├── upload ├── crons │ ├── index.php │ ├── cron_hour.php │ ├── cron_minute.php │ ├── cron_fivemins.php │ └── cron_day.php ├── ipbans │ ├── 10.27.165.254 │ ├── 10.27.166.33 │ ├── 10.27.167.10 │ ├── 10.27.167.16 │ ├── 167.7.248.212 │ ├── 203.59.51.86 │ ├── 204.39.240.3 │ ├── 210.214.17.145 │ ├── 210.214.18.51 │ ├── 210.214.18.53 │ ├── 211.31.1.56 │ ├── 4.252.96.107 │ ├── 67.39.185.208 │ ├── 68.248.194.43 │ ├── 69.159.44.198 │ ├── 69.231.162.87 │ ├── fucker210.86.72.41 │ └── index.htm ├── logo.gif ├── logo.png ├── banner.jpg ├── banner1.jpg ├── bargreen.gif ├── barred.gif ├── donator.gif ├── admin.news ├── css │ └── game.css ├── installer_foot.php ├── mailban.php ├── jailuser.php ├── ad.php ├── logout.php ├── installer_head.php ├── generalpage.php ├── loggedin.php ├── voting.php ├── search.php ├── monopaper.php ├── votetrpg.php ├── donatordone.php ├── oclog.php ├── votetwg.php ├── hospital.php ├── criminal.php ├── searchname.php ├── usersonline.php ├── staffnotes.php ├── willpdone.php ├── preport.php ├── events.php ├── attacklost.php ├── login.php ├── iteminfo.php ├── fedjail.php ├── dlarchive.php ├── battletent.php ├── index.php ├── itembuy.php ├── inventory.php ├── monorail.php ├── imadd.php ├── docrime.php ├── gamerules.php ├── js │ └── login.js ├── explore.php ├── willpotion.php ├── estate.php ├── authenticate.php ├── userlist.php ├── shops.php ├── attackhosp.php ├── roulette.php ├── slotsmachine.php ├── number.php ├── itemsell.php ├── education.php ├── attackwon.php ├── itemuse.php ├── advsearch.php ├── attackleave.php ├── gym.php ├── attackmug.php ├── lib │ └── installer_error_handler.php ├── stats.php ├── sendcash.php ├── itemsend.php ├── hirespy.php ├── crystaltemple.php ├── bank.php └── register.php └── instructions.htm /upload/crons/index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/10.27.165.254: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/10.27.166.33: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/10.27.167.10: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/10.27.167.16: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/167.7.248.212: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/203.59.51.86: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/204.39.240.3: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/210.214.17.145: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/210.214.18.51: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/210.214.18.53: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/211.31.1.56: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/4.252.96.107: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/67.39.185.208: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/68.248.194.43: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/69.159.44.198: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/69.231.162.87: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/ipbans/fucker210.86.72.41: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /upload/logo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/logo.gif -------------------------------------------------------------------------------- /upload/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/logo.png -------------------------------------------------------------------------------- /upload/banner.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/banner.jpg -------------------------------------------------------------------------------- /upload/banner1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/banner1.jpg -------------------------------------------------------------------------------- /upload/bargreen.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/bargreen.gif -------------------------------------------------------------------------------- /upload/barred.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/barred.gif -------------------------------------------------------------------------------- /upload/donator.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coldblooded01/mccodefree/HEAD/upload/donator.gif -------------------------------------------------------------------------------- /upload/ipbans/index.htm: -------------------------------------------------------------------------------- 1 | 403 Error
2 | Not allowed to access this page -------------------------------------------------------------------------------- /upload/admin.news: -------------------------------------------------------------------------------- 1 | 1) If you are confused with something, please mail id :1
2 | 2) If you use your powers to cheat. You will get fedjailed for long time. There will be no second chances.
3 | 3) IP : 127.0.0.1 is standard, if you see with ip 127.0.0.1, it doesn't mean they have multis.
4 |
-------------------------------------------------------------------------------- /instructions.htm: -------------------------------------------------------------------------------- 1 |

Instructions For Installing MCCodes Manually

2 |
    3 |
  1. Upload the contents of the upload folder to your server.
    2. 4 |
  2. Create a MySQL user and database for the game, making sure the user has access to the database.
    3. 5 |
  3. Go to the URL where you put the game, and from there go to installer.php. So if your game is to be accessed at http://example.com/, you would put http://example.com/installer.php in your address bar.
    4. 6 |
  4. Follow the installer instructions.
    5. 7 |
8 | Any questions, or if something isn't working, email dabomstew@gmail.com. 9 | -------------------------------------------------------------------------------- /upload/css/game.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | 3 | body { 4 | font-family: helvetica, arial, geneva, sans-serif; 5 | font-size: 9pt; 6 | color: black; 7 | scrollbar-base-color: #005B70; 8 | scrollbar-arrow-color: #F3960B; 9 | scrollbar-DarkShadow-Color: #000000; 10 | } 11 | 12 | a:visited,a:active,a:hover,a:link { 13 | color: black; 14 | text-decoration: none; 15 | } 16 | 17 | table,tr,td { 18 | font-family: helvetica, arial, geneva, sans-serif; 19 | font-size: 9pt; 20 | } 21 | 22 | img { 23 | border: none; 24 | } 25 | 26 | textarea { 27 | font-family: helvetica, arial, geneva, sans-serif; 28 | font-size: 9pt; 29 | color: black; 30 | } -------------------------------------------------------------------------------- /upload/installer_foot.php: -------------------------------------------------------------------------------- 1 | 27 | 28 | -------------------------------------------------------------------------------- /upload/mailban.php: -------------------------------------------------------------------------------- 1 | 0) 28 | { 29 | header("Location: " . mysql_result($q, 0, 0)); 30 | } 31 | else 32 | { 33 | die("Invalid ad."); 34 | } 35 | -------------------------------------------------------------------------------- /upload/crons/cron_minute.php: -------------------------------------------------------------------------------- 1 | 0", $c); 36 | 37 | -------------------------------------------------------------------------------- /upload/logout.php: -------------------------------------------------------------------------------- 1 | "; 29 | require "mysql.php"; 30 | global $c; 31 | mysql_query("UPDATE users SET exp=0 WHERE userid=$sessid", $c); 32 | $_SESSION['attacking'] == 0; 33 | session_unset(); 34 | session_destroy(); 35 | die("Continue login..."); 36 | } 37 | session_unset(); 38 | session_destroy(); 39 | header("Location: login.php"); 40 | 41 | -------------------------------------------------------------------------------- /upload/installer_head.php: -------------------------------------------------------------------------------- 1 | 28 | 29 | 30 | 31 | Mccodes FREE 1.1.0 32 | 33 | 34 | 35 | 36 | 37 | Your Game Logo 38 |

Installer

39 | Thank you for choosing MCCodes FREE for your next game. 40 |
-------------------------------------------------------------------------------- /upload/generalpage.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $h->endpage(); 47 | -------------------------------------------------------------------------------- /upload/loggedin.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i:s a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print 47 | "

You have logged on, {$ir['username']}!

48 |

Welcome back, your last visit was: $lv.

"; 49 | $q = mysql_query("SELECT * FROM papercontent LIMIT 1", $c); 50 | $content = mysql_result($q, 0, 0); 51 | print "{GAME_NAME} Latest News:
52 | $content 53 | "; 54 | $h->endpage(); 55 | -------------------------------------------------------------------------------- /upload/crons/cron_fivemins.php: -------------------------------------------------------------------------------- 1 | 0"; 52 | mysql_query($en_nd_query, $c); 53 | mysql_query($en_don_query, $c); 54 | -------------------------------------------------------------------------------- /upload/voting.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print 47 | "

Voting

48 | Here you may vote for {GAME_NAME} at various RPG toplists and be rewarded.
49 | Vote at APEX (no reward)
50 | Vote at TWG (20% energy restore)
51 | Vote at TOPRPG (\$300)"; 52 | 53 | $h->endpage(); 54 | -------------------------------------------------------------------------------- /upload/search.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print 47 | "

Search

48 | Search by Name
49 |
50 |
51 | Search by ID
52 |
53 |
"; 54 | $h->endpage(); 55 | -------------------------------------------------------------------------------- /upload/monopaper.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print "

The MonoPaper

"; 47 | $q = mysql_query("SELECT * FROM papercontent LIMIT 1", $c); 48 | $content = mysql_result($q, 0, 0); 49 | print 50 | " 51 |
  LOCAL GYM HALL OF FAME
Ad$content
"; 52 | $h->endpage(); 53 | -------------------------------------------------------------------------------- /upload/votetrpg.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $q = 45 | mysql_query( 46 | "SELECT * FROM votes WHERE userid=$userid AND list='trpg'", 47 | $c); 48 | if (mysql_num_rows($q)) 49 | { 50 | $h->startheaders(); 51 | $h->userdata($ir, $lv, $fm, $cm); 52 | $h->menuarea(); 53 | print "You have already voted at TOPRPG today!"; 54 | $h->endpage(); 55 | } 56 | else 57 | { 58 | mysql_query("INSERT INTO votes values ($userid,'trpg')", $c); 59 | mysql_query("UPDATE users SET money=money+300 WHERE userid=$userid", $c); 60 | header("Location:http://www.toprpgames.com/vote.php?idno=757"); 61 | exit; 62 | } 63 | -------------------------------------------------------------------------------- /upload/donatordone.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($_GET['action'] == "cancel") 47 | { 48 | print "You have cancelled your donation. Please donate later..."; 49 | } 50 | else if ($_GET['action'] == "done") 51 | { 52 | if (!$_GET['tx']) 53 | { 54 | die("Get a life."); 55 | } 56 | mysql_query( 57 | "INSERT INTO dps_process VALUES(NULL,$userid," . time() 58 | . ",'{$_GET['type']}');", $c); 59 | print 60 | "Your donation has been processed. An admin will check it and you should be credited in about 24-48 hours."; 61 | } 62 | $h->endpage(); 63 | -------------------------------------------------------------------------------- /upload/oclog.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | if (!$_GET['ID']) 48 | { 49 | die("Incorrect usage of file."); 50 | } 51 | $q = mysql_query("SELECT * FROM oclogs WHERE oclID={$_GET['ID']}", $c); 52 | $r = mysql_fetch_array($q); 53 | print 54 | "Here is the detailed view on this crime.
55 | Crime: {$r['ocCRIMEN']}
56 | Time Executed: " . date('F j, Y, g:i:s a', $r['ocTIME']) 57 | . "
58 | {$r['oclLOG']}

59 | Result: {$r['oclRESULT']}
60 | Money Made: \${$r['oclMONEY']}"; 61 | $h->endpage(); 62 | -------------------------------------------------------------------------------- /upload/votetwg.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $q = 45 | mysql_query( 46 | "SELECT * FROM votes WHERE userid=$userid AND list='twg'", $c); 47 | if (mysql_num_rows($q)) 48 | { 49 | $h->startheaders(); 50 | $h->userdata($ir, $lv, $fm, $cm); 51 | $h->menuarea(); 52 | print "You have already voted at TWG today!"; 53 | $h->endpage(); 54 | } 55 | else 56 | { 57 | mysql_query("INSERT INTO votes values ($userid,'twg')", $c); 58 | mysql_query( 59 | "UPDATE users SET energy=energy+maxenergy/5 WHERE userid=$userid", 60 | $c); 61 | mysql_query("UPDATE users SET energy=maxenergy WHERE energy>maxenergy", $c); 62 | header("Location:http://www.topwebgames.com/in.asp?id=3341"); 63 | exit; 64 | } 65 | -------------------------------------------------------------------------------- /upload/hospital.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print 47 | "

Hospital

48 | Level"; 49 | $q = 50 | mysql_query( 51 | "SELECT u.*,c.* FROM users u WHERE u.hospital > 0 ORDER BY u.hospital DESC", 52 | $c); 53 | while ($r = mysql_fetch_array($q)) 54 | { 55 | print 56 | "\n"; 58 | } 59 | print "
IDName TimeReason
{$r['userid']}{$r['username']} [{$r['userid']}] 57 | {$r['level']}{$r['hospital']} minutes{$r['hospreason']}
"; 60 | $h->endpage(); 61 | -------------------------------------------------------------------------------- /upload/criminal.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $q = mysql_query("SELECT * FROM crimegroups ORDER by cgORDER ASC", $c); 47 | print 48 | "Criminal Centre
49 | "; 50 | while ($r = mysql_fetch_array($q)) 51 | { 52 | print 53 | ""; 54 | $q2 = 55 | mysql_query("SELECT * FROM crimes WHERE crimeGROUP={$r['cgID']}", 56 | $c); 57 | while ($r2 = mysql_fetch_array($q2)) 58 | { 59 | print 60 | ""; 61 | } 62 | } 63 | $h->endpage(); 64 | -------------------------------------------------------------------------------- /upload/searchname.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | //search name 47 | if (!$_GET['name']) 48 | { 49 | print "Invalid use of file"; 50 | } 51 | else 52 | { 53 | $namebit = mysql_real_escape_string(stripslashes($_GET['name']), $c); 54 | $q = 55 | mysql_query( 56 | "SELECT * FROM users WHERE username LIKE ('%{$namebit}%')", 57 | $c); 58 | print 59 | mysql_num_rows($q) 60 | . " players found.
61 |
CrimeCostDo
{$r['cgNAME']}
{$r2['crimeNAME']}{$r2['crimeBRAVE']} BraveDo
"; 62 | while ($r = mysql_fetch_array($q)) 63 | { 64 | print 65 | ""; 66 | } 67 | print "
UserLevelMoney
{$r['username']}{$r['level']}\${$r['money']}
"; 68 | } 69 | $h->endpage(); 70 | -------------------------------------------------------------------------------- /upload/usersonline.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print "

Users Online

"; 47 | $cn = 0; 48 | $q = 49 | mysql_query( 50 | "SELECT * FROM users WHERE laston>" . (time() - 900) 51 | . " ORDER BY laston DESC", $c); 52 | while ($r = mysql_fetch_array($q)) 53 | { 54 | $la = time() - $r['laston']; 55 | $unit = "secs"; 56 | if ($la >= 60) 57 | { 58 | $la = (int) ($la / 60); 59 | $unit = "mins"; 60 | } 61 | if ($la >= 60) 62 | { 63 | $la = (int) ($la / 60); 64 | $unit = "hours"; 65 | if ($la >= 24) 66 | { 67 | $la = (int) ($la / 24); 68 | $unit = "days"; 69 | } 70 | } 71 | $cn++; 72 | print 73 | "$cn. {$r['username']} ($la $unit)
"; 74 | } 75 | $h->endpage(); 76 | -------------------------------------------------------------------------------- /upload/staffnotes.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) 47 | { 48 | $q = 49 | mysql_query( 50 | "SELECT staffnotes FROM users WHERE userid={$_POST['ID']}", 51 | $c); 52 | $old = mysql_real_escape_string(mysql_result($q, 0, 0), $c); 53 | $new = mysql_real_escape_string(stripslashes($_POST['staffnotes']), $c); 54 | mysql_query( 55 | "UPDATE users SET staffnotes='{$new}' WHERE userid='{$_POST['ID']}'", 56 | $c); 57 | mysql_query( 58 | "INSERT INTO staffnotelogs VALUES(NULL, $userid, {$_POST['ID']}, " 59 | . time() . ", '$old', '{$new}')", $c); 60 | print 61 | "User notes updated!
62 | > Back To Profile"; 63 | } 64 | else 65 | { 66 | print "You violent scum."; 67 | } 68 | $h->endpage(); 69 | -------------------------------------------------------------------------------- /upload/willpdone.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($_GET['action'] == "cancel") 47 | { 48 | print "You have cancelled your donation. Please donate later..."; 49 | } 50 | else if ($_GET['action'] == "done") 51 | { 52 | if (!$_GET['tx']) 53 | { 54 | die("Get a life."); 55 | } 56 | $quantity = 57 | mysql_real_escape_string(stripslashes($_GET['quantity']), $c); 58 | mysql_query( 59 | "INSERT INTO willplogs VALUES(NULL,$userid," . time() 60 | . ",'{$quantity}');", $c); 61 | if ($_GET['quantity'] == 'one') 62 | { 63 | $q = 1; 64 | } 65 | else if ($_GET['quantity'] == 'five') 66 | { 67 | $q = 5; 68 | } 69 | else 70 | { 71 | echo 'Stop cheating!'; 72 | $h->endpage(); 73 | exit; 74 | } 75 | mysql_query("INSERT INTO inventory VALUES(NULL,34,$userid,$q)", $c); 76 | print 77 | "Your will potions have been credited, if you are cheating, we will jail you."; 78 | } 79 | $h->endpage(); 80 | -------------------------------------------------------------------------------- /upload/preport.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($_POST['report']) 47 | { 48 | $_POST['player'] = abs((int) $_POST['player']); 49 | $ins_report = 50 | mysql_real_escape_string(stripslashes($_POST['report']), $c); 51 | mysql_query( 52 | "INSERT INTO preports VALUES(NULL,$userid,{$_POST['player']},'{$ins_report}')", 53 | $c) 54 | or die( 55 | "Your report could not be processed, make sure you have filled out the form entirely."); 56 | print "Report processed!"; 57 | } 58 | else 59 | { 60 | print 61 | "

Player Report

62 | Know of a player that's breaking the rules? Don't hesitate to report them. Reports are kept confidential.
63 |
64 | Player's ID:
65 | What they've done:
66 |
67 |
"; 68 | } 69 | $h->endpage(); 70 | -------------------------------------------------------------------------------- /upload/events.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | $ir['exp_needed'] = ($ir['level'] + 1) * ($ir['level'] + 1) * ($ir['level'] 41 | + 1); 42 | check_level(); 43 | $fm = money_formatter($ir['money']); 44 | $cm = money_formatter($ir['crystals'], ''); 45 | $lv = date('F j, Y, g:i a', $ir['laston']); 46 | $h->userdata($ir, $lv, $fm, $cm); 47 | $h->menuarea(); 48 | $_GET['delete'] = abs((int) $_GET['delete']); 49 | if ($_GET['delete']) 50 | { 51 | mysql_query( 52 | "DELETE FROM events WHERE evID={$_GET['delete']} AND evUSER=$userid", 53 | $c); 54 | print "Event Deleted
"; 55 | } 56 | print "Latest 10 events
"; 57 | $q = 58 | mysql_query( 59 | "SELECT * FROM events WHERE evUSER=$userid ORDER BY evTIME DESC LIMIT 10;", 60 | $c); 61 | print 62 | ""; 63 | while ($r = mysql_fetch_array($q)) 64 | { 65 | print ""; 72 | } 73 | print "
Time EventLinks
" . date('F j Y, g:i:s a', $r['evTIME']); 66 | if (!$r['evREAD']) 67 | { 68 | print "
New!"; 69 | } 70 | print 71 | "		{$r['evTEXT']}Delete
"; 74 | mysql_query("UPDATE events SET evREAD=1 WHERE evUSER=$userid", $c); 75 | $h->endpage(); 76 | -------------------------------------------------------------------------------- /upload/attacklost.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm, 0); 45 | $h->menuarea(); 46 | 47 | $_GET['ID'] == abs((int) $_GET['ID']); 48 | $_SESSION['attacking'] = 0; 49 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 50 | if (mysql_num_rows($od)) 51 | { 52 | $_SESSION['attacklost'] = 0; 53 | $r = mysql_fetch_array($od); 54 | print "You lost to {$r['username']}"; 55 | $expgain = abs(($ir['level'] - $r['level']) ^ 3); 56 | $expgainp = $expgain / $ir['exp_needed'] * 100; 57 | print " and lost $expgainp% EXP!"; 58 | mysql_query( 59 | "UPDATE users SET exp=exp-$expgain,hospital=40+(rand()*20),hospreason='Lost to {$r['username']}' WHERE userid=$userid", 60 | $c); 61 | mysql_query("UPDATE users SET exp=0 WHERE exp<0", $c); 62 | event_add($r['userid'], 63 | "{$ir['username']} attacked you and lost.", 64 | $c); 65 | $atklog = mysql_escape_string($_SESSION['attacklog']); 66 | mysql_query( 67 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'lost'," 68 | . time() . ",0,'$atklog');", $c); 69 | } 70 | else 71 | { 72 | print "You lost to Mr. Non-existant! =O"; 73 | } 74 | $h->endpage(); 75 | -------------------------------------------------------------------------------- /upload/login.php: -------------------------------------------------------------------------------- 1 | 26 | 27 | 28 | 29 | 30 | 31 | {GAME_NAME} 32 | 33 | 34 | Your Game Logo 35 | EOF; 36 | $ip = ($_SERVER['REMOTE_ADDR']); 37 | if (file_exists('ipbans/' . $ip)) 38 | { 39 | die( 40 | " 41 | Your IP has been banned, there is no way around this. 42 | 43 | "); 44 | } 45 | $year = date('Y'); 46 | print 47 | << 49 | > {GAME_NAME} Log-In 50 | 51 | 52 | 53 | 59 | 72 | 73 |
54 |
55 | About {GAME_NAME} 56 | {GAME_DESCRIPTION} 57 |
58 | 		60 |
61 | Login 62 |
63 | Username:
64 | Password:
65 | Remember me?
66 | Yes No 68 | 69 |
70 |
71 |

74 |

75 | REGISTER NOW! 76 |


77 |
78 | Powered by codes made by Dabomstew. Copyright © {$year} {GAME_OWNER}. 79 |
80 | 81 | 82 | EOF; 83 | -------------------------------------------------------------------------------- /upload/iteminfo.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | //look up item 47 | $_GET['ID'] = abs((int) $_GET['ID']); 48 | $itmid = $_GET['ID']; 49 | if (!$itmid) 50 | { 51 | print "Invalid item ID"; 52 | } 53 | else 54 | { 55 | $q = 56 | mysql_query( 57 | "SELECT i.*,it.* FROM items i LEFT JOIN itemtypes it ON i.itmtype=itmtypeid WHERE i.itmid=$itmid LIMIT 1", 58 | $c); 59 | if (!mysql_num_rows($q)) 60 | { 61 | print "Invalid item ID"; 62 | } 63 | else 64 | { 65 | $id = mysql_fetch_array($q); 66 | print 67 | "
Looking up info on {$id['itmname']}
68 |
The {$id['itmname']} is a/an {$id['itmtypename']} Item - {$id['itmdesc']}

69 |
Item Info
Item Buy PriceItem Sell Price
"; 70 | if ($id['itmbuyprice']) 71 | { 72 | print money_formatter($id['itmbuyprice']); 73 | } 74 | else 75 | { 76 | print "N/A"; 77 | } 78 | print ""; 79 | if ($id['itmsellprice']) 80 | { 81 | print money_formatter($id['itmsellprice']); 82 | } 83 | else 84 | { 85 | print "N/A
"; 86 | } 87 | } 88 | } 89 | $h->endpage(); 90 | -------------------------------------------------------------------------------- /upload/fedjail.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $q = 47 | mysql_query( 48 | "SELECT f.*,u.username,u2.username as jailer FROM fedjail f LEFT JOIN users u ON f.fed_userid=u.userid LEFT JOIN users u2 ON f.fed_jailedby=u2.userid ORDER BY f.fed_days ASC", 49 | $c); 50 | print 51 | "Federal Jail
52 | If you ever cheat the game your name will become a permanent part of this list...
53 | "; 54 | while ($r = mysql_fetch_array($q)) 55 | { 56 | print 57 | " 58 | "; 59 | } 60 | print "
WhoDaysReasonJailer
{$r['username']}{$r['fed_days']} {$r['fed_reason']}{$r['jailer']}
"; 61 | $q = 62 | mysql_query( 63 | "SELECT * FROM users WHERE mailban>0 ORDER BY mailban ASC", 64 | $c); 65 | print 66 | "Mail Bann
67 | If you ever swear or do bad things at your mail, your name will become a permanent part of this list...
68 | "; 69 | while ($r = mysql_fetch_array($q)) 70 | { 71 | print 72 | " 73 | "; 74 | } 75 | print "
WhoDaysReason
{$r['username']}{$r['mailban']} {$r['mb_reason']}
"; 76 | $h->endpage(); 77 | -------------------------------------------------------------------------------- /upload/dlarchive.php: -------------------------------------------------------------------------------- 1 | FromSubject/Message"; 42 | $q = 43 | mysql_query( 44 | "SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC ", 45 | $c); 46 | while ($r = mysql_fetch_array($q)) 47 | { 48 | $sent = date('F j, Y, g:i:s a', $r['mail_time']); 49 | print ""; 50 | if ($r['userid']) 51 | { 52 | print "{$r['username']} [{$r['userid']}]"; 53 | } 54 | else 55 | { 56 | print "SYSTEM"; 57 | } 58 | print 59 | "\n{$r['mail_subject']}Sent at: $sent
{$r['mail_text']}"; 60 | } 61 | print ""; 62 | } 63 | else if ($_GET['a'] == 'outbox') 64 | { 65 | // We'll be outputting a PDF 66 | header('Content-type: text/html'); 67 | 68 | // It will be called downloaded.pdf 69 | header( 70 | 'Content-Disposition: attachment; filename="outbox_archive_' 71 | . $userid . '_' . time() . '.htm"'); 72 | print 73 | ""; 74 | $q = 75 | mysql_query( 76 | "SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC", 77 | $c); 78 | while ($r = mysql_fetch_array($q)) 79 | { 80 | $sent = date('F j, Y, g:i:s a', $r['mail_time']); 81 | print 82 | ""; 83 | } 84 | print "
ToSubject/Message
{$r['username']} [{$r['userid']}]{$r['mail_subject']}
Sent at: $sent
{$r['mail_text']}
"; 85 | } 86 | -------------------------------------------------------------------------------- /upload/battletent.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($ir['location'] != 4) 47 | { 48 | print 49 | "You cannot challenge the Battle Tent because it is in the Industrial Sector."; 50 | $h->endpage(); 51 | die(""); 52 | } 53 | $bots = array(); 54 | $moneys = array(); 55 | print 56 | "

Battle Tent

57 | Welcome to the battle tent! Here you can challenge NPCs for money. 58 | "; 59 | foreach ($bots as $k => $v) 60 | { 61 | $earn = $moneys[$k]; 62 | $q = 63 | mysql_query( 64 | "SELECT u.*,c.npcid FROM users u LEFT JOIN challengesbeaten c ON c.npcid=u.userid AND c.userid=$userid WHERE u.userid=$v", 65 | $c); 66 | $r = mysql_fetch_array($q); 67 | $q = 68 | mysql_query( 69 | "SELECT count(*) FROM challengesbeaten WHERE npcid=$v", 70 | $c); 71 | $times = mysql_result($q, 0, 0); 72 | print 73 | ""; 92 | } 93 | print "
Bot NameLevelTimes OwnedReady To Be Challenged?Money WonChallenge
{$r['username']}{$r['level']}$times"; 74 | if ($r['hp'] >= $r['maxhp'] / 2) 75 | { 76 | print "Yes"; 77 | } 78 | else 79 | { 80 | print "No"; 81 | } 82 | print "$earn"; 83 | if ($r['npcid']) 84 | { 85 | print "Already"; 86 | } 87 | else 88 | { 89 | print "Challenge"; 90 | } 91 | print "
"; 94 | $h->endpage(); 95 | -------------------------------------------------------------------------------- /upload/index.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.*,h.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN houses h ON h.hWILL=u.maxwill WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print "

General Info:

"; 47 | $exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); 48 | print 49 | " 50 | 51 | 52 | 53 | 54 |
Name: {$ir['username']}Crystals: {$cm}
Level: {$ir['level']}Exp: {$exp}%
Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
Property: {$ir['hNAME']}
"; 55 | print "

Stats Info:

"; 56 | $ts = $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] 57 | + $ir['IQ']; 58 | $ir['strank'] = get_rank($ir['strength'], 'strength'); 59 | $ir['agirank'] = get_rank($ir['agility'], 'agility'); 60 | $ir['guarank'] = get_rank($ir['guard'], 'guard'); 61 | $ir['labrank'] = get_rank($ir['labour'], 'labour'); 62 | $ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); 63 | $tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); 64 | $ir['strength'] = number_format($ir['strength']); 65 | $ir['agility'] = number_format($ir['agility']); 66 | $ir['guard'] = number_format($ir['guard']); 67 | $ir['labour'] = number_format($ir['labour']); 68 | $ir['IQ'] = number_format($ir['IQ']); 69 | $ts = number_format($ts); 70 | 71 | print 72 | " 73 | 74 |
Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
"; 75 | $h->endpage(); 76 | -------------------------------------------------------------------------------- /upload/itembuy.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | $_POST['qty'] = abs((int) $_POST['qty']); 48 | if (!$_GET['ID'] || !$_POST['qty']) 49 | { 50 | print "Invalid use of file"; 51 | } 52 | else if ($_POST['qty'] <= 0) 53 | { 54 | print 55 | "You have been added to the delete list for trying to cheat the game."; 56 | } 57 | else 58 | { 59 | $q = mysql_query("SELECT * FROM items WHERE itmid={$_GET['ID']}", $c); 60 | if (mysql_num_rows($q) == 0) 61 | { 62 | print "Invalid item ID"; 63 | } 64 | else 65 | { 66 | $itemd = mysql_fetch_array($q); 67 | if ($ir['money'] < $itemd['itmbuyprice'] * $_POST['qty']) 68 | { 69 | print "You don't have enough money to buy this item!"; 70 | $h->endpage(); 71 | exit; 72 | } 73 | if ($itemd['itmbuyable'] == 0) 74 | { 75 | print "This item can't be bought!"; 76 | $h->endpage(); 77 | exit; 78 | } 79 | $price = ($itemd['itmbuyprice'] * $_POST['qty']); 80 | mysql_query( 81 | "INSERT INTO inventory VALUES(NULL,{$_GET['ID']},$userid,{$_POST['qty']});", 82 | $c); 83 | mysql_query( 84 | "UPDATE users SET money=money-$price WHERE userid=$userid", 85 | $c); 86 | mysql_query( 87 | "INSERT INTO itembuylogs VALUES (NULL, $userid, {$_GET['ID']}, $price, {$_POST['qty']}, " 88 | . time() 89 | . ", '{$ir['username']} bought {$_POST['qty']} {$itemd['itmname']}(s) for {$price}')", 90 | $c); 91 | print "You bought {$_POST['qty']} {$itemd['itmname']}(s) for \$$price"; 92 | } 93 | } 94 | $h->endpage(); 95 | -------------------------------------------------------------------------------- /upload/inventory.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | 47 | $inv = 48 | mysql_query( 49 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$userid} ORDER BY i.itmtype ASC, i.itmname ASC", 50 | $c); 51 | if (mysql_num_rows($inv) == 0) 52 | { 53 | print "You have no items!"; 54 | } 55 | else 56 | { 57 | print 58 | "Your items are listed below.
59 | "; 60 | $lt = ""; 61 | while ($i = mysql_fetch_array($inv)) 62 | { 63 | if ($lt != $i['itmtypename']) 64 | { 65 | $lt = $i['itmtypename']; 66 | print 67 | "\n"; 68 | } 69 | print ""; 87 | } 88 | print "
ItemSell ValueTotal Sell ValueLinks
{$lt}
{$i['itmname']}"; 70 | if ($i['inv_qty'] > 1) 71 | { 72 | print " x{$i['inv_qty']}"; 73 | } 74 | print "\${$i['itmsellprice']}"; 75 | print "$" . ($i['itmsellprice'] * $i['inv_qty']); 76 | print 77 | "[Info] [Send] [Sell] [Add To Market]"; 78 | if ($i['itmtypename'] == 'Food' || $i['itmtypename'] == 'Medical') 79 | { 80 | print " [Use]"; 81 | } 82 | if ($i['itmname'] == 'Nuclear Bomb') 83 | { 84 | print " [Use]"; 85 | } 86 | print "
"; 89 | } 90 | $h->endpage(); 91 | -------------------------------------------------------------------------------- /upload/monorail.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['to'] = abs((int) $_GET['to']); 47 | if (!$_GET['to']) 48 | { 49 | print 50 | "Welcome to the Monorail Station. It costs \$1000 for a ticket.
51 | Where would you like to travel today?
"; 52 | $q = 53 | mysql_query( 54 | "SELECT * FROM cities WHERE cityid != {$ir['location']} AND cityminlevel <= {$ir['level']}", 55 | $c); 56 | print 57 | ""; 58 | while ($r = mysql_fetch_array($q)) 59 | { 60 | print 61 | ""; 62 | } 63 | print "
NameDescriptionMin Level 
{$r['cityname']}{$r['citydesc']}{$r['cityminlevel']}Go
"; 64 | } 65 | else 66 | { 67 | if ($ir['money'] < 1000) 68 | { 69 | print "You don't have enough money."; 70 | } 71 | else if (((int) $_GET['to']) != $_GET['to']) 72 | { 73 | print "Invalid city ID"; 74 | } 75 | else 76 | { 77 | $q = 78 | mysql_query( 79 | "SELECT * FROM cities WHERE cityid = {$_GET['to']} AND cityminlevel <= {$ir['level']}", 80 | $c); 81 | if (!mysql_num_rows($q)) 82 | { 83 | print 84 | "Error, this city either does not exist or you cannot go there."; 85 | } 86 | else 87 | { 88 | mysql_query( 89 | "UPDATE users SET money=money-1000,location={$_GET['to']} WHERE userid=$userid", 90 | $c); 91 | $r = mysql_fetch_array($q); 92 | print 93 | "Congratulations, you paid \$1000 and travelled to {$r['cityname']} on the monorail!"; 94 | } 95 | } 96 | } 97 | $h->endpage(); 98 | -------------------------------------------------------------------------------- /upload/imadd.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | $_GET['price'] = abs((int) $_GET['price']); 48 | if ($_GET['price']) 49 | { 50 | $q = 51 | mysql_query( 52 | "SELECT iv.*,i.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid WHERE inv_id={$_GET['ID']} and inv_userid=$userid", 53 | $c); 54 | if (mysql_num_rows($q) == 0) 55 | { 56 | print "Invalid Item ID"; 57 | } 58 | else 59 | { 60 | $r = mysql_fetch_array($q); 61 | mysql_query( 62 | "INSERT INTO itemmarket VALUES(NULL,'{$r['inv_itemid']}',$userid,{$_GET['price']})", 63 | $c); 64 | mysql_query( 65 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 66 | $c); 67 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 68 | mysql_query( 69 | "INSERT INTO imarketaddlogs VALUES ( '', {$r['inv_itemid']}, {$_GET['price']}, {$r['inv_id']}, $userid, " 70 | . time() 71 | . ", '{$ir['username']} added a {$r['itmname']} to the itemmarket for \${$_GET['price']}')", 72 | $c); 73 | print "Item added to market."; 74 | } 75 | } 76 | else 77 | { 78 | $q = 79 | mysql_query( 80 | "SELECT * FROM inventory WHERE inv_id={$_GET['ID']} and inv_userid=$userid", 81 | $c); 82 | if (mysql_num_rows($q) == 0) 83 | { 84 | print "Invalid Item ID"; 85 | } 86 | else 87 | { 88 | $r = mysql_fetch_array($q); 89 | print 90 | "Adding an item to the item market... 91 |
92 | 93 | Price: \$
94 |
"; 95 | } 96 | } 97 | $h->endpage(); 98 | -------------------------------------------------------------------------------- /upload/docrime.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['c'] = abs((int) $_GET['c']); 47 | if (!$_GET['c']) 48 | { 49 | print "Invalid crime"; 50 | } 51 | else 52 | { 53 | $q = mysql_query("SELECT * FROM crimes WHERE crimeID={$_GET['c']}", $c); 54 | if (mysql_num_rows($q) == 0) 55 | { 56 | echo 'Invalid crime.'; 57 | $h->endpage(); 58 | exit; 59 | } 60 | $r = mysql_fetch_array($q); 61 | if ($ir['brave'] < $r['crimeBRAVE']) 62 | { 63 | print "You do not have enough Brave to perform this crime."; 64 | } 65 | else 66 | { 67 | $ec = 68 | "\$sucrate=" 69 | . str_replace(array("LEVEL", "EXP", "WILL", "IQ"), 70 | array($ir['level'], $ir['exp'], $ir['will'], 71 | $ir['IQ']), $r['crimePERCFORM']) . ";"; 72 | eval($ec); 73 | print $r['crimeITEXT']; 74 | $ir['brave'] -= $r['crimeBRAVE']; 75 | mysql_query( 76 | "UPDATE users SET brave={$ir['brave']} WHERE userid=$userid", 77 | $c); 78 | if (rand(1, 100) <= $sucrate) 79 | { 80 | print 81 | str_replace("{money}", $r['crimeSUCCESSMUNY'], 82 | $r['crimeSTEXT']); 83 | $ir['money'] += $r['crimeSUCCESSMUNY']; 84 | $ir['exp'] += (int) ($r['crimeSUCCESSMUNY'] / 8); 85 | mysql_query( 86 | "UPDATE users SET money={$ir['money']},exp={$ir['exp']} WHERE userid=$userid", 87 | $c); 88 | } 89 | else 90 | { 91 | print $r['crimeFTEXT']; 92 | } 93 | print 94 | "
Try Again
95 | Crimes"; 96 | } 97 | } 98 | 99 | $h->endpage(); 100 | -------------------------------------------------------------------------------- /upload/gamerules.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print 47 | <<{GAME_NAME} Rules and Regulations 49 |
    50 |
  1. Players are only allowed to have one account, owning two or more accounts will result in all accounts being jailed, 51 | if you are on the same IP as another player, mail staff and let them know.
    2. 52 |
  2. You are responsible for whatever happens on your account, don't give out your password to anyone.
    3. 53 |
  3. Children play this game, so keep it PG-13. Mild swearing will be permitted, but F-bombing, sexual vulgarities 54 | or excessive swearing will result in some time in Fed until you clean up your act.
    4. 55 | 56 |
  4. Profile images with nudity, profanity, or otherwise offensive images will be removed, and may result in jail time.
    5. 57 |
  5. We understand that you play other games, but do not advertise them here. You get 1 warning, afterwards its Fed time.
    6. 58 |
  6. Do not spam the staff's mailbox, if you have a problem, message one of us once. They will deal with your problem in a timely 59 | manner, but do not mail them repeatedly, or mail multiple staff members.
    7. 60 |
  7. Do not harrass other players, use common sense on this one, if you don't know when your crossing the line from fantasy into 61 | harrassment, assume that you are harrassing the other player. This will not be tolerated and will result in a stiff punishment.
    8. 62 |
  8. Scamming will not be tolerated in any manner. Any attempt to scam anyone will result in being jailed for a long long time.
    9. 63 |
  9. If a member of staff is bothering you for any unfair or just plain, weird reason, mail {ID1_NAME} [1]
    10. 64 |
  10. Common sense rules are not posted here, if you can't determine the difference between what is ok, and what is not, you should 65 | consider not interacting with other people until you do understand.
    11. 66 |
  11. These rules are subject to change without notice, check them from time to time, as ignorance will not be accepted as an excuse.
    12. 67 |
68 | EOF; 69 | $h->endpage(); 70 | -------------------------------------------------------------------------------- /upload/js/login.js: -------------------------------------------------------------------------------- 1 | /* 2 | MCCodes FREE 3 | js/login.js Rev 1.1.0 4 | Copyright (C) 2005-2012 Dabomstew 5 | 6 | This program is free software; you can redistribute it and/or 7 | modify it under the terms of the GNU General Public License 8 | as published by the Free Software Foundation; either version 2 9 | of the License, or (at your option) any later version. 10 | 11 | This program is distributed in the hope that it will be useful, 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | GNU General Public License for more details. 15 | 16 | You should have received a copy of the GNU General Public License 17 | along with this program; if not, write to the Software 18 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19 | */ 20 | function getCookieVal(offset) 21 | { 22 | var endstr = document.cookie.indexOf(";", offset); 23 | if (endstr == -1) 24 | endstr = document.cookie.length; 25 | return unescape(document.cookie.substring(offset, endstr)); 26 | } 27 | function GetCookie(name) 28 | { 29 | var arg = name + "="; 30 | var alen = arg.length; 31 | var clen = document.cookie.length; 32 | var i = 0; 33 | while (i < clen) 34 | { 35 | var j = i + alen; 36 | if (document.cookie.substring(i, j) == arg) 37 | return getCookieVal(j); 38 | i = document.cookie.indexOf(" ", i) + 1; 39 | if (i == 0) 40 | break; 41 | } 42 | return null; 43 | } 44 | function SetCookie(name, value, expires, path, domain, secure) 45 | { 46 | document.cookie = name + "=" + escape(value) 47 | + ((expires) ? "; expires=" + expires.toGMTString() : "") 48 | + ((path) ? "; path=" + path : "") 49 | + ((domain) ? "; domain=" + domain : "") 50 | + ((secure) ? "; secure" : ""); 51 | } 52 | 53 | function DeleteCookie(name, path, domain) 54 | { 55 | if (GetCookie(name)) 56 | { 57 | document.cookie = name + "=" + ((path) ? "; path=" + path : "") 58 | + ((domain) ? "; domain=" + domain : "") 59 | + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; 60 | } 61 | } 62 | var usr; 63 | var pw; 64 | var sv; 65 | function getme() 66 | { 67 | usr = document.login.username; 68 | pw = document.login.password; 69 | sv = document.login.save; 70 | 71 | if (GetCookie('username') != null) 72 | { 73 | usr.value = GetCookie('username'); 74 | pw.value = GetCookie('password'); 75 | } 76 | if (GetCookie('save') == 'true') 77 | { 78 | sv[0].checked = true; 79 | } 80 | else 81 | { 82 | sv[1].checked = true; 83 | } 84 | 85 | } 86 | function saveme() 87 | { 88 | if (usr.value.length != 0 && pw.value.length != 0) 89 | { 90 | if (sv[0].checked) 91 | { 92 | expdate = new Date(); 93 | expdate.setTime(expdate.getTime() + 31536000000); 94 | SetCookie('username', usr.value, expdate); 95 | SetCookie('password', pw.value, expdate); 96 | SetCookie('save', 'true', expdate); 97 | } 98 | if (sv[1].checked) 99 | { 100 | DeleteCookie('username'); 101 | DeleteCookie('password'); 102 | DeleteCookie('save'); 103 | } 104 | } 105 | else 106 | { 107 | alert('You must enter a username/password.'); 108 | return false; 109 | } 110 | } -------------------------------------------------------------------------------- /upload/explore.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $tresder = (int) rand(100, 999); 47 | print 48 | "You begin exploring the area you're in, you see a bit that interests you.
49 | 54 | 59 | 72 |
50 | Market Place
51 | Shops
52 | Item Market
53 | Crystal Market		Serious Money Makers
56 | Travel Agency
57 | Estate Agent
58 | City Bank		"; 60 | if ($ir['location'] == 5) 61 | { 62 | print 63 | "Cyber State
64 | Cyber Bank
"; 65 | } 66 | print 67 | "		 68 | Dark Side
69 | Federal Jail
70 | Slots Machine
71 | Roulette
"; 73 | if ($ir['location'] == 5) 74 | { 75 | print 76 | "Cyber Casino
77 | Super Slots
"; 78 | } 79 | print 80 | "		 81 | Statistics Dept
82 | User List
83 | {GAME_NAME} Staff
84 | Hall of Fame
85 | Game Stats
86 | Users Online		  87 | Mysterious
88 | Crystal Temple
"; 89 | if ($ir['location'] == 4) 90 | { 91 | print "Battle Tent
"; 92 | } 93 | $game_url = determine_game_urlbase(); 94 | print 95 | "


This is your referal link: http://{$game_url}/register.php?REF=$userid
96 | Every signup from this link earns you two valuable crystals!"; 97 | $h->endpage(); 98 | -------------------------------------------------------------------------------- /upload/willpotion.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $game_url = determine_game_urlbase(); 47 | print 48 | <<Will Potions 50 | 51 | Buy will potions today! They restore 100% will.
52 | Buy One: (\$1)
53 |
54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 |
66 | Buy Five: (\$4.50)
67 |
68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 |
80 | EOF; 81 | $h->endpage(); 82 | -------------------------------------------------------------------------------- /upload/estate.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $mpq = mysql_query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}", $c); 47 | $mp = mysql_fetch_array($mpq); 48 | $_GET['property'] = abs((int) $_GET['property']); 49 | if ($_GET['property']) 50 | { 51 | $npq = 52 | mysql_query("SELECT * FROM houses WHERE hID={$_GET['property']}", 53 | $c); 54 | $np = mysql_fetch_array($npq); 55 | if ($np['hWILL'] < $mp['hWILL']) 56 | { 57 | print "You cannot go backwards in houses!"; 58 | } 59 | else if ($np['hPRICE'] > $ir['money']) 60 | { 61 | print "You do not have enough money to buy the {$np['hrNAME']}."; 62 | } 63 | else 64 | { 65 | mysql_query( 66 | "UPDATE users SET money=money-{$np['hPRICE']},will=0,maxwill={$np['hWILL']} WHERE userid=$userid", 67 | $c); 68 | print "Congrats, you bought the {$np['hNAME']} for \${$np['hPRICE']}!"; 69 | } 70 | } 71 | else if (isset($_GET['sellhouse'])) 72 | { 73 | $npq = 74 | mysql_query("SELECT * FROM houses WHERE hWILL={$ir['maxwill']}", 75 | $c); 76 | $np = mysql_fetch_array($npq); 77 | if ($ir['maxwill'] == 100) 78 | { 79 | print "You already live in the lowest property!"; 80 | } 81 | else 82 | { 83 | mysql_query( 84 | "UPDATE users SET money=money+{$np['hPRICE']},will=0,maxwill=100 WHERE userid=$userid", 85 | $c); 86 | print "You sold your {$np['hNAME']} and went back to your shed."; 87 | } 88 | } 89 | else 90 | { 91 | print 92 | "Your current property: {$mp['hNAME']}
93 | The houses you can buy are listed below. Click a house to buy it.
"; 94 | if ($ir['maxwill'] > 100) 95 | { 96 | print "Sell Your House
"; 97 | } 98 | $hq = 99 | mysql_query( 100 | "SELECT * FROM houses WHERE hWILL>{$ir['maxwill']} ORDER BY hWILL ASC", 101 | $c); 102 | while ($r = mysql_fetch_array($hq)) 103 | { 104 | print 105 | "{$r['hNAME']}   - Cost: \${$r['hPRICE']}   - Will Bar: {$r['hWILL']}
"; 106 | } 107 | } 108 | $h->endpage(); 109 | -------------------------------------------------------------------------------- /upload/authenticate.php: -------------------------------------------------------------------------------- 1 | {GAME_NAME} Error 27 | You did not fill in the login form!
28 | > Back"); 29 | } 30 | include "mysql.php"; 31 | require "global_func.php"; 32 | $username = 33 | (array_key_exists('username', $_POST) && is_string($_POST['username'])) 34 | ? $_POST['username'] : ''; 35 | $password = 36 | (array_key_exists('password', $_POST) && is_string($_POST['password'])) 37 | ? $_POST['password'] : ''; 38 | if (empty($username) || empty($password)) 39 | { 40 | die( 41 | "

{GAME_NAME} Error

42 | You did not fill in the login form!
43 | > Back"); 44 | } 45 | $form_username = mysql_real_escape_string(stripslashes($username), $c); 46 | $raw_password = stripslashes($password); 47 | $uq = 48 | mysql_query( 49 | "SELECT `userid`, `userpass`, `pass_salt` 50 | FROM `users` 51 | WHERE `login_name` = '$form_username'", $c); 52 | if (mysql_num_rows($uq) == 0) 53 | { 54 | die( 55 | "

{GAME_NAME} Error

56 | Invalid username or password!
57 | > Back"); 58 | } 59 | else 60 | { 61 | $mem = mysql_fetch_assoc($uq); 62 | $login_failed = false; 63 | // Pass Salt generation: autofix 64 | if (empty($mem['pass_salt'])) 65 | { 66 | if (md5($raw_password) != $mem['userpass']) 67 | { 68 | $login_failed = true; 69 | } 70 | $salt = generate_pass_salt(); 71 | $enc_psw = encode_password($mem['userpass'], $salt, true); 72 | $e_salt = mysql_real_escape_string($salt, $c); // in case of changed salt function 73 | $e_encpsw = mysql_real_escape_string($enc_psw, $c); // ditto for password encoder 74 | mysql_query( 75 | "UPDATE `users` 76 | SET `pass_salt` = '{$e_salt}', `userpass` = '{$e_encpsw}' 77 | WHERE `userid` = {$mem['userid']}", $c); 78 | } 79 | else 80 | { 81 | $login_failed = 82 | !(verify_user_password($raw_password, $mem['pass_salt'], 83 | $mem['userpass'])); 84 | } 85 | if ($login_failed) 86 | { 87 | die( 88 | "

{GAME_NAME} Error

89 | Invalid username or password!
90 | > Back"); 91 | } 92 | if ($mem['userid'] == 1 && file_exists('./installer.php')) 93 | { 94 | die( 95 | "

{GAME_NAME} Error

96 | The installer still exists! You need to delete installer.php immediately.
97 | > Back"); 98 | } 99 | session_regenerate_id(); 100 | $_SESSION['loggedin'] = 1; 101 | $_SESSION['userid'] = $mem['userid']; 102 | $loggedin_url = 'http://' . determine_game_urlbase() . '/loggedin.php'; 103 | header("Location: {$loggedin_url}"); 104 | exit; 105 | } 106 | 107 | -------------------------------------------------------------------------------- /upload/userlist.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['st'] = abs((int) $_GET['st']); 47 | $st = ($_GET['st']) ? $_GET['st'] : 0; 48 | $allowed_by = array('userid', 'username', 'level', 'money'); 49 | $by = (in_array($_GET['by'], $allowed_by)) ? $_GET['by'] : 'userid'; 50 | $allowed_ord = array('asc', 'desc', 'ASC', 'DESC'); 51 | $ord = (in_array($_GET['ord'], $allowed_ord)) ? $_GET['ord'] : 'ASC'; 52 | print "

Userlist

"; 53 | $cnt = mysql_query("SELECT userid FROM users", $c); 54 | $membs = mysql_num_rows($cnt); 55 | $pages = (int) ($membs / 100) + 1; 56 | if ($membs % 100 == 0) 57 | { 58 | $pages--; 59 | } 60 | print "Pages: "; 61 | for ($i = 1; $i <= $pages; $i++) 62 | { 63 | $stl = ($i - 1) * 100; 64 | print "$i "; 65 | } 66 | print 67 | "
68 | Order By: User ID | Username | Level | Money
69 | Ascending | Descending

"; 70 | $q = 71 | mysql_query( 72 | "SELECT u.* FROM users u ORDER BY $by $ord LIMIT $st,100", 73 | $c); 74 | $no1 = $st + 1; 75 | $no2 = $st + 100; 76 | print 77 | "Showing users $no1 to $no2 by order of $by $ord. 78 | "; 79 | while ($r = mysql_fetch_array($q)) 80 | { 81 | $d = ""; 82 | if ($r['donatordays']) 83 | { 84 | $r['username'] = "{$r['username']}"; 85 | $d = 86 | "Donator: {$r["; 87 | } 88 | print 89 | ""; 99 | } 100 | print "
IDNameMoneyLevelGenderOnline
{$r['userid']}{$r['username']} $d\${$r['money']}{$r['level']}{$r['gender']}"; 90 | if ($r['laston'] >= time() - 15 * 60) 91 | { 92 | print "Online"; 93 | } 94 | else 95 | { 96 | print "Offline"; 97 | } 98 | print "
"; 101 | 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /upload/shops.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['shop'] = abs((int) $_GET['shop']); 47 | if (!$_GET['shop']) 48 | { 49 | print "You begin looking through town and you see a few shops.
"; 50 | $q = 51 | mysql_query( 52 | "SELECT * FROM shops WHERE shopLOCATION={$ir['location']}", 53 | $c); 54 | print 55 | ""; 56 | while ($r = mysql_fetch_array($q)) 57 | { 58 | print 59 | ""; 60 | } 61 | print "
ShopDescription
{$r['shopNAME']}{$r['shopDESCRIPTION']}
"; 62 | } 63 | else 64 | { 65 | $sd = mysql_query("SELECT * FROM shops WHERE shopID={$_GET['shop']}", $c); 66 | if (mysql_num_rows($sd)) 67 | { 68 | $shopdata = mysql_fetch_array($sd); 69 | if ($shopdata['shopLOCATION'] == $ir['location']) 70 | { 71 | print 72 | "Browsing items at {$shopdata['shopNAME']}...
73 | "; 74 | $qtwo = 75 | mysql_query( 76 | "SELECT si.*,i.*,it.* FROM shopitems si LEFT JOIN items i ON si.sitemITEMID=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE si.sitemSHOP={$_GET['shop']} ORDER BY i.itmtype ASC, i.itmbuyprice ASC, i.itmname ASC", 77 | $c) or die(mysql_error()); 78 | $lt = ""; 79 | while ($r = mysql_fetch_array($qtwo)) 80 | { 81 | if ($lt != $r['itmtypename']) 82 | { 83 | $lt = $r['itmtypename']; 84 | print 85 | "\n"; 86 | } 87 | print 88 | "\n"; 89 | } 90 | print "
ItemDescriptionPriceSell PriceBuy
{$lt}
{$r['itmname']}{$r['itmdesc']}\${$r['itmbuyprice']}\${$r['itmsellprice']}
Qty:
"; 91 | } 92 | else 93 | { 94 | print "You are trying to access a shop in another city!"; 95 | } 96 | } 97 | else 98 | { 99 | print "You are trying to access an invalid shop!"; 100 | } 101 | } 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /upload/attackhosp.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm, 0); 45 | $h->menuarea(); 46 | 47 | $_GET['ID'] = abs((int) $_GET['ID']); 48 | $_SESSION['attacking'] = 0; 49 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 50 | if ($_SESSION['attackwon'] != $_GET['ID']) 51 | { 52 | die("Cheaters don't get anywhere."); 53 | } 54 | if (mysql_num_rows($od)) 55 | { 56 | $r = mysql_fetch_array($od); 57 | if ($r['hp'] == 1) 58 | { 59 | print "What a cheater you are."; 60 | } 61 | else 62 | { 63 | print "You beat {$r['username']} and hospitalized them."; 64 | 65 | event_add($r['userid'], 66 | "{$ir['username']} hospitalized you.", 67 | $c); 68 | 69 | mysql_query( 70 | "UPDATE users SET hp=1,hospital=hospital+80+(rand()*230),hospreason='Hospitalized by {$ir['username']}' WHERE userid={$r['userid']}", 71 | $c); 72 | $atklog = mysql_escape_string($_SESSION['attacklog']); 73 | mysql_query( 74 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 75 | . time() . ",-1,'$atklog');", $c); 76 | $_SESSION['attackwon'] = 0; 77 | $bots = array(263, 264, 265, 2477, 2479, 2480, 2481, 0, 0, 0, 0, 0, 0); 78 | $moneys = 79 | array(263 => 10000, 264 => 10000, 265 => 15500, 2477 => 80000, 80 | 2479 => 30000, 2480 => 30000, 2481 => 30000, 81 | 0 => 100000, 0 => 1400000, 0 => 1400000, 0 => 1400000, 82 | 0 => 5000000, 0 => 10000000); 83 | if (in_array($r['userid'], $bots)) 84 | { 85 | $qk = 86 | mysql_query( 87 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 88 | $c); 89 | if (!mysql_num_rows($qk)) 90 | { 91 | $gain = $moneys[$r['userid']]; 92 | mysql_query( 93 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 94 | $c); 95 | mysql_query( 96 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 97 | $c); 98 | print 99 | "

Congrats, you have beaten the Challenge BOT {$r['username']}, you have earnt \$$gain!"; 100 | } 101 | } 102 | } 103 | } 104 | else 105 | { 106 | print "You beat Mr. non-existant!"; 107 | } 108 | $h->endpage(); 109 | -------------------------------------------------------------------------------- /upload/roulette.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $tresder = (int) (rand(100, 999)); 47 | $maxbet = $ir['level'] * 150; 48 | $_GET['tresde'] = abs((int) $_GET['tresde']); 49 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 50 | { 51 | die( 52 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
53 | > Back"); 54 | } 55 | $_SESSION['tresde'] = $_GET['tresde']; 56 | $_GET['bet'] = abs((int) $_GET['bet']); 57 | $_GET['number'] = abs((int) $_GET['number']); 58 | print "

Roulette: Pick a number between 0 - 36

"; 59 | if ($_GET['bet']) 60 | { 61 | if ($_GET['bet'] > $ir['money']) 62 | { 63 | die( 64 | "You are trying to bet more than you have.
65 | > Back"); 66 | } 67 | else if ($_GET['bet'] > $maxbet) 68 | { 69 | die( 70 | "You have gone over the max bet.
71 | > Back"); 72 | } 73 | else if ($_GET['number'] > 36 or $_GET['number'] < 0 or $_GET['bet'] < 0) 74 | { 75 | die( 76 | "The Numbers are only 0 - 36.
77 | > Back"); 78 | } 79 | 80 | $slot[1] = (int) rand(0, 36); 81 | print 82 | "You place \${$_GET['bet']} into the slot and pull the pole.
83 | You see the number: $slot[1]
84 | You bet \${$_GET['bet']} "; 85 | if ($slot[1] == $_GET['number']) 86 | { 87 | $won = $_GET['bet'] * 37; 88 | $gain = $_GET['bet'] * 36; 89 | print 90 | "and won \$$won by matching the number u bet pocketing you \$$gain extra."; 91 | } 92 | else 93 | { 94 | $won = 0; 95 | $gain = -$_GET['bet']; 96 | print "and lost it."; 97 | } 98 | mysql_query( 99 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 100 | $tresder = (int) (rand(100, 999)); 101 | print 102 | "
103 | > Another time, same bet.
104 | > I'll continue, but I'm changing my bet.
105 | > Enough's enough, I'm off."; 106 | } 107 | else 108 | { 109 | print 110 | "Ready to try your luck? Play today!
111 | The maximum bet for your level is \$$maxbet.
112 |
113 | Bet: \$
114 | Pick (0-36):
115 | 116 | 117 |
"; 118 | } 119 | 120 | $h->endpage(); 121 | -------------------------------------------------------------------------------- /upload/slotsmachine.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $tresder = (int) (rand(100, 999)); 47 | $maxbet = $ir['level'] * 250; 48 | $_GET['tresde'] = abs((int) $_GET['tresde']); 49 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 50 | { 51 | die( 52 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
53 | > Back"); 54 | } 55 | $_SESSION['tresde'] = $_GET['tresde']; 56 | $_GET['bet'] = abs((int) $_GET['bet']); 57 | print "

Slots

"; 58 | if ($_GET['bet']) 59 | { 60 | if ($_GET['bet'] > $ir['money']) 61 | { 62 | die( 63 | "You are trying to bet more than you have.
64 | > Back"); 65 | } 66 | else if ($_GET['bet'] > $maxbet) 67 | { 68 | die( 69 | "You have gone over the max bet.
70 | > Back"); 71 | } 72 | 73 | $slot[1] = (int) rand(0, 9); 74 | $slot[2] = (int) rand(0, 9); 75 | $slot[3] = (int) rand(0, 9); 76 | print 77 | "You place \${$_GET['bet']} into the slot and pull the pole.
78 | You see the numbers: $slot[1] $slot[2] $slot[3]
79 | You bet \${$_GET['bet']} "; 80 | if ($slot[1] == $slot[2] && $slot[2] == $slot[3]) 81 | { 82 | $won = $_GET['bet'] * 26; 83 | $gain = $_GET['bet'] * 25; 84 | print 85 | "and won \$$won by lining up 3 numbers pocketing you \$$gain extra."; 86 | } 87 | else if ($slot[1] == $slot[2] || $slot[2] == $slot[3] 88 | || $slot[1] == $slot[3]) 89 | { 90 | $won = $_GET['bet'] * 3; 91 | $gain = $_GET['bet'] * 2; 92 | print 93 | "and won \$$won by lining up 2 numbers pocketing you \$$gain extra."; 94 | } 95 | else 96 | { 97 | $won = 0; 98 | $gain = -$_GET['bet']; 99 | print "and lost it."; 100 | } 101 | mysql_query( 102 | "UPDATE users SET money=money+({$gain}) where userid=$userid", $c); 103 | $tresder = (int) (rand(100, 999)); 104 | print 105 | "
106 | > Another time, same bet.
107 | > I'll continue, but I'm changing my bet.
108 | > Enough's enough, I'm off."; 109 | } 110 | else 111 | { 112 | print 113 | "Ready to try your luck? Play today!
114 | The maximum bet for your level is \$$maxbet.
115 |
116 | Bet: \$
117 | 118 | 119 |
"; 120 | } 121 | 122 | $h->endpage(); 123 | -------------------------------------------------------------------------------- /upload/number.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $tresder = (int) (rand(100, 999)); 47 | $maxbet = $ir['level'] * 1; 48 | $_GET['tresde'] = abs((int) $_GET['tresde']); 49 | if (($_SESSION['tresde'] == $_GET['tresde']) || $_GET['tresde'] < 100) 50 | { 51 | die( 52 | "Error, you cannot refresh or go back on the slots, please use a side link to go somewhere else.
53 | > Back"); 54 | } 55 | $_SESSION['tresde'] = $_GET['tresde']; 56 | $_GET['crystals'] = abs((int) $_GET['crystals']); 57 | $_GET['number'] = abs((int) $_GET['number']); 58 | print "

Pick a number between 1 - 3 and double your bet of crystals

"; 59 | if ($_GET['crystals']) 60 | { 61 | if ($_GET['crystals'] > $ir['crystals']) 62 | { 63 | die( 64 | "You are trying to bet more than you have.
65 | > Back"); 66 | } 67 | else if ($_GET['crystals'] > $maxbet) 68 | { 69 | die( 70 | "You have gone over the max bet.
71 | > Back"); 72 | } 73 | else if ($_GET['number'] > 3 or $_GET['number'] < 1 or $_GET['bet'] < 0) 74 | { 75 | die( 76 | "The Numbers are only 1 - 3.
77 | > Back"); 78 | } 79 | 80 | $slot[1] = (int) rand(1, 3); 81 | print 82 | "You place \${$_GET['crystals']} into the slot and pull the pole.
83 | You see the number: $slot[1]
84 | You bet \${$_GET['crystals']} "; 85 | if ($slot[1] == $_GET['number']) 86 | { 87 | $won = $_GET['crystals'] * 2; 88 | $gain = $_GET['crystals'] * 1; 89 | print 90 | "and won \$$won by matching the number u bet pocketing you \$$gain extra."; 91 | } 92 | else 93 | { 94 | $won = 0; 95 | $gain = -$_GET['crystals']; 96 | print "and lost it."; 97 | } 98 | mysql_query( 99 | "UPDATE users SET crystals=crystals+({$gain}) where userid=$userid", 100 | $c); 101 | $tresder = (int) (rand(100, 999)); 102 | print 103 | "
104 | > Another time, same bet.
105 | > I'll continue, but I'm changing my bet.
106 | > Enough's enough, I'm off."; 107 | } 108 | else 109 | { 110 | print 111 | "Ready to try your luck? Play today!
112 | The maximum bet for your level is \$maxbet.
113 |
114 | Bet: \$
115 | Pick (1-3):
116 | 117 | 118 |
"; 119 | } 120 | 121 | $h->endpage(); 122 | -------------------------------------------------------------------------------- /upload/itemsell.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | $_GET['qty'] = abs((int) $_GET['qty']); 48 | //itemsend 49 | if ($_GET['qty']) 50 | { 51 | $id = 52 | mysql_query( 53 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 54 | $c); 55 | if (mysql_num_rows($id) == 0) 56 | { 57 | print "Invalid item ID"; 58 | } 59 | else 60 | { 61 | $r = mysql_fetch_array($id); 62 | if ($_GET['qty'] > $r['inv_qty']) 63 | { 64 | print "You are trying to send more than you have!"; 65 | } 66 | else 67 | { 68 | $price = $r['itmsellprice'] * $_GET['qty']; 69 | //are we sending it all 70 | if ($_GET['qty'] == $r['inv_qty']) 71 | { 72 | //just give them possession of the item 73 | mysql_query( 74 | "DELETE FROM inventory WHERE inv_id={$_GET['ID']}", 75 | $c); 76 | } 77 | else 78 | { 79 | //create seperate 80 | mysql_query( 81 | "UPDATE inventory SET inv_qty=inv_qty-{$_GET['qty']} WHERE inv_id={$_GET['ID']} LIMIT 1;", 82 | $c); 83 | } 84 | mysql_query( 85 | "UPDATE users SET money=money+{$price} WHERE userid=$userid", 86 | $c); 87 | $priceh = "$" . ($price); 88 | print "You sold {$_GET['qty']} {$r['itmname']}(s) for {$priceh}"; 89 | mysql_query( 90 | "INSERT INTO itemselllogs VALUES(NULL, $userid, {$r['itmid']}, $price, {$_GET['qty']}, " 91 | . time() 92 | . ", '{$ir['username']} sold {$_GET['qty']} {$r['itmname']}(s) for {$priceh}')", 93 | $c); 94 | } 95 | } 96 | } 97 | else if ($_GET['ID']) 98 | { 99 | $id = 100 | mysql_query( 101 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} and iv.inv_userid=$userid LIMIT 1", 102 | $c); 103 | if (mysql_num_rows($id) == 0) 104 | { 105 | print "Invalid item ID"; 106 | } 107 | else 108 | { 109 | $r = mysql_fetch_array($id); 110 | print 111 | "Enter how many {$r['itmname']} you want to sell. You have {$r['inv_qty']} to sell.
112 |
113 | 114 | Quantity:
115 |
"; 116 | } 117 | } 118 | else 119 | { 120 | print "Invalid use of file."; 121 | } 122 | $h->endpage(); 123 | -------------------------------------------------------------------------------- /upload/education.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print "

Schooling

"; 47 | if ($ir['course'] > 0) 48 | { 49 | $cd = mysql_query("SELECT * FROM courses WHERE crID={$ir['course']}", $c); 50 | $coud = mysql_fetch_array($cd); 51 | print 52 | "You are currently doing the {$coud['crNAME']}, you have {$ir['cdays']} days remaining."; 53 | } 54 | else 55 | { 56 | if ($_GET['cstart']) 57 | { 58 | $_GET['cstart'] = abs((int) $_GET['cstart']); 59 | //Verify. 60 | $cd = 61 | mysql_query( 62 | "SELECT * FROM courses WHERE crID={$_GET['cstart']}", 63 | $c); 64 | if (mysql_num_rows($cd) == 0) 65 | { 66 | print "You are trying to start a non-existant course!"; 67 | } 68 | else 69 | { 70 | $coud = mysql_fetch_array($cd); 71 | $cdo = 72 | mysql_query( 73 | "SELECT * FROM coursesdone WHERE userid=$userid AND courseid={$_GET['cstart']}", 74 | $c); 75 | if ($ir['money'] < $coud['crCOST']) 76 | { 77 | print "You don't have enough money to start this course."; 78 | $h->endpage(); 79 | exit; 80 | } 81 | if (mysql_num_rows($cdo) > 0) 82 | { 83 | print "You have already done this course."; 84 | $h->endpage(); 85 | exit; 86 | } 87 | mysql_query( 88 | "UPDATE users SET course={$_GET['cstart']},cdays={$coud['crDAYS']},money=money-{$coud['crCOST']} WHERE userid=$userid", 89 | $c); 90 | print 91 | "You have started the {$coud['crNAME']}, it will take {$coud['crDAYS']} days to complete."; 92 | } 93 | } 94 | else 95 | { 96 | //list courses 97 | print "Here is a list of available courses."; 98 | $q = mysql_query("SELECT * FROM courses", $c); 99 | print 100 | "
"; 101 | while ($r = mysql_fetch_array($q)) 102 | { 103 | $cdo = 104 | mysql_query( 105 | "SELECT * FROM coursesdone WHERE userid=$userid AND courseid={$r['crID']}", 106 | $c); 107 | if (mysql_num_rows($cdo)) 108 | { 109 | $do = "Done"; 110 | } 111 | else 112 | { 113 | $do = "Take"; 114 | } 115 | print 116 | ""; 117 | } 118 | print "
CourseDescriptionCostTake
{$r['crNAME']}{$r['crDESC']}\${$r['crCOST']}$do
"; 119 | } 120 | } 121 | $h->endpage(); 122 | -------------------------------------------------------------------------------- /upload/attackwon.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm, 0); 45 | $h->menuarea(); 46 | 47 | $_GET['ID'] = abs((int) $_GET['ID']); 48 | $_SESSION['attacking'] = 0; 49 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 50 | if ($_SESSION['attackwon'] != $_GET['ID']) 51 | { 52 | die("Cheaters don't get anywhere."); 53 | } 54 | if (mysql_num_rows($od)) 55 | { 56 | $r = mysql_fetch_array($od); 57 | if ($r['hp'] == 1) 58 | { 59 | print "What a cheater u are."; 60 | } 61 | else 62 | { 63 | $stole = (int) (rand($r['money'] / 500, $r['money'] / 20)); 64 | print "You beat {$r['username']} and stole \$$stole"; 65 | $qe = $r['level'] * $r['level'] * $r['level']; 66 | $expgain = rand($qe / 4, $qe / 2); 67 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 68 | print " and gained $expperc% EXP!"; 69 | mysql_query( 70 | "UPDATE users SET exp=exp+$expgain,money=money+$stole WHERE userid=$userid", 71 | $c); 72 | mysql_query( 73 | "UPDATE users SET hp=1,money=money-$stole WHERE userid={$r['userid']}", 74 | $c); 75 | event_add($r['userid'], 76 | "{$ir['username']} attacked you and stole $stole.", 77 | $c); 78 | $atklog = mysql_escape_string($_SESSION['attacklog']); 79 | mysql_query( 80 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 81 | . time() . ",$stole,'$atklog');", $c); 82 | $_SESSION['attackwon'] = 0; 83 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 84 | $moneys = 85 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 86 | 2481 => 30000, 263 => 10000, 264 => 10000, 87 | 265 => 15000, 536 => 100000, 720 => 1400000, 88 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 89 | 820 => 10000000); 90 | if (in_array($r['userid'], $bots)) 91 | { 92 | $qk = 93 | mysql_query( 94 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 95 | $c); 96 | if (!mysql_num_rows($qk)) 97 | { 98 | $gain = $moneys[$r['userid']]; 99 | mysql_query( 100 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 101 | $c); 102 | mysql_query( 103 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 104 | $c); 105 | print 106 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 107 | } 108 | } 109 | } 110 | } 111 | else 112 | { 113 | print "You beat Mr. non-existant!"; 114 | } 115 | $h->endpage(); 116 | -------------------------------------------------------------------------------- /upload/crons/cron_day.php: -------------------------------------------------------------------------------- 1 | 0) 45 | { 46 | mysql_query( 47 | "UPDATE `users` SET `fedjail` = 0 WHERE `userid` IN(" 48 | . implode(",", $ids) . ")", $c); 49 | } 50 | mysql_query("DELETE FROM `fedjail` WHERE `fed_days` <= 0", $c); 51 | $user_update_query = 52 | "UPDATE `users` SET 53 | `daysold` = `daysold` + 1, 54 | `mailban` = `mailban` - IF(`mailban` > 0, 1, 0), 55 | `donatordays` = `donatordays` - IF(`donatordays` > 0, 1, 0), 56 | `cdays` = `cdays` - IF(`course` > 0, 1, 0), 57 | `bankmoney` = `bankmoney` + IF(`bankmoney` > 0, `bankmoney` / 50, 0), 58 | `cybermoney` = `cybermoney` + IF(`cybermoney` > 0, `cybermoney` / 100 * 7, 0)"; 59 | mysql_query($user_update_query, $c); 60 | $q = 61 | mysql_query( 62 | "SELECT `userid`, `course` FROM `users` WHERE `cdays` <= 0 AND `course` > 0", 63 | $c); 64 | $course_cache = array(); 65 | while ($r = mysql_fetch_assoc($q)) 66 | { 67 | if (!array_key_exists($r['course'], $course_cache)) 68 | { 69 | $cd = 70 | mysql_query( 71 | "SELECT `crSTR`, `crGUARD`, `crLABOUR`, `crAGIL`, `crIQ`, `crNAME` 72 | FROM `courses` 73 | WHERE `crID` = {$r['course']}", $c); 74 | $coud = mysql_fetch_assoc($cd); 75 | mysql_free_result($cd); 76 | $course_cache[$r['course']] = $coud; 77 | } 78 | else 79 | { 80 | $coud = $course_cache[$r['course']]; 81 | } 82 | $userid = $r['userid']; 83 | mysql_query( 84 | "INSERT INTO `coursesdone` VALUES({$r['userid']}, {$r['course']})", 85 | $c); 86 | $upd = ""; 87 | $ev = ""; 88 | if ($coud['crSTR'] > 0) 89 | { 90 | $upd .= ", us.strength = us.strength + {$coud['crSTR']}"; 91 | $ev .= ", {$coud['crSTR']} strength"; 92 | } 93 | if ($coud['crGUARD'] > 0) 94 | { 95 | $upd .= ", us.guard = us.guard + {$coud['crGUARD']}"; 96 | $ev .= ", {$coud['crGUARD']} guard"; 97 | } 98 | if ($coud['crLABOUR'] > 0) 99 | { 100 | $upd .= ", us.labour = us.labour + {$coud['crLABOUR']}"; 101 | $ev .= ", {$coud['crLABOUR']} labour"; 102 | } 103 | if ($coud['crAGIL'] > 0) 104 | { 105 | $upd .= ", us.agility = us.agility + {$coud['crAGIL']}"; 106 | $ev .= ", {$coud['crAGIL']} agility"; 107 | } 108 | if ($coud['crIQ'] > 0) 109 | { 110 | $upd .= ", us.IQ = us.IQ + {$coud['crIQ']}"; 111 | $ev .= ", {$coud['crIQ']} IQ"; 112 | } 113 | $ev = substr($ev, 1); 114 | mysql_query( 115 | "UPDATE `users` AS `u` 116 | INNER JOIN `userstats` AS `us` ON `u`.`userid` = `us`.`userid` 117 | SET `u`.`course` = 0{$upd} 118 | WHERE `u`.`userid` = {$userid}", $c); 119 | event_add($userid, 120 | "Congratulations, you completed the {$coud['crNAME']} and gained {$ev}!", 121 | $c); 122 | } 123 | mysql_free_result($q); 124 | mysql_query("TRUNCATE TABLE `votes`", $c); 125 | -------------------------------------------------------------------------------- /upload/itemuse.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | //Food 48 | if (!$_GET['ID']) 49 | { 50 | print "Invalid use of file"; 51 | } 52 | else 53 | { 54 | $i = 55 | mysql_query( 56 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid", 57 | $c); 58 | if (mysql_num_rows($i) == 0) 59 | { 60 | print "Invalid item ID"; 61 | } 62 | else 63 | { 64 | $r = mysql_fetch_array($i); 65 | if ($r['itmtypename'] == 'Food') 66 | { 67 | $f = 68 | mysql_query( 69 | "SELECT * FROM food WHERE item_id={$r['itmid']}", 70 | $c); 71 | $fr = mysql_fetch_array($f); 72 | mysql_query( 73 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 74 | $c); 75 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 76 | mysql_query( 77 | "UPDATE users SET energy=energy+{$fr['energy']} WHERE userid=$userid"); 78 | mysql_query( 79 | "UPDATE users SET energy=maxenergy WHERE energy > maxenergy"); 80 | print 81 | "You cram a {$r['itmname']} into your mouth. You feel a bit of energy coming back to you."; 82 | } 83 | else if ($r['itmtypename'] == 'Medical') 84 | { 85 | $f = 86 | mysql_query( 87 | "SELECT * FROM medical WHERE item_id={$r['itmid']}", 88 | $c); 89 | $fr = mysql_fetch_array($f); 90 | mysql_query( 91 | "UPDATE inventory SET inv_qty=inv_qty-1 WHERE inv_id={$_GET['ID']}", 92 | $c); 93 | mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); 94 | mysql_query( 95 | "UPDATE users SET hp=hp+{$fr['health']} WHERE userid=$userid"); 96 | mysql_query("UPDATE users SET hp=maxhp WHERE hp > maxhp"); 97 | if ($r['itmname'] == 'Full Restore') 98 | { 99 | mysql_query( 100 | "UPDATE users SET energy=maxenergy,will=maxwill,brave=maxbrave WHERE userid=$userid", 101 | $c); 102 | } 103 | if ($r['itmname'] == 'Will Potion') 104 | { 105 | mysql_query( 106 | "UPDATE users SET will=maxwill WHERE userid=$userid", 107 | $c); 108 | } 109 | print 110 | "You spray a {$r['itmname']} into your mouth. You feel a bit of health coming back to you."; 111 | } 112 | else 113 | { 114 | print "You cannot use this item."; 115 | } 116 | } 117 | } 118 | $h->endpage(); 119 | -------------------------------------------------------------------------------- /upload/advsearch.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($_POST['submit']) 47 | { 48 | $levelmin = abs((int) $_POST['levelmin']); 49 | $levelmax = abs((int) $_POST['levelmax']); 50 | $levelmin_clause = "WHERE level >= '{$levelmin}'"; 51 | $levelmax_clause = " AND level <= '{$levelmax}'"; 52 | $nom = mysql_real_escape_string(stripslashes($_POST['name']), $c); 53 | $gender = 54 | in_array($_POST['gender'], array('Male', 'Female'), true) 55 | ? $_POST['gender'] : ''; 56 | $name_clause = ($nom) ? " AND username LIKE('%{$nom}%')" : ""; 57 | $gender_clause = ($gender) ? " AND gender = '{$gender}'" : ""; 58 | $house = abs((int) $_POST['house']); 59 | $online = abs((int) $_POST['online']); 60 | $dayo_min = abs((int) $_POST['daysmin']); 61 | $dayo_max = abs((int) $_POST['daysmax']); 62 | $house_clause = ($house) ? " AND maxwill = '{$house}'" : ""; 63 | $online_clause = ($online) ? " AND laston >= " . (time() - $online) : ""; 64 | $daysmin_clause = ($dayo_min) ? " AND daysold >= '{$dayo_min}'" : ""; 65 | $daysmax_clause = ($dayo_max) ? " AND daysold <= '{$dayo_max}'" : ""; 66 | $q = 67 | mysql_query( 68 | "SELECT * FROM users $levelmin_clause$levelmax_clause$name_clause$gender_clause$house_clause$online_clause$daysmin_clause$daysmax_clause", 69 | $c); 70 | print 71 | mysql_num_rows($q) 72 | . " players found.
73 | "; 74 | while ($r = mysql_fetch_array($q)) 75 | { 76 | print 77 | ""; 78 | } 79 | print "
UserLevelMoney
{$r['username']}{$r['level']}\${$r['money']}
"; 80 | } 81 | else 82 | { 83 | print 84 | <<Advanced search 86 | * is a required field.
87 |
88 | 89 | Name:
90 | Level: From: * To: 91 | *
92 | Gender:
97 | House: To:
109 |
110 | EOF; 111 | } 112 | $h->endpage(); 113 | -------------------------------------------------------------------------------- /upload/attackleave.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm, 0); 45 | $h->menuarea(); 46 | 47 | $_GET['ID'] = abs((int) $_GET['ID']); 48 | $_SESSION['attacking'] = 0; 49 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 50 | if ($_SESSION['attackwon'] != $_GET['ID']) 51 | { 52 | die("Cheaters don't get anywhere."); 53 | } 54 | if (mysql_num_rows($od)) 55 | { 56 | $r = mysql_fetch_array($od); 57 | if ($r['hp'] == 1) 58 | { 59 | print "What a cheater u are."; 60 | } 61 | else 62 | { 63 | print "You beat {$r['username']} and leave him on the ground."; 64 | $qe = $r['level'] * $r['level'] * $r['level']; 65 | $expgain = rand($qe / 4, $qe / 2); 66 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 67 | print " and gained $expperc% EXP!"; 68 | mysql_query("UPDATE users SET exp=exp+$expgain WHERE userid=$userid", 69 | $c); 70 | mysql_query("UPDATE users SET hp=1 WHERE userid={$r['userid']}", $c); 71 | event_add($r['userid'], 72 | "{$ir['username']} attacked you and left you lying on the street.", 73 | $c); 74 | 75 | mysql_query( 76 | "UPDATE users SET hp=1,hospital=hospital+20+(rand()*20),hospreason='Attacked by {$ir['username']}' WHERE userid={$r['userid']}", 77 | $c); 78 | $atklog = mysql_escape_string($_SESSION['attacklog']); 79 | mysql_query( 80 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 81 | . time() . ",$stole,'$atklog');", $c); 82 | $_SESSION['attackwon'] = 0; 83 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 84 | $moneys = 85 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 86 | 2481 => 30000, 263 => 10000, 264 => 10000, 87 | 265 => 15000, 536 => 100000, 720 => 1400000, 88 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 89 | 820 => 10000000); 90 | if (in_array($r['userid'], $bots)) 91 | { 92 | $qk = 93 | mysql_query( 94 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 95 | $c); 96 | if (!mysql_num_rows($qk)) 97 | { 98 | $gain = $moneys[$r['userid']]; 99 | mysql_query( 100 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 101 | $c); 102 | mysql_query( 103 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 104 | $c); 105 | print 106 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 107 | } 108 | } 109 | } 110 | } 111 | else 112 | { 113 | print "You beat Mr. non-existant!"; 114 | } 115 | $h->endpage(); 116 | -------------------------------------------------------------------------------- /upload/gym.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $out = ""; 45 | $_GET['times'] = abs((int) $_GET['times']); 46 | if (isset($_GET['train'])) 47 | { 48 | if ($_GET['train'] != "strength" && $_GET['train'] != "agility" 49 | && $_GET['train'] != "guard" && $_GET['train'] != "labour") 50 | { 51 | $h->userdata($ir, $lv, $fm, $cm); 52 | $h->menuarea(); 53 | die("Abusers aren't allowed."); 54 | } 55 | $tgain = 0; 56 | for ($i = 1; $i <= $_GET['times'] && $ir['energy'] > 0; $i++) 57 | { 58 | if ($ir['energy'] > 0) 59 | { 60 | $gain = 61 | rand(1, 3) / rand(800, 1000) * rand(800, 1000) 62 | * (($ir['will'] + 20) / 150); 63 | $tgain += $gain; 64 | if ($_GET['train'] == "IQ") 65 | { 66 | $gain /= 100; 67 | } 68 | $ir[$_GET['train']] += $gain; 69 | $egain = $gain / 10; 70 | $ts = $ir[$_GET['train']]; 71 | $st = $_GET['train']; 72 | 73 | mysql_query( 74 | "UPDATE userstats SET $st=$st+" . $gain 75 | . " WHERE userid=$userid", $c) 76 | or die( 77 | "UPDATE userstats SET $st=$st+$gain,energy=energy-1,exp=exp+$egain WHERE userid=$userid
" 78 | . mysql_error()); 79 | $wu = (int) (rand(1, 3)); 80 | if ($ir['will'] >= $wu) 81 | { 82 | $ir['will'] -= $wu; 83 | mysql_query( 84 | "UPDATE users SET energy=energy-1,exp=exp+$egain,will=will-$wu WHERE userid=$userid", 85 | $c); 86 | } 87 | else 88 | { 89 | $ir['will'] = 0; 90 | mysql_query( 91 | "UPDATE users SET energy=energy-1,exp=exp+$egain,will=0 WHERE userid=$userid", 92 | $c); 93 | } 94 | $ir['energy'] -= 1; 95 | $ir['exp'] += $egain; 96 | 97 | } 98 | else 99 | { 100 | $out = "You do not have enough energy to train."; 101 | } 102 | } 103 | $stat = $ir[$st]; 104 | $i--; 105 | $out = 106 | "You begin training your $st.
107 | You have gained $tgain $st by training it $i times.
108 | You now have $stat $st and {$ir['energy']} energy left.

"; 109 | 110 | } 111 | else 112 | { 113 | $out = "

Gym: Main Lobby

"; 114 | } 115 | $h->userdata($ir, $lv, $fm, $cm); 116 | $h->menuarea(); 117 | print $out; 118 | print 119 | "Enter the amount of times you wish to train and choose the stat to train.
120 | You can train up to {$ir['energy']} times.
121 |
126 |
"; 127 | 128 | $h->endpage(); 129 | -------------------------------------------------------------------------------- /upload/attackmug.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm, 0); 45 | $h->menuarea(); 46 | 47 | $_GET['ID'] = abs((int) $_GET['ID']); 48 | $_SESSION['attacking'] = 0; 49 | $od = mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}", $c); 50 | if ($_SESSION['attackwon'] != $_GET['ID']) 51 | { 52 | die("Cheaters don't get anywhere."); 53 | } 54 | if (mysql_num_rows($od)) 55 | { 56 | $r = mysql_fetch_array($od); 57 | if ($r['hp'] == 1) 58 | { 59 | print "What a cheater u are."; 60 | } 61 | else 62 | { 63 | $stole = (int) (rand($r['money'] / 500, $r['money'] / 20)); 64 | print "You beat {$r['username']} and stole \$$stole"; 65 | $qe = $r['level'] * $r['level'] * $r['level']; 66 | $expgain = rand($qe / 4, $qe / 2); 67 | $expperc = (int) ($expgain / $ir['exp_needed'] * 100); 68 | print " and gained $expperc% EXP!"; 69 | mysql_query( 70 | "UPDATE users SET exp=exp+$expgain,money=money+$stole WHERE userid=$userid", 71 | $c); 72 | mysql_query( 73 | "UPDATE users SET hp=1,money=money-$stole WHERE userid={$r['userid']}", 74 | $c); 75 | event_add($r['userid'], 76 | "{$ir['username']} attacked you and stole $stole.", 77 | $c); 78 | 79 | mysql_query( 80 | "UPDATE users SET hp=1,hospital=hospital+20+(rand()*20),hospreason='Attacked by {$ir['username']}' WHERE userid={$r['userid']}", 81 | $c); 82 | $atklog = mysql_escape_string($_SESSION['attacklog']); 83 | mysql_query( 84 | "INSERT INTO attacklogs VALUES(NULL,$userid,{$_GET['ID']},'won'," 85 | . time() . ",$stole,'$atklog');", $c); 86 | $_SESSION['attackwon'] = 0; 87 | $bots = array(2477, 2479, 2480, 2481, 263, 264, 265); 88 | $moneys = 89 | array(2477 => 80000, 2479 => 30000, 2480 => 30000, 90 | 2481 => 30000, 263 => 10000, 264 => 10000, 91 | 265 => 15000, 536 => 100000, 720 => 1400000, 92 | 721 => 1400000, 722 => 1400000, 585 => 5000000, 93 | 820 => 10000000); 94 | if (in_array($r['userid'], $bots)) 95 | { 96 | $qk = 97 | mysql_query( 98 | "SELECT * FROM challengesbeaten WHERE userid=$userid AND npcid={$r['userid']}", 99 | $c); 100 | if (!mysql_num_rows($qk)) 101 | { 102 | $gain = $moneys[$r['userid']]; 103 | mysql_query( 104 | "UPDATE users SET money=money+$gain WHERE userid=$userid", 105 | $c); 106 | mysql_query( 107 | "INSERT INTO challengesbeaten VALUES ($userid,{$r['userid']})", 108 | $c); 109 | print 110 | "

Congrats, for beating the Challenge Bot {$r['username']}, you have earnt \$$gain!"; 111 | } 112 | } 113 | } 114 | } 115 | else 116 | { 117 | print "You beat Mr. non-existant!"; 118 | } 119 | $h->endpage(); 120 | -------------------------------------------------------------------------------- /upload/lib/installer_error_handler.php: -------------------------------------------------------------------------------- 1 | Installer Error

'; 33 | echo 'A critical error has occurred, and installation has stopped. ' 34 | . 'Below are the details:
' . $debug_error . '

' 35 | . 'Action taken: ' . $action . '

'; 36 | if (is_array($context) && count($context) > 0) 37 | { 38 | echo 'Context at error time: ' . '

' 39 | . nl2br(print_r($context, true)); 40 | } 41 | require_once('./installer_foot.php'); 42 | exit; 43 | } 44 | 45 | function error_php($errno, $errstr, $errfile = '', $errline = 0, 46 | $errcontext = array()) 47 | { 48 | // What's happened? 49 | // If it's a PHP warning or user error/warning, don't go further - indicates bad code, unsafe 50 | if ($errno == 2) // E_WARNING 51 | { 52 | error_critical('', 53 | 'PHP Warning: ' . $errstr . ' (' . $errno 54 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 55 | $errcontext); 56 | } 57 | else if ($errno == 4096) // E_RECOVERABLE_ERROR (since 5.2) 58 | { 59 | error_critical('', 60 | 'PHP Recoverable Error: ' . $errstr . ' (' 61 | . $errno . ')', 62 | 'Line executed: ' . $errfile . ':' . $errline, $errcontext); 63 | } 64 | else if ($errno == 256) // E_USER_ERROR 65 | { 66 | error_critical('', 67 | 'User Error: ' . $errstr . ' (' . $errno 68 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 69 | $errcontext); 70 | } 71 | else if ($errno == 512) // E_USER_WARNING 72 | { 73 | error_critical('', 74 | 'User Warning: ' . $errstr . ' (' . $errno 75 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 76 | $errcontext); 77 | } 78 | else 79 | { 80 | // Only do anything if DEBUG is on, now 81 | if (DEBUG) 82 | { 83 | // Determine the name to display from the error type 84 | $errname = 'Unknown Error'; 85 | switch ($errno) 86 | { 87 | case 8: 88 | $errname = 'PHP Notice'; 89 | break; // E_NOTICE 90 | case 1024: 91 | $errname = 'User Notice'; 92 | break; // E_USER_NOTICE 93 | case 8192: 94 | $errname = 'PHP Deprecation Notice'; 95 | break; // E_DEPRECATED [since 5.3] 96 | case 16384: 97 | $errname = 'User Deprecation Notice'; 98 | break; // E_USER_DEPRECATED [since 5.3] 99 | } 100 | require_once('./installer_head.php'); // in case it hasn't been included 101 | echo 'A non-critical error has occurred. Page execution will continue. ' 102 | . 'Below are the details:
' . $errname 103 | . ': ' . $errstr . ' (' . $errno . ')' 104 | . '

' . 'Line executed: ' 105 | . $errfile . ':' . $errline . '

'; 106 | if (is_array($errcontext) && count($errcontext) > 0) 107 | { 108 | echo 'Context at error time: ' 109 | . '

' . nl2br(print_r($errcontext, true)); 110 | } 111 | } 112 | } 113 | } -------------------------------------------------------------------------------- /upload/stats.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | // Basic Stats (all users) 47 | $q = 48 | mysql_query( 49 | "SELECT COUNT(`userid`) AS `c_users`, 50 | SUM(`money`) AS `s_money`, 51 | SUM(`crystals`) AS `s_crystals` 52 | FROM `users`", $c); 53 | $mem_info = mysql_fetch_assoc($q); 54 | $membs = $mem_info['c_users']; 55 | $total = $mem_info['s_money']; 56 | $avg = (int) ($total / ($membs > 1 ? $membs : 1)); 57 | $totalc = $mem_info['s_crystals']; 58 | $avgc = (int) ($totalc / ($membs > 1 ? $membs : 1)); 59 | mysql_free_result($q); 60 | $q = 61 | mysql_query( 62 | "SELECT COUNT(`userid`) AS `c_users`, 63 | SUM(`bankmoney`) AS `s_bank` 64 | FROM `users` 65 | WHERE `bankmoney` > -1", $c); 66 | $bank_info = mysql_fetch_assoc($q); 67 | $banks = $bank_info['c_users']; 68 | $totalb = $bank_info['s_bank']; 69 | $avgb = (int) ($totalb / ($banks > 0 ? $banks : 1)); 70 | mysql_free_result($q); 71 | $q = 72 | mysql_query( 73 | "SELECT COUNT(`userid`) 74 | FROM `users` 75 | WHERE `gender` = 'Male'", $c); 76 | $male = mysql_result($q, 0, 0); 77 | mysql_free_result($q); 78 | $q = 79 | mysql_query( 80 | "SELECT COUNT(`userid`) 81 | FROM `users` 82 | WHERE `gender` = 'Female'", $c); 83 | $fem = mysql_result($q, 0, 0); 84 | mysql_free_result($q); 85 | 86 | $q = mysql_query("SELECT SUM(`inv_qty`) 87 | FROM `inventory`", $c); 88 | $totali =(int) mysql_result($q, 0, 0); 89 | mysql_free_result($q); 90 | $q = mysql_query("SELECT COUNT(`mail_id`) 91 | FROM `mail`", $c); 92 | $mail = mysql_result($q, 0, 0); 93 | mysql_free_result($q); 94 | $q = mysql_query("SELECT COUNT(`evID`) 95 | FROM `events`", $c); 96 | $events = mysql_result($q, 0, 0); 97 | mysql_free_result($q); 98 | echo "

Country Statistics

99 | You step into the Statistics Department and login to the service. You see some stats that interest you.
100 | 101 | 102 | 103 | 104 | 105 | 106 | 110 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 138 | 142 | 143 |
UsersMoney and Crystals
107 | There are currently $membs {$set['game_name']} players, 108 | $male males and $fem females. 109 | 111 | Amount of cash in circulation: " . money_formatter($total) 112 | . ".
113 | The average player has: " . money_formatter($avg) 114 | . ".
115 | Amount of cash in banks: " . money_formatter($totalb) 116 | . ".
117 | Amount of players with bank accounts: $banks
118 | The average player has in their bank accnt: " 119 | . money_formatter($avgb) 120 | . ".
121 | Amount of crystals in circulation: " 122 | . money_formatter($totalc, "") 123 | . ".
124 | The average player has: " . money_formatter($avgc, "") 125 | . " crystals. 126 |
Mails/EventsItems
134 | " . money_formatter($mail, "") . " mails and " 135 | . money_formatter($events, "") 136 | . " events have been sent. 137 | 139 | There are currently " . money_formatter($totali, "") 140 | . " items in circulation. 141 |
"; 144 | $h->endpage(); 145 | -------------------------------------------------------------------------------- /upload/sendcash.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | $_GET['ID'] = abs((int) $_GET['ID']); 47 | $_POST['money'] = abs((int) $_POST['money']); 48 | if (!((int) $_GET['ID'])) 49 | { 50 | print "Invalid User ID"; 51 | } 52 | else if ($_GET['ID'] == $userid) 53 | { 54 | print "Haha, what does sending money to yourself do anyway?"; 55 | } 56 | else 57 | { 58 | if ((int) $_POST['money']) 59 | { 60 | if ($_POST['money'] > $ir['money']) 61 | { 62 | print "Die j00 abuser."; 63 | } 64 | else 65 | { 66 | mysql_query( 67 | "UPDATE users SET money=money-{$_POST['money']} WHERE userid=$userid", 68 | $c); 69 | mysql_query( 70 | "UPDATE users SET money=money+{$_POST['money']} WHERE userid={$_GET['ID']}", 71 | $c); 72 | print "You sent \${$_POST['money']} to ID {$_GET['ID']}."; 73 | event_add($_GET['ID'], 74 | "You received \${$_POST['money']} from {$ir['username']}.", 75 | $c); 76 | $it = 77 | mysql_query( 78 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}", 79 | $c) or die(mysql_error()); 80 | $er = mysql_fetch_array($it); 81 | mysql_query( 82 | "INSERT INTO cashxferlogs VALUES(NULL, $userid, {$_GET['ID']}, {$_POST['money']}, " 83 | . time() 84 | . ", '{$ir['lastip']}', '{$er['lastip']}')", $c); 85 | } 86 | } 87 | else 88 | { 89 | print 90 | "

Sending Money

91 | You are sending money to ID: {$_GET['ID']}. 92 |
93 | Amnt:
94 |
"; 95 | print 96 | "

Latest 5 Transfers

97 | "; 98 | $q = 99 | mysql_query( 100 | "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid WHERE cx.cxFROM=$userid ORDER BY cx.cxTIME DESC LIMIT 5", 101 | $c) 102 | or die( 103 | mysql_error() . "
" 104 | . "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid WHERE cx.cxFROM=$userid ORDER BY cx.cxTIME DESC LIMIT 5"); 105 | while ($r = mysql_fetch_array($q)) 106 | { 107 | if ($r['cxFROMIP'] == $r['cxTOIP']) 108 | { 109 | $m = "MULTI"; 110 | } 111 | else 112 | { 113 | $m = ""; 114 | } 115 | print 116 | ""; 118 | } 119 | print "
Time User From User To Amount
" . date("F j, Y, g:i:s a", $r['cxTIME']) 117 | . "{$r['sender']} [{$r['cxFROM']}] {$r['sent']} [{$r['cxTO']}] \${$r['cxAMOUNT']}
"; 120 | } 121 | } 122 | $h->endpage(); 123 | -------------------------------------------------------------------------------- /upload/itemsend.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | //itemsend 47 | if ($_GET['qty'] && $_GET['user']) 48 | { 49 | $id = 50 | mysql_query( 51 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 52 | $c); 53 | if (mysql_num_rows($id) == 0) 54 | { 55 | print "Invalid item ID"; 56 | } 57 | else 58 | { 59 | $r = mysql_fetch_array($id); 60 | $m = 61 | mysql_query( 62 | "SELECT * FROM users WHERE userid={$_GET['user']} LIMIT 1", 63 | $c); 64 | if ($_GET['qty'] > $r['inv_qty']) 65 | { 66 | print "You are trying to send more than you have!"; 67 | } 68 | else if ($_GET['qty'] <= 0) 69 | { 70 | print "You know, I'm not dumb, j00 cheating hacker."; 71 | } 72 | else if (mysql_num_rows($m) == 0) 73 | { 74 | print "You are trying to send to an invalid user!"; 75 | } 76 | else 77 | { 78 | $rm = mysql_fetch_array($m); 79 | //are we sending it all 80 | if ($_GET['qty'] == $r['inv_qty']) 81 | { 82 | //just give them possession of the item 83 | mysql_query( 84 | "UPDATE inventory SET inv_userid={$_GET['user']} WHERE inv_id={$_GET['ID']} LIMIT 1", 85 | $c); 86 | 87 | } 88 | else 89 | { 90 | //create seperate 91 | mysql_query( 92 | "INSERT INTO inventory VALUES(NULL,'{$r['inv_itemid']}',{$_GET['user']},{$_GET['qty']});", 93 | $c); 94 | mysql_query( 95 | "UPDATE inventory SET inv_qty=inv_qty-{$_GET['qty']} WHERE inv_id={$_GET['ID']} LIMIT 1;", 96 | $c); 97 | } 98 | print 99 | "You sent {$_GET['qty']} {$r['itmname']}(s) to {$rm['username']}"; 100 | event_add($_GET['user'], 101 | "You received {$_GET['qty']} {$r['itmname']}(s) from {$ir['username']}", 102 | $c); 103 | mysql_query( 104 | "INSERT INTO itemxferlogs VALUES(NULL,$userid,{$_GET['user']},{$r['itmid']},{$_GET['qty']}," 105 | . time() . ")", $c); 106 | } 107 | } 108 | } 109 | else if ($_GET['ID']) 110 | { 111 | $id = 112 | mysql_query( 113 | "SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid=$userid LIMIT 1", 114 | $c); 115 | if (mysql_num_rows($id) == 0) 116 | { 117 | print "Invalid item ID"; 118 | } 119 | else 120 | { 121 | $r = mysql_fetch_array($id); 122 | print 123 | "Enter who you want to send {$r['itmname']} to and how many you want to send. You have {$r['inv_qty']} to send.
124 |
125 | User ID:
126 | Quantity:
127 |
"; 128 | } 129 | } 130 | else 131 | { 132 | print "Invalid use of file."; 133 | } 134 | $h->endpage(); 135 | -------------------------------------------------------------------------------- /upload/hirespy.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if ($ir['user_level'] != 2) 47 | { 48 | die(""); 49 | } 50 | $_POST['ID'] = abs((int) $_POST['ID']); 51 | $_GET['ID'] = abs((int) $_GET['ID']); 52 | if ($_POST['ID']) 53 | { 54 | $q = 55 | mysql_query( 56 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_POST['ID']}", 57 | $c); 58 | $r = mysql_fetch_array($q); 59 | if ($r['user_level'] == 2) 60 | { 61 | print 62 | "The spy never came back. It was rumoured he was attacked by {$r['username']} and pushed off a cliff."; 63 | } 64 | else 65 | { 66 | $payment = $r['level'] * 1000; 67 | mysql_query( 68 | "UPDATE users SET money=money-$payment WHERE userid=$userid", 69 | $c); 70 | $exp = 71 | (int) ($r['exp'] 72 | / (($r['level'] + 1) * ($r['level'] + 1) 73 | * ($r['level'] + 1) * 2) * 100); 74 | print 75 | "You have hired a spy to get information on {$r['username']} at the cost of \$$payment. Here is the info he retrieved:
76 | Strength: {$r['strength']}
77 | Agility: {$r['agility']}
78 | Guard: {$r['guard']}
79 | Labour: {$r['labour']}
80 | IQ: {$r['IQ']}
81 | Exp: $exp%
82 | Here is his/her inventory.
"; 83 | $inv = 84 | mysql_query( 85 | "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$r['userid']}", 86 | $c); 87 | if (mysql_num_rows($inv) == 0) 88 | { 89 | print "This person has no items!"; 90 | } 91 | else 92 | { 93 | print 94 | "His/her items are listed below.
95 | "; 96 | while ($i = mysql_fetch_array($inv)) 97 | { 98 | print ""; 106 | } 107 | print "
ItemSell ValueTotal Sell Value
{$i['itmname']}"; 99 | if ($i['inv_qty'] > 1) 100 | { 101 | print " x{$i['inv_qty']}"; 102 | } 103 | print "\${$i['itmsellprice']}"; 104 | print "$" . ($i['itmsellprice'] * $i['inv_qty']); 105 | print "
"; 108 | } 109 | } 110 | } 111 | else 112 | { 113 | $q = 114 | mysql_query( 115 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$_GET['ID']}", 116 | $c); 117 | if (mysql_num_rows($q) == 0) 118 | { 119 | print "This user does not exist."; 120 | } 121 | else 122 | { 123 | $r = mysql_fetch_array($q); 124 | $payment = $r['level'] * 1000; 125 | print 126 | "You are hiring a spy to spy on {$r['username']} at the cost of \$$payment.
"; 127 | if ($ir['money'] >= $payment) 128 | { 129 | print 130 | "
"; 131 | } 132 | else 133 | { 134 | print "You don't have enough money!"; 135 | } 136 | } 137 | } 138 | 139 | $h->endpage(); 140 | -------------------------------------------------------------------------------- /upload/crystaltemple.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | if (!$_GET['spend']) 47 | { 48 | print 49 | "Welcome to the crystal temple!
50 | You have {$ir['crystals']} crystals.
51 | What would you like to spend your crystals on?
52 |
53 | Energy Refill - 12 Crystals
54 | IQ - 5 IQ per crystal
55 | Money - \$200 per crystal
"; 56 | } 57 | else 58 | { 59 | if ($_GET['spend'] == 'refill') 60 | { 61 | if ($ir['crystals'] < 12) 62 | { 63 | print "You don't have enough crystals!"; 64 | } 65 | else if ($ir['energy'] == $ir['maxenergy']) 66 | { 67 | print "You already have full energy."; 68 | } 69 | else 70 | { 71 | mysql_query( 72 | "UPDATE users SET energy=maxenergy,crystals=crystals-12 WHERE userid=$userid", 73 | $c); 74 | print "You have paid 12 crystals to refill your energy bar."; 75 | } 76 | } 77 | else if ($_GET['spend'] == 'IQ') 78 | { 79 | print 80 | "Type in the amount of crystals you want to swap for IQ.
81 | You have {$ir['crystals']} crystals.
82 | One crystal = 5 IQ.

"; 83 | } 84 | else if ($_GET['spend'] == 'IQ2') 85 | { 86 | $_POST['crystals'] = (int) $_POST['crystals']; 87 | if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) 88 | { 89 | print 90 | "Error, you either do not have enough crystals or did not fill out the form.
91 | Back"; 92 | } 93 | else 94 | { 95 | $iqgain = $_POST['crystals'] * 5; 96 | mysql_query( 97 | "UPDATE users SET crystals=crystals-{$_POST['crystals']} WHERE userid=$userid", 98 | $c); 99 | mysql_query( 100 | "UPDATE userstats SET IQ=IQ+$iqgain WHERE userid=$userid", 101 | $c); 102 | print "You traded {$_POST['crystals']} crystals for $iqgain IQ."; 103 | } 104 | } 105 | else if ($_GET['spend'] == 'money') 106 | { 107 | print 108 | "Type in the amount of crystals you want to swap for \$\$\$.
109 | You have {$ir['crystals']} crystals.
110 | One crystal = \$200.

"; 111 | } 112 | else if ($_GET['spend'] == 'money2') 113 | { 114 | $_POST['crystals'] = (int) $_POST['crystals']; 115 | if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) 116 | { 117 | print 118 | "Error, you either do not have enough crystals or did not fill out the form.
119 | Back"; 120 | } 121 | else 122 | { 123 | $iqgain = $_POST['crystals'] * 200; 124 | mysql_query( 125 | "UPDATE users SET crystals=crystals-{$_POST['crystals']},money=money+$iqgain WHERE userid=$userid", 126 | $c); 127 | print "You traded {$_POST['crystals']} crystals for \$$iqgain."; 128 | } 129 | } 130 | } 131 | 132 | $h->endpage(); 133 | -------------------------------------------------------------------------------- /upload/bank.php: -------------------------------------------------------------------------------- 1 | startheaders(); 33 | include "mysql.php"; 34 | global $c; 35 | $is = 36 | mysql_query( 37 | "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", 38 | $c) or die(mysql_error()); 39 | $ir = mysql_fetch_array($is); 40 | check_level(); 41 | $fm = money_formatter($ir['money']); 42 | $cm = money_formatter($ir['crystals'], ''); 43 | $lv = date('F j, Y, g:i a', $ir['laston']); 44 | $h->userdata($ir, $lv, $fm, $cm); 45 | $h->menuarea(); 46 | print "

Bank

"; 47 | if ($ir['bankmoney'] > -1) 48 | { 49 | switch ($_GET['action']) 50 | { 51 | case "deposit": 52 | deposit(); 53 | break; 54 | 55 | case "withdraw": 56 | withdraw(); 57 | break; 58 | 59 | default: 60 | index(); 61 | break; 62 | } 63 | 64 | } 65 | else 66 | { 67 | if (isset($_GET['buy'])) 68 | { 69 | if ($ir['money'] > 49999) 70 | { 71 | print 72 | "Congratulations, you bought a bank account for \$50,000!
73 | Start using my account"; 74 | mysql_query( 75 | "UPDATE users SET money=money-50000,bankmoney=0 WHERE userid=$userid", 76 | $c); 77 | } 78 | else 79 | { 80 | print 81 | "You do not have enough money to open an account. 82 | Back to town..."; 83 | } 84 | } 85 | else 86 | { 87 | print 88 | "Open a bank account today, just \$50,000!
89 | > Yes, sign me up!"; 90 | } 91 | } 92 | 93 | function index() 94 | { 95 | global $ir, $c, $userid, $h; 96 | print 97 | "\nYou currently have \${$ir['bankmoney']} in the bank.
98 | At the end of each day, your bank balance will go up by 2%.
99 |
Deposit Money
100 | It will cost you 15% of the money you deposit, rounded up. The maximum fee is \$3,000.
101 | Amount:
102 |
103 | Withdraw Money
104 | There is no fee on withdrawals.
105 | Amount:
106 |
"; 107 | } 108 | 109 | function deposit() 110 | { 111 | global $ir, $c, $userid, $h; 112 | $_POST['deposit'] = abs((int) $_POST['deposit']); 113 | if ($_POST['deposit'] > $ir['money']) 114 | { 115 | print "You do not have enough money to deposit this amount."; 116 | } 117 | else 118 | { 119 | $fee = ceil($_POST['deposit'] * 15 / 100); 120 | if ($fee > 3000) 121 | { 122 | $fee = 3000; 123 | } 124 | $gain = $_POST['deposit'] - $fee; 125 | $ir['bankmoney'] += $gain; 126 | mysql_query( 127 | "UPDATE users SET bankmoney=bankmoney+$gain, money=money-{$_POST['deposit']} where userid=$userid", 128 | $c); 129 | print 130 | "You hand over \${$_POST['deposit']} to be deposited,
131 | after the fee is taken (\$$fee), \$$gain is added to your account.
132 | You now have \${$ir['bankmoney']} in the bank.
133 | > Back"; 134 | } 135 | } 136 | 137 | function withdraw() 138 | { 139 | global $ir, $c, $userid, $h; 140 | $_POST['withdraw'] = abs((int) $_POST['withdraw']); 141 | if ($_POST['withdraw'] > $ir['bankmoney']) 142 | { 143 | print "You do not have enough banked money to withdraw this amount."; 144 | } 145 | else 146 | { 147 | 148 | $gain = $_POST['withdraw']; 149 | $ir['bankmoney'] -= $gain; 150 | mysql_query( 151 | "UPDATE users SET bankmoney=bankmoney-$gain, money=money+$gain where userid=$userid", 152 | $c); 153 | print 154 | "You ask to withdraw $gain,
155 | the banking lady grudgingly hands it over.
156 | You now have \${$ir['bankmoney']} in the bank.
157 | > Back"; 158 | } 159 | } 160 | $h->endpage(); 161 | -------------------------------------------------------------------------------- /upload/register.php: -------------------------------------------------------------------------------- 1 | 28 | 29 | 30 | 31 | 32 | {GAME_NAME} 33 | 34 | 35 | Your Game Logo 36 |
37 | EOF; 38 | $ip = ($_SERVER['REMOTE_ADDR']); 39 | if (file_exists('ipbans/' . $ip)) 40 | { 41 | die( 42 | " 43 | Your IP has been banned, there is no way around this. 44 | 45 | "); 46 | } 47 | if ($_POST['username']) 48 | { 49 | $sm = 100; 50 | if ($_POST['promo'] == "Your Promo Code Here") 51 | { 52 | $sm += 100; 53 | } 54 | $username = $_POST['username']; 55 | $username = 56 | mysql_real_escape_string( 57 | htmlentities(stripslashes($username), ENT_QUOTES, 58 | 'ISO-8859-1'), $c); 59 | $q = mysql_query("SELECT * FROM users WHERE username='{$username}'", $c); 60 | if (mysql_num_rows($q)) 61 | { 62 | print "Username already in use. Choose another."; 63 | } 64 | else if ($_POST['password'] != $_POST['cpassword']) 65 | { 66 | print "The passwords did not match, go back and try again."; 67 | } 68 | else 69 | { 70 | $_POST['ref'] = abs((int) $_POST['ref']); 71 | $ip = $_SERVER['REMOTE_ADDR']; 72 | if ($_POST['ref']) 73 | { 74 | $q = 75 | mysql_query( 76 | "SELECT `lastip` 77 | FROM `users` 78 | WHERE `userid` = {$_POST['ref']}", $c); 79 | if (mysql_num_rows($q) == 0) 80 | { 81 | mysql_free_result($q); 82 | echo "Referrer does not exist.
83 | > Back"; 84 | die(''); 85 | } 86 | $rem_IP = mysql_result($q, 0, 0); 87 | mysql_free_result($q); 88 | if ($rem_IP == $ip) 89 | { 90 | echo "No creating referral multies.
91 | > Back"; 92 | die(''); 93 | } 94 | } 95 | mysql_query( 96 | "INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), 1, $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, 'Male', " 97 | . time() . ", '{$_POST['email']}', -1, '$ip')", $c); 98 | $i = mysql_insert_id($c); 99 | mysql_query("INSERT INTO userstats VALUES($i, 10, 10, 10, 10, 10)", $c); 100 | 101 | if ($_POST['ref']) 102 | { 103 | mysql_query( 104 | "UPDATE `users` 105 | SET `crystals` = `crystals` + 2 106 | WHERE `userid` = {$_POST['ref']}"); 107 | event_add($_POST['ref'], 108 | "For refering $username to the game, you have earnt 2 valuable crystals!", 109 | $c); 110 | $e_rip = mysql_real_escape_string($rem_IP, $c); 111 | $e_oip = mysql_real_escape_string($ip, $c); 112 | mysql_query( 113 | "INSERT INTO `referals` 114 | VALUES(NULL, {$_POST['ref']}, $i, " . time() 115 | . ", '{$e_rip}', '$e_oip')", $c); 116 | } 117 | print 118 | "You have signed up, enjoy the game.
119 | > Login"; 120 | } 121 | } 122 | else 123 | { 124 | $gref = abs((int) $_GET['REF']); 125 | $fref = $gref ? $gref : ''; 126 | echo << 128 | {GAME_NAME} Registration 129 | 130 |
131 | Username:
132 | Password:
133 | Confirm Password:
134 | Email:
135 | Promo Code:
136 | 137 | 138 |

139 | > Go Back 140 | EOF; 141 | } 142 | print ""; 143 | --------------------------------------------------------------------------------