├── crons ├── index.php ├── cron_hour.php ├── cron_minute.php ├── cron_fivemins.php └── cron_day.php ├── ipbans └── index.htm ├── logo.gif ├── logo.png ├── banner.jpg ├── banner1.jpg ├── bargreen.gif ├── barred.gif ├── composer.json ├── donator.gif ├── app.json ├── mysql.php ├── admin.news ├── jailuser.php ├── mailban.php ├── ad.php ├── logout.php ├── css └── game.css ├── page_loader.php ├── composer.lock ├── challenges ├── challenge_6.md ├── challenge_5.md ├── challenge_4.md ├── challenge_3.md ├── challenge_1.md └── challenge_2.md ├── generalpage.php ├── setup_mysql.php ├── loggedin.php ├── voting.php ├── search.php ├── monopaper.php ├── votetrpg.php ├── donatordone.php ├── oclog.php ├── votetwg.php ├── hospital.php ├── criminal.php ├── searchname.php ├── usersonline.php ├── preferences_c5_changepic.php ├── staffnotes.php ├── README.md ├── willpdone.php ├── preport.php ├── events.php ├── attacklost.php ├── authenticate.php ├── login.php ├── iteminfo.php ├── fedjail.php ├── dlarchive.php ├── battletent.php ├── index.php ├── itembuy.php ├── docrime.php ├── inventory.php ├── monorail.php ├── imadd.php ├── gamerules.php ├── explore.php ├── willpotion.php ├── estate.php ├── userlist.php ├── shops.php ├── attackhosp.php ├── js └── login.js ├── roulette.php ├── slotsmachine.php ├── attackwon.php ├── number.php ├── itemsell.php ├── education.php ├── advsearch.php ├── attackleave.php ├── itemuse.php ├── gym.php ├── attackmug.php ├── stats.php ├── sendcash.php ├── itemsend.php ├── hirespy.php ├── crystaltemple.php ├── bank.php ├── register.php ├── cyberbank.php ├── slotsmachine3.php ├── stafflist.php ├── slotsmachine2.php ├── header.php ├── preferences_c5.php ├── cmarket.php └── mainmenu.php /crons/index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ipbans/index.htm: -------------------------------------------------------------------------------- 1 | 403 Error
2 | Not allowed to access this page -------------------------------------------------------------------------------- /logo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/logo.gif -------------------------------------------------------------------------------- /logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/logo.png -------------------------------------------------------------------------------- /banner.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/banner.jpg -------------------------------------------------------------------------------- /banner1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/banner1.jpg -------------------------------------------------------------------------------- /bargreen.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/bargreen.gif -------------------------------------------------------------------------------- /barred.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/barred.gif -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "require": { 3 | "ext-mysql": "*", 4 | "ext-mbstring":"*" 5 | } 6 | } -------------------------------------------------------------------------------- /donator.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/breakthenet/HackMe-File-Upload-Challenges/master/donator.gif -------------------------------------------------------------------------------- /app.json: -------------------------------------------------------------------------------- 1 | { 2 | "addons": [ 3 | "papertrail", 4 | "cleardb" 5 | ], 6 | "success_url": "/login.php", 7 | "scripts": { 8 | "postdeploy": "php setup_mysql.php" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /mysql.php: -------------------------------------------------------------------------------- 1 | 1) If you are confused with something, please mail id :1
2 | 2) If you use your powers to cheat. You will get fedjailed for long time. There will be no second chances.
3 | 3) IP : 127.0.0.1 is standard, if you see with ip 127.0.0.1, it doesn't mean they have multis.
4 |
-------------------------------------------------------------------------------- /jailuser.php: -------------------------------------------------------------------------------- 1 | 0) 9 | { 10 | header("Location: " . mysql_result($q, 0, 0)); 11 | } 12 | else 13 | { 14 | die("Invalid ad."); 15 | } 16 | -------------------------------------------------------------------------------- /crons/cron_minute.php: -------------------------------------------------------------------------------- 1 | 0", $c); 17 | 18 | -------------------------------------------------------------------------------- /logout.php: -------------------------------------------------------------------------------- 1 | "; 10 | require "mysql.php"; 11 | global $c; 12 | mysql_query("UPDATE users SET exp=0 WHERE userid=$sessid", $c); 13 | $_SESSION['attacking'] == 0; 14 | session_unset(); 15 | session_destroy(); 16 | die("Continue login..."); 17 | } 18 | session_unset(); 19 | session_destroy(); 20 | header("Location: login.php"); 21 | 22 | -------------------------------------------------------------------------------- /css/game.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | 3 | body { 4 | font-family: helvetica, arial, geneva, sans-serif; 5 | font-size: 9pt; 6 | color: black; 7 | scrollbar-base-color: #005B70; 8 | scrollbar-arrow-color: #F3960B; 9 | scrollbar-DarkShadow-Color: #000000; 10 | } 11 | 12 | a:visited,a:active,a:hover,a:link { 13 | color: black; 14 | text-decoration: none; 15 | } 16 | 17 | table,tr,td { 18 | font-family: helvetica, arial, geneva, sans-serif; 19 | font-size: 9pt; 20 | } 21 | 22 | img { 23 | border: none; 24 | } 25 | 26 | textarea { 27 | font-family: helvetica, arial, geneva, sans-serif; 28 | font-size: 9pt; 29 | color: black; 30 | } -------------------------------------------------------------------------------- /page_loader.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $h->endpage(); 28 | -------------------------------------------------------------------------------- /setup_mysql.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i:s a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print 28 | "

You have logged on, {$ir['username']}!

29 |

Welcome back, your last visit was: $lv.

"; 30 | $q = mysql_query("SELECT * FROM papercontent LIMIT 1", $c); 31 | $content = mysql_result($q, 0, 0); 32 | print "breakthenet Latest News:
33 | $content 34 | "; 35 | $h->endpage(); 36 | -------------------------------------------------------------------------------- /voting.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print 28 | "

Voting

29 | Here you may vote for breakthenet at various RPG toplists and be rewarded.
30 | Vote at APEX (no reward)
31 | Vote at TWG (20% energy restore)
32 | Vote at TOPRPG (\$300)"; 33 | 34 | $h->endpage(); 35 | -------------------------------------------------------------------------------- /crons/cron_fivemins.php: -------------------------------------------------------------------------------- 1 | 0"; 33 | mysql_query($en_nd_query, $c); 34 | mysql_query($en_don_query, $c); 35 | -------------------------------------------------------------------------------- /search.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print 28 | "

Search

29 | Search by Name
30 |
31 |
32 | Search by ID
33 |
34 |
"; 35 | $h->endpage(); 36 | -------------------------------------------------------------------------------- /monopaper.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

The MonoPaper

"; 28 | $q = mysql_query("SELECT * FROM papercontent LIMIT 1", $c); 29 | $content = mysql_result($q, 0, 0); 30 | print 31 | " 32 |
  LOCAL GYM HALL OF FAME
Ad$content
"; 33 | $h->endpage(); 34 | -------------------------------------------------------------------------------- /challenges/challenge_5.md: -------------------------------------------------------------------------------- 1 | # file-upload Challenge 5 2 | 3 | ---------------------- 4 | 5 | ... 6 | 7 | Ok, I will cease listening to users - can't trust them. I dropped support for the "1337" extension - and to be safe, I quarantined the preferences in an iframe (I heard iframes can help contain hackers). You'll have to be more creative if you want to get past my code now! 8 | 9 | The new code is available in game, you'll see it in the menu on the left with the title "Preferences: Challenge 5". 10 | 11 | -Breakthenet Game Owner 12 | 13 | ---------------------- 14 | 15 | Stuck? 16 | ---------------------- 17 |
18 | Click for hint 1 19 | His iframe idea was both a bad idea and poorly coded, and merits investigation. 20 |
21 | 22 |
23 | Click for hint 2 24 | Does the include() php function care what the extension of the file is? 25 |
26 | 27 |
28 | Click for hint 3 29 | This challenge is two-part. Part 1 is getting your code to a local file on his server (with an image extension). Part 2 is using the local file inclusion vulnerability to load in your 'image' as though it was code. 30 |
31 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /challenges/challenge_4.md: -------------------------------------------------------------------------------- 1 | # file-upload Challenge 4 2 | 3 | ---------------------- 4 | 5 | This is driving me nuts - the arcane knowledge required for your last trick is ridiculous. 6 | 7 | I noticed a trend in all your exploits though. You required the file to end with .php to get your code to run. I'm going to go back to my file extension checker and just fix that up to ONLY check the last extension on a file. I also got a request in my forums to support an obscure image format called "1337", so I'm adding that to the whitelist. 8 | 9 | The new code is available in game, you'll see it in the menu on the left with the title "Preferences: Challenge 4". 10 | 11 | Thanks again for your help! 12 | 13 | -Breakthenet Game Owner 14 | 15 | ---------------------- 16 | 17 | Stuck? 18 | ---------------------- 19 |
20 | Click for hint 1 21 | 1337...? Wth? What is that an extension for? 22 |
23 | 24 |
25 | Click for hint 2 26 | How does apache handle files with multiple file extensions? 27 |
28 | 29 |
30 | Click for major hint 3 31 | Apache uses last known extension if multiple extensions present 32 |
33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /votetrpg.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $q = 26 | mysql_query( 27 | "SELECT * FROM votes WHERE userid=$userid AND list='trpg'", 28 | $c); 29 | if (mysql_num_rows($q)) 30 | { 31 | $h->startheaders(); 32 | $h->userdata($ir, $lv, $fm, $cm); 33 | $h->menuarea(); 34 | print "You have already voted at TOPRPG today!"; 35 | $h->endpage(); 36 | } 37 | else 38 | { 39 | mysql_query("INSERT INTO votes values ($userid,'trpg')", $c); 40 | mysql_query("UPDATE users SET money=money+300 WHERE userid=$userid", $c); 41 | header("Location:http://www.toprpgames.com/vote.php?idno=757"); 42 | exit; 43 | } 44 | -------------------------------------------------------------------------------- /donatordone.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($_GET['action'] == "cancel") 28 | { 29 | print "You have cancelled your donation. Please donate later..."; 30 | } 31 | else if ($_GET['action'] == "done") 32 | { 33 | if (!$_GET['tx']) 34 | { 35 | die("Get a life."); 36 | } 37 | mysql_query( 38 | "INSERT INTO dps_process VALUES(NULL,$userid," . time() 39 | . ",'{$_GET['type']}');", $c); 40 | print 41 | "Your donation has been processed. An admin will check it and you should be credited in about 24-48 hours."; 42 | } 43 | $h->endpage(); 44 | -------------------------------------------------------------------------------- /oclog.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | if (!$_GET['ID']) 29 | { 30 | die("Incorrect usage of file."); 31 | } 32 | $q = mysql_query("SELECT * FROM oclogs WHERE oclID={$_GET['ID']}", $c); 33 | $r = mysql_fetch_array($q); 34 | print 35 | "Here is the detailed view on this crime.
36 | Crime: {$r['ocCRIMEN']}
37 | Time Executed: " . date('F j, Y, g:i:s a', $r['ocTIME']) 38 | . "
39 | {$r['oclLOG']}

40 | Result: {$r['oclRESULT']}
41 | Money Made: \${$r['oclMONEY']}"; 42 | $h->endpage(); 43 | -------------------------------------------------------------------------------- /challenges/challenge_3.md: -------------------------------------------------------------------------------- 1 | # file-upload Challenge 3 2 | 3 | ---------------------- 4 | 5 | Geez. This is harder than I thought. Ok, based on your advice I dropped the client-side mime type validation and am trying something new. 6 | 7 | The code should now actually validate that what is being uploaded is a real image, with real dimensions and real mime-types. 8 | 9 | There's no way you should be able to bust past this one. 10 | 11 | It's available in game, you'll see it in the menu on the left with the title "Preferences: Challenge 3". 12 | 13 | Thanks again for your help! 14 | 15 | -Breakthenet Game Owner 16 | 17 | ---------------------- 18 | 19 | Stuck? 20 | ---------------------- 21 |
22 | Click for hint 1 23 | You must upload a valid image on this one (no way to get around that). 24 |
25 | 26 |
27 | Click for hint 2 28 | PHP ignores anything outside of the tags. 29 |
30 | 31 |
32 | Click for hint 3 33 | You can actually insert a comment inside a GIF, which anything processing that GIF ignores. That comment could be anything... it could even have characters like < and ? in it. [GIMP, a free software for manipulating images, will allow you to insert comments in gifs.](http://s116.photobucket.com/user/bayououtdoor/media/gifcomment.gif.html) 34 |
35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /votetwg.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $q = 26 | mysql_query( 27 | "SELECT * FROM votes WHERE userid=$userid AND list='twg'", $c); 28 | if (mysql_num_rows($q)) 29 | { 30 | $h->startheaders(); 31 | $h->userdata($ir, $lv, $fm, $cm); 32 | $h->menuarea(); 33 | print "You have already voted at TWG today!"; 34 | $h->endpage(); 35 | } 36 | else 37 | { 38 | mysql_query("INSERT INTO votes values ($userid,'twg')", $c); 39 | mysql_query( 40 | "UPDATE users SET energy=energy+maxenergy/5 WHERE userid=$userid", 41 | $c); 42 | mysql_query("UPDATE users SET energy=maxenergy WHERE energy>maxenergy", $c); 43 | header("Location:http://www.topwebgames.com/in.asp?id=3341"); 44 | exit; 45 | } 46 | -------------------------------------------------------------------------------- /hospital.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print 28 | "

Hospital

29 | Level"; 30 | $q = 31 | mysql_query( 32 | "SELECT u.*,c.* FROM users u WHERE u.hospital > 0 ORDER BY u.hospital DESC", 33 | $c); 34 | while ($r = mysql_fetch_array($q)) 35 | { 36 | print 37 | "\n"; 39 | } 40 | print "
IDName TimeReason
{$r['userid']}{$r['username']} [{$r['userid']}] 38 | {$r['level']}{$r['hospital']} minutes{$r['hospreason']}
"; 41 | $h->endpage(); 42 | -------------------------------------------------------------------------------- /criminal.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $q = mysql_query("SELECT * FROM crimegroups ORDER by cgORDER ASC", $c); 28 | print 29 | "Criminal Centre
30 | "; 31 | while ($r = mysql_fetch_array($q)) 32 | { 33 | print 34 | ""; 35 | $q2 = 36 | mysql_query("SELECT * FROM crimes WHERE crimeGROUP={$r['cgID']}", 37 | $c); 38 | while ($r2 = mysql_fetch_array($q2)) 39 | { 40 | print 41 | ""; 42 | } 43 | } 44 | $h->endpage(); 45 | -------------------------------------------------------------------------------- /challenges/challenge_1.md: -------------------------------------------------------------------------------- 1 | # file-upload Challenge 1 2 | 3 | ---------------------- 4 | 5 | All players in my game have a profile pic. Currently, they have to stick in a url to some outside image hosting source for that pic - which I've gotten many complaints about. My players want to know why they can't just upload the images straight in my game. 6 | 7 | I've been experimenting with a feature to allow this, but before launching it, was hoping you could help me out by testing to see if it is secure. Could you see if you can do anything malicious with it? 8 | 9 | It's available in game, you'll see it in the menu on the left with the title "Preferences: Challenge 1". 10 | 11 | After uploading an image, you can click "My Profile" in the menu on the left to see it (perhaps right click it if it's a broken image, and click open image in new tab). 12 | 13 | -Breakthenet Game Owner 14 | 15 | ---------------------- 16 | 17 | Stuck? 18 | ---------------------- 19 |
20 | Click for hint 1 21 | This is not a black box challenge, you can look in the source code for clues if you get stuck! The particular code you are looking for is [here](https://github.com/breakthenet/file-upload-exercises/blob/master/preferences_c1.php#L213-L245). 22 |
23 | 24 |
25 | Click for hint 2 26 | What does the strpos function in php actually search for? 27 |
28 | 29 |
30 | Click for hint 3 31 | Is it possible to have multiple extensions on a file (chained together?) 32 |
33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /searchname.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | //search name 28 | if (!$_GET['name']) 29 | { 30 | print "Invalid use of file"; 31 | } 32 | else 33 | { 34 | $namebit = mysql_real_escape_string(stripslashes($_GET['name']), $c); 35 | $q = 36 | mysql_query( 37 | "SELECT * FROM users WHERE username LIKE ('%{$namebit}%')", 38 | $c); 39 | print 40 | mysql_num_rows($q) 41 | . " players found.
42 |
CrimeCostDo
{$r['cgNAME']}
{$r2['crimeNAME']}{$r2['crimeBRAVE']} BraveDo
"; 43 | while ($r = mysql_fetch_array($q)) 44 | { 45 | print 46 | ""; 47 | } 48 | print "
UserLevelMoney
{$r['username']}{$r['level']}\${$r['money']}
"; 49 | } 50 | $h->endpage(); 51 | -------------------------------------------------------------------------------- /usersonline.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

Users Online

"; 28 | $cn = 0; 29 | $q = 30 | mysql_query( 31 | "SELECT * FROM users WHERE laston>" . (time() - 900) 32 | . " ORDER BY laston DESC", $c); 33 | while ($r = mysql_fetch_array($q)) 34 | { 35 | $la = time() - $r['laston']; 36 | $unit = "secs"; 37 | if ($la >= 60) 38 | { 39 | $la = (int) ($la / 60); 40 | $unit = "mins"; 41 | } 42 | if ($la >= 60) 43 | { 44 | $la = (int) ($la / 60); 45 | $unit = "hours"; 46 | if ($la >= 24) 47 | { 48 | $la = (int) ($la / 24); 49 | $unit = "days"; 50 | } 51 | } 52 | $cn++; 53 | print 54 | "$cn. {$r['username']} ($la $unit)
"; 55 | } 56 | $h->endpage(); 57 | -------------------------------------------------------------------------------- /preferences_c5_changepic.php: -------------------------------------------------------------------------------- 1 | 11 | > Go Back'; 12 | die(); 13 | } 14 | 15 | $local_file_path = basename($_FILES['uploadedfile']['name']); 16 | 17 | if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $local_file_path)) { 18 | echo "File uploaded successfully.

"; 19 | } 20 | else 21 | { 22 | echo 'Valid file upload, but server-side error while attempting to save file.
23 | > Go Back'; 24 | die(); 25 | } 26 | 27 | $esc_npic = 28 | mysql_real_escape_string( 29 | htmlentities($local_file_path, ENT_QUOTES, 'ISO-8859-1'), $c); 30 | mysql_query( 31 | "UPDATE users SET display_pic='{$esc_npic}' WHERE userid=$userid", 32 | $c); 33 | print "Pic changed!"; 34 | } 35 | else { 36 | print 37 | '

Pic Change

38 |
39 | New Pic:
40 | 41 |
'; 42 | } 43 | -------------------------------------------------------------------------------- /staffnotes.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) 28 | { 29 | $q = 30 | mysql_query( 31 | "SELECT staffnotes FROM users WHERE userid={$_POST['ID']}", 32 | $c); 33 | $old = mysql_real_escape_string(mysql_result($q, 0, 0), $c); 34 | $new = mysql_real_escape_string(stripslashes($_POST['staffnotes']), $c); 35 | mysql_query( 36 | "UPDATE users SET staffnotes='{$new}' WHERE userid='{$_POST['ID']}'", 37 | $c); 38 | mysql_query( 39 | "INSERT INTO staffnotelogs VALUES(NULL, $userid, {$_POST['ID']}, " 40 | . time() . ", '$old', '{$new}')", $c); 41 | print 42 | "User notes updated!
43 | > Back To Profile"; 44 | } 45 | else 46 | { 47 | print "You violent scum."; 48 | } 49 | $h->endpage(); 50 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # File Upload Challenges 2 | 3 | These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL) 4 | 5 | Deploy to your own Heroku instance with this button below, then complete the challenges! 6 | 7 | [![Deploy](https://www.herokucdn.com/deploy/button.png)](https://heroku.com/deploy) 8 | 9 | For each challenge, you have 'beat' it if you can successfully get php code you wrote to run on the server. A quick and easy test script would look like this: 10 | 11 | Challenges: 12 | ---------------------- 13 | 14 | [Challenge 1](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_1.md): File extension validation 15 | 16 | [Challenge 2](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_2.md): Mime types client-side 17 | 18 | [Challenge 3](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_3.md): Mime types & image validation server-side 19 | 20 | [Challenge 4](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_4.md): More strict file extension validation 21 | 22 | [Challenge 5](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_5.md): Combo attack with local file inclusion 23 | 24 | [Challenge 6](https://github.com/breakthenet/file-upload-exercises/blob/master/challenges/challenge_6.md): Seeing what's possible with file upload (such as php web shells). 25 | 26 | 27 | ---------------------- 28 | 29 | Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs. 30 | -------------------------------------------------------------------------------- /willpdone.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($_GET['action'] == "cancel") 28 | { 29 | print "You have cancelled your donation. Please donate later..."; 30 | } 31 | else if ($_GET['action'] == "done") 32 | { 33 | if (!$_GET['tx']) 34 | { 35 | die("Get a life."); 36 | } 37 | $quantity = 38 | mysql_real_escape_string(stripslashes($_GET['quantity']), $c); 39 | mysql_query( 40 | "INSERT INTO willplogs VALUES(NULL,$userid," . time() 41 | . ",'{$quantity}');", $c); 42 | if ($_GET['quantity'] == 'one') 43 | { 44 | $q = 1; 45 | } 46 | else if ($_GET['quantity'] == 'five') 47 | { 48 | $q = 5; 49 | } 50 | else 51 | { 52 | echo 'Stop cheating!'; 53 | $h->endpage(); 54 | exit; 55 | } 56 | mysql_query("INSERT INTO inventory VALUES(NULL,34,$userid,$q)", $c); 57 | print 58 | "Your will potions have been credited, if you are cheating, we will jail you."; 59 | } 60 | $h->endpage(); 61 | -------------------------------------------------------------------------------- /preport.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($_POST['report']) 28 | { 29 | $_POST['player'] = abs((int) $_POST['player']); 30 | $ins_report = 31 | mysql_real_escape_string(stripslashes($_POST['report']), $c); 32 | mysql_query( 33 | "INSERT INTO preports VALUES(NULL,$userid,{$_POST['player']},'{$ins_report}')", 34 | $c) 35 | or die( 36 | "Your report could not be processed, make sure you have filled out the form entirely."); 37 | print "Report processed!"; 38 | } 39 | else 40 | { 41 | print 42 | "

Player Report

43 | Know of a player that's breaking the rules? Don't hesitate to report them. Reports are kept confidential.
44 |
45 | Player's ID:
46 | What they've done:
47 |
48 |
"; 49 | } 50 | $h->endpage(); 51 | -------------------------------------------------------------------------------- /events.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | $ir['exp_needed'] = ($ir['level'] + 1) * ($ir['level'] + 1) * ($ir['level'] 22 | + 1); 23 | check_level(); 24 | $fm = money_formatter($ir['money']); 25 | $cm = money_formatter($ir['crystals'], ''); 26 | $lv = date('F j, Y, g:i a', $ir['laston']); 27 | $h->userdata($ir, $lv, $fm, $cm); 28 | $h->menuarea(); 29 | $_GET['delete'] = abs((int) $_GET['delete']); 30 | if ($_GET['delete']) 31 | { 32 | mysql_query( 33 | "DELETE FROM events WHERE evID={$_GET['delete']} AND evUSER=$userid", 34 | $c); 35 | print "Event Deleted
"; 36 | } 37 | print "Latest 10 events
"; 38 | $q = 39 | mysql_query( 40 | "SELECT * FROM events WHERE evUSER=$userid ORDER BY evTIME DESC LIMIT 10;", 41 | $c); 42 | print 43 | ""; 44 | while ($r = mysql_fetch_array($q)) 45 | { 46 | print ""; 53 | } 54 | print "
Time EventLinks
" . date('F j Y, g:i:s a', $r['evTIME']); 47 | if (!$r['evREAD']) 48 | { 49 | print "
New!"; 50 | } 51 | print 52 | "		{$r['evTEXT']}Delete
"; 55 | mysql_query("UPDATE events SET evREAD=1 WHERE evUSER=$userid", $c); 56 | $h->endpage(); 57 | -------------------------------------------------------------------------------- /attacklost.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm, 0); 26 | $h->menuarea(); 27 | 28 | $_GET['ID'] == abs((int) $_GET['ID']); 29 | $_SESSION['attacking'] = 0; 30 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 31 | if (mysql_num_rows($od)) 32 | { 33 | $_SESSION['attacklost'] = 0; 34 | $r = mysql_fetch_array($od); 35 | print "You lost to {$r['username']}"; 36 | $expgain = abs(($ir['level'] - $r['level']) ^ 3); 37 | $expgainp = $expgain / $ir['exp_needed'] * 100; 38 | print " and lost $expgainp% EXP!"; 39 | mysql_query( 40 | "UPDATE users SET exp=exp-$expgain,hospital=40+(rand()*20),hospreason='Lost to {$r['username']}' WHERE userid=$userid", 41 | $c); 42 | mysql_query("UPDATE users SET exp=0 WHERE exp<0", $c); 43 | event_add($r['userid'], 44 | "{$ir['username']} attacked you and lost.", 45 | $c); 46 | $atklog = mysql_escape_string($_SESSION['attacklog']); 47 | mysql_query( 48 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'lost'," 49 | . time() . ",0,'$atklog');", $c); 50 | } 51 | else 52 | { 53 | print "You lost to Mr. Non-existant! =O"; 54 | } 55 | $h->endpage(); 56 | -------------------------------------------------------------------------------- /authenticate.php: -------------------------------------------------------------------------------- 1 | breakthenet Error 8 | You did not fill in the login form!
9 | > Back"); 10 | } 11 | include "mysql.php"; 12 | require "global_func.php"; 13 | $username = 14 | (array_key_exists('username', $_POST) && is_string($_POST['username'])) 15 | ? $_POST['username'] : ''; 16 | $password = 17 | (array_key_exists('password', $_POST) && is_string($_POST['password'])) 18 | ? $_POST['password'] : ''; 19 | if (empty($username) || empty($password)) 20 | { 21 | die( 22 | "

breakthenet Error

23 | You did not fill in the login form!
24 | > Back"); 25 | } 26 | $form_username = mysql_real_escape_string(stripslashes($username), $c); 27 | $raw_password = stripslashes($password); 28 | $uq = 29 | mysql_query( 30 | "SELECT `userid`, `userpass`, `pass_salt` 31 | FROM `users` 32 | WHERE `login_name` = '$form_username'", $c); 33 | if (mysql_num_rows($uq) == 0) 34 | { 35 | die( 36 | "

breakthenet Error

37 | Invalid username or password!
38 | > Back"); 39 | } 40 | else 41 | { 42 | $mem = mysql_fetch_assoc($uq); 43 | $login_failed = !(verify_user_password($raw_password, $mem['userpass'])); 44 | if ($login_failed) 45 | { 46 | die( 47 | "

breakthenet Error

48 | Invalid username or password!
49 | > Back"); 50 | } 51 | if ($mem['userid'] == 1 && file_exists('./installer.php')) 52 | { 53 | die( 54 | "

breakthenet Error

55 | The installer still exists! You need to delete installer.php immediately.
56 | > Back"); 57 | } 58 | session_regenerate_id(); 59 | $_SESSION['loggedin'] = 1; 60 | $_SESSION['userid'] = $mem['userid']; 61 | $loggedin_url = 'http://' . determine_game_urlbase() . '/loggedin.php'; 62 | header("Location: {$loggedin_url}"); 63 | exit; 64 | } 65 | 66 | -------------------------------------------------------------------------------- /login.php: -------------------------------------------------------------------------------- 1 | 8 | 9 | 10 | 11 | 12 | 13 | breakthenet 14 | 15 | 16 | Your Game Logo 17 | EOF; 18 | $ip = ($_SERVER['REMOTE_ADDR']); 19 | if (file_exists('ipbans/' . $ip)) 20 | { 21 | die( 22 | " 23 | Your IP has been banned, there is no way around this. 24 | 25 | "); 26 | } 27 | $year = date('Y'); 28 | print 29 | << 31 | > breakthenet Log-In 32 | 33 | 34 | 35 | 41 | 54 | 55 |
36 |
37 | About breakthenet 38 | A test environment 39 |
40 | 		42 |
43 | Login 44 |
45 | Username:
46 | Password:
47 | Remember me?
48 | Yes No 50 | 51 |
52 |
53 |

56 |

57 | REGISTER NOW! 58 |


59 |
60 | Powered by codes made by Dabomstew. Copyright © {$year} admin. 61 |
62 | 63 | 64 | EOF; 65 | -------------------------------------------------------------------------------- /iteminfo.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | //look up item 28 | $_GET['ID'] = abs((int) $_GET['ID']); 29 | $itmid = $_GET['ID']; 30 | if (!$itmid) 31 | { 32 | print "Invalid item ID"; 33 | } 34 | else 35 | { 36 | $q = 37 | mysql_query( 38 | "SELECT i.*,it.* FROM items i LEFT JOIN itemtypes it ON i.itmtype=itmtypeid WHERE i.itmid=$itmid LIMIT 1", 39 | $c); 40 | if (!mysql_num_rows($q)) 41 | { 42 | print "Invalid item ID"; 43 | } 44 | else 45 | { 46 | $id = mysql_fetch_array($q); 47 | print 48 | "
Looking up info on {$id['itmname']}
49 |
The {$id['itmname']} is a/an {$id['itmtypename']} Item - {$id['itmdesc']}

50 |
Item Info
Item Buy PriceItem Sell Price
"; 51 | if ($id['itmbuyprice']) 52 | { 53 | print money_formatter($id['itmbuyprice']); 54 | } 55 | else 56 | { 57 | print "N/A"; 58 | } 59 | print ""; 60 | if ($id['itmsellprice']) 61 | { 62 | print money_formatter($id['itmsellprice']); 63 | } 64 | else 65 | { 66 | print "N/A
"; 67 | } 68 | } 69 | } 70 | $h->endpage(); 71 | -------------------------------------------------------------------------------- /fedjail.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $q = 28 | mysql_query( 29 | "SELECT f.*,u.username,u2.username as jailer FROM fedjail f LEFT JOIN users u ON f.fed_userid=u.userid LEFT JOIN users u2 ON f.fed_jailedby=u2.userid ORDER BY f.fed_days ASC", 30 | $c); 31 | print 32 | "Federal Jail
33 | If you ever cheat the game your name will become a permanent part of this list...
34 | "; 35 | while ($r = mysql_fetch_array($q)) 36 | { 37 | print 38 | " 39 | "; 40 | } 41 | print "
WhoDaysReasonJailer
{$r['username']}{$r['fed_days']} {$r['fed_reason']}{$r['jailer']}
"; 42 | $q = 43 | mysql_query( 44 | "SELECT * FROM users WHERE mailban>0 ORDER BY mailban ASC", 45 | $c); 46 | print 47 | "Mail Bann
48 | If you ever swear or do bad things at your mail, your name will become a permanent part of this list...
49 | "; 50 | while ($r = mysql_fetch_array($q)) 51 | { 52 | print 53 | " 54 | "; 55 | } 56 | print "
WhoDaysReason
{$r['username']}{$r['mailban']} {$r['mb_reason']}
"; 57 | $h->endpage(); 58 | -------------------------------------------------------------------------------- /dlarchive.php: -------------------------------------------------------------------------------- 1 | FromSubject/Message"; 23 | $q = 24 | mysql_query( 25 | "SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC ", 26 | $c); 27 | while ($r = mysql_fetch_array($q)) 28 | { 29 | $sent = date('F j, Y, g:i:s a', $r['mail_time']); 30 | print ""; 31 | if ($r['userid']) 32 | { 33 | print "{$r['username']} [{$r['userid']}]"; 34 | } 35 | else 36 | { 37 | print "SYSTEM"; 38 | } 39 | print 40 | "\n{$r['mail_subject']}Sent at: $sent
{$r['mail_text']}"; 41 | } 42 | print ""; 43 | } 44 | else if ($_GET['a'] == 'outbox') 45 | { 46 | // We'll be outputting a PDF 47 | header('Content-type: text/html'); 48 | 49 | // It will be called downloaded.pdf 50 | header( 51 | 'Content-Disposition: attachment; filename="outbox_archive_' 52 | . $userid . '_' . time() . '.htm"'); 53 | print 54 | ""; 55 | $q = 56 | mysql_query( 57 | "SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC", 58 | $c); 59 | while ($r = mysql_fetch_array($q)) 60 | { 61 | $sent = date('F j, Y, g:i:s a', $r['mail_time']); 62 | print 63 | ""; 64 | } 65 | print "
ToSubject/Message
{$r['username']} [{$r['userid']}]{$r['mail_subject']}
Sent at: $sent
{$r['mail_text']}
"; 66 | } 67 | -------------------------------------------------------------------------------- /battletent.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($ir['location'] != 4) 28 | { 29 | print 30 | "You cannot challenge the Battle Tent because it is in the Industrial Sector."; 31 | $h->endpage(); 32 | die(""); 33 | } 34 | $bots = array(); 35 | $moneys = array(); 36 | print 37 | "

Battle Tent

38 | Welcome to the battle tent! Here you can challenge NPCs for money. 39 | "; 40 | foreach ($bots as $k => $v) 41 | { 42 | $earn = $moneys[$k]; 43 | $q = 44 | mysql_query( 45 | "SELECT u.*,c.npcid FROM users u LEFT JOIN challengesbeaten c ON c.npcid=u.userid AND c.userid=$userid WHERE u.userid=$v", 46 | $c); 47 | $r = mysql_fetch_array($q); 48 | $q = 49 | mysql_query( 50 | "SELECT count(*) FROM challengesbeaten WHERE npcid=$v", 51 | $c); 52 | $times = mysql_result($q, 0, 0); 53 | print 54 | ""; 73 | } 74 | print "
Bot NameLevelTimes OwnedReady To Be Challenged?Money WonChallenge
{$r['username']}{$r['level']}$times"; 55 | if ($r['hp'] >= $r['maxhp'] / 2) 56 | { 57 | print "Yes"; 58 | } 59 | else 60 | { 61 | print "No"; 62 | } 63 | print "$earn"; 64 | if ($r['npcid']) 65 | { 66 | print "Already"; 67 | } 68 | else 69 | { 70 | print "Challenge"; 71 | } 72 | print "
"; 75 | $h->endpage(); 76 | -------------------------------------------------------------------------------- /challenges/challenge_2.md: -------------------------------------------------------------------------------- 1 | # file-upload Challenge 2 2 | 3 | ---------------------- 4 | 5 | Ok that was a pretty serious bug you found in Challenge 1. I changed my script so instead of checking for file extension, I now check for mime type of the file. The ball is back in your court - can you get anything past my upload script now? 6 | 7 | It's available in game, you'll see it in the menu on the left with the title "Preferences: Challenge 2". 8 | 9 | Thanks again for your help! 10 | 11 | -Breakthenet Game Owner 12 | 13 | ---------------------- 14 | 15 | Stuck? 16 | ---------------------- 17 |
18 | Click for hint 1 19 | Looking at the code, we see [the code is now checking](https://github.com/breakthenet/file-upload-exercises/blob/master/preferences_c2.php#L219-L227) the mime-type of the file being uploaded - but who sets that mime-type value? 20 |
21 | 22 |
23 | Click for hint 2 24 | When your browser sends the file via the upload form to the server, your browser is automatically including a Content-Type in the request, telling the webserver the file is of type text/php (for example). The code rejects this, as it only accepts Content-Type of 'image/gif', 'image/jpeg', and 'image/png'. Is there a way you can override what your browser is sending in the Content-Type field? 25 |
26 | 27 |
28 | Click for hint 3 29 | You need to intercept the request your browser makes and modify it before sending it on to the server. Here's a couple ways to approach that. 30 | 31 | 1) Google Chrome Inspector, Network Tab. Right click the upload request, and export as curl. Look for the Content-Type there, modify it, and send it again (by sticking the curl command in your terminal). 32 | 33 | 2) Download Firefox, and install the Tamper Data add-on for firefox. Click "Start Tamper" right before submitting your file. When you click submit and the add-on triggers, hit Tamper. In the POST-DATA on the right, a few lines down you'll find the Content-Type you need to modify. Edit it there. NOTE - Tamper Data has a bug where it may not recognize you made any changes if you ONLY edit POST-DATA on the right. To ensure it picks up and forwards your changes to the request, make a random tweak to the User-Agent on the left and it should work. 34 | 35 | 3) Install a proxy like Burpe Suite's, and capture and modify the request there. 36 |
37 | 38 | 39 | 40 | -------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | startheaders(); 13 | include "mysql.php"; 14 | global $c; 15 | $is = 16 | mysql_query( 17 | "SELECT u.*,us.*,h.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN houses h ON h.hWILL=u.maxwill WHERE u.userid=$userid", 18 | $c) or die(mysql_error()); 19 | $ir = mysql_fetch_array($is); 20 | check_level(); 21 | $fm = money_formatter($ir['money']); 22 | $cm = money_formatter($ir['crystals'], ''); 23 | $lv = date('F j, Y, g:i a', $ir['laston']); 24 | $h->userdata($ir, $lv, $fm, $cm); 25 | $h->menuarea(); 26 | print "

General Info:

"; 27 | $exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); 28 | print 29 | " 30 | 31 | 32 | 33 | 34 |
Name: {$ir['username']}Crystals: {$cm}
Level: {$ir['level']}Exp: {$exp}%
Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
Property: {$ir['hNAME']}
"; 35 | print "

Stats Info:

"; 36 | $ts = $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] 37 | + $ir['IQ']; 38 | $ir['strank'] = get_rank($ir['strength'], 'strength'); 39 | $ir['agirank'] = get_rank($ir['agility'], 'agility'); 40 | $ir['guarank'] = get_rank($ir['guard'], 'guard'); 41 | $ir['labrank'] = get_rank($ir['labour'], 'labour'); 42 | $ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); 43 | $tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); 44 | $ir['strength'] = number_format($ir['strength']); 45 | $ir['agility'] = number_format($ir['agility']); 46 | $ir['guard'] = number_format($ir['guard']); 47 | $ir['labour'] = number_format($ir['labour']); 48 | $ir['IQ'] = number_format($ir['IQ']); 49 | $ts = number_format($ts); 50 | 51 | print 52 | " 53 | 54 |
Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
"; 55 | $h->endpage(); 56 | -------------------------------------------------------------------------------- /itembuy.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | $_POST['qty'] = abs((int) $_POST['qty']); 29 | if (!$_GET['ID'] || !$_POST['qty']) 30 | { 31 | print "Invalid use of file"; 32 | } 33 | else if ($_POST['qty'] <= 0) 34 | { 35 | print 36 | "You have been added to the delete list for trying to cheat the game."; 37 | } 38 | else 39 | { 40 | $q = mysql_query("SELECT * FROM items WHERE itmid={$_GET['ID']}", $c); 41 | if (mysql_num_rows($q) == 0) 42 | { 43 | print "Invalid item ID"; 44 | } 45 | else 46 | { 47 | $itemd = mysql_fetch_array($q); 48 | if ($ir['money'] < $itemd['itmbuyprice'] * $_POST['qty']) 49 | { 50 | print "You don't have enough money to buy this item!"; 51 | $h->endpage(); 52 | exit; 53 | } 54 | if ($itemd['itmbuyable'] == 0) 55 | { 56 | print "This item can't be bought!"; 57 | $h->endpage(); 58 | exit; 59 | } 60 | $price = ($itemd['itmbuyprice'] * $_POST['qty']); 61 | mysql_query( 62 | "INSERT INTO inventory VALUES(NULL,{$_GET['ID']},$userid,{$_POST['qty']});", 63 | $c); 64 | mysql_query( 65 | "UPDATE users SET money=money-$price WHERE userid=$userid", 66 | $c); 67 | mysql_query( 68 | "INSERT INTO itembuylogs VALUES (NULL, $userid, {$_GET['ID']}, $price, {$_POST['qty']}, " 69 | . time() 70 | . ", '{$ir['username']} bought {$_POST['qty']} {$itemd['itmname']}(s) for {$price}')", 71 | $c); 72 | print "You bought {$_POST['qty']} {$itemd['itmname']}(s) for \$$price"; 73 | } 74 | } 75 | $h->endpage(); 76 | -------------------------------------------------------------------------------- /docrime.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['c'] = abs((int) $_GET['c']); 28 | if (!$_GET['c']) 29 | { 30 | print "Invalid crime"; 31 | } 32 | else 33 | { 34 | $q = mysql_query("SELECT * FROM crimes WHERE crimeID={$_GET['c']}", $c); 35 | if (mysql_num_rows($q) == 0) 36 | { 37 | echo 'Invalid crime.'; 38 | $h->endpage(); 39 | exit; 40 | } 41 | $r = mysql_fetch_array($q); 42 | if ($ir['brave'] < $r['crimeBRAVE']) 43 | { 44 | print "You do not have enough Brave to perform this crime."; 45 | } 46 | else 47 | { 48 | $ec = 49 | "\$sucrate=" 50 | . str_replace(array("LEVEL", "EXP", "WILL", "IQ"), 51 | array($ir['level'], $ir['exp'], $ir['will'], 52 | $ir['IQ']), $r['crimePERCFORM']) . ";"; 53 | eval($ec); 54 | print $r['crimeITEXT']; 55 | $ir['brave'] -= $r['crimeBRAVE']; 56 | mysql_query( 57 | "UPDATE users SET brave={$ir['brave']} WHERE userid=$userid", 58 | $c); 59 | if (rand(1, 100) <= $sucrate) 60 | { 61 | print 62 | str_replace("{money}", $r['crimeSUCCESSMUNY'], 63 | $r['crimeSTEXT']); 64 | $ir['money'] += $r['crimeSUCCESSMUNY']; 65 | $ir['exp'] += (int) ($r['crimeSUCCESSMUNY'] / 8); 66 | mysql_query( 67 | "UPDATE users SET money={$ir['money']},exp={$ir['exp']} WHERE userid=$userid", 68 | $c); 69 | } 70 | else 71 | { 72 | print $r['crimeFTEXT']; 73 | } 74 | print 75 | "
Try Again
76 | Crimes"; 77 | } 78 | } 79 | 80 | $h->endpage(); 81 | -------------------------------------------------------------------------------- /inventory.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | 28 | $inv = 29 | mysql_query( 30 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$userid} ORDER BY i.itmtype ASC, i.itmname ASC", 31 | $c); 32 | if (mysql_num_rows($inv) == 0) 33 | { 34 | print "You have no items!"; 35 | } 36 | else 37 | { 38 | print 39 | "Your items are listed below.
40 | "; 41 | $lt = ""; 42 | while ($i = mysql_fetch_array($inv)) 43 | { 44 | if ($lt != $i['itmtypename']) 45 | { 46 | $lt = $i['itmtypename']; 47 | print 48 | "\n"; 49 | } 50 | print ""; 68 | } 69 | print "
ItemSell ValueTotal Sell ValueLinks
{$lt}
{$i['itmname']}"; 51 | if ($i['inv_qty'] > 1) 52 | { 53 | print " x{$i['inv_qty']}"; 54 | } 55 | print "\${$i['itmsellprice']}"; 56 | print "$" . ($i['itmsellprice'] * $i['inv_qty']); 57 | print 58 | "[Info] [Send] [Sell] [Add To Market]"; 59 | if ($i['itmtypename'] == 'Food' || $i['itmtypename'] == 'Medical') 60 | { 61 | print " [Use]"; 62 | } 63 | if ($i['itmname'] == 'Nuclear Bomb') 64 | { 65 | print " [Use]"; 66 | } 67 | print "
"; 70 | } 71 | $h->endpage(); 72 | -------------------------------------------------------------------------------- /monorail.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['to'] = abs((int) $_GET['to']); 28 | if (!$_GET['to']) 29 | { 30 | print 31 | "Welcome to the Monorail Station. It costs \$1000 for a ticket.
32 | Where would you like to travel today?
"; 33 | $q = 34 | mysql_query( 35 | "SELECT * FROM cities WHERE cityid != {$ir['location']} AND cityminlevel <= {$ir['level']}", 36 | $c); 37 | print 38 | ""; 39 | while ($r = mysql_fetch_array($q)) 40 | { 41 | print 42 | ""; 43 | } 44 | print "
NameDescriptionMin Level 
{$r['cityname']}{$r['citydesc']}{$r['cityminlevel']}Go
"; 45 | } 46 | else 47 | { 48 | if ($ir['money'] < 1000) 49 | { 50 | print "You don't have enough money."; 51 | } 52 | else if (((int) $_GET['to']) != $_GET['to']) 53 | { 54 | print "Invalid city ID"; 55 | } 56 | else 57 | { 58 | $q = 59 | mysql_query( 60 | "SELECT * FROM cities WHERE cityid = {$_GET['to']} AND cityminlevel <= {$ir['level']}", 61 | $c); 62 | if (!mysql_num_rows($q)) 63 | { 64 | print 65 | "Error, this city either does not exist or you cannot go there."; 66 | } 67 | else 68 | { 69 | mysql_query( 70 | "UPDATE users SET money=money-1000,location={$_GET['to']} WHERE userid=$userid", 71 | $c); 72 | $r = mysql_fetch_array($q); 73 | print 74 | "Congratulations, you paid \$1000 and travelled to {$r['cityname']} on the monorail!"; 75 | } 76 | } 77 | } 78 | $h->endpage(); 79 | -------------------------------------------------------------------------------- /imadd.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | $_GET['price'] = abs((int) $_GET['price']); 29 | if ($_GET['price']) 30 | { 31 | $q = 32 | mysql_query( 33 | "SELECT iv.*,i.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid WHERE inv_id={$_GET['ID']} and inv_userid=$userid", 34 | $c); 35 | if (mysql_num_rows($q) == 0) 36 | { 37 | print "Invalid Item ID"; 38 | } 39 | else 40 | { 41 | $r = mysql_fetch_array($q); 42 | mysql_query( 43 | "INSERT INTO itemmarket VALUES(NULL,'{$r['inv_itemid']}',$userid,{$_GET['price']})", 44 | $c); 45 | mysql_query( 46 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 47 | $c); 48 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 49 | mysql_query( 50 | "INSERT INTO imarketaddlogs VALUES ( '', {$r['inv_itemid']}, {$_GET['price']}, {$r['inv_id']}, $userid, " 51 | . time() 52 | . ", '{$ir['username']} added a {$r['itmname']} to the itemmarket for \${$_GET['price']}')", 53 | $c); 54 | print "Item added to market."; 55 | } 56 | } 57 | else 58 | { 59 | $q = 60 | mysql_query( 61 | "SELECT * FROM inventory WHERE inv_id={$_GET['ID']} and inv_userid=$userid", 62 | $c); 63 | if (mysql_num_rows($q) == 0) 64 | { 65 | print "Invalid Item ID"; 66 | } 67 | else 68 | { 69 | $r = mysql_fetch_array($q); 70 | print 71 | "Adding an item to the item market... 72 |
73 | 74 | Price: \$
75 |
"; 76 | } 77 | } 78 | $h->endpage(); 79 | -------------------------------------------------------------------------------- /gamerules.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print 28 | <<breakthenet Rules and Regulations 30 |
    31 |
  1. Players are only allowed to have one account, owning two or more accounts will result in all accounts being jailed, 32 | if you are on the same IP as another player, mail staff and let them know.
    2. 33 |
  2. You are responsible for whatever happens on your account, don't give out your password to anyone.
    3. 34 |
  3. Children play this game, so keep it PG-13. Mild swearing will be permitted, but F-bombing, sexual vulgarities 35 | or excessive swearing will result in some time in Fed until you clean up your act.
    4. 36 | 37 |
  4. Profile images with nudity, profanity, or otherwise offensive images will be removed, and may result in jail time.
    5. 38 |
  5. We understand that you play other games, but do not advertise them here. You get 1 warning, afterwards its Fed time.
    6. 39 |
  6. Do not spam the staff's mailbox, if you have a problem, message one of us once. They will deal with your problem in a timely 40 | manner, but do not mail them repeatedly, or mail multiple staff members.
    7. 41 |
  7. Do not harrass other players, use common sense on this one, if you don't know when your crossing the line from fantasy into 42 | harrassment, assume that you are harrassing the other player. This will not be tolerated and will result in a stiff punishment.
    8. 43 |
  8. Scamming will not be tolerated in any manner. Any attempt to scam anyone will result in being jailed for a long long time.
    9. 44 |
  9. If a member of staff is bothering you for any unfair or just plain, weird reason, mail admin [1]
    10. 45 |
  10. Common sense rules are not posted here, if you can't determine the difference between what is ok, and what is not, you should 46 | consider not interacting with other people until you do understand.
    11. 47 |
  11. These rules are subject to change without notice, check them from time to time, as ignorance will not be accepted as an excuse.
    12. 48 |
49 | EOF; 50 | $h->endpage(); 51 | -------------------------------------------------------------------------------- /explore.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $tresder = (int) rand(100, 999); 28 | print 29 | "You begin exploring the area you're in, you see a bit that interests you.
30 | 35 | 40 | 53 |
31 | Market Place
32 | Shops
33 | Item Market
34 | Crystal Market		Serious Money Makers
37 | Travel Agency
38 | Estate Agent
39 | City Bank		"; 41 | if ($ir['location'] == 5) 42 | { 43 | print 44 | "Cyber State
45 | Cyber Bank
"; 46 | } 47 | print 48 | "		 49 | Dark Side
50 | Federal Jail
51 | Slots Machine
52 | Roulette
"; 54 | if ($ir['location'] == 5) 55 | { 56 | print 57 | "Cyber Casino
58 | Super Slots
"; 59 | } 60 | print 61 | "		 62 | Statistics Dept
63 | User List
64 | breakthenet Staff
65 | Hall of Fame
66 | Game Stats
67 | Users Online		  68 | Mysterious
69 | Crystal Temple
"; 70 | if ($ir['location'] == 4) 71 | { 72 | print "Battle Tent
"; 73 | } 74 | $game_url = determine_game_urlbase(); 75 | print 76 | "


This is your referal link: http://{$game_url}/register.php?REF=$userid
77 | Every signup from this link earns you two valuable crystals!"; 78 | $h->endpage(); 79 | -------------------------------------------------------------------------------- /willpotion.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $game_url = determine_game_urlbase(); 28 | print 29 | <<Will Potions 31 | 32 | Buy will potions today! They restore 100% will.
33 | Buy One: (\$1)
34 |
35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 |
47 | Buy Five: (\$4.50)
48 |
49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 |
61 | EOF; 62 | $h->endpage(); 63 | -------------------------------------------------------------------------------- /estate.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $mpq = mysql_query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}", $c); 28 | $mp = mysql_fetch_array($mpq); 29 | $_GET['property'] = abs((int) $_GET['property']); 30 | if ($_GET['property']) 31 | { 32 | $npq = 33 | mysql_query("SELECT * FROM houses WHERE hID={$_GET['property']}", 34 | $c); 35 | $np = mysql_fetch_array($npq); 36 | if ($np['hWILL'] < $mp['hWILL']) 37 | { 38 | print "You cannot go backwards in houses!"; 39 | } 40 | else if ($np['hPRICE'] > $ir['money']) 41 | { 42 | print "You do not have enough money to buy the {$np['hrNAME']}."; 43 | } 44 | else 45 | { 46 | mysql_query( 47 | "UPDATE users SET money=money-{$np['hPRICE']},will=0,maxwill={$np['hWILL']} WHERE userid=$userid", 48 | $c); 49 | print "Congrats, you bought the {$np['hNAME']} for \${$np['hPRICE']}!"; 50 | } 51 | } 52 | else if (isset($_GET['sellhouse'])) 53 | { 54 | $npq = 55 | mysql_query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}", 56 | $c); 57 | $np = mysql_fetch_array($npq); 58 | if ($ir['maxwill'] == 100) 59 | { 60 | print "You already live in the lowest property!"; 61 | } 62 | else 63 | { 64 | mysql_query( 65 | "UPDATE users SET money=money+{$np['hPRICE']},will=0,maxwill=100 WHERE userid=$userid", 66 | $c); 67 | print "You sold your {$np['hNAME']} and went back to your shed."; 68 | } 69 | } 70 | else 71 | { 72 | print 73 | "Your current property: {$mp['hNAME']}
74 | The houses you can buy are listed below. Click a house to buy it.
"; 75 | if ($ir['maxwill'] > 100) 76 | { 77 | print "Sell Your House
"; 78 | } 79 | $hq = 80 | mysql_query( 81 | "SELECT * FROM houses WHERE hWILL>{$ir['maxwill']} ORDER BY hWILL ASC", 82 | $c); 83 | while ($r = mysql_fetch_array($hq)) 84 | { 85 | print 86 | "{$r['hNAME']}   - Cost: \${$r['hPRICE']}   - Will Bar: {$r['hWILL']}
"; 87 | } 88 | } 89 | $h->endpage(); 90 | -------------------------------------------------------------------------------- /userlist.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['st'] = abs((int) $_GET['st']); 28 | $st = ($_GET['st']) ? $_GET['st'] : 0; 29 | $allowed_by = array('userid', 'username', 'level', 'money'); 30 | $by = (in_array($_GET['by'], $allowed_by)) ? $_GET['by'] : 'userid'; 31 | $allowed_ord = array('asc', 'desc', 'ASC', 'DESC'); 32 | $ord = (in_array($_GET['ord'], $allowed_ord)) ? $_GET['ord'] : 'ASC'; 33 | print "

Userlist

"; 34 | $cnt = mysql_query("SELECT userid FROM users", $c); 35 | $membs = mysql_num_rows($cnt); 36 | $pages = (int) ($membs / 100) + 1; 37 | if ($membs % 100 == 0) 38 | { 39 | $pages--; 40 | } 41 | print "Pages: "; 42 | for ($i = 1; $i <= $pages; $i++) 43 | { 44 | $stl = ($i - 1) * 100; 45 | print "$i "; 46 | } 47 | print 48 | "
49 | Order By: User ID | Username | Level | Money
50 | Ascending | Descending

"; 51 | $q = 52 | mysql_query( 53 | "SELECT u.* FROM users u ORDER BY $by $ord LIMIT $st,100", 54 | $c); 55 | $no1 = $st + 1; 56 | $no2 = $st + 100; 57 | print 58 | "Showing users $no1 to $no2 by order of $by $ord. 59 | "; 60 | while ($r = mysql_fetch_array($q)) 61 | { 62 | $d = ""; 63 | if ($r['donatordays']) 64 | { 65 | $r['username'] = "{$r['username']}"; 66 | $d = 67 | "Donator: {$r["; 68 | } 69 | print 70 | ""; 80 | } 81 | print "
IDNameMoneyLevelGenderOnline
{$r['userid']}{$r['username']} $d\${$r['money']}{$r['level']}{$r['gender']}"; 71 | if ($r['laston'] >= time() - 15 * 60) 72 | { 73 | print "Online"; 74 | } 75 | else 76 | { 77 | print "Offline"; 78 | } 79 | print "
"; 82 | 83 | $h->endpage(); 84 | -------------------------------------------------------------------------------- /shops.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['shop'] = abs((int) $_GET['shop']); 28 | if (!$_GET['shop']) 29 | { 30 | print "You begin looking through town and you see a few shops.
"; 31 | $q = 32 | mysql_query( 33 | "SELECT * FROM shops WHERE shopLOCATION={$ir['location']}", 34 | $c); 35 | print 36 | ""; 37 | while ($r = mysql_fetch_array($q)) 38 | { 39 | print 40 | ""; 41 | } 42 | print "
ShopDescription
{$r['shopNAME']}{$r['shopDESCRIPTION']}
"; 43 | } 44 | else 45 | { 46 | $sd = mysql_query("SELECT * FROM shops WHERE shopID={$_GET['shop']}", $c); 47 | if (mysql_num_rows($sd)) 48 | { 49 | $shopdata = mysql_fetch_array($sd); 50 | if ($shopdata['shopLOCATION'] == $ir['location']) 51 | { 52 | print 53 | "Browsing items at {$shopdata['shopNAME']}...
54 | "; 55 | $qtwo = 56 | mysql_query( 57 | "SELECT si.*,i.*,it.* FROM shopitems si LEFT JOIN items i ON si.sitemITEMID=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE si.sitemSHOP={$_GET['shop']} ORDER BY i.itmtype ASC, i.itmbuyprice ASC, i.itmname ASC", 58 | $c) or die(mysql_error()); 59 | $lt = ""; 60 | while ($r = mysql_fetch_array($qtwo)) 61 | { 62 | if ($lt != $r['itmtypename']) 63 | { 64 | $lt = $r['itmtypename']; 65 | print 66 | "\n"; 67 | } 68 | print 69 | "\n"; 70 | } 71 | print "
ItemDescriptionPriceSell PriceBuy
{$lt}
{$r['itmname']}{$r['itmdesc']}\${$r['itmbuyprice']}\${$r['itmsellprice']}
Qty:
"; 72 | } 73 | else 74 | { 75 | print "You are trying to access a shop in another city!"; 76 | } 77 | } 78 | else 79 | { 80 | print "You are trying to access an invalid shop!"; 81 | } 82 | } 83 | $h->endpage(); 84 | -------------------------------------------------------------------------------- /attackhosp.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm, 0); 26 | $h->menuarea(); 27 | 28 | $_GET['ID'] = abs((int) $_GET['ID']); 29 | $_SESSION['attacking'] = 0; 30 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 31 | if ($_SESSION['attackwon'] != $_GET['ID']) 32 | { 33 | die("Cheaters don't get anywhere."); 34 | } 35 | if (mysql_num_rows($od)) 36 | { 37 | $r = mysql_fetch_array($od); 38 | if ($r['hp'] == 1) 39 | { 40 | print "What a cheater you are."; 41 | } 42 | else 43 | { 44 | print "You beat {$r['username']} and hospitalized them."; 45 | 46 | event_add($r['userid'], 47 | "{$ir['username']} hospitalized you.", 48 | $c); 49 | 50 | mysql_query( 51 | "UPDATE users SET hp=1,hospital=hospital+80+(rand()*230),hospreason='Hospitalized by {$ir['username']}' WHERE userid={$r['userid']}", 52 | $c); 53 | $atklog = mysql_escape_string($_SESSION['attacklog']); 54 | mysql_query( 55 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 56 | . time() . ",-1,'$atklog');", $c); 57 | $_SESSION['attackwon'] = 0; 58 | $bots = array(263, 264, 265, 2477, 2479, 2480, 2481, 0, 0, 0, 0, 0, 0); 59 | $moneys = 60 | array(263 => 10000, 264 => 10000, 265 => 15500, 2477 => 80000, 61 | 2479 => 30000, 2480 => 30000, 2481 => 30000, 62 | 0 => 100000, 0 => 1400000, 0 => 1400000, 0 => 1400000, 63 | 0 => 5000000, 0 => 10000000); 64 | if (in_array($r['userid'], $bots)) 65 | { 66 | $qk = 67 | mysql_query( 68 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 69 | $c); 70 | if (!mysql_num_rows($qk)) 71 | { 72 | $gain = $moneys[$r['userid']]; 73 | mysql_query( 74 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 75 | $c); 76 | mysql_query( 77 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 78 | $c); 79 | print 80 | "

Congrats, you have beaten the Challenge BOT {$r['username']}, you have earnt \$$gain!"; 81 | } 82 | } 83 | } 84 | } 85 | else 86 | { 87 | print "You beat Mr. non-existant!"; 88 | } 89 | $h->endpage(); 90 | -------------------------------------------------------------------------------- /js/login.js: -------------------------------------------------------------------------------- 1 | /* 2 | MCCodes FREE 3 | js/login.js Rev 1.1.0c 4 | Copyright (C) 2005-2012 Dabomstew 5 | 6 | This program is free software; you can redistribute it and/or 7 | modify it under the terms of the GNU General Public License 8 | as published by the Free Software Foundation; either version 2 9 | of the License, or (at your option) any later version. 10 | 11 | This program is distributed in the hope that it will be useful, 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | GNU General Public License for more details. 15 | 16 | You should have received a copy of the GNU General Public License 17 | along with this program; if not, write to the Software 18 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19 | */ 20 | function getCookieVal(offset) 21 | { 22 | var endstr = document.cookie.indexOf(";", offset); 23 | if (endstr == -1) 24 | endstr = document.cookie.length; 25 | return unescape(document.cookie.substring(offset, endstr)); 26 | } 27 | function GetCookie(name) 28 | { 29 | var arg = name + "="; 30 | var alen = arg.length; 31 | var clen = document.cookie.length; 32 | var i = 0; 33 | while (i < clen) 34 | { 35 | var j = i + alen; 36 | if (document.cookie.substring(i, j) == arg) 37 | return getCookieVal(j); 38 | i = document.cookie.indexOf(" ", i) + 1; 39 | if (i == 0) 40 | break; 41 | } 42 | return null; 43 | } 44 | function SetCookie(name, value, expires, path, domain, secure) 45 | { 46 | document.cookie = name + "=" + escape(value) 47 | + ((expires) ? "; expires=" + expires.toGMTString() : "") 48 | + ((path) ? "; path=" + path : "") 49 | + ((domain) ? "; domain=" + domain : "") 50 | + ((secure) ? "; secure" : ""); 51 | } 52 | 53 | function DeleteCookie(name, path, domain) 54 | { 55 | if (GetCookie(name)) 56 | { 57 | document.cookie = name + "=" + ((path) ? "; path=" + path : "") 58 | + ((domain) ? "; domain=" + domain : "") 59 | + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; 60 | } 61 | } 62 | var usr; 63 | var pw; 64 | var sv; 65 | function getme() 66 | { 67 | usr = document.login.username; 68 | pw = document.login.password; 69 | sv = document.login.save; 70 | 71 | if (GetCookie('username') != null) 72 | { 73 | usr.value = GetCookie('username'); 74 | pw.value = GetCookie('password'); 75 | } 76 | if (GetCookie('save') == 'true') 77 | { 78 | sv[0].checked = true; 79 | } 80 | else 81 | { 82 | sv[1].checked = true; 83 | } 84 | 85 | } 86 | function saveme() 87 | { 88 | if (usr.value.length != 0 && pw.value.length != 0) 89 | { 90 | if (sv[0].checked) 91 | { 92 | expdate = new Date(); 93 | expdate.setTime(expdate.getTime() + 31536000000); 94 | SetCookie('username', usr.value, expdate); 95 | SetCookie('password', pw.value, expdate); 96 | SetCookie('save', 'true', expdate); 97 | } 98 | if (sv[1].checked) 99 | { 100 | DeleteCookie('username'); 101 | DeleteCookie('password'); 102 | DeleteCookie('save'); 103 | } 104 | } 105 | else 106 | { 107 | alert('You must enter a username/password.'); 108 | return false; 109 | } 110 | } -------------------------------------------------------------------------------- /roulette.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $tresder = (int) (rand(100, 999)); 28 | $maxbet = $ir['level'] * 150; 29 | $_GET['tresde'] = abs((int) $_GET['tresde']); 30 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 31 | { 32 | die( 33 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
34 | > Back"); 35 | } 36 | $_SESSION['tresde'] = $_GET['tresde']; 37 | $_GET['bet'] = abs((int) $_GET['bet']); 38 | $_GET['number'] = abs((int) $_GET['number']); 39 | print "

Roulette: Pick a number between 0 - 36

"; 40 | if ($_GET['bet']) 41 | { 42 | if ($_GET['bet'] > $ir['money']) 43 | { 44 | die( 45 | "You are trying to bet more than you have.
46 | > Back"); 47 | } 48 | else if ($_GET['bet'] > $maxbet) 49 | { 50 | die( 51 | "You have gone over the max bet.
52 | > Back"); 53 | } 54 | else if ($_GET['number'] > 36 or $_GET['number'] < 0 or $_GET['bet'] < 0) 55 | { 56 | die( 57 | "The Numbers are only 0 - 36.
58 | > Back"); 59 | } 60 | 61 | $slot[1] = (int) rand(0, 36); 62 | print 63 | "You place \${$_GET['bet']} into the slot and pull the pole.
64 | You see the number: $slot[1]
65 | You bet \${$_GET['bet']} "; 66 | if ($slot[1] == $_GET['number']) 67 | { 68 | $won = $_GET['bet'] * 37; 69 | $gain = $_GET['bet'] * 36; 70 | print 71 | "and won \$$won by matching the number u bet pocketing you \$$gain extra."; 72 | } 73 | else 74 | { 75 | $won = 0; 76 | $gain = -$_GET['bet']; 77 | print "and lost it."; 78 | } 79 | mysql_query( 80 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 81 | $tresder = (int) (rand(100, 999)); 82 | print 83 | "
84 | > Another time, same bet.
85 | > I'll continue, but I'm changing my bet.
86 | > Enough's enough, I'm off."; 87 | } 88 | else 89 | { 90 | print 91 | "Ready to try your luck? Play today!
92 | The maximum bet for your level is \$$maxbet.
93 |
94 | Bet: \$
95 | Pick (0-36):
96 | 97 | 98 |
"; 99 | } 100 | 101 | $h->endpage(); 102 | -------------------------------------------------------------------------------- /slotsmachine.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $tresder = (int) (rand(100, 999)); 28 | $maxbet = $ir['level'] * 250; 29 | $_GET['tresde'] = abs((int) $_GET['tresde']); 30 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 31 | { 32 | die( 33 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
34 | > Back"); 35 | } 36 | $_SESSION['tresde'] = $_GET['tresde']; 37 | $_GET['bet'] = abs((int) $_GET['bet']); 38 | print "

Slots

"; 39 | if ($_GET['bet']) 40 | { 41 | if ($_GET['bet'] > $ir['money']) 42 | { 43 | die( 44 | "You are trying to bet more than you have.
45 | > Back"); 46 | } 47 | else if ($_GET['bet'] > $maxbet) 48 | { 49 | die( 50 | "You have gone over the max bet.
51 | > Back"); 52 | } 53 | 54 | $slot[1] = (int) rand(0, 9); 55 | $slot[2] = (int) rand(0, 9); 56 | $slot[3] = (int) rand(0, 9); 57 | print 58 | "You place \${$_GET['bet']} into the slot and pull the pole.
59 | You see the numbers: $slot[1] $slot[2] $slot[3]
60 | You bet \${$_GET['bet']} "; 61 | if ($slot[1] == $slot[2] && $slot[2] == $slot[3]) 62 | { 63 | $won = $_GET['bet'] * 26; 64 | $gain = $_GET['bet'] * 25; 65 | print 66 | "and won \$$won by lining up 3 numbers pocketing you \$$gain extra."; 67 | } 68 | else if ($slot[1] == $slot[2] || $slot[2] == $slot[3] 69 | || $slot[1] == $slot[3]) 70 | { 71 | $won = $_GET['bet'] * 3; 72 | $gain = $_GET['bet'] * 2; 73 | print 74 | "and won \$$won by lining up 2 numbers pocketing you \$$gain extra."; 75 | } 76 | else 77 | { 78 | $won = 0; 79 | $gain = -$_GET['bet']; 80 | print "and lost it."; 81 | } 82 | mysql_query( 83 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 84 | $tresder = (int) (rand(100, 999)); 85 | print 86 | "
87 | > Another time, same bet.
88 | > I'll continue, but I'm changing my bet.
89 | > Enough's enough, I'm off."; 90 | } 91 | else 92 | { 93 | print 94 | "Ready to try your luck? Play today!
95 | The maximum bet for your level is \$$maxbet.
96 |
97 | Bet: \$
98 | 99 | 100 |
"; 101 | } 102 | 103 | $h->endpage(); 104 | -------------------------------------------------------------------------------- /attackwon.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm, 0); 26 | $h->menuarea(); 27 | 28 | $_GET['ID'] = abs((int) $_GET['ID']); 29 | $_SESSION['attacking'] = 0; 30 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 31 | if ($_SESSION['attackwon'] != $_GET['ID']) 32 | { 33 | die("Cheaters don't get anywhere."); 34 | } 35 | if (mysql_num_rows($od)) 36 | { 37 | $r = mysql_fetch_array($od); 38 | if ($r['hp'] == 1) 39 | { 40 | print "What a cheater u are."; 41 | } 42 | else 43 | { 44 | $stole = (int) (rand($r['money'] / 500, $r['money'] / 20)); 45 | print "You beat {$r['username']} and stole \$$stole"; 46 | $qe = $r['level'] * $r['level'] * $r['level']; 47 | $expgain = rand($qe / 4, $qe / 2); 48 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 49 | print " and gained $expperc% EXP!"; 50 | mysql_query( 51 | "UPDATE users SET exp=exp+$expgain,money=money+$stole WHERE userid=$userid", 52 | $c); 53 | mysql_query( 54 | "UPDATE users SET hp=1,money=money-$stole WHERE userid={$r['userid']}", 55 | $c); 56 | event_add($r['userid'], 57 | "{$ir['username']} attacked you and stole $stole.", 58 | $c); 59 | $atklog = mysql_escape_string($_SESSION['attacklog']); 60 | mysql_query( 61 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 62 | . time() . ",$stole,'$atklog');", $c); 63 | $_SESSION['attackwon'] = 0; 64 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 65 | $moneys = 66 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 67 | 2481 => 30000, 263 => 10000, 264 => 10000, 68 | 265 => 15000, 536 => 100000, 720 => 1400000, 69 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 70 | 820 => 10000000); 71 | if (in_array($r['userid'], $bots)) 72 | { 73 | $qk = 74 | mysql_query( 75 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 76 | $c); 77 | if (!mysql_num_rows($qk)) 78 | { 79 | $gain = $moneys[$r['userid']]; 80 | mysql_query( 81 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 82 | $c); 83 | mysql_query( 84 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 85 | $c); 86 | print 87 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 88 | } 89 | } 90 | } 91 | } 92 | else 93 | { 94 | print "You beat Mr. non-existant!"; 95 | } 96 | $h->endpage(); 97 | -------------------------------------------------------------------------------- /number.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $tresder = (int) (rand(100, 999)); 28 | $maxbet = $ir['level'] * 1; 29 | $_GET['tresde'] = abs((int) $_GET['tresde']); 30 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 31 | { 32 | die( 33 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
34 | > Back"); 35 | } 36 | $_SESSION['tresde'] = $_GET['tresde']; 37 | $_GET['crystals'] = abs((int) $_GET['crystals']); 38 | $_GET['number'] = abs((int) $_GET['number']); 39 | print "

Pick a number between 1 - 3 and double your bet of crystals

"; 40 | if ($_GET['crystals']) 41 | { 42 | if ($_GET['crystals'] > $ir['crystals']) 43 | { 44 | die( 45 | "You are trying to bet more than you have.
46 | > Back"); 47 | } 48 | else if ($_GET['crystals'] > $maxbet) 49 | { 50 | die( 51 | "You have gone over the max bet.
52 | > Back"); 53 | } 54 | else if ($_GET['number'] > 3 or $_GET['number'] < 1 or $_GET['bet'] < 0) 55 | { 56 | die( 57 | "The Numbers are only 1 - 3.
58 | > Back"); 59 | } 60 | 61 | $slot[1] = (int) rand(1, 3); 62 | print 63 | "You place \${$_GET['crystals']} into the slot and pull the pole.
64 | You see the number: $slot[1]
65 | You bet \${$_GET['crystals']} "; 66 | if ($slot[1] == $_GET['number']) 67 | { 68 | $won = $_GET['crystals'] * 2; 69 | $gain = $_GET['crystals'] * 1; 70 | print 71 | "and won \$$won by matching the number u bet pocketing you \$$gain extra."; 72 | } 73 | else 74 | { 75 | $won = 0; 76 | $gain = -$_GET['crystals']; 77 | print "and lost it."; 78 | } 79 | mysql_query( 80 | "UPDATE users SET crystals=crystals+({$gain}) where userid=$userid", 81 | $c); 82 | $tresder = (int) (rand(100, 999)); 83 | print 84 | "
85 | > Another time, same bet.
86 | > I'll continue, but I'm changing my bet.
87 | > Enough's enough, I'm off."; 88 | } 89 | else 90 | { 91 | print 92 | "Ready to try your luck? Play today!
93 | The maximum bet for your level is \$maxbet.
94 |
95 | Bet: \$
96 | Pick (1-3):
97 | 98 | 99 |
"; 100 | } 101 | 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /itemsell.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | $_GET['qty'] = abs((int) $_GET['qty']); 29 | //itemsend 30 | if ($_GET['qty']) 31 | { 32 | $id = 33 | mysql_query( 34 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 35 | $c); 36 | if (mysql_num_rows($id) == 0) 37 | { 38 | print "Invalid item ID"; 39 | } 40 | else 41 | { 42 | $r = mysql_fetch_array($id); 43 | if ($_GET['qty'] > $r['inv_qty']) 44 | { 45 | print "You are trying to send more than you have!"; 46 | } 47 | else 48 | { 49 | $price = $r['itmsellprice'] * $_GET['qty']; 50 | //are we sending it all 51 | if ($_GET['qty'] == $r['inv_qty']) 52 | { 53 | //just give them possession of the item 54 | mysql_query( 55 | "DELETE FROM inventory WHERE inv_id={$_GET['ID']}", 56 | $c); 57 | } 58 | else 59 | { 60 | //create seperate 61 | mysql_query( 62 | "UPDATE inventory SET inv_qty=inv_qty-{$_GET['qty']} WHERE inv_id={$_GET['ID']} LIMIT 1;", 63 | $c); 64 | } 65 | mysql_query( 66 | "UPDATE users SET money=money+{$price} WHERE userid=$userid", 67 | $c); 68 | $priceh = "$" . ($price); 69 | print "You sold {$_GET['qty']} {$r['itmname']}(s) for {$priceh}"; 70 | mysql_query( 71 | "INSERT INTO itemselllogs VALUES(NULL, $userid, {$r['itmid']}, $price, {$_GET['qty']}, " 72 | . time() 73 | . ", '{$ir['username']} sold {$_GET['qty']} {$r['itmname']}(s) for {$priceh}')", 74 | $c); 75 | } 76 | } 77 | } 78 | else if ($_GET['ID']) 79 | { 80 | $id = 81 | mysql_query( 82 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} and iv.inv_userid=$userid LIMIT 1", 83 | $c); 84 | if (mysql_num_rows($id) == 0) 85 | { 86 | print "Invalid item ID"; 87 | } 88 | else 89 | { 90 | $r = mysql_fetch_array($id); 91 | print 92 | "Enter how many {$r['itmname']} you want to sell. You have {$r['inv_qty']} to sell.
93 |
94 | 95 | Quantity:
96 |
"; 97 | } 98 | } 99 | else 100 | { 101 | print "Invalid use of file."; 102 | } 103 | $h->endpage(); 104 | -------------------------------------------------------------------------------- /education.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

Schooling

"; 28 | if ($ir['course'] > 0) 29 | { 30 | $cd = mysql_query("SELECT * FROM courses WHERE crID={$ir['course']}", $c); 31 | $coud = mysql_fetch_array($cd); 32 | print 33 | "You are currently doing the {$coud['crNAME']}, you have {$ir['cdays']} days remaining."; 34 | } 35 | else 36 | { 37 | if ($_GET['cstart']) 38 | { 39 | $_GET['cstart'] = abs((int) $_GET['cstart']); 40 | //Verify. 41 | $cd = 42 | mysql_query( 43 | "SELECT * FROM courses WHERE crID={$_GET['cstart']}", 44 | $c); 45 | if (mysql_num_rows($cd) == 0) 46 | { 47 | print "You are trying to start a non-existant course!"; 48 | } 49 | else 50 | { 51 | $coud = mysql_fetch_array($cd); 52 | $cdo = 53 | mysql_query( 54 | "SELECT * FROM coursesdone WHERE userid=$userid AND courseid={$_GET['cstart']}", 55 | $c); 56 | if ($ir['money'] < $coud['crCOST']) 57 | { 58 | print "You don't have enough money to start this course."; 59 | $h->endpage(); 60 | exit; 61 | } 62 | if (mysql_num_rows($cdo) > 0) 63 | { 64 | print "You have already done this course."; 65 | $h->endpage(); 66 | exit; 67 | } 68 | mysql_query( 69 | "UPDATE users SET course={$_GET['cstart']},cdays={$coud['crDAYS']},money=money-{$coud['crCOST']} WHERE userid=$userid", 70 | $c); 71 | print 72 | "You have started the {$coud['crNAME']}, it will take {$coud['crDAYS']} days to complete."; 73 | } 74 | } 75 | else 76 | { 77 | //list courses 78 | print "Here is a list of available courses."; 79 | $q = mysql_query("SELECT * FROM courses", $c); 80 | print 81 | "
"; 82 | while ($r = mysql_fetch_array($q)) 83 | { 84 | $cdo = 85 | mysql_query( 86 | "SELECT * FROM coursesdone WHERE userid=$userid AND courseid={$r['crID']}", 87 | $c); 88 | if (mysql_num_rows($cdo)) 89 | { 90 | $do = "Done"; 91 | } 92 | else 93 | { 94 | $do = "Take"; 95 | } 96 | print 97 | ""; 98 | } 99 | print "
CourseDescriptionCostTake
{$r['crNAME']}{$r['crDESC']}\${$r['crCOST']}$do
"; 100 | } 101 | } 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /advsearch.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($_POST['submit']) 28 | { 29 | $levelmin = abs((int) $_POST['levelmin']); 30 | $levelmax = abs((int) $_POST['levelmax']); 31 | $levelmin_clause = "WHERE level >= '{$levelmin}'"; 32 | $levelmax_clause = " AND level <= '{$levelmax}'"; 33 | $nom = mysql_real_escape_string(stripslashes($_POST['name']), $c); 34 | $gender = 35 | in_array($_POST['gender'], array('Male', 'Female'), true) 36 | ? $_POST['gender'] : ''; 37 | $name_clause = ($nom) ? " AND username LIKE('%{$nom}%')" : ""; 38 | $gender_clause = ($gender) ? " AND gender = '{$gender}'" : ""; 39 | $house = abs((int) $_POST['house']); 40 | $online = abs((int) $_POST['online']); 41 | $dayo_min = abs((int) $_POST['daysmin']); 42 | $dayo_max = abs((int) $_POST['daysmax']); 43 | $house_clause = ($house) ? " AND maxwill = '{$house}'" : ""; 44 | $online_clause = ($online) ? " AND laston >= " . (time() - $online) : ""; 45 | $daysmin_clause = ($dayo_min) ? " AND daysold >= '{$dayo_min}'" : ""; 46 | $daysmax_clause = ($dayo_max) ? " AND daysold <= '{$dayo_max}'" : ""; 47 | $q = 48 | mysql_query( 49 | "SELECT * FROM users $levelmin_clause$levelmax_clause$name_clause$gender_clause$house_clause$online_clause$daysmin_clause$daysmax_clause", 50 | $c); 51 | print 52 | mysql_num_rows($q) 53 | . " players found.
54 | "; 55 | while ($r = mysql_fetch_array($q)) 56 | { 57 | print 58 | ""; 59 | } 60 | print "
UserLevelMoney
{$r['username']}{$r['level']}\${$r['money']}
"; 61 | } 62 | else 63 | { 64 | print 65 | <<Advanced search 67 | * is a required field.
68 |
69 | 70 | Name:
71 | Level: From: * To: 72 | *
73 | Gender:
78 | House: To:
90 |
91 | EOF; 92 | } 93 | $h->endpage(); 94 | -------------------------------------------------------------------------------- /attackleave.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm, 0); 26 | $h->menuarea(); 27 | 28 | $_GET['ID'] = abs((int) $_GET['ID']); 29 | $_SESSION['attacking'] = 0; 30 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 31 | if ($_SESSION['attackwon'] != $_GET['ID']) 32 | { 33 | die("Cheaters don't get anywhere."); 34 | } 35 | if (mysql_num_rows($od)) 36 | { 37 | $r = mysql_fetch_array($od); 38 | if ($r['hp'] == 1) 39 | { 40 | print "What a cheater u are."; 41 | } 42 | else 43 | { 44 | print "You beat {$r['username']} and leave him on the ground."; 45 | $qe = $r['level'] * $r['level'] * $r['level']; 46 | $expgain = rand($qe / 4, $qe / 2); 47 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 48 | print " and gained $expperc% EXP!"; 49 | mysql_query("UPDATE users SET exp=exp+$expgain WHERE userid=$userid", 50 | $c); 51 | mysql_query("UPDATE users SET hp=1 WHERE userid={$r['userid']}", $c); 52 | event_add($r['userid'], 53 | "{$ir['username']} attacked you and left you lying on the street.", 54 | $c); 55 | 56 | mysql_query( 57 | "UPDATE users SET hp=1,hospital=hospital+20+(rand()*20),hospreason='Attacked by {$ir['username']}' WHERE userid={$r['userid']}", 58 | $c); 59 | $atklog = mysql_escape_string($_SESSION['attacklog']); 60 | mysql_query( 61 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 62 | . time() . ",$stole,'$atklog');", $c); 63 | $_SESSION['attackwon'] = 0; 64 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 65 | $moneys = 66 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 67 | 2481 => 30000, 263 => 10000, 264 => 10000, 68 | 265 => 15000, 536 => 100000, 720 => 1400000, 69 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 70 | 820 => 10000000); 71 | if (in_array($r['userid'], $bots)) 72 | { 73 | $qk = 74 | mysql_query( 75 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 76 | $c); 77 | if (!mysql_num_rows($qk)) 78 | { 79 | $gain = $moneys[$r['userid']]; 80 | mysql_query( 81 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 82 | $c); 83 | mysql_query( 84 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 85 | $c); 86 | print 87 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 88 | } 89 | } 90 | } 91 | } 92 | else 93 | { 94 | print "You beat Mr. non-existant!"; 95 | } 96 | $h->endpage(); 97 | -------------------------------------------------------------------------------- /crons/cron_day.php: -------------------------------------------------------------------------------- 1 | 0) 26 | { 27 | mysql_query( 28 | "UPDATE `users` SET `fedjail` = 0 WHERE `userid` IN(" 29 | . implode(",", $ids) . ")", $c); 30 | } 31 | mysql_query("DELETE FROM `fedjail` WHERE `fed_days` <= 0", $c); 32 | $user_update_query = 33 | "UPDATE `users` SET 34 | `daysold` = `daysold` + 1, 35 | `mailban` = `mailban` - IF(`mailban` > 0, 1, 0), 36 | `donatordays` = `donatordays` - IF(`donatordays` > 0, 1, 0), 37 | `cdays` = `cdays` - IF(`course` > 0, 1, 0), 38 | `bankmoney` = `bankmoney` + IF(`bankmoney` > 0, `bankmoney` / 50, 0), 39 | `cybermoney` = `cybermoney` + IF(`cybermoney` > 0, `cybermoney` / 100 * 7, 0)"; 40 | mysql_query($user_update_query, $c); 41 | $q = 42 | mysql_query( 43 | "SELECT `userid`, `course` FROM `users` WHERE `cdays` <= 0 AND `course` > 0", 44 | $c); 45 | $course_cache = array(); 46 | while ($r = mysql_fetch_assoc($q)) 47 | { 48 | if (!array_key_exists($r['course'], $course_cache)) 49 | { 50 | $cd = 51 | mysql_query( 52 | "SELECT `crSTR`, `crGUARD`, `crLABOUR`, `crAGIL`, `crIQ`, `crNAME` 53 | FROM `courses` 54 | WHERE `crID` = {$r['course']}", $c); 55 | $coud = mysql_fetch_assoc($cd); 56 | mysql_free_result($cd); 57 | $course_cache[$r['course']] = $coud; 58 | } 59 | else 60 | { 61 | $coud = $course_cache[$r['course']]; 62 | } 63 | $userid = $r['userid']; 64 | mysql_query( 65 | "INSERT INTO `coursesdone` VALUES({$r['userid']}, {$r['course']})", 66 | $c); 67 | $upd = ""; 68 | $ev = ""; 69 | if ($coud['crSTR'] > 0) 70 | { 71 | $upd .= ", us.strength = us.strength + {$coud['crSTR']}"; 72 | $ev .= ", {$coud['crSTR']} strength"; 73 | } 74 | if ($coud['crGUARD'] > 0) 75 | { 76 | $upd .= ", us.guard = us.guard + {$coud['crGUARD']}"; 77 | $ev .= ", {$coud['crGUARD']} guard"; 78 | } 79 | if ($coud['crLABOUR'] > 0) 80 | { 81 | $upd .= ", us.labour = us.labour + {$coud['crLABOUR']}"; 82 | $ev .= ", {$coud['crLABOUR']} labour"; 83 | } 84 | if ($coud['crAGIL'] > 0) 85 | { 86 | $upd .= ", us.agility = us.agility + {$coud['crAGIL']}"; 87 | $ev .= ", {$coud['crAGIL']} agility"; 88 | } 89 | if ($coud['crIQ'] > 0) 90 | { 91 | $upd .= ", us.IQ = us.IQ + {$coud['crIQ']}"; 92 | $ev .= ", {$coud['crIQ']} IQ"; 93 | } 94 | $ev = substr($ev, 1); 95 | mysql_query( 96 | "UPDATE `users` AS `u` 97 | INNER JOIN `userstats` AS `us` ON `u`.`userid` = `us`.`userid` 98 | SET `u`.`course` = 0{$upd} 99 | WHERE `u`.`userid` = {$userid}", $c); 100 | event_add($userid, 101 | "Congratulations, you completed the {$coud['crNAME']} and gained {$ev}!", 102 | $c); 103 | } 104 | mysql_free_result($q); 105 | mysql_query("TRUNCATE TABLE `votes`", $c); 106 | -------------------------------------------------------------------------------- /itemuse.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | //Food 29 | if (!$_GET['ID']) 30 | { 31 | print "Invalid use of file"; 32 | } 33 | else 34 | { 35 | $i = 36 | mysql_query( 37 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid", 38 | $c); 39 | if (mysql_num_rows($i) == 0) 40 | { 41 | print "Invalid item ID"; 42 | } 43 | else 44 | { 45 | $r = mysql_fetch_array($i); 46 | if ($r['itmtypename'] == 'Food') 47 | { 48 | $f = 49 | mysql_query( 50 | "SELECT * FROM food WHERE item_id={$r['itmid']}", 51 | $c); 52 | $fr = mysql_fetch_array($f); 53 | mysql_query( 54 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 55 | $c); 56 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 57 | mysql_query( 58 | "UPDATE users SET energy=energy+{$fr['energy']} WHERE userid=$userid"); 59 | mysql_query( 60 | "UPDATE users SET energy=maxenergy WHERE energy > maxenergy"); 61 | print 62 | "You cram a {$r['itmname']} into your mouth. You feel a bit of energy coming back to you."; 63 | } 64 | else if ($r['itmtypename'] == 'Medical') 65 | { 66 | $f = 67 | mysql_query( 68 | "SELECT * FROM medical WHERE item_id={$r['itmid']}", 69 | $c); 70 | $fr = mysql_fetch_array($f); 71 | mysql_query( 72 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 73 | $c); 74 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 75 | mysql_query( 76 | "UPDATE users SET hp=hp+{$fr['health']} WHERE userid=$userid"); 77 | mysql_query("UPDATE users SET hp=maxhp WHERE hp > maxhp"); 78 | if ($r['itmname'] == 'Full Restore') 79 | { 80 | mysql_query( 81 | "UPDATE users SET energy=maxenergy,will=maxwill,brave=maxbrave WHERE userid=$userid", 82 | $c); 83 | } 84 | if ($r['itmname'] == 'Will Potion') 85 | { 86 | mysql_query( 87 | "UPDATE users SET will=maxwill WHERE userid=$userid", 88 | $c); 89 | } 90 | print 91 | "You spray a {$r['itmname']} into your mouth. You feel a bit of health coming back to you."; 92 | } 93 | else 94 | { 95 | print "You cannot use this item."; 96 | } 97 | } 98 | } 99 | $h->endpage(); 100 | -------------------------------------------------------------------------------- /gym.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $out = ""; 26 | $_GET['times'] = abs((int) $_GET['times']); 27 | if (isset($_GET['train'])) 28 | { 29 | if ($_GET['train'] != "strength" && $_GET['train'] != "agility" 30 | && $_GET['train'] != "guard" && $_GET['train'] != "labour") 31 | { 32 | $h->userdata($ir, $lv, $fm, $cm); 33 | $h->menuarea(); 34 | die("Abusers aren't allowed."); 35 | } 36 | $tgain = 0; 37 | for ($i = 1; $i <= $_GET['times'] && $ir['energy'] > 0; $i++) 38 | { 39 | if ($ir['energy'] > 0) 40 | { 41 | $gain = 42 | rand(1, 3) / rand(800, 1000) * rand(800, 1000) 43 | * (($ir['will'] + 20) / 150); 44 | $tgain += $gain; 45 | if ($_GET['train'] == "IQ") 46 | { 47 | $gain /= 100; 48 | } 49 | $ir[$_GET['train']] += $gain; 50 | $egain = $gain / 10; 51 | $ts = $ir[$_GET['train']]; 52 | $st = $_GET['train']; 53 | 54 | mysql_query( 55 | "UPDATE userstats SET $st=$st+" . $gain 56 | . " WHERE userid=$userid", $c) 57 | or die( 58 | "UPDATE userstats SET $st=$st+$gain,energy=energy-1,exp=exp+$egain WHERE userid=$userid
" 59 | . mysql_error()); 60 | $wu = (int) (rand(1, 3)); 61 | if ($ir['will'] >= $wu) 62 | { 63 | $ir['will'] -= $wu; 64 | mysql_query( 65 | "UPDATE users SET energy=energy-1,exp=exp+$egain,will=will-$wu WHERE userid=$userid", 66 | $c); 67 | } 68 | else 69 | { 70 | $ir['will'] = 0; 71 | mysql_query( 72 | "UPDATE users SET energy=energy-1,exp=exp+$egain,will=0 WHERE userid=$userid", 73 | $c); 74 | } 75 | $ir['energy'] -= 1; 76 | $ir['exp'] += $egain; 77 | 78 | } 79 | else 80 | { 81 | $out = "You do not have enough energy to train."; 82 | } 83 | } 84 | $stat = $ir[$st]; 85 | $i--; 86 | $out = 87 | "You begin training your $st.
88 | You have gained $tgain $st by training it $i times.
89 | You now have $stat $st and {$ir['energy']} energy left.

"; 90 | 91 | } 92 | else 93 | { 94 | $out = "

Gym: Main Lobby

"; 95 | } 96 | $h->userdata($ir, $lv, $fm, $cm); 97 | $h->menuarea(); 98 | print $out; 99 | print 100 | "Enter the amount of times you wish to train and choose the stat to train.
101 | You can train up to {$ir['energy']} times.
102 |
107 |
"; 108 | 109 | $h->endpage(); 110 | -------------------------------------------------------------------------------- /attackmug.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm, 0); 26 | $h->menuarea(); 27 | 28 | $_GET['ID'] = abs((int) $_GET['ID']); 29 | $_SESSION['attacking'] = 0; 30 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 31 | if ($_SESSION['attackwon'] != $_GET['ID']) 32 | { 33 | die("Cheaters don't get anywhere."); 34 | } 35 | if (mysql_num_rows($od)) 36 | { 37 | $r = mysql_fetch_array($od); 38 | if ($r['hp'] == 1) 39 | { 40 | print "What a cheater u are."; 41 | } 42 | else 43 | { 44 | $stole = (int) (rand($r['money'] / 500, $r['money'] / 20)); 45 | print "You beat {$r['username']} and stole \$$stole"; 46 | $qe = $r['level'] * $r['level'] * $r['level']; 47 | $expgain = rand($qe / 4, $qe / 2); 48 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 49 | print " and gained $expperc% EXP!"; 50 | mysql_query( 51 | "UPDATE users SET exp=exp+$expgain,money=money+$stole WHERE userid=$userid", 52 | $c); 53 | mysql_query( 54 | "UPDATE users SET hp=1,money=money-$stole WHERE userid={$r['userid']}", 55 | $c); 56 | event_add($r['userid'], 57 | "{$ir['username']} attacked you and stole $stole.", 58 | $c); 59 | 60 | mysql_query( 61 | "UPDATE users SET hp=1,hospital=hospital+20+(rand()*20),hospreason='Attacked by {$ir['username']}' WHERE userid={$r['userid']}", 62 | $c); 63 | $atklog = mysql_escape_string($_SESSION['attacklog']); 64 | mysql_query( 65 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 66 | . time() . ",$stole,'$atklog');", $c); 67 | $_SESSION['attackwon'] = 0; 68 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 69 | $moneys = 70 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 71 | 2481 => 30000, 263 => 10000, 264 => 10000, 72 | 265 => 15000, 536 => 100000, 720 => 1400000, 73 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 74 | 820 => 10000000); 75 | if (in_array($r['userid'], $bots)) 76 | { 77 | $qk = 78 | mysql_query( 79 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 80 | $c); 81 | if (!mysql_num_rows($qk)) 82 | { 83 | $gain = $moneys[$r['userid']]; 84 | mysql_query( 85 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 86 | $c); 87 | mysql_query( 88 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 89 | $c); 90 | print 91 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 92 | } 93 | } 94 | } 95 | } 96 | else 97 | { 98 | print "You beat Mr. non-existant!"; 99 | } 100 | $h->endpage(); 101 | -------------------------------------------------------------------------------- /stats.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | // Basic Stats (all users) 28 | $q = 29 | mysql_query( 30 | "SELECT COUNT(`userid`) AS `c_users`, 31 | SUM(`money`) AS `s_money`, 32 | SUM(`crystals`) AS `s_crystals` 33 | FROM `users`", $c); 34 | $mem_info = mysql_fetch_assoc($q); 35 | $membs = $mem_info['c_users']; 36 | $total = $mem_info['s_money']; 37 | $avg = (int) ($total / ($membs > 1 ? $membs : 1)); 38 | $totalc = $mem_info['s_crystals']; 39 | $avgc = (int) ($totalc / ($membs > 1 ? $membs : 1)); 40 | mysql_free_result($q); 41 | $q = 42 | mysql_query( 43 | "SELECT COUNT(`userid`) AS `c_users`, 44 | SUM(`bankmoney`) AS `s_bank` 45 | FROM `users` 46 | WHERE `bankmoney` > -1", $c); 47 | $bank_info = mysql_fetch_assoc($q); 48 | $banks = $bank_info['c_users']; 49 | $totalb = $bank_info['s_bank']; 50 | $avgb = (int) ($totalb / ($banks > 0 ? $banks : 1)); 51 | mysql_free_result($q); 52 | $q = 53 | mysql_query( 54 | "SELECT COUNT(`userid`) 55 | FROM `users` 56 | WHERE `gender` = 'Male'", $c); 57 | $male = mysql_result($q, 0, 0); 58 | mysql_free_result($q); 59 | $q = 60 | mysql_query( 61 | "SELECT COUNT(`userid`) 62 | FROM `users` 63 | WHERE `gender` = 'Female'", $c); 64 | $fem = mysql_result($q, 0, 0); 65 | mysql_free_result($q); 66 | 67 | $q = mysql_query("SELECT SUM(`inv_qty`) 68 | FROM `inventory`", $c); 69 | $totali =(int) mysql_result($q, 0, 0); 70 | mysql_free_result($q); 71 | $q = mysql_query("SELECT COUNT(`mail_id`) 72 | FROM `mail`", $c); 73 | $mail = mysql_result($q, 0, 0); 74 | mysql_free_result($q); 75 | $q = mysql_query("SELECT COUNT(`evID`) 76 | FROM `events`", $c); 77 | $events = mysql_result($q, 0, 0); 78 | mysql_free_result($q); 79 | echo "

Country Statistics

80 | You step into the Statistics Department and login to the service. You see some stats that interest you.
81 | 82 | 83 | 84 | 85 | 86 | 87 | 91 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 119 | 123 | 124 |
UsersMoney and Crystals
88 | There are currently $membs {$set['game_name']} players, 89 | $male males and $fem females. 90 | 92 | Amount of cash in circulation: " . money_formatter($total) 93 | . ".
94 | The average player has: " . money_formatter($avg) 95 | . ".
96 | Amount of cash in banks: " . money_formatter($totalb) 97 | . ".
98 | Amount of players with bank accounts: $banks
99 | The average player has in their bank accnt: " 100 | . money_formatter($avgb) 101 | . ".
102 | Amount of crystals in circulation: " 103 | . money_formatter($totalc, "") 104 | . ".
105 | The average player has: " . money_formatter($avgc, "") 106 | . " crystals. 107 |
Mails/EventsItems
115 | " . money_formatter($mail, "") . " mails and " 116 | . money_formatter($events, "") 117 | . " events have been sent. 118 | 120 | There are currently " . money_formatter($totali, "") 121 | . " items in circulation. 122 |
"; 125 | $h->endpage(); 126 | -------------------------------------------------------------------------------- /sendcash.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $_GET['ID'] = abs((int) $_GET['ID']); 28 | $_POST['money'] = abs((int) $_POST['money']); 29 | if (!((int) $_GET['ID'])) 30 | { 31 | print "Invalid User ID"; 32 | } 33 | else if ($_GET['ID'] == $userid) 34 | { 35 | print "Haha, what does sending money to yourself do anyway?"; 36 | } 37 | else 38 | { 39 | if ((int) $_POST['money']) 40 | { 41 | if ($_POST['money'] > $ir['money']) 42 | { 43 | print "Die j00 abuser."; 44 | } 45 | else 46 | { 47 | mysql_query( 48 | "UPDATE users SET money=money-{$_POST['money']} WHERE userid=$userid", 49 | $c); 50 | mysql_query( 51 | "UPDATE users SET money=money+{$_POST['money']} WHERE userid={$_GET['ID']}", 52 | $c); 53 | print "You sent \${$_POST['money']} to ID {$_GET['ID']}."; 54 | event_add($_GET['ID'], 55 | "You received \${$_POST['money']} from {$ir['username']}.", 56 | $c); 57 | $it = 58 | mysql_query( 59 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}", 60 | $c) or die(mysql_error()); 61 | $er = mysql_fetch_array($it); 62 | mysql_query( 63 | "INSERT INTO cashxferlogs VALUES(NULL, $userid, {$_GET['ID']}, {$_POST['money']}, " 64 | . time() 65 | . ", '{$ir['lastip']}', '{$er['lastip']}')", $c); 66 | } 67 | } 68 | else 69 | { 70 | print 71 | "

Sending Money

72 | You are sending money to ID: {$_GET['ID']}. 73 |
74 | Amnt:
75 |
"; 76 | print 77 | "

Latest 5 Transfers

78 | "; 79 | $q = 80 | mysql_query( 81 | "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid WHERE cx.cxFROM=$userid ORDER BY cx.cxTIME DESC LIMIT 5", 82 | $c) 83 | or die( 84 | mysql_error() . "
" 85 | . "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid WHERE cx.cxFROM=$userid ORDER BY cx.cxTIME DESC LIMIT 5"); 86 | while ($r = mysql_fetch_array($q)) 87 | { 88 | if ($r['cxFROMIP'] == $r['cxTOIP']) 89 | { 90 | $m = "MULTI"; 91 | } 92 | else 93 | { 94 | $m = ""; 95 | } 96 | print 97 | ""; 99 | } 100 | print "
Time User From User To Amount
" . date("F j, Y, g:i:s a", $r['cxTIME']) 98 | . "{$r['sender']} [{$r['cxFROM']}] {$r['sent']} [{$r['cxTO']}] \${$r['cxAMOUNT']}
"; 101 | } 102 | } 103 | $h->endpage(); 104 | -------------------------------------------------------------------------------- /itemsend.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | //itemsend 28 | if ($_GET['qty'] && $_GET['user']) 29 | { 30 | $id = 31 | mysql_query( 32 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 33 | $c); 34 | if (mysql_num_rows($id) == 0) 35 | { 36 | print "Invalid item ID"; 37 | } 38 | else 39 | { 40 | $r = mysql_fetch_array($id); 41 | $m = 42 | mysql_query( 43 | "SELECT * FROM users WHERE userid={$_GET['user']} LIMIT 1", 44 | $c); 45 | if ($_GET['qty'] > $r['inv_qty']) 46 | { 47 | print "You are trying to send more than you have!"; 48 | } 49 | else if ($_GET['qty'] <= 0) 50 | { 51 | print "You know, I'm not dumb, j00 cheating hacker."; 52 | } 53 | else if (mysql_num_rows($m) == 0) 54 | { 55 | print "You are trying to send to an invalid user!"; 56 | } 57 | else 58 | { 59 | $rm = mysql_fetch_array($m); 60 | //are we sending it all 61 | if ($_GET['qty'] == $r['inv_qty']) 62 | { 63 | //just give them possession of the item 64 | mysql_query( 65 | "UPDATE inventory SET inv_userid={$_GET['user']} WHERE inv_id={$_GET['ID']} LIMIT 1", 66 | $c); 67 | 68 | } 69 | else 70 | { 71 | //create seperate 72 | mysql_query( 73 | "INSERT INTO inventory VALUES(NULL,'{$r['inv_itemid']}',{$_GET['user']},{$_GET['qty']});", 74 | $c); 75 | mysql_query( 76 | "UPDATE inventory SET inv_qty=inv_qty-{$_GET['qty']} WHERE inv_id={$_GET['ID']} LIMIT 1;", 77 | $c); 78 | } 79 | print 80 | "You sent {$_GET['qty']} {$r['itmname']}(s) to {$rm['username']}"; 81 | event_add($_GET['user'], 82 | "You received {$_GET['qty']} {$r['itmname']}(s) from {$ir['username']}", 83 | $c); 84 | mysql_query( 85 | "INSERT INTO itemxferlogs VALUES(NULL,$userid,{$_GET['user']},{$r['itmid']},{$_GET['qty']}," 86 | . time() . ")", $c); 87 | } 88 | } 89 | } 90 | else if ($_GET['ID']) 91 | { 92 | $id = 93 | mysql_query( 94 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 95 | $c); 96 | if (mysql_num_rows($id) == 0) 97 | { 98 | print "Invalid item ID"; 99 | } 100 | else 101 | { 102 | $r = mysql_fetch_array($id); 103 | print 104 | "Enter who you want to send {$r['itmname']} to and how many you want to send. You have {$r['inv_qty']} to send.
105 |
106 | User ID:
107 | Quantity:
108 |
"; 109 | } 110 | } 111 | else 112 | { 113 | print "Invalid use of file."; 114 | } 115 | $h->endpage(); 116 | -------------------------------------------------------------------------------- /hirespy.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if ($ir['user_level'] != 2) 28 | { 29 | die(""); 30 | } 31 | $_POST['ID'] = abs((int) $_POST['ID']); 32 | $_GET['ID'] = abs((int) $_GET['ID']); 33 | if ($_POST['ID']) 34 | { 35 | $q = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_POST['ID']}", 38 | $c); 39 | $r = mysql_fetch_array($q); 40 | if ($r['user_level'] == 2) 41 | { 42 | print 43 | "The spy never came back. It was rumoured he was attacked by {$r['username']} and pushed off a cliff."; 44 | } 45 | else 46 | { 47 | $payment = $r['level'] * 1000; 48 | mysql_query( 49 | "UPDATE users SET money=money-$payment WHERE userid=$userid", 50 | $c); 51 | $exp = 52 | (int) ($r['exp'] 53 | / (($r['level'] + 1) * ($r['level'] + 1) 54 | * ($r['level'] + 1) * 2) * 100); 55 | print 56 | "You have hired a spy to get information on {$r['username']} at the cost of \$$payment. Here is the info he retrieved:
57 | Strength: {$r['strength']}
58 | Agility: {$r['agility']}
59 | Guard: {$r['guard']}
60 | Labour: {$r['labour']}
61 | IQ: {$r['IQ']}
62 | Exp: $exp%
63 | Here is his/her inventory.
"; 64 | $inv = 65 | mysql_query( 66 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$r['userid']}", 67 | $c); 68 | if (mysql_num_rows($inv) == 0) 69 | { 70 | print "This person has no items!"; 71 | } 72 | else 73 | { 74 | print 75 | "His/her items are listed below.
76 | "; 77 | while ($i = mysql_fetch_array($inv)) 78 | { 79 | print ""; 87 | } 88 | print "
ItemSell ValueTotal Sell Value
{$i['itmname']}"; 80 | if ($i['inv_qty'] > 1) 81 | { 82 | print " x{$i['inv_qty']}"; 83 | } 84 | print "\${$i['itmsellprice']}"; 85 | print "$" . ($i['itmsellprice'] * $i['inv_qty']); 86 | print "
"; 89 | } 90 | } 91 | } 92 | else 93 | { 94 | $q = 95 | mysql_query( 96 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}", 97 | $c); 98 | if (mysql_num_rows($q) == 0) 99 | { 100 | print "This user does not exist."; 101 | } 102 | else 103 | { 104 | $r = mysql_fetch_array($q); 105 | $payment = $r['level'] * 1000; 106 | print 107 | "You are hiring a spy to spy on {$r['username']} at the cost of \$$payment.
"; 108 | if ($ir['money'] >= $payment) 109 | { 110 | print 111 | "
"; 112 | } 113 | else 114 | { 115 | print "You don't have enough money!"; 116 | } 117 | } 118 | } 119 | 120 | $h->endpage(); 121 | -------------------------------------------------------------------------------- /crystaltemple.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | if (!$_GET['spend']) 28 | { 29 | print 30 | "Welcome to the crystal temple!
31 | You have {$ir['crystals']} crystals.
32 | What would you like to spend your crystals on?
33 |
34 | Energy Refill - 12 Crystals
35 | IQ - 5 IQ per crystal
36 | Money - \$200 per crystal
"; 37 | } 38 | else 39 | { 40 | if ($_GET['spend'] == 'refill') 41 | { 42 | if ($ir['crystals'] < 12) 43 | { 44 | print "You don't have enough crystals!"; 45 | } 46 | else if ($ir['energy'] == $ir['maxenergy']) 47 | { 48 | print "You already have full energy."; 49 | } 50 | else 51 | { 52 | mysql_query( 53 | "UPDATE users SET energy=maxenergy,crystals=crystals-12 WHERE userid=$userid", 54 | $c); 55 | print "You have paid 12 crystals to refill your energy bar."; 56 | } 57 | } 58 | else if ($_GET['spend'] == 'IQ') 59 | { 60 | print 61 | "Type in the amount of crystals you want to swap for IQ.
62 | You have {$ir['crystals']} crystals.
63 | One crystal = 5 IQ.

"; 64 | } 65 | else if ($_GET['spend'] == 'IQ2') 66 | { 67 | $_POST['crystals'] = (int) $_POST['crystals']; 68 | if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) 69 | { 70 | print 71 | "Error, you either do not have enough crystals or did not fill out the form.
72 | Back"; 73 | } 74 | else 75 | { 76 | $iqgain = $_POST['crystals'] * 5; 77 | mysql_query( 78 | "UPDATE users SET crystals=crystals-{$_POST['crystals']} WHERE userid=$userid", 79 | $c); 80 | mysql_query( 81 | "UPDATE userstats SET IQ=IQ+$iqgain WHERE userid=$userid", 82 | $c); 83 | print "You traded {$_POST['crystals']} crystals for $iqgain IQ."; 84 | } 85 | } 86 | else if ($_GET['spend'] == 'money') 87 | { 88 | print 89 | "Type in the amount of crystals you want to swap for \$\$\$.
90 | You have {$ir['crystals']} crystals.
91 | One crystal = \$200.

"; 92 | } 93 | else if ($_GET['spend'] == 'money2') 94 | { 95 | $_POST['crystals'] = (int) $_POST['crystals']; 96 | if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) 97 | { 98 | print 99 | "Error, you either do not have enough crystals or did not fill out the form.
100 | Back"; 101 | } 102 | else 103 | { 104 | $iqgain = $_POST['crystals'] * 200; 105 | mysql_query( 106 | "UPDATE users SET crystals=crystals-{$_POST['crystals']},money=money+$iqgain WHERE userid=$userid", 107 | $c); 108 | print "You traded {$_POST['crystals']} crystals for \$$iqgain."; 109 | } 110 | } 111 | } 112 | 113 | $h->endpage(); 114 | -------------------------------------------------------------------------------- /bank.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

Bank

"; 28 | if ($ir['bankmoney'] > -1) 29 | { 30 | switch ($_GET['action']) 31 | { 32 | case "deposit": 33 | deposit(); 34 | break; 35 | 36 | case "withdraw": 37 | withdraw(); 38 | break; 39 | 40 | default: 41 | index(); 42 | break; 43 | } 44 | 45 | } 46 | else 47 | { 48 | if (isset($_GET['buy'])) 49 | { 50 | if ($ir['money'] > 49999) 51 | { 52 | print 53 | "Congratulations, you bought a bank account for \$50,000!
54 | Start using my account"; 55 | mysql_query( 56 | "UPDATE users SET money=money-50000,bankmoney=0 WHERE userid=$userid", 57 | $c); 58 | } 59 | else 60 | { 61 | print 62 | "You do not have enough money to open an account. 63 | Back to town..."; 64 | } 65 | } 66 | else 67 | { 68 | print 69 | "Open a bank account today, just \$50,000!
70 | > Yes, sign me up!"; 71 | } 72 | } 73 | 74 | function index() 75 | { 76 | global $ir, $c, $userid, $h; 77 | print 78 | "\nYou currently have \${$ir['bankmoney']} in the bank.
79 | At the end of each day, your bank balance will go up by 2%.
80 |
Deposit Money
81 | It will cost you 15% of the money you deposit, rounded up. The maximum fee is \$3,000.
82 | Amount:
83 |
84 | Withdraw Money
85 | There is no fee on withdrawals.
86 | Amount:
87 |
"; 88 | } 89 | 90 | function deposit() 91 | { 92 | global $ir, $c, $userid, $h; 93 | $_POST['deposit'] = abs((int) $_POST['deposit']); 94 | if ($_POST['deposit'] > $ir['money']) 95 | { 96 | print "You do not have enough money to deposit this amount."; 97 | } 98 | else 99 | { 100 | $fee = ceil($_POST['deposit'] * 15 / 100); 101 | if ($fee > 3000) 102 | { 103 | $fee = 3000; 104 | } 105 | $gain = $_POST['deposit'] - $fee; 106 | $ir['bankmoney'] += $gain; 107 | mysql_query( 108 | "UPDATE users SET bankmoney=bankmoney+$gain, money=money-{$_POST['deposit']} where userid=$userid", 109 | $c); 110 | print 111 | "You hand over \${$_POST['deposit']} to be deposited,
112 | after the fee is taken (\$$fee), \$$gain is added to your account.
113 | You now have \${$ir['bankmoney']} in the bank.
114 | > Back"; 115 | } 116 | } 117 | 118 | function withdraw() 119 | { 120 | global $ir, $c, $userid, $h; 121 | $_POST['withdraw'] = abs((int) $_POST['withdraw']); 122 | if ($_POST['withdraw'] > $ir['bankmoney']) 123 | { 124 | print "You do not have enough banked money to withdraw this amount."; 125 | } 126 | else 127 | { 128 | 129 | $gain = $_POST['withdraw']; 130 | $ir['bankmoney'] -= $gain; 131 | mysql_query( 132 | "UPDATE users SET bankmoney=bankmoney-$gain, money=money+$gain where userid=$userid", 133 | $c); 134 | print 135 | "You ask to withdraw $gain,
136 | the banking lady grudgingly hands it over.
137 | You now have \${$ir['bankmoney']} in the bank.
138 | > Back"; 139 | } 140 | } 141 | $h->endpage(); 142 | -------------------------------------------------------------------------------- /register.php: -------------------------------------------------------------------------------- 1 | 9 | 10 | 11 | 12 | 13 | breakthenet 14 | 15 | 16 | Your Game Logo 17 |
18 | EOF; 19 | $ip = ($_SERVER['REMOTE_ADDR']); 20 | if (file_exists('ipbans/' . $ip)) 21 | { 22 | die( 23 | " 24 | Your IP has been banned, there is no way around this. 25 | 26 | "); 27 | } 28 | if ($_POST['username']) 29 | { 30 | $sm = 1000; 31 | if ($_POST['promo'] == "Your Promo Code Here") 32 | { 33 | $sm += 1000; 34 | } 35 | $username = $_POST['username']; 36 | $username = 37 | mysql_real_escape_string( 38 | htmlentities(stripslashes($username), ENT_QUOTES, 39 | 'ISO-8859-1'), $c); 40 | $q = mysql_query("SELECT * FROM users WHERE username='{$username}'", $c); 41 | if (mysql_num_rows($q)) 42 | { 43 | print "Username already in use. Choose another."; 44 | } 45 | else if ($_POST['password'] != $_POST['cpassword']) 46 | { 47 | print "The passwords did not match, go back and try again."; 48 | } 49 | else 50 | { 51 | $_POST['ref'] = abs((int) $_POST['ref']); 52 | $ip = $_SERVER['REMOTE_ADDR']; 53 | if ($_POST['ref']) 54 | { 55 | $q = 56 | mysql_query( 57 | "SELECT `lastip` 58 | FROM `users` 59 | WHERE `userid` = {$_POST['ref']}", $c); 60 | if (mysql_num_rows($q) == 0) 61 | { 62 | mysql_free_result($q); 63 | echo "Referrer does not exist.
64 | > Back"; 65 | die(''); 66 | } 67 | $rem_IP = mysql_result($q, 0, 0); 68 | mysql_free_result($q); 69 | if ($rem_IP == $ip) 70 | { 71 | echo "No creating referral multies.
72 | > Back"; 73 | die(''); 74 | } 75 | } 76 | mysql_query( 77 | "INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), 1, $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, 'Male', " 78 | . time() . ", '{$_POST['email']}', -1, '$ip')", $c); 79 | $i = mysql_insert_id($c); 80 | mysql_query("INSERT INTO userstats VALUES($i, 10, 10, 10, 10, 10)", $c); 81 | 82 | if ($_POST['ref']) 83 | { 84 | mysql_query( 85 | "UPDATE `users` 86 | SET `crystals` = `crystals` + 2 87 | WHERE `userid` = {$_POST['ref']}"); 88 | event_add($_POST['ref'], 89 | "For refering $username to the game, you have earnt 2 valuable crystals!", 90 | $c); 91 | $e_rip = mysql_real_escape_string($rem_IP, $c); 92 | $e_oip = mysql_real_escape_string($ip, $c); 93 | mysql_query( 94 | "INSERT INTO `referals` 95 | VALUES(NULL, {$_POST['ref']}, $i, " . time() 96 | . ", '{$e_rip}', '$e_oip')", $c); 97 | } 98 | print 99 | "You have signed up, enjoy the game.
100 | > Login"; 101 | } 102 | } 103 | else 104 | { 105 | $gref = abs((int) $_GET['REF']); 106 | $fref = $gref ? $gref : ''; 107 | echo << 109 | breakthenet Registration 110 | 111 |
112 | Username:
113 | Password:
114 | Confirm Password:
115 | Email:
116 | Promo Code:
117 | 118 | 119 |

120 | > Go Back 121 | EOF; 122 | } 123 | print ""; 124 | -------------------------------------------------------------------------------- /cyberbank.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

Cyber Bank

"; 28 | if ($ir['cybermoney'] > -1) 29 | { 30 | switch ($_GET['action']) 31 | { 32 | case "deposit": 33 | deposit(); 34 | break; 35 | 36 | case "withdraw": 37 | withdraw(); 38 | break; 39 | 40 | default: 41 | index(); 42 | break; 43 | } 44 | 45 | } 46 | else 47 | { 48 | if (isset($_GET['buy'])) 49 | { 50 | if ($ir['money'] > 9999999) 51 | { 52 | print 53 | "Congratulations, you bought a bank account for \$10,000,000!
54 | Start using my account"; 55 | mysql_query( 56 | "UPDATE users SET money=money-10000000,cybermoney=0 WHERE userid=$userid", 57 | $c); 58 | } 59 | else 60 | { 61 | print 62 | "You do not have enough money to open an account. 63 | Back to town..."; 64 | } 65 | } 66 | else 67 | { 68 | print 69 | "Open a bank account today, just \$10,000,000!
70 | > Yes, sign me up!"; 71 | } 72 | } 73 | 74 | function index() 75 | { 76 | global $ir, $c, $userid, $h; 77 | print 78 | "\nYou currently have \${$ir['cybermoney']} in the bank.
79 | At the end of each day, your bank balance will go up by 7%.
80 |
Deposit Money
81 | It will cost you 15% of the money you deposit, rounded up. The maximum fee is \$1,500,000.
82 | Amount:
83 |
84 | Withdraw Money
85 | It will cost you 7.5% of the money you withdraw, rounded up. The maximum fee is \$750,000.
86 | Amount:
87 |
"; 88 | } 89 | 90 | function deposit() 91 | { 92 | global $ir, $c, $userid, $h; 93 | $_POST['deposit'] = abs((int) $_POST['deposit']); 94 | if ($_POST['deposit'] > $ir['money']) 95 | { 96 | print "You do not have enough money to deposit this amount."; 97 | } 98 | else 99 | { 100 | $fee = ceil($_POST['deposit'] * 15 / 100); 101 | if ($fee > 1500000) 102 | { 103 | $fee = 1500000; 104 | } 105 | $gain = $_POST['deposit'] - $fee; 106 | $ir['cybermoney'] += $gain; 107 | mysql_query( 108 | "UPDATE users SET cybermoney=cybermoney+$gain, money=money-{$_POST['deposit']} where userid=$userid", 109 | $c); 110 | print 111 | "You hand over \${$_POST['deposit']} to be deposited,
112 | after the fee is taken (\$$fee), \$$gain is added to your account.
113 | You now have \${$ir['cybermoney']} in the Cyber Bank.
114 | > Back"; 115 | } 116 | } 117 | 118 | function withdraw() 119 | { 120 | global $ir, $c, $userid, $h; 121 | $_POST['withdraw'] = abs((int) $_POST['withdraw']); 122 | if ($_POST['withdraw'] > $ir['cybermoney']) 123 | { 124 | print "You do not have enough banked money to withdraw this amount."; 125 | } 126 | else 127 | { 128 | $fee = ceil($_POST['withdraw'] * 75 / 1000); 129 | if ($fee > 750000) 130 | { 131 | $fee = 750000; 132 | } 133 | $gain = $_POST['withdraw'] - $fee; 134 | $ir['cybermoney'] -= $gain; 135 | mysql_query( 136 | "UPDATE users SET cybermoney=cybermoney-$gain, money=money+$gain where userid=$userid", 137 | $c); 138 | print 139 | "You ask to withdraw $gain,
140 | the teller hands it over after she takes the bank fees.
141 | You now have \${$ir['cybermoney']} in the Cyber Bank.
142 | > Back"; 143 | } 144 | } 145 | $h->endpage(); 146 | -------------------------------------------------------------------------------- /slotsmachine3.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $tresder = (int) (rand(100, 999)); 28 | $maxbet = $ir['level'] * 500; 29 | $_GET['tresde'] = abs((int) $_GET['tresde']); 30 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 31 | { 32 | die( 33 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
34 | > Back"); 35 | } 36 | $_SESSION['tresde'] = $_GET['tresde']; 37 | $_GET['bet'] = abs((int) $_GET['bet']); 38 | print "

5 Line Slotmachine

"; 39 | if ($_GET['bet']) 40 | { 41 | if ($_GET['bet'] > $ir['money']) 42 | { 43 | die( 44 | "You are trying to bet more than you have.
45 | > Back"); 46 | } 47 | else if ($_GET['bet'] > $maxbet) 48 | { 49 | die( 50 | "You have gone over the max bet.
51 | > Back"); 52 | } 53 | 54 | $slot[1] = (int) rand(0, 9); 55 | $slot[2] = (int) rand(0, 9); 56 | $slot[3] = (int) rand(0, 9); 57 | $slot[4] = (int) rand(0, 9); 58 | $slot[5] = (int) rand(0, 9); 59 | print 60 | "You place \${$_GET['bet']} into the slot and pull the pole.
61 | You see the numbers: $slot[1] $slot[2] $slot[3] $slot[4] $slot[5]
62 | You bet \${$_GET['bet']} "; 63 | if ($slot[1] == $slot[2] && $slot[2] == $slot[3] && $slot[3] == $slot[4] 64 | && $slot[4] == $slot[5]) 65 | { 66 | $won = $_GET['bet'] * 126; 67 | $gain = $_GET['bet'] * 125; 68 | print 69 | "and won \$$won by lining up 5 numbers pocketing you \$$gain extra."; 70 | } 71 | else if (($slot[1] == $slot[2] && $slot[2] == $slot[3] 72 | && $slot[3] == $slot[4]) 73 | || ($slot[2] == $slot[3] && $slot[3] == $slot[4] 74 | && $slot[4] == $slot[5]) 75 | || ($slot[1] == $slot[3] && $slot[3] == $slot[4] 76 | && $slot[4] == $slot[5]) 77 | || ($slot[1] == $slot[2] && $slot[2] == $slot[4] 78 | && $slot[4] == $slot[5]) 79 | || ($slot[1] == $slot[2] && $slot[2] == $slot[3] 80 | && $slot[3] == $slot[5])) 81 | { 82 | $won = $_GET['bet'] * 36; 83 | $gain = $_GET['bet'] * 35; 84 | print 85 | "and won \$$won by lining up 4 numbers pocketing you \$$gain extra."; 86 | } 87 | else if (($slot[1] == $slot[2] && $slot[2] == $slot[3]) 88 | || ($slot[2] == $slot[3] && $slot[3] == $slot[5]) 89 | || ($slot[3] == $slot[4] && $slot[4] == $slot[5]) 90 | || ($slot[1] == $slot[3] && $slot[3] == $slot[5]) 91 | || ($slot[1] == $slot[4] && $slot[4] == $slot[5]) 92 | || ($slot[1] == $slot[2] && $slot[2] == $slot[4]) 93 | || ($slot[2] == $slot[3] && $slot[3] == $slot[5]) 94 | || ($slot[1] == $slot[3] && $slot[3] == $slot[4]) 95 | || ($slot[2] == $slot[4] && $slot[4] == $slot[5]) 96 | || ($slot[1] == $slot[2] && $slot[2] == $slot[5]) 97 | || ($slot[2] == $slot[3] && $slot[3] == $slot[4])) 98 | { 99 | $won = $_GET['bet'] * 9; 100 | $gain = $_GET['bet'] * 8; 101 | print 102 | "and won \$$won by lining up 3 numbers pocketing you \$$gain extra."; 103 | } 104 | else 105 | { 106 | $won = 0; 107 | $gain = -$_GET['bet']; 108 | print "and lost it."; 109 | } 110 | mysql_query( 111 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 112 | $tresder = (int) (rand(100, 999)); 113 | print 114 | "
115 | > Another time, same bet.
116 | > I'll continue, but I'm changing my bet.
117 | > Enough's enough, I'm off."; 118 | } 119 | else 120 | { 121 | print 122 | "Ready to try your luck? Play today!
123 | The maximum bet for your level is \$$maxbet.
124 |
125 | Bet: \$
126 | 127 | 128 |
"; 129 | } 130 | 131 | $h->endpage(); 132 | -------------------------------------------------------------------------------- /stafflist.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | $staff = array(); 28 | $q = 29 | mysql_query( 30 | "SELECT `userid`, `laston`, `username`, `level`, `money`, 31 | `user_level` 32 | FROM `users` 33 | WHERE `user_level` IN(2, 3, 4, 5) 34 | ORDER BY `userid` ASC",$c); 35 | while ($r = mysql_fetch_assoc($q)) 36 | { 37 | $staff[$r['userid']] = $r; 38 | } 39 | mysql_free_result($q); 40 | echo ' 41 | Admins 42 |
43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | '; 52 | 53 | foreach ($staff as $r) 54 | { 55 | if ($r['user_level'] == 2) 56 | { 57 | $on = 58 | ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) 59 | ? 'Online' 60 | : 'Offline'; 61 | echo ' 62 | 63 | 65 | 66 | 67 | 68 | 69 | 70 | '; 71 | } 72 | } 73 | echo '
UserLevelMoneyLast SeenStatus
' 64 | . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
74 | 75 | Secretaries 76 |
77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | '; 86 | foreach ($staff as $r) 87 | { 88 | if ($r['user_level'] == 3) 89 | { 90 | $on = 91 | ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) 92 | ? 'Online' 93 | : 'Offline'; 94 | echo ' 95 | 96 | 98 | 99 | 100 | 101 | 102 | 103 | '; 104 | } 105 | } 106 | echo '
UserLevelMoneyLast SeenStatus
' 97 | . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
107 | 108 | Assistants 109 |
110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | '; 119 | foreach ($staff as $r) 120 | { 121 | if ($r['user_level'] == 5) 122 | { 123 | $on = 124 | ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) 125 | ? 'Online' 126 | : 'Offline'; 127 | echo ' 128 | 129 | 131 | 132 | 133 | 134 | 135 | 136 | '; 137 | } 138 | } 139 | echo '
UserLevelMoneyLast SeenStatus
' 130 | . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
140 | 141 | IRC Ops 142 |
143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | '; 152 | foreach ($staff as $r) 153 | { 154 | if ($r['user_level'] == 4) 155 | { 156 | $on = 157 | ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) 158 | ? 'Online' 159 | : 'Offline'; 160 | echo ' 161 | 162 | 164 | 165 | 166 | 167 | 168 | 169 | '; 170 | } 171 | } 172 | echo '
UserLevelMoneyLast SeenStatus
' 163 | . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
'; 173 | $h->endpage(); 174 | -------------------------------------------------------------------------------- /slotsmachine2.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | die("xD"); 28 | $tresder = (int) (rand(100, 999)); 29 | $maxbet = $ir['level'] * 50; 30 | $_GET['tresde'] = abs((int) $_GET['tresde']); 31 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 32 | { 33 | die( 34 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
35 | > Back"); 36 | } 37 | $_SESSION['tresde'] = $_GET['tresde']; 38 | $_GET['bet'] = abs((int) $_GET['bet']); 39 | print "

Slots

"; 40 | if ($_GET['bet']) 41 | { 42 | if ($_GET['bet'] > $ir['money']) 43 | { 44 | die( 45 | "You are trying to bet more than you have.
46 | > Back"); 47 | } 48 | else if ($_GET['bet'] > $maxbet) 49 | { 50 | die( 51 | "You have gone over the max bet.
52 | > Back"); 53 | } 54 | 55 | for ($i = 1; $i <= 5; $i++) 56 | { 57 | $slot[$i] = strtoupper(base_convert(rand(0, 25) + 10, 10, 36)); 58 | } 59 | print 60 | "You place \${$_GET['bet']} into the slot and pull the pole.
61 | You see the numbers: $slot[1] $slot[2] $slot[3] $slot[4] $slot[5]
62 | You bet \${$_GET['bet']} "; 63 | if ($slot[1] == $slot[2] && $slot[2] == $slot[3] && $slot[3] == $slot[4] 64 | && $slot[4] == $slot[5]) 65 | { 66 | $won = $_GET['bet'] * 76; 67 | $gain = $_GET['bet'] * 75; 68 | print 69 | "and won \$$won by lining up 5 numbers pocketing you \$$gain extra."; 70 | } 71 | else if (($slot[1] == $slot[2] && $slot[2] == $slot[3] 72 | && $slot[3] == $slot[4]) 73 | || ($slot[2] == $slot[3] && $slot[3] == $slot[4] 74 | && $slot[4] == $slot[5]) 75 | || ($slot[1] == $slot[3] && $slot[3] == $slot[4] 76 | && $slot[4] == $slot[5]) 77 | || ($slot[1] == $slot[2] && $slot[2] 78 | == $slot[4] && $slot[4] == $slot[5]) 79 | || ($slot[1] == $slot[2] && $slot[2] == $slot[3] 80 | && $slot[3] == $slot[5])) 81 | { 82 | $won = $_GET['bet'] * 26; 83 | $gain = $_GET['bet'] * 25; 84 | print 85 | "and won \$$won by lining up 4 numbers pocketing you \$$gain extra."; 86 | } 87 | else if (($slot[1] == $slot[2] && $slot[2] == $slot[3]) 88 | || ($slot[2] == $slot[3] && $slot[3] == $slot[5]) 89 | || ($slot[3] == $slot[4] && $slot[4] == $slot[5]) 90 | || ($slot[1] == $slot[3] && $slot[3] == $slot[5]) 91 | || ($slot[1] == $slot[4] && $slot[4] == $slot[5]) 92 | || ($slot[1] 93 | == $slot[2] && $slot[2] == $slot[4]) 94 | || ($slot[2] == $slot[3] && $slot[3] == $slot[5]) 95 | || ($slot[1] == $slot[3] && $slot[3] == $slot[4]) 96 | || ($slot[2] == $slot[3] && $slot[3] == $slot[4]) 97 | || ($slot[2] == $slot[4] && $slot[4] == $slot[5]) 98 | || ($slot[1] == $slot[2] && $slot[2] == $slot[5])) 99 | { 100 | $won = $_GET['bet'] * 6; 101 | $gain = $_GET['bet'] * 5; 102 | print 103 | "and won \$$won by lining up 3 numbers pocketing you \$$gain extra."; 104 | } 105 | else if ($slot[1] == $slot[2] || $slot[1] == $slot[3] 106 | || $slot[1] == $slot[4] || $slot[1] == $slot[5] 107 | || $slot[2] == $slot[3] || $slot[2] == $slot[4] 108 | || $slot[2] == $slot[5] || $slot[3] == $slot[4] 109 | || $slot[3] == $slot[5] || $slot[4] == $slot[5]) 110 | { 111 | $won = $_GET['bet'] * 3; 112 | $gain = $_GET['bet'] * 2; 113 | print 114 | "and won \$$won by lining up 2 numbers pocketing you \$$gain extra."; 115 | } 116 | else 117 | { 118 | $won = 0; 119 | $gain = -$_GET['bet']; 120 | print "and lost it."; 121 | } 122 | mysql_query( 123 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 124 | $tresder = (int) (rand(100, 999)); 125 | print 126 | "
127 | > Another time, same bet.
128 | > I'll continue, but I'm changing my bet.
129 | > Enough's enough, I'm off."; 130 | } 131 | else 132 | { 133 | print 134 | "Ready to try your luck? Play today!
135 | The maximum bet for your level is \$$maxbet.
136 |
137 | Bet: \$
138 | 139 | 140 |
"; 141 | } 142 | 143 | $h->endpage(); 144 | -------------------------------------------------------------------------------- /header.php: -------------------------------------------------------------------------------- 1 | 16 | 17 | 18 | 19 | 20 | breakthenet 21 | 22 | 23 | 24 | EOF; 25 | } 26 | 27 | function userdata($ir, $lv, $fm, $cm, $dosessh = 1) 28 | { 29 | global $c, $userid; 30 | $ip = ($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; 31 | mysql_query( 32 | "UPDATE users SET laston=" . time() 33 | . ",lastip='$ip' WHERE userid=$userid", $c); 34 | if (!$ir['email']) 35 | { 36 | die( 37 | "Your account may be broken. Please mail help@yourgamename.com stating your username and player ID."); 38 | } 39 | if ($dosessh && isset($_SESSION['attacking'])) 40 | { 41 | if ($_SESSION['attacking'] > 0) 42 | { 43 | print "You lost all your EXP for running from the fight."; 44 | mysql_query("UPDATE users SET exp=0 WHERE userid=$userid", $c); 45 | $_SESSION['attacking'] = 0; 46 | } 47 | } 48 | $enperc = (int) ($ir['energy'] / $ir['maxenergy'] * 100); 49 | $wiperc = (int) ($ir['will'] / $ir['maxwill'] * 100); 50 | $experc = (int) ($ir['exp'] / $ir['exp_needed'] * 100); 51 | $brperc = (int) ($ir['brave'] / $ir['maxbrave'] * 100); 52 | $hpperc = (int) ($ir['hp'] / $ir['maxhp'] * 100); 53 | $enopp = 100 - $enperc; 54 | $wiopp = 100 - $wiperc; 55 | $exopp = 100 - $experc; 56 | $bropp = 100 - $brperc; 57 | $hpopp = 100 - $hpperc; 58 | $d = ""; 59 | $u = $ir['username']; 60 | if ($ir['donatordays']) 61 | { 62 | $u = "{$ir['username']}"; 63 | $d = 64 | "Donator: {$ir["; 65 | } 66 | print 67 | " 68 | 69 |
Name: {$u} [{$ir['userid']}] $d
70 | Money: {$fm}
71 | Level: {$ir['level']}
72 | Crystals: {$ir['crystals']}
73 | [Emergency Logout]		 74 | Energy: {$enperc}%
75 |
76 | Will: {$wiperc}%
77 |
78 | Brave: {$ir['brave']}/{$ir['maxbrave']}
79 |
80 | EXP: {$experc}%
81 |
82 | Health: {$hpperc}%
83 |
Vote for breakthenet on various gaming sites and be rewarded!

84 |
Donate to breakthenet, it's only \$3 and gets you a lot of benefits!

85 | "; 86 | $q = mysql_query("SELECT * FROM ads ORDER BY rand() LIMIT 1", $c); 87 | if (mysql_num_rows($q)) 88 | { 89 | $r = mysql_fetch_array($q); 90 | print 91 | "
Paid Advertisement

"; 92 | mysql_query( 93 | "UPDATE ads SET adVIEWS=adVIEWS+1 WHERE adID={$r['adID']}", 94 | $c); 95 | } 96 | print "
97 | "; 98 | if ($ir['fedjail']) 99 | { 100 | $q = 101 | mysql_query( 102 | "SELECT * FROM fedjail WHERE fed_userid=$userid", 103 | $c); 104 | $r = mysql_fetch_array($q); 105 | die( 106 | "You have been put in the breakthenet Federal Jail for {$r['fed_days']} day(s).
107 | Reason: {$r['fed_reason']}"); 108 | } 109 | if (file_exists('ipbans/' . $ip)) 110 | { 111 | die( 112 | "Your IP has been banned, there is no way around this."); 113 | } 114 | } 115 | 116 | function menuarea() 117 | { 118 | include "mainmenu.php"; 119 | global $ir, $c; 120 | print "		 121 | "; 122 | } 123 | 124 | function endpage() 125 | { 126 | $year = date('Y'); 127 | print 128 | "
129 |
130 | Powered by codes made by Dabomstew. Copyright © {$year} admin. 131 |
132 | 133 | "; 134 | } 135 | } 136 | -------------------------------------------------------------------------------- /preferences_c5.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | 28 | switch ($_GET['action']) 29 | { 30 | case 'sexchange2': 31 | do_sex_change(); 32 | break; 33 | 34 | case 'sexchange': 35 | conf_sex_change(); 36 | break; 37 | 38 | case 'passchange2': 39 | do_pass_change(); 40 | break; 41 | 42 | case 'passchange': 43 | pass_change(); 44 | break; 45 | 46 | case 'namechange2': 47 | do_name_change(); 48 | break; 49 | 50 | case 'namechange': 51 | name_change(); 52 | break; 53 | 54 | case 'picchange2': 55 | do_pic_change(); 56 | break; 57 | 58 | case 'picchange': 59 | pic_change(); 60 | break; 61 | 62 | default: 63 | pic_change(); 64 | break; 65 | } 66 | 67 | function prefs_home() 68 | { 69 | global $ir, $c, $userid, $h; 70 | print 71 | "

Preferences

72 | Sex Change
73 | Password Change
74 | Name Change
75 | Display Pic Change"; 76 | } 77 | 78 | function conf_sex_change() 79 | { 80 | global $ir, $c, $userid, $h; 81 | if ($ir['gender'] == "Male") 82 | { 83 | $g = "Female"; 84 | } 85 | else 86 | { 87 | $g = "Male"; 88 | } 89 | print 90 | "Having the trans-gender costs 20 Crystals.
Are you sure you want to become a $g?
91 | Yes | No"; 92 | } 93 | 94 | function do_sex_change() 95 | { 96 | global $ir, $c, $userid, $h; 97 | if ($ir['crystals'] < 20) 98 | { 99 | print "You don't have enough crystals!"; 100 | exit; 101 | } 102 | else if ($ir['gender'] == "Male") 103 | { 104 | $g = "Female"; 105 | } 106 | else 107 | { 108 | $g = "Male"; 109 | } 110 | mysql_query("UPDATE users SET gender='$g' WHERE userid=$userid", $c); 111 | mysql_query("UPDATE users SET crystals=crystals-20 WHERE userid=$userid", 112 | $c); 113 | mysql_query("UPDATE users SET crystals=0 WHERE crystals<0", $c); 114 | print "Success, you are now $g!
115 | Back"; 116 | } 117 | 118 | function pass_change() 119 | { 120 | global $ir, $c, $userid, $h; 121 | print 122 | "

Password Change

Current Password:
123 | New Password:
124 | Confirm:
125 |
"; 126 | } 127 | 128 | function do_pass_change() 129 | { 130 | global $ir, $c, $userid, $h; 131 | $oldpw = stripslashes($_POST['oldpw']); 132 | $newpw = stripslashes($_POST['newpw']); 133 | $newpw2 = stripslashes($_POST['newpw2']); 134 | if (!verify_user_password($oldpw, $ir['userpass'])) 135 | { 136 | echo " 137 | The current password you entered was wrong.
138 | > Back 139 | "; 140 | } 141 | else if ($newpw !== $newpw2) 142 | { 143 | echo "The new passwords you entered did not match!
144 | > Back"; 145 | } 146 | else 147 | { 148 | // Re-encode password 149 | $new_psw = 150 | mysql_real_escape_string( 151 | encode_password($newpw), $c); 152 | mysql_query( 153 | "UPDATE `users` 154 | SET `userpass` = '{$new_psw}' 155 | WHERE `userid` = {$ir['userid']}", $c); 156 | echo "Password changed!
157 | > Go Back"; 158 | } 159 | } 160 | 161 | function name_change() 162 | { 163 | global $ir, $c, $userid, $h; 164 | print 165 | "

Name Change

166 | Changing your name now costs \$3000
167 | Please note that you still use the same name to login, this procedure simply changes the name that is displayed.
168 | New Name:
169 |
"; 170 | } 171 | 172 | function do_name_change() 173 | { 174 | global $ir, $c, $userid, $h; 175 | if ($ir['money'] < 3000) 176 | { 177 | print "You don't have enough money!"; 178 | exit; 179 | } 180 | else if ($_POST['newname'] == "") 181 | { 182 | print 183 | "You did not enter a new name.
184 | > Back"; 185 | } 186 | else 187 | { 188 | $_POST['newname'] = 189 | mysql_real_escape_string( 190 | htmlentities(stripslashes($_POST['newname']), 191 | ENT_QUOTES, 'ISO-8859-1'), $c); 192 | mysql_query( 193 | "UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid", 194 | $c); 195 | mysql_query("UPDATE users SET money=money-3000 WHERE userid=$userid", 196 | $c); 197 | mysql_query("UPDATE users SET money=0 WHERE money<0", $c); 198 | print "Username changed!"; 199 | } 200 | } 201 | 202 | function pic_change() 203 | { 204 | global $ir, $c, $userid, $h; 205 | print ""; 206 | } 207 | 208 | function do_pic_change() 209 | { 210 | } 211 | 212 | $h->endpage(); 213 | -------------------------------------------------------------------------------- /cmarket.php: -------------------------------------------------------------------------------- 1 | startheaders(); 14 | include "mysql.php"; 15 | global $c; 16 | $is = 17 | mysql_query( 18 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 19 | $c) or die(mysql_error()); 20 | $ir = mysql_fetch_array($is); 21 | check_level(); 22 | $fm = money_formatter($ir['money']); 23 | $cm = money_formatter($ir['crystals'], ''); 24 | $lv = date('F j, Y, g:i a', $ir['laston']); 25 | $h->userdata($ir, $lv, $fm, $cm); 26 | $h->menuarea(); 27 | print "

Crystal Market

"; 28 | switch ($_GET['action']) 29 | { 30 | case "buy": 31 | crystal_buy(); 32 | break; 33 | 34 | case "remove": 35 | crystal_remove(); 36 | break; 37 | 38 | case "add": 39 | crystal_add(); 40 | break; 41 | 42 | default: 43 | cmarket_index(); 44 | break; 45 | } 46 | 47 | function cmarket_index() 48 | { 49 | global $ir, $c, $userid, $h; 50 | print 51 | "> Add A Listing

52 | Viewing all listings... 53 | "; 54 | $q = 55 | mysql_query( 56 | "SELECT cm.*, u.* FROM crystalmarket cm LEFT JOIN users u ON u.userid=cm.cmADDER ORDER BY cmPRICE/cmQTY ASC", 57 | $c); 58 | while ($r = mysql_fetch_array($q)) 59 | { 60 | if ($r['cmADDER'] == $userid) 61 | { 62 | $link = 63 | "Remove"; 64 | } 65 | else 66 | { 67 | $link = 68 | "Buy"; 69 | } 70 | $each = (int) $r['cmPRICE'] / $r['cmQTY']; 71 | print 72 | "\n"; 76 | } 77 | print "
Adder Qty Price each Price total Links
{$r['username']} [{$r['userid']}] {$r['cmQTY']} \$" 73 | . number_format($each) . " \$" 74 | . number_format($r['cmPRICE']) 75 | . " [$link]
"; 78 | } 79 | 80 | function crystal_remove() 81 | { 82 | global $ir, $c, $userid, $h; 83 | $q = 84 | mysql_query( 85 | "SELECT * FROM crystalmarket WHERE cmID={$_GET['ID']} AND cmADDER=$userid", 86 | $c); 87 | if (!mysql_num_rows($q)) 88 | { 89 | print 90 | "Error, either these crystals do not exist, or you are not the owner.
91 | > Back"; 92 | $h->endpage(); 93 | exit; 94 | } 95 | $r = mysql_fetch_array($q); 96 | mysql_query( 97 | "UPDATE users SET crystals=crystals+{$r['cmQTY']} where userid=$userid", 98 | $c) or die(mysql_error()); 99 | mysql_query("DELETE FROM crystalmarket WHERE cmID={$_GET['ID']}", $c); 100 | print 101 | "Crystals removed from market!
102 | > Back"; 103 | } 104 | 105 | function crystal_buy() 106 | { 107 | global $ir, $c, $userid, $h; 108 | error_log("SELECT * FROM crystalmarket cm WHERE cmID={$_GET['ID']}"); 109 | $q = mysql_query("SELECT * FROM crystalmarket cm WHERE cmID={$_GET['ID']}", $c); 110 | if (!mysql_num_rows($q)) 111 | { 112 | print 113 | "Error, either these crystals do not exist, or they have already been bought.
114 | > Back"; 115 | $h->endpage(); 116 | exit; 117 | } 118 | $r = mysql_fetch_array($q); 119 | if ($r['cmPRICE'] > $ir['money']) 120 | { 121 | print 122 | "Error, you do not have the funds to buy these crystals.
123 | > Back"; 124 | $h->endpage(); 125 | exit; 126 | } 127 | error_log("UPDATE users SET crystals=crystals+{$r['cmQTY']} where userid=$userid"); 128 | mysql_query("UPDATE users SET crystals=crystals+{$r['cmQTY']} where userid=$userid", $c); 129 | mysql_query("DELETE FROM crystalmarket WHERE cmID={$_GET['ID']}", $c); 130 | mysql_query( 131 | "UPDATE users SET money=money-{$r['cmPRICE']} where userid=$userid", 132 | $c); 133 | mysql_query( 134 | "UPDATE users SET money=money+{$r['cmPRICE']} where userid={$r['cmADDER']}", 135 | $c); 136 | //event_add($r['cmADDER'], "{$ir['username']} bought your {$r['cmQTY']} crystals from the market for \$". number_format($r['cmPRICE']) . ".", $c); 137 | print 138 | "You bought the {$r['cmQTY']} crystals from the market for \$" 139 | . number_format($r['cmPRICE']) . "."; 140 | 141 | } 142 | 143 | function crystal_add() 144 | { 145 | global $ir, $c, $userid, $h; 146 | $_POST['amnt'] = abs((int) $_POST['amnt']); 147 | $_POST['price'] = abs((int) $_POST['price']); 148 | if ($_POST['amnt']) 149 | { 150 | if ($_POST['amnt'] > $ir['crystals']) 151 | { 152 | die( 153 | "You are trying to add more crystals to the market than you have."); 154 | } 155 | $tp = $_POST['amnt'] * $_POST['price']; 156 | mysql_query( 157 | "INSERT INTO crystalmarket VALUES(NULL,{$_POST['amnt']},$userid,$tp)", 158 | $c); 159 | mysql_query( 160 | "UPDATE users SET crystals=crystals-{$_POST['amnt']} WHERE userid=$userid", 161 | $c); 162 | print 163 | "Crystals added to market!
164 | > Back"; 165 | } 166 | else 167 | { 168 | print 169 | "Adding a listing...

170 | You have {$ir['crystals']} crystal(s) that you can add to the market.
171 | 172 | 173 |
Crystals:
Price Each:
"; 174 | } 175 | } 176 | $h->endpage(); 177 | -------------------------------------------------------------------------------- /mainmenu.php: -------------------------------------------------------------------------------- 1 | Home
12 | Items
13 | Explore
14 | "; 15 | $d = 16 | mysql_query( 17 | "SELECT COUNT(*) as cnt FROM events WHERE evUSER={$ir['userid']} AND evREAD=0", 18 | $c) or die(mysql_error()); 19 | $r = mysql_fetch_array($d); 20 | if ($r['cnt'] > 0) 21 | { 22 | print "Events ({$r['cnt']})"; 23 | } 24 | else 25 | { 26 | print "Events (0)"; 27 | } 28 | print "
29 | "; 30 | $d2 = 31 | mysql_query( 32 | "SELECT COUNT(*) as cnt FROM mail WHERE mail_to={$ir['userid']} AND mail_read=0", 33 | $c) or die(mysql_error()); 34 | $r = mysql_fetch_array($d2); 35 | if ($r['cnt'] > 0) 36 | { 37 | print "Mail ({$r['cnt']})"; 38 | } 39 | else 40 | { 41 | print "Mail (0)"; 42 | } 43 | print 44 | "
45 | Gym
46 | Crimes
47 | Local School
48 | Announcements
49 | Search
50 | Advanced Search
"; 51 | if ($ir['user_level'] > 1) 52 | { 53 | print "
54 | Staff Only
\n"; 55 | if ($ir['user_level'] < 6 and $ir['user_level'] != 4) 56 | { 57 | print "Staff Panel
\n"; 58 | } 59 | } 60 | if ($ir['user_level'] > 1) 61 | { 62 | print "
Staff Online:
"; 63 | $q = 64 | mysql_query( 65 | "SELECT * FROM users WHERE laston > " . (time() - 900) 66 | . " AND user_level>1 ORDER BY userid ASC", $c); 67 | while ($r = mysql_fetch_array($q)) 68 | { 69 | $la = time() - $r['laston']; 70 | $unit = "secs"; 71 | if ($la >= 60) 72 | { 73 | $la = (int) ($la / 60); 74 | $unit = "mins"; 75 | } 76 | if ($la >= 60) 77 | { 78 | $la = (int) ($la / 60); 79 | $unit = "hours"; 80 | if ($la >= 24) 81 | { 82 | $la = (int) ($la / 24); 83 | $unit = "days"; 84 | } 85 | } 86 | print 87 | "{$r['username']} ($la $unit)
"; 88 | } 89 | } 90 | if ($ir['donatordays']) 91 | { 92 | print 93 | "
94 | Donators Only
95 | Friends List
96 | Black List"; 97 | } 98 | print 99 | "
100 | Preferences
101 | 102 | Preferences: Challenge 1
103 | Preferences: Challenge 2
104 | Preferences: Challenge 3
105 | Preferences: Challenge 4
106 | Preferences: Challenge 5
107 | 108 | Player Report
109 | Help Tutorial
110 | Game Rules
111 | My Profile
112 | Logout

113 | Time is now
114 | "; 115 | echo date('F j, Y') . "
" . date('g:i:s a'); 116 | } 117 | else 118 | { 119 | print 120 | "Home
121 | Items
122 | "; 123 | $d = 124 | mysql_query( 125 | "SELECT COUNT(*) as cnt FROM events WHERE evUSER={$ir['userid']} AND evREAD=0", 126 | $c) or die(mysql_error()); 127 | $r = mysql_fetch_array($d); 128 | if ($r['cnt'] > 0) 129 | { 130 | print "Events ({$r['cnt']})"; 131 | } 132 | else 133 | { 134 | print "Events (0)"; 135 | } 136 | print "
137 | "; 138 | $d2 = 139 | mysql_query( 140 | "SELECT COUNT(*) as cnt FROM mail WHERE mail_to={$ir['userid']} AND mail_read=0", 141 | $c) or die(mysql_error()); 142 | $r = mysql_fetch_array($d2); 143 | if ($r['cnt'] > 0) 144 | { 145 | print "Mail ({$r['cnt']})"; 146 | } 147 | else 148 | { 149 | print "Mail (0)"; 150 | } 151 | print 152 | "
153 | Announcements
154 | Search
"; 155 | if ($ir['user_level'] > 1) 156 | { 157 | print "
158 | Staff Only
"; 159 | if ($ir['user_level'] < 6 and $ir['user_level'] != 4) 160 | { 161 | print "Staff Panel
\n"; 162 | } 163 | } 164 | if ($ir['user_level'] > 1) 165 | { 166 | print "
Staff Online:
"; 167 | $q = 168 | mysql_query( 169 | "SELECT * FROM users WHERE laston>(" . time() 170 | . "-15*60) AND user_level>1 ORDER BY userid ASC", 171 | $c); 172 | while ($r = mysql_fetch_array($q)) 173 | { 174 | $la = time() - $r['laston']; 175 | $unit = "secs"; 176 | if ($la >= 60) 177 | { 178 | $la = (int) ($la / 60); 179 | $unit = "mins"; 180 | } 181 | if ($la >= 60) 182 | { 183 | $la = (int) ($la / 60); 184 | $unit = "hours"; 185 | if ($la >= 24) 186 | { 187 | $la = (int) ($la / 24); 188 | $unit = "days"; 189 | } 190 | } 191 | print 192 | "{$r['username']} ($la $unit)
"; 193 | } 194 | } 195 | if ($ir['donatordays']) 196 | { 197 | print 198 | "
199 | Donators Only
200 | Friends List
201 | Black List"; 202 | } 203 | print 204 | "
205 | Preferences
206 | Player Report
207 | Help Tutorial
208 | Game Rules
209 | My Profile
210 | Logout

211 | Time is now
212 | "; 213 | echo date('F j, Y') . "
" . date('g:i:s a'); 214 | } 215 | --------------------------------------------------------------------------------