shop_auction'];
$step = $auction['step'];
$step_duration = $auction['step_duration'];
$loadOutfits = ($config['show_outfits']['highscores']) ? true : false;
function toDuration($is) {
$duration['day'] = $is / (24 * 60 * 60);
if (($duration['day'] - (int)$duration['day']) > 0)
$duration['hour'] = ($duration['day'] - (int)$duration['day']) * 24;
if (isset($duration['hour'])) {
if (($duration['hour'] - (int)$duration['hour']) > 0)
$duration['minute'] = ($duration['hour'] - (int)$duration['hour']) * 60;
if (isset($duration['minute'])) {
if (($duration['minute'] - (int)$duration['minute']) > 0)
$duration['second'] = ($duration['minute'] - (int)$duration['minute']) * 60;
}
}
$tmp = array();
foreach ($duration as $type => $value) {
if ($value >= 1) {
$pluralType = ((int)$value === 1) ? $type : $type . 's';
if ($type !== 'second') $tmp[] = (int)$value . " $pluralType";
else $tmp[] = (int)$value . " $pluralType";
}
}
return implode(', ', $tmp);
}
// start
// Passive check to see if bid period has expired and someone won a deal
$time = time();
$expired_auctions = mysql_select_multi("
SELECT `id`
FROM `znote_auction_player`
WHERE `sold` = 0
AND `time_end` < {$time}
AND `bidder_account_id` > 0
");
//data_dump($expired_auctions, $this_account_id, "expired_auctions");
if ($expired_auctions !== false) {
$soldIds = array();
foreach ($expired_auctions as $a) {
$soldIds[] = $a['id'];
}
if (!empty($soldIds)) {
mysql_update("
UPDATE `znote_auction_player`
SET `sold`=1
WHERE `id` IN(".implode(',', $soldIds).")
LIMIT ".COUNT($soldIds).";
");
}
}
// end passive check
// Pending auctions
$pending = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`id` AS `player_id`,
`p`.`name`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `p`.`account_id` = {$auction['storage_account_id']}
AND `za`.`claimed` = 0
AND `za`.`sold` = 1
ORDER BY `za`.`time_end` desc
");
// ongoing auctions
$ongoing = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `p`.`account_id` = {$auction['storage_account_id']}
AND `za`.`sold` = 0
ORDER BY `za`.`time_end` desc;
");
// Completed auctions
$completed = mysql_select_multi("
SELECT
`za`.`id` AS `zaid`,
`za`.`price`,
`za`.`bid`,
`za`.`time_begin`,
`za`.`time_end`,
`p`.`id` AS `player_id`,
`p`.`name`,
`p`.`vocation`,
`p`.`level`,
`p`.`lookbody` AS `body`,
`p`.`lookfeet` AS `feet`,
`p`.`lookhead` AS `head`,
`p`.`looklegs` AS `legs`,
`p`.`looktype` AS `type`,
`p`.`lookaddons` AS `addons`
FROM `znote_auction_player` za
INNER JOIN `players` p
ON `za`.`player_id` = `p`.`id`
WHERE `za`.`claimed` = 1
ORDER BY `za`.`time_end` desc
");
?>
<h1>Character Auction History</h1>
<p><strong>Let players sell, buy and bid on characters.</strong>
<br>Creates a deeper shop economy, encourages players to spend more money in shop for points.
<br>Pay to win/progress mechanic, but also lets people who can barely afford points to gain it
<br>by leveling characters to sell. It can also discourages illegal/risky third-party account
<br>services. Since players can buy officially & support the server, dodgy competitors have to sell for cheaper.
<br>Without admin interference this is organic to each individual community economy inflation.</p>
<?php data_dump($config['shop_auction'], false, "config.php: shop_auction") ?>
<h2>Pending orders to be claimed</h2>
<?php if ($pending !== false): ?>
<table class="auction_char">
<tr class="yellow">
<td>Player</td>
<td>Level</td>
<td>Vocation</td>
<td>Price</td>
<td>Bid</td>
</tr>
<?php foreach($pending as $character): ?>
<tr>
<td><a href="/characterprofile.php?name=<?php echo $character['name']; ?>"><?php echo $character['name']; ?></a></td>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
</tr>
<tr>
<td style="text-align: right;"><strong>Added:</strong></td>
<td><?php echo getClock($character['time_begin'], true); ?></td>
<td style="text-align: right;"><strong>Ended:</strong></td>
<td colspan="2"><?php echo getClock($character['time_end'], true); ?></td>
</tr>
<tr class="yellow">
<td colspan="5"></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
<h2>Ongoing auctions</h2>
<?php if (is_array($ongoing) && !empty($ongoing)): ?>
<table class="auction_char">
<tr class="yellow">
<td>Level</td>
<td>Vocation</td>
<td>Details</td>
<td>Price</td>
<td>Bid</td>
<td>Added</td>
<td>Type</td>
</tr>
<?php foreach($ongoing as $character): ?>
<tr>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><a href="/auctionChar.php?action=view&zaid=<?php echo $character['zaid']; ?>">VIEW</a></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
<td><?php
$ended = (time() > $character['time_end']) ? true : false;
echo getClock($character['time_begin'], true);
?>
</td>
<td><?php echo ($ended) ? 'Instant' : 'Bidding<br>('.toDuration(($character['time_end'] - time())).')'; ?></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
<h2>Completed auctions</h2>
<?php
if ($completed !== false): ?>
<table class="auction_char">
<tr class="yellow">
<td>Player</td>
<td>Level</td>
<td>Vocation</td>
<td>Price</td>
<td>Bid</td>
</tr>
<?php foreach($completed as $character): ?>
<tr>
<td><a href="/characterprofile.php?name=<?php echo $character['name']; ?>"><?php echo $character['name']; ?></a></td>
<td><?php echo $character['level']; ?></td>
<td><?php echo vocation_id_to_name($character['vocation']); ?></td>
<td><?php echo $character['price']; ?></td>
<td><?php echo $character['bid']; ?></td>
</tr>
<tr>
<td style="text-align: right;"><strong>Added:</strong></td>
<td><?php echo getClock($character['time_begin'], true); ?></td>
<td style="text-align: right;"><strong>Ended:</strong></td>
<td colspan="2"><?php echo getClock($character['time_end'], true); ?></td>
</tr>
<tr class="yellow">
<td colspan="5"></td>
</tr>
<?php endforeach; ?>
</table>
<?php endif;
// end
include 'layout/overall/footer.php'; ?>

4
admin_gallery.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
// start
@ -127,4 +127,4 @@ if ($images != false) {
<?php }
} else echo '<h2>There are currently no deleted images.</h2>';
// end
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

6
admin_news.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
@ -40,7 +40,7 @@ if (empty($_POST) === false) {
}
}
?>
</select>
</select>
<input type="text" name="title" value="" placeholder="Title"> [youtube]wK0w0x62PjA[/youtube] <br />
<textarea name="text" id="area1" cols="75" rows="10" placeholder="Contents..." style="width: 100%"></textarea><br />
<input type="submit" value="Create News">
@ -149,4 +149,4 @@ if ($news !== false) {
</table>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

16
admin_reports.php
View File

@ -52,8 +52,8 @@ if (!empty($_POST)) {
mysql_update("UPDATE `znote_player_reports` SET `status`='$status' WHERE `id`='$reportId' LIMIT 1;");
echo "<h1>Report status updated to ".$statusTypes[(int)$status] ."!</h1>";
// Update local array representation
foreach ($reports as $sid => $sa)
foreach ($sa as $rid => $ra)
foreach ($reports as $sid => $sa)
foreach ($sa as $rid => $ra)
if ($reportId == $rid) {
$reports[$status][$reportId] = $reports[$sid][$rid];
$reports[$status][$reportId]['status'] = $status;
@ -74,7 +74,7 @@ if (!empty($_POST)) {
$updatechangelog = true;
} else {
// Create it
mysql_insert("INSERT INTO `znote_changelog` (`text`, `time`, `report_id`, `status`)
mysql_insert("INSERT INTO `znote_changelog` (`text`, `time`, `report_id`, `status`)
VALUES ('$changelogText', '$time', '$changelogReportId', '$status');");
echo "<h2>Changelog message created!</h2>";
$updatechangelog = true;
@ -85,14 +85,14 @@ if (!empty($_POST)) {
$cache->setContent(mysql_select_multi("SELECT `id`, `text`, `time`, `report_id`, `status` FROM `znote_changelog` ORDER BY `id` DESC;"));
$cache->save();
}
}
// If we should give user price
if ($price > 0) {
$account = mysql_select_single("SELECT `a`.`id`, `a`.`email` FROM `accounts` AS `a`
$account = mysql_select_single("SELECT `a`.`id`, `a`.`email` FROM `accounts` AS `a`
INNER JOIN `players` AS `p` ON `p`.`account_id` = `a`.`id`
WHERE `p`.`name` = '$playerName' LIMIT 1;");
if ($account !== false) {
// transaction log
mysql_insert("INSERT INTO `znote_paypal` VALUES ('', '$reportId', 'report@admin.".$user_data['name']." to ".$account['email']."', '".$account['id']."', '0', '".$price."')");
@ -127,7 +127,7 @@ if (!empty($_POST)) {
Player: <a target="_BLANK" href="characterprofile.php?name=<?php echo $report['name']; ?>"><?php echo $report['name']; ?></a>
<input type="hidden" name="playerName" value="<?php echo $report['name']; ?>">
<input type="hidden" name="id" value="<?php echo $report['id']; ?>">
<br>Set status:
<br>Set status:
<select name="status">
<?php
foreach ($statusTypes as $sid => $sname)
@ -199,7 +199,7 @@ if ($reportsData !== false) {
}
?>
</center>
<?php
<?php
} else echo "<h2>No reports submitted.</h2>";
?>
<style>

2
admin_shop.php
View File

@ -1,6 +1,6 @@
<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
include 'layout/overall/header.php';
protect_page();
admin_only($user_data);

8
admin_skills.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
@ -19,7 +19,7 @@ if (isset($_POST['pid']) && (int)$_POST['pid'] > 0) {
if (!$status) {
// New player level
$level = (int)$_POST['level'];
// Fetch stat gain for vocation
$statgain = $config['vocations_gain'][(int)$_POST['vocation']];
$playercnf = $config['player'];
@ -39,7 +39,7 @@ if (isset($_POST['pid']) && (int)$_POST['pid'] > 0) {
$basecap = $config['nvCap'];
}
*/
$LevelsFromBase = $level - $playercnf['base']['level'];
$newhp = $playercnf['base']['health'] + ($statgain['hp'] * $LevelsFromBase);
$newmp = $playercnf['base']['mana'] + ($statgain['mp'] * $LevelsFromBase);
@ -186,4 +186,4 @@ if ($name !== false) {
</form>
<?php
// end
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

4
adminempty.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
// start
@ -6,4 +6,4 @@ admin_only($user_data);
// end
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

18
api/modules/base/player/class/player.php
View File

@ -83,7 +83,7 @@ class Player {
protected $_errors = array();
public function __construct($name_id_array, $fields = false, $query = true) {
if (!is_array($name_id_array)) $this->_name_id = $name_id_array;
if ($name_id_array !== false) {
@ -172,7 +172,7 @@ class Player {
if (array_key_exists($field, $this->_playerdata)) {
$this->_playerdata[$field] = $value;
} elseif (array_key_exists($field, $this->_znotedata)) {
$this->_znotedata[$field] = $value;
}
@ -186,12 +186,12 @@ class Player {
return (!empty($this->_errors)) ? $this->_errors : false;
}
public function dumpErrors() {
if ($this->getErrors() !== false)
if ($this->getErrors() !== false)
data_dump($this->getErrors(), false, "Errors detected in player class:");
}
/**
* Select player data from mysql.
* Select player data from mysql.
*
* @param mixed (int, string) $name_id, array $fields
* @access private
@ -201,14 +201,14 @@ class Player {
$table = 'players';
$znote_table = 'znote_players';
$znote_fields = array();
// Dynamic fields logic
switch (gettype($fields)) {
case 'boolean':
$field_elements = '*';
$znote_fields = array('comment', 'created', 'hide_char');
break;
case 'string':
$fields = array($fields);
@ -278,7 +278,7 @@ class Player {
public function create() {
// If player already have an id, the player already exist.
if (is_null($this->_playerdata['id']) && is_string($this->_playerdata['name'])) {
// Confirm player does not exist
$name = format_character_name($this->_playerdata['name']);
$name = validate_name($name);
@ -354,7 +354,7 @@ class Player {
array_walk($character_data, 'array_sanitize');
$cnf = fullConfig();
if ($character_data['sex'] == 1) {
$outfit_type = $cnf['maleOutfitId'];
} else {
@ -373,4 +373,4 @@ class Player {
$this->_file = $file . self::EXT;
$this->setExpiration(config('cache_lifespan'));
$this->_lifespan = $span;
*/
*/

4
api/modules/samples/blank.php
View File

@ -18,7 +18,7 @@ $response['version']['module'] = 1;
$cache = new Cache('engine/cache/api/ApiModuleName');
if ($cache->hasExpired()) {
$players = mysql_select_multi("SELECT `name`, `level`, `experience` FROM `players` ORDER BY `experience` DESC LIMIT 5;");
$cache->setContent($players);
$cache->save();
} else {
@ -41,4 +41,4 @@ $response['data']['title'] = "The fabulous blank page!";
// Send the response through JSON API
SendResponse($response);
?>
?>

2
buypoints.php
View File

@ -1,6 +1,6 @@
<?php require_once 'engine/init.php';
protect_page();
include 'layout/overall/header.php';
include 'layout/overall/header.php';
// Import from config:
$pagseguro = $config['pagseguro'];

8
changelog.php
View File

@ -56,7 +56,7 @@ if (user_logged_in()) {
$cache = new Cache('engine/cache/changelog');
if ($updateCache === true) {
$changelogs = mysql_select_multi("SELECT `id`, `text`, `time`, `report_id`, `status` FROM `znote_changelog` ORDER BY `id` DESC;");
$cache->setContent($changelogs);
$cache->save();
} else {
@ -87,14 +87,14 @@ if (isset($changelogs) && !empty($changelogs) && $changelogs !== false) {
<form action="" method="POST">
<input name="delete" type="hidden" value="<?php echo $changelog['id']; ?>">
<input name="action" type="hidden" value="1">
<input type="submit" value="DELETE">
<input type="submit" value="DELETE">
</form>
</td>
<td>
<form action="" method="POST">
<input name="changelogId" type="hidden" value="<?php echo $changelog['id']; ?>">
<input name="action" type="hidden" value="2">
<input type="submit" value="UPDATE">
<input type="submit" value="UPDATE">
</form>
</td>
<?php
@ -111,4 +111,4 @@ if (isset($changelogs) && !empty($changelogs) && $changelogs !== false) {
<h2>Currently no change logs submitted.</h2>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

10
changepassword.php
View File

@ -6,20 +6,20 @@ if (empty($_POST) === false) {
if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.';
}
$required_fields = array('current_password', 'new_password', 'new_password_again');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'You need to fill in all fields.';
break 1;
}
}
$pass_data = user_data($session_user_id, 'password');
//$pass_data['password'];
// $_POST['']
// .3 compatibility
if ($config['ServerEngine'] == 'TFS_03' && $config['salt'] === true) {
$salt = user_data($session_user_id, 'salt');
@ -88,4 +88,4 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
</form>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

20
createcharacter.php
View File

@ -1,6 +1,6 @@
<?php require_once 'engine/init.php';
protect_page();
include 'layout/overall/header.php';
include 'layout/overall/header.php';
if (empty($_POST) === false) {
// $_POST['']
@ -11,7 +11,7 @@ if (empty($_POST) === false) {
break 1;
}
}
// check errors (= user exist, pass long enough
if (empty($errors) === true) {
if (!Token::isValid($_POST['token'])) {
@ -93,12 +93,12 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
'lastip' => getIPLong(),
'created' => time()
);
user_create_character($character_data);
header('Location: createcharacter.php?success');
exit();
//End register
} else if (empty($errors) === false){
echo '<font color="red"><b>';
echo output_errors($errors);
@ -136,12 +136,12 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
<!-- Available towns to select from when creating character -->
Town:<br>
<select name="selected_town">
<?php
foreach ($available_towns as $tid):
<?php
foreach ($available_towns as $tid):
?>
<option value="<?php echo $tid; ?>"><?php echo town_id_to_name($tid); ?></option>
<?php
endforeach;
<?php
endforeach;
?>
</select>
</li>
@ -149,7 +149,7 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
else:
?>
<input type="hidden" name="selected_town" value="<?php echo end($available_towns); ?>">
<?php
<?php
endif;
/* Form file */
@ -162,4 +162,4 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
</form>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

4
credits.php
View File

@ -65,10 +65,10 @@ endif;
<br><a href="https://otland.net/members/kiwi-dan.152/">Kiwi Dan</a> - Researching TFS 0.2 for me, participation in developement.
<br><a href="https://otland.net/members/amoaz.26626/">Amoaz</a> - Pentesting and security tips.
<br><a href="https://otland.net/members/evan.40401/">Evan</a>, <a href="https://otland.net/members/gremlee.12075/">Gremlee</a> - Researching TFS 0.3, constructive feedback, suggestion and participation.
<br><a href="https://otland.net/members/att3.98289/">ATT3</a> - Reporting and fixing bugs, TFS 1.0 research.
<br><a href="https://otland.net/members/att3.98289/">ATT3</a> - Reporting and fixing bugs, TFS 1.0 research.
<br><a href="https://otland.net/members/mark.1/">Mark</a> - Old repository, TFS distributions which this AAC was primarily built for.
<br><a href="https://github.com/tedbro">Tedbro</a>, <a href="https://github.com/exura">Exura</a>, <a href="https://github.com/PrinterLUA">PrinterLUA</a> - Reporting bugs.
<br><a href="https://github.com/Nottinghster">Nottinghster</a> - OTHIRE distribution compatibility.
<br><a href="https://github.com/Nottinghster">Nottinghster</a> - OTHIRE distribution compatibility.
</p>
<style>
.contributors {

6
deaths.php
View File

@ -1,7 +1,7 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
$cache = new Cache('engine/cache/deaths');
if ($cache->hasExpired()) {
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'TFS_10') {
$deaths = fetchLatestDeaths();
} else if ($config['ServerEngine'] == 'TFS_03' || $config['ServerEngine'] == 'OTHIRE') {
@ -21,7 +21,7 @@ if ($deaths) {
<th>Time</th>
<th>Killer</th>
</tr>
<?php foreach ($deaths as $death) {
<?php foreach ($deaths as $death) {
echo '<tr>';
echo "<td>At level ". $death['level'] .": <a href='characterprofile.php?name=". $death['victim'] ."'>". $death['victim'] ."</a></td>";
echo "<td>". getClock($death['time'], true) ."</td>";
@ -36,4 +36,4 @@ if ($deaths) {
</table>
<?php
} else echo 'No deaths exist.';
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

2
downloads.php
View File

@ -27,5 +27,5 @@
</li>
</ol>
<?php
<?php
include 'layout/overall/footer.php'; ?>

622
engine/database/znote_schema.sql
View File

@ -1,311 +1,311 @@
-- Start of Znote AAC database schema
SET @znote_version = '1.5_SVN';
CREATE TABLE IF NOT EXISTS `znote` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`version` varchar(30) NOT NULL COMMENT 'Znote AAC version',
`installed` int(10) NOT NULL,
`cached` int(11) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_accounts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`ip` bigint(20) UNSIGNED NOT NULL,
`created` int(10) NOT NULL,
`points` int(10) DEFAULT 0,
`cooldown` int(10) DEFAULT 0,
`active` tinyint(4) NOT NULL DEFAULT '0',
`active_email` tinyint(4) NOT NULL DEFAULT '0',
`activekey` int(11) NOT NULL DEFAULT '0',
`flag` varchar(20) NOT NULL,
`secret` char(16) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_news` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(30) NOT NULL,
`text` text NOT NULL,
`date` int(11) NOT NULL,
`pid` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_images` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(30) NOT NULL,
`desc` text NOT NULL,
`date` int(11) NOT NULL,
`status` int(11) NOT NULL,
`image` varchar(30) NOT NULL,
`account_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_paypal` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`txn_id` varchar(30) NOT NULL,
`email` varchar(255) NOT NULL,
`accid` int(11) NOT NULL,
`price` int(11) NOT NULL,
`points` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_paygol` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`price` int(11) NOT NULL,
`points` int(11) NOT NULL,
`message_id` varchar(255) NOT NULL,
`service_id` varchar(255) NOT NULL,
`shortcode` varchar(255) NOT NULL,
`keyword` varchar(255) NOT NULL,
`message` varchar(255) NOT NULL,
`sender` varchar(255) NOT NULL,
`operator` varchar(255) NOT NULL,
`country` varchar(255) NOT NULL,
`currency` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_players` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`player_id` int(11) NOT NULL,
`created` int(11) NOT NULL,
`hide_char` tinyint(4) NOT NULL,
`comment` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_player_reports` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL,
`posx` int(6) NOT NULL,
`posy` int(6) NOT NULL,
`posz` int(6) NOT NULL,
`report_description` VARCHAR(255) NOT NULL,
`date` INT(11) NOT NULL,
`status` TINYINT(3) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_changelog` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`text` VARCHAR(255) NOT NULL,
`time` INT(11) NOT NULL,
`report_id` INT(11) NOT NULL,
`status` TINYINT(3) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`type` int(11) NOT NULL,
`itemid` int(11) DEFAULT NULL,
`count` int(11) NOT NULL DEFAULT '1',
`description` varchar(255) NOT NULL,
`points` int(11) NOT NULL DEFAULT '10',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop_logs` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`type` int(11) NOT NULL,
`itemid` int(11) NOT NULL,
`count` int(11) NOT NULL,
`points` int(11) NOT NULL,
`time` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop_orders` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`type` int(11) NOT NULL,
`itemid` int(11) NOT NULL,
`count` int(11) NOT NULL,
`time` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_visitors` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` bigint(20) NOT NULL,
`value` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_visitors_details` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` bigint(20) NOT NULL,
`time` int(11) NOT NULL,
`type` tinyint(4) NOT NULL,
`account_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 1/3 (boards)
CREATE TABLE IF NOT EXISTS `znote_forum` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL,
`access` tinyint(4) NOT NULL,
`closed` tinyint(4) NOT NULL,
`hidden` tinyint(4) NOT NULL,
`guild_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 2/3 (threads)
CREATE TABLE IF NOT EXISTS `znote_forum_threads` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`forum_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`player_name` varchar(50) NOT NULL,
`title` varchar(50) NOT NULL,
`text` text NOT NULL,
`created` int(11) NOT NULL,
`updated` int(11) NOT NULL,
`sticky` tinyint(4) NOT NULL,
`hidden` tinyint(4) NOT NULL,
`closed` tinyint(4) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 3/3 (posts)
CREATE TABLE IF NOT EXISTS `znote_forum_posts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`thread_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`player_name` varchar(50) NOT NULL,
`text` text NOT NULL,
`created` int(11) NOT NULL,
`updated` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Pending characters for deletion
CREATE TABLE IF NOT EXISTS `znote_deleted_characters` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`original_account_id` int(11) NOT NULL,
`character_name` varchar(255) NOT NULL,
`time` datetime NOT NULL,
`done` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_guild_wars` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`limit` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Helpdesk system
CREATE TABLE IF NOT EXISTS `znote_tickets` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`owner` int(11) NOT NULL,
`username` varchar(32) CHARACTER SET latin1 NOT NULL,
`subject` text CHARACTER SET latin1 NOT NULL,
`message` text CHARACTER SET latin1 NOT NULL,
`ip` bigint(20) NOT NULL,
`creation` int(11) NOT NULL,
`status` varchar(20) CHARACTER SET latin1 NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_tickets_replies` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`tid` int(11) NOT NULL,
`username` varchar(32) CHARACTER SET latin1 NOT NULL,
`message` text CHARACTER SET latin1 NOT NULL,
`created` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_global_storage` (
`key` VARCHAR(32) NOT NULL,
`value` TEXT NOT NULL,
UNIQUE (`key`)
) ENGINE=InnoDB;
-- Character auction system
CREATE TABLE IF NOT EXISTS `znote_auction_player` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`player_id` int(11) NOT NULL,
`original_account_id` int(11) NOT NULL,
`bidder_account_id` int(11) NOT NULL,
`time_begin` int(11) NOT NULL,
`time_end` int(11) NOT NULL,
`price` int(11) NOT NULL,
`bid` int(11) NOT NULL,
`deposit` int(11) NOT NULL,
`sold` tinyint(1) NOT NULL,
`claimed` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Populate basic info
INSERT INTO `znote` (`version`, `installed`) VALUES
(@znote_version, UNIX_TIMESTAMP(CURDATE()));
-- Add default forum boards
INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`) VALUES
('Staff Board', '4', '0', '0', '0'),
('Tutors Board', '2', '0', '0', '0'),
('Discussion', '1', '0', '0', '0'),
('Feedback', '1', '0', '1', '0');
-- Convert existing accounts in database to be Znote AAC compatible
INSERT INTO `znote_accounts` (`account_id`, `ip`, `created`, `flag`)
SELECT
`a`.`id` AS `account_id`,
0 AS `ip`,
UNIX_TIMESTAMP(CURDATE()) AS `created`,
'' AS `flag`
FROM `accounts` AS `a`
LEFT JOIN `znote_accounts` AS `z`
ON `a`.`id` = `z`.`account_id`
WHERE `z`.`created` IS NULL;
-- Convert existing players in database to be Znote AAC compatible
INSERT INTO `znote_players` (`player_id`, `created`, `hide_char`, `comment`)
SELECT
`p`.`id` AS `player_id`,
UNIX_TIMESTAMP(CURDATE()) AS `created`,
0 AS `hide_char`,
'' AS `comment`
FROM `players` AS `p`
LEFT JOIN `znote_players` AS `z`
ON `p`.`id` = `z`.`player_id`
WHERE `z`.`created` IS NULL;
-- Delete duplicate account records
DELETE `d` FROM `znote_accounts` AS `d`
INNER JOIN (
SELECT `i`.`account_id`,
MAX(`i`.`id`) AS `retain`
FROM `znote_accounts` AS `i`
GROUP BY `i`.`account_id`
HAVING COUNT(`i`.`id`) > 1
) AS `x`
ON `d`.`account_id` = `x`.`account_id`
AND `d`.`id` != `x`.`retain`;
-- Delete duplicate player records
DELETE `d` FROM `znote_players` AS `d`
INNER JOIN (
SELECT `i`.`player_id`,
MAX(`i`.`id`) AS `retain`
FROM `znote_players` AS `i`
GROUP BY `i`.`player_id`
HAVING COUNT(`i`.`id`) > 1
) AS `x`
ON `d`.`player_id` = `x`.`player_id`
AND `d`.`id` != `x`.`retain`;
-- End of Znote AAC database schema
-- Start of Znote AAC database schema
SET @znote_version = '1.5_SVN';
CREATE TABLE IF NOT EXISTS `znote` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`version` varchar(30) NOT NULL COMMENT 'Znote AAC version',
`installed` int(10) NOT NULL,
`cached` int(11) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_accounts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`ip` bigint(20) UNSIGNED NOT NULL,
`created` int(10) NOT NULL,
`points` int(10) DEFAULT 0,
`cooldown` int(10) DEFAULT 0,
`active` tinyint(4) NOT NULL DEFAULT '0',
`active_email` tinyint(4) NOT NULL DEFAULT '0',
`activekey` int(11) NOT NULL DEFAULT '0',
`flag` varchar(20) NOT NULL,
`secret` char(16) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_news` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(30) NOT NULL,
`text` text NOT NULL,
`date` int(11) NOT NULL,
`pid` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_images` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(30) NOT NULL,
`desc` text NOT NULL,
`date` int(11) NOT NULL,
`status` int(11) NOT NULL,
`image` varchar(30) NOT NULL,
`account_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_paypal` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`txn_id` varchar(30) NOT NULL,
`email` varchar(255) NOT NULL,
`accid` int(11) NOT NULL,
`price` int(11) NOT NULL,
`points` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_paygol` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`price` int(11) NOT NULL,
`points` int(11) NOT NULL,
`message_id` varchar(255) NOT NULL,
`service_id` varchar(255) NOT NULL,
`shortcode` varchar(255) NOT NULL,
`keyword` varchar(255) NOT NULL,
`message` varchar(255) NOT NULL,
`sender` varchar(255) NOT NULL,
`operator` varchar(255) NOT NULL,
`country` varchar(255) NOT NULL,
`currency` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_players` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`player_id` int(11) NOT NULL,
`created` int(11) NOT NULL,
`hide_char` tinyint(4) NOT NULL,
`comment` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_player_reports` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL,
`posx` int(6) NOT NULL,
`posy` int(6) NOT NULL,
`posz` int(6) NOT NULL,
`report_description` VARCHAR(255) NOT NULL,
`date` INT(11) NOT NULL,
`status` TINYINT(3) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_changelog` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`text` VARCHAR(255) NOT NULL,
`time` INT(11) NOT NULL,
`report_id` INT(11) NOT NULL,
`status` TINYINT(3) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`type` int(11) NOT NULL,
`itemid` int(11) DEFAULT NULL,
`count` int(11) NOT NULL DEFAULT '1',
`description` varchar(255) NOT NULL,
`points` int(11) NOT NULL DEFAULT '10',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop_logs` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`type` int(11) NOT NULL,
`itemid` int(11) NOT NULL,
`count` int(11) NOT NULL,
`points` int(11) NOT NULL,
`time` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_shop_orders` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int(11) NOT NULL,
`type` int(11) NOT NULL,
`itemid` int(11) NOT NULL,
`count` int(11) NOT NULL,
`time` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_visitors` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` bigint(20) NOT NULL,
`value` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_visitors_details` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`ip` bigint(20) NOT NULL,
`time` int(11) NOT NULL,
`type` tinyint(4) NOT NULL,
`account_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 1/3 (boards)
CREATE TABLE IF NOT EXISTS `znote_forum` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL,
`access` tinyint(4) NOT NULL,
`closed` tinyint(4) NOT NULL,
`hidden` tinyint(4) NOT NULL,
`guild_id` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 2/3 (threads)
CREATE TABLE IF NOT EXISTS `znote_forum_threads` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`forum_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`player_name` varchar(50) NOT NULL,
`title` varchar(50) NOT NULL,
`text` text NOT NULL,
`created` int(11) NOT NULL,
`updated` int(11) NOT NULL,
`sticky` tinyint(4) NOT NULL,
`hidden` tinyint(4) NOT NULL,
`closed` tinyint(4) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Forum 3/3 (posts)
CREATE TABLE IF NOT EXISTS `znote_forum_posts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`thread_id` int(11) NOT NULL,
`player_id` int(11) NOT NULL,
`player_name` varchar(50) NOT NULL,
`text` text NOT NULL,
`created` int(11) NOT NULL,
`updated` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Pending characters for deletion
CREATE TABLE IF NOT EXISTS `znote_deleted_characters` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`original_account_id` int(11) NOT NULL,
`character_name` varchar(255) NOT NULL,
`time` datetime NOT NULL,
`done` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_guild_wars` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`limit` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Helpdesk system
CREATE TABLE IF NOT EXISTS `znote_tickets` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`owner` int(11) NOT NULL,
`username` varchar(32) CHARACTER SET latin1 NOT NULL,
`subject` text CHARACTER SET latin1 NOT NULL,
`message` text CHARACTER SET latin1 NOT NULL,
`ip` bigint(20) NOT NULL,
`creation` int(11) NOT NULL,
`status` varchar(20) CHARACTER SET latin1 NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_tickets_replies` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`tid` int(11) NOT NULL,
`username` varchar(32) CHARACTER SET latin1 NOT NULL,
`message` text CHARACTER SET latin1 NOT NULL,
`created` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
CREATE TABLE IF NOT EXISTS `znote_global_storage` (
`key` VARCHAR(32) NOT NULL,
`value` TEXT NOT NULL,
UNIQUE (`key`)
) ENGINE=InnoDB;
-- Character auction system
CREATE TABLE IF NOT EXISTS `znote_auction_player` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`player_id` int(11) NOT NULL,
`original_account_id` int(11) NOT NULL,
`bidder_account_id` int(11) NOT NULL,
`time_begin` int(11) NOT NULL,
`time_end` int(11) NOT NULL,
`price` int(11) NOT NULL,
`bid` int(11) NOT NULL,
`deposit` int(11) NOT NULL,
`sold` tinyint(1) NOT NULL,
`claimed` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB;
-- Populate basic info
INSERT INTO `znote` (`version`, `installed`) VALUES
(@znote_version, UNIX_TIMESTAMP(CURDATE()));
-- Add default forum boards
INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`) VALUES
('Staff Board', '4', '0', '0', '0'),
('Tutors Board', '2', '0', '0', '0'),
('Discussion', '1', '0', '0', '0'),
('Feedback', '1', '0', '1', '0');
-- Convert existing accounts in database to be Znote AAC compatible
INSERT INTO `znote_accounts` (`account_id`, `ip`, `created`, `flag`)
SELECT
`a`.`id` AS `account_id`,
0 AS `ip`,
UNIX_TIMESTAMP(CURDATE()) AS `created`,
'' AS `flag`
FROM `accounts` AS `a`
LEFT JOIN `znote_accounts` AS `z`
ON `a`.`id` = `z`.`account_id`
WHERE `z`.`created` IS NULL;
-- Convert existing players in database to be Znote AAC compatible
INSERT INTO `znote_players` (`player_id`, `created`, `hide_char`, `comment`)
SELECT
`p`.`id` AS `player_id`,
UNIX_TIMESTAMP(CURDATE()) AS `created`,
0 AS `hide_char`,
'' AS `comment`
FROM `players` AS `p`
LEFT JOIN `znote_players` AS `z`
ON `p`.`id` = `z`.`player_id`
WHERE `z`.`created` IS NULL;
-- Delete duplicate account records
DELETE `d` FROM `znote_accounts` AS `d`
INNER JOIN (
SELECT `i`.`account_id`,
MAX(`i`.`id`) AS `retain`
FROM `znote_accounts` AS `i`
GROUP BY `i`.`account_id`
HAVING COUNT(`i`.`id`) > 1
) AS `x`
ON `d`.`account_id` = `x`.`account_id`
AND `d`.`id` != `x`.`retain`;
-- Delete duplicate player records
DELETE `d` FROM `znote_players` AS `d`
INNER JOIN (
SELECT `i`.`player_id`,
MAX(`i`.`id`) AS `retain`
FROM `znote_players` AS `i`
GROUP BY `i`.`player_id`
HAVING COUNT(`i`.`id`) > 1
) AS `x`
ON `d`.`player_id` = `x`.`player_id`
AND `d`.`id` != `x`.`retain`;
-- End of Znote AAC database schema

2
engine/function/cache.php
View File

@ -96,7 +96,7 @@
/**
* Loads the content from a specified cache file.
*
*
* @access public
* @return mixed
**/

6
engine/function/itemparser/itemlistparser.php
View File

@ -1,10 +1,10 @@
<?php
<?php
/* Returns a PHP array $id => 'name'
$items = getItemList();
echo $items[2160]; // Returns 'Crystal Coin'
*/
function getItemList() {
function getItemList() {
return parseItems();
}
@ -31,4 +31,4 @@ function parseItems() {
}
return $file;
}
?>
?>

124
engine/function/rfc6238.php
View File

@ -1,7 +1,7 @@
<?php
/** https://github.com/Voronenko/PHPOTP/blob/08cda9cb9c30b7242cf0b3a9100a6244a2874927/code/base32static.php
* Encode in Base32 based on RFC 4648.
* Requires 20% more space than base64
* Requires 20% more space than base64
* Great for case-insensitive filesystems like Windows and URL's (except for = char which can be excluded using the pad option for urls)
*
* @package default
@ -16,14 +16,14 @@ class Base32Static {
'Y', 'Z', '2', '3', '4', '5', '6', '7', // 31
'=' // padding character
);
private static $flippedMap = array(
'A'=>'0', 'B'=>'1', 'C'=>'2', 'D'=>'3', 'E'=>'4', 'F'=>'5', 'G'=>'6', 'H'=>'7',
'I'=>'8', 'J'=>'9', 'K'=>'10', 'L'=>'11', 'M'=>'12', 'N'=>'13', 'O'=>'14', 'P'=>'15',
'Q'=>'16', 'R'=>'17', 'S'=>'18', 'T'=>'19', 'U'=>'20', 'V'=>'21', 'W'=>'22', 'X'=>'23',
'Y'=>'24', 'Z'=>'25', '2'=>'26', '3'=>'27', '4'=>'28', '5'=>'29', '6'=>'30', '7'=>'31'
);
/**
* Use padding false when encoding for urls
*
@ -32,66 +32,66 @@ class Base32Static {
**/
public static function encode($input, $padding = true) {
if(empty($input)) return "";
$input = str_split($input);
$binaryString = "";
for($i = 0; $i < count($input); $i++) {
$binaryString .= str_pad(base_convert(ord($input[$i]), 10, 2), 8, '0', STR_PAD_LEFT);
}
$fiveBitBinaryArray = str_split($binaryString, 5);
$base32 = "";
$i=0;
while($i < count($fiveBitBinaryArray)) {
while($i < count($fiveBitBinaryArray)) {
$base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5,'0'), 2, 10)];
$i++;
}
if($padding && ($x = strlen($binaryString) % 40) != 0) {
if($x == 8) $base32 .= str_repeat(self::$map[32], 6);
else if($x == 16) $base32 .= str_repeat(self::$map[32], 4);
else if($x == 24) $base32 .= str_repeat(self::$map[32], 3);
else if($x == 32) $base32 .= self::$map[32];
}
return $base32;
}
public static function decode($input) {
if(empty($input)) return;
$paddingCharCount = substr_count($input, self::$map[32]);
$allowedValues = array(6,4,3,1,0);
if(!in_array($paddingCharCount, $allowedValues)) return false;
for($i=0; $i<4; $i++){
if($paddingCharCount == $allowedValues[$i] &&
for($i=0; $i<4; $i++){
if($paddingCharCount == $allowedValues[$i] &&
substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
}
$input = str_replace('=','', $input);
$input = str_split($input);
$binaryString = "";
for($i=0; $i < count($input); $i = $i+8) {
$x = "";
if(!in_array($input[$i], self::$map)) return false;
for($j=0; $j < 8; $j++) {
$x .= str_pad(base_convert(@self::$flippedMap[@$input[$i + $j]], 10, 2), 5, '0', STR_PAD_LEFT);
}
$eightBits = str_split($x, 8);
for($z = 0; $z < count($eightBits); $z++) {
$binaryString .= ( ($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48 ) ? $y:"";
}
}
return $binaryString;
}
}
@ -100,25 +100,25 @@ class Base32Static {
// https://github.com/Voronenko/PHPOTP/blob/08cda9cb9c30b7242cf0b3a9100a6244a2874927/code/rfc6238.php
// Local changes: http -> https, consistent indentation, 200x200 -> 300x300 QR image size, PHP end tag
class TokenAuth6238 {
/**
* verify
*
*
* @param string $secretkey Secret clue (base 32).
* @return bool True if success, false if failure
*/
*/
public static function verify($secretkey, $code, $rangein30s = 3) {
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
$thiskey = self::oath_hotp($key, $checktime);
if ((int)$code == self::oath_truncate($thiskey,6)) {
return true;
}
}
return false;
}
@ -128,40 +128,40 @@ class TokenAuth6238 {
$result = "";
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
$thiskey = self::oath_hotp($key, $checktime);
$result = $result." # ".self::oath_truncate($thiskey,6);
}
return $result;
}
public static function getTokenCodeDebug($secretkey,$rangein30s = 3) {
$result = "";
print "<br/>SecretKey: $secretkey <br/>";
$key = base32static::decode($secretkey);
print "Key(base 32 decode): $key <br/>";
$unixtimestamp = time()/30;
print "UnixTimeStamp (time()/30): $unixtimestamp <br/>";
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
print "Calculating oath_hotp from (int)(unixtimestamp +- 30sec offset): $checktime basing on secret key<br/>";
$thiskey = self::oath_hotp($key, $checktime, true);
print "======================================================<br/>";
print "CheckTime: $checktime oath_hotp:".$thiskey."<br/>";
$result = $result." # ".self::oath_truncate($thiskey,6,true);
}
return $result;
}
public static function getBarCodeUrl($username, $domain, $secretkey, $issuer) {
$url = "https://chart.apis.google.com/chart";
$url = $url."?chs=300x300&chld=M|0&cht=qr&chl=otpauth://totp/";
@ -178,7 +178,7 @@ class TokenAuth6238 {
return $s;
}
private static function hotp_tobytestream($key) {
$result = array();
$last = strlen($key);
@ -188,42 +188,42 @@ class TokenAuth6238 {
$x = hexdec($x);
$result = $result.chr($x);
}
return $result;
}
private static function oath_hotp ($key, $counter, $debug=false) {
$result = "";
$orgcounter = $counter;
private static function oath_hotp ($key, $counter, $debug=false) {
$result = "";
$orgcounter = $counter;
$cur_counter = array(0,0,0,0,0,0,0,0);
if ($debug) {
print "Packing counter $counter (".dechex($counter).")into binary string - pay attention to hex representation of key and binary representation<br/>";
}
for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data
for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data
$cur_counter[$i] = pack ('C*', $counter);
if ($debug) {
print $cur_counter[$i]."(".dechex(ord($cur_counter[$i])).")"." from $counter <br/>";
}
$counter = $counter >> 8;
}
if ($debug) {
foreach ($cur_counter as $char) {
print ord($char) . " ";
}
print "<br/>";
}
$binary = implode($cur_counter);
// Pad to 8 characters
str_pad($binary, 8, chr(0), STR_PAD_LEFT);
if ($debug) {
print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>";
print "Calculate sha1 HMAC(Hash-based Message Authentication Code http://en.wikipedia.org/wiki/HMAC).<br/>";
@ -231,47 +231,47 @@ class TokenAuth6238 {
}
$result = hash_hmac ('sha1', $binary, $key);
if ($debug) {
print "Result: $result <br/>";
}
}
return $result;
}
private static function oath_truncate($hash, $length = 6, $debug=false) {
$result="";
$result="";
// Convert to dec
if($debug) {
print "converting hex hash into characters<br/>";
}
$hashcharacters = str_split($hash,2);
if($debug) {
print_r($hashcharacters);
print "<br/>and convert to decimals:<br/>";
print "<br/>and convert to decimals:<br/>";
}
for ($j=0; $j<count($hashcharacters); $j++) {
$hmac_result[]=hexdec($hashcharacters[$j]);
}
if($debug) {
print_r($hmac_result);
}
// http://php.net/manual/ru/function.hash-hmac.php
// http://php.net/manual/ru/function.hash-hmac.php
// adopted from brent at thebrent dot net 21-May-2009 08:17 comment
$offset = $hmac_result[19] & 0xf;
if($debug) {
print "Calculating offset as 19th element of hmac:".$hmac_result[19]."<br/>";
print "offset:".$offset;
}
$result = (
(($hmac_result[$offset+0] & 0x7f) << 24 ) |
(($hmac_result[$offset+1] & 0xff) << 16 ) |
@ -282,4 +282,4 @@ class TokenAuth6238 {
return $result;
}
}
?>
?>

6
engine/function/token.php
View File

@ -3,7 +3,7 @@
class Token {
public static function generate() {
$token = sha1(uniqid(time(), true));
$_SESSION['token'] = $token;
}
/**
@ -80,10 +80,10 @@
**/
public static function debug($post) {
echo '<pre>', var_dump(array(
'post' => $post,
'post' => $post,
'old_token' => $_SESSION['old_token'],
'token' => self::get()
)), '</pre>';
}
}
?>
?>

32
engine/init.php
View File

@ -8,7 +8,7 @@ $l_start = $l_time;
function elapsedTime($l_start = false, $l_time = false) {
if ($l_start === false) global $l_start;
if ($l_time === false) global $l_time;
$l_time = explode(' ', microtime());
$l_finish = $l_time[1] + $l_time[0];
return round(($l_finish - $l_start), 4);
@ -32,7 +32,7 @@ if ($config['use_captcha'] && !extension_loaded('openssl')) {
die("php openSSL is not enabled. It is required to for captcha services.<br>1. Find your php.ini file.<br>2. Uncomment extension=php_openssl<br>Restart web server.<br><br><b>If you don't want this then disable use_captcha in config.php.</b>");
}
// References ( & ) works as an alias for a variable,
// References ( & ) works as an alias for a variable,
// they point to the same memmory, instead of duplicating it.
if (!isset($config['TFSVersion'])) $config['TFSVersion'] = &$config['ServerEngine'];
if (!isset($config['ServerEngine'])) $config['ServerEngine'] = &$config['TFSVersion'];
@ -62,7 +62,7 @@ $errors = array();
// Log IP
if ($config['log_ip']) {
$visitor_config = $config['ip_security'];
$flush = $config['flush_ip_logs'];
if ($flush != false) {
$timef = $time - $flush;
@ -72,14 +72,14 @@ if ($config['log_ip']) {
setCache($time);
}
}
$visitor_data = znote_visitors_get_data();
znote_visitor_set_data($visitor_data); // update or insert data
znote_visitor_insert_detailed_data(0); // detailed data
$visitor_detailed = znote_visitors_get_detailed_data($visitor_config['time_period']);
// max activity
$v_activity = 0;
$v_register = 0;
@ -90,46 +90,46 @@ if ($config['log_ip']) {
foreach ((array)$visitor_detailed as $v_d) {
// Activity
if ($v_d['ip'] == getIPLong()) {
// count each type of visit
// count each type of visit
switch ($v_d['type']) {
case 0: // max activity
$v_activity++;
break;
case 1: // account registered
$v_register++;
$v_form++;
break;
case 2: // character creations
$v_c_char++;
$v_form++;
break;
case 3: // Highscore fetched
$v_highscore++;
$v_form++;
break;
case 4: // character searched
$v_s_char++;
$v_form++;
break;
case 5: // Other forms (login.?)
$v_form++;
break;
}
}
}
// Deny access if activity is too high
if ($v_activity > $visitor_config['max_activity']) die("Chill down. Your web activity is too big. max_activity");
if ($v_register > $visitor_config['max_account']) die("Chill down. You can't create multiple accounts that fast. max_account");
if ($v_c_char > $visitor_config['max_character']) die("Chill down. Your web activity is too big. max_character");
if ($v_form > $visitor_config['max_post']) die("Chill down. Your web activity is too big. max_post");
//var_dump($v_activity, $v_register, $v_highscore, $v_c_char, $v_s_char, $v_form);
//echo ' <--- IP logging activity past 10 seconds.';
}

86
forum.php
View File

@ -18,7 +18,7 @@ if (!$config['forum']['enabled']) admin_only($user_data);
- Show in-game position
Changelog (1.3 -> 1.4):
- Fix SQL query error when editing Board name.
- Fix SQL query error when editing Board name.
*/
// BBCODE support:
function TransformToBBCode($string) {
@ -213,16 +213,16 @@ if ($admin && !empty($_POST)) {
if ($admin_board_create_closed === false) $admin_board_create_closed = 0;
if ($admin_board_create_hidden === false) $admin_board_create_hidden = 0;
if ($admin_board_create_guild_id === false) $admin_board_create_guild_id = 0;
// Create board
if ($admin_board_create_name !== false) {
// Insert data
mysql_insert("INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`)
VALUES ('$admin_board_create_name',
'$admin_board_create_access',
'$admin_board_create_closed',
'$admin_board_create_hidden',
mysql_insert("INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`)
VALUES ('$admin_board_create_name',
'$admin_board_create_access',
'$admin_board_create_closed',
'$admin_board_create_hidden',
'$admin_board_create_guild_id');");
echo '<h1>Board has been created.</h1>';
}
@ -233,12 +233,12 @@ if ($admin && !empty($_POST)) {
$admin_category_id = (int)$admin_category_id;
// Update the category
mysql_update("UPDATE `znote_forum` SET
`name`='$admin_category_name',
`access`='$admin_category_access',
`closed`='$admin_category_closed',
`hidden`='$admin_category_hidden',
`guild_id`='$admin_category_guild_id'
mysql_update("UPDATE `znote_forum` SET
`name`='$admin_category_name',
`access`='$admin_category_access',
`closed`='$admin_category_closed',
`hidden`='$admin_category_hidden',
`guild_id`='$admin_category_guild_id'
WHERE `id`='$admin_category_id' LIMIT 1;");
echo '<h1>Board has been updated successfully.</h1>';
}
@ -247,7 +247,7 @@ if ($admin && !empty($_POST)) {
// edit category
if ($admin_category_edit !== false) {
$admin_category_id = (int)$admin_category_id;
$category = mysql_select_single("SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id`
$category = mysql_select_single("SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id`
FROM `znote_forum` WHERE `id`='$admin_category_id' LIMIT 1;");
if ($category !== false) {
?>
@ -276,7 +276,7 @@ if ($admin && !empty($_POST)) {
<td><label for="admin_category_closed">Closed:</label></td>
<td>
<select name="admin_category_closed" class="span12">
<?php
<?php
if ($category['closed'] == 1) echo '<option value="1" selected>Yes</option>';
else echo '<option value="1">Yes</option>';
if ($category['closed'] == 0) echo '<option value="0" selected>No</option>';
@ -289,7 +289,7 @@ if ($admin && !empty($_POST)) {
<td><label for="admin_category_hidden">Hidden:</label></td>
<td>
<select name="admin_category_hidden" class="span12">
<?php
<?php
if ($category['hidden'] == 1) echo '<option value="1" selected>Yes</option>';
else echo '<option value="1">Yes</option>';
if ($category['hidden'] == 0) echo '<option value="0" selected>No</option>';
@ -316,7 +316,7 @@ if ($admin && !empty($_POST)) {
</form>
<?php
} else echo '<h2>Category not found.</h2>';
}
// delete category
@ -425,16 +425,16 @@ if (!empty($_GET)) {
}
if ($access) {
mysql_insert("INSERT INTO `znote_forum_threads`
(`forum_id`, `player_id`, `player_name`, `title`, `text`, `created`, `updated`, `sticky`, `hidden`, `closed`)
mysql_insert("INSERT INTO `znote_forum_threads`
(`forum_id`, `player_id`, `player_name`, `title`, `text`, `created`, `updated`, `sticky`, `hidden`, `closed`)
VALUES (
'$create_thread_category',
'$create_thread_cid',
'". $charData[$create_thread_cid]['name'] ."',
'$create_thread_title',
'$create_thread_text',
'". time() ."',
'". time() ."',
'$create_thread_category',
'$create_thread_cid',
'". $charData[$create_thread_cid]['name'] ."',
'$create_thread_title',
'$create_thread_text',
'". time() ."',
'". time() ."',
'0', '0', '0');");
SendGet(array('cat'=>$create_thread_category), 'forum.php');
} else echo '<p><b><font color="red">Permission to create thread denied.</font></b></p>';
@ -561,11 +561,11 @@ if (!empty($_GET)) {
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th<?php if ($threadPlayer !== false) echo ' colspan="2"'; ?>>
<?php
echo getClock($threadData['created'], true);
<?php
echo getClock($threadData['created'], true);
if ($threadPlayer === false): ?>
- Created by:
<?php
- Created by:
<?php
echo "<a href='characterprofile.php?name=". $threadData['player_name'] ."'>". $threadData['player_name'] ."</a>";
endif;
?>
@ -591,7 +591,7 @@ if (!empty($_GET)) {
<hr class="bighr">
<?php
if ($admin || $leader) {
// PlayerHaveAccess($yourChars, $thread['player_name']) ||
// PlayerHaveAccess($yourChars, $thread['player_name']) ||
// $yourChars
?>
<table class="adminTable table">
@ -662,7 +662,7 @@ if (!empty($_GET)) {
$players = array();
$extra = false;
if ($config['forum']['outfit_avatars'] || $config['forum']['player_position']) {
$extra = true;
$extra = true;
foreach($posts as $post)
if (!isset($players[$post['player_id']]))
@ -682,7 +682,7 @@ if (!empty($_GET)) {
<th<?php if ($extra) echo ' colspan="2"'; ?>>
<?php echo getClock($post['created'], true);
if (!$extra): ?>
- Posted by:
- Posted by:
<?php echo "<a href='characterprofile.php?name=". $post['player_name'] ."'>". $post['player_name'] ."</a>";
endif; ?>
</th>
@ -771,7 +771,7 @@ if (!empty($_GET)) {
?>
<?php
}
} else
/////////////////////
@ -902,7 +902,7 @@ if (!empty($_GET)) {
} else echo "<p>You must have a character on your account that is level ". $config['forum']['level'] ."+ to create new threads.</p>";
} else echo "<p><font color='red'>Your permission to access this board has been denied.<br>If you are trying to access a Guild Board, you need level: ". $config['forum']['level'] ."+</font></p>";
}
}
} else {
//////////////////////
@ -910,7 +910,7 @@ if (!empty($_GET)) {
if (!$admin) $categories = mysql_select_multi(
"SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id` FROM `znote_forum` WHERE `access`<='$yourAccess' ORDER BY `name`;");
else $categories = mysql_select_multi("SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id` FROM `znote_forum` ORDER BY `name`;");
$guildboard = false;
?>
<table class="znoteTable table table-striped table-hover" id="forumCategoryTable">
@ -966,7 +966,7 @@ if (!empty($_GET)) {
echo "[". $guildName[$category['guild_id']] ."] ";
}
echo $category['name'] ."</td>";
// Admin columns
if ($admin) {
?>
@ -1041,7 +1041,7 @@ if (!empty($_GET)) {
echo "[". $guildName[$board['guild_id']] ."] ";
}
echo $board['name'] ."</td>";
// Admin columns
if ($admin) {
?>
@ -1072,7 +1072,7 @@ if (!empty($_GET)) {
<h2>Create board:</h2>
<form action="" method="post">
<input type="text" name="admin_board_create_name" placeholder="Board name"><br><br>
Required access: <select name="admin_board_create_access">
<?php
foreach($config['ingame_positions'] as $access => $name) {
@ -1085,7 +1085,7 @@ if (!empty($_GET)) {
<option value="0">No</option>
<option value="1">Yes</option>
</select><br>
Board hidden: <select name="admin_board_create_hidden">
<option value="0">No</option>
<option value="1">Yes</option>
@ -1099,7 +1099,7 @@ if (!empty($_GET)) {
}
?>
</select><br><br>
<input type="submit" value="Create Board" class="btn btn-primary">
</form>
<?php
@ -1108,4 +1108,4 @@ if (!empty($_GET)) {
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

22
forum_search.php
View File

@ -79,8 +79,8 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
case 1: // Search titles
$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` WHERE $textTitleSql ORDER BY `id` DESC LIMIT $searchResults;");
// Filter out search results in custom access boards.
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
$results[$i]['forum_id'] = false;
else {
$results[$i]['title'] = stripBBCode($results[$i]['title']);
@ -90,7 +90,7 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
//if ($results !== false) data_dump($results, false, "Search results");
//else echo "<br><b>No results.</b>";
break;
case 2: // Search posts
$results = mysql_select_multi("SELECT `thread_id`, `player_name`, `text` FROM `znote_forum_posts` WHERE $textPostSql ORDER BY `id` DESC LIMIT $searchResults;");
// Missing ['forum_id'], ['title'], lets get them
@ -110,12 +110,12 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
} // DONE. :)
//data_dump(false, $results, "DATA");
break;
case 3: // Search authors last threads
$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` WHERE $textAuthorSql ORDER BY `id` DESC LIMIT $searchResults;");
// Filter out search results in custom access boards.
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
$results[$i]['forum_id'] = false;
else {
$results[$i]['title'] = stripBBCode($results[$i]['title']);
@ -125,7 +125,7 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
//if ($results !== false) data_dump($results, false, "Search results");
//else echo "<br><b>No results.</b>";
break;
case 4: // Search authors last posts
$results = mysql_select_multi("SELECT `thread_id`, `player_name`, `text` FROM `znote_forum_posts` WHERE $textAuthorSql ORDER BY `id` DESC LIMIT $searchResults;");
// Missing ['forum_id'], ['title'], lets get them
@ -148,8 +148,8 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
case 5: // Search latest titles
$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` ORDER BY `id` DESC LIMIT $searchResults;");
// Filter out search results in custom access boards.
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
for ($i = 0; $i < count($results); $i++)
if (!in_array($results[$i]['forum_id'], $allowedForums))
$results[$i]['forum_id'] = false;
else {
$results[$i]['title'] = stripBBCode($results[$i]['title']);
@ -220,5 +220,5 @@ if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6)
} else echo "No results.";
} else echo "<br><b>You must fill in all fields!</b>";
include 'layout/overall/footer.php';
?>
include 'layout/overall/footer.php';
?>

12
gallery.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
$logged_in = user_logged_in();
if ($logged_in === true) {
if (!empty($_POST['new'])) {
@ -20,7 +20,7 @@ if ($logged_in === true) {
$doc->loadHTML($imageDom);
$xml=simplexml_import_dom($doc); // just to make xpath more simple
$images=$xml->xpath('//img');
foreach ($images as $img) {
foreach ($images as $img) {
$imageSrc = (string)$img['src'];
}
$title = $_POST['title'];
@ -63,7 +63,7 @@ if ($logged_in === true) {
<p>The image has already been posted. However, images will not be listed until a GM have verified it.</p>
<?php
}
} else { // Failed to locate imageSrc
?>
<h1>Failed to find the image</h1>
@ -81,7 +81,7 @@ if (empty($_POST)) {
</form>
<?php
}
$cache = new Cache('engine/cache/gallery');
$images = $cache->load();
if (is_array($images) && !empty($images)) {
@ -108,8 +108,8 @@ if (empty($_POST)) {
</table>
<?php }
} else echo '<h2>There are currently no public images.</h2>';
if ($logged_in === false) echo 'You need to be logged in to add images.';
}
include 'layout/overall/footer.php';
?>
?>

22
guildwar.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php';
<?php require_once 'engine/init.php';
if ($config['require_login']['guildwars']) protect_page();
if ($config['log_ip']) znote_visitor_insert_detailed_data(3);
if ($config['guildwar_enabled'] === false) {
@ -10,26 +10,26 @@ include 'layout/overall/header.php';
if (!empty($_GET['warid'])) {
$warid = (int)$_GET['warid']; // Sanitizing GET.
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'OTHIRE' || $config['ServerEngine'] == 'TFS_10') $war = get_guild_war($warid);
else if ($config['ServerEngine'] == 'TFS_03') $war = get_guild_war03($warid);
else die("Can't recognize TFS version. It has to be either TFS_02 or TFS_03. Correct this in config.php");
if ($war != false) {
// Kills data for this specific war entry
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'OTHIRE' || $config['ServerEngine'] == 'TFS_10') $kills = get_war_kills($warid);
else if ($config['ServerEngine'] == 'TFS_03') $kills = get_war_kills03($warid);
?>
<h1><?php echo $war['name1']; ?> - VERSUS - <?php echo $war['name2']; ?></h1>
<?php
// Collecting <ul> data:
$guild1 = $war['guild1'];
$g1c = 0; // kill count
$guild2 = $war['guild2'];
$g2c = 0; // kill count
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'OTHIRE' || $config['ServerEngine'] == 'TFS_10') {
foreach (($kills ? $kills : array()) as $kill) {
if ($kill['killerguild'] == $guild1)
@ -37,7 +37,7 @@ if (!empty($_GET['warid'])) {
else
$g2c++;
}
$green = false;
if ($g1c > $g2c) {
$leading = $war['name1'];
@ -141,10 +141,10 @@ if (!empty($_GET['warid'])) {
// END BORROWED FROM GESIOR
}
}
} else {
// Display current wars.
// Fetch list of wars
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'TFS_10' || $config['ServerEngine'] == 'OTHIRE') $wardata = get_guild_wars();
else if ($config['ServerEngine'] == 'TFS_03') $wardata = get_guild_wars03();
@ -157,9 +157,9 @@ if (!empty($_GET['warid'])) {
foreach ($wardata as $wars) {
if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'TFS_10' || $config['ServerEngine'] == 'OTHIRE') $killsdata[$wars['id']] = get_war_kills($wars['id']);
else if ($config['ServerEngine'] == 'TFS_03') $killsdata[$wars['id']] = get_war_kills03($wars['id']);
}
}
?>
<table id="guildwarViewTable" class="table table-striped table-hover">
<tr class="yellow">
<th>Attacking Guild:</th>

26
helpdesk.php
View File

@ -28,7 +28,7 @@ if ($view !== false) {
}
?>
<h1>View Ticket #
<?php
<?php
echo $ticketData['id'];
if ($ticketData['status'] === 'CLOSED') {
echo '<span style="color:red">[CLOSED]</SPAN>';
@ -38,10 +38,10 @@ if ($view !== false) {
<tr class="yellow">
<th>
<?php
echo getClock($ticketData['creation'], true);
echo getClock($ticketData['creation'], true);
?>
- Created by:
<?php
- Created by:
<?php
echo $ticketData['username'];
?>
</th>
@ -60,11 +60,11 @@ if ($view !== false) {
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($reply['created'], true);
<?php
echo getClock($reply['created'], true);
?>
- Posted by:
<?php
- Posted by:
<?php
echo $reply['username'];
?>
</th>
@ -100,7 +100,7 @@ if ($view !== false) {
break 1;
}
}
// check errors (= user exist, pass long enough
if (empty($errors) === true) {
/* Token used for cross site scripting security */
@ -112,7 +112,7 @@ if ($view !== false) {
$errors[] = "Please confirm that you're not a robot.";
}
}
// Reversed this if, so: first check if you need to validate, then validate.
// Reversed this if, so: first check if you need to validate, then validate.
if ($config['validate_IP'] === true && validate_ip(getIP()) === false) {
$errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
}
@ -167,14 +167,14 @@ if ($view !== false) {
'creation' => time(),
'status' => 'Open'
);
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
mysql_insert("INSERT INTO `znote_tickets` ($fields) VALUES ($data)");
header('Location: helpdesk.php?success');
exit();
} else if (empty($errors) === false) {
echo '<font color="red"><b>';
echo output_errors($errors);
@ -218,7 +218,7 @@ if ($view !== false) {
</li>
</ul>
</form>
<?php
<?php
}
}
include 'layout/overall/footer.php';

4
highscores.php
View File

@ -67,7 +67,7 @@ if ($vocGroups) {
?>
<h1>Ranking for <?php echo skillName($type) .", ". (($vocation === 'all') ? 'any vocation' : vocation_id_to_name($vocation)) ?>.</h1>
<form action="" method="GET">
<select name="type">
@ -149,4 +149,4 @@ if ($vocGroups) {
</table>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

46
house.php
View File

@ -29,7 +29,7 @@ if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
$bid_char = (int)$bid_char;
$bid_amount = (int)$bid_amount;
$player = mysql_select_single("SELECT `id`, `account_id`, `name`, `level`, `balance` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
if (user_logged_in() === true && $player['account_id'] == $session_user_id) {
// Does player have or need premium?
$premstatus = $config['houseConfig']['requirePremium'];
@ -50,7 +50,7 @@ if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
// Is bid higher than lowest bid?
if ($bid_amount > $minbid) {
// Should only apply to external players, allowing a player to up his pledge without
// being forced to pay his full previous bid.
// being forced to pay his full previous bid.
if ($house['highest_bidder'] != $player['id']) $lastbid = $house['bid'] + 1;
else {
$lastbid = $house['last_bid'];
@ -95,11 +95,11 @@ if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
}
////////////////////////////////////////
// Instantly buy house with shop points
if ($config['houseConfig']['shopPoints']['enabled']
&& isset($_POST['instantbuy'])
// Instantly buy house with shop points
if ($config['houseConfig']['shopPoints']['enabled']
&& isset($_POST['instantbuy'])
&& $bid_char
&& $house['owner'] == 0
&& $house['owner'] == 0
&& isset($house['points'])) {
$account_points = (int)$user_znote_data['points'];
@ -110,48 +110,48 @@ if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
$player = mysql_select_single("SELECT `id`, `account_id`, `name`, `level` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
$pHouseCount = mysql_select_single("SELECT COUNT('id') AS `value` FROM `houses` WHERE ((`highest_bidder`='$bid_char' AND `owner`='$bid_char') OR (`highest_bidder`='$bid_char') OR (`owner`='$bid_char')) AND `id`!='".$house['id']."' LIMIT 1;");
if (user_logged_in() === true
if (user_logged_in() === true
&& $player['account_id'] == $session_user_id
&& $player['level'] >= $config['houseConfig']['levelToBuyHouse']
&& $pHouseCount['value'] < $config['houseConfig']['housesPerPlayer']) {
$house_points = (int)$house['points'];
$house_id = $house['id'];
// Remove points from account
mysql_update("
UPDATE `znote_accounts`
SET `points` = `points`-{$house_points}
WHERE `account_id`={$session_user_id}
UPDATE `znote_accounts`
SET `points` = `points`-{$house_points}
WHERE `account_id`={$session_user_id}
LIMIT 1;
");
// Give new ownership to house
mysql_update("
UPDATE `houses`
UPDATE `houses`
SET `owner` = {$bid_char}
WHERE `id` = {$house_id}
WHERE `id` = {$house_id}
LIMIT 1;
");
// Log purchase in znote_shop_logs and znote_shop_orders
$time = time();
mysql_insert("
INSERT INTO `znote_shop_logs`
(`account_id`, `player_id`, `type`, `itemid`, `count`, `points`, `time`) VALUES
INSERT INTO `znote_shop_logs`
(`account_id`, `player_id`, `type`, `itemid`, `count`, `points`, `time`) VALUES
({$session_user_id}, {$bid_char}, 7, {$house_id}, 1, {$house_points}, {$time})
");
mysql_insert("
INSERT INTO `znote_shop_orders`
(`account_id`, `type`, `itemid`, `count`, `time`) VALUES
INSERT INTO `znote_shop_orders`
(`account_id`, `type`, `itemid`, `count`, `time`) VALUES
({$session_user_id}, 7, {$house_id}, {$bid_char}, {$time})
");
// Reload house data
$house = mysql_select_single($house_SQL);
$minbid = $config['houseConfig']['minimumBidSQM'] * $house['size'];
if ($house['owner'] > 0) $house['ownername'] = user_name($house['owner']);
// Congratulate user and tell them they still has to pay rent (if rent > 0)
?>
<p><strong>Congratulations!</strong>
@ -178,7 +178,7 @@ if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
?>
<h1>House: <?php echo $house['name']; ?></h1>
<ul>
<li><b>Town</b>:
<li><b>Town</b>:
<?php
$town_name = &$config['towns'][$house['town_id']];
echo "<a href='houses.php?id=". $house['town_id'] ."'>". ($town_name ? $town_name : 'Specify town id ' . $house['town_id'] . ' name in config.php first.') ."</a>";

12
houses.php
View File

@ -9,7 +9,7 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
/* Token used for cross site scripting security */
if (isset($_POST['token']) && Token::isValid($_POST['token'])) {
$townid = (int)$_POST['selected'];
$cache = new Cache('engine/cache/houses');
$array = array();
@ -17,7 +17,7 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
$tmp = fetchAllHouses_03();
$cache->setContent($tmp);
$cache->save();
foreach ($tmp as $t) {
if ($t['town'] == $townid) $array[] = $t;
}
@ -29,7 +29,7 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
}
$array = isset($array) ? $array : false;
}
// Design and present the list
if ($array) {
?>
@ -44,7 +44,7 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
<th>Beds:</th>
<th>Price:</th>
<th>Owner:</th>
</tr>
<?php
foreach ($array as $value) {
@ -91,7 +91,7 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
$cache = new Cache('engine/cache/houses/sqldata');
if ($cache->hasExpired()) {
$house_query = mysql_select_multi('SELECT `players`.`name`, `houses`.`id` FROM `players`, `houses` WHERE `houses`.`owner` = `players`.`id`;');
$cache->setContent($house_query);
$cache->save();
} else
@ -280,4 +280,4 @@ if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
echo "<h1>Failed to fetch data from sql->houses table.</h1><p>Is the table empty?</p>";
} // End TFS 1.0 logic
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

16
index.php
View File

@ -37,7 +37,7 @@ require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php
} else echo "No changelogs submitted.";
}
$cache = new Cache('engine/cache/news');
if ($cache->hasExpired()) {
$news = fetchAllNews();
@ -46,10 +46,10 @@ require_once 'engine/init.php'; include 'layout/overall/header.php';
} else {
$news = $cache->load();
}
// Design and present the list
if ($news) {
$total_news = count($news);
$row_news = $total_news / $config['news_per_page'];
$page_amount = ceil($total_news / $config['news_per_page']);
@ -81,7 +81,7 @@ require_once 'engine/init.php'; include 'layout/overall/header.php';
} else {
for ($i = 0; $i < count($news); $i++) if ((int)$view === (int)$news[$i]['id']) $si = $i;
}
if ($si !== false) {
?>
<table id="news">
@ -126,7 +126,7 @@ require_once 'engine/init.php'; include 'layout/overall/header.php';
</tr>
</table>
<?php
}
}
}
echo '<select name="newspage" onchange="location = this.options[this.selectedIndex].value;">';
@ -142,13 +142,13 @@ require_once 'engine/init.php'; include 'layout/overall/header.php';
echo '<option value="index.php?page='.$i.'">Page '.$i.'</option>';
}
}
echo '</select>';
}
} else {
echo '<p>No news exist.</p>';
}
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

18
ipn.php
View File

@ -6,7 +6,7 @@
// Require the functions to connect to database and fetch config values
require 'config.php';
require 'engine/database/connect.php';
// Fetch and sanitize POST and GET values
function getValue($value) {
return (!empty($value)) ? sanitize($value) : false;
@ -14,7 +14,7 @@
function sanitize($data) {
return htmlentities(strip_tags(mysql_znote_escape_string($data)));
}
function VerifyPaypalIPN(array $IPN = null){
if(empty($IPN)){
$IPN = $_POST;
@ -60,8 +60,8 @@
// Fetch paypal configurations
$paypal = $config['paypal'];
$prices = $config['paypal_prices'];
// Send an empty HTTP 204 OK response to acknowledge receipt of the notification
// Send an empty HTTP 204 OK response to acknowledge receipt of the notification
http_response_code(204);
// Build the required acknowledgement message out of the notification just received
@ -82,19 +82,19 @@
$connectedIp = $_SERVER['REMOTE_ADDR'];
mysql_insert("INSERT INTO `znote_paypal` VALUES ('0', '0', 'Connection from IP: $connectedIp', '0', '0', '0')");
$status = VerifyPaypalIPN();
if ($status) {
// Check that the payment_status is Completed
if ($payment_status == 'Completed') {
// Check that txn_id has not been previously processed
$txn_id_check = mysql_select_single("SELECT `txn_id` FROM `znote_paypal` WHERE `txn_id`='$txn_id'");
if ($txn_id_check !== true) {
// Check that receiver_email is your Primary PayPal email
if ($receiver_email == $paypal['email']) {
$status = true;
$paidMoney = 0;
$paidPoints = 0;
@ -108,12 +108,12 @@
if ($paidMoney == 0) $status = false; // Wrong ammount of money
if ($payment_currency != $paypal['currency']) $status = false; // Wrong currency
// Verify that the user havent messed around with POST data
if ($status) {
// transaction log
mysql_insert("INSERT INTO `znote_paypal` VALUES ('0', '$txn_id', '$payer_email', '$custom', '".$paidMoney."', '".$paidPoints."')");
// Process payment
$data = mysql_select_single("SELECT `points` AS `old_points` FROM `znote_accounts` WHERE `account_id`='$custom';");

60
items.php
View File

@ -1,7 +1,7 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
if($config['items'] == true) {
// Loading equipable items list
$itemsCache = new Cache('engine/cache/items');
if (user_logged_in() && is_admin($user_data)) {
@ -13,10 +13,10 @@ if (user_logged_in() && is_admin($user_data)) {
$types = array();
$type_attr = array();
$groups = array();
// This empty array will eventually contain all items grouped by type and indexed by item type
$items = array();
// Loop through each XML item object
foreach ($itemsXML as $type => $item) {
// Get item types
@ -41,11 +41,11 @@ if (user_logged_in() && is_admin($user_data)) {
if (!in_array($attr, $type_attr[$type]))
$type_attr[$type][] = $attr;
}
// Loop through every <attribute> object inside the <item> object
$item_attributes = array();
$iai = array();
foreach ($item as $attribute) {
foreach ($attribute->attributes() as $aName => $aValue) {
if($aName == 'key') {
@ -68,22 +68,22 @@ if (user_logged_in() && is_admin($user_data)) {
if (!in_array($attr, $type_attr[$type]))
$type_attr[$type][] = $attr;
}
// Add items with slotType or weaponType (TFS 1.x default)
if(isset($attributes['id'])) $id = (isset($attributes['id'])) ? $attributes['id'] : false;
if(isset($attributes['fromid'])) $id = (isset($attributes['name'])) ? $attributes['name'] : false;
if (isset($item_attributes['slotType']) || isset($item_attributes['weaponType'])) {
$items[$type][$id] = array('attributes' => $item_attributes);
// Populate item array with potential relevant attributes for the item type
foreach ($type_attr[$type] as $att)
$items[$type][$id][$att] = (isset($attributes[$att])) ? $attributes[$att] : false;
}
$save = array($items);
}
$itemsCache->setContent($items);
$itemsCache->save();
@ -103,12 +103,12 @@ if (user_logged_in() && is_admin($user_data)) {
$items = $itemsCache->load();
}
// End loading items list
if ($items) {
// Preparing data
$types = array_keys($items);
$itemServer = 'http://'.$config['shop']['imageServer'].'/';
//slotType values and names
if(isset($_GET['slot'])) {
switch($_GET['slot']) {
@ -177,16 +177,16 @@ if ($items) {
break;
}
}
// Render HTML
if(isset($_GET['slot']) && ($slottype_name == 'null')) header("Location:items.php");
?>
<h1 id="items">Items<?php if (isset($_GET['slot'])) echo ' ('.$slottype_name.')';?></h1>
<?php if(empty($_GET['slot'])) { ?>
<table>
<tbody>
<tr>
<tr>
<td style="text-align:center;"><a href="?slot=helmet">Helmets<br><img src="<?php echo $itemServer.'2471.gif'; ?>" /></a></td>
<td style="text-align:center;"><a href="?slot=sword">Swords<br><img src="<?php echo $itemServer.'8931.gif'; ?>" /></a></td>
<td style="text-align:center;"><a href="?slot=shield">Shields & Spellbooks<br><img src="<?php echo $itemServer.'2523.gif'; ?>" /></a></td>
@ -218,14 +218,14 @@ if ($items) {
<td>Name</td>
<td>Attributes</td>
</tr>
<?php foreach ($items['item'] as $select) {
<?php foreach ($items['item'] as $select) {
$attributes = array();
$extradef = NULL;
$element = NULL;
if (!empty($select['id'])) $itemid = $select['id'];
else $itemid = $select['fromid'];
if (!empty($select['attributes'])) {
foreach ($select['attributes'] as $att => $value) {
if($att == 'slotType' || $att == 'weaponType') $slotType = $value;
@ -233,16 +233,16 @@ if ($items) {
else $show = false;
}
}
if($show == true) { ?>
<tr>
<td><img src="<?php echo $itemServer.$itemid.'.gif'; ?>" /></td>
<td><?php echo ucwords($select['name']); ?></td>
<td><?php
foreach ($select['attributes'] as $array => $value) {
$extra = NULL;
if($value > 0) $extra = '+';
if($value > 0) $extra = '+';
switch ($array) {
case 'weight':
echo ucwords($array).': '.intval($value/100).'.'.substr($value, -2).' oz<br>';
@ -358,7 +358,7 @@ if ($items) {
break;
case 'suppressCurse':
echo 'Suppress Curse: Yes<br>';
break;
break;
Those are not necessary in my opinion, but if you want to show
**/
case 'speed':
@ -369,18 +369,18 @@ if ($items) {
break;
}
}
?>
?>
</td>
</tr>
<?php
}
} ?>
</tbody>
</table>
<?php
}
} else { ?>
@ -390,5 +390,5 @@ if ($items) {
} else {
echo 'Items\' page not enabled.';
}
include 'layout/overall/footer.php';
include 'layout/overall/footer.php';
?>

14
killers.php
View File

@ -3,7 +3,7 @@ if ($config['ServerEngine'] == 'TFS_02' || $config['ServerEngine'] == 'TFS_10' |
$cache = new Cache('engine/cache/killers');
if ($cache->hasExpired()) {
$killers = fetchMurders();
$cache->setContent($killers);
$cache->save();
} else {
@ -12,7 +12,7 @@ if ($cache->hasExpired()) {
$cache = new Cache('engine/cache/victims');
if ($cache->hasExpired()) {
$victims = fetchLoosers();
$cache->setContent($victims);
$cache->save();
} else {
@ -36,7 +36,7 @@ if ($killers) {
<th>Name</th>
<th>Kills</th>
</tr>
<?php foreach ($killers as $killer) {
<?php foreach ($killers as $killer) {
echo '<tr>';
echo "<td width='70%'><a href='characterprofile.php?name=". $killer['killed_by'] ."'>". $killer['killed_by'] ."</a></td>";
echo "<td width='30%'>". $killer['kills'] ."</td>";
@ -54,7 +54,7 @@ if ($victims) {
<th>Name</th>
<th>Deaths</th>
</tr>
<?php foreach ($victims as $victim) {
<?php foreach ($victims as $victim) {
echo '<tr>';
echo "<td width='70%'><a href='characterprofile.php?name=". $victim['name'] ."'>". $victim['name'] ."</a></td>";
echo "<td width='30%'>". $victim['Deaths'] ."</td>";
@ -73,7 +73,7 @@ if ($latests) {
<th>Time</th>
<th>Victim</th>
</tr>
<?php foreach ($latests as $last) {
<?php foreach ($latests as $last) {
echo '<tr>';
echo "<td width='35%'><a href='characterprofile.php?name=". $last['killed_by'] ."'>". $last['killed_by'] ."</a></td>";
echo "<td width='30%'>". getClock($last['time'], true) ."</td>";
@ -95,7 +95,7 @@ if ($latests) {
}
if ($deaths && !empty($deaths)) {
?>
?>
<h1>Latest Killers</h1>
<table id="deathsTable" class="table table-striped">
<tr class="yellow">
@ -103,7 +103,7 @@ if ($latests) {
<th>Time</th>
<th>Victim</th>
</tr>
<?php foreach ($deaths as $death) {
<?php foreach ($deaths as $death) {
echo '<tr>';
echo "<td><a href='characterprofile.php?name=". $death['killed_by'] ."'>". $death['killed_by'] ."</a></td>";
echo "<td>". getClock($death['time'], true) ."</td>";

1
layout/css/resp.css
View File

@ -26,5 +26,4 @@
.banner {
height: 170px;
}
}

8
layout/css/style.css
View File

@ -143,7 +143,6 @@ nav .container > div > ul > li > ul {
border-bottom: 1px solid var(--border);
}
.main {
width: 1220px;
margin: 2rem auto;
@ -151,16 +150,11 @@ nav .container > div > ul > li > ul {
z-index: 1;
}
.ellipsis {
text-overflow: ellipsis;
white-space: nowrap;
}
.alert-box {
max-width: 500px;
font-size: 14px;
@ -356,4 +350,4 @@ div.relative {
.postHolder iframe {
display: block;
margin: auto;
}
}

2
layout/layout_config.php
View File

@ -10,7 +10,7 @@
// Use same date format when changing: yyyy-mm-dd hh:mm
$countDown = "2020-06-10 01:00";
// Hide countdown after 1 day (24 hours) after countDown
$countDown_hide = 1 * 24 * 60 * 60;

6
layout/overall/footer.php
View File

@ -14,8 +14,8 @@
<!--
Designed By <a href="https://otland.net/members/snavy.155163/" target="_blank">Snavy</a>
-->
</footer>
</div><!-- Main container END -->
</body>
@ -26,4 +26,4 @@
Facebook: http://www.facebook.com/idont.reallywolf.1
Twitter: @idontreallywolf
Converted to Znote AAC by: Znote
-->
-->

6
layout/sub.php
View File

@ -2,7 +2,7 @@
/* Znote AAC Sub System
- Used to create custom pages
- Place the contents of the page in /layout/sub/ folder.
: You don't need to include init, header or footer.
: You don't need to include init, header or footer.
Its already taken care of, just write the contents you want.
Then add that page to the configuration below. Config syntax:
@ -13,7 +13,7 @@
................
There are 2 ways to view your page, by using sub.php file, or by overriding an existing default page.
1: yourwebiste.com/sub.php?page=PAGENAME
2: By having override => true, then it will load your sub file instead of the default znote aac file.
2: By having override => true, then it will load your sub file instead of the default znote aac file.
*/
@ -46,4 +46,4 @@ $subpages = array(
'override' => false
)
);
?>
?>

12
layout/sub/index.php
View File

@ -40,7 +40,7 @@ if ($cache->hasExpired()) {
// Design and present the list
if ($news) {
$total_news = count($news);
$row_news = $total_news / $config['news_per_page'];
$page_amount = ceil($total_news / $config['news_per_page']);
@ -72,7 +72,7 @@ if ($news) {
} else {
for ($i = 0; $i < count($news); $i++) if ((int)$view === (int)$news[$i]['id']) $si = $i;
}
if ($si !== false) {
echo "hello world!";
?>
@ -118,7 +118,7 @@ if ($news) {
</div>
</div>
<?php
}
}
}
echo '<select name="newspage" onchange="location = this.options[this.selectedIndex].value;">';
@ -134,12 +134,12 @@ if ($news) {
echo '<option value="index.php?page='.$i.'">Page '.$i.'</option>';
}
}
echo '</select>';
}
} else {
echo '<p>No news exist.</p>';
}
?>
?>

4
layout/widgets/admin.php
View File

@ -34,7 +34,7 @@
$threads = mysql_select_multi("SELECT `id`, `player_id` FROM `znote_forum_threads` WHERE `forum_id`='$cat' AND `closed`='0';");
if ($threads !== false) {
$staffs = mysql_select_multi("SELECT `id` FROM `players` WHERE `group_id` > '1';");
foreach($threads as $thread) {
$response = false;
$posts = mysql_select_multi("SELECT `id`, `player_id` FROM `znote_forum_posts` WHERE `thread_id`='". $thread['id'] ."';");
@ -55,4 +55,4 @@
</li>
</ul>
</div>
</div>
</div>

4
layout/widgets/charactersearch.php
View File

@ -29,7 +29,7 @@
}
?>
<script type="text/javascript">
window.searchNames = <?php echo json_encode($names)?>;
window.searchNames = <?php echo json_encode($names)?>;
$(function() {
if (window.searchNames.length > 0) {
$('#src_name').keyup(function(e) {
@ -59,4 +59,4 @@
});
</script>
</div>
</div>
</div>

6
layout/widgets/houses.php
View File

@ -6,10 +6,10 @@
<form action="houses.php" method="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "post"; else echo "get" ;?>">
<select name="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "selected"; else echo "id" ;?>">
<?php
foreach ($config['towns'] as $id => $name)
foreach ($config['towns'] as $id => $name)
echo '<option value="'. $id .'">'. $name .'</option>';
?>
</select>
</select>
<?php
/* Form file */
if ($config['ServerEngine'] !== 'TFS_10') Token::create();
@ -17,4 +17,4 @@
<input type="submit" value="Fetch houses">
</form>
</div>
</div>
</div>

4
layout/widgets/serverinfo.php
View File

@ -23,7 +23,7 @@
}
if ($status) {
?>
<li><a href="onlinelist.php">Players online:
<li><a href="onlinelist.php">Players online:
<?php echo user_count_online(); ?></a></li>
<?php
}
@ -31,4 +31,4 @@
<li>Registered accounts: <?php echo user_count_accounts();?></li>
</ul>
</div>
</div>
</div>

4
layout/widgets/topplayers.php
View File

@ -8,7 +8,7 @@
$cache = new Cache('engine/cache/topPlayer');
if ($cache->hasExpired()) {
$players = mysql_select_multi('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscore']['ignoreGroupId'] . ' ORDER BY `level` DESC, `experience` DESC LIMIT 5;');
$cache->setContent($players);
$cache->save();
} else {
@ -24,4 +24,4 @@
?>
</table>
</div>
</div>
</div>

8
logout.php
View File

@ -1,8 +1,8 @@
<?php
<?php
require_once 'engine/init.php'; include 'layout/overall/header.php';
if (isset($_SESSION)) {
session_destroy();
header('Location: index.php');
}
?>
}
?>

6
market.php
View File

@ -8,7 +8,7 @@ $compare = &$_GET['compare'];
// If we failed to load items.xml, a string is returned (not an array)
// with the attempted loaded file path.
// So if $items is not an array, send an error message, include the footer and ignore rest of this page.
if (is_array($items) === false):
if (is_array($items) === false):
?>
<h1>Marketplace</h1>
<p>Failed to load item list.</p>
@ -112,7 +112,7 @@ if (!$compare) {
}
$condition = (!empty($query)) ? "`itemtype` IN (". implode(',', $query) .")" : false;
}
// First list active bids
if ($condition === false) {
$offers = array();
@ -217,4 +217,4 @@ if (!$compare) {
</table>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

10
monster_loot.php
View File

@ -1,6 +1,6 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php'; ?>
<?php
<?php
###### MONSTER LOOT CHECKER ######
###### VERSION: 1.5
@ -42,12 +42,12 @@ $rarity = array(
?>
<br><br>
<?php
<?php
$items = simplexml_load_file($otdir . '/data/items/items.xml') or die('<b>Could not load items!</b>');
foreach($items->item as $v)
$itemList[(int)$v['id']] = $v['name'];
foreach($items->item as $v)
$itemList[(int)$v['id']] = $v['name'];
if(isset($_GET['lootrate'])) {
if(isset($_GET['lootrate'])) {
$config = parse_ini_file($otdir . '/config.lua');
$lootRate = $config['rate_loot'];
}

10
myaccount.php
View File

@ -1,6 +1,6 @@
<?php require_once 'engine/init.php';
protect_page();
include 'layout/overall/header.php';
include 'layout/overall/header.php';
#region CANCEL CHARACTER DELETE
$undelete_id = @$_GET['cancel_delete_id'];
if($undelete_id) {
@ -31,7 +31,7 @@ if (isset($_GET['authenticate']) && $config['mailserver']['myaccount_verify_emai
$active = (int) $user['active'];
$active_email = (int) $user['active_email'];
$verify_points = ($active_email == 0 && $config['mailserver']['verify_email_points'] > 0)
? ", `points` = `points` + {$config['mailserver']['verify_email_points']}"
? ", `points` = `points` + {$config['mailserver']['verify_email_points']}"
: '';
// Enable the account to login
if ($active == 0 || $active_email == 0) {
@ -58,12 +58,12 @@ if (isset($_GET['authenticate']) && $config['mailserver']['myaccount_verify_emai
$mailer = new Mail($config['mailserver']);
$title = "Please authenticate your email at {$_SERVER['HTTP_HOST']}.";
$body = "<h1>Please click on the following link to authenticate your account:</h1>";
$body .= "<p><a href='{$thisurl}'>{$thisurl}</a></p>";
$body .= "<p>Thank you for verifying your email and enjoy your stay at {$config['mailserver']['fromName']}.</p>";
$body .= "<hr><p>I am an automatic no-reply e-mail. Any emails sent back to me will be ignored.</p>";
$user_name = ($config['ServerEngine'] !== 'OTHIRE') ? $user_data['name'] : $user_data['id'];
//echo "<h1>" . $title . "<h1>" . $body;
$mailer->sendMail($user_data['email'], $title, $body, $user_name);
@ -317,7 +317,7 @@ if ($render_page) {
} else {
echo 'You do not have premium account days.';
}
}
}
if ($config['mailserver']['myaccount_verify_email']):
?><br>Email: <?php echo $user_data['email'];
if ($user_znote_data['active_email'] == 1) {

4
onlinelist.php
View File

@ -17,7 +17,7 @@ if ($config['ServerEngine'] != 'OTHIRE') {
$outfitQuery = ($loadOutfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`" : "";
}
// Small 30 seconds players_online cache.
// Small 30 seconds players_online cache.
$cache = new Cache('engine/cache/onlinelist');
$cache->setExpiration(30);
if ($cache->hasExpired()) {
@ -37,7 +37,7 @@ if ($cache->hasExpired()) {
if (!empty($array) && $array !== false) {
?>
<table id="onlinelistTable" class="table table-striped table-hover">
<tr class="yellow">
<?php if ($loadOutfits) echo "<th>Outfit</th>"; ?>

8
powergamers.php
View File

@ -1,6 +1,6 @@
<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
include 'layout/overall/header.php';
if (!$config['powergamers']['enabled']) {
echo 'This page has been disabled at config.php.';
include 'layout/overall/footer.php';
@ -24,13 +24,13 @@ include 'layout/overall/footer.php';
}
$limit = $config['powergamers']['limit'];
if(!empty($days) && !empty($vocation))
if(!empty($days) && !empty($vocation))
$znotePlayers = mysql_select_multi('SELECT `a`.`id`, `b`.`player_id`, `a`.`name`, `a`.`vocation`, `a`.`level`, `a`.`group_id`, `a`.`experience`, `b`.`exphist_lastexp`, `b`.`exphist1`, `b`.`exphist2`, `b`.`exphist3`, `b`.`exphist4`, `b`.`exphist5`, `b`.`exphist6`, `b`.`exphist7`, (`a`.`experience` - `b`.`exphist_lastexp`) AS `expdiff` FROM `players` `a` JOIN `znote_players` `b` ON `a`.`id` = `b`.`player_id` WHERE `a`.`group_id` < 2 AND `a`.`vocation`='. (int)$vocation .' OR `a`.`vocation`='. ((int)$vocation +4) .' ORDER BY `exphist' . (int)$days . '` DESC LIMIT '.$limit);
elseif(empty($days) && !empty($vocation)) {
$znotePlayers = mysql_select_multi('SELECT `a`.`id`, `b`.`player_id`, `a`.`name`, `a`.`vocation`, `a`.`level`, `a`.`group_id`, `a`.`experience`, `b`.`exphist_lastexp`, `b`.`exphist1`, `b`.`exphist2`, `b`.`exphist3`, `b`.`exphist4`, `b`.`exphist5`, `b`.`exphist6`, `b`.`exphist7`, (`a`.`experience` - `b`.`exphist_lastexp`) AS `expdiff` FROM `players` `a` JOIN `znote_players` `b` ON `a`.`id` = `b`.`player_id` WHERE `a`.`group_id` < 2 AND `a`.`vocation`='. (int)$vocation .' OR `a`.`vocation`='. ((int)$vocation +4) .' ORDER BY `expdiff` DESC LIMIT '.$limit);
}elseif(!empty($days) && empty($vocation))
}elseif(!empty($days) && empty($vocation))
$znotePlayers = mysql_select_multi('SELECT `a`.`id`, `b`.`player_id`, `a`.`name`, `a`.`vocation`, `a`.`level`, `a`.`group_id`, `a`.`experience`, `b`.`exphist_lastexp`, `b`.`exphist1`, `b`.`exphist2`, `b`.`exphist3`, `b`.`exphist4`, `b`.`exphist5`, `b`.`exphist6`, `b`.`exphist7`, (`a`.`experience` - `b`.`exphist_lastexp`) AS `expdiff` FROM `players` `a` JOIN `znote_players` `b` ON `a`.`id` = `b`.`player_id` WHERE `a`.`group_id` < 2 ORDER BY `exphist' . (int)$days . '` DESC LIMIT '.$limit);
else
else
$znotePlayers = mysql_select_multi('SELECT `a`.`id`, `b`.`player_id`, `a`.`name`, `a`.`vocation`, `a`.`level`, `a`.`group_id`, `a`.`experience`, `b`.`exphist_lastexp`, `b`.`exphist1`, `b`.`exphist2`, `b`.`exphist3`, `b`.`exphist4`, `b`.`exphist5`, `b`.`exphist6`, `b`.`exphist7`, (`a`.`experience` - `b`.`exphist_lastexp`) AS `expdiff` FROM `players` `a` JOIN `znote_players` `b` ON `a`.`id` = `b`.`player_id` WHERE `a`.`group_id` < 2 ORDER BY `expdiff` DESC LIMIT '.$limit);
$showVoc = (!empty($vocation)) ? $vocation : 0;

8
protected.php
View File

@ -1,7 +1,7 @@
<?php
<?php
require_once 'engine/init.php';
// To direct users here, add: protect_page(); Here before loading header.
include 'layout/overall/header.php';
include 'layout/overall/header.php';
if (user_logged_in() === true) {
?>
@ -15,6 +15,6 @@ if (user_logged_in() === true) {
<h1>Sorry, you need to be logged in to do that!</h1>
<p>Please register or log in.</p>
<?php
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

12
recovery.php
View File

@ -32,12 +32,12 @@ if ($config['mailserver']['accountRecovery']) {
}
$password = sha1($salt.$password);
}
if ($config['ServerEngine'] != 'OTHIRE')
$user = mysql_select_single("SELECT `p`.`id` AS `player_id`, `a`.`name` FROM `players` `p` INNER JOIN `accounts` `a` ON `p`.`account_id` = `a`.`id` WHERE `p`.`name` = '$character' AND `a`.`email` = '$email' AND `a`.`password` = '$password' LIMIT 1;");
else
$user = mysql_select_single("SELECT `p`.`id` AS `player_id`, `a`.`id` FROM `players` `p` INNER JOIN `accounts` `a` ON `p`.`account_id` = `a`.`id` WHERE `p`.`name` = '$character' AND `a`.`email` = '$email' AND `a`.`password` = '$password' LIMIT 1;");
if ($user !== false) {
// Found user
@ -77,12 +77,12 @@ if ($config['mailserver']['accountRecovery']) {
}
$password = sha1($salt.$newpass);
}
if ($config['ServerEngine'] != 'OTHIRE')
$user = mysql_select_single("SELECT `p`.`id` AS `player_id`, `a`.`name`, `a`.`id` AS `account_id` FROM `players` `p` INNER JOIN `accounts` `a` ON `p`.`account_id` = `a`.`id` WHERE `p`.`name` = '$character' AND `a`.`email` = '$email' AND `a`.`name` = '$username' LIMIT 1;");
else
$user = mysql_select_single("SELECT `p`.`id` AS `player_id`, `a`.`id` AS `account_id` FROM `players` `p` INNER JOIN `accounts` `a` ON `p`.`account_id` = `a`.`id` WHERE `p`.`name` = '$character' AND `a`.`email` = '$email' AND `a`.`id` = '$username' LIMIT 1;");
if ($user !== false) {
// Found user
// Give him the new password
@ -140,7 +140,7 @@ if ($config['mailserver']['accountRecovery']) {
}
} else echo "Captcha image verification was submitted wrong.";
} else {
$a = (isset($_GET['a']) && !empty($_GET['a'])) ? (int)$_GET['a'] : false;
$k = (isset($_GET['k']) && !empty($_GET['k'])) ? (int)$_GET['k'] : false;
@ -171,7 +171,7 @@ if ($config['mailserver']['accountRecovery']) {
<label for="email">Email:</label><input type="text" name="email" placeholder="name@mail.com"><br>
<label for="Character">Character: </label><input type="text" name="character"><br>
<?php
if ($mode === 'password') {
echo '<label for="username">Username:</label> <input type="text" name="username"><br>';
} elseif ($mode === 'username') {

4
register.php
View File

@ -142,8 +142,8 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
'created' => time(),
'ip' => getIPLong(),
'flag' => $_POST['flag']
);
}
);
}
user_create_account($register_data, $config['mailserver']);
if (!$config['mailserver']['debug']) header('Location: register.php?success');

8
serverinfo.php
View File

@ -2,13 +2,13 @@
// Calculate integer values into days, hours, minutes, seconds
function toDuration($ms) {
$duration['day'] = $ms / (24 * 60 * 60 * 1000);
if (($duration['day'] - (int)$duration['day']) > 0)
if (($duration['day'] - (int)$duration['day']) > 0)
$duration['hour'] = ($duration['day'] - (int)$duration['day']) * 24;
if (isset($duration['hour'])) {
if (($duration['hour'] - (int)$duration['hour']) > 0)
if (($duration['hour'] - (int)$duration['hour']) > 0)
$duration['minute'] = ($duration['hour'] - (int)$duration['hour']) * 60;
if (isset($duration['minute'])) {
if (($duration['minute'] - (int)$duration['minute']) > 0)
if (($duration['minute'] - (int)$duration['minute']) > 0)
$duration['second'] = ($duration['minute'] - (int)$duration['minute']) * 60;
}
}
@ -392,4 +392,4 @@ $stages = false;
<?php else: ?>
<p>The server administrator has yet to import server information to this page.</p>
<?php endif;
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

2
settings.php
View File

@ -47,7 +47,7 @@ if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
if ($user_znote_data['active_email'] > 0) {
$update_znote_data['points'] = $user_znote_data['points'] - $config['mailserver']['verify_email_points'];
}
user_update_account($update_data);
user_update_znote_account($update_znote_data);
header('Location: settings.php?success');

22
shop.php
View File

@ -20,14 +20,14 @@ if ($loggedin === true) {
// Sanitizing post, setting default buy value
$buy = false;
$post = (int)$_POST['buy'];
foreach ($shop_list as $key => $value) {
if ($key === $post) {
$buy = $value;
}
}
if ($buy === false) die("Error: Shop offer ID mismatch.");
// Verify that user can afford this offer.
if ($player_points >= $buy['points']) {
$data = mysql_select_single("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$cid';");
@ -39,12 +39,12 @@ if ($loggedin === true) {
$expense_points = $buy['points'];
$new_points = $old_points - $expense_points;
$update_account = mysql_update("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$cid'");
$data = mysql_select_single("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$cid';");
$verify = $data['points'];
if ((int)$old_points == (int)$verify) die("2: Failed to equalize your points.". var_dump((int)$old_points, (int)$verify, $new_points, $expense_points));
// If this is an outfit offer, convert array into an integer.
// If this is an outfit offer, convert array into an integer.
if ($buy['type'] == 5) {
if (is_array($buy['itemid'])) {
if (COUNT($buy['itemid']) == 2) $buy['itemid'] = ($buy['itemid'][0] * 1000) + $buy['itemid'][1];
@ -70,10 +70,10 @@ if ($loggedin === true) {
mysql_insert("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('$cid', '". $buy['type'] ."', '". $buy['itemid'] ."', '". $buy['count'] ."', '$time')");
echo '<font color="green" size="4">Your order is ready to be delivered. Write this command in-game to get it: [!shop].<br>Make sure you are in depot and can carry it before executing the command!</font>';
}
// No matter which type, we will always log it.
mysql_insert("INSERT INTO `znote_shop_logs` (`account_id`, `player_id`, `type`, `itemid`, `count`, `points`, `time`) VALUES ('$cid', '0', '". $buy['type'] ."', '". $buy['itemid'] ."', '". $buy['count'] ."', '". $buy['points'] ."', '$time')");
} else echo '<font color="red" size="4">You need more points, this offer cost '.$buy['points'].' points.</font>';
//var_dump($buy);
//echo '<font color="red" size="4">'. $_POST['buy'] .'</font>';
@ -111,7 +111,7 @@ $category_outfits = array();
$category_mounts = array();
$category_misc = array();
foreach ($shop_list as $key => $offer) {
switch ($offer['type']) {
case 1:
$category_items[$key] = $offer;
@ -188,7 +188,7 @@ foreach ($shop_list as $key => $offer) {
});
}
}
// Mozilla, Opera, Webkit
// Mozilla, Opera, Webkit
if ( document.addEventListener ) {
document.addEventListener( "DOMContentLoaded", function(){
document.removeEventListener( "DOMContentLoaded", arguments.callee, false);
@ -277,7 +277,7 @@ foreach ($shop_list as $key => $offer) {
<td>Points:</td>
<?php if ($loggedin === true): ?><td>Action:</td><?php endif; ?>
</tr>
<?php foreach ($category_outfits as $key => $offers):
<?php foreach ($category_outfits as $key => $offers):
if (!is_array($offers['itemid'])) $offers['itemid'] = [$offers['itemid']];
if (COUNT($offers['itemid']) > 2): ?>
<tr class="special">
@ -384,7 +384,7 @@ foreach ($shop_list as $key => $offer) {
var r = confirm("Do you really want to purchase "+itemname+" for "+itemcost+" points?")
if(r == false){
e.preventDefault();
}
}
});
});
});

36
special/database2znoteaac.php
View File

@ -14,7 +14,7 @@ require '../engine/function/users.php';
$updated_char = 0;
// $updated_char += 1;
$updated_pass = 0;
// install functions
function fetch_all_accounts() {
$results = mysql_select_multi("SELECT `id` FROM `accounts`");
@ -24,17 +24,17 @@ require '../engine/function/users.php';
}
return (count($accounts) > 0) ? $accounts : false;
}
function user_count_znote_accounts() {
$data = mysql_select_single("SELECT COUNT(`account_id`) AS `count` from `znote_accounts`;");
return ($data !== false) ? $data['count'] : 0;
}
function user_character_is_compatible($pid) {
$data = mysql_select_single("SELECT COUNT(`player_id`) AS `count` from `znote_players` WHERE `player_id` = '$pid';");
return ($data !== false) ? $data['count'] : 0;
}
function fetch_znote_accounts() {
$results = mysql_select_multi("SELECT `account_id` FROM `znote_accounts`");
$accounts = array();
@ -44,7 +44,7 @@ require '../engine/function/users.php';
return (count($accounts) > 0) ? $accounts : false;
}
// end install functions
// count all accounts, znote accounts, find out which accounts needs to be converted.
$all_account = fetch_all_accounts();
$znote_account = fetch_znote_accounts();
@ -62,16 +62,16 @@ require '../engine/function/users.php';
}
}
// end ^
// Send count status
if (isset($all_account) && $all_account !== false) {
echo '<br>';
echo 'Total accounts detected: '. count($all_account) .'.';
if (isset($znote_account) && $znote_account !== false) {
echo '<br>';
echo 'Znote compatible accounts detected: '. count($znote_account) .'.';
if (isset($old_accounts)) {
echo '<br>';
echo 'Old accounts detected: '. count($old_accounts) .'.';
@ -87,7 +87,7 @@ require '../engine/function/users.php';
echo 'Total accounts detected: 0.';
}
// end count status
// validate accounts
if (isset($old_accounts) && $old_accounts !== false) {
$time = time();
@ -96,7 +96,7 @@ require '../engine/function/users.php';
// Make acc data compatible:
mysql_insert("INSERT INTO `znote_accounts` (`account_id`, `ip`, `created`, `flag`) VALUES ('$old', '0', '$time', '')");
$updated_acc += 1;
// Fetch unsalted password
if ($config['ServerEngine'] == 'TFS_03' && $config['salt'] === true) {
$password = user_data($old, 'password', 'salt');
@ -106,30 +106,30 @@ require '../engine/function/users.php';
$password = user_data($old, 'password');
$p_pass = $password['password'];
}
// Verify lenght of password is less than 28 characters (most likely a plain password)
if (strlen($p_pass) < 28 && $old > 1) {
// encrypt it with sha1
if ($config['ServerEngine'] == 'TFS_02' || $config['salt'] === false) $p_pass = sha1($p_pass);
if ($config['ServerEngine'] == 'TFS_03' && $config['salt'] === true) $p_pass = sha1($password['salt'].$p_pass);
// Update their password so they are sha1 encrypted
mysql_update("UPDATE `accounts` SET `password`='$p_pass' WHERE `id`='$old';");
$updated_pass += 1;
}
}
}
// validate players
if ($all_account !== false) {
$time = time();
foreach ($all_account as $all) {
$chars = user_character_list_player_id($all);
if ($chars !== false) {
// since char list is not false, we found a character list
// Lets loop through the character list
foreach ($chars as $c) {
// Is character not compatible yet?
@ -138,13 +138,13 @@ require '../engine/function/users.php';
$cid = $c['id'];
mysql_insert("INSERT INTO `znote_players` (`player_id`, `created`, `hide_char`, `comment`) VALUES ('$cid', '$time', '0', '')");
$updated_char += 1;
}
}
}
}
}
echo "<br><b><font color=\"green\">SUCCESS</font></b><br><br>";
echo 'Updated accounts: '. $updated_acc .'<br>';
echo 'Updated characters: : '. $updated_char .'<br>';

5
special/milestone.txt
View File

@ -1,6 +1,5 @@
Milestone - What I wish to add to Znote AAC in the future. (Znote AAC TODO/wish list).
- Character auction page for donation points.
- TFS 1.0 support.
- Semi-live communication with OT.
- Live ban, kick, broadcast message, open/close server and Custom commands.
- Sub-page system.
- Live ban, kick, broadcast message, open/close server and Custom commands.
- Sub-page system.

8
special/repairSkills.php
View File

@ -2,8 +2,8 @@
/* PLAYER SKILLS REPAIR SCRIPT IF YOU SOMEHOW DELETE PLAYER SKILLS
---------------------------------------------------------------
Place in root web directory, login to admin account,
and enter site.com/repairSkills.php (with big S).
Place in root web directory, login to admin account,
and enter site.com/repairSkills.php (with big S).
*/
protect_page();
@ -32,7 +32,7 @@ if ($players !== false) {
if ($i != 6) $query .= "('". $char['id'] ."', '$i', '10', '0'), ";
else $query .= "('". $char['id'] ."', '$i', '10', '0');";
}
mysql_insert($query);
} else $Salready++;
}
@ -50,4 +50,4 @@ if ($players !== false) {
}
?>
<h1>Script run completed.</h1>
<h1>Script run completed.</h1>

4
spells.php
View File

@ -43,7 +43,7 @@ if (user_logged_in() && is_admin($user_data)) {
if (!in_array($attributes['group'], $groups))
$groups[] = $attributes['group'];
}
// Get spell vocations
// Get spell vocations
$vocations = array();
foreach ($spell->vocation as $vocation) {
foreach ($vocation->attributes() as $attributeName => $attributeValue) {
@ -254,4 +254,4 @@ foreach ($spells as $type => $spells) {
// All spell attributes?
'group', 'words', 'lvl', 'maglv', 'charges', 'allowfaruse', 'blocktype', 'mana', 'soul', 'prem', 'aggressive', 'range', 'selftarget', 'needtarget', 'blockwalls', 'needweapon', 'exhaustion', 'groupcooldown', 'needlearn', 'casterTargetOrDirection', 'direction', 'params', 'playernameparam', 'conjureId', 'reagentId', 'conjureCount', 'vocations'
*/
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>

4
sub.php
View File

@ -1,4 +1,4 @@
<?php require_once 'engine/init.php'; require_once 'layout/overall/header.php';
<?php require_once 'engine/init.php'; require_once 'layout/overall/header.php';
if ($config['allowSubPages']) {
$page = (isset($_GET['page']) && !empty($_GET['page'])) ? getValue($_GET['page']) : '';
if (isset($subpages[$page]['file'])) require_once 'layout/sub/'.$subpages[$page]['file'];
@ -7,4 +7,4 @@ if ($config['allowSubPages']) {
}
}
else echo '<h2>System disabled.</h2><p>The sub page system is disabled.</p>';
require_once 'layout/overall/footer.php'; ?>
require_once 'layout/overall/footer.php'; ?>

6
toponline.php
View File

@ -1,6 +1,6 @@
<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
include 'layout/overall/header.php';
if (!$config['toponline']['enabled']) {
echo 'This page has been disabled at config.php.';
include 'layout/overall/footer.php';
@ -37,7 +37,7 @@ elseif($type == "sum")
$znotePlayers = mysql_select_multi('SELECT * FROM `znote_players` AS `z` JOIN `players` AS `p` WHERE `p`.`id`=`z`.`player_id` and `p`.`group_id` < 3 ORDER BY `z`.`onlinetimeall` DESC LIMIT '. $limit);
elseif($type >= 1 && $type <= 4)
$znotePlayers = mysql_select_multi('SELECT * FROM `znote_players` AS `z` JOIN `players` AS `p` WHERE `p`.`id`=`z`.`player_id` and `p`.`group_id` < 3 ORDER BY `onlinetime' . (int) $type . '` DESC LIMIT '.$limit);
echo '<CENTER><H2>Most online on' .$config['site_title'] . '</H2></CENTER>
<BR>
<table class="table table-striped">
@ -66,7 +66,7 @@ echo '</TR>';
$number_of_rows = 1;
if($znotePlayers)
foreach($znotePlayers as $player)
{
{
echo '<td><center>'. $number_of_rows . '.</center></td>';
echo '<td><a href="characterprofile.php?name=' .$player['name']. '">' .$player['name']. '</a>';
echo '<br> ' .$player['level']. ' '.htmlspecialchars(vocation_id_to_name($player['vocation'])).' ';

10
twofa.php
View File

@ -4,7 +4,7 @@ if ($config['ServerEngine'] !== 'TFS_10') {
?>
<h1>Server compatibility error</h1>
<p>Sorry, this server is not compatible with Two-Factor Authentication.<br>
TFS 1.2 or higher is required to run two-factor authentication, grab it
TFS 1.2 or higher is required to run two-factor authentication, grab it
<a href="https://github.com/otland/forgottenserver/releases" target="_BLANK">here</a>.</p>
<?php
} else {
@ -34,15 +34,15 @@ if ($config['ServerEngine'] !== 'TFS_10') {
?>
<h1>Two-Factor Authentication</h1>
<p>Account security with Two-factor Authentication: <b><?php echo ($status) ? 'Enabled' : 'Disabled'; ?></b>.</p>
<?php if ($status === false): ?>
<p><strong>Login with a token generated from this QR code to activate:</strong></p>
<?php else: ?>
<p>Click <a href="?disable">HERE</a> to disable Two-Factor Authentication and generate a new QR code.</p>
<?php endif; ?>
<img
src="<?php echo TokenAuth6238::getBarCodeUrl($user_data['name'], $_SERVER["HTTP_HOST"], $query['znote_secret'], preg_replace('/\s+/', '', $config['site_title'])); ?>"
src="<?php echo TokenAuth6238::getBarCodeUrl($user_data['name'], $_SERVER["HTTP_HOST"], $query['znote_secret'], preg_replace('/\s+/', '', $config['site_title'])); ?>"
alt="Two-Factor Authentication QR code image for this account."
/>
@ -54,4 +54,4 @@ if ($config['ServerEngine'] !== 'TFS_10') {
</ol>
<?php
}
include 'layout/overall/footer.php'; ?>
include 'layout/overall/footer.php'; ?>