From ba072840442bde1c0d3400357d13dc345e29882d Mon Sep 17 00:00:00 2001 From: Stefan Brannfjell Date: Wed, 28 Aug 2013 23:44:46 +0200 Subject: [PATCH] Importing Znote AAC 1.5_SVN rev 168 to github. --- .htaccess | 5 + Znote AAC license.txt | 4 + admin.php | 260 ++++++++++ admin_gallery.php | 122 +++++ admin_news.php | 157 +++++++ admin_skills.php | 143 ++++++ adminempty.php | 9 + auctionChar.php | 45 ++ blank.php | 6 + buypoints.php | 78 +++ changepassword.php | 93 ++++ characterprofile.php | 207 ++++++++ config.php | 461 ++++++++++++++++++ contact.php | 6 + createcharacter.php | 151 ++++++ credits.php | 18 + deaths.php | 39 ++ downloads.php | 30 ++ failed.php | 4 + forum.php | 1046 +++++++++++++++++++++++++++++++++++++++++ gallery.php | 105 +++++ guilds.php | 664 ++++++++++++++++++++++++++ guildwar.php | 185 ++++++++ highscores.php | 110 +++++ houses.php | 145 ++++++ index.php | 51 ++ ipn.php | 87 ++++ killers.php | 118 +++++ login.php | 60 +++ logout.php | 8 + mailtest.php | 3 + myaccount.php | 258 ++++++++++ onlinelist.php | 31 ++ paygol_ipn.php | 85 ++++ protected.php | 20 + queststatus.php | 54 +++ recovery.php | 92 ++++ register.php | 171 +++++++ serverinfo.php | 6 + settings.php | 69 +++ shop.php | 129 +++++ sub.php | 6 + success.php | 3 + support.php | 52 ++ twtrNews.php | 10 + 45 files changed, 5406 insertions(+) create mode 100644 .htaccess create mode 100644 Znote AAC license.txt create mode 100644 admin.php create mode 100644 admin_gallery.php create mode 100644 admin_news.php create mode 100644 admin_skills.php create mode 100644 adminempty.php create mode 100644 auctionChar.php create mode 100644 blank.php create mode 100644 buypoints.php create mode 100644 changepassword.php create mode 100644 characterprofile.php create mode 100644 config.php create mode 100644 contact.php create mode 100644 createcharacter.php create mode 100644 credits.php create mode 100644 deaths.php create mode 100644 downloads.php create mode 100644 failed.php create mode 100644 forum.php create mode 100644 gallery.php create mode 100644 guilds.php create mode 100644 guildwar.php create mode 100644 highscores.php create mode 100644 houses.php create mode 100644 index.php create mode 100644 ipn.php create mode 100644 killers.php create mode 100644 login.php create mode 100644 logout.php create mode 100644 mailtest.php create mode 100644 myaccount.php create mode 100644 onlinelist.php create mode 100644 paygol_ipn.php create mode 100644 protected.php create mode 100644 queststatus.php create mode 100644 recovery.php create mode 100644 register.php create mode 100644 serverinfo.php create mode 100644 settings.php create mode 100644 shop.php create mode 100644 sub.php create mode 100644 success.php create mode 100644 support.php create mode 100644 twtrNews.php diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..5127602 --- /dev/null +++ b/.htaccess @@ -0,0 +1,5 @@ +Options +FollowSymLinks +RewriteEngine On +RewriteCond %{REQUEST_FILENAME} !-f +RewriteCond %{REQUEST_FILENAME} !-d +RewriteRule ^(.*)$ /characterprofile.php?name=$1 \ No newline at end of file diff --git a/Znote AAC license.txt b/Znote AAC license.txt new file mode 100644 index 0000000..d9c878e --- /dev/null +++ b/Znote AAC license.txt @@ -0,0 +1,4 @@ +Meeh... I don't bother this. Its practically yours, do whatever you fucking want with it. +I am Znote from otland.net, I created this acc. Please love me :D + +Enjoy! \ No newline at end of file diff --git a/admin.php b/admin.php new file mode 100644 index 0000000..e464e9a --- /dev/null +++ b/admin.php @@ -0,0 +1,260 @@ + 0) { + if ($accid > 0) { + $new_points = $points; + $old_points = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$accid';"), 0, 'points'); + $new_points += $old_points; + $update_account = mysql_query("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$accid'"); + $errors[] = 'Success! Character '. $char .' has recieved '. $points .' premium points.'; + } else $errors[] = 'Account id is invalid. (Did you write correct character name?)'. $accid; + } else $errors[] = 'Why the heck give a character 0 points?!'; + }*/ + + // Give points to character + if (empty($_POST['points_char']) === false && empty($_POST['points_value']) === false) { + $char = sanitize($_POST['points_char']); + $points = (int)$_POST['points_value']; + data_dump($_POST, false, "post data"); + $account = mysql_select_single("SELECT `account_id` FROM `players` WHERE `name`='$char' LIMIT 1;"); + data_dump($account, false, "fetching account id from players table"); + $znote_account = mysql_select_single("SELECT `id`, `points` FROM `znote_accounts` WHERE `account_id`='". $account['account_id'] ."';"); + data_dump($znote_account, false, "Fetching existing points from znote_accounts"); + + data_dump( + array( + 'Old:' => $znote_account['points'], + 'New:' => $points, + 'Total:' => ($znote_account['points'] + $points) + ), + false, + "Points calculation:"); + $points += $znote_account['points']; + mysql_update("UPDATE `znote_accounts` SET `points`='$points' WHERE `account_id`='". $account['account_id'] ."';"); + } + + // Set character position + if (empty($_POST['position_name']) === false && empty($_POST['position_type']) === false) { + if (user_character_exist($_POST['position_name'])) { + if (array_key_exists($_POST['position_type'], $config['ingame_positions'])) { + if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') { + set_ingame_position($_POST['position_name'], $_POST['position_type']); + } else if ($config['TFSVersion'] == 'TFS_03') { + set_ingame_position03($_POST['position_name'], $_POST['position_type']); + } + $pos = 'Undefined'; + foreach ($config['ingame_positions'] as $key=>$value) { + if ($key == $_POST['position_type']) { + $pos = $value; + } + } + $errors[] = 'Character '. $_POST['position_name'] .' recieved the ingame position: '. $pos .'.'; + } + } else { + $errors[] = 'Character '. $_POST['position_name'] .' does not exist.'; + } + } + +// If empty post +} + +// Display whatever output we figure out to add +if (empty($errors) === false){ + echo ''; + echo output_errors($errors); + echo ''; +} +// end +?> +

Admin Page.

+

+"; +echo "Last cached on: ". getClock($basic['cached'], true) .".
"; +?> +

+ +
+ + \ No newline at end of file diff --git a/admin_gallery.php b/admin_gallery.php new file mode 100644 index 0000000..447d1f1 --- /dev/null +++ b/admin_gallery.php @@ -0,0 +1,122 @@ +setContent($data); + $cache->save(); +} + +?>

Images in need of moderation:

+ + + + + + + + + + +

+ +
+ ", $descr); + ?> +

+
+ All good, no new images to moderate.'; + +?>

Public Images:

+ + + + + + + + + + +

+ +
+ ", $descr); + ?> +

+
+ There are currently no public images.'; + +?>

Deleted Images:

+ + + + + + + + + + +

+ +
+ ", $descr); + ?> +

+
+ There are currently no deleted images.'; +// end + include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/admin_news.php b/admin_news.php new file mode 100644 index 0000000..e10d7ef --- /dev/null +++ b/admin_news.php @@ -0,0 +1,157 @@ +News deleted!'; + mysql_query("DELETE FROM `znote_news` WHERE `id`='$id';"); + $cache = new Cache('engine/cache/news'); + $news = fetchAllNews(); + $cache->setContent($news); + $cache->save(); + } + // Add news + if ($action === 'a') { + // fetch data + $char_array = user_character_list($user_data['id']); + ?> + +
+ + Select character: +
+
+ +
+
+

+ [b]Bold Text[/b]
+ [size=5]Size 5 text[/size]
+ [img]Direct Image Link[/img]
+ [center]Cented Text[/center]
+ [link]http://youtube.com/[/link]
+ [link=http://youtube.com/]Click to View youtube[/link]
+ [color=GREEN]Green Text![/color]
+ [*]* Noted text [/*] +

+ + ERROR: NO GMs or Tutors on this account!"; + } + // Insert news + if ($action === 'i') { + echo 'News created successfully!'; + list($charid, $title, $text) = array((int)$_POST['selected_char'], mysql_real_escape_string($_POST['title']), mysql_real_escape_string($_POST['text'])); + $date = time(); + mysql_query("INSERT INTO `znote_news` (`title`, `text`, `date`, `pid`) VALUES ('$title', '$text', '$date', '$charid');"); + // Reload the cache. + $cache = new Cache('engine/cache/news'); + $news = fetchAllNews(); + $cache->setContent($news); + $cache->save(); + } + // Save + if ($action === 's') { + echo 'News successfully updated!'; + list($title, $text) = array(mysql_real_escape_string($_POST['title']), mysql_real_escape_string($_POST['text'])); + mysql_query("UPDATE `znote_news` SET `title`='$title',`text`='$text' WHERE `id`='$id';") or die("FUCK!"); + $cache = new Cache('engine/cache/news'); + $news = fetchAllNews(); + $cache->setContent($news); + $cache->save(); + } + // Edit + if ($action === 'e') { + $news = fetchAllNews(); + $edit = array(); + foreach ($news as $n) if ($n['id'] == $id) $edit = $n; + ?> +
+ +
+
+ +
+
+

+ [b]Bold Text[/b]
+ [size=5]Size 5 text[/size]
+ [img]Direct Image Link[/img]
+ [center]Cented Text[/center]
+ [link]http://youtube.com/[/link]
+ [link=http://youtube.com/]Click to View youtube[/link]
+ [color=GREEN]Green Text![/color]
+ [*]* Noted text [/*] +

+ +

News admin panel

+
+ + +
+ + + + + + + + + + '; + echo ''; + echo ''; + echo ''; + echo ''; + } + ?> +
DateByTitleEditDelete
'. getClock($n['date'], true) .''. $n['name'] .''. $n['title'] .''; + // edit + ?> +
+ + +
+ '; + echo '		'; + // delete + ?> +
+ + +
+ '; + echo '
+ \ No newline at end of file diff --git a/admin_skills.php b/admin_skills.php new file mode 100644 index 0000000..9e16974 --- /dev/null +++ b/admin_skills.php @@ -0,0 +1,143 @@ + 0) { + $pid = (int)$_POST['pid']; + if ($config['TFSVersion'] != 'TFS_10') $status = user_is_online($pid); + else $status = user_is_online_10($pid); + if (!$status) { + if ($config['TFSVersion'] != 'TFS_10') { +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['fist'] ."' WHERE `player_id`='$pid' AND `skillid`='0' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['club'] ."' WHERE `player_id`='$pid' AND `skillid`='1' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['sword'] ."' WHERE `player_id`='$pid' AND `skillid`='2' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['axe'] ."' WHERE `player_id`='$pid' AND `skillid`='3' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['dist'] ."' WHERE `player_id`='$pid' AND `skillid`='4' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['shield'] ."' WHERE `player_id`='$pid' AND `skillid`='5' LIMIT 1;"); +mysql_update("UPDATE `player_skills` SET `value`='". (int)$_POST['fish'] ."' WHERE `player_id`='$pid' AND `skillid`='6' LIMIT 1;"); +mysql_update("UPDATE `players` SET `maglevel`='". (int)$_POST['magic'] ."' WHERE `id`='$pid' LIMIT 1;"); +mysql_update("UPDATE `players` SET `level`='". (int)$_POST['level'] ."' WHERE `id`='$pid' LIMIT 1;"); +mysql_update("UPDATE `players` SET `experience`='". level_to_experience((int)$_POST['level']) ."' WHERE `id`='$pid' LIMIT 1;"); + } else { + mysql_update("UPDATE `players` SET `skill_fist`='". (int)$_POST['fist'] ."', `skill_club`='". (int)$_POST['club'] ."', `skill_sword`='". (int)$_POST['sword'] ."', `skill_axe`='". (int)$_POST['axe'] ."', `skill_dist`='". (int)$_POST['dist'] ."', `skill_shielding`='". (int)$_POST['shield'] ."', `skill_fishing`='". (int)$_POST['fish'] ."', `maglevel`='". (int)$_POST['magic'] ."', `level`='". (int)$_POST['level'] ."', `experience`='". level_to_experience((int)$_POST['level']) ."' WHERE `id`='$pid' LIMIT 1;"); + } +?> +

Player skills updated!

+ + Player must be offline! + $player['maglevel']); + $skills[] = array('value' => $player['level']); + } else { + $player = mysql_select_single("SELECT `skill_fist`, `skill_club`, `skill_sword`, `skill_axe`, `skill_dist`, `skill_shielding`, `skill_fishing`, `maglevel`, `level` FROM `players` WHERE `id`='$pid' LIMIT 1;"); + $skills = array( + 0 => array('value' => $player['skill_fist']), + 1 => array('value' => $player['skill_club']), + 2 => array('value' => $player['skill_sword']), + 3 => array('value' => $player['skill_axe']), + 4 => array('value' => $player['skill_dist']), + 5 => array('value' => $player['skill_shielding']), + 6 => array('value' => $player['skill_fishing']), + 7 => array('value' => $player['maglevel']), + 8 => array('value' => $player['level']), + ); + } + + //data_dump($skills, false, "Player skills"); + } else $name = false; +} + +?> +
"> + + + + + + + + + + + + +
Player skills administration
+ > +

+ Fist fighting:
+ value=""> +

+ Club fighting:
+ value=""> +

+ Sword fighting:
+ value=""> +

+ Axe fighting:
+ value=""> +

+ 		+ Dist fighting:
+ value=""> +

+ Shield fighting:
+ value=""> +

+ Fish fighting:
+ value=""> +

+ Level:
+ value=""> +

+ Magic level:
+ value=""> +

+
+ + + + + +
+ Reset fields / search new character +
+ \ No newline at end of file diff --git a/adminempty.php b/adminempty.php new file mode 100644 index 0000000..21abd99 --- /dev/null +++ b/adminempty.php @@ -0,0 +1,9 @@ + \ No newline at end of file diff --git a/auctionChar.php b/auctionChar.php new file mode 100644 index 0000000..79725f1 --- /dev/null +++ b/auctionChar.php @@ -0,0 +1,45 @@ + +

Character auctioning

+ + + + + + + + + + + + + + + +
NameLevelVocationImagePrice/Buy
Tester105SorcererVIEW
+ + Character shop auctioning system is disabled.

"; + +include 'layout/overall/footer.php'; ?> + diff --git a/blank.php b/blank.php new file mode 100644 index 0000000..5ef6229 --- /dev/null +++ b/blank.php @@ -0,0 +1,6 @@ + + +

Blank

+

This is a blank sample page.

+ + \ No newline at end of file diff --git a/buypoints.php b/buypoints.php new file mode 100644 index 0000000..d3ec272 --- /dev/null +++ b/buypoints.php @@ -0,0 +1,78 @@ + + +

Buy Points

+

Buy points using Paypal:

+ + + + + + + + + + $points) { + echo ''; + echo ''; + echo ''; + if ($paypal['showBonus']) echo ''; + ?> + + '; + } + ?> +
Price:Points:Bonus:Action:
'. $price .'('. $paypal['currency'] .')'. $points .''. calculate_discount(($paypal['points_per_currency'] * $price), $points) .' bonus +
+ + + + + + + + + + + + + + + + +
+
+ + + + +

Buy points using Paygol:

+ +

+
+ + + + + + + + + +
+Buy Points system disabled.

Sorry, this functionality is disabled.

'; +include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/changepassword.php b/changepassword.php new file mode 100644 index 0000000..1d2639b --- /dev/null +++ b/changepassword.php @@ -0,0 +1,93 @@ +$value) { + if (empty($value) && in_array($key, $required_fields) === true) { + $errors[] = 'You need to fill in all fields.'; + break 1; + } + } + + $pass_data = user_data($session_user_id, 'password'); + //$pass_data['password']; + // $_POST[''] + + // .3 compatibility + if ($config['TFSVersion'] == 'TFS_03' && $config['salt'] === true) { + $salt = user_data($session_user_id, 'salt'); + } + if (sha1($_POST['current_password']) === $pass_data['password'] || $config['TFSVersion'] == 'TFS_03' && $config['salt'] === true && sha1($salt['salt'].$_POST['current_password']) === $pass_data['password']) { + if (trim($_POST['new_password']) !== trim($_POST['new_password_again'])) { + $errors[] = 'Your new passwords do not match.'; + } else if (strlen($_POST['new_password']) < 6) { + $errors[] = 'Your new passwords must be at least 6 characters.'; + } else if (strlen($_POST['new_password']) > 32) { + $errors[] = 'Your new passwords must be less than 33 characters.'; + } + } else { + $errors[] = 'Your current password is incorrect.'; + } + + print_r($errors); +} + +include 'layout/overall/header.php'; ?> + +

Change Password:

+ +You will need to login again with the new password.'; + session_destroy(); + header("refresh:2;url=index.php"); + exit(); +} else { + if (empty($_POST) === false && empty($errors) === true) { + //Posted the form without errors + if ($config['TFSVersion'] == 'TFS_02') { + user_change_password($session_user_id, $_POST['new_password']); + } else if ($config['TFSVersion'] == 'TFS_03') { + user_change_password03($session_user_id, $_POST['new_password']); + } + header('Location: changepassword.php?success'); + } else if (empty($errors) === false){ + echo ''; + echo output_errors($errors); + echo ''; + } + ?> + +
+ +
+ \ No newline at end of file diff --git a/characterprofile.php b/characterprofile.php new file mode 100644 index 0000000..73e7bb3 --- /dev/null +++ b/characterprofile.php @@ -0,0 +1,207 @@ + 0) { + $guild_exist = true; + $guild = get_player_guild_data($user_id); + $guild_name = get_guild_name($guild['guild_id']); + } + ?> + + + +

Profile:

+ + + + \ No newline at end of file diff --git a/config.php b/config.php new file mode 100644 index 0000000..4365a86 --- /dev/null +++ b/config.php @@ -0,0 +1,461 @@ + 'No vocation', + 1 => 'Sorcerer', + 2 => 'Druid', + 3 => 'Paladin', + 4 => 'Knight', + 5 => 'Master Sorcerer', + 6 => 'Elder Druid', + 7 => 'Royal Paladin', + 8 => 'Elite Knight', + ); + + // Town ids and names: (In RME map editor, open map, click CTRL + T to view towns, their names and their IDs. + // townID => 'townName' etc: ['3'=>'Thais'] + $config['towns'] = array( + 0 => 'Town 0', + 1 => 'Town 1', + 2 => 'Town 2', + 3 => 'Town 3', + 4 => 'Town 4', + 5 => 'Town 5', + 6 => 'Town 6', + 7 => 'Town 7', + 8 => 'Town 8', + 9 => 'Town 9', + ); + + // Leave on black square in map and player should get teleported to their selected town. + // If chars get buggy set this position to a beginner location to force players there. + $config['default_pos'] = array( + 'x' => 5, + 'y' => 5, + 'z' => 2, + ); + + $config['war_status'] = array( + 0 => 'Pending..', + 1 => 'Accepted', + 2 => 'Rejected', + 3 => 'Cancelled', + 4 => '???', + 5 => 'Ended', + ); + + /* -- SUB PAGES -- + Some custom layouts/templates have custom pages, they can use + this sub page functionality for that. + */ + $config['allowSubPages'] = true; + + // ---------------- \\ + // Create Character \\ + // ---------------- \\ + + // Max characters on each account: + $config['max_characters'] = 7; + + // Available character vocation users can create. + $config['available_vocations'] = array(1, 2, 3, 4); + + // Available towns (specify town ids, etc: (0, 1, 2); to display 3 town options (town id 0, 1 and 2). + $config['available_towns'] = array(1); + + $config['level'] = 8; + $config['health'] = 185; + $config['mana'] = 35; + $config['cap'] = 435; + $config['soul'] = 0; + + $config['maleOutfitId'] = 128; + $config['femaleOutfitId'] = 138; + + // No vocation info (if user select vocation id 0, we force thees configurations on him + $config['nvlevel'] = 1; + $config['nvHealth'] = 150; + $config['nvMana'] = 0; + $config['nvCap'] = 400; + $config['nvSoul'] = 0; + + $config['nvForceTown'] = 0; // Force a town to no vocation even though he selected something else? 0 = no, 1 = yes. + $config['nvTown'] = 0; // Town id to force no vocations to get to, if nvForceTown is 1. + + // Minimum allowed character name letters. Etc 4 letters: "Kåre". + $config['minL'] = 4; + // Maximum allowed character name letters. Etc 20 letters: "Bobkåreolesofiesberg" + $config['maxL'] = 20; + + // Maximum allowed character name words. Etc 2 words = "Bob Kåre", 3 words: "Bob Arne Kåre" as max char name words. + $config['maxW'] = 2; + + // -------------- \\ + // WEBSITE STUFF \\ + // -------------- \\ + + // ONLY FOR TFS 0.2 (TFS 0.3/4 users don't need to care about this, as its fully loaded from db) + $config['house'] = array( + 'house_file' => 'C:\test\Mystic Spirit_0.2.5\data\world\forgotten-house.xml', + 'price_sqm' => '50', // price per house sqm + ); + + $config['status'] = array( + 'status_check' => false, //enable or disable status checker + 'status_ip' => '127.0.0.1', + 'status_port' => "7171", + ); + + $config['validate_IP'] = true; // Only allow legal IP addresses to register and create character. + $config['salt'] = false; // Some noob 0.3.6 servers don't support salt. + + // Restricted names + $config['invalidNameTags'] = array("god", "gm", "cm", "gamemaster", "hoster", "admin", "admim", "adm", "owner", "staff"); + + // Level requirement to create guild? (Just set it to 1 to allow all levels). + $config['create_guild_level'] = 8; + + // Change Gender can be purchased in shop, or perhaps you want to allow everyone to change gender for free? + $config['free_sex_change'] = false; + + // Do you need to have premium account to create a guild? + $config['guild_require_premium'] = false; + + $config['guildwar_enabled'] = true; + + // Use htaccess rewrite? (basically this makes website.com/username work instead of website.com/characterprofile.php?name=username + // Linux users needs to enable mod_rewrite php extention to make it work properly, so set it to false if your lost and using Linux. + $config['htwrite'] = true; + + // What client version and server port are you using on this OT? + // Used for the Downloads page. + $config['client'] = 960; // 954 = tibia 9.54 + + // Download link to client. Recommended: + // Select download link from remere map editor website! + // See list of clients: http://remeresmapeditor.com/marklar.php?clients + $config['client_download'] = 'http://remeresmapeditor.com/rmedl.php?file=tibia'. $config['client'] .'.exe'; + + $config['port'] = 7171; // Port number to connect to your OT. + + // How often do you want highscores to update? + $config['cache_lifespan'] = 60 * 15; // 15 minutes. + + // WARNING! Account names written here will have admin access to web page! + $config['page_admin_access'] = array( + 'otland0', + 'otland1', + 'znote' + ); + + // Built-in FORUM + // Enable forum, enable guildboards, level to create threads/post in them + // How long do they have to wait to create thread or post? + // How to design/display hidden/closed/sticky threads. + $config['forum'] = array( + 'enabled' => true, + 'guildboard' => true, + 'level' => 5, + 'cooldownPost' => 60, + 'cooldownCreate' => 180, + 'hidden' => '[H]', + 'closed' => '[C]', + 'sticky' => '[S]', + ); + + // Guilds and guild war pages will do lots of queries on bigger databases. + // So its recommended to require login to view them, but you can disable this + // If you don't have any problems with load. + $config['require_login'] = array( + 'guilds' => false, + 'guildwars' => false, + ); + + // IMPORTANT! Write a character name(that exist) that will represent website bans! + // Or remember to create character "God Website" character exist. + // If you don't do this, bann from admin panel won't work properly. + $config['website_char'] = 'God Website'; + + //----------------\\ + // ADVANCED STUFF \\ + //----------------\\ + + // Don't touch this unless you know what you are doing. (modifying this(key value) also requires modifications in OT files /XML/commands.xml). + $config['ingame_positions'] = array( + 1 => 'Player', + 2 => 'Tutor', + 3 => 'Senior Tutor', + 4 => 'Gamemaster', + 5 => 'Community Manager', + 6 => 'God', + ); + + // Enable OS advanced feautures? false = no, true = yes + $config['os_enabled'] = false; + + // What kind of computer are you hosting this website on? + // Available options: LINUX or WINDOWS + $config['os'] = 'WINDOWS'; + + // Measure how much players are lagging in-game. (Not completed). + $config['ping'] = false; + + // BAN STUFF - Don't touch this unless you know what you are doing. + // You can order the lines the way you want, from top to bot, in which order you + // wish for them to be displayed in admin panel. Just make sure key[#] represent your describtion. + $config['ban_type'] = array( + 4 => 'NOTATION_ACCOUNT', + 2 => 'NAMELOCK_PLAYER', + 3 => 'BAN_ACCOUNT', + 5 => 'DELETE_ACCOUNT', + 1 => 'BAN_IPADDRESS', + ); + + // BAN STUFF - Don't touch this unless you know what you are doing. + // You can order the lines the way you want, from top to bot, in which order you + // wish for them to be displayed in admin panel. Just make sure key[#] represent your describtion. + $config['ban_action'] = array( + 0 => 'Notation', + 1 => 'Name Report', + 2 => 'Banishment', + 3 => 'Name Report + Banishment', + 4 => 'Banishment + Final Warning', + 5 => 'NR + Ban + FW', + 6 => 'Statement Report', + ); + + // Ban reasons, for changes beside default values to work with client, + // you also need to edit sources (tools.cpp line 1096) + $config['ban_reason'] = array( + 0 => 'Offensive Name', + 1 => 'Invalid Name Format', + 2 => 'Unsuitable Name', + 3 => 'Name Inciting Rule Violation', + 4 => 'Offensive Statement', + 5 => 'Spamming', + 6 => 'Illegal Advertising', + 7 => 'Off-Topic Public Statement', + 8 => 'Non-English Public Statement', + 9 => 'Inciting Rule Violation', + 10 => 'Bug Abuse', + 11 => 'Game Weakness Abuse', + 12 => 'Using Unofficial Software to Play', + 13 => 'Hacking', + 14 => 'Multi-Clienting', + 15 => 'Account Trading or Sharing', + 16 => 'Threatening Gamemaster', + 17 => 'Pretending to Have Influence on Rule Enforcement', + 18 => 'False Report to Gamemaster', + 19 => 'Destructive Behaviour', + 20 => 'Excessive Unjustified Player Killing', + 21 => 'Spoiling Auction', + ); + + // BAN STUFF + // Ban time duration selection in admin panel + // seconds => describtion + $config['ban_time'] = array( + 3600 => '1 hour', + 21600 => '6 hours', + 43200 => '12 hours', + 86400 => '1 day', + 259200 => '3 days', + 604800 => '1 week', + 1209600 => '2 weeks', + 2592000 => '1 month', + ); + + + // --------------- \\ + // SECURITY STUFF \\ + // --------------- \\ + $config['use_token'] = false; + $config['use_captcha'] = false; + + /* Store visitor data + Store visitor data in the database, logging every IP visitng site, + and how many times they have visited the site. And sometimes what + they do on the site. + + This helps to prevent POST SPAM (like register 1000 accounts in a few seconds) + and other things which can stress and slow down the server. + + The only downside is that database can get pretty fed up with much IP data + if table never gets flushed once in a while. So I highly recommend you + to configure flush_ip_logs if IPs are logged. + */ + + $config['log_ip'] = true; + + // Flush IP logs each configured seconds, 60 * 15 = 15 minutes. + // Set to false to entirely disable ip log flush. + // It is important to flush for optimal performance. + $config['flush_ip_logs'] = 59 * 27; + + /* IP SECURTY REQUIRE: $config['log_ip'] = true; + Configure how tight this security shall be. + Etc: You can max click on anything/refresh page + [max activity] 15 times, within time period 10 + seconds. During time_period, you can also only + register 1 account and 1 character. + */ + $config['ip_security'] = array( + 'time_period' => 10, // In seconds + 'max_activity' => 10, // page clicks/visits + 'max_post' => 6, // register, create, highscore, character search such actions + 'max_account' => 1, // register + 'max_character' => 1, // create char + 'max_forum_post' => 1, // Create threads and post in forum + ); + + ////////////// + /// PAYPAL /// + ////////////// + + // Write your paypal address here, and what currency you want to recieve money in. + $config['paypal'] = array( + 'enabled' => true, + 'email' => 'Change_Paypal_mail_in_config.php', // Example: paypal@mail.com + 'currency' => 'EUR', + 'points_per_currency' => 10, // 1 currency = ? points? [ONLY used to calculate bonuses] + 'success' => "http://".$_SERVER['HTTP_HOST']."/success.php", + 'failed' => "http://".$_SERVER['HTTP_HOST']."/failed.php", + 'ipn' => "http://".$_SERVER['HTTP_HOST']."/ipn.php", + 'showBonus' => true, + ); + + // Configure the "buy now" buttons prices, first write price, then how many points you get. + // Giving some bonus points for higher donations will tempt users to donate more. + $config['paypal_prices'] = array( + // price => points, + 5 => 45, // -10% bonus + 10 => 100, // 0% bonus + 15 => 165, // +10% bonus + 20 => 240, // +20% bonus + 25 => 325, // +30% bonus + 30 => 420, // +40% bonus + ); + + ////////////////// + /// PAYGOL SMS /// + ////////////////// + // !!! Paygol takes 60%~ of the money, and send aprox 40% to your paypal. + // You can configure paygol to send each month, then they will send money to you 1 month after recieving 50+ eur. + $config['paygol'] = array( + 'enabled' => true, + 'serviceID' => 40339,// Service ID from paygol.com + 'currency' => 'EUR', + 'price' => 5, + 'points' => 25, // Remember to write same details in paygol.com! + 'name' => '25 points', + 'returnURL' => "http://".$_SERVER['HTTP_HOST']."/success.php", + 'cancelURL' => "http://".$_SERVER['HTTP_HOST']."/failed.php", + 'ipnURL' => "http://".$_SERVER['HTTP_HOST']."/paygol_ipn.php", + ); + + //////////// + /// SHOP /// + //////////// + // If useDB is set to true, player can shop in-game as well using Znote LUA shop system plugin. + $config['shop'] = array( + 'enabled' => true, + 'enableShopConfirmation' => true, // Verify that user wants to buy with popup + 'useDB' => false, // Fetch offers from database, or the below config array + 'showImage' => true, + 'imageServer' => 'items.znote.eu', + 'imageType' => 'gif', + ); + + // If useDB is false, this array list will be used for shop offers. + $config['shop_offers'] = array( + // offer 1 + 1 => array( + 'type' => 1, // 1 = item id offers, 2 = premium days [itemid ignored], 3 = sex change[itemid & count ignored], 4+ = custom. + 'itemid' => 2160, // item to get in-game + 'count' => 5, //if type is 2, this represents premium days + 'describtion' => "Crystal coin.", // Describtion shown on website + 'points' => 100, // How many points this offer costs + ), + + // offer 2 + 2 => array( + 'type' => 1, + 'itemid' => 2392, + 'count' => 1, + 'describtion' => "Fire sword.", + 'points' => 10, + ), + + // offer 3 + 3 => array( + 'type' => 2, + 'itemid' => 12466, // Item to display on page + 'count' => 7, + 'describtion' => "Premium membership.", + 'points' => 25, + ), + + // offer 4 + 4 => array( + 'type' => 3, + 'itemid' => 12666, + 'count' => 3, + 'describtion' => "Change character gender.", + 'points' => 10, + ), + 5 => array( + 'type' => 3, + 'itemid' => 12666, + 'count' => 0, + 'describtion' => "Change character gender.", + 'points' => 20, + ), + ); +?> \ No newline at end of file diff --git a/contact.php b/contact.php new file mode 100644 index 0000000..b6a5bb8 --- /dev/null +++ b/contact.php @@ -0,0 +1,6 @@ + + +

Contact

+

TODO: Edit the contact details here.

+ + \ No newline at end of file diff --git a/createcharacter.php b/createcharacter.php new file mode 100644 index 0000000..98924da --- /dev/null +++ b/createcharacter.php @@ -0,0 +1,151 @@ +$value) { + if (empty($value) && in_array($key, $required_fields) === true) { + $errors[] = 'You need to fill in all fields.'; + break 1; + } + } + + // check errors (= user exist, pass long enough + if (empty($errors) === true) { + if (!Token::isValid($_POST['token'])) { + $errors[] = 'Token is invalid.'; + } + $_POST['name'] = validate_name($_POST['name']); + if ($_POST['name'] === false) { + $errors[] = 'Your name can not contain more than 2 words.'; + } else { + if (user_character_exist($_POST['name']) === true) { + $errors[] = 'Sorry, that character name already exist.'; + } + if (!preg_match("/^[a-zA-Z_ ]+$/", $_POST['name'])) { + $errors[] = 'Your name may only contain a-z, A-Z and spaces.'; + } + if (strlen($_POST['name']) < $config['minL'] || strlen($_POST['name']) > $config['maxL']) { + $errors[] = 'Your character name must be between 4 - 20 characters long.'; + } + // name restriction + $resname = explode(" ", $_POST['name']); + foreach($resname as $res) { + if(in_array(strtolower($res), $config['invalidNameTags'])) { + $errors[] = 'Your username contains a restricted word.'; + } + else if(strlen($res) == 1) { + $errors[] = 'Too short words in your name.'; + } + } + // Validate vocation id + if (!in_array((int)$_POST['selected_vocation'], $config['available_vocations'])) { + $errors[] = 'Permission Denied. Wrong vocation.'; + } + // Validate town id + if (!in_array((int)$_POST['selected_town'], $config['available_towns'])) { + $errors[] = 'Permission Denied. Wrong town.'; + } + // Validate gender id + if (!in_array((int)$_POST['selected_gender'], array(0, 1))) { + $errors[] = 'Permission Denied. Wrong gender.'; + } + if (vocation_id_to_name($_POST['selected_vocation']) === false) { + $errors[] = 'Failed to recognize that vocation, does it exist?'; + } + if (town_id_to_name($_POST['selected_town']) === false) { + $errors[] = 'Failed to recognize that town, does it exist?'; + } + if (gender_exist($_POST['selected_gender']) === false) { + $errors[] = 'Failed to recognize that gender, does it exist?'; + } + // Char count + $char_count = user_character_list_count($session_user_id); + if ($char_count >= $config['max_characters']) { + $errors[] = 'Your account is not allowed to have more than '. $config['max_characters'] .' characters.'; + } + if (validate_ip(getIP()) === false && $config['validate_IP'] === true) { + $errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).'; + } + } + } +} +?> + +

Create Character

+ format_character_name($_POST['name']), + 'account_id'=> $session_user_id, + 'vocation' => $_POST['selected_vocation'], + 'town_id' => $_POST['selected_town'], + 'sex' => $_POST['selected_gender'], + 'lastip' => ip2long(getIP()), + 'created' => time() + ); + + user_create_character($character_data); + header('Location: createcharacter.php?success'); + exit(); + //End register + + } else if (empty($errors) === false){ + echo ''; + echo output_errors($errors); + echo ''; + } + ?> +
+ +
+ \ No newline at end of file diff --git a/credits.php b/credits.php new file mode 100644 index 0000000..c81f334 --- /dev/null +++ b/credits.php @@ -0,0 +1,18 @@ + + +

Znote AAC

+

This website is powered by the Znote AAC engine.

+ +

Developers:

+

Main developer: Znote.

+ +

Thanks to: (in no particular order)

+

+Chris - PHP OOP file samples, testing, bugfixing. +
Kiwi Dan - Researching TFS 0.2 for me, participation in developement. +
Amoaz - Pentesting and security tips. +
Evan - Researching TFS 0.3, constructive feedback, suggestion and participation. +
Talaturen - Repository for this AAC. +

+ + \ No newline at end of file diff --git a/deaths.php b/deaths.php new file mode 100644 index 0000000..56c6a57 --- /dev/null +++ b/deaths.php @@ -0,0 +1,39 @@ +hasExpired()) { + + if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') { + $deaths = fetchLatestDeaths(); + } else if ($config['TFSVersion'] == 'TFS_03') { + $deaths = fetchLatestDeaths_03(30); + } + $cache->setContent($deaths); + $cache->save(); +} else { + $deaths = $cache->load(); +} +if ($deaths) { +?> +

Latest Deaths

+ + + + + + + '; + echo ""; + echo ""; + if ($death['is_player'] == 1) echo ""; + else if ($death['is_player'] == 0) { + if ($config['TFSVersion'] == 'TFS_03') echo ""; + else echo ""; + } + else echo ""; + echo ''; + } ?> +
VictimTimeKiller
At level ". $death['level'] .": ". $death['victim'] ."". getClock($death['time'], true) ."Player: ". $death['killed_by'] ."Monster: ". ucfirst(str_replace("a ", "", $death['killed_by'])) ."Monster: ". ucfirst($death['killed_by']) ."". $death['killed_by'] ."
+ \ No newline at end of file diff --git a/downloads.php b/downloads.php new file mode 100644 index 0000000..ee34046 --- /dev/null +++ b/downloads.php @@ -0,0 +1,30 @@ + + +

Downloads

+

In order to play, you need an compatible IP changer and a Tibia client.

+ +

Download otland IP changer HERE.

+

Download Tibia client HERE.

+ +

How to connect and play:

+
    +
  1. + Download, install and start the tibia client if you havent already. +
    2. +
  2. + Download and run the IP changer. +
    3. +
  3. + In the IP changer, write this in the IP field: +
    4. +
  4. + In the IP changer, write this in the Port field: +
    5. +
  5. + Now you can successfully login on the tibia client and play.
    + If you do not have an account to login with, you need to register an account HERE. +
    6. +
+ + \ No newline at end of file diff --git a/failed.php b/failed.php new file mode 100644 index 0000000..f09ae0e --- /dev/null +++ b/failed.php @@ -0,0 +1,4 @@ + +

Failed!

+

Something went wrong. :(

+ \ No newline at end of file diff --git a/forum.php b/forum.php new file mode 100644 index 0000000..9888ee3 --- /dev/null +++ b/forum.php @@ -0,0 +1,1046 @@ + + 1.2): + - Updated to the new date/clock time system + - Bootstrap design support. +*/ +// BBCODE support: +function TransformToBBCode($string) { + $tags = array( + '[center]{$1}[/center]' => '
$1
', + '[b]{$1}[/b]' => '$1', + '[img]{$1}[/img]' => 'image', + '[link]{$1}[/link]' => '$1', + '[link={$1}]{$2}[/link]' => '$2', + '[color={$1}]{$2}[/color]' => '$2', + '[*]{$1}[/*]' => '
  • $1
    • ', + ); + + foreach ($tags as $tag => $value) { + $code = preg_replace('/placeholder([0-9]+)/', '(.*?)', preg_quote(preg_replace('/\{\$([0-9]+)\}/', 'placeholder$1', $tag), '/')); + $string = preg_replace('/'.$code.'/i', $value, $string); + } + + return $string; +} +Function PlayerHaveAccess($yourChars, $playerName){ + $access = false; + foreach($yourChars as $char) { + if ($char['name'] == $playerName) $access = true; + } + return $access; +} + +// Start page init +$admin = is_admin($user_data); +if ($admin) $yourChars = mysql_select_multi("SELECT `id`, `name`, `group_id` FROM `players` WHERE `level`>='1' AND `account_id`='". $user_data['id'] ."';"); +else $yourChars = mysql_select_multi("SELECT `id`, `name`, `group_id` FROM `players` WHERE `level`>='". $config['forum']['level'] ."' AND `account_id`='". $user_data['id'] ."';"); +if (!$yourChars) $yourChars = array(); +$charCount = count($yourChars); +$yourAccess = accountAccess($user_data['id'], $config['TFSVersion']); +if ($admin) { + if (!empty($_POST)) { + $guilds = mysql_select_multi("SELECT `id`, `name` FROM `guilds` ORDER BY `name`;"); + $guilds[] = array('id' => '0', 'name' => 'No guild'); + } + $yourAccess = 100; +} + +// Your characters, indexed by char_id +$charData = array(); +foreach ($yourChars as $char) { + $charData[$char['id']] = $char; + if (get_character_guild_rank($char['id']) > 0) { + $guild = get_player_guild_data($char['id']); + $charData[$char['id']]['guild'] = $guild['guild_id']; + $charData[$char['id']]['guild_rank'] = $guild['rank_level']; + } else $charData[$char['id']]['guild'] = '0'; +} +$cooldownw = array( + $user_znote_data['cooldown'], + time(), + $user_znote_data['cooldown'] - time() + ); + +///////////////// +// Guild Leader & admin +$leader = false; +foreach($charData as $char) { + if ($char['guild'] > 0 && $char['guild_rank'] == 3) $leader = true; +} +if ($admin && !empty($_POST) || $leader && !empty($_POST)) { + $admin_thread_delete = getValue($_POST['admin_thread_delete']); + $admin_thread_close = getValue($_POST['admin_thread_close']); + $admin_thread_open = getValue($_POST['admin_thread_open']); + $admin_thread_sticky = getValue($_POST['admin_thread_sticky']); + $admin_thread_unstick = getValue($_POST['admin_thread_unstick']); + $admin_thread_id = getValue($_POST['admin_thread_id']); + + // delete thread + if ($admin_thread_delete !== false) { + $admin_thread_id = (int)$admin_thread_id; + $access = false; + if (!$admin) { + $thread = mysql_select_single("SELECT `forum_id` FROM `znote_forum_threads` WHERE `id`='$admin_thread_id';"); + $forum = mysql_select_single("SELECT `guild_id` FROM `znote_forum` WHERE `id`='". $thread['forum_id'] ."';"); + foreach($charData as $char) if ($char['guild'] == $forum['guild_id'] && $char['guild_rank'] == 3) $access = true; + } else $access = true; + + if ($access) { + // Delete all associated posts + mysql_delete("DELETE FROM `znote_forum_posts` WHERE `thread_id`='$admin_thread_id';"); + // Delete thread itself + mysql_delete("DELETE FROM `znote_forum_threads` WHERE `id`='$admin_thread_id' LIMIT 1;"); + echo '

    Thread and all associated posts deleted.

    '; + } else echo '

    Permission denied.

    '; + } + + // Close thread + if ($admin_thread_close !== false) { + $admin_thread_id = (int)$admin_thread_id; + $access = false; + if (!$admin) { + $thread = mysql_select_single("SELECT `forum_id` FROM `znote_forum_threads` WHERE `id`='$admin_thread_id';"); + $forum = mysql_select_single("SELECT `guild_id` FROM `znote_forum` WHERE `id`='". $thread['forum_id'] ."';"); + foreach($charData as $char) if ($char['guild'] == $forum['guild_id'] && $char['guild_rank'] == 3) $access = true; + } else $access = true; + if ($access) { + mysql_update("UPDATE `znote_forum_threads` SET `closed`='1' WHERE `id`='$admin_thread_id' LIMIT 1;"); + //die("UPDATE `znote_forum_threads` SET `closed`='1' WHERE `id`='$admin_thread_id' LIMIT 1;"); + echo '

    Thread has been closed.

    '; + } else echo '

    Permission denied.

    '; + } + + // open thread + if ($admin_thread_open !== false) { + $admin_thread_id = (int)$admin_thread_id; + $access = false; + if (!$admin) { + $thread = mysql_select_single("SELECT `forum_id` FROM `znote_forum_threads` WHERE `id`='$admin_thread_id';"); + $forum = mysql_select_single("SELECT `guild_id` FROM `znote_forum` WHERE `id`='". $thread['forum_id'] ."';"); + foreach($charData as $char) if ($char['guild'] == $forum['guild_id'] && $char['guild_rank'] == 3) $access = true; + } else $access = true; + if ($access) { + mysql_update("UPDATE `znote_forum_threads` SET `closed`='0' WHERE `id`='$admin_thread_id' LIMIT 1;"); + echo '

    Thread has been opened.

    '; + } else echo '

    Permission denied.

    '; + } + + // stick thread + if ($admin_thread_sticky !== false) { + $admin_thread_id = (int)$admin_thread_id; + $access = false; + if (!$admin) { + $thread = mysql_select_single("SELECT `forum_id` FROM `znote_forum_threads` WHERE `id`='$admin_thread_id';"); + $forum = mysql_select_single("SELECT `guild_id` FROM `znote_forum` WHERE `id`='". $thread['forum_id'] ."';"); + foreach($charData as $char) if ($char['guild'] == $forum['guild_id'] && $char['guild_rank'] == 3) $access = true; + } else $access = true; + if ($access) { + mysql_update("UPDATE `znote_forum_threads` SET `sticky`='1' WHERE `id`='$admin_thread_id' LIMIT 1;"); + echo '

    Thread has been sticked.

    '; + } else echo '

    Permission denied.

    '; + } + + // unstick thread + if ($admin_thread_unstick !== false) { + $admin_thread_id = (int)$admin_thread_id; + $access = false; + if (!$admin) { + $thread = mysql_select_single("SELECT `forum_id` FROM `znote_forum_threads` WHERE `id`='$admin_thread_id';"); + $forum = mysql_select_single("SELECT `guild_id` FROM `znote_forum` WHERE `id`='". $thread['forum_id'] ."';"); + foreach($charData as $char) if ($char['guild'] == $forum['guild_id'] && $char['guild_rank'] == 3) $access = true; + } else $access = true; + if ($access) { + mysql_update("UPDATE `znote_forum_threads` SET `sticky`='0' WHERE `id`='$admin_thread_id' LIMIT 1;"); + echo '

    Thread has been unsticked.

    '; + } else echo '

    Permission denied.

    '; + } +} + +///////////////// +// ADMIN FUNCT +if ($admin && !empty($_POST)) { + $admin_post_id = getValue($_POST['admin_post_id']); + $admin_post_delete = getValue($_POST['admin_post_delete']); + + $admin_category_delete = getValue($_POST['admin_category_delete']); + $admin_category_edit = getValue($_POST['admin_category_edit']); + $admin_category_id = getValue($_POST['admin_category_id']); + + $admin_update_category = getValue($_POST['admin_update_category']); + $admin_category_name = getValue($_POST['admin_category_name']); + $admin_category_access = getValue($_POST['admin_category_access']); + $admin_category_closed = getValue($_POST['admin_category_closed']); + $admin_category_hidden = getValue($_POST['admin_category_hidden']); + $admin_category_guild_id = getValue($_POST['admin_category_guild_id']); + + $admin_board_create_name = getValue($_POST['admin_board_create_name']); + $admin_board_create_access = getValue($_POST['admin_board_create_access']); + $admin_board_create_closed = getValue($_POST['admin_board_create_closed']); + $admin_board_create_hidden = getValue($_POST['admin_board_create_hidden']); + $admin_board_create_guild_id = getValue($_POST['admin_board_create_guild_id']); + + // Create board + if ($admin_board_create_name !== false) { + + // Insert data + mysql_insert("INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`) + VALUES ('$admin_board_create_name', + '$admin_board_create_access', + '$admin_board_create_closed', + '$admin_board_create_hidden', + '$admin_board_create_guild_id');"); + echo '

    Board has been created.

    '; + } + + ////////////////// + // update category + if ($admin_update_category !== false) { + $admin_category_id = (int)$admin_category_id; + + // Update the category + mysql_update("UPDATE `znote_forum` SET + `name`='$admin_category_name', + `access`='$admin_category_access', + `closed`='$admin_category_closed', + `hidden`='$admin_category_hidden', + `guild_id`='$admin_category_guild_id' + WHERE `id`='$admin_category_id' LIMIT 1;"); + echo '

    Board has been updated successfully.

    '; + } + + ////////////////// + // edit category + if ($admin_category_edit !== false) { + $admin_category_id = (int)$admin_category_id; + $category = mysql_select_single("SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id` + FROM `znote_forum` WHERE `id`='$admin_category_id' LIMIT 1;"); + if ($category !== false) { + ?> +
    + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    +
    + Category not found.'; + + } + + // delete category + if ($admin_category_delete !== false) { + $admin_category_id = (int)$admin_category_id; + + // find all threads in category + $threads = mysql_select_multi("SELECT `id` FROM `znote_forum_threads` WHERE `forum_id`='$admin_category_id';"); + + // Then loop through all threads, and delete all associated posts: + foreach($threads as $thread) { + mysql_delete("DELETE FROM `znote_forum_posts` WHERE `thread_id`='". $thread['id'] ."';"); + } + // Then delete all threads + mysql_delete("DELETE FROM `znote_forum_threads` WHERE `forum_id`='$admin_category_id';"); + // Then delete the category + mysql_delete("DELETE FROM `znote_forum` WHERE `id`='$admin_category_id' LIMIT 1;"); + echo '

    Board, associated threads and all their associated posts deleted.

    '; + } + + // delete post + if ($admin_post_delete !== false) { + $admin_post_id = (int)$admin_post_id; + + // Delete the post + mysql_delete("DELETE FROM `znote_forum_posts` WHERE `id`='$admin_post_id' LIMIT 1;"); + echo '

    Post has been deleted.

    '; + } +} +// End admin function + +// Fetching get values +if (!empty($_GET)) { + $getCat = getValue($_GET['cat']); + $getForum = getValue($_GET['forum']); + $getThread = getValue($_GET['thread']); + + $new_thread_category = getValue($_POST['new_thread_category']); + $new_thread_cid = getValue($_POST['new_thread_cid']); + + $create_thread_cid = getValue($_POST['create_thread_cid']); + $create_thread_title = getValue($_POST['create_thread_title']); + $create_thread_text = getValue($_POST['create_thread_text']); + $create_thread_category = getValue($_POST['create_thread_category']); + + $update_thread_id = getValue($_POST['update_thread_id']); + $update_thread_title = getValue($_POST['update_thread_title']); + $update_thread_text = getValue($_POST['update_thread_text']); + + $edit_thread = getValue($_POST['edit_thread']); + $edit_thread_id = getValue($_POST['edit_thread_id']); + + $reply_thread = getValue($_POST['reply_thread']); + $reply_text = getValue($_POST['reply_text']); + $reply_cid = getValue($_POST['reply_cid']); + + $edit_post = getValue($_POST['edit_post']); + $edit_post_id = getValue($_POST['edit_post_id']); + + $update_post_id = getValue($_POST['update_post_id']); + $update_post_text = getValue($_POST['update_post_text']); + + ///////////////////// + // When you are POSTING in an existing thread + if ($reply_thread !== false && $reply_text !== false && $reply_cid !== false) { + $reply_cid = (int)$reply_cid; + + if ($user_znote_data['cooldown'] < time()) { + user_update_znote_account(array('cooldown'=>(time() + $config['forum']['cooldownPost']))); + + $thread = mysql_select_single("SELECT `closed` FROM `znote_forum_threads` WHERE `id`='$reply_thread' LIMIT 1;"); + + if ($thread['closed'] == 1 && $admin === false) $access = false; + else $access = true; + + if ($access) { + mysql_insert("INSERT INTO `znote_forum_posts` (`thread_id`, `player_id`, `player_name`, `text`, `created`, `updated`) VALUES ('$reply_thread', '$reply_cid', '". $charData[$reply_cid]['name'] ."', '$reply_text', '". time() ."', '". time() ."');"); + } else echo '

    You don\'t have permission to post on this thread. [Thread: Closed]

    '; + } else { + ?> + Antispam: You need to wait seconds before you can create or post. + (time() + $config['forum']['cooldownCreate']))); + + $category = mysql_select_single("SELECT `access`, `closed`, `guild_id` FROM `znote_forum` WHERE `id`='$create_thread_category' LIMIT 1;"); + if ($category !== false) { + $access = true; + if (!$admin) { + if ($category['access'] > $yourAccess) $access = false; + if ($category['guild_id'] > 0) { + $status = false; + foreach($charData as $char) { + if ($char['guild'] == $category['guild_id']) $status = true; + } + if (!$status) $access = false; + } + if ($category['closed'] > 0) $access = false; + } + + if ($access) { + mysql_insert("INSERT INTO `znote_forum_threads` + (`forum_id`, `player_id`, `player_name`, `title`, `text`, `created`, `updated`, `sticky`, `hidden`, `closed`) + VALUES ( + '$create_thread_category', + '$create_thread_cid', + '". $charData[$create_thread_cid]['name'] ."', + '$create_thread_title', + '$create_thread_text', + '". time() ."', + '". time() ."', + '0', '0', '0');"); + SendGet(array('cat'=>$create_thread_category), 'forum.php'); + } else echo '

    Permission to create thread denied.

    '; + } else echo 'Category does not exist.'; + } else { + ?> + Antispam: You need to wait seconds before you can create or post. + post has been updated.'; + } else echo "

    Your permission to edit this post has been denied.

    "; + } + + ///////////////////// + // When you ARE updating thread + if ($update_thread_id !== false && $update_thread_title !== false && $update_thread_text !== false) { + // Fetch the thread data + $thread = mysql_select_single("SELECT `id`, `player_name`, `title`, `text`, `closed` FROM `znote_forum_threads` WHERE `id`='$update_thread_id' LIMIT 1;"); + + // Verify access + $access = PlayerHaveAccess($yourChars, $thread['player_name']); + if ($thread['closed'] == 1 && $admin === false) $access = false; + if ($admin) $access = true; + + if ($access) { + mysql_update("UPDATE `znote_forum_threads` SET `title`='$update_thread_title', `text`='$update_thread_text' WHERE `id`='$update_thread_id';"); + echo '

    Thread has been updated.

    '; + } else echo "

    Your permission to edit this thread has been denied.

    "; + } + + ///////////////////// + // When you want to edit a post + if ($edit_post_id !== false && $edit_post !== false) { + // Fetch the post data + $post = mysql_select_single("SELECT `id`, `thread_id`, `text`, `player_name` FROM `znote_forum_posts` WHERE `id`='$edit_post_id' LIMIT 1;"); + $thread = mysql_select_single("SELECT `closed` FROM `znote_forum_threads` WHERE `id`='". $post['thread_id'] ."' LIMIT 1;"); + // Verify access + $access = PlayerHaveAccess($yourChars, $post['player_name']); + if ($thread['closed'] == 1 && $admin === false) $access = false; + if ($admin) $access = true; + + if ($access) { + ?> +

    Edit Post

    +
    + +
    + +
    + You don\'t have permission to edit this post.

    '; + } else + + ///////////////////// + // When you want to edit a thread + if ($edit_thread_id !== false && $edit_thread !== false) { + // Fetch the thread data + $thread = mysql_select_single("SELECT `id`, `title`, `text`, `player_name`, `closed` FROM `znote_forum_threads` WHERE `id`='$edit_thread_id' LIMIT 1;"); + + $access = PlayerHaveAccess($yourChars, $thread['player_name']); + if ($thread['closed'] == 1) $access = false; + if ($admin) $access = true; + + if ($access) { + ?> +

    Edit Thread

    +
    + +

    +
    + +
    + Edit access denied.

    '; + } else + + ///////////////////// + // When you want to view a thread + if ($getThread !== false) { + $getThread = (int)$getThread; + $threadData = mysql_select_single("SELECT `id`, `forum_id`, `player_id`, `player_name`, `title`, `text`, `created`, `updated`, `sticky`, `hidden`, `closed` FROM `znote_forum_threads` WHERE `id`='$getThread' LIMIT 1;"); + + if ($threadData !== false) { + + $category = mysql_select_single("SELECT `hidden`, `access`, `guild_id` FROM `znote_forum` WHERE `id`='". $threadData['forum_id'] ."' LIMIT 1;"); + if ($category === false) die("Thread category does not exist."); + + $access = true; + $leader = false; + if ($category['hidden'] == 1 || $category['access'] > 1 || $category['guild_id'] > 0) { + $access = false; + if ($category['hidden'] == 1) $access = PlayerHaveAccess($yourChars, $threadData['player_name']); + if ($category['access'] > 1 && $yourAccess >= $category['access']) $access = true; + foreach($charData as $char) { + if ($category['guild_id'] == $char['guild']) $access = true; + if ($char['guild_rank'] == 3) $leader = true; + } + if ($admin) $access = true; + } + + + if ($access) { + ?> + LinkMap: Forum -
    + Viewing thread: ". $threadData['title'] .""; ?> + + + + + + + +
    + + - Created by: + ". $threadData['player_name'] .""; + ?> +
    +

    +
    +
    + + + + + + + + +
    +
    + + +
    +     		+ +
    + + +
    + +
    + + +
    + +     		+ +
    + + +
    + +
    + + +
    + +     		+
    + + +
    +
    + + + + + +
    +
    + + +
    +
    + + + + + + + + + +
    + + - Posted by: + ". $post['player_name'] .""; + ?> +
    +

    +
    +
    + +
    + + +
    + +
    + + +
    + 0) { + if ($threadData['closed'] == 0 || $yourAccess > 3) { + ?> +
    +
    + +

    [b]Bold Text[/b], [img]Direct Image Link[/img], [center]Cented Text[/center],
    [link]http://youtube.com/[/link], [color=GREEN]Green Text![/color], [*] - Dotted [/*]


    + +
    + + +
    + You don\'t have permission to post on this thread. [Thread: Closed]

    '; + } else { + ?>

    You must have a character on your account that is level + to reply to this thread.

    Your permission to access this thread has been denied.

    "; + } else { + ?> +

    Thread unavailable

    +

    Thread is unavailable for you, or do not exist any more. + 0 && !empty($_GET['forum'])) { + $tmpCat = getValue($_GET['cat']); + $tmpCatName = getValue($_GET['forum']); + ?> +
    Go back to:

    + +
    Go back to Forum

    + + $yourAccess) $access = false; + if ($category['guild_id'] > 0) { + $status = false; + foreach($charData as $char) { + if ($char['guild'] == $category['guild_id']) $status = true; + } + if (!$status) $access = false; + } + if ($category['closed'] > 0) $access = false; + } + + if ($access) { + ?> +

    Create new thread

    +
    + + + +

    +
    + +
    + Permission to create thread denied.

    '; + } + } else + + ///////////////////// + // When category is specified + if ($getCat !== false) { + $getCat = (int)$getCat; + + // Fetch category rules + $category = mysql_select_single("SELECT `name`, `access`, `closed`, `hidden`, `guild_id` FROM `znote_forum` WHERE `id`='$getCat' AND `access`<='$yourAccess' LIMIT 1;"); + + if ($category !== false && $category['guild_id'] > 0 && !$admin) { + $access = false; + foreach($charData as $char) if ($category['guild_id'] == $char['guild']) $access = true; + if ($access !== true) $category = false; + } + + if ($category !== false) { + // TODO : Verify guild access + //foreach($charData) + echo "

    Forum Board: ". $category['name'] ."

    "; + + // Threads + // - id - forum_id - player_id - player_name - title - text - created - updated - sticky - hidden - closed + $threads = mysql_select_multi("SELECT `id`, `player_name`, `title`, `sticky`, `closed` FROM `znote_forum_threads` WHERE `forum_id`='$getCat' ORDER BY `sticky` DESC, `updated` DESC;"); + + ///// HTML \\\\\ + if ($threads !== false) { + ?> + + + + + + 3) $access = true; + } + + if ($access) { + ?> + + '; + ?> + + + + '; + ?> + + + + + +
    TitleBy
    + 0) { + if ($category['closed'] == 0 || $admin) { + ?> +
    + + + +
    + This board is closed.

    '; + } else echo "

    You must have a character on your account that is level ". $config['forum']['level'] ."+ to create new threads.

    "; + } else echo "

    Your permission to access this board has been denied.
    If you are trying to access a Guild Board, you need level: ". $config['forum']['level'] ."+

    "; + + } +} else { + + ////////////////////// + // No category specified, show list of available categories + if (!$admin) $categories = mysql_select_multi( + "SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id` FROM `znote_forum` WHERE `access`<='$yourAccess' ORDER BY `name`;"); + else $categories = mysql_select_multi("SELECT `id`, `name`, `access`, `closed`, `hidden`, `guild_id` FROM `znote_forum` ORDER BY `name`;"); + + $guildboard = false; + ?> + + + + 0) $guild = true; + } + + if ($admin || $guild) { + if (!isset($guilds)) { + $guilds = mysql_select_multi("SELECT `id`, `name` FROM `guilds` ORDER BY `name`;"); + $guilds[] = array('id' => '0', 'name' => 'No guild'); + } + $guildName = array(); + foreach($guilds as $guild) { + $guildName[$guild['id']] = $guild['name']; + } + if ($admin) { + ?> + + + + + 0) { + $guildboard[] = $category; + $access = false; + } + + /* + if ($guild) { + foreach($charData as $char) { + if ($category['guild_id'] == $char['guild']) $access = true; + } + } + */ + if ($access) { + $url = url("forum.php?cat=". $category['id']); + echo ''; + echo '"; + + // Admin columns + if ($admin) { + ?> + + + '; + } + } + } + ?> +
    Forum BoardsEditDelete
    '; + if ($category['closed'] == 1) echo $config['forum']['closed'],' '; + if ($category['hidden'] == 1) echo $config['forum']['hidden'],' '; + if ($category['guild_id'] > 0) { + echo "[". $guildName[$category['guild_id']] ."] "; + } + echo $category['name'] ." +
    + + +
    +     		+
    + + +
    +
    +
    + + + + + 0) $guild = true; + } + + if ($admin || $guild) { + if (!isset($guilds)) { + $guilds = mysql_select_multi("SELECT `id`, `name` FROM `guilds` ORDER BY `name`;"); + $guilds[] = array('id' => '0', 'name' => 'No guild'); + } + $guildName = array(); + foreach($guilds as $guild) { + $guildName[$guild['id']] = $guild['name']; + } + if ($admin) { + ?> + + + + + '; + echo '"; + + // Admin columns + if ($admin) { + ?> + + + '; + } + } + if ($count == 0 && !$admin) echo ''; + ?> +
    Guild BoardsEditDelete
    '; + if ($board['closed'] == 1) echo $config['forum']['closed'],' '; + if ($board['hidden'] == 1) echo $config['forum']['hidden'],' '; + if ($board['guild_id'] > 0) { + echo "[". $guildName[$board['guild_id']] ."] "; + } + echo $board['name'] ." +
    + + +
    +     		+
    + + +
    +
    You don\'t have access to any guildboards.
    + +

    Create board:

    +
    +

    + + Required access:

    + + Board closed:
    + + Board hidden:

    + + Guild board:

    + + +
    + \ No newline at end of file diff --git a/gallery.php b/gallery.php new file mode 100644 index 0000000..adec8a9 --- /dev/null +++ b/gallery.php @@ -0,0 +1,105 @@ + +

    Create image article

    +

    Only works with "Direct link" URLs from imgland.net +
    Don't understand? Don't worry! Watch this video guide!

    +
    + Image URL:

    + Image Title:

    + Image Describtion:

    + +
    + +

    Image Posted

    +

    However, your image will not be listed until a GM have verified it.
    + Feel free to remind the GM in-game to login on website and approve the image post.

    +

    Preview:

    + + + + + + + + + + +

    + +
    + ", $descr); + ?> +

    +
    + +

    Gallery

    + +
    + Got some cool images to show the community? +
    + load(); + if ($images != false) { + foreach($images as $image) { + $pw = explode("!", $image['image']); + ?> + + + + + + + + + + +

    + +
    + ", $descr); + ?> +

    +
    + There are currently no public images.'; + + if ($logged_in === false) echo 'You need to be logged in to add images.'; +} +include 'layout/overall/footer.php'; +/* +$url = strtolower("HTTP://1.imgland.net/pxPmUL.jpg"); +echo $url .'
    '; +$url = str_replace("www", "", str_replace(":", "", str_replace("/", "", str_replace(".", "!", str_replace("imgland.net", "", str_replace("http", "", $url)))))); +$url = sanitize($url); +echo $url; +$url = explode("!", $url); + +echo time(); +//insertImage(2, "Yaay!", "Super describtion!", "1!pxpmul!jpg"); +*/?> \ No newline at end of file diff --git a/guilds.php b/guilds.php new file mode 100644 index 0000000..d81df65 --- /dev/null +++ b/guilds.php @@ -0,0 +1,664 @@ + + +

    Guild List:

    + + + + + + + + = 1) { + $url = url("guilds.php?name=". $guild['name']); + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + } + ?> +
    Guild name:Members:Founded:
    '. $guild['name'] .''. count_guild_members($guild['id']) .''. getClock($guild['creationdata'], true) .'
    +Guild list is empty.

    ';?> + += $config['create_guild_level']) { + + // If character is offline + if ($char_data['online'] == 0) { + $acc_data = user_data($user_data['id'], 'premdays'); + + // If character is premium + if ($config['guild_require_premium'] == false || $acc_data['premdays'] > 0) { + + if (get_character_guild_rank($user_id) < 1) { + + if (preg_match("/^[a-zA-Z_ ]+$/", $_POST['guild_name'])) { + // Only allow normal symbols as guild name + + $guildname = sanitize($_POST['guild_name']); + + $gid = get_guild_id($guildname); + if ($gid === false) { + create_guild($user_id, $guildname); + header('Location: success.php'); + exit(); + } else echo 'A guild with that name already exist.'; + } else echo 'Guild name may only contain a-z, A-Z and spaces.'; + } else echo 'You are already in a guild.'; + } else echo 'You need a premium account to create a guild.'; + } else echo 'Your character must be offline to create a guild.'; + } else echo $name .' is level '. $char_data['level'] .'. But you need level '. $config['create_guild_level'] .'+ to create your own guild!'; + } + } + // end + ?> + + + +
    + +
    + + + + + $highest_access) $highest_access = $access; + } + } + } + } + } + // Display the specific guild page +?> + +

    Guild:

    + + + + + + + + + '; + echo ''; + echo ''; + echo ''; + echo ''; + if ($chardata['online'] == 1) echo ''; + else echo ''; + echo ''; + } + ?> +
    Rank:Name:Level:Vocation:Status:
    '. get_player_guild_rank($player['rank_id']) .''. $player['name'] .''. $player['level'] .''. $config['vocations'][$player['vocation']] .' Online Offline
    + + 0) { ?> +

    Invited characters

    + + + + Remove:'; + } + // Shuffle through visitor characters + for ($i = 0; $i < $char_count; $i++) { + $exist = false; + // Shuffle through invited character, see if they match your character. + foreach ($inv_data as $inv) { + if (user_character_id($characters[$i]) == $inv['player_id']) { + $exist = true; + } + } + if ($exist) echo ''; + } + ?> + + '; + echo ''; + // Remove invitation + if ($highest_access == 2 || $highest_access == 3) { + ?> '; + echo ''; + echo ''; + echo ''; + ?> '; + echo ''; + echo ''; + echo ''; + $bool = true; + } + } + if (isset($bool, $exist) && !$bool && $exist) { + echo ''; + $bool = false; + } + ?> '; + echo ''; + echo ''; + echo ''; + $bool = true; + } + } + if (isset($bool, $exist) && !$bool && $exist) { + echo ''; + $bool = false; + } + ?> '; + } + ?> +
    Name:Join Guild:Reject Invitation:
    '. $uninv['name'] .'
    + + +Failed to find guild position representing member.'; + } else echo 'Character must be offline before joining guild.'; + } + } + } + + if (!empty($_POST['leave_guild'])) { + $name = sanitize($_POST['leave_guild']); + $cidd = user_character_id($name); + // If character is offline + $chardata = user_character_data($cidd, 'online'); + if ($chardata['online'] == 0) { + guild_player_leave($cidd); + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } else echo 'Character must be offline first!'; + } + +if ($highest_access >= 2) { + // Guild leader stuff + + // Promote character to guild position + if (!empty($_POST['promote_character']) && !empty($_POST['promote_position'])) { + // Verify that promoted character is from this guild. + $p_rid = $_POST['promote_position']; + $p_cid = user_character_id($_POST['promote_character']); + $p_guild = get_player_guild_data($p_cid); + + if ($p_guild['guild_id'] == $gid) { + // Do the magic. + $chardata = user_character_data($p_cid, 'online'); + if ($chardata['online'] == 0) { + update_player_guild_position($p_cid, $p_rid); + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } else echo 'Character not offline.'; + + } + } + if (!empty($_POST['invite'])) { + if (user_character_exist($_POST['invite'])) { + // + $status = false; + if ($inv_data !== false) { + foreach ($inv_data as $inv) { + if ($inv['player_id'] == user_character_id($_POST['invite'])) $status = true; + } + } + foreach ($players as $player) { + if ($player['name'] == $_POST['invite']) $status = true; + } + + if ($status == false) { + guild_invite_player(user_character_id($_POST['invite']), $gid); + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } else echo 'That character is already invited(or a member) on this guild.'; + } else echo 'That character name does not exist.'; + } + + if (!empty($_POST['disband'])) { + // + $gidd = (int)$_POST['disband']; + $members = get_guild_players($gidd); + $online = false; + + // First figure out if anyone are online. + foreach ($members as $member) { + $chardata = user_character_data(user_character_id($member['name']), 'online'); + if ($chardata['online'] == 1) { + $online = true; + } + } + + if (!$online) { + // Then remove guild rank from every player. + foreach ($members as $member) { + //$chardata = user_character_data(user_character_id($member['name']), 'online'); + guild_player_leave(user_character_id($member['name'])); + } + + // Remove all guild invitations to this guild + if ($inv_count > 0) guild_remove_invites($gidd); + + // Then remove the guild itself. + guild_delete($gidd); + header('Location: success.php'); + exit(); + } else echo 'All members must be offline to disband the guild.'; + } + + if (!empty($_POST['new_leader'])) { + $new_leader = (int)$_POST['new_leader']; + $old_leader = guild_leader($gid); + + $online = false; + $newData = user_character_data($new_leader, 'online'); + $oldData = user_character_data($old_leader, 'online'); + if ($newData['online'] == 1 || $oldData['online'] == 1) $online = true; + + if ($online == false) { + if (guild_change_leader($new_leader, $old_leader)) { + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } else echo 'Something went wrong when attempting to change leadership.'; + } else echo 'The new and old leader must be offline to change leadership.'; + } + + if (!empty($_POST['change_ranks'])) { + $c_gid = (int)$_POST['change_ranks']; + $c_ranks = get_guild_rank_data($c_gid); + $rank_data = array(); + $rank_ids = array(); + + // Feed new rank data + foreach ($c_ranks as $rank) { + $tmp = 'rank_name!'. $rank['level']; + if (!empty($_POST[$tmp])) { + $rank_data[$rank['level']] = sanitize($_POST[$tmp]); + $rank_ids[$rank['level']] = $rank['id']; + } + } + + foreach ($rank_data as $level => $name) { + guild_change_rank($rank_ids[$level], $name); + } + + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } + + if (!empty($_POST['remove_member'])) { + $name = sanitize($_POST['remove_member']); + $cid = user_character_id($name); + + guild_remove_member($cid); + header('Location: guilds.php?name='. $_GET['name']); + exit(); + } + + if (!empty($_POST['forumGuildId'])) { + if ($config['forum']['guildboard'] === true) { + $forumExist = mysql_select_single("SELECT `id` FROM `znote_forum` WHERE `guild_id`='$gid' LIMIT 1;"); + if ($forumExist === false) { + // Insert data + mysql_insert("INSERT INTO `znote_forum` (`name`, `access`, `closed`, `hidden`, `guild_id`) + VALUES ('Guild', + '1', + '0', + '0', + '$gid');"); + echo '

    Guild board has been created.

    '; + } else echo '

    Guild board already exist.

    '; + + } else { + echo '

    Error: Guild board system is disabled.

    '; + } + } + + $members = count_guild_members($gid); + $ranks = get_guild_rank_data($gid); + ?> + + +
    + +
    + + + +
    + +
    + 1) { ?> + +
    + +
    + +
    + +
    + +

    + + +
    + +
    + +
    + +
    + + 1) { ?> +
    + +
    + + + + +

    War overview:

    + + + + + + + + '; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + } + ?> +
    Attacker:Defender:status:started:
    '. $wars['name1'] .''. $wars['name2'] .''. $config['war_status'][$wars['status']] .''. getClock($wars['started'], true) .'
    + + + - Visit Guild Board


    + +
    + +
    + \ No newline at end of file diff --git a/guildwar.php b/guildwar.php new file mode 100644 index 0000000..4de33e1 --- /dev/null +++ b/guildwar.php @@ -0,0 +1,185 @@ + +

    - VERSUS -

    + + data: + $guild1 = $war['guild1']; + $g1c = 0; // kill count + + $guild2 = $war['guild2']; + $g2c = 0; // kill count + + if ($config['TFSVersion'] == 'TFS_02') { + foreach ($kills as $kill) { + if ($kill[killerguild] == $guild1) ++$g1c; + if ($kill[killerguild] == $guild2) ++$g2c; + } + + $green = false; + if ($g1c > $g2c) { + $leading = $war['name1']; + $green = true; + } else if ($g2c > $g1c) $leading = $war['name2']; + else $leading = "Tie"; + } + ?> + + + + + + + + + + '; + //echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + ?> +
    Killer's guild:Killer:Victim:Time:
    '. get_guild_name($kill['killerguild']) .''. get_guild_name($kill['killerguild']) .''. $kill['killer'] .''. $kill['target'] .''. getClock($kill['time'], true) .'
    + + +".$death['name']." "; + foreach($killers as $killer) + { + $i++; + if($killer['is_war'] != 0) + { + if($i == 1) + $main_content .= "killed at level ".$death['level']." by "; + else if($i == $count && $others == false) + $main_content .= " and by "; + else + $main_content .= ", "; + if($killer['player_exists'] == 0) + $main_content .= ""; + + $main_content .= $killer['player_name']; + if($killer['player_exists'] == 0) + $main_content .= ""; + } + else + $others = true; + + if($i == $count) + { + if($others == true) + $main_content .= " and few others"; + $main_content .= ".
    "; + } + } + } + } + else + $main_content .= "
    There were no frags on this war so far.
    "; + echo $main_content; + // END BORROWED FROM GESIOR + } + } + +} else { + // Display current wars. + + // Fetch list of wars + if ($config['TFSVersion'] == 'TFS_02') $wardata = get_guild_wars(); + else if ($config['TFSVersion'] == 'TFS_03') $wardata = get_guild_wars03(); + else die("Can't recognize TFS version. It has to be either TFS_02 or TFS_03. Correct this in config.php"); + //echo $wardata[0]['name1']; + //die(var_dump($wardata)); + if ($wardata != false) { + + // kills data + $killsdata = array(); // killsdata[guildid] => array(warid) => array info about the selected war entry + foreach ($wardata as $wars) { + if ($config['TFSVersion'] == 'TFS_02') $killsdata[$wars['id']] = get_war_kills($wars['id']); + else if ($config['TFSVersion'] == 'TFS_03') $killsdata[$wars['id']] = get_war_kills03($wars['id']); + } + ?> + + + + + + + + '; + echo ''; + echo ''; + echo ''; + echo ''; + } + ?> +
    Attacking Guild:Death Count:Defending Guild:
    '. $wars['name1'] .''. count($killsdata[$wars['id']]) .''. $wars['name2'] .'
    + + \ No newline at end of file diff --git a/highscores.php b/highscores.php new file mode 100644 index 0000000..268ad78 --- /dev/null +++ b/highscores.php @@ -0,0 +1,110 @@ +hasExpired()) { + if ($config['TFSVersion'] != 'TFS_10') $tmp = highscore_getAll(); + else $tmp = highscore_getAll_10(0, 30); + + $cache->setContent($tmp); + $cache->save(); + + $array = isset($tmp[$skillid]) ? $tmp[$skillid] : $tmp[7]; + } else { + $tmp = $cache->load(); + $array = $tmp[$skillid]; + } + + if ($skillid < 9) { + // Design and present the list + if ($array) { + ?> +

    + scoreboard. Next update: + remainingTime() > 0) { + $hours = seconds_to_hours($cache->remainingTime()); + $minutes = ($hours - (int)$hours) * 60; + $seconds = ($minutes - (int)$minutes) * 60; + if ($hours >= 1) { + echo (int)$hours .'h'; + } + if ($minutes >= 1) { + echo ' '. (int)$minutes .'m'; + } + if ($seconds >= 1) { + echo ' '. (int)$seconds .'s'; + } + } else { + echo '0s'; + } + + ?>. remainingTime());?> +

    + + + + Level:'; + else { + ?> + + Vocation:'; + } + ?> + + '; + echo ''; + if ($skillid == 7) echo ''; + echo ''; + if ($skillid == 7 || $skillid == 6 || $skillid == 5) { + echo ''; + } + echo ''; + } + // end foreach + } + ?> +
    Name:Experience:Value:
    '. $value['name'] .''. $value['level'] .''. $value['value'] .''. $value['vocation'] .'
    +
    '; + //Token::debug($_POST['token']); + echo 'Please clear your web cache/cookies OR use another web browser
    '; + } +} + +/* +0 fist: SELECT (SELECT `name` from `players` WHERE `player_id`=`id`) AS `name`, `value` FROM `player_skills` WHERE `skillid`=0 +1 club: +2 sword: +3 axe: +4 dist: +5 Shield: +6 Fish +7 Hardcoded experience +8 Hardcoded maglevel +*/ +include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/houses.php b/houses.php new file mode 100644 index 0000000..8f39e7e --- /dev/null +++ b/houses.php @@ -0,0 +1,145 @@ +hasExpired()) { + $tmp = fetchAllHouses_03(); + $cache->setContent($tmp); + $cache->save(); + + foreach ($tmp as $t) { + if ($t['town'] == $townid) $array[] = $t; + } + $array = isset($array) ? $array : false; + } else { + $tmp = $cache->load(); + foreach ($tmp as $t) { + if ($t['town'] == $townid) $array[] = $t; + } + $array = isset($array) ? $array : false; + } + + // Design and present the list + if ($array) { + ?> +

    + house list. +

    + + + + + + + + + + + '; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + if ($value['owner'] == 0) echo ""; + else { + $data = user_character_data($value['owner'], 'name'); + echo ''; + } + echo ''; + // end foreach + } + ?> +
    Name:Size:Doors:Beds:Price:Owner:
    ". $value['name'] ."". $value['size'] ."". $value['doors'] ."". $value['beds'] ."". $value['price'] ."None'. $data['name'] .'
    +
    '; + //Token::debug($_POST['token']); + echo 'Please clear your web cache/cookies OR use another web browser
    '; + } +} else { + if (empty($_POST) === true && $config['TFSVersion'] === 'TFS_03') { + if ($config['allowSubPages']) header('Location: sub.php?page=houses'); + else echo 'Sub page system disabled.'; + } else if ($config['TFSVersion'] === 'TFS_02') { + $house = $config['house']; + if (!is_file($house['house_file'])) { + echo("

    House file not found

    FAILED TO LOCATE/READ FILE AT:
    ". $house['house_file'] ."

    LINUX users: Make sure www-data have read access to file.
    WINDOWS users: Learn to write correct file path.

    "); + exit(); + } + + // Load and cache SQL house data: + $cache = new Cache('engine/cache/houses/sqldata'); + if ($cache->hasExpired()) { + $house_query = mysql_select_multi('SELECT `players`.`name`, `houses`.`id` FROM `players`, `houses` WHERE `houses`.`owner` = `players`.`id`;'); + + $cache->setContent($house_query); + $cache->save(); + } else { + $house_query = $cache->load(); + } + + $sqmPrice = $house['price_sqm']; + $house_load = simplexml_load_file($house['house_file']); + if ($house_query !== false && $house_load !== false) { + ?> +

    House list

    + + + + + + + + + '. $row['name'] .''; + } + foreach ($house_load as $house_fetch){ + $house_price = (int)$house_fetch['size'] * $sqmPrice; + ?> + + + + + + + + +
    HouseLocationOwnerSizeRent
    + + + +
    + Something is wrong with the cache.

    '; + } +} +include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/index.php b/index.php new file mode 100644 index 0000000..973a05e --- /dev/null +++ b/index.php @@ -0,0 +1,51 @@ +hasExpired()) { + $news = fetchAllNews(); + + $cache->setContent($news); + $cache->save(); + } else { + $news = $cache->load(); + } + + // Design and present the list + if ($news) { + function TransformToBBCode($string) { + $tags = array( + '[center]{$1}[/center]' => '
    $1
    ', + '[b]{$1}[/b]' => '$1', + '[size={$1}]{$2}[/size]' => '$2', + '[img]{$1}[/img]' => 'image', + '[link]{$1}[/link]' => '$1', + '[link={$1}]{$2}[/link]' => '$2', + '[color={$1}]{$2}[/color]' => '$2', + '[*]{$1}[/*]' => '
  • $1
    • ', + ); + foreach ($tags as $tag => $value) { + $code = preg_replace('/placeholder([0-9]+)/', '(.*?)', preg_quote(preg_replace('/\{\$([0-9]+)\}/', 'placeholder$1', $tag), '/')); + $string = preg_replace('/'.$code.'/i', $value, $string); + } + return $string; + } + foreach ($news as $n) { + ?> + + + + + + + +
    '. $n['name'] .' - '. TransformToBBCode($n['title']) .''; ?>
    +

    +
    + No news exist.

    '; + } + } +include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/ipn.php b/ipn.php new file mode 100644 index 0000000..9b671a9 --- /dev/null +++ b/ipn.php @@ -0,0 +1,87 @@ + $value) { + $value = urlencode(stripslashes($value)); + $req .= "&$key=$value"; + } + + // post back to PayPal system to validate + $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; + $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; + $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; + $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); + + // assign posted variables to local variables + $item_name = $_POST['item_name']; + $item_number = $_POST['item_number']; + $payment_status = $_POST['payment_status']; + $payment_amount = $_POST['mc_gross']; + $payment_currency = $_POST['mc_currency']; + $txn_id = mysql_real_escape_string($_POST['txn_id']); + $receiver_email = $_POST['receiver_email']; + $payer_email = mysql_real_escape_string($_POST['payer_email']); + $custom = $_POST['custom']; + + if (!$fp) { + // HTTP ERROR + } else { + fputs ($fp, $header . $req); + while (!feof($fp)) { + $res = fgets ($fp, 1024); + if (strcmp ($res, "VERIFIED") == 0) { + if ($payment_status == 'Completed') { + $txn_id_check = mysql_query("SELECT `txn_id` FROM `znote_paypal` WHERE `txn_id`='$txn_id'"); + if (mysql_num_rows($txn_id_check) != 1) { + if ($receiver_email == $paypal['email']) { + + $status = true; + $pieces = explode("!", $custom); + // TODO - fix this logic + // 0 = user_id, 1 = price, 2 = points + $f_user_id = (int)$pieces[0]; + $f_price = (float)$pieces[1]; + $f_points = (int)$pieces[2]; + if ($payment_amount != $f_price) $status = false; // If he paid wrong ammount + if ($payment_currency != $paypal['currency']) $status = false; // If he paid using another currency + + // Verify that the user havent messed around with POST data + if ($status) { + $status = false; + foreach ($prices as $price => $points) { + if ($price == $f_price && $points == $f_points) $status = true; // data does not appear to be manipulated. + } + if ($status) { + // transaction log + $log_query = mysql_query("INSERT INTO `znote_paypal` VALUES ('', '$txn_id', '$payer_email', '$f_user_id', '".(int)$f_price."', '".(int)$f_points."')"); + + // Give points to user + $old_points = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$f_user_id';"), 0, 'points'); + $new_points = (int)$f_points; + $new_points += $old_points; + $update_account = mysql_query("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$f_user_id'"); + } else mysql_query("INSERT INTO `znote_paypal` VALUES ('', '$txn_id', 'ERROR: HACKER detected: $payer_email', '$f_user_id', '".(int)$f_price."', '".(int)$f_points."')"); + } + } else { + $pmail = $paypal['email']; + mysql_query("INSERT INTO `znote_paypal` VALUES ('', '$txn_id', 'ERROR: Wrong mail. Received: $receiver_email, configured: $pmail', '0', '0', '0')"); + } + } + } + } + else if (strcmp ($res, "INVALID") == 0) { + // log for manual investigation + + } + } + fclose ($fp); + } +?> \ No newline at end of file diff --git a/killers.php b/killers.php new file mode 100644 index 0000000..20d8a3c --- /dev/null +++ b/killers.php @@ -0,0 +1,118 @@ +hasExpired()) { + $killers = fetchMurders(); + + $cache->setContent($killers); + $cache->save(); +} else { + $killers = $cache->load(); +} +$cache = new Cache('engine/cache/victims'); +if ($cache->hasExpired()) { + $victims = fetchLoosers(); + + $cache->setContent($victims); + $cache->save(); +} else { + $victims = $cache->load(); +} +$cache = new Cache('engine/cache/lastkillers'); +if ($cache->hasExpired()) { + $latests = mysql_select_multi("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as `killed_by`, `d`.`time` as `time` FROM `player_deaths` as `d` INNER JOIN `players` as `p` ON d.player_id = p.id WHERE d.`is_player`='1' LIMIT 20;"); + if ($latests !== false) { + $cache->setContent($latests); + $cache->save(); + } +} else { + $latests = $cache->load(); +} +if ($killers) { +?> +

    Biggest Murders

    + + + + + + '; + echo ""; + echo ""; + echo ''; + } ?> +
    NameKills
    ". $killer['killed_by'] ."". $killer['kills'] ."
    + +

    Biggest Victims

    + + + + + + '; + echo ""; + echo ""; + echo ''; + } ?> +
    NameDeaths
    ". $victim['name'] ."". $victim['Deaths'] ."
    + +

    Latest kills

    + + + + + + + '; + echo ""; + echo ""; + echo ""; + echo ''; + } ?> +
    KillerTimeVictim
    ". $last['killed_by'] ."". getClock($last['time'], true) ."". $last['victim'] ."
    +hasExpired()) { + $deaths = fetchLatestDeaths_03(30, true); + $cache->setContent($deaths); + $cache->save(); + } else { + $deaths = $cache->load(); + } + ?> + +

    Latest Killers

    + + + + + + + '; + echo ""; + echo ""; + echo ""; + echo ''; + } ?> +
    KillerTimeVictim
    ". $death['killed_by'] ."". getClock($death['time'], true) ."At level ". $death['level'] .": ". $death['victim'] ."
    + + \ No newline at end of file diff --git a/login.php b/login.php new file mode 100644 index 0000000..226e0ed --- /dev/null +++ b/login.php @@ -0,0 +1,60 @@ + 32 || strlen($password) > 64) { + $errors[] = 'Username or password is too long.'; + } else if (user_exist($username) === false) { + $errors[] = 'Failed to authorize your account, are the details correct, have you registered?'; + } /*else if (user_activated($username) === false) { + $errors[] = 'You havent activated your account! Please check your email.
    Note it may appear in your junk/spam box.'; + } */else if (!Token::isValid($_POST['token'])) { + Token::debug($_POST['token']); + $errors[] = 'Token is invalid.'; + } else { + + // Starting loging + if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') $login = user_login($username, $password); + else if ($config['TFSVersion'] == 'TFS_03') $login = user_login_03($username, $password); + else $login = false; + if ($login === false) { + $errors[] = 'Username and password combination is wrong.'; + } else { + $_SESSION['user_id'] = $login; + + // if IP is not set (etc acc created before Znote AAC was in use) + $znote_data = user_znote_account_data($_SESSION['user_id']); + if ($znote_data['ip'] == 0) { + $update_data = array( + 'ip' => ip2long(getIP()), + ); + user_update_znote_account($update_data); + } + + // Send them to myaccount.php + header('Location: myaccount.php'); + exit(); + } + } +} else { + header('Location: index.php'); +} + +if (empty($errors) === false) { +?> +

    We tried to log you in, but...

    + \ No newline at end of file diff --git a/logout.php b/logout.php new file mode 100644 index 0000000..bcfac9b --- /dev/null +++ b/logout.php @@ -0,0 +1,8 @@ + \ No newline at end of file diff --git a/mailtest.php b/mailtest.php new file mode 100644 index 0000000..6eb98b4 --- /dev/null +++ b/mailtest.php @@ -0,0 +1,3 @@ + \ No newline at end of file diff --git a/myaccount.php b/myaccount.php new file mode 100644 index 0000000..a513f0a --- /dev/null +++ b/myaccount.php @@ -0,0 +1,258 @@ + 0 && $infinite === false) $tks += (int)$ticket['count']; + } + if ($infinite === true) $tks = 0; + $dbid = (int)$tickets[0]['id']; + // If they dont have unlimited tickets, remove a count from their ticket. + if ($tickets[0]['count'] > 1) { // Decrease count + $tks--; + $tkr = ((int)$tickets[0]['count'] - 1); + shop_update_row_count($dbid, $tkr); + } else if ($tickets[0]['count'] == 1) { // Delete record + shop_delete_row_order($dbid); + $tks--; + } + + // Change character gender: + // + user_character_change_gender($char_name); + echo 'You have successfully changed gender on character '. $char_name .'.'; + if ($tks > 0) echo '
    You have '. $tks .' gender change tickets left.'; + else if ($infinite !== true) echo '
    You are out of tickets.'; + } else echo 'You don\'t have any character gender tickets, buy them in the SHOP!'; + } else echo 'Your character must be offline.'; + } +} +// end +// Change character comment PAGE1: +if (!empty($_POST['selected_comment'])) { + if (!Token::isValid($_POST['token'])) { + exit(); + } + if (user_character_account_id($_POST['selected_comment']) === $session_user_id) { + $comment_data = user_znote_character_data(user_character_id($_POST['selected_comment']), 'comment'); + ?> + +

    Change comment on:

    +
    + +
    + +
    +

    My account

    +

    Welcome to your account page,

    + +

    Character List: characters.

    + + + + + + '; + echo ''; + echo ''; + $characters[] = $value['name']; + } + ?> +
    NAMELEVELVOCATIONTOWNLAST LOGINSTATUSHIDE
    '. $value['name'] .''. $value['level'] .''. $value['vocation'] .''. $value['town_id'] .''. $value['lastlogin'] .''. $value['online'] .''. hide_char_to_name(user_character_hide($value['name'])) .'
    + +
    +
      +
    • + Character hide:
      + + + +
      • +
    +
    + +
    +
      +
    • + Character comment:
      + + + +
      • +
    +
    + +
    +
      +
    • + Change character gender:
      + + + +
      • +
    +
    + +
    +
      +
    • + Delete character:
      + + + +
      • +
    +
    + + + create one?'; + } + //Done. + } + ?> +
    + \ No newline at end of file diff --git a/onlinelist.php b/onlinelist.php new file mode 100644 index 0000000..52585aa --- /dev/null +++ b/onlinelist.php @@ -0,0 +1,31 @@ + + +

    Who is online?

    + + + + + + + + + '; + echo ''; + echo ''; + echo ''; + echo ''; + } + ?> +
    Name:Level:Vocation:
    '. $value['name'] .''. $value['level'] .''. vocation_id_to_name($value['vocation']) .'
    + + + \ No newline at end of file diff --git a/paygol_ipn.php b/paygol_ipn.php new file mode 100644 index 0000000..686e79d --- /dev/null +++ b/paygol_ipn.php @@ -0,0 +1,85 @@ + 1) { + unset($func_get_args[0]); + + $fields = '`'. implode('`, `', $func_get_args) .'`'; + $data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `accounts` WHERE `id` = $user_id;")); + return $data; + } + } + // Since only paygol.com is able to communicate with this script, we will blindly trust them until proven othervise. + if ($service_id == $paygol['serviceID']) { + $new_points = (int)$paygol['points']; + + $data = user_data($custom, 'name'); + if ($data['name']) { + // Sanitize all data: (ok, we do not completely trust them blindly. D:) + $message_id = sanitize($message_id); + $service_id = sanitize($service_id); + $shortcode = sanitize($shortcode); + $keyword = sanitize($keyword); + $message = sanitize($message); + $sender = sanitize($sender); + $operator = sanitize($operator); + $country = sanitize($country); + $custom = sanitize($custom); + $points = sanitize($points); + $price = sanitize($price); + $currency = sanitize($currency); + + // Update logs: + $log_query = mysql_query("INSERT INTO `znote_paygol` VALUES ('', '$custom', '$price', '$new_points', '$message_id', '$service_id', '$shortcode', '$keyword', '$message', '$sender', '$operator', '$country', '$currency')")or die("Log paygol SQL ERROR"); + + // Give points to user + $old_points = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$custom';"), 0, 'points'); + echo 'Custom: '. $custom .'
    '; + echo "Query: SELECT `points` FROM `znote_accounts` WHERE `account_id`='$custom';
    "; + echo 'Old points: '. $old_points .'
    '; + $new_points += $old_points; + echo 'New points: '. $new_points .'
    '; + $update_account = mysql_query("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$custom'")or die(mysql_error()); + echo 'Account id 2 shold be updated now!'; + + } else echo ' character data false'; + + } else echo 'service id wrong'; +?> \ No newline at end of file diff --git a/protected.php b/protected.php new file mode 100644 index 0000000..fe14e7b --- /dev/null +++ b/protected.php @@ -0,0 +1,20 @@ + + +

    STOP!

    +

    Ummh... Why are you sniffing around here?

    + + + +

    Sorry, you need to be logged in to do that!

    +

    Please register or log in.

    + + \ No newline at end of file diff --git a/queststatus.php b/queststatus.php new file mode 100644 index 0000000..30bab2a --- /dev/null +++ b/queststatus.php @@ -0,0 +1,54 @@ + + [Completed]'; + $notstarted = ''; + function Progress($min, $max, $design = '[x%]') { + $design = explode("x%",$design); + $percent = ($min / $max) * 100; + return $design[0] . $percent . $design[1]; + } + $quests = array( + // Simple quests + 'Bearslayer' => 1050, + 'Sword Quest' => 1337, + + // Advanced quest with progress par: + 'Postman Quest' => array( + 1338, + 3, + ), + ); + ?> + + + + + $quest) { + + // Is quest NOT an array (advanced quest?) + if (!is_array($quest)) { + // Query to find quest results + $query = mysql_select_single("SELECT `value` FROM `player_storage` WHERE `key`='$quest' AND `player_id`='$user_id' AND `value`='1' LIMIT 1;"); + + if ($query !== false) $quest = $completed; + else $quest = $notstarted; + + } else { + $query = mysql_select_single("SELECT `value` FROM `player_storage` WHERE `key`='".$quest[0]."' AND `player_id`='$user_id' AND `value`>'0' LIMIT 1;"); + if (!$query) $quest = $notstarted; + else { + if ($query['value'] >= $quest[1]) $quest = $completed; + else $quest = Progress($query['value'], $quest[1]); + } + } + ?> + + + + + +
    Quest NameStatus
    \ No newline at end of file diff --git a/recovery.php b/recovery.php new file mode 100644 index 0000000..d07541b --- /dev/null +++ b/recovery.php @@ -0,0 +1,92 @@ + + +

    Account Recovery

    + + + +
    + +
    + + + + \ No newline at end of file diff --git a/register.php b/register.php new file mode 100644 index 0000000..4072c97 --- /dev/null +++ b/register.php @@ -0,0 +1,171 @@ +$value) { + if (empty($value) && in_array($key, $required_fields) === true) { + $errors[] = 'You need to fill in all fields.'; + break 1; + } + } + + // check errors (= user exist, pass long enough + if (empty($errors) === true) { + /* Token used for cross site scripting security */ + if (!Token::isValid($_POST['token'])) { + $errors[] = 'Token is invalid.'; + } + + if ($config['use_captcha']) { + include_once 'captcha/securimage.php'; + $securimage = new Securimage(); + if ($securimage->check($_POST['captcha_code']) == false) { + $errors[] = 'Captcha image verification was submitted wrong.'; + } + } + + if (user_exist($_POST['username']) === true) { + $errors[] = 'Sorry, that username already exist.'; + } + + // Don't allow "default admin names in config.php" access to register. + $isNoob = in_array(strtolower($_POST['username']), $config['page_admin_access']) ? true : false; + if ($isNoob) { + $errors[] = 'This account name is blocked for registration.'; + } + if (strtolower($_POST['username']) === true) { + $errors[] = 'Sorry, that username already exist.'; + } + if (preg_match("/^[a-zA-Z0-9]+$/", $_POST['username']) == false) { + $errors[] = 'Your account name can only contain characters a-z, A-Z and 0-9.'; + } + // name restriction + $resname = explode(" ", $_POST['username']); + foreach($resname as $res) { + if(in_array(strtolower($res), $config['invalidNameTags'])) { + $errors[] = 'Your username contains a restricted word.'; + } + else if(strlen($res) == 1) { + $errors[] = 'Too short words in your name.'; + } + } + // end name restriction + if (strlen($_POST['password']) < 6) { + $errors[] = 'Your password must be at least 6 characters.'; + } + if (strlen($_POST['password']) > 33) { + $errors[] = 'Your password must be less than 33 characters.'; + } + if ($_POST['password'] !== $_POST['password_again']) { + $errors[] = 'Your passwords do not match.'; + } + if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) { + $errors[] = 'A valid email address is required.'; + } + if (user_email_exist($_POST['email']) === true) { + $errors[] = 'That email address is already in use.'; + } + if ($_POST['selected'] != 1) { + $errors[] = 'You are only allowed to have an account if you accept the rules.'; + } + if (validate_ip(getIP()) === false && $config['validate_IP'] === true) { + $errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).'; + } + } +} + +?> +

    Register Account

    + $_POST['username'], + 'password' => $_POST['password'], + 'email' => $_POST['email'], + 'ip' => ip2long(getIP()), + 'created' => time() + ); + + user_create_account($register_data); + header('Location: register.php?success'); + exit(); + //End register + + } else if (empty($errors) === false){ + echo ''; + echo output_errors($errors); + echo ''; + } +?> +
    + +
    + \ No newline at end of file diff --git a/serverinfo.php b/serverinfo.php new file mode 100644 index 0000000..25a4bd5 --- /dev/null +++ b/serverinfo.php @@ -0,0 +1,6 @@ + + +

    Server Information

    +

    Edit this page for server information.

    + + \ No newline at end of file diff --git a/settings.php b/settings.php new file mode 100644 index 0000000..82c6e81 --- /dev/null +++ b/settings.php @@ -0,0 +1,69 @@ +$value) { + if (empty($value) && in_array($key, $required_fields) === true) { + $errors[] = 'You need to fill in all fields.'; + break 1; + } + } + + if (empty($errors) === true) { + if (filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL) === false) { + $errors[] = 'A valid email address is required.'; + } else if (user_email_exist($_POST['new_email']) === true && $user_data['email'] !== $_POST['new_email']) { + $errors[] = 'That email address is already in use.'; + } + } + + print_r($errors); +} +?> +

    Settings

    + + $_POST['new_email'], + ); + + user_update_account($update_data); + header('Location: settings.php?success'); + exit(); + + } else if (empty($errors) === false) { + echo output_errors($errors); + } + ?> + +
    + +
    + \ No newline at end of file diff --git a/shop.php b/shop.php new file mode 100644 index 0000000..518a079 --- /dev/null +++ b/shop.php @@ -0,0 +1,129 @@ + $value) { + if ($key === $post) { + $buy = $value; + } + } + if ($buy === false) die("Error: Shop offer ID mismatch."); + + // Verify that user can afford this offer. + if ($player_points >= $buy['points']) { + $old_points = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$cid';"), 0, 'points'); + if ((int)$old_points != (int)$player_points) die("1: Failed to equalize your points."); + // Remove points if they can afford + // Give points to user + $expense_points = $buy['points']; + $new_points = $old_points - $expense_points; + $update_account = mysql_query("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$cid'"); + + $verify = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$cid';"), 0, 'points'); + if ((int)$old_points == (int)$verify) die("2: Failed to equalize your points.". var_dump((int)$old_points, (int)$verify, $new_points, $expense_points)); + + // Do the magic (insert into db, or change sex etc) + // If type is 2 or 3 + if ($buy['type'] == 2) { + // Add premium days to account + user_account_add_premdays($cid, $buy['count']); + echo 'You now have '.$buy['count'].' additional days of premium membership.'; + } else if ($buy['type'] == 3) { + // Character sex + mysql_query("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('$cid', '". $buy['type'] ."', '". $buy['itemid'] ."', '". $buy['count'] ."', '$time')") or die(mysql_error()); + echo 'You now have access to change character gender on your characters. Visit My Account to select character and change the gender.'; + } else { + mysql_query("INSERT INTO `znote_shop_orders` (`account_id`, `type`, `itemid`, `count`, `time`) VALUES ('$cid', '". $buy['type'] ."', '". $buy['itemid'] ."', '". $buy['count'] ."', '$time')") or die(mysql_error()); + echo 'Your order is ready to be delivered. Write this command in-game to get it: [!shop].
    Make sure you are in depot and can carry it before executing the command!    '; + } + + // No matter which type, we will always log it. + mysql_query("INSERT INTO `znote_shop_logs` (`account_id`, `player_id`, `type`, `itemid`, `count`, `points`, `time`) VALUES ('$cid', '0', '". $buy['type'] ."', '". $buy['itemid'] ."', '". $buy['count'] ."', '". $buy['points'] ."', '$time')") or die(mysql_error()); + + } else echo 'You need more points, this offer cost '.$buy['points'].' points.'; + //var_dump($buy); + //echo ''. $_POST['buy'] .''; +} + +if ($shop['enabled']) { +?> + +

    Shop Offers

    += $buy['points']) { + ?>You have points. (Buy points).You have points. (Buy points).You have points. (Buy points). +

    Interested in buying characters? View the character auction page!

    + + + + + + + + + + $offers) { + echo ''; + echo ''; + if ($config['shop']['showImage']) echo ''; + if ($offers['type'] == 2) echo ''; + else if ($offers['type'] == 3 && $offers['count'] == 0) echo ''; + else echo ''; + echo ''; + echo ''; + } + ?> +
    Describtion:Image:Count/duration:Points:Action:
    '. $offers['describtion'] .'img'. $offers['count'] .' DaysUnlimited'. $offers['count'] .'x'. $offers['points'] .''; + ?> +
    + + +
    + '; + echo '
    + + + + +Buy Points system disabled.

    Sorry, this functionality is disabled.

    '; +include 'layout/overall/footer.php'; ?> + diff --git a/sub.php b/sub.php new file mode 100644 index 0000000..535469c --- /dev/null +++ b/sub.php @@ -0,0 +1,6 @@ +System disabled.

    The sub page system is disabled.

    '; + +include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/success.php b/success.php new file mode 100644 index 0000000..15ed4df --- /dev/null +++ b/success.php @@ -0,0 +1,3 @@ + +

    Success!

    + \ No newline at end of file diff --git a/support.php b/support.php new file mode 100644 index 0000000..8693444 --- /dev/null +++ b/support.php @@ -0,0 +1,52 @@ +

    Support in-game

    hasExpired()) { + // Fetch all staffs in-game. + $staffs = support_list(); + // Fetch group ids and names from config.php + $groups = $config['ingame_positions']; + // Loops through groups, separating each group element into an ID variable and name variable + foreach ($groups as $group_id => $group_name) { + // Loops through list of staffs + if (!empty($staffs)) + foreach ($staffs as $staff) { + if ($staff['group_id'] == $group_id) $srtGrp[$group_name][] = $staff; + } + } + if (!empty($srtGrp)) { + $cache->setContent($srtGrp); + $cache->save(); + } +} else { + $srtGrp = $cache->load(); +} +$writeHeader = true; +if (!empty($srtGrp)) { + foreach (array_reverse($srtGrp) as $grpName => $grpList) { + ?> + + + + + + + + '; + echo ""; + echo ''; + echo ""; + echo ''; + } + } + ?> +
    GroupNameStatus
    ". $grpName ."'. $char['name'] .'". online_id_to_name($char['online']) ."
    + '; include 'layout/overall/footer.php'; ?> \ No newline at end of file diff --git a/twtrNews.php b/twtrNews.php new file mode 100644 index 0000000..eb7103e --- /dev/null +++ b/twtrNews.php @@ -0,0 +1,10 @@ +Tweets from @ZnoteAAC +