├── .gitignore ├── LICENSE ├── MCCodes2_Manual.htm ├── README.md ├── ad_filler.png ├── announcements.php ├── attack.php ├── attackbeat.php ├── attacklost.php ├── attacktake.php ├── attackwon.php ├── authenticate.php ├── bank.php ├── bargreen.gif ├── barred.gif ├── battletent.php ├── blacklist.php ├── bluebar.png ├── captcha_verify.php ├── check.php ├── checkem.php ├── checkun.php ├── class ├── bbcode_engine.php ├── class_bbcode.php ├── class_db_mysqli.php └── index.html ├── cmarket.php ├── contactlist.php ├── creategang.php ├── criminal.php ├── crons ├── CronHandler.php ├── classes │ ├── CronFiveMinute.php │ ├── CronOneDay.php │ ├── CronOneHour.php │ └── CronOneMinute.php └── cronless_crons.php ├── crystaltemple.php ├── css ├── game.css ├── index.html ├── installer.css ├── login.css └── register.css ├── cyberbank.php ├── dbdata.sql ├── dgrad.jpg ├── dgradl.jpg ├── dgradr.jpg ├── dlarchive.php ├── docker-compose.yml ├── docrime.php ├── donator.gif ├── donator.php ├── donatordone.php ├── education.php ├── equip_armor.php ├── equip_weapon.php ├── estate.php ├── events.php ├── explore.php ├── fedjail.php ├── forums.php ├── friendslist.php ├── gamerules.php ├── gangcentral.php ├── gangs.php ├── gangwars.php ├── global_func.php ├── globals.php ├── globals_nonauth.php ├── greenbar.png ├── gym.php ├── halloffame.php ├── header.php ├── helptutorial.php ├── hospital.php ├── imadd.php ├── index.php ├── installer.php ├── installer_foot.php ├── installer_head.php ├── inventory.php ├── ipn_donator.php ├── ipn_wp.php ├── itembuy.php ├── iteminfo.php ├── itemmarket.php ├── itemsell.php ├── itemsend.php ├── itemuse.php ├── jail.php ├── jailbail.php ├── jailbust.php ├── jailuser.php ├── job.php ├── js ├── index.html ├── jquery-1.7.1.min.js ├── login.js └── register.js ├── lgrad.jpg ├── lib ├── basic_error_handler.php ├── index.html └── installer_error_handler.php ├── linegrad.PNG ├── loggedin.php ├── login.php ├── logo.png ├── logout.php ├── lucky.php ├── macro1.php ├── macro2.php ├── mailban.php ├── mailbox.php ├── mainmenu.php ├── mcc_splash_2.png ├── monorail.php ├── newspaper.php ├── oclog.php ├── polling.php ├── polls_view.php ├── preferences.php ├── preport.php ├── redbar.png ├── register.php ├── rgrad.jpg ├── roulette.php ├── search.php ├── searchlocation.php ├── searchname.php ├── sendbank.php ├── sendcash.php ├── sendcrys.php ├── sendcyber.php ├── sglobals.php ├── shops.php ├── slotsmachine.php ├── smenu.php ├── staff.php ├── staff_api.php ├── staff_battletent.php ├── staff_cities.php ├── staff_courses.php ├── staff_crimes.php ├── staff_forums.php ├── staff_gangs.php ├── staff_houses.php ├── staff_items.php ├── staff_jobs.php ├── staff_logs.php ├── staff_polls.php ├── staff_punit.php ├── staff_roles.php ├── staff_shops.php ├── staff_special.php ├── staff_users.php ├── stafflist.php ├── staffnotes.php ├── stats.php ├── tablehgrad.png ├── title.jpg ├── unequip.php ├── userlist.php ├── usersonline.php ├── views ├── assets │ ├── css │ │ └── staff.css │ └── js │ │ └── staff.js └── staff-roles │ ├── index.html │ ├── role-grant.html │ ├── role-index-entry.html │ ├── role-index.html │ ├── role-remove.html │ ├── role-revoke.html │ ├── role-selection-menu.html │ └── role-upsert.html ├── viewuser.php ├── willpdone.php ├── willpotion.php ├── yellowbar.png └── yourgang.php /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/* 2 | .DS_Store 3 | config.php 4 | vendor 5 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Dave Macaulay & MCCodes 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /ad_filler.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/ad_filler.png -------------------------------------------------------------------------------- /announcements.php: -------------------------------------------------------------------------------- 1 | query( 14 | 'SELECT `a_text`, `a_time` FROM `announcements` ' 15 | . 'ORDER BY `a_time` DESC'); 16 | echo ' 17 | 18 | 19 | 20 | 21 | 22 | '; 23 | while ($r = $db->fetch_row($q)) 24 | { 25 | if ($ac > 0) 26 | { 27 | $ac--; 28 | $new = '
New!'; 29 | } 30 | else 31 | { 32 | $new = ''; 33 | } 34 | $r['a_text'] = nl2br($r['a_text']); 35 | echo ' 36 | 37 | 39 | 40 | 41 | '; 42 | } 43 | $db->free_result($q); 44 | echo '
TimeAnnouncement
' . date('F j Y, g:i:s a', (int)$r['a_time']) . $new 38 | . '' . $r['a_text'] . '
'; 45 | if ($ir['new_announcements'] > 0) 46 | { 47 | $db->query( 48 | 'UPDATE `users` ' . 'SET `new_announcements` = 0 ' 49 | . "WHERE `userid` = '{$userid}'"); 50 | } 51 | $h->endpage(); 52 | -------------------------------------------------------------------------------- /attacklost.php: -------------------------------------------------------------------------------- 1 | query( 21 | "SELECT `username`, `level`, `gang` FROM `users` WHERE `userid` = {$_GET['ID']}"); 22 | if ($db->num_rows($od) > 0) 23 | { 24 | $r = $db->fetch_row($od); 25 | $db->free_result($od); 26 | echo "You lost to {$r['username']}"; 27 | $expgain = abs(($ir['level'] - $r['level']) ^ 3); 28 | $expgainp = $expgain / $ir['exp_needed'] * 100; 29 | echo " and lost $expgainp% EXP!"; 30 | // Figure out their EXP, 0 or decreased? 31 | $newexp = max($ir['exp'] - $expgain, 0); 32 | $db->query( 33 | "UPDATE `users` SET `exp` = {$newexp}, `attacking` = 0 WHERE `userid` = $userid"); 34 | event_add($r['userid'], 35 | "{$ir['username']} attacked you and lost."); 36 | $atklog = $db->escape($_SESSION['attacklog']); 37 | $db->query( 38 | "INSERT INTO `attacklogs` VALUES(NULL, $userid, {$_GET['ID']}, 39 | 'lost', " . time() . ", 0, '$atklog')"); 40 | if ($ir['gang'] > 0 && $r['gang'] > 0) 41 | { 42 | $warq = 43 | $db->query( 44 | "SELECT * FROM `gangwars` 45 | WHERE (`warDECLARER` = {$ir['gang']} AND `warDECLARED` = {$r['gang']}) 46 | OR (`warDECLARED` = {$ir['gang']} AND `warDECLARER` = {$r['gang']})"); 47 | if ($db->num_rows($warq) > 0) 48 | { 49 | $war = $db->fetch_row($warq); 50 | $db->query( 51 | "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` + 1 WHERE `gangID` = {$r['gang']}"); 52 | $db->query( 53 | "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` - 1 WHERE `gangID` = {$ir['gang']}"); 54 | echo '
You lost 1 respect for your gang!'; 55 | } 56 | $db->free_result($warq); 57 | } 58 | } 59 | else 60 | { 61 | $db->free_result($od); 62 | echo 'You lost to Mr. Non-existent! =O'; 63 | } 64 | $h->endpage(); 65 | -------------------------------------------------------------------------------- /authenticate.php: -------------------------------------------------------------------------------- 1 | {$set['game_name']} Error 18 | Your request has expired for security reasons! Please try again.
19 | > Back"); 20 | } 21 | // Check username and password input 22 | $username = 23 | (array_key_exists('username', $_POST) && is_string($_POST['username'])) 24 | ? $_POST['username'] : ''; 25 | $password = 26 | (array_key_exists('password', $_POST) && is_string($_POST['password'])) 27 | ? $_POST['password'] : ''; 28 | if (empty($username) || empty($password)) 29 | { 30 | die( 31 | "

{$set['game_name']} Error

32 | You did not fill in the login form!
33 | > Back"); 34 | } 35 | $form_username = $db->escape(stripslashes($username)); 36 | $raw_password = stripslashes($password); 37 | $uq = 38 | $db->query( 39 | "SELECT `userid`, `userpass`, `pass_salt` 40 | FROM `users` 41 | WHERE `login_name` = '$form_username'"); 42 | if ($db->num_rows($uq) == 0) 43 | { 44 | $db->free_result($uq); 45 | die( 46 | "

{$set['game_name']} Error

47 | Invalid username or password!
48 | > Back"); 49 | } 50 | else 51 | { 52 | $mem = $db->fetch_row($uq); 53 | $db->free_result($uq); 54 | $login_failed = false; 55 | // Pass Salt generation: autofix 56 | if (empty($mem['pass_salt'])) 57 | { 58 | if (md5($raw_password) != $mem['userpass']) 59 | { 60 | $login_failed = true; 61 | } 62 | $salt = generate_pass_salt(); 63 | $enc_psw = encode_password($mem['userpass'], $salt, true); 64 | $e_salt = $db->escape($salt); // in case of changed salt function 65 | $e_encpsw = $db->escape($enc_psw); // ditto for password encoder 66 | $db->query( 67 | "UPDATE `users` 68 | SET `pass_salt` = '{$e_salt}', `userpass` = '{$e_encpsw}' 69 | WHERE `userid` = {$mem['userid']}"); 70 | } 71 | else 72 | { 73 | $login_failed = 74 | !(verify_user_password($raw_password, $mem['pass_salt'], 75 | $mem['userpass'])); 76 | } 77 | if ($login_failed) 78 | { 79 | die( 80 | "

{$set['game_name']} Error

81 | Invalid username or password!
82 | > Back"); 83 | } 84 | session_regenerate_id(); 85 | $_SESSION['loggedin'] = 1; 86 | $_SESSION['userid'] = $mem['userid']; 87 | $IP = $db->escape($_SERVER['REMOTE_ADDR']); 88 | $db->query( 89 | "UPDATE `users` 90 | SET `lastip_login` = '$IP', `last_login` = " 91 | . $_SERVER['REQUEST_TIME'] 92 | . " 93 | WHERE `userid` = {$mem['userid']}"); 94 | if ($set['validate_period'] == 'login' && $set['validate_on']) 95 | { 96 | $db->query( 97 | "UPDATE `users` 98 | SET `verified` = 0 99 | WHERE `userid` = {$mem['userid']}"); 100 | } 101 | $loggedin_url = 'https://' . determine_game_urlbase() . '/loggedin.php'; 102 | header("Location: {$loggedin_url}"); 103 | exit; 104 | } 105 | -------------------------------------------------------------------------------- /bargreen.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/bargreen.gif -------------------------------------------------------------------------------- /barred.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/barred.gif -------------------------------------------------------------------------------- /battletent.php: -------------------------------------------------------------------------------- 1 | Battle Tent 13 | Welcome to the battle tent! Here you can challenge NPCs for money. 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | "; 24 | $q = 25 | $db->query( 26 | "SELECT `cb`.`cb_money`, `c`.`npcid`, `cy`.`cityname`, 27 | `u`.`userid`, `username`, `level`, `hp`, `maxhp`, `location`, `hospital`, `jail` 28 | FROM `challengebots` AS `cb` 29 | LEFT JOIN `users` AS `u` ON `cb`.`cb_npcid` = `u`.`userid` 30 | LEFT JOIN `challengesbeaten` AS `c` ON `c`.`npcid` = `u`.`userid` AND `c`.`userid` = $userid 31 | LEFT JOIN `cities` AS `cy` ON `u`.`location` = `cy`.`cityid`"); 32 | while ($r = $db->fetch_row($q)) 33 | { 34 | $earn = $r['cb_money']; 35 | $v = $r['userid']; 36 | $countq = 37 | $db->query( 38 | "SELECT COUNT(`npcid`) FROM `challengesbeaten` WHERE `npcid` = $v"); 39 | $times = $db->fetch_single($countq); 40 | $db->free_result($countq); 41 | echo "'; 62 | } 63 | $db->free_result($q); 64 | echo '
Bot NameLevelTimes OwnedReady To Be Challenged?LocationMoney WonChallenge
{$r['username']}{$r['level']}$times"; 42 | if ($r['hp'] >= $r['maxhp'] / 2 && $r['location'] == $ir['location'] 43 | && !$ir['hospital'] && !$ir['jail'] && !$r['hospital'] 44 | && !$r['jail']) 45 | { 46 | echo 'Yes'; 47 | } 48 | else 49 | { 50 | echo 'No'; 51 | } 52 | echo "{$r['cityname']}$earn"; 53 | if ($r['npcid']) 54 | { 55 | echo 'Already'; 56 | } 57 | else 58 | { 59 | echo "Challenge"; 60 | } 61 | echo '
'; 65 | $h->endpage(); 66 | -------------------------------------------------------------------------------- /bluebar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/bluebar.png -------------------------------------------------------------------------------- /captcha_verify.php: -------------------------------------------------------------------------------- 1 | [10, $f_x - 10], 1 => [5, $f_y - 5], 69 | 2 => [10, $f_x - 10], 3 => [5, $f_y - 5], 70 | 4 => [10, $f_x - 10], 5 => [5, $f_y - 5], 71 | 6 => [10, $f_x - 10], 7 => [5, $f_y - 5], 72 | 8 => [10, $f_x - 10], 9 => [5, $f_y - 5],]; 73 | imagefilledpolygon($first, $points, $red); 74 | } 75 | imagestring($first, 4, rand(0, (int)($f_x / 3)), rand(0, (int)($f_y / 2.5)), 76 | $_SESSION['captcha'], $black); 77 | imagecopyresized($second, $first, 0, 0, 0, 0, $s_x, $s_y, $f_x, $f_y); 78 | imagedestroy($first); 79 | $red = imagecolorallocate($second, 255, 0, 0); 80 | $green = imagecolorallocate($second, 0, 128, 0); 81 | $blue = imagecolorallocate($second, 0, 0, 255); 82 | $RandomPixels = ceil($s_x * $s_y / 100); 83 | for ($i = 0; $i < $RandomPixels; $i++) 84 | { 85 | $locx = rand(0, $s_x - 1); 86 | $locy = rand(0, $s_y - 1); 87 | imagesetpixel($second, $locx, $locy, $red); 88 | } 89 | for ($i = 0; $i < $RandomPixels; $i++) 90 | { 91 | $locx = rand(0, $s_x - 1); 92 | $locy = rand(0, $s_y - 1); 93 | imagesetpixel($second, $locx, $locy, $green); 94 | } 95 | for ($i = 0; $i < $RandomPixels; $i++) 96 | { 97 | $locx = rand(0, $s_x - 1); 98 | $locy = rand(0, $s_y - 1); 99 | imagesetpixel($second, $locx, $locy, $blue); 100 | } 101 | $randcolor = 102 | imagecolorallocate($second, rand(100, 255), rand(100, 255), 103 | rand(100, 255)); 104 | for ($i = 0; $i < 5; $i++) 105 | { 106 | imageline($second, rand(0, $s_x), rand(0, $s_y), rand(0, $s_x), 107 | rand(0, $s_y), $randcolor); 108 | $randcolor = 109 | imagecolorallocate($second, rand(100, 255), rand(100, 255), 110 | rand(100, 255)); 111 | } 112 | @header('Content-Type: image/png'); 113 | $finished = 114 | imagerotate($second, rand(0, 15) - 7.5, 115 | $bgcolor[2] * 65536 + $bgcolor[1] * 256 + $bgcolor[0]); 116 | imagedestroy($second); 117 | imagepng($finished); 118 | imagedestroy($finished); 119 | -------------------------------------------------------------------------------- /checkem.php: -------------------------------------------------------------------------------- 1 | Invalid - Blank"); 41 | } 42 | if (!valid_email($email)) 43 | { 44 | die("Invalid - Bad Format"); 45 | } 46 | $e_email = $db->escape($email); 47 | $q = 48 | $db->query( 49 | "SELECT COUNT(`userid`) FROM users WHERE `email` = '{$e_email}'"); 50 | if ($db->fetch_single($q) != 0) 51 | { 52 | echo 'Invalid - Already In Use'; 53 | } 54 | else 55 | { 56 | echo 'Valid'; 57 | } 58 | $db->free_result($q); 59 | -------------------------------------------------------------------------------- /checkun.php: -------------------------------------------------------------------------------- 1 | Invalid - Blank"); 32 | } 33 | if ((strlen($username) < 3)) 34 | { 35 | die("Invalid - Too Short"); 36 | } 37 | if ((strlen($username) > 31)) 38 | { 39 | die("Invalid - Too Long"); 40 | } 41 | $e_username = $db->escape($username); 42 | $q = 43 | $db->query( 44 | "SELECT COUNT(`userid`) FROM users WHERE login_name = '{$e_username}' OR username = '{$e_username}'"); 45 | if ($db->fetch_single($q)) 46 | { 47 | echo 'Invalid - Taken'; 48 | } 49 | else 50 | { 51 | echo 'Valid'; 52 | } 53 | $db->free_result($q); 54 | -------------------------------------------------------------------------------- /class/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Forbidden 6 | 7 | 8 |

Access Forbidden

9 | This folder is not designed to be accessed directly. 10 | 11 | 12 | -------------------------------------------------------------------------------- /creategang.php: -------------------------------------------------------------------------------- 1 | endpage(); 17 | exit; 18 | } 19 | if ($ir['gang']) 20 | { 21 | echo "You're already in a gang!"; 22 | $h->endpage(); 23 | exit; 24 | } 25 | if (isset($_POST['submit']) && isset($_POST['desc']) 26 | && !empty($_POST['name'])) 27 | { 28 | if (!isset($_POST['verf']) 29 | || !verify_csrf_code('creategang', stripslashes($_POST['verf']))) 30 | { 31 | echo '

Error


32 | This transaction has been blocked for your security.
33 | Please create your gang quickly after you open the form - do not leave it open in tabs.
34 | > Try Again'; 35 | $h->endpage(); 36 | exit; 37 | } 38 | $name = 39 | $db->escape( 40 | htmlentities(stripslashes($_POST['name']), ENT_QUOTES, 41 | 'ISO-8859-1')); 42 | $desc = 43 | $db->escape( 44 | htmlentities(stripslashes($_POST['desc']), ENT_QUOTES, 45 | 'ISO-8859-1')); 46 | $db->query( 47 | "INSERT INTO `gangs` 48 | (`gangNAME`, `gangDESC`, `gangRESPECT`, `gangPRESIDENT`, `gangVICEPRES`, `gangCAPACITY`) 49 | VALUES('$name', '$desc', 100, $userid, $userid, 5)"); 50 | $i = $db->insert_id(); 51 | $db->query( 52 | "UPDATE `users` SET `gang` = $i, `money` = `money` - {$cg_price} WHERE `userid` = $userid"); 53 | echo 'Gang created!'; 54 | } 55 | else 56 | { 57 | $code = request_csrf_code('creategang'); 58 | echo "

Create A Gang

59 |
60 | 61 | Name:
62 | Description:
63 | 64 |
65 | 66 | 68 |
"; 69 | } 70 | $h->endpage(); 71 | -------------------------------------------------------------------------------- /criminal.php: -------------------------------------------------------------------------------- 1 | query( 20 | 'SELECT `crimeGROUP`, `crimeNAME`, `crimeBRAVE`, `crimeID` 21 | FROM `crimes` 22 | ORDER BY `crimeBRAVE` ASC'); 23 | while ($r2 = $db->fetch_row($q2)) 24 | { 25 | $crimes[] = $r2; 26 | } 27 | $db->free_result($q2); 28 | $q = 29 | $db->query( 30 | 'SELECT `cgID`, `cgNAME` FROM `crimegroups` ORDER BY `cgORDER` ASC'); 31 | echo "

Criminal Centre


32 | "; 33 | while ($r = $db->fetch_row($q)) 34 | { 35 | echo ""; 36 | foreach ($crimes as $v) 37 | { 38 | if ($v['crimeGROUP'] == $r['cgID']) 39 | { 40 | echo ""; 41 | } 42 | } 43 | } 44 | $db->free_result($q); 45 | echo '
CrimeCostDo
{$r['cgNAME']}
{$v['crimeNAME']}{$v['crimeBRAVE']} BraveDo
'; 46 | $h->endpage(); 47 | -------------------------------------------------------------------------------- /crons/classes/CronFiveMinute.php: -------------------------------------------------------------------------------- 1 | pendingIncrements)) { 41 | $this->pendingIncrements = $increments; 42 | } 43 | parent::doFullRunActual([ 44 | 'updateUserStatBars', 45 | ], $this); 46 | } 47 | 48 | /** 49 | * @return void 50 | */ 51 | public function updateUserStatBars(): void 52 | { 53 | $this->db->query( 54 | 'UPDATE users SET 55 | brave = LEAST(brave + (((maxbrave / 10) + 0.5) * ' . $this->pendingIncrements . '), maxbrave), 56 | hp = LEAST(hp + ((maxhp / 3) * ' . $this->pendingIncrements . '), maxhp), 57 | will = LEAST(will + (10 * ' . $this->pendingIncrements . '), maxwill), 58 | energy = IF(donatordays > 0, 59 | LEAST(energy + ((maxenergy / 6) * ' . $this->pendingIncrements . '), maxenergy), 60 | LEAST(energy + ((maxenergy / 12.5) * ' . $this->pendingIncrements . '), maxenergy) 61 | ), 62 | verified = 0' 63 | ); 64 | 65 | $this->updateAffectedRowCnt(); 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /crons/classes/CronOneMinute.php: -------------------------------------------------------------------------------- 1 | pendingIncrements)) { 41 | $this->pendingIncrements = $increments; 42 | } 43 | parent::doFullRunActual([ 44 | 'updateJailHospitalTimes', 45 | ], $this); 46 | } 47 | 48 | /** 49 | * @return void 50 | * @throws Throwable 51 | */ 52 | public function updateJailHospitalTimes(): void 53 | { 54 | $this->db->query( 55 | 'UPDATE users SET hospital = GREATEST(hospital - ' . $this->pendingIncrements . ', 0), jail = GREATEST(jail - ' . $this->pendingIncrements . ', 0) WHERE jail > 0 OR hospital > 0' 56 | ); 57 | $this->updateAffectedRowCnt(); 58 | $get_counts = $this->db->query( 59 | 'SELECT 60 | SUM(IF(hospital > 0, 1, 0)) AS hc, 61 | SUM(IF(jail > 0, 1, 0)) AS jc 62 | FROM users' 63 | ); 64 | $counts = $this->db->fetch_row($get_counts); 65 | $this->db->query( 66 | 'UPDATE settings SET conf_value = IF(conf_name = \'hospital_count\', ' . $counts['hc'] . ', conf_value), conf_value = IF(conf_name = \'jail_count\', ' . $counts['jc'] . ', conf_value) WHERE conf_name IN (\'hospital_count\', \'jail_count\')' 67 | ); 68 | $this->updateAffectedRowCnt(); 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /crons/cronless_crons.php: -------------------------------------------------------------------------------- 1 | query( 10 | 'SELECT * FROM cron_times', 11 | ); 12 | /** 13 | * @var $crons 14 | * Holds the key-value paired data of crons and when they last ran 15 | * cron-name -> last runtime 16 | * (ex: minute-1 -> 2024-06-21 03:25:16) 17 | */ 18 | $crons = []; 19 | while ($row = $db->fetch_row($get_crons)) { 20 | $crons[$row['name']] = $row['last_run']; 21 | } 22 | $db->free_result($get_crons); 23 | 24 | /** 25 | * @param string $cron the "last_run" timestamp of a cron 26 | * @throws Exception 27 | */ 28 | function get_time_diff(string $cron): int 29 | { 30 | // Get current time 31 | $now = new DateTime('now'); 32 | // Get last run time 33 | $then = new DateTime($cron); 34 | // Return the difference in seconds 35 | return (int)($now->format('U') - $then->format('U')); 36 | } 37 | 38 | $diffs = [ 39 | 'minute-1' => [ 40 | 'cron' => $crons['minute-1'], 41 | 'diff' => 60, 42 | ], 43 | 'minute-5' => [ 44 | 'cron' => $crons['minute-5'], 45 | 'diff' => 300, 46 | ], 47 | 'hour-1' => [ 48 | 'cron' => $crons['hour-1'], 49 | 'diff' => 3600, 50 | ], 51 | 'day-1' => [ 52 | 'cron' => $crons['day-1'], 53 | 'diff' => 86400, 54 | ], 55 | ]; 56 | foreach ($diffs as $name => $conf) { 57 | $diff = get_time_diff($crons[$name]); 58 | if ($diff >= $conf['diff']) { 59 | $times = floor($diff / $conf['diff']); 60 | (CronHandler::getInstance($db))->run($name, (int)$times); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /css/game.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | /** 3 | * MCCodes Version 2.0.5b 4 | * Copyright (C) 2005-2012 Dabomstew 5 | * All rights reserved. 6 | * 7 | * Redistribution of this code in any form is prohibited, except in 8 | * the specific cases set out in the MCCodes Customer License. 9 | * 10 | * This code license may be used to run one (1) game. 11 | * A game is defined as the set of users and other game database data, 12 | * so you are permitted to create alternative clients for your game. 13 | * 14 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 15 | * using it illegally. Please contact MCCodes to discuss licensing options 16 | * in this case. 17 | * 18 | * File: css/game.css 19 | * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 20 | * Date: Fri, 20 Apr 12 08:50:30 +0000 21 | */ 22 | 23 | body { 24 | background-color: #DEDEDE; 25 | margin-top: 0; 26 | margin-bottom: 0; 27 | font-family: calibri, helvetica, arial, geneva, sans-serif; 28 | font-size: 12px; 29 | color: black; 30 | scrollbar-base-color: #005B70; 31 | scrollbar-arrow-color: #F3960B; 32 | scrollbar-DarkShadow-Color: #000000; 33 | } 34 | 35 | a:visited,a:active,a:hover,a:link { 36 | color: black; 37 | text-decoration: none; 38 | } 39 | 40 | table,tr,td { 41 | font-family: helvetica, arial, geneva, sans-serif; 42 | font-size: 12px; 43 | } 44 | 45 | img { 46 | border: none; 47 | } 48 | 49 | textarea { 50 | font-family: helvetica, arial, geneva, sans-serif; 51 | font-size: 12px; 52 | color: black; 53 | } 54 | 55 | .table2 { 56 | 57 | } 58 | 59 | .lgrad { 60 | background-image: url("../lgrad.jpg"); 61 | background-repeat: repeat-y; 62 | width: 19px; 63 | } 64 | 65 | .linegrad { 66 | background-image: url(../linegrad.PNG); 67 | background-repeat: repeat-y; 68 | background-position: center; 69 | width: 2px; 70 | } 71 | 72 | .rgrad { 73 | background-image: url(../rgrad.jpg); 74 | background-repeat: repeat-y; 75 | width: 19px; 76 | } 77 | 78 | .dgrad { 79 | background-image: url(../dgrad.jpg); 80 | background-repeat: repeat-x; 81 | height: 38px; 82 | } 83 | 84 | .dgradl { 85 | background-image: url(../dgradl.jpg); 86 | background-repeat: no-repeat; 87 | height: 38px; 88 | width: 38px; 89 | } 90 | 91 | .dgradr { 92 | background-image: url(../dgradr.jpg); 93 | background-repeat: no-repeat; 94 | height: 38px; 95 | width: 38px; 96 | } 97 | 98 | .center { 99 | width: 932px; 100 | background-color: #FFFFFF; 101 | vertical-align: top; 102 | text-align: center; 103 | } 104 | 105 | .table { 106 | background-color: #000000; 107 | } 108 | 109 | .table td { 110 | background-color: #DEDEDE; 111 | height: 22px; 112 | } 113 | 114 | .table3 td { 115 | background-color: #CCCCCC; 116 | } 117 | 118 | td .alt { 119 | background-color: #EEEEEE; 120 | height: 22px; 121 | } 122 | 123 | td .h { 124 | background-image: url(../tablehgrad.png); 125 | background-repeat: repeat-x; 126 | font-weight: bold; 127 | background-color: #D6D6D6; 128 | } 129 | 130 | .table th { 131 | background-image: url(../tablehgrad.png); 132 | background-repeat: repeat-x; 133 | font-weight: bold; 134 | background-color: #D6D6D6; 135 | } 136 | -------------------------------------------------------------------------------- /css/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Forbidden 6 | 7 | 8 |

Access Forbidden

9 | This folder is not designed to be accessed directly. 10 | 11 | 12 | -------------------------------------------------------------------------------- /css/installer.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | /** 3 | * MCCodes Version 2.0.5b 4 | * Copyright (C) 2005-2012 Dabomstew 5 | * All rights reserved. 6 | * 7 | * Redistribution of this code in any form is prohibited, except in 8 | * the specific cases set out in the MCCodes Customer License. 9 | * 10 | * This code license may be used to run one (1) game. 11 | * A game is defined as the set of users and other game database data, 12 | * so you are permitted to create alternative clients for your game. 13 | * 14 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 15 | * using it illegally. Please contact MCCodes to discuss licensing options 16 | * in this case. 17 | * 18 | * File: css/installer.css 19 | * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 20 | * Date: Fri, 20 Apr 12 08:50:30 +0000 21 | */ 22 | 23 | body { 24 | background-color: #DEDEDE; 25 | margin-top: 0; 26 | margin-bottom: 0; 27 | font-family: calibri, helvetica, arial, geneva, sans-serif; 28 | font-size: 12px; 29 | color: black; 30 | scrollbar-base-color: #005B70; 31 | scrollbar-arrow-color: #F3960B; 32 | scrollbar-DarkShadow-Color: #000000; 33 | } 34 | 35 | a:visited,a:active,a:hover,a:link { 36 | color: black; 37 | text-decoration: none; 38 | } 39 | 40 | table,tr,td { 41 | font-family: helvetica, arial, geneva, sans-serif; 42 | font-size: 12px; 43 | } 44 | 45 | img { 46 | border: none; 47 | } 48 | 49 | textarea { 50 | font-family: helvetica, arial, geneva, sans-serif; 51 | font-size: 12px; 52 | color: black; 53 | } 54 | 55 | .table2 { 56 | 57 | } 58 | 59 | .lgrad { 60 | background-image: url("../lgrad.jpg"); 61 | background-repeat: repeat-y; 62 | width: 19px; 63 | } 64 | 65 | .linegrad { 66 | background-image: url(../linegrad.PNG); 67 | background-repeat: repeat-y; 68 | background-position: center; 69 | width: 2px; 70 | } 71 | 72 | .rgrad { 73 | background-image: url(../rgrad.jpg); 74 | background-repeat: repeat-y; 75 | width: 19px; 76 | } 77 | 78 | .dgrad { 79 | background-image: url(../dgrad.jpg); 80 | background-repeat: repeat-x; 81 | height: 38px; 82 | } 83 | 84 | .dgradl { 85 | background-image: url(../dgradl.jpg); 86 | background-repeat: no-repeat; 87 | height: 38px; 88 | width: 38px; 89 | } 90 | 91 | .dgradr { 92 | background-image: url(../dgradr.jpg); 93 | background-repeat: no-repeat; 94 | height: 38px; 95 | width: 38px; 96 | } 97 | 98 | .center { 99 | width: 932px; 100 | background-color: #FFFFFF; 101 | vertical-align: top; 102 | text-align: center; 103 | } 104 | 105 | .table { 106 | background-color: #000000; 107 | } 108 | 109 | .table td { 110 | background-color: #DEDEDE; 111 | height: 22px; 112 | } 113 | 114 | .table3 td { 115 | background-color: #CCCCCC; 116 | } 117 | 118 | td .alt { 119 | background-color: #EEEEEE; 120 | height: 22px; 121 | } 122 | 123 | td .h { 124 | background-image: url(../tablehgrad.png); 125 | background-repeat: repeat-x; 126 | font-weight: bold; 127 | background-color: #D6D6D6; 128 | } 129 | 130 | .table th { 131 | background-image: url(../tablehgrad.png); 132 | background-repeat: repeat-x; 133 | font-weight: bold; 134 | background-color: #D6D6D6; 135 | } 136 | -------------------------------------------------------------------------------- /css/login.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | /** 3 | * MCCodes Version 2.0.5b 4 | * Copyright (C) 2005-2012 Dabomstew 5 | * All rights reserved. 6 | * 7 | * Redistribution of this code in any form is prohibited, except in 8 | * the specific cases set out in the MCCodes Customer License. 9 | * 10 | * This code license may be used to run one (1) game. 11 | * A game is defined as the set of users and other game database data, 12 | * so you are permitted to create alternative clients for your game. 13 | * 14 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 15 | * using it illegally. Please contact MCCodes to discuss licensing options 16 | * in this case. 17 | * 18 | * File: css/login.css 19 | * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 20 | * Date: Fri, 20 Apr 12 08:50:30 +0000 21 | */ 22 | 23 | body { 24 | background-color: #DEDEDE; 25 | margin-top: 0; 26 | margin-bottom: 0; 27 | font-family: calibri, helvetica, arial, geneva, sans-serif; 28 | font-size: 12px; 29 | color: black; 30 | scrollbar-base-color: #005B70; 31 | scrollbar-arrow-color: #F3960B; 32 | scrollbar-DarkShadow-Color: #000000; 33 | } 34 | 35 | a:visited,a:active,a:hover,a:link { 36 | color: black; 37 | text-decoration: none; 38 | } 39 | 40 | table,tr,td { 41 | font-family: helvetica, arial, geneva, sans-serif; 42 | font-size: 12px; 43 | } 44 | 45 | img { 46 | border: none; 47 | } 48 | 49 | textarea { 50 | font-family: helvetica, arial, geneva, sans-serif; 51 | font-size: 12px; 52 | color: black; 53 | } 54 | 55 | .table2 { 56 | 57 | } 58 | 59 | .lgrad { 60 | background-image: url("../lgrad.jpg"); 61 | background-repeat: repeat-y; 62 | width: 19px; 63 | } 64 | 65 | .linegrad { 66 | background-image: url(../linegrad.PNG); 67 | background-repeat: repeat-y; 68 | background-position: center; 69 | width: 2px; 70 | } 71 | 72 | .rgrad { 73 | background-image: url(../rgrad.jpg); 74 | background-repeat: repeat-y; 75 | width: 19px; 76 | } 77 | 78 | .dgrad { 79 | background-image: url(../dgrad.jpg); 80 | background-repeat: repeat-x; 81 | height: 38px; 82 | } 83 | 84 | .dgradl { 85 | background-image: url(../dgradl.jpg); 86 | background-repeat: no-repeat; 87 | height: 38px; 88 | width: 38px; 89 | } 90 | 91 | .dgradr { 92 | background-image: url(../dgradr.jpg); 93 | background-repeat: no-repeat; 94 | height: 38px; 95 | width: 38px; 96 | } 97 | 98 | .center { 99 | width: 932px; 100 | background-color: #FFFFFF; 101 | vertical-align: top; 102 | text-align: center; 103 | } 104 | 105 | .table { 106 | background-color: #000000; 107 | } 108 | 109 | .table td { 110 | background-color: #DEDEDE; 111 | height: 22px; 112 | } 113 | 114 | .table3 td { 115 | background-color: #CCCCCC; 116 | } 117 | 118 | td .alt { 119 | background-color: #EEEEEE; 120 | height: 22px; 121 | } 122 | 123 | td .h { 124 | background-image: url(../tablehgrad.png); 125 | background-repeat: repeat-x; 126 | font-weight: bold; 127 | background-color: #D6D6D6; 128 | } 129 | 130 | .table th { 131 | background-image: url(../tablehgrad.png); 132 | background-repeat: repeat-x; 133 | font-weight: bold; 134 | background-color: #D6D6D6; 135 | } 136 | -------------------------------------------------------------------------------- /css/register.css: -------------------------------------------------------------------------------- 1 | @CHARSET "ISO-8859-1"; 2 | /** 3 | * MCCodes Version 2.0.5b 4 | * Copyright (C) 2005-2012 Dabomstew 5 | * All rights reserved. 6 | * 7 | * Redistribution of this code in any form is prohibited, except in 8 | * the specific cases set out in the MCCodes Customer License. 9 | * 10 | * This code license may be used to run one (1) game. 11 | * A game is defined as the set of users and other game database data, 12 | * so you are permitted to create alternative clients for your game. 13 | * 14 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 15 | * using it illegally. Please contact MCCodes to discuss licensing options 16 | * in this case. 17 | * 18 | * File: css/register.css 19 | * Signature: ee13a1eed2e4bf7902ac57305a6820a8 20 | * Date: Fri, 20 Apr 12 08:50:30 +0000 21 | */ 22 | 23 | body { 24 | background-color: #DEDEDE; 25 | margin-top: 0; 26 | margin-bottom: 0; 27 | font-family: Verdana, Arial, Helvetica, sans-serif; 28 | font-size: 12px; 29 | } 30 | 31 | .lgrad { 32 | background-image: url("../lgrad.jpg"); 33 | background-repeat: repeat-y; 34 | width: 19px; 35 | } 36 | 37 | .linegrad { 38 | background-image: url(../linegrad.PNG); 39 | background-repeat: repeat-y; 40 | background-position: center; 41 | width: 2px; 42 | } 43 | 44 | .rgrad { 45 | background-image: url(../rgrad.jpg); 46 | background-repeat: repeat-y; 47 | width: 19px; 48 | } 49 | 50 | .dgrad { 51 | background-image: url(../dgrad.jpg); 52 | background-repeat: repeat-x; 53 | height: 38px; 54 | } 55 | 56 | .dgradl { 57 | background-image: url(../dgradl.jpg); 58 | background-repeat: no-repeat; 59 | height: 38px; 60 | width: 38px; 61 | } 62 | 63 | .dgradr { 64 | background-image: url(../dgradr.jpg); 65 | background-repeat: no-repeat; 66 | height: 38px; 67 | width: 38px; 68 | } 69 | 70 | .center { 71 | width: 932px; 72 | background-color: #FFFFFF; 73 | vertical-align: top; 74 | text-align: center; 75 | } 76 | 77 | .table { 78 | background-color: #000000; 79 | } 80 | 81 | .table td { 82 | background-color: #DEDEDE; 83 | height: 22px; 84 | } 85 | 86 | .table3 td { 87 | background-color: #CCCCCC; 88 | } 89 | 90 | td .alt { 91 | background-color: #EEEEEE; 92 | height: 22px; 93 | } 94 | 95 | td .h { 96 | background-image: url(../tablehgrad.png); 97 | background-repeat: repeat-x; 98 | font-weight: bold; 99 | background-color: #D6D6D6; 100 | } 101 | 102 | .table th { 103 | background-image: url(../tablehgrad.png); 104 | background-repeat: repeat-x; 105 | font-weight: bold; 106 | background-color: #D6D6D6; 107 | } 108 | -------------------------------------------------------------------------------- /dgrad.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/dgrad.jpg -------------------------------------------------------------------------------- /dgradl.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/dgradl.jpg -------------------------------------------------------------------------------- /dgradr.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/dgradr.jpg -------------------------------------------------------------------------------- /dlarchive.php: -------------------------------------------------------------------------------- 1 | 24 | 25 | From 26 | Subject/Message 27 | "; 28 | $q = 29 | $db->query( 30 | "SELECT `mail_time`, `mail_subject`, `mail_text`, 31 | `userid`, `username` 32 | FROM `mail` AS `m` 33 | LEFT JOIN `users` AS `u` ON `m`.`mail_from` = `u`.`userid` 34 | WHERE `m`.`mail_to` = $userid 35 | ORDER BY `mail_time` DESC"); 36 | while ($r = $db->fetch_row($q)) 37 | { 38 | $sent = date('F j, Y, g:i:s a', (int)$r['mail_time']); 39 | echo ' 40 | '; 41 | if ($r['userid']) 42 | { 43 | echo "{$r['username']} [{$r['userid']}]"; 44 | } 45 | else 46 | { 47 | echo 'SYSTEM'; 48 | } 49 | echo " 50 | {$r['mail_subject']} 51 | 52 | 53 | Sent at: $sent 54 | {$r['mail_text']} 55 | "; 56 | } 57 | $db->free_result($q); 58 | echo ''; 59 | } 60 | elseif ($_GET['a'] == 'outbox') 61 | { 62 | header('Content-type: text/html'); 63 | header( 64 | 'Content-Disposition: attachment; ' . 'filename="outbox_archive_' 65 | . $userid . '_' . time() . '.htm"'); 66 | echo " 67 | 68 | 69 | 70 | "; 71 | $q = 72 | $db->query( 73 | "SELECT `mail_time`, `mail_subject`, `mail_text`, 74 | `userid`, `username` 75 | FROM `mail` AS `m` 76 | LEFT JOIN `users` AS `u` ON `m`.`mail_to` = `u`.`userid` 77 | WHERE `m`.`mail_from` = $userid 78 | ORDER BY `mail_time` DESC"); 79 | while ($r = $db->fetch_row($q)) 80 | { 81 | $sent = date('F j, Y, g:i:s a', (int)$r['mail_time']); 82 | echo " 83 | 84 | 85 | 86 | 87 | 88 | 89 | "; 90 | } 91 | $db->free_result($q); 92 | echo '
ToSubject/Message
{$r['username']} [{$r['userid']}]{$r['mail_subject']}
Sent at: $sent{$r['mail_text']}
'; 93 | } 94 | else 95 | { 96 | header('HTTP/1.1 400 Bad Request'); 97 | exit; 98 | } 99 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | web: 3 | image: php:8.3-apache 4 | ports: 5 | - "4567:80" 6 | - "4568:443" 7 | depends_on: 8 | - db 9 | volumes: 10 | - .:/var/www/html/. 11 | restart: "no" 12 | db: 13 | image: mysql 14 | ports: 15 | - "3306:3306" 16 | environment: 17 | MYSQL_ROOT_PASSWORD: rootpass1 18 | MYSQL_DATABASE: mccv2 19 | phpmyadmin: 20 | image: phpmyadmin/phpmyadmin 21 | ports: 22 | - "4569:8080" 23 | depends_on: 24 | - db 25 | links: 26 | - web 27 | environment: 28 | PMA_HOST: db 29 | 30 | # Note: 31 | # If you encounter either mysqli not being found or captcha images not loading, chances are that the docker image was updated and those modules are no longer part of it 32 | # A new image will be built for this so that the dependencies are there and ready for immediate development 33 | # For now, log into the running container's shell - assuming default config, it'll be named something like "mccodesv2-php-web-1" 34 | # Execute the following command: 35 | # apt install libpng-dev -y && docker-php-ext-install mysqli gd 36 | # Optionally, you can also install a couple of useful PHP packages 37 | # docker-php-ext-install mbstring pdo pdo_mysql sockets sodium xsl 38 | 39 | # After installation, the extensions should automatically be enabled (where applicable). If not, you can enable them manually. 40 | # docker-php-ext-enable mysqli gd 41 | 42 | # Note (cont.) 43 | # Be sure to restart the Apache container to apply your changes! 44 | -------------------------------------------------------------------------------- /docrime.php: -------------------------------------------------------------------------------- 1 | 0 || $ir['hospital'] > 0) 20 | { 21 | die('This page cannot be accessed while in jail or hospital.'); 22 | } 23 | if ($_GET['c'] <= 0) 24 | { 25 | echo 'Invalid crime'; 26 | } 27 | else 28 | { 29 | $q = 30 | $db->query( 31 | "SELECT * 32 | FROM `crimes` 33 | WHERE `crimeID` = {$_GET['c']} 34 | LIMIT 1"); 35 | if ($db->num_rows($q) == 0) 36 | { 37 | echo 'Invalid crime.'; 38 | $h->endpage(); 39 | exit; 40 | } 41 | $r = $db->fetch_row($q); 42 | $db->free_result($q); 43 | if ($ir['brave'] < $r['crimeBRAVE']) 44 | { 45 | echo 'You do not have enough Brave to perform this crime.'; 46 | } 47 | else 48 | { 49 | $ec = 50 | '$sucrate=' 51 | . str_replace( 52 | ['LEVEL', 'CRIMEXP', 'EXP', 'WILL', 'IQ'], 53 | [$ir['level'], $ir['crimexp'], 54 | $ir['exp'], $ir['will'], $ir['IQ']], 55 | $r['crimePERCFORM']) . ';'; 56 | eval($ec); 57 | print $r['crimeITEXT']; 58 | $ir['brave'] -= $r['crimeBRAVE']; 59 | $db->query( 60 | "UPDATE `users` 61 | SET `brave` = {$ir['brave']} 62 | WHERE `userid` = $userid"); 63 | if (rand(1, 100) <= $sucrate) 64 | { 65 | print 66 | str_replace('{money}', $r['crimeSUCCESSMUNY'], 67 | $r['crimeSTEXT']); 68 | $ir['money'] += $r['crimeSUCCESSMUNY']; 69 | $ir['crystals'] += $r['crimeSUCCESSCRYS']; 70 | $ir['exp'] += (int) ($r['crimeSUCCESSMUNY'] / 8); 71 | $db->query( 72 | "UPDATE `users` 73 | SET `money` = {$ir['money']}, 74 | `crystals` = {$ir['crystals']}, `exp` = {$ir['exp']}, 75 | `crimexp` = `crimexp` + {$r['crimeXP']} 76 | WHERE `userid` = $userid"); 77 | if ($r['crimeSUCCESSITEM']) 78 | { 79 | item_add($userid, $r['crimeSUCCESSITEM'], 1); 80 | } 81 | } elseif (rand(1, 2) == 1) { 82 | print $r['crimeFTEXT']; 83 | } else { 84 | print $r['crimeJTEXT']; 85 | $db->query( 86 | "UPDATE `users` 87 | SET `jail` = '{$r['crimeJAILTIME']}', 88 | `jail_reason` = '{$r['crimeJREASON']}' 89 | WHERE `userid` = $userid"); 90 | } 91 | 92 | echo "
Try Again
93 | Crimes"; 94 | } 95 | } 96 | 97 | $h->endpage(); 98 | -------------------------------------------------------------------------------- /donator.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/donator.gif -------------------------------------------------------------------------------- /donatordone.php: -------------------------------------------------------------------------------- 1 | endpage(); 28 | exit; 29 | } 30 | echo 'Thank you for your payment to ' . $set['game_name'] 31 | . '. Your transaction has been completed, and a receipt for 32 | your purchase has been emailed to you. You may log into your 33 | account at www.paypal.com 34 | to view details of this transaction. 35 | Your donator pack should be credited within a few minutes, 36 | if not, contact an admin for assistance.'; 37 | } 38 | $h->endpage(); 39 | -------------------------------------------------------------------------------- /education.php: -------------------------------------------------------------------------------- 1 | Schooling'; 13 | if ($ir['course'] > 0) 14 | { 15 | $cd = 16 | $db->query( 17 | "SELECT `crNAME` 18 | FROM `courses` 19 | WHERE `crID` = {$ir['course']}"); 20 | $coud = $db->fetch_row($cd); 21 | $db->free_result($cd); 22 | echo "You are currently doing the {$coud['crNAME']}, you have 23 | {$ir['cdays']} days remaining."; 24 | } elseif (isset($_GET['cstart'])) { 25 | $_GET['cstart'] = abs((int)$_GET['cstart']); 26 | //Verify. 27 | $cd = 28 | $db->query( 29 | "SELECT `crCOST`, `crDAYS`, `crNAME` 30 | FROM `courses` 31 | WHERE `crID` = {$_GET['cstart']}"); 32 | if ($db->num_rows($cd) == 0) { 33 | echo 'You are trying to start a non-existent course!'; 34 | } else { 35 | $coud = $db->fetch_row($cd); 36 | $db->free_result($cd); 37 | $cdo = 38 | $db->query( 39 | "SELECT COUNT(`userid`) 40 | FROM `coursesdone` 41 | WHERE `userid` = $userid 42 | AND `courseid` = {$_GET['cstart']}"); 43 | if ($ir['money'] < $coud['crCOST']) { 44 | echo "You don't have enough money to start this course."; 45 | $h->endpage(); 46 | exit; 47 | } 48 | if ($db->fetch_single($cdo) > 0) { 49 | $db->free_result($cdo); 50 | echo 'You have already done this course.'; 51 | $h->endpage(); 52 | exit; 53 | } 54 | $db->free_result($cdo); 55 | $db->query( 56 | "UPDATE `users` 57 | SET `course` = {$_GET['cstart']}, 58 | `cdays` = {$coud['crDAYS']}, 59 | `money` = `money` - {$coud['crCOST']} 60 | WHERE `userid` = $userid"); 61 | echo "You have started the {$coud['crNAME']}, 62 | it will take {$coud['crDAYS']} days to complete."; 63 | } 64 | } else { 65 | //list courses 66 | echo 'Here is a list of available courses.
'; 67 | $q = 68 | $db->query( 69 | 'SELECT `crID`, `crNAME`, `crDESC`, `crCOST` 70 | FROM `courses`'); 71 | echo " 72 | 73 | 74 | 75 | 76 | 77 | "; 78 | while ($r = $db->fetch_row($q)) { 79 | $cdo = 80 | $db->query( 81 | "SELECT COUNT(`userid`) 82 | FROM `coursesdone` 83 | WHERE `userid` = $userid 84 | AND `courseid` = {$r['crID']}"); 85 | if ($db->fetch_single($cdo) > 0) { 86 | $do = 'Done'; 87 | } else { 88 | $do = "Take"; 89 | } 90 | $db->free_result($cdo); 91 | echo " 92 | 93 | 94 | 96 | 97 | "; 98 | } 99 | $db->free_result($q); 100 | echo '
CourseDescriptionCostTake
{$r['crNAME']}{$r['crDESC']}" . money_formatter((int)$r['crCOST']) 95 | . "$do
'; 101 | } 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /equip_armor.php: -------------------------------------------------------------------------------- 1 | query( 17 | "SELECT `armor`, `itmid`, `itmname` 18 | FROM `inventory` AS `iv` 19 | LEFT JOIN `items` AS `it` 20 | ON `iv`.`inv_itemid` = `it`.`itmid` 21 | WHERE `iv`.`inv_id` = {$_GET['ID']} 22 | AND `iv`.`inv_userid` = $userid 23 | LIMIT 1"); 24 | if ($db->num_rows($id) == 0) 25 | { 26 | $db->free_result($id); 27 | echo 'Invalid item ID'; 28 | $h->endpage(); 29 | exit; 30 | } 31 | else 32 | { 33 | $r = $db->fetch_row($id); 34 | $db->free_result($id); 35 | } 36 | if ($r['armor'] <= 0) 37 | { 38 | echo 'This item cannot be equipped to this slot.'; 39 | $h->endpage(); 40 | exit; 41 | } 42 | if (isset($_POST['type'])) 43 | { 44 | if ($_POST['type'] !== 'equip_armor') 45 | { 46 | echo 'This slot ID is not valid.'; 47 | $h->endpage(); 48 | exit; 49 | } 50 | if ($ir['equip_armor'] > 0) 51 | { 52 | item_add($userid, $ir['equip_armor'], 1); 53 | } 54 | item_remove($userid, $r['itmid'], 1); 55 | $db->query( 56 | "UPDATE `users` 57 | SET `equip_armor` = {$r['itmid']} 58 | WHERE `userid` = {$userid}"); 59 | echo "Item {$r['itmname']} equipped successfully."; 60 | } 61 | else 62 | { 63 | echo "

Equip Armor


64 |
65 | Click Equip Armor to equip {$r['itmname']} as your armor, 66 | if you currently have any armor equipped it will be removed back 67 | to your inventory.
68 | 69 | 70 |
"; 71 | } 72 | $h->endpage(); 73 | -------------------------------------------------------------------------------- /equip_weapon.php: -------------------------------------------------------------------------------- 1 | query( 17 | "SELECT `weapon`, `itmid`, `itmname` 18 | FROM `inventory` AS `iv` 19 | LEFT JOIN `items` AS `it` 20 | ON `iv`.`inv_itemid` = `it`.`itmid` 21 | WHERE `iv`.`inv_id` = {$_GET['ID']} 22 | AND `iv`.`inv_userid` = $userid 23 | LIMIT 1"); 24 | if ($db->num_rows($id) == 0) 25 | { 26 | $db->free_result($id); 27 | echo 'Invalid item ID'; 28 | $h->endpage(); 29 | exit; 30 | } 31 | else 32 | { 33 | $r = $db->fetch_row($id); 34 | $db->free_result($id); 35 | } 36 | if (!$r['weapon']) 37 | { 38 | echo 'This item cannot be equipped to this slot.'; 39 | $h->endpage(); 40 | exit; 41 | } 42 | if (isset($_POST['type'])) 43 | { 44 | if (!in_array($_POST['type'], ['equip_primary', 'equip_secondary'], 45 | true)) 46 | { 47 | echo 'This slot ID is not valid.'; 48 | $h->endpage(); 49 | exit; 50 | } 51 | if ($ir[$_POST['type']] > 0) 52 | { 53 | item_add($userid, $ir[$_POST['type']], 1); 54 | } 55 | item_remove($userid, $r['itmid'], 1); 56 | $db->query( 57 | "UPDATE `users` 58 | SET `{$_POST['type']}` = {$r['itmid']} 59 | WHERE `userid` = {$userid}"); 60 | echo "Item {$r['itmname']} equipped successfully."; 61 | } 62 | else 63 | { 64 | echo "

Equip Weapon


65 |
66 | Please choose the slot to equip {$r['itmname']} to, 67 | if there is already a weapon in that slot, 68 | it will be removed back to your inventory.
69 | 70 | Primary
71 | 72 | Secondary
73 | 74 |
"; 75 | } 76 | $h->endpage(); 77 | -------------------------------------------------------------------------------- /estate.php: -------------------------------------------------------------------------------- 1 | query( 14 | "SELECT * 15 | FROM `houses` 16 | WHERE `hWILL` = {$ir['maxwill']} 17 | LIMIT 1"); 18 | $mp = $db->fetch_row($mpq); 19 | $db->free_result($mpq); 20 | if (isset($_GET['property']) && is_numeric($_GET['property'])) 21 | { 22 | $_GET['property'] = abs((int) $_GET['property']); 23 | $npq = 24 | $db->query( 25 | "SELECT `hWILL`, `hPRICE`, `hNAME` 26 | FROM `houses` 27 | WHERE `hID` = {$_GET['property']}"); 28 | if ($db->num_rows($npq) == 0) 29 | { 30 | $db->free_result($npq); 31 | echo "That house doesn't exist."; 32 | $h->endpage(); 33 | exit; 34 | } 35 | $np = $db->fetch_row($npq); 36 | $db->free_result($npq); 37 | if ($np['hWILL'] < $mp['hWILL']) 38 | { 39 | echo 'You cannot go backwards in houses!'; 40 | } 41 | elseif ($np['hPRICE'] > $ir['money']) 42 | { 43 | echo "You do not have enough money to buy the {$np['hNAME']}."; 44 | } 45 | else 46 | { 47 | $db->query( 48 | "UPDATE `users` 49 | SET `money` = `money` - {$np['hPRICE']}, 50 | `will` = 0, `maxwill` = {$np['hWILL']} 51 | WHERE `userid` = $userid"); 52 | echo "Congrats, you bought the {$np['hNAME']} for " 53 | . money_formatter($np['hPRICE']) . '!'; 54 | } 55 | } 56 | elseif (isset($_GET['sellhouse'])) 57 | { 58 | if ($ir['maxwill'] == 100) 59 | { 60 | echo 'You already live in the lowest property!'; 61 | } 62 | else 63 | { 64 | $db->query( 65 | "UPDATE `users` 66 | SET `money` = `money` + {$mp['hPRICE']}, 67 | `will` = 0, `maxwill` = 100 68 | WHERE `userid` = $userid"); 69 | echo "You sold your {$mp['hNAME']} and went back to your shed."; 70 | } 71 | } 72 | else 73 | { 74 | echo "Your current property: {$mp['hNAME']}
75 | The houses you can buy are listed below. Click a house to buy it.
"; 76 | if ($ir['maxwill'] > 100) 77 | { 78 | echo "Sell Your House
"; 79 | } 80 | $hq = 81 | $db->query( 82 | "SELECT * 83 | FROM `houses` 84 | WHERE `hWILL` > {$ir['maxwill']} 85 | ORDER BY `hWILL` ASC"); 86 | while ($r = $db->fetch_row($hq)) 87 | { 88 | echo "{$r['hNAME']}" 89 | . '   - Cost: ' . money_formatter($r['hPRICE']) 90 | . "   - Will Bar: {$r['hWILL']}
"; 91 | } 92 | $db->free_result($hq); 93 | } 94 | $h->endpage(); 95 | -------------------------------------------------------------------------------- /events.php: -------------------------------------------------------------------------------- 1 | 0) 18 | { 19 | $d_c = 20 | $db->query( 21 | "SELECT COUNT(`evUSER`) 22 | FROM `events` 23 | WHERE `evID` = {$_GET['delete']} 24 | AND `evUSER` = {$userid}"); 25 | if ($db->fetch_single($d_c) == 0) 26 | { 27 | echo 'Event doesn\'t exist
'; 28 | } 29 | else 30 | { 31 | $db->query( 32 | "DELETE FROM `events` 33 | WHERE `evID` = {$_GET['delete']} 34 | AND `evUSER` = {$userid}"); 35 | echo 'Event Deleted
'; 36 | } 37 | $db->free_result($d_c); 38 | } 39 | if (isset($_GET['delall']) && $_GET['delall']) 40 | { 41 | $delall_verf = request_csrf_code('events_delall'); 42 | echo " 43 | This will delete all your events.
44 | There is NO undo, so be sure.
45 | > Yes, 46 | delete all my events
47 | > No, go back
48 | "; 49 | $h->endpage(); 50 | exit; 51 | } 52 | if (isset($_GET['delall2']) && $_GET['delall2']) 53 | { 54 | if (!isset($_GET['verf']) 55 | || !verify_csrf_code('events_delall', stripslashes($_GET['verf']))) 56 | { 57 | echo '

Error


58 | This action has been blocked for your security.
59 | You should submit this action fast, 60 | to ensure that it is really you doing it.
61 | > Try Again'; 62 | $h->endpage(); 63 | exit; 64 | } 65 | $am = 66 | $db->fetch_single( 67 | $db->query( 68 | "SELECT COUNT(`evID`) 69 | FROM `events` 70 | WHERE `evUSER` = $userid")); 71 | if ($am == 0) 72 | { 73 | echo 'You have no events to delete.
74 | > Go Back'; 75 | $h->endpage(); 76 | exit; 77 | } 78 | $db->query("DELETE FROM `events` 79 | WHERE `evUSER` = $userid"); 80 | echo " 81 | All {$am} events you had were deleted.
82 |
> Go Back 83 | "; 84 | $h->endpage(); 85 | exit; 86 | } 87 | echo " 88 | Latest 10 events 89 |
90 | > Delete All Events 91 |
92 | "; 93 | $q = 94 | $db->query( 95 | "SELECT `evTIME`, `evREAD`, `evTEXT`, `evID` 96 | FROM `events` 97 | WHERE `evUSER` = $userid 98 | ORDER BY `evTIME` DESC 99 | LIMIT 10"); 100 | echo " 101 | 102 | 103 | 104 | 105 | 106 | 107 | "; 108 | while ($r = $db->fetch_row($q)) 109 | { 110 | echo ' 111 | 117 | 118 | 119 | "; 120 | } 121 | echo '
TimeEventLinks
' . date('F j Y, g:i:s a', (int)$r['evTIME']); 112 | if (!$r['evREAD']) 113 | { 114 | echo '
New!'; 115 | } 116 | echo "
{$r['evTEXT']}Delete
'; 122 | $db->free_result($q); 123 | if ($ir['new_events'] > 0) 124 | { 125 | $db->query( 126 | "UPDATE `events` 127 | SET `evREAD` = 1 128 | WHERE `evUSER` = $userid"); 129 | $db->query( 130 | "UPDATE `users` 131 | SET `new_events` = 0 132 | WHERE `userid` = $userid"); 133 | } 134 | $h->endpage(); 135 | -------------------------------------------------------------------------------- /explore.php: -------------------------------------------------------------------------------- 1 | 0 || $ir['hospital'] > 0) 14 | { 15 | die('This page cannot be accessed while in jail or hospital.'); 16 | } 17 | echo "You begin exploring the area you're in, 18 | you see a bit that interests you.
19 | 20 | 21 | 27 | 38 | 52 | 53 | 54 | 62 | 68 | 69 |
22 | Market Place
23 | Shops
24 | Item Market
25 | Crystal Market 26 |
28 | Serious Money Makers
29 | Travel Agency
30 | Estate Agent
31 | City Bank"; 32 | if ($ir['location'] == 5) 33 | { 34 | echo "
35 | Cyber Bank
"; 36 | } 37 | echo "
39 | Dark Side
40 | Gangs
41 | Gang Wars
42 | Federal Jail
43 | Slots Machine
44 | Roulette
45 | Lucky Boxes"; 46 | if ($ir['location'] == 5) 47 | { 48 | echo "
49 | Super Slots
"; 50 | } 51 | echo "
55 | Statistics Dept
56 | User List
57 | {$set['game_name']} Staff
58 | Hall of Fame
59 | Game Stats
60 | Users Online 61 |
63 | Mysterious
64 | Crystal Temple
65 | Battle Tent
66 | Polling Booth
67 |
70 |

71 | This is your referal link: https://{$domain}/register.php?REF={$userid}
72 | Every signup from this link earns you two valuable crystals!"; 73 | $h->endpage(); 74 | -------------------------------------------------------------------------------- /fedjail.php: -------------------------------------------------------------------------------- 1 | query( 14 | 'SELECT `fed_userid`, `fed_days`, `fed_reason`, `fed_jailedby`, 15 | `u`.`username`, `u2`.`username` AS `jailer` 16 | FROM `fedjail` AS `f` 17 | LEFT JOIN `users` AS `u` 18 | ON `f`.`fed_userid` = `u`.`userid` 19 | LEFT JOIN `users` AS `u2` 20 | ON `f`.`fed_jailedby` = `u2`.`userid` 21 | ORDER BY `f`.`fed_days` ASC'); 22 | echo "Federal Jail
23 | If you ever cheat the game your name will become a permanent 24 | part of this list...
25 | 26 | 27 | 28 | 29 | 30 | 31 | "; 32 | while ($r = $db->fetch_row($q)) 33 | { 34 | echo " 35 | 38 | 39 | 40 | 43 | "; 44 | } 45 | $db->free_result($q); 46 | echo '
WhoDaysReasonJailer
36 | {$r['username']} 37 | {$r['fed_days']}{$r['fed_reason']} 41 | {$r['jailer']} 42 |
'; 47 | $q = 48 | $db->query( 49 | 'SELECT `userid`, `username`, `mailban`, `mb_reason` 50 | FROM `users` 51 | WHERE `mailban` > 0 52 | ORDER BY `mailban` ASC'); 53 | echo "Mail Ban
54 | If you ever swear or do other bad things with mail, 55 | your name will become a permanent part of this list...
56 | 57 | 58 | 59 | 60 | 61 | "; 62 | while ($r = $db->fetch_row($q)) 63 | { 64 | echo " 65 | 66 | 67 | 68 | 69 | "; 70 | } 71 | $db->free_result($q); 72 | echo '
WhoDaysReason
{$r['username']}{$r['mailban']}{$r['mb_reason']}
'; 73 | $h->endpage(); 74 | -------------------------------------------------------------------------------- /gamerules.php: -------------------------------------------------------------------------------- 1 | {$set['game_name']} Rules and Regulations 14 |
    15 |
  1. Players are only allowed to have one account, owning two or more accounts 16 | will result in all accounts being jailed, if you are on the same IP as another 17 | player, mail staff and let them know.
  2. 18 |
  3. You are responsible for whatever happens on your account, don't give out 19 | your password to anyone.
  4. 20 |
  5. Children play this game, so keep it PG-13. Mild swearing will be 21 | permitted, but F-bombing, sexual vulgarities or excessive swearing will result 22 | in some time in Fed until you clean up your act.
  6. 23 |
  7. Profile images with nudity, profanity, or otherwise offensive images will 24 | be removed, and may result in jail time.
  8. 25 |
  9. We understand that you play other games, but do not advertise them here. 26 | You get 1 warning, afterwards its Fed time.
  10. 27 |
  11. Do not spam the staff's mailbox, if you have a problem, message one of us 28 | once. They will deal with your problem in a timely manner, but do not mail 29 | them repeatedly, or mail multiple staff members.
  12. 30 |
  13. Do not harrass other players, use common sense on this one, if you don't 31 | know when your crossing the line from fantasy into harrassment, assume that 32 | you are harrassing the other player. This will not be tolerated and will 33 | result in a stiff punishment.
  14. 34 |
  15. Scamming will not be tolerated in any manner. Any attempt to scam anyone 35 | will result in being jailed for a long long time.
  16. 36 |
  17. If a member of staff is bothering you for any unfair or just plain, weird 37 | reason, mail an administrator.
  18. 38 |
  19. Common sense rules are not posted here, if you can't determine the 39 | difference between what is ok, and what is not, you should consider not 40 | interacting with other people until you do understand.
  20. 41 |
  21. These rules are subject to change without notice, check them from time 42 | to time, as ignorance will not be accepted as an excuse.
  22. 43 |
44 | EOF; 45 | $h->endpage(); 46 | -------------------------------------------------------------------------------- /gangcentral.php: -------------------------------------------------------------------------------- 1 | Gang Central 13 | > Create A Gang Here
14 |
Gang Listings
15 | 16 | 17 | 18 | 19 | 20 | 21 | "; 22 | $gq = 23 | $db->query( 24 | 'SELECT `gangID`, `gangNAME`, `gangRESPECT`, 25 | `userid`, `username` 26 | FROM `gangs` AS `g` 27 | LEFT JOIN `users` AS `u` ON `g`.`gangPRESIDENT` = `u`.`userid` 28 | ORDER BY `g`.`gangID` ASC'); 29 | while ($gangdata = $db->fetch_row($gq)) 30 | { 31 | echo " 32 | 33 | 42 | 43 | 44 | "; 45 | $db->free_result($cnt); 46 | } 47 | $db->free_result($gq); 48 | echo '
GangMembersPresidentRespect Level
{$gangdata['gangNAME']}"; 34 | $cnt = 35 | $db->query( 36 | "SELECT COUNT(`userid`) 37 | FROM `users` 38 | WHERE `gang` = {$gangdata['gangID']}"); 39 | print 40 | $db->fetch_single($cnt) 41 | . "{$gangdata['username']}{$gangdata['gangRESPECT']}
'; 49 | $h->endpage(); 50 | -------------------------------------------------------------------------------- /gangwars.php: -------------------------------------------------------------------------------- 1 | Gang Wars 13 | "; 14 | $q = 15 | $db->query( 16 | "SELECT `w`.*, `g1`.`gangNAME` AS `declarer`, 17 | `g1`.`gangRESPECT` AS `drespect`, 18 | `g2`.`gangNAME` AS `defender`, 19 | `g2`.`gangRESPECT` AS `frespect` 20 | FROM `gangwars` AS `w` 21 | INNER JOIN `gangs` AS `g1` 22 | ON `w`.`warDECLARER` = `g1`.`gangID` 23 | INNER JOIN `gangs` AS `g2` 24 | ON `w`.`warDECLARED` = `g2`.`gangID` 25 | WHERE `g1`.`gangNAME` != '' 26 | AND `g2`.`gangNAME` != ''"); 27 | if ($db->num_rows($q) > 0) 28 | { 29 | while ($r = $db->fetch_row($q)) 30 | { 31 | echo " 32 | 37 | 38 | 43 | "; 44 | } 45 | echo '
33 | 34 | {$r['declarer']} 35 | [{$r['drespect']} respect] 36 | vs. 39 | 40 | {$r['defender']} 41 | [{$r['frespect']} respect] 42 |
'; 46 | } 47 | else 48 | { 49 | echo 'There are currently no gang wars in progress.'; 50 | } 51 | $db->free_result($q); 52 | $h->endpage(); 53 | -------------------------------------------------------------------------------- /globals.php: -------------------------------------------------------------------------------- 1 | configure($_CONFIG['hostname'], $_CONFIG['username'], 41 | $_CONFIG['password'], $_CONFIG['database']); 42 | $db->connect(); 43 | $c = $db->connection_id; 44 | $set = get_site_settings(); 45 | if ($set['use_timestamps_over_crons']) { 46 | define('SILENT_CRONS', true); 47 | try { 48 | require_once __DIR__ . '/crons/cronless_crons.php'; 49 | } catch (Exception $e) { 50 | echo 'An error occurred' . (defined('DEBUG') && DEBUG ? ':
'.$e->getMessage() : ''); 51 | exit; 52 | } 53 | } 54 | global $jobquery, $housequery; 55 | if (isset($jobquery) && $jobquery) 56 | { 57 | $is = 58 | $db->query( 59 | "SELECT `u`.*, `us`.*, `j`.*, `jr`.* 60 | FROM `users` AS `u` 61 | INNER JOIN `userstats` AS `us` 62 | ON `u`.`userid`=`us`.`userid` 63 | LEFT JOIN `jobs` AS `j` ON `j`.`jID` = `u`.`job` 64 | LEFT JOIN `jobranks` AS `jr` 65 | ON `jr`.`jrID` = `u`.`jobrank` 66 | WHERE `u`.`userid` = {$userid} 67 | LIMIT 1"); 68 | } 69 | elseif (isset($housequery) && $housequery) 70 | { 71 | $is = 72 | $db->query( 73 | "SELECT `u`.*, `us`.*, `h`.* 74 | FROM `users` AS `u` 75 | INNER JOIN `userstats` AS `us` 76 | ON `u`.`userid`=`us`.`userid` 77 | LEFT JOIN `houses` AS `h` ON `h`.`hWILL` = `u`.`maxwill` 78 | WHERE `u`.`userid` = {$userid} 79 | LIMIT 1"); 80 | } 81 | else 82 | { 83 | $is = 84 | $db->query( 85 | "SELECT `u`.*, `us`.* 86 | FROM `users` AS `u` 87 | INNER JOIN `userstats` AS `us` 88 | ON `u`.`userid`=`us`.`userid` 89 | WHERE `u`.`userid` = {$userid} 90 | LIMIT 1"); 91 | } 92 | $ir = $db->fetch_row($is); 93 | set_userdata_data_types($ir); 94 | if ($ir['force_logout'] > 0) 95 | { 96 | $db->query( 97 | "UPDATE `users` 98 | SET `force_logout` = 0 99 | WHERE `userid` = {$userid}"); 100 | session_unset(); 101 | session_destroy(); 102 | $login_url = "https://{$domain}/login.php"; 103 | header("Location: {$login_url}"); 104 | exit; 105 | } 106 | global $macropage; 107 | if ($macropage && !$ir['verified'] && $set['validate_on'] == 1) 108 | { 109 | $macro_url = "https://{$domain}/macro1.php?refer=$macropage"; 110 | header("Location: {$macro_url}"); 111 | exit; 112 | } 113 | check_level(); 114 | $h = new headers(); 115 | if (!isset($nohdr) || !$nohdr) 116 | { 117 | $h->startheaders(); 118 | $fm = money_formatter($ir['money']); 119 | $cm = money_formatter($ir['crystals'], ''); 120 | $lv = date('F j, Y, g:i a', $ir['laston']); 121 | global $atkpage; 122 | if ($atkpage) 123 | { 124 | $h->userdata($ir, $lv, $fm, $cm, 0); 125 | } 126 | else 127 | { 128 | $h->userdata($ir, $lv, $fm, $cm); 129 | } 130 | global $menuhide; 131 | if (!$menuhide) 132 | { 133 | $h->menuarea(); 134 | } 135 | } 136 | -------------------------------------------------------------------------------- /globals_nonauth.php: -------------------------------------------------------------------------------- 1 | configure($_CONFIG['hostname'], $_CONFIG['username'], 31 | $_CONFIG['password'], $_CONFIG['database']); 32 | $db->connect(); 33 | $c = $db->connection_id; 34 | $set = []; 35 | $settq = $db->query('SELECT * 36 | FROM `settings`'); 37 | while ($r = $db->fetch_row($settq)) 38 | { 39 | $set[$r['conf_name']] = $r['conf_value']; 40 | } 41 | -------------------------------------------------------------------------------- /greenbar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/greenbar.png -------------------------------------------------------------------------------- /gym.php: -------------------------------------------------------------------------------- 1 | 'strength', 'Agility' => 'agility', 19 | 'Guard' => 'guard', 'Labour' => 'labour']; 20 | if (!isset($_POST['amnt'])) 21 | { 22 | $_POST['amnt'] = 0; 23 | } 24 | $_POST['amnt'] = abs((int) $_POST['amnt']); 25 | if ($ir['jail'] <= 0) 26 | { 27 | echo '

Gym


'; 28 | } 29 | else 30 | { 31 | echo '

Jail Gym


'; 32 | } 33 | if (isset($_POST['stat']) && $_POST['amnt']) 34 | { 35 | if (!isset($statnames[$_POST['stat']])) 36 | { 37 | die('This stat cannot be trained.'); 38 | } 39 | $stat = $statnames[$_POST['stat']]; 40 | if ($_POST['amnt'] > $ir['energy']) 41 | { 42 | print('You do not have enough energy to train that much.
'); 43 | } 44 | else 45 | { 46 | $gain = 0; 47 | for ($i = 0; $i < $_POST['amnt']; $i++) 48 | { 49 | $gain += 50 | rand(1, 3) / rand(800, 1000) * rand(800, 1000) 51 | * (($ir['will'] + 20) / 150); 52 | $ir['will'] -= rand(1, 3); 53 | if ($ir['will'] < 0) 54 | { 55 | $ir['will'] = 0; 56 | } 57 | } 58 | if ($ir['jail'] > 0) 59 | { 60 | $gain /= 2; 61 | } 62 | $db->query( 63 | "UPDATE `userstats` 64 | SET `{$stat}` = `{$stat}` + $gain 65 | WHERE `userid` = $userid"); 66 | $db->query( 67 | "UPDATE `users` 68 | SET `will` = {$ir['will']}, 69 | `energy` = `energy` - {$_POST['amnt']} 70 | WHERE `userid` = $userid"); 71 | $inc = $ir[$stat] + $gain; 72 | $inc2 = $ir['energy'] - $_POST['amnt']; 73 | if ($stat == 'strength') 74 | { 75 | echo "You begin lifting some weights.
76 | You have gained {$gain} strength by doing {$_POST['amnt']} sets of weights.
77 | You now have {$inc} strength and {$inc2} energy left."; 78 | } 79 | elseif ($stat == 'agility') 80 | { 81 | echo "You begin running on a treadmill.
82 | You have gained {$gain} agility by doing {$_POST['amnt']} minutes of running.
83 | You now have {$inc} agility and {$inc2} energy left."; 84 | } 85 | elseif ($stat == 'guard') 86 | { 87 | echo "You jump into the pool and begin swimming.
88 | You have gained {$gain} guard by doing {$_POST['amnt']} minutes of swimming.
89 | You now have {$inc} guard and {$inc2} energy left."; 90 | } 91 | elseif ($stat == 'labour') 92 | { 93 | echo "You walk over to some boxes filled with gym equipment and start moving them.
94 | You have gained {$gain} labour by moving {$_POST['amnt']} boxes.
95 | You now have {$inc} labour and {$inc2} energy left."; 96 | } 97 | echo '
'; 98 | $ir['energy'] -= $_POST['amnt']; 99 | $ir[$stat] += $gain; 100 | } 101 | } 102 | $ir['strank'] = get_rank($ir['strength'], 'strength'); 103 | $ir['agirank'] = get_rank($ir['agility'], 'agility'); 104 | $ir['guarank'] = get_rank($ir['guard'], 'guard'); 105 | $ir['labrank'] = get_rank($ir['labour'], 'labour'); 106 | echo "Choose the stat you want to train and the times you want to train it.
107 | You can train up to {$ir['energy']} times.
108 |
109 | Stat:
115 | Times to train:
116 |
"; 117 | $h->endpage(); 118 | -------------------------------------------------------------------------------- /hospital.php: -------------------------------------------------------------------------------- 1 | Hospital 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | "; 22 | $q = 23 | $db->query( 24 | 'SELECT `userid`, `username`, `hospital`, `level`, 25 | `hospreason`, `gangPREF` 26 | FROM `users` AS `u` 27 | LEFT JOIN `gangs` AS `g` 28 | ON `u`.`gang` = `g`.`gangID` 29 | WHERE `u`.`hospital` > 0 30 | ORDER BY `u`.`hospital` DESC'); 31 | while ($r = $db->fetch_row($q)) 32 | { 33 | echo " 34 | 35 | 36 | 37 | 38 | 39 | 40 | "; 41 | } 42 | $db->free_result($q); 43 | echo '
NameLevelTimeReason
{$r['gangPREF']} {$r['username']} [{$r['userid']}]{$r['level']}{$r['hospital']} minutes{$r['hospreason']}
'; 44 | $h->endpage(); 45 | -------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | General Info:'; 14 | $exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); 15 | echo " 16 | 17 | 18 | 19 | 20 |
Name: {$ir['username']}Crystals: {$cm}
Level: {$ir['level']}Exp: {$exp}%
Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
Property: {$ir['hNAME']}
"; 21 | echo '

Stats Info:

'; 22 | $ts = 23 | $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] 24 | + $ir['IQ']; 25 | $ir['strank'] = get_rank($ir['strength'], 'strength'); 26 | $ir['agirank'] = get_rank($ir['agility'], 'agility'); 27 | $ir['guarank'] = get_rank($ir['guard'], 'guard'); 28 | $ir['labrank'] = get_rank($ir['labour'], 'labour'); 29 | $ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); 30 | $tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); 31 | $ir['strength'] = number_format($ir['strength']); 32 | $ir['agility'] = number_format($ir['agility']); 33 | $ir['guard'] = number_format($ir['guard']); 34 | $ir['labour'] = number_format($ir['labour']); 35 | $ir['IQ'] = number_format($ir['IQ']); 36 | $ts = number_format($ts); 37 | 38 | echo " 39 | 40 | 41 | 42 | 43 | 44 | 45 |
Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
"; 46 | $_POST['pn_update'] = 47 | (isset($_POST['pn_update'])) 48 | ? strip_tags(stripslashes($_POST['pn_update'])) : ''; 49 | if (!empty($_POST['pn_update'])) 50 | { 51 | if (strlen($_POST['pn_update']) > 500) 52 | { 53 | echo '
You may only enter 500 or less characters here.'; 54 | } 55 | else 56 | { 57 | $pn_update_db = $db->escape($_POST['pn_update']); 58 | $db->query( 59 | "UPDATE `users` 60 | SET `user_notepad` = '{$pn_update_db}' 61 | WHERE `userid` = {$userid}"); 62 | $ir['user_notepad'] = $_POST['pn_update']; 63 | echo '
Personal Notepad Updated!'; 64 | } 65 | } 66 | echo "
Your Personal Notepad:
67 |
70 |
"; 71 | $h->endpage(); 72 | -------------------------------------------------------------------------------- /installer_foot.php: -------------------------------------------------------------------------------- 1 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 |
   
27 | 28 | 29 | 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /installer_head.php: -------------------------------------------------------------------------------- 1 | 16 | 17 | 18 | 19 | Mccodes Version 2.0.5b 20 | 21 | 22 | 23 | 24 | 26 | 27 | 28 | 81 | 82 |
Mccodes Version 2
30 |

Installer

If 32 | you bought this from anywhere else but 34 | MCCodes.com please click here .
Thank you 37 | for choosing MCCodes. 38 | -------------------------------------------------------------------------------- /itembuy.php: -------------------------------------------------------------------------------- 1 | query( 28 | "SELECT `itmid`, `itmbuyprice`, `itmname`, `itmbuyable`, `shopLOCATION` 29 | FROM `shopitems` AS `si` 30 | INNER JOIN `shops` AS `s` 31 | ON `si`.`sitemSHOP` = `s`.`shopID` 32 | INNER JOIN `items` AS `i` 33 | ON `si`.`sitemITEMID` = `i`.`itmid` 34 | WHERE `sitemID` = {$_GET['ID']}"); 35 | if ($db->num_rows($q) == 0) 36 | { 37 | echo 'Invalid item ID'; 38 | } 39 | else 40 | { 41 | $itemd = $db->fetch_row($q); 42 | if ($ir['money'] < ($itemd['itmbuyprice'] * $_POST['qty'])) 43 | { 44 | echo 'You don\'t have enough money to buy ' . $_POST['qty'] . ' ' 45 | . $itemd['itmname'] 46 | . '!
> Go Home'; 47 | $h->endpage(); 48 | exit; 49 | } 50 | if ($itemd['itmbuyable'] == 0) 51 | { 52 | echo 'This item can\'t be bought! 53 |
> Go Home'; 54 | $h->endpage(); 55 | exit; 56 | } 57 | if ($itemd['shopLOCATION'] != $ir['location']) 58 | { 59 | echo 'You can\'t buy items from other cities. 60 |
> Go Home'; 61 | $h->endpage(); 62 | exit; 63 | } 64 | 65 | $price = (int)($itemd['itmbuyprice'] * $_POST['qty']); 66 | item_add($userid, $itemd['itmid'], $_POST['qty']); 67 | $db->query( 68 | "UPDATE `users` 69 | SET `money` = `money` - $price 70 | WHERE `userid` = $userid"); 71 | $ib_log = 72 | $db->escape( 73 | "{$ir['username']} bought {$_POST['qty']} " 74 | . "{$itemd['itmname']}(s) for {$price}"); 75 | $db->query( 76 | "INSERT INTO `itembuylogs` 77 | VALUES (NULL, $userid, {$itemd['itmid']}, $price, {$_POST['qty']}, 78 | " . time() . ", '{$ib_log}')"); 79 | echo 'You bought ' . $_POST['qty'] . ' ' . $itemd['itmname'] . ' ' 80 | . (($_POST['qty'] > 1) ? 's' : '') . ' for ' 81 | . money_formatter($price) 82 | . '
> Goto your inventory'; 83 | } 84 | $db->free_result($q); 85 | } 86 | $h->endpage(); 87 | -------------------------------------------------------------------------------- /iteminfo.php: -------------------------------------------------------------------------------- 1 | query( 24 | "SELECT `itmname`, `itmdesc`, `itmbuyprice`, 25 | `itmsellprice`, `itmtypename` 26 | FROM `items` AS `i` 27 | INNER JOIN `itemtypes` AS `it` 28 | ON `i`.`itmtype` = `it`.`itmtypeid` 29 | WHERE `i`.`itmid` = {$itmid} 30 | LIMIT 1"); 31 | if ($db->num_rows($q) == 0) 32 | { 33 | echo 'Invalid item ID'; 34 | } 35 | else 36 | { 37 | $id = $db->fetch_row($q); 38 | echo " 39 | 40 | 41 | 42 | 43 | 44 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 66 | 73 | 74 |
Looking up info on {$id['itmname']}
The {$id['itmname']} is a/an {$id['itmtypename']} Item - {$id['itmdesc']} 45 |
Item Info
Item Buy PriceItem Sell Price
55 | "; 56 | if ($id['itmbuyprice']) 57 | { 58 | echo money_formatter((int)$id['itmbuyprice']); 59 | } 60 | else 61 | { 62 | echo 'N/A'; 63 | } 64 | echo ' 65 | 67 | '; 68 | if ($id['itmsellprice']) 69 | { 70 | echo money_formatter((int)$id['itmsellprice']) 71 | . ' 72 |
75 | '; 76 | } 77 | else 78 | { 79 | echo ' 80 | N/A
83 | '; 84 | } 85 | } 86 | $db->free_result($q); 87 | } 88 | $h->endpage(); 89 | -------------------------------------------------------------------------------- /itemsell.php: -------------------------------------------------------------------------------- 1 | query( 22 | "SELECT `inv_qty`, `itmsellprice`, `itmid`, `itmname` 23 | FROM `inventory` AS `iv` 24 | INNER JOIN `items` AS `it` 25 | ON `iv`.`inv_itemid` = `it`.`itmid` 26 | WHERE `iv`.`inv_id` = {$_GET['ID']} 27 | AND `iv`.`inv_userid` = {$userid} 28 | LIMIT 1"); 29 | if ($db->num_rows($id) == 0) 30 | { 31 | echo 'Invalid item ID'; 32 | } 33 | else 34 | { 35 | $r = $db->fetch_row($id); 36 | if (!isset($_POST['verf']) 37 | || !verify_csrf_code("sellitem_{$_GET['ID']}", 38 | stripslashes($_POST['verf']))) 39 | { 40 | echo '

Error


41 | This transaction has been blocked for your security.
42 | Please sell items quickly after you open the form - do not leave it open in tabs.
43 | > Try Again'; 44 | $h->endpage(); 45 | exit; 46 | } 47 | if ($_POST['qty'] > $r['inv_qty']) 48 | { 49 | echo 'You are trying to sell more than you have!'; 50 | } 51 | else 52 | { 53 | $price = (int)($r['itmsellprice'] * $_POST['qty']); 54 | item_remove($userid, $r['itmid'], $_POST['qty']); 55 | $db->query( 56 | "UPDATE `users` 57 | SET `money` = `money` + {$price} 58 | WHERE `userid` = $userid"); 59 | $priceh = money_formatter($price); 60 | echo 'You sold ' . $_POST['qty'] . ' ' . $r['itmname'] 61 | . '(s) for ' . $priceh; 62 | $is_log = 63 | $db->escape( 64 | "{$ir['username']} sold {$_POST['qty']} {$r['itmname']}(s) for {$priceh}"); 65 | $db->query( 66 | "INSERT INTO `itemselllogs` 67 | VALUES (NULL, $userid, {$r['itmid']}, $price, 68 | {$_POST['qty']}, " . time() . ", '{$is_log}')"); 69 | } 70 | } 71 | $db->free_result($id); 72 | } 73 | elseif (!empty($_GET['ID']) && empty($_POST['qty'])) 74 | { 75 | $id = 76 | $db->query( 77 | "SELECT `inv_qty`, `itmname` 78 | FROM `inventory` AS `iv` 79 | INNER JOIN `items` AS `it` 80 | ON `iv`.`inv_itemid` = `it`.`itmid` 81 | WHERE `iv`.`inv_id` = {$_GET['ID']} 82 | AND `iv`.`inv_userid` = {$userid} 83 | LIMIT 1"); 84 | if ($db->num_rows($id) == 0) 85 | { 86 | echo 'Invalid item ID'; 87 | } 88 | else 89 | { 90 | $r = $db->fetch_row($id); 91 | $code = request_csrf_code("sellitem_{$_GET['ID']}"); 92 | echo " 93 | Enter how many {$r['itmname']} you want to sell. You have {$r['inv_qty']} to sell. 94 |
95 |
96 | 97 | Quantity: 98 |
99 | 100 |
101 | "; 102 | } 103 | $db->free_result($id); 104 | } 105 | else 106 | { 107 | echo 'Invalid use of file.'; 108 | } 109 | $h->endpage(); 110 | -------------------------------------------------------------------------------- /itemsend.php: -------------------------------------------------------------------------------- 1 | query( 25 | "SELECT `inv_qty`, `inv_itemid`, `itmname`, `itmid` 26 | FROM `inventory` AS `iv` 27 | INNER JOIN `items` AS `it` 28 | ON `iv`.`inv_itemid` = `it`.`itmid` 29 | WHERE `iv`.`inv_id` = {$_GET['ID']} 30 | AND iv.`inv_userid` = {$userid} 31 | LIMIT 1"); 32 | if ($db->num_rows($id) == 0) 33 | { 34 | echo 'Invalid item ID'; 35 | } 36 | else 37 | { 38 | $r = $db->fetch_row($id); 39 | $m = 40 | $db->query( 41 | "SELECT `lastip`,`username` 42 | FROM `users` 43 | WHERE `userid` = {$_POST['user']} 44 | LIMIT 1"); 45 | if (!isset($_POST['verf']) 46 | || !verify_csrf_code("senditem_{$_GET['ID']}", 47 | stripslashes($_POST['verf']))) 48 | { 49 | echo '

Error


50 | This transaction has been blocked for your security.
51 | Please send items quickly after you open the form - do not leave it open in tabs.
52 | > Try Again'; 53 | $h->endpage(); 54 | exit; 55 | } 56 | elseif ($_POST['qty'] > $r['inv_qty']) 57 | { 58 | echo 'You are trying to send more than you have!'; 59 | } 60 | elseif ($db->num_rows($m) == 0) 61 | { 62 | echo 'You are trying to send to an invalid user!'; 63 | } 64 | else 65 | { 66 | $rm = $db->fetch_row($m); 67 | item_remove($userid, $r['inv_itemid'], $_POST['qty']); 68 | item_add($_POST['user'], $r['inv_itemid'], $_POST['qty']); 69 | echo 'You sent ' . $_POST['qty'] . ' ' . $r['itmname'] . '(s) to ' 70 | . $rm['username']; 71 | event_add($_POST['user'], 72 | "You received {$_POST['qty']} {$r['itmname']}(s) from {$ir['username']}"); 73 | $db->query( 74 | "INSERT INTO `itemxferlogs` 75 | VALUES(NULL, $userid, {$_POST['user']}, {$r['itmid']}, 76 | {$_POST['qty']}, " . time() 77 | . ", '{$ir['lastip']}', '{$rm['lastip']}')"); 78 | } 79 | $db->free_result($m); 80 | } 81 | $db->free_result($id); 82 | } 83 | elseif (!empty($_GET['ID'])) 84 | { 85 | $id = 86 | $db->query( 87 | "SELECT `inv_qty`, `itmname` 88 | FROM `inventory` iv 89 | INNER JOIN `items` AS `it` 90 | ON `iv`.`inv_itemid` = `it`.`itmid` 91 | WHERE `iv`.`inv_id` = {$_GET['ID']} 92 | AND `iv`.`inv_userid` = $userid 93 | LIMIT 1"); 94 | if ($db->num_rows($id) == 0) 95 | { 96 | echo 'Invalid item ID'; 97 | } 98 | else 99 | { 100 | $r = $db->fetch_row($id); 101 | $code = request_csrf_code("senditem_{$_GET['ID']}"); 102 | echo " 103 | Enter who you want to send {$r['itmname']} to and how many you want to send. 104 | You have {$r['inv_qty']} to send. 105 |
106 |
107 | User ID: 108 |
109 | Quantity: 110 |
111 | 112 | 113 |
114 | "; 115 | } 116 | $db->free_result($id); 117 | } 118 | else 119 | { 120 | echo 'Invalid use of file.'; 121 | } 122 | $h->endpage(); 123 | -------------------------------------------------------------------------------- /itemuse.php: -------------------------------------------------------------------------------- 1 | query( 23 | "SELECT `effect1`, `effect2`, `effect3`, 24 | `effect1_on`, `effect2_on`, `effect3_on`, 25 | `itmname`, `inv_itemid` 26 | FROM `inventory` AS `iv` 27 | INNER JOIN `items` AS `i` 28 | ON `iv`.`inv_itemid` = `i`.`itmid` 29 | WHERE `iv`.`inv_id` = {$_GET['ID']} 30 | AND `iv`.`inv_userid` = $userid"); 31 | if ($db->num_rows($i) == 0) 32 | { 33 | $db->free_result($i); 34 | echo 'Invalid item ID'; 35 | } 36 | else 37 | { 38 | $r = $db->fetch_row($i); 39 | $db->free_result($i); 40 | if (!$r['effect1_on'] && !$r['effect2_on'] && !$r['effect3_on']) 41 | { 42 | echo 'Sorry, this item cannot be used as it has no effect.'; 43 | $h->endpage(); 44 | exit; 45 | } 46 | for ($enum = 1; $enum <= 3; $enum++) 47 | { 48 | if ($r["effect{$enum}_on"]) 49 | { 50 | $einfo = unserialize($r["effect{$enum}"]); 51 | if ($einfo['inc_type'] == 'percent') 52 | { 53 | if (in_array($einfo['stat'], 54 | ['energy', 'will', 'brave', 'hp'])) 55 | { 56 | $inc = 57 | round( 58 | $ir['max' . $einfo['stat']] / 100 59 | * $einfo['inc_amount']); 60 | } 61 | else 62 | { 63 | $inc = 64 | round( 65 | $ir[$einfo['stat']] / 100 66 | * $einfo['inc_amount']); 67 | } 68 | } 69 | else 70 | { 71 | $inc = $einfo['inc_amount']; 72 | } 73 | if ($einfo['dir'] == 'pos') 74 | { 75 | if (in_array($einfo['stat'], 76 | ['energy', 'will', 'brave', 'hp'])) 77 | { 78 | $ir[$einfo['stat']] = 79 | min($ir[$einfo['stat']] + $inc, 80 | $ir['max' . $einfo['stat']]); 81 | } 82 | else 83 | { 84 | $ir[$einfo['stat']] += $inc; 85 | } 86 | } 87 | else 88 | { 89 | $ir[$einfo['stat']] = max($ir[$einfo['stat']] - $inc, 0); 90 | } 91 | $upd = $ir[$einfo['stat']]; 92 | if (in_array($einfo['stat'], 93 | ['strength', 'agility', 'guard', 'labour', 'IQ'])) 94 | { 95 | $db->query( 96 | "UPDATE `userstats` 97 | SET `{$einfo['stat']}` = '{$upd}' 98 | WHERE `userid` = {$userid}"); 99 | } 100 | else 101 | { 102 | $db->query( 103 | "UPDATE `users` 104 | SET `{$einfo['stat']}` = '{$upd}' 105 | WHERE `userid` = {$userid}"); 106 | } 107 | } 108 | } 109 | echo $r['itmname'] . ' used successfully!'; 110 | item_remove($userid, (int)$r['inv_itemid'], 1); 111 | } 112 | } 113 | $h->endpage(); 114 | -------------------------------------------------------------------------------- /jail.php: -------------------------------------------------------------------------------- 1 | Jail 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | "; 23 | $q = 24 | $db->query( 25 | 'SELECT `jail_reason`, `jail`, `level`, `username`, `userid`, 26 | `gangPREF` 27 | FROM `users` AS `u` 28 | LEFT JOIN `gangs` AS `g` 29 | ON `u`.`gang` = `g`.`gangID` 30 | WHERE `u`.`jail` > 0 31 | ORDER BY `u`.`jail` DESC'); 32 | while ($r = $db->fetch_row($q)) 33 | { 34 | echo " 35 | 36 | 41 | 42 | 43 | 44 | 48 | 49 | "; 50 | } 51 | $db->free_result($q); 52 | echo '
NameLevelTimeReasonActions
37 | {$r['gangPREF']} 38 | {$r['username']} 39 | [{$r['userid']}] 40 | {$r['level']}{$r['jail']} minutes{$r['jail_reason']} 45 | [Bust] 46 | [Bail] 47 |
'; 53 | $h->endpage(); 54 | -------------------------------------------------------------------------------- /jailbail.php: -------------------------------------------------------------------------------- 1 | endpage(); 17 | exit; 18 | } 19 | $_GET['ID'] = 20 | (isset($_GET['ID']) && is_numeric($_GET['ID'])) 21 | ? abs(intval($_GET['ID'])) : 0; 22 | $jail_q = 23 | $db->query( 24 | "SELECT `userid`, `jail`, `level`, `username` 25 | FROM `users` 26 | WHERE `userid` = {$_GET['ID']}"); 27 | if ($db->num_rows($jail_q) == 0) 28 | { 29 | $db->free_result($jail_q); 30 | echo 'Invalid user'; 31 | $h->endpage(); 32 | exit; 33 | } 34 | $r = $db->fetch_row($jail_q); 35 | $db->free_result($jail_q); 36 | if (!$r['jail']) 37 | { 38 | echo 'That user is not in jail!'; 39 | $h->endpage(); 40 | exit; 41 | } 42 | $cost = $r['level'] * 2000; 43 | $cf = money_formatter($cost); 44 | if ($ir['money'] < $cost) 45 | { 46 | echo "Sorry, you do not have enough money to bail out {$r['username']}." 47 | . " You need {$cf}."; 48 | $h->endpage(); 49 | exit; 50 | } 51 | 52 | echo "You successfully bailed {$r['username']} out of jail for $cf.
53 | > Back"; 54 | $db->query( 55 | "UPDATE `users` 56 | SET `money` = `money` - {$cost} 57 | WHERE `userid` = $userid"); 58 | $db->query( 59 | "UPDATE `users` 60 | SET `jail` = 0 61 | WHERE `userid` = {$r['userid']}"); 62 | event_add($r['userid'], 63 | "{$ir['username']} bailed you out of jail."); 64 | $h->endpage(); 65 | -------------------------------------------------------------------------------- /jailbust.php: -------------------------------------------------------------------------------- 1 | endpage(); 17 | exit; 18 | } 19 | if ($ir['jail']) 20 | { 21 | echo 'You cannot bust out people while in jail.'; 22 | $h->endpage(); 23 | exit; 24 | } 25 | $_GET['ID'] = 26 | (isset($_GET['ID']) && is_numeric($_GET['ID'])) 27 | ? abs(intval($_GET['ID'])) : 0; 28 | $jail_q = 29 | $db->query( 30 | "SELECT `userid`, `jail`, `level`, `username` 31 | FROM `users` 32 | WHERE `userid` = {$_GET['ID']}"); 33 | if ($db->num_rows($jail_q) == 0) 34 | { 35 | $db->free_result($jail_q); 36 | echo 'Invalid user'; 37 | $h->endpage(); 38 | exit; 39 | } 40 | $r = $db->fetch_row($jail_q); 41 | $db->free_result($jail_q); 42 | if (!$r['jail']) 43 | { 44 | echo 'That user is not in jail!'; 45 | $h->endpage(); 46 | exit; 47 | } 48 | $mult = $r['level'] * $r['level']; 49 | $chance = min(($ir['crimexp'] / $mult) * 50 + 1, 95); 50 | if (rand(1, 100) < $chance) 51 | { 52 | $gain = $r['level'] * 5; 53 | echo "You successfully busted {$r['username']} out of jail.
54 | > Back"; 55 | $db->query( 56 | "UPDATE `users` 57 | SET `crimexp` = `crimexp` + {$gain}, `energy` = `energy` - 10 58 | WHERE `userid` = $userid"); 59 | $db->query( 60 | "UPDATE `users` 61 | SET `jail` = 0 62 | WHERE `userid` = {$r['userid']}"); 63 | event_add($r['userid'], 64 | "{$ir['username']} busted you out of jail."); 65 | } 66 | else 67 | { 68 | echo "While trying to bust out your friend, a guard spotted you and dragged you into jail yourself. Unlucky!
69 | > Back"; 70 | $time = min($mult, 100); 71 | $jail_reason = $db->escape("Caught trying to bust out {$r['username']}"); 72 | $db->query( 73 | "UPDATE `users` 74 | SET `jail` = $time, `jail_reason` = '{$jail_reason}', 75 | `energy` = `energy` - 10 76 | WHERE `userid` = $userid"); 77 | event_add($r['userid'], 78 | "{$ir['username']} was caught trying to bust you out of jail."); 79 | } 80 | $h->endpage(); 81 | -------------------------------------------------------------------------------- /jailuser.php: -------------------------------------------------------------------------------- 1 | > Go Home'; 15 | $h->endpage(); 16 | exit; 17 | } 18 | $_POST['user'] = 19 | (isset($_POST['user']) && is_numeric($_POST['user'])) 20 | ? abs(intval($_POST['user'])) : ''; 21 | $_POST['reason'] = 22 | (isset($_POST['reason']) 23 | && ((strlen($_POST['reason']) > 3) 24 | && (strlen($_POST['reason']) < 50))) 25 | ? $db->escape(strip_tags(stripslashes($_POST['reason']))) : ''; 26 | $_POST['days'] = 27 | (isset($_POST['days']) && is_numeric($_POST['days'])) 28 | ? abs(intval($_POST['days'])) : ''; 29 | if (!empty($_POST['user']) && !empty($_POST['reason']) 30 | && !empty($_POST['days'])) 31 | { 32 | if (!isset($_POST['verf']) 33 | || !verify_csrf_code('jailuser', stripslashes($_POST['verf']))) 34 | { 35 | echo '

Error


36 | This operation has been blocked for your security.
37 | Please try again.
38 | > Try Again'; 40 | $h->endpage(); 41 | exit; 42 | } 43 | if (check_access('administrator', $_POST['user'])) 44 | { 45 | echo 'You cannot fed admins, please destaff them first. 46 |
> Go Back'; 47 | $h->endpage(); 48 | exit; 49 | } 50 | $db->query( 51 | "UPDATE `users` 52 | SET `fedjail` = 1 53 | WHERE `userid` = {$_POST['user']}"); 54 | $db->query( 55 | "INSERT INTO `fedjail` 56 | VALUES(NULL, {$_POST['user']}, {$_POST['days']}, $userid, 57 | '{$_POST['reason']}')"); 58 | $db->query( 59 | "INSERT INTO `jaillogs` 60 | VALUES(NULL, $userid, {$_POST['user']}, {$_POST['days']}, 61 | '{$_POST['reason']}', " . time() . ')'); 62 | echo 'User was fedded.
63 | > Go Home'; 64 | } 65 | else 66 | { 67 | $jail_csrf = request_csrf_code('jailuser'); 68 | $_GET['userid'] = 69 | (isset($_GET['userid']) && is_numeric($_GET['userid'])) 70 | ? abs(intval($_GET['userid'])) : -1; 71 | echo " 72 |

Jailing User

73 | The user will be put in fed jail and will be unable to do anything in the game. 74 |
75 |
76 | User: " . user_dropdown('user', $_GET['userid']) 77 | . " 78 |
79 | Days: 80 |
81 | Reason: 82 |
83 | 84 | 85 |
86 | "; 87 | } 88 | $h->endpage(); 89 | -------------------------------------------------------------------------------- /js/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Forbidden 6 | 7 | 8 |

Access Forbidden

9 | This folder is not designed to be accessed directly. 10 | 11 | 12 | -------------------------------------------------------------------------------- /js/login.js: -------------------------------------------------------------------------------- 1 | /** 2 | * MCCodes Version 2.0.5b 3 | * Copyright (C) 2005-2012 Dabomstew 4 | * All rights reserved. 5 | * 6 | * Redistribution of this code in any form is prohibited, except in 7 | * the specific cases set out in the MCCodes Customer License. 8 | * 9 | * This code license may be used to run one (1) game. 10 | * A game is defined as the set of users and other game database data, 11 | * so you are permitted to create alternative clients for your game. 12 | * 13 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 14 | * using it illegally. Please contact MCCodes to discuss licensing options 15 | * in this case. 16 | * 17 | * File: js/login.js 18 | * Signature: 45166f2fb1d14bc62137b8dc74f14cf1 19 | * Date: Fri, 20 Apr 12 08:50:30 +0000 20 | */ 21 | const getCookieVal = (offset) => { 22 | let endstr = document.cookie.indexOf(";", offset); 23 | if (endstr === -1) { 24 | endstr = document.cookie.length; 25 | } 26 | return decodeURIComponent(document.cookie.substring(offset, endstr)); 27 | } 28 | 29 | const GetCookie = (name) => { 30 | const arg = name + "="; 31 | const alen = arg.length; 32 | const clen = document.cookie.length; 33 | let i = 0; 34 | while (i < clen) { 35 | const j = i + alen; 36 | if (document.cookie.substring(i, j) === arg) { 37 | return getCookieVal(j); 38 | } 39 | i = document.cookie.indexOf(" ", i) + 1; 40 | if (i === 0) { 41 | break; 42 | } 43 | } 44 | return null; 45 | } 46 | 47 | const SetCookie = (name, value, expires, path = null, domain = null, secure = null) => { 48 | document.cookie = name + "=" + encodeURIComponent(value) + ((expires) ? "; expires=" + expires.toDateString() : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); 49 | } 50 | 51 | const DeleteCookie = (name, path, domain) => { 52 | if (GetCookie(name)) { 53 | document.cookie = name + "=" + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; 54 | } 55 | } 56 | 57 | let usr; 58 | let pw; 59 | let sv; 60 | 61 | const getme = () => { 62 | usr = document.login.username; 63 | pw = document.login.password; 64 | sv = document.login.save; 65 | 66 | if (GetCookie('username') != null) { 67 | usr.value = GetCookie('username'); 68 | pw.value = GetCookie('password'); 69 | } 70 | if (GetCookie('save') === 'true') { 71 | sv[0].checked = true; 72 | } else { 73 | sv[1].checked = true; 74 | } 75 | 76 | } 77 | 78 | const saveme = () => { 79 | if (usr.value.length > 0 && pw.value.length > 0) { 80 | if (sv[0].checked) { 81 | let expdate = new Date(); 82 | expdate.setTime(expdate.getTime() + 31536000000); 83 | SetCookie('username', usr.value, expdate); 84 | SetCookie('password', pw.value, expdate); 85 | SetCookie('save', 'true', expdate); 86 | } 87 | if (sv[1].checked) { 88 | DeleteCookie('username'); 89 | DeleteCookie('password'); 90 | DeleteCookie('save'); 91 | } 92 | } else { 93 | alert('You must enter a username/password.'); 94 | return false; 95 | } 96 | } 97 | -------------------------------------------------------------------------------- /js/register.js: -------------------------------------------------------------------------------- 1 | /** 2 | * MCCodes Version 2.0.5b 3 | * Copyright (C) 2005-2012 Dabomstew 4 | * All rights reserved. 5 | * 6 | * Redistribution of this code in any form is prohibited, except in 7 | * the specific cases set out in the MCCodes Customer License. 8 | * 9 | * This code license may be used to run one (1) game. 10 | * A game is defined as the set of users and other game database data, 11 | * so you are permitted to create alternative clients for your game. 12 | * 13 | * If you did not obtain this code from MCCodes.com, you are in all likelihood 14 | * using it illegally. Please contact MCCodes to discuss licensing options 15 | * in this case. 16 | * 17 | * File: js/register.js 18 | * Signature: 4bea7180c37e405b9005226355cea1a1 19 | * Date: Fri, 20 Apr 12 08:50:30 +0000 20 | */ 21 | 22 | /** 23 | * Functions for Register Page (mostly just simple AJAX calls) 24 | */ 25 | 26 | const doCheck = (opts) => { 27 | const fd = new FormData(); 28 | fd.set(opts.key, encodeURIComponent(opts.value)); 29 | fetch(opts.location, { 30 | method: "post", 31 | body: fd 32 | }).then(r => r.json()).then(response => { 33 | document.getElementById(opts.responseElem).innerHTML = response; 34 | }).catch(err => console.error(err)); 35 | } 36 | const CheckPasswords = (password) => { 37 | doCheck({ 38 | location: "check.php", 39 | key: "password", 40 | value: password, 41 | responseElem: "passwordresult" 42 | }); 43 | } 44 | 45 | const CheckUsername = (name) => { 46 | doCheck({ 47 | location: "checkun.php", 48 | key: "username", 49 | value: name, 50 | responseElem: "usernameresult" 51 | }); 52 | } 53 | 54 | function CheckEmail(email) { 55 | doCheck({ 56 | location: "checkem.php", 57 | key: "email", 58 | value: email, 59 | responseElem: "emailresult" 60 | }); 61 | } 62 | 63 | const PasswordMatch = () => { 64 | const pwt1 = document.getElementById("pw1").value; 65 | const pwt2 = document.getElementById("pw2").value; 66 | const resultElem = document.getElementById("cpasswordresult"); 67 | resultElem.innerHTML = (pwt1.length > 0 && pwt1 === pwt2) ? `OK` : `Not Matching`; 68 | } 69 | -------------------------------------------------------------------------------- /lgrad.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/lgrad.jpg -------------------------------------------------------------------------------- /lib/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Forbidden 6 | 7 | 8 |

Access Forbidden

9 | This folder is not designed to be accessed directly. 10 | 11 | 12 | -------------------------------------------------------------------------------- /lib/installer_error_handler.php: -------------------------------------------------------------------------------- 1 | Installer Error'; 21 | echo 'A critical error has occurred, and installation has stopped. ' 22 | . 'Below are the details:
' . $debug_error . '

' 23 | . 'Action taken: ' . $action . '

'; 24 | if (is_array($context) && count($context) > 0) 25 | { 26 | echo 'Context at error time: ' . '

' 27 | . nl2br(print_r($context, true)); 28 | } 29 | require_once('./installer_foot.php'); 30 | exit; 31 | } 32 | 33 | /** 34 | * @param $errno 35 | * @param $errstr 36 | * @param string $errfile 37 | * @param int $errline 38 | * @param array $errcontext 39 | * @return void 40 | */ 41 | function error_php($errno, $errstr, string $errfile = '', int $errline = 0, 42 | array $errcontext = []): void 43 | { 44 | // What's happened? 45 | // If it's a PHP warning or user error/warning, don't go further - indicates bad code, unsafe 46 | if ($errno == E_WARNING) 47 | { 48 | error_critical('PHP Warning: ' . $errstr . ' (' . $errno 49 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 50 | $errcontext); 51 | } 52 | elseif ($errno == E_RECOVERABLE_ERROR) 53 | { 54 | error_critical('PHP Recoverable Error: ' . $errstr . ' (' 55 | . $errno . ')', 56 | 'Line executed: ' . $errfile . ':' . $errline, $errcontext); 57 | } 58 | elseif ($errno == E_USER_ERROR) 59 | { 60 | error_critical('User Error: ' . $errstr . ' (' . $errno 61 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 62 | $errcontext); 63 | } 64 | elseif ($errno == E_USER_WARNING) 65 | { 66 | error_critical('User Warning: ' . $errstr . ' (' . $errno 67 | . ')', 'Line executed: ' . $errfile . ':' . $errline, 68 | $errcontext); 69 | } elseif (DEBUG) { 70 | // Determine the name to display from the error type 71 | // Only do anything if DEBUG is on, now 72 | $errname = 'Unknown Error'; 73 | switch ($errno) { 74 | case E_NOTICE: 75 | $errname = 'PHP Notice'; 76 | break; 77 | case E_USER_NOTICE: 78 | $errname = 'User Notice'; 79 | break; 80 | case 8192: 81 | $errname = 'PHP Deprecation Notice'; 82 | break; // E_DEPRECATED [since 5.3] 83 | case 16384: 84 | $errname = 'User Deprecation Notice'; 85 | break; // E_USER_DEPRECATED [since 5.3] 86 | } 87 | require_once('./installer_head.php'); // in case it hasn't been included 88 | echo 'A non-critical error has occurred. Page execution will continue. ' 89 | . 'Below are the details:
' . $errname 90 | . ': ' . $errstr . ' (' . $errno . ')' 91 | . '

' . 'Line executed: ' 92 | . $errfile . ':' . $errline . '

'; 93 | if (is_array($errcontext) && count($errcontext) > 0) { 94 | echo 'Context at error time: ' 95 | . '

' . nl2br(print_r($errcontext, true)); 96 | } 97 | } 98 | } 99 | -------------------------------------------------------------------------------- /linegrad.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/linegrad.PNG -------------------------------------------------------------------------------- /loggedin.php: -------------------------------------------------------------------------------- 1 | 18 | WARNING: you have not deleted installer.php from the server. 19 |
20 | We suggest you do this immediately. 21 | 22 | '; 23 | } 24 | echo ' 25 | Welcome, ' . $ir['username'] . '! 26 |
27 | Your last visit was: ' . $lv . '. 28 | '; 29 | 30 | $exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); 31 | if ($ir['hospital']) 32 | { 33 | $geninf = 34 | 'You are in Hospital for ' 35 | . $ir['hospital'] . ' minute(s)'; 36 | } 37 | elseif ($ir['jail']) 38 | { 39 | $geninf = 40 | 'You are in Jail for ' 41 | . $ir['jail'] . ' minute(s)'; 42 | } 43 | else 44 | { 45 | $geninf = ''; 46 | } 47 | echo " 48 | 49 | 50 | 51 | 52 | {$geninf} 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | "; 70 | $ts = 71 | $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] 72 | + $ir['IQ']; 73 | $ir['strank'] = get_rank($ir['strength'], 'strength'); 74 | $ir['agirank'] = get_rank($ir['agility'], 'agility'); 75 | $ir['guarank'] = get_rank($ir['guard'], 'guard'); 76 | $ir['labrank'] = get_rank($ir['labour'], 'labour'); 77 | $ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); 78 | $tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); 79 | $ir['strength'] = number_format($ir['strength']); 80 | $ir['agility'] = number_format($ir['agility']); 81 | $ir['guard'] = number_format($ir['guard']); 82 | $ir['labour'] = number_format($ir['labour']); 83 | $ir['IQ'] = number_format($ir['IQ']); 84 | $ts = number_format($ts); 85 | echo " 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 |
General Information
Name: {$ir['username']}Crystals: {$cm}
Level: {$ir['level']}Exp: {$exp}%
Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
Property: {$ir['hNAME']}Days Old: {$ir['daysold']}
Stats Info
Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
101 | "; 102 | $q = $db->query('SELECT `content` FROM `papercontent`'); 103 | $news = $db->fetch_single($q); 104 | $db->free_result($q); 105 | echo $set['game_name'] . ' Latest News: 106 |
107 | ' . nl2br($news) . ' 108 |
109 | '; 110 | $h->endpage(); 111 | -------------------------------------------------------------------------------- /login.php: -------------------------------------------------------------------------------- 1 | 16 | 17 | 18 | {$set['game_name']} 19 | 20 | 21 | 22 | 23 | 24 |
25 | 26 | 27 | 28 | 71 | 72 | 73 | 83 | 84 |
Mccodes Version 2
29 | 30 | EOF; 31 | $IP = str_replace(['/', '\\', '\0'], '', $_SERVER['REMOTE_ADDR']); 32 | if (file_exists('ipbans/' . $IP)) 33 | { 34 | die( 35 | " 36 | Your IP has been banned, there is no way around this. 37 | "); 38 | } 39 | $year = date('Y'); 40 | echo "

> {$set['game_name']} Log-In

41 | 42 | 43 | 49 |
44 |
45 | About {$set['game_name']} 46 | " . nl2br($set['game_description']) . ' 47 |
48 |
'; 50 | echo << 52 | Login 53 |
54 | Username:
55 | Password:
56 | Remember me?
57 | Yes 58 | No
59 | 60 | 61 |
62 | 63 | EOF; 64 | echo "

65 |

REGISTER NOW!


66 |
Powered by codes made by Dabomstew (© {$year}). Game Copyright ©{$year} {$set['game_owner']}.
"; 67 | print 68 | << 70 |
74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 |
   
82 |
85 | 86 | 87 | OUT; 88 | -------------------------------------------------------------------------------- /logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/logo.png -------------------------------------------------------------------------------- /logout.php: -------------------------------------------------------------------------------- 1 | 0) 23 | { 24 | echo 'You lost all your EXP for running from the fight.
'; 25 | require_once('globals_nonauth.php'); 26 | $db->query( 27 | "UPDATE `users` 28 | SET `exp` = 0, `attacking` = 0 29 | WHERE `userid` = {$sessid}"); 30 | $_SESSION['attacking'] = 0; 31 | session_regenerate_id(true); 32 | session_unset(); 33 | session_destroy(); 34 | die("Continue to login..."); 35 | } 36 | } 37 | session_regenerate_id(true); 38 | session_unset(); 39 | session_destroy(); 40 | $login_url = 'https://' . determine_game_urlbase() . '/login.php'; 41 | header("Location: {$login_url}"); 42 | -------------------------------------------------------------------------------- /lucky.php: -------------------------------------------------------------------------------- 1 | Lucky Boxes
'; 13 | $box_cost = 1000; 14 | $bc_format = money_formatter($box_cost); 15 | if (isset($_GET['open']) && $_GET['open']) 16 | { 17 | if ($ir['boxes_opened'] >= 5) 18 | { 19 | die( 20 | 'Sorry, you have already opened 5 boxes today. Come back tomorrow.'); 21 | } 22 | if ($ir['money'] < $box_cost) 23 | { 24 | die( 25 | "Sorry, it costs {$bc_format} to open a box. Come back when you have enough."); 26 | } 27 | $num = rand(1, 5); 28 | $db->query( 29 | "UPDATE `users` 30 | SET `boxes_opened` = `boxes_opened` + 1, 31 | `money` = `money` - {$box_cost} 32 | WHERE `userid` = $userid"); 33 | $ir['money'] -= 1000; 34 | switch ($num) 35 | { 36 | case 1: 37 | $tokens = rand(1, 5); 38 | echo "First outcome here (gained {$tokens} crystals)"; 39 | $db->query( 40 | "UPDATE `users` 41 | SET `crystals` = `crystals` + {$tokens} 42 | WHERE `userid` = {$userid}"); 43 | break; 44 | case 2: 45 | $money = rand(330, 3300); 46 | echo 'Second outcome here (gained ' . money_formatter($money) . ')'; 47 | $db->query( 48 | "UPDATE `users` 49 | SET `money` = `money` + {$money} 50 | WHERE `userid` = {$userid}"); 51 | break; 52 | case 3: 53 | $stole = min(rand((int)($ir['money'] / 10), (int)($ir['money'] / 5)), 5000); 54 | echo 'Third outcome here (lost ' . money_formatter($stole) . ')'; 55 | $db->query( 56 | "UPDATE `users` 57 | SET `money` = `money` - {$stole} 58 | WHERE `userid` = {$userid}"); 59 | break; 60 | case 4: 61 | echo 'Fourth outcome here (nothing)'; 62 | break; 63 | case 5: 64 | echo 'Fifth outcome here (nothing)'; 65 | break; 66 | } 67 | echo "
68 | Open Another
69 | Back to Town"; 70 | } 71 | else 72 | { 73 | echo "A man comes up to you and whispers, \"I have magical boxes, I let you open one for {$bc_format}. You can open a maximum of 5 a day. Deal or no deal?
74 | Okay, open one.
75 | No thanks."; 76 | } 77 | $h->endpage(); 78 | -------------------------------------------------------------------------------- /macro1.php: -------------------------------------------------------------------------------- 1 | endpage(); 15 | exit; 16 | } 17 | if (!isset($_GET['refer']) || !is_string($_GET['refer'])) 18 | { 19 | echo 'Invalid usage.'; 20 | $h->endpage(); 21 | exit; 22 | } 23 | unset($_SESSION['captcha']); 24 | $chars = 25 | "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!?\\/%^"; 26 | $len = strlen($chars); 27 | $_SESSION['captcha'] = ''; 28 | for ($i = 0; $i < 6; $i++) 29 | { 30 | $_SESSION['captcha'] .= $chars[rand(0, $len - 1)]; 31 | } 32 | $valid_csrf = request_csrf_code('validation'); 33 | echo "

Validation


34 | Enter the text you see in the image into the box below. 35 |
"; 36 | if (isset($_GET['code'])) 37 | { 38 | echo "Invalid code or blank
"; 39 | } 40 | $_GET['refer'] = 41 | addslashes( 42 | htmlentities(stripslashes($_GET['refer']), ENT_QUOTES, 43 | 'ISO-8859-1')); 44 | echo " 45 | CAPTCHA - refresh if invisible
46 | Text:
47 | 48 | 49 |
"; 50 | $h->endpage(); 51 | -------------------------------------------------------------------------------- /macro2.php: -------------------------------------------------------------------------------- 1 | query( 47 | "UPDATE `users` 48 | SET `verified` = 1 49 | WHERE `userid` = {$userid}"); 50 | header("Location: {$dest_url}"); 51 | -------------------------------------------------------------------------------- /mailban.php: -------------------------------------------------------------------------------- 1 | > Go Home'; 16 | $h->endpage(); 17 | exit; 18 | } 19 | $_POST['user'] = 20 | (isset($_POST['user']) && is_numeric($_POST['user'])) 21 | ? abs(intval($_POST['user'])) : ''; 22 | $_POST['reason'] = 23 | (isset($_POST['reason']) 24 | && ((strlen($_POST['reason']) > 3) 25 | && (strlen($_POST['reason']) < 50))) 26 | ? strip_tags(stripslashes($_POST['reason'])) : ''; 27 | $_POST['days'] = 28 | (isset($_POST['days']) && is_numeric($_POST['days'])) 29 | ? abs(intval($_POST['days'])) : ''; 30 | if (!empty($_POST['user']) && !empty($_POST['reason']) 31 | && !empty($_POST['days'])) 32 | { 33 | if (!isset($_POST['verf']) 34 | || !verify_csrf_code('mailban', stripslashes($_POST['verf']))) 35 | { 36 | echo '

Error


37 | This operation has been blocked for your security.
38 | Please try again.
39 | > Try Again'; 41 | $h->endpage(); 42 | exit; 43 | } 44 | if (check_access('administrator', $_POST['user'])) 45 | { 46 | echo 'You cannot mailban admins, please destaff them first. 47 |
> Go Back'; 48 | $h->endpage(); 49 | exit; 50 | } 51 | $e_reason = $db->escape($_POST['reason']); 52 | $re = 53 | $db->query( 54 | "UPDATE `users` 55 | SET `mailban` = {$_POST['days']}, 56 | `mb_reason` = '{$e_reason}' 57 | WHERE `userid` = {$_POST['user']}"); 58 | event_add($_POST['user'], 59 | "You were banned from mail for {$_POST['days']} day(s) for the following reason: {$_POST['reason']}"); 60 | echo 'User was mail banned.
61 | > Go Home'; 62 | } 63 | else 64 | { 65 | $mb_csrf = request_csrf_code('mailban'); 66 | $_GET['userid'] = 67 | (isset($_GET['userid']) && is_numeric($_GET['userid'])) 68 | ? abs(intval($_GET['userid'])) : -1; 69 | echo " 70 |

Mail Banning User

71 | The user will not be able to use the mail system for a set period of days. 72 |
73 |
74 | User: " . user_dropdown('user', $_GET['userid']) 75 | . " 76 |
77 | Days: 78 |
79 | Reason: 80 |
81 | 82 | 83 |
84 | "; 85 | } 86 | $h->endpage(); 87 | -------------------------------------------------------------------------------- /mainmenu.php: -------------------------------------------------------------------------------- 1 | Hospital ($hc)
25 | Inventory
26 | "; 27 | } 28 | elseif ($ir['jail']) 29 | { 30 | echo "Jail ($jc)
"; 31 | } 32 | else 33 | { 34 | echo "Home
35 | Inventory
"; 36 | } 37 | echo ($ec > 0) 38 | ? 'Events (' . $ec 39 | . ')
' : 'Events (0)
'; 40 | echo ($mc > 0) 41 | ? 'Mailbox (' . $mc 42 | . ')
' : 'Mailbox (0)
'; 43 | if ($ir['jail'] and !$ir['hospital']) 44 | { 45 | echo " 46 | Jail Gym
47 | Hospital ($hc)
48 | "; 49 | } 50 | elseif (!$ir['hospital']) 51 | { 52 | echo " 53 | Explore
54 | Gym
55 | Crimes
56 | Your Job
57 | Local School
58 | Hospital ($hc)
59 | Jail ($jc)
60 | "; 61 | } 62 | else 63 | { 64 | echo "Jail ($jc)
"; 65 | } 66 | echo "Forums
"; 67 | echo ($ir['new_announcements']) 68 | ? 'Announcements (' 69 | . $ir['new_announcements'] . ')
' 70 | : 'Announcements (0)
'; 71 | echo " 72 | Newspaper
73 | Search
74 | "; 75 | if (!$ir['jail'] && $ir['gang']) 76 | { 77 | echo "Your Gang
"; 78 | } 79 | if (is_staff()) 80 | { 81 | echo " 82 |
83 | Staff Panel
84 |
85 | Staff Online:
86 | "; 87 | $online_staff = get_online_staff(); 88 | foreach ($online_staff as $r) 89 | { 90 | echo '' . $r['username'] 91 | . ' (' . datetime_parse($r['laston']) . ')
'; 92 | } 93 | } 94 | if ($ir['donatordays']) 95 | { 96 | echo " 97 |
98 | Donators Only
99 | Friends List
100 | Black List 101 | "; 102 | } 103 | echo " 104 |
105 | Preferences
106 | Player Report
107 | Help Tutorial
108 | Game Rules
109 | My Profile
110 | Logout

111 | Time is now
112 | " . date('F j, Y') . '
' . date('g:i:s a'); 113 | -------------------------------------------------------------------------------- /mcc_splash_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/mcc_splash_2.png -------------------------------------------------------------------------------- /monorail.php: -------------------------------------------------------------------------------- 1 | 25 | Where would you like to travel today? 26 |
27 | '; 28 | $q = 29 | $db->query( 30 | "SELECT `cityid`, `cityname`, `citydesc`, `cityminlevel` 31 | FROM `cities` 32 | WHERE `cityid` != {$ir['location']} 33 | AND `cityminlevel` <= {$ir['level']}"); 34 | echo " 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | "; 43 | while ($r = $db->fetch_row($q)) 44 | { 45 | echo " 46 | 47 | 48 | 49 | 50 | 51 | 52 | "; 53 | } 54 | echo '
NameDescriptionMin Level 
{$r['cityname']}{$r['citydesc']}{$r['cityminlevel']}Go
'; 55 | $db->free_result($q); 56 | } 57 | else 58 | { 59 | if ($ir['money'] < $cost_of_travel) 60 | { 61 | echo 'You don\'t have enough money.'; 62 | } 63 | elseif ($ir['location'] == $_GET['to']) 64 | { 65 | echo 'You are already here.'; 66 | } 67 | else 68 | { 69 | $q = 70 | $db->query( 71 | "SELECT `cityname` 72 | FROM `cities` 73 | WHERE `cityid` = {$_GET['to']} 74 | AND `cityminlevel` <= {$ir['level']}"); 75 | if (!$db->num_rows($q)) 76 | { 77 | echo 'Error, this city either does not exist or you cannot go there.'; 78 | } 79 | else 80 | { 81 | $db->query( 82 | "UPDATE `users` 83 | SET `money` = `money` - $cost_of_travel, 84 | `location` = {$_GET['to']} 85 | WHERE `userid` = $userid"); 86 | $cityName = $db->fetch_single($q); 87 | echo 'Congratulations, you paid ' 88 | . money_formatter($cost_of_travel) . ' and travelled to ' 89 | . $cityName . ' on the monorail!'; 90 | } 91 | $db->free_result($q); 92 | } 93 | echo '
> Go back to index.'; 94 | } 95 | $h->endpage(); 96 | -------------------------------------------------------------------------------- /newspaper.php: -------------------------------------------------------------------------------- 1 | The MonoPaper'; 13 | $paperQ = $db->query('SELECT `content` 14 | FROM `papercontent`'); 15 | $paper = $db->fetch_single($paperQ); 16 | $db->free_result($paperQ); 17 | echo ' 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 28 | 29 |
YOUR JOBLOCAL GYMHALL OF FAME
Ad' . nl2br($paper) 27 | . '
30 | '; 31 | $h->endpage(); 32 | -------------------------------------------------------------------------------- /oclog.php: -------------------------------------------------------------------------------- 1 | 18 | > Go Home'; 19 | $h->endpage(); 20 | exit; 21 | } 22 | $q = 23 | $db->query( 24 | 'SELECT `ocCRIMEN`, `ocTIME`, `oclLOG`, `oclRESULT`, `oclMONEY` 25 | FROM `oclogs` 26 | WHERE `oclID` = ' . $_GET['ID']); 27 | if ($db->num_rows($q) == 0) 28 | { 29 | $db->free_result($q); 30 | echo 'Invalid OC.
31 | > Go Home'; 32 | $h->endpage(); 33 | exit; 34 | } 35 | $r = $db->fetch_row($q); 36 | $db->free_result($q); 37 | echo " 38 | Here is the detailed view on this crime. 39 |
40 | Crime: {$r['ocCRIMEN']} 41 |
42 | Time Executed: " . date('F j, Y, g:i:s a', (int)$r['ocTIME']) 43 | . " 44 |
45 | {$r['oclLOG']} 46 |
47 |
48 | Result: {$r['oclRESULT']} 49 |
50 | Money Made: " . money_formatter((int)$r['oclMONEY']) . ' 51 | '; 52 | $h->endpage(); 53 | -------------------------------------------------------------------------------- /polls_view.php: -------------------------------------------------------------------------------- 1 | query( 14 | "SELECT * 15 | FROM `polls` 16 | WHERE `active` = '0' 17 | ORDER BY `id` DESC"); 18 | if (!$db->num_rows($q)) 19 | { 20 | echo 'There are no finished polls right now'; 21 | } 22 | else 23 | { 24 | while ($r = $db->fetch_row($q)) 25 | { 26 | echo " 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | "; 36 | for ($i = 1; $i <= 10; $i++) 37 | { 38 | if ($r['choice' . $i]) 39 | { 40 | $k = 'choice' . $i; 41 | $ke = 'voted' . $i; 42 | if ($r['votes'] != 0) 43 | { 44 | $perc = $r[$ke] / $r['votes'] * 100; 45 | } 46 | else 47 | { 48 | $perc = 0; 49 | } 50 | echo " 51 | 52 | 53 | 56 | 57 | "; 58 | } 59 | } 60 | echo " 61 | 62 | 63 | 64 | 66 | 67 |
ChoiceVotesBarPercentage
{$r['question']}
{$r[$k]}{$r[$ke]} 54 | Bar 55 | $perc%
Total Votes: {$r['votes']}
Winner: " . $r['choice' . $r['winner']] 65 | . '

'; 68 | } 69 | } 70 | $db->free_result($q); 71 | $h->endpage(); 72 | -------------------------------------------------------------------------------- /preport.php: -------------------------------------------------------------------------------- 1 | Player Report'; 13 | $_POST['report'] = 14 | (isset($_POST['report']) && is_string($_POST['report'])) 15 | ? $db->escape(strip_tags(stripslashes($_POST['report']))) : ''; 16 | $_POST['player'] = 17 | (isset($_POST['player']) && is_numeric($_POST['player'])) 18 | ? abs(intval($_POST['player'])) : ''; 19 | if ($_POST['report'] && $_POST['player']) 20 | { 21 | if (strlen($_POST['report']) > 500) 22 | { 23 | echo 'You may only enter 500 characters or less here. 24 |
>Go Back'; 26 | $h->endpage(); 27 | exit; 28 | } 29 | if (!isset($_POST['verf']) 30 | || !verify_csrf_code('preport_send', stripslashes($_POST['verf']))) 31 | { 32 | echo '

Error


33 | This action has been blocked for your security.
34 | Please try again.
35 | > Try Again'; 36 | $h->endpage(); 37 | exit; 38 | } 39 | $q = 40 | $db->query( 41 | 'SELECT COUNT(`userid`) 42 | FROM `users` 43 | WHERE `userid` = ' . $_POST['player']); 44 | if ($db->fetch_single($q) == 0) 45 | { 46 | $db->free_result($q); 47 | echo 'User doesn\'t exist.
48 | >Go Back'; 49 | $h->endpage(); 50 | exit; 51 | } 52 | $db->free_result($q); 53 | $db->query( 54 | "INSERT INTO `preports` 55 | VALUES(NULL, $userid, {$_POST['player']}, '{$_POST['report']}')"); 56 | echo 'Report processed!
57 | > Home'; 58 | } 59 | else 60 | { 61 | $_GET['report'] = 62 | (isset($_GET['report']) && is_string($_GET['report'])) 63 | ? htmlentities(strip_tags(stripslashes($_GET['report'])), 64 | ENT_QUOTES, 'ISO-8859-1') : ''; 65 | $_GET['ID'] = 66 | (isset($_GET['ID']) && is_numeric($_GET['ID'])) 67 | ? abs(intval($_GET['ID'])) : ''; 68 | $preport_csrf = request_csrf_code('preport_send'); 69 | echo " 70 | Know of a player that's breaking the rules? 71 | Don't hesitate to report them. 72 | Reports are kept confidential. 73 |
74 |
75 | 76 | Player's ID:
77 | What they've done:
78 |
79 | 80 |
81 | "; 82 | } 83 | 84 | $h->endpage(); 85 | -------------------------------------------------------------------------------- /redbar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/redbar.png -------------------------------------------------------------------------------- /rgrad.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/rgrad.jpg -------------------------------------------------------------------------------- /roulette.php: -------------------------------------------------------------------------------- 1 | 26 | > Back"); 27 | } 28 | $_SESSION['tresde'] = $_GET['tresde']; 29 | 30 | echo '

Roulette: Pick a number between 0 - 36

'; 31 | if (isset($_POST['bet']) && is_numeric($_POST['bet'])) 32 | { 33 | $_POST['bet'] = abs((int) $_POST['bet']); 34 | if (!isset($_POST['number'])) 35 | { 36 | $_POST['number'] = 0; 37 | } 38 | $_POST['number'] = abs((int) $_POST['number']); 39 | if ($_POST['bet'] > $ir['money']) 40 | { 41 | die( 42 | "You are trying to bet more than you have.
43 | > Back"); 44 | } 45 | elseif ($_POST['bet'] > $maxbet) 46 | { 47 | die( 48 | "You have gone over the max bet.
49 | > Back"); 50 | } 51 | elseif ($_POST['number'] > 36 or $_POST['number'] < 0 52 | or $_POST['bet'] < 0) 53 | { 54 | die( 55 | "The Numbers are only 0 - 36.
56 | > Back"); 57 | } 58 | $slot = []; 59 | $slot[1] = rand(0, 36); 60 | echo 'You place ' . money_formatter($_POST['bet']) 61 | . " into the slot and pull the pole.
62 | You see the number: $slot[1]
63 | You bet " . money_formatter($_POST['bet']) . ' '; 64 | if ($slot[1] == $_POST['number']) 65 | { 66 | $won = $_POST['bet'] * 37; 67 | $gain = $_POST['bet'] * 36; 68 | echo 'and won ' . money_formatter($won) 69 | . ' by matching the number you bet pocketing you ' 70 | . money_formatter($gain) . ' extra.'; 71 | } 72 | else 73 | { 74 | $won = 0; 75 | $gain = -$_POST['bet']; 76 | echo 'and lost it.'; 77 | } 78 | $db->query( 79 | "UPDATE `users` 80 | SET `money` = `money` + ({$gain}) 81 | WHERE `userid` = $userid"); 82 | $tresder = rand(100, 999); 83 | echo "
84 |
85 | 86 | 87 | 88 |
89 | > I'll continue, but I'm changing my bet.
90 | > Enough's enough, I'm off."; 91 | } 92 | else 93 | { 94 | echo 'Ready to try your luck? Play today!
95 | The maximum bet for your level is ' . money_formatter($maxbet) 96 | . ".
97 |
98 | Bet: \$
99 | Pick (0-36):
100 | 101 |
"; 102 | } 103 | 104 | $h->endpage(); 105 | -------------------------------------------------------------------------------- /search.php: -------------------------------------------------------------------------------- 1 | Search 13 | Search by Name 14 |
15 |
16 | 17 |

18 | Search by ID 19 |
20 |
21 | 22 |
"; 23 | echo "
Search by Location 24 |
25 |
38 | 39 |
"; 40 | $h->endpage(); 41 | -------------------------------------------------------------------------------- /searchlocation.php: -------------------------------------------------------------------------------- 1 | query( 23 | 'SELECT `cityid` 24 | FROM `cities` 25 | WHERE `cityid` = ' . $_POST['location']); 26 | if ($db->num_rows($check_it) == 0) 27 | { 28 | $db->free_result($check_it); 29 | echo 'This location doesn\'t exist.
> Go Back'; 30 | $h->endpage(); 31 | exit; 32 | } 33 | $db->free_result($check_it); 34 | $q = 35 | $db->query( 36 | "SELECT `userid`, `level`, `money`, `crystals`, `username` 37 | FROM `users` 38 | WHERE `location` = '{$_POST['location']}' 39 | ORDER BY `username` 40 | LIMIT 100"); 41 | echo $db->num_rows($q) 42 | . ' players found.
43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | '; 51 | while ($r = $db->fetch_row($q)) 52 | { 53 | echo ' 54 | 55 | 57 | 58 | 59 | 60 | 61 | '; 62 | } 63 | $db->free_result($q); 64 | echo '
UserLevelMoneyCrystals
' 56 | . $r['username'] . '' . $r['level'] . '' . money_formatter((int)$r['money']) . '' . number_format((int)$r['crystals']) . '
'; 65 | } 66 | echo '
> Go Back'; 67 | $h->endpage(); 68 | -------------------------------------------------------------------------------- /searchname.php: -------------------------------------------------------------------------------- 1 | 32) OR (strlen($_POST['name']) < 3))) 25 | { 26 | echo 'Usernames can only be a max of 32 characters or a min of 3 characters.'; 27 | } 28 | else 29 | { 30 | $e_name_check = '%' . $db->escape($_POST['name']) . '%'; 31 | $q = 32 | $db->query( 33 | "SELECT `userid`, `username`, `level`, `money`, `crystals` 34 | FROM `users` 35 | WHERE `username` LIKE ('{$e_name_check}')"); 36 | echo $db->num_rows($q) 37 | . ' players found.
38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | '; 46 | while ($r = $db->fetch_row($q)) 47 | { 48 | echo ' 49 | 50 | 52 | 53 | 54 | 55 | 56 | '; 57 | } 58 | $db->free_result($q); 59 | echo '
UserLevelMoneyCrystals
' 51 | . $r['username'] . '' . $r['level'] . '' . money_formatter((int)$r['money']) . '' . number_format((int)$r['crystals']) . '
'; 60 | } 61 | echo '
> Go Back'; 62 | $h->endpage(); 63 | -------------------------------------------------------------------------------- /sendbank.php: -------------------------------------------------------------------------------- 1 | query( 38 | "SELECT `bankmoney`, `lastip`, `username` 39 | FROM `users` 40 | WHERE `userid` = {$_GET['ID']}"); 41 | if ($db->num_rows($it) == 0) 42 | { 43 | $db->free_result($it); 44 | echo "That user doesn't exist."; 45 | $h->endpage(); 46 | exit; 47 | } 48 | $er = $db->fetch_row($it); 49 | $db->free_result($it); 50 | if ($er['bankmoney'] == -1 || $ir['bankmoney'] == -1) 51 | { 52 | die( 53 | 'Sorry,you or the person you are sending to does not have a bank account.'); 54 | } 55 | if ($_POST['xfer'] > 0) 56 | { 57 | if (!isset($_POST['verf']) 58 | || !verify_csrf_code("sendbank_{$_GET['ID']}", 59 | stripslashes($_POST['verf']))) 60 | { 61 | echo '

Error


62 | This transaction has been blocked for your security.
63 | Please send money quickly after you open the form - do not leave it open in tabs.
64 | > Try Again'; 65 | $h->endpage(); 66 | exit; 67 | } 68 | elseif ($_POST['xfer'] > $ir['bankmoney']) 69 | { 70 | echo 'Not enough money to send.'; 71 | } 72 | else 73 | { 74 | $db->query( 75 | "UPDATE `users` 76 | SET `bankmoney` = `bankmoney` - {$_POST['xfer']} 77 | WHERE `userid` = $userid"); 78 | $db->query( 79 | "UPDATE `users` 80 | SET `bankmoney` = `bankmoney` + {$_POST['xfer']} 81 | WHERE `userid` = {$_GET['ID']}"); 82 | echo 'You Bank Transferred ' . money_formatter($_POST['xfer']) 83 | . " to {$er['username']} (ID {$_GET['ID']})."; 84 | event_add($_GET['ID'], 85 | 'You received ' . money_formatter($_POST['xfer']) 86 | . " into your bank account from {$ir['username']}."); 87 | 88 | $db->query( 89 | "INSERT INTO `bankxferlogs` 90 | VALUES (NULL, $userid, {$_GET['ID']}, 91 | {$_POST['xfer']}, " . time() 92 | . ", '{$ir['lastip']}', 93 | '{$er['lastip']}', 'bank')"); 94 | } 95 | } 96 | else 97 | { 98 | $code = request_csrf_code("sendbank_{$_GET['ID']}"); 99 | echo "

Bank Xfer

100 | You are sending bank money to {$er['username']} (ID {$_GET['ID']}). 101 |
You have " . money_formatter($ir['bankmoney']) 102 | . " you can send. 103 |
104 | Money:
105 | 106 | 107 |
"; 108 | } 109 | } 110 | $h->endpage(); 111 | -------------------------------------------------------------------------------- /sendcash.php: -------------------------------------------------------------------------------- 1 | query( 34 | "SELECT `lastip`, `username` FROM `users` WHERE `userid` = {$_GET['ID']}"); 35 | if ($db->num_rows($it) == 0) 36 | { 37 | $db->free_result($it); 38 | echo "That user doesn't exist."; 39 | $h->endpage(); 40 | exit; 41 | } 42 | $er = $db->fetch_row($it); 43 | $db->free_result($it); 44 | if ((int) $_POST['money']) 45 | { 46 | if (!isset($_POST['verf']) 47 | || !verify_csrf_code("sendcash_{$_GET['ID']}", 48 | stripslashes($_POST['verf']))) 49 | { 50 | echo '

Error


51 | This transaction has been blocked for your security.
52 | Please send money quickly after you open the form - do not leave it open in tabs.
53 | > Try Again'; 54 | $h->endpage(); 55 | exit; 56 | } 57 | elseif ($_POST['money'] > $ir['money']) 58 | { 59 | echo 'Not enough money to send.'; 60 | } 61 | else 62 | { 63 | $db->query( 64 | "UPDATE `users` 65 | SET `money` = `money` - {$_POST['money']} 66 | WHERE `userid` = $userid"); 67 | $db->query( 68 | "UPDATE `users` 69 | SET `money` = `money` + {$_POST['money']} 70 | WHERE `userid` = {$_GET['ID']}"); 71 | echo 'You sent ' . money_formatter($_POST['money']) 72 | . " to {$er['username']} (ID {$_GET['ID']})."; 73 | event_add($_GET['ID'], 74 | 'You received ' . money_formatter($_POST['money']) 75 | . " from {$ir['username']}."); 76 | $db->query( 77 | "INSERT INTO `cashxferlogs` 78 | VALUES (NULL, $userid, {$_GET['ID']}, {$_POST['money']}, 79 | " . time() . ", '{$ir['lastip']}', '{$er['lastip']}')"); 80 | } 81 | } 82 | else 83 | { 84 | $code = request_csrf_code("sendcash_{$_GET['ID']}"); 85 | echo "

Sending Money

86 | You are sending money to {$er['username']} (ID {$_GET['ID']}). 87 |
You have " . money_formatter($ir['money']) 88 | . " you can send. 89 |
90 | Amnt:
91 | 92 | 93 |
"; 94 | echo "

Latest 5 Transfers

95 | 96 | 97 | 98 | 99 | 100 | 101 | "; 102 | $q = 103 | $db->query( 104 | "SELECT `cxTO`, `cxTIME`, `cxAMOUNT`, 105 | `u`.`username` AS `recipient` 106 | FROM `cashxferlogs` AS `cx` 107 | INNER JOIN `users` AS `u` 108 | ON `cx`.`cxTO` = `u`.`userid` 109 | WHERE `cxFROM` = {$userid} 110 | ORDER BY `cxTIME` DESC 111 | LIMIT 5"); 112 | while ($r = $db->fetch_row($q)) 113 | { 114 | echo ' 115 | 117 | 118 | 119 | 121 | '; 122 | } 123 | $db->free_result($q); 124 | echo '
TimeUser FromUser ToAmount
' . date('F j, Y, g:i:s a', (int)$r['cxTIME']) 116 | . "{$ir['username']} [{$ir['userid']}] {$r['recipient']} [{$r['cxTO']}] " . money_formatter((int)$r['cxAMOUNT']) 120 | . '
'; 125 | } 126 | } 127 | $h->endpage(); 128 | -------------------------------------------------------------------------------- /sendcyber.php: -------------------------------------------------------------------------------- 1 | query( 38 | "SELECT `cybermoney`, `lastip`, `username` 39 | FROM `users` 40 | WHERE `userid` = {$_GET['ID']}"); 41 | if ($db->num_rows($it) == 0) 42 | { 43 | $db->free_result($it); 44 | echo "That user doesn't exist."; 45 | $h->endpage(); 46 | exit; 47 | } 48 | $er = $db->fetch_row($it); 49 | $db->free_result($it); 50 | if ($er['cybermoney'] == -1 || $ir['cybermoney'] == -1) 51 | { 52 | die( 53 | 'Sorry,you or the person you are sending to does not have a cyber bank account.'); 54 | } 55 | if ((int) $_POST['xfer']) 56 | { 57 | if (!isset($_POST['verf']) 58 | || !verify_csrf_code("sendcyber_{$_GET['ID']}", 59 | stripslashes($_POST['verf']))) 60 | { 61 | echo '

Error


62 | This transaction has been blocked for your security.
63 | Please send money quickly after you open the form - do not leave it open in tabs.
64 | > Try Again'; 65 | $h->endpage(); 66 | exit; 67 | } 68 | elseif ($_POST['xfer'] > $ir['cybermoney']) 69 | { 70 | echo 'Not enough money to send.'; 71 | } 72 | else 73 | { 74 | $db->query( 75 | "UPDATE `users` 76 | SET `cybermoney` = `cybermoney` - {$_POST['xfer']} 77 | WHERE `userid` = $userid"); 78 | $db->query( 79 | "UPDATE `users` 80 | SET `cybermoney` = `cybermoney` + {$_POST['xfer']} 81 | WHERE `userid` = {$_GET['ID']}"); 82 | echo 'You CyberBank Transferred ' 83 | . money_formatter($_POST['xfer']) 84 | . " to {$er['username']} (ID {$_GET['ID']})."; 85 | event_add($_GET['ID'], 86 | 'You received ' . money_formatter($_POST['xfer']) 87 | . " into your cyber bank account from {$ir['username']}."); 88 | 89 | $db->query( 90 | "INSERT INTO `bankxferlogs` 91 | VALUES (NULL, $userid, {$_GET['ID']}, 92 | {$_POST['xfer']}, " . time() 93 | . ", '{$ir['lastip']}', 94 | '{$er['lastip']}', 'cyber')"); 95 | } 96 | } 97 | else 98 | { 99 | $code = request_csrf_code("sendcyber_{$_GET['ID']}"); 100 | echo "

CyberBank Xfer

101 | You are sending cyber bank money to {$er['username']} (ID {$_GET['ID']}). 102 |
You have " . money_formatter($ir['cybermoney']) 103 | . " you can send. 104 |
105 | Money:
106 | 107 | 108 |
"; 109 | } 110 | } 111 | $h->endpage(); 112 | -------------------------------------------------------------------------------- /shops.php: -------------------------------------------------------------------------------- 1 | '; 20 | $q = 21 | $db->query( 22 | "SELECT `shopID`, `shopNAME`, `shopDESCRIPTION` 23 | FROM `shops` 24 | WHERE `shopLOCATION` = {$ir['location']}"); 25 | echo " 26 | 27 | 28 | 29 | "; 30 | while ($r = $db->fetch_row($q)) 31 | { 32 | echo " 33 | 36 | 37 | "; 38 | } 39 | echo '
ShopDescription
34 | {$r['shopNAME']} 35 | {$r['shopDESCRIPTION']}
'; 40 | $db->free_result($q); 41 | } 42 | else 43 | { 44 | $sd = 45 | $db->query( 46 | "SELECT `shopLOCATION`, `shopNAME` 47 | FROM `shops` 48 | WHERE `shopID` = {$_GET['shop']}"); 49 | if ($db->num_rows($sd) > 0) 50 | { 51 | $shopdata = $db->fetch_row($sd); 52 | if ($shopdata['shopLOCATION'] == $ir['location']) 53 | { 54 | echo "Browsing items at {$shopdata['shopNAME']}...
55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | "; 63 | $qtwo = 64 | $db->query( 65 | "SELECT `itmtypename`, `itmname`, `itmdesc`, 66 | `itmbuyprice`, `itmsellprice`, `sitemID` 67 | FROM `shopitems` AS `si` 68 | INNER JOIN `items` AS `i` 69 | ON `si`.`sitemITEMID` = `i`.`itmid` 70 | INNER JOIN `itemtypes` AS `it` 71 | ON `i`.`itmtype` = `it`.`itmtypeid` 72 | WHERE `si`.`sitemSHOP` = {$_GET['shop']} 73 | ORDER BY `itmtype` ASC, `itmbuyprice` ASC, 74 | `itmname` ASC"); 75 | $lt = ''; 76 | while ($r = $db->fetch_row($qtwo)) 77 | { 78 | if ($lt != $r['itmtypename']) 79 | { 80 | $lt = $r['itmtypename']; 81 | echo "\n 82 | 83 | "; 84 | } 85 | echo "\n 86 | 87 | 88 | 90 | 92 | 98 | "; 99 | } 100 | $db->free_result($qtwo); 101 | echo '
ItemDescriptionPriceSell PriceBuy
{$lt}
{$r['itmname']}{$r['itmdesc']}" . money_formatter($r['itmbuyprice']) 89 | . '' . money_formatter($r['itmsellprice']) 91 | . " 93 |
94 | Qty: 95 | 96 |
97 |
'; 102 | } 103 | else 104 | { 105 | echo 'You are trying to access a shop in another city!'; 106 | } 107 | } 108 | else 109 | { 110 | echo 'You are trying to access an invalid shop!'; 111 | } 112 | $db->free_result($sd); 113 | } 114 | $h->endpage(); 115 | -------------------------------------------------------------------------------- /slotsmachine.php: -------------------------------------------------------------------------------- 1 | 26 | > Back"); 27 | } 28 | $_SESSION['tresde'] = $_GET['tresde']; 29 | echo '

Slots

'; 30 | if (isset($_POST['bet']) && is_numeric($_POST['bet'])) 31 | { 32 | $_POST['bet'] = abs((int) $_POST['bet']); 33 | if ($_POST['bet'] > $ir['money']) 34 | { 35 | die( 36 | "You are trying to bet more than you have.
37 | > Back"); 38 | } 39 | elseif ($_POST['bet'] > $maxbet) 40 | { 41 | die( 42 | "You have gone over the max bet.
43 | > Back"); 44 | } 45 | 46 | $slot[1] = rand(0, 9); 47 | $slot[2] = rand(0, 9); 48 | $slot[3] = rand(0, 9); 49 | echo 'You place ' . money_formatter($_POST['bet']) 50 | . " into the slot and pull the pole.
51 | You see the numbers: $slot[1] $slot[2] $slot[3]
52 | You bet " . money_formatter($_POST['bet']) . ' '; 53 | if ($slot[1] == $slot[2] && $slot[2] == $slot[3]) 54 | { 55 | $won = $_POST['bet'] * 26; 56 | $gain = $_POST['bet'] * 25; 57 | echo 'and won ' . money_formatter($won) 58 | . ' by lining up 3 numbers pocketing you ' 59 | . money_formatter($gain) . ' extra.'; 60 | } 61 | elseif ($slot[1] == $slot[2] || $slot[2] == $slot[3] 62 | || $slot[1] == $slot[3]) 63 | { 64 | $won = $_POST['bet'] * 3; 65 | $gain = $_POST['bet'] * 2; 66 | echo 'and won ' . money_formatter($won) 67 | . ' by lining up 2 numbers pocketing you ' 68 | . money_formatter($gain) . ' extra.'; 69 | } 70 | else 71 | { 72 | $won = 0; 73 | $gain = -$_POST['bet']; 74 | echo 'and lost it.'; 75 | } 76 | $db->query( 77 | "UPDATE `users` 78 | SET `money` = `money` + ({$gain}) 79 | WHERE `userid` = $userid"); 80 | $tresder = rand(100, 999); 81 | echo "
82 |
83 | 84 | 85 |
86 | > I'll continue, but I'm changing my bet.
87 | > Enough's enough, I'm off."; 88 | } 89 | else 90 | { 91 | echo 'Ready to try your luck? Play today!
92 | The maximum bet for your level is ' . money_formatter($maxbet) 93 | . ".
94 |
95 | Bet: \$
96 | 97 |
"; 98 | } 99 | 100 | $h->endpage(); 101 | -------------------------------------------------------------------------------- /staff_api.php: -------------------------------------------------------------------------------- 1 | setDb($db); 25 | $this->processIncoming(); 26 | } 27 | 28 | /** 29 | * @param database|null $db 30 | * @return void 31 | */ 32 | private function setDb(?database $db): void 33 | { 34 | $this->db = $db; 35 | } 36 | 37 | /** 38 | * @return void 39 | */ 40 | private function processIncoming(): void 41 | { 42 | $_GET['id'] = array_key_exists('id', $_GET) && is_numeric($_GET['id']) ? (int)$_GET['id'] : null; 43 | $data = [ 44 | 'type' => 'error', 45 | 'message' => 'No options given', 46 | ]; 47 | if (array_key_exists('get', $_GET)) { 48 | $data = $this->processGet($_GET['get'], $_GET['id']); 49 | } 50 | header('Content-Type: application/json'); 51 | echo json_encode($data); 52 | } 53 | 54 | /** 55 | * @param string $get 56 | * @param int $id 57 | * @return array|string[] 58 | */ 59 | private function processGet(string $get, int $id): array 60 | { 61 | return match ($get) { 62 | 'non-user-roles' => $this->getNonUserRoles($id), 63 | 'user-roles' => $this->getUserRoles($id), 64 | default => [ 65 | 'type' => 'error', 66 | 'message' => 'Invalid "get" value', 67 | ], 68 | }; 69 | } 70 | 71 | /** 72 | * @param int $target_id 73 | * @return array 74 | */ 75 | private function getUserRoles(int $target_id): array 76 | { 77 | $get_roles = $this->db->query( 78 | 'SELECT id, name FROM staff_roles WHERE id IN (SELECT staff_role FROM users_roles WHERE userid = ' . $target_id . ') ORDER BY name, id' 79 | ); 80 | $data = []; 81 | while ($role = $this->db->fetch_row($get_roles)) { 82 | $data[] = $role; 83 | } 84 | $this->db->free_result($get_roles); 85 | return [ 86 | 'type' => 'success', 87 | 'message' => 'See data key', 88 | 'data' => $data, 89 | ]; 90 | } 91 | 92 | /** 93 | * @param int $target_id 94 | * @return array 95 | */ 96 | private function getNonUserRoles(int $target_id): array 97 | { 98 | $get_non_roles = $this->db->query( 99 | 'SELECT id, name FROM staff_roles WHERE id NOT IN (SELECT staff_role FROM users_roles WHERE userid = ' . $target_id . ') ORDER BY name, id' 100 | ); 101 | $data = []; 102 | while ($role = $this->db->fetch_row($get_non_roles)) { 103 | $data[] = $role; 104 | } 105 | $this->db->free_result($get_non_roles); 106 | return [ 107 | 'type' => 'success', 108 | 'message' => 'See data key', 109 | 'data' => $data, 110 | ]; 111 | } 112 | 113 | /** 114 | * @param database|null $db 115 | * @return self|null 116 | */ 117 | public static function getInstance(?database $db): ?self 118 | { 119 | if (self::$inst === null) { 120 | self::$inst = new self($db); 121 | } 122 | return self::$inst; 123 | } 124 | } 125 | 126 | $api = StaffAPI::getInstance($db); 127 | -------------------------------------------------------------------------------- /stafflist.php: -------------------------------------------------------------------------------- 1 | query( 14 | 'SELECT u.userid, u.laston, u.username, u.level, u.money, GROUP_CONCAT(sr.name ORDER BY sr.id) AS roles 15 | FROM users AS u 16 | INNER JOIN users_roles AS ur ON ur.userid = u.userid 17 | INNER JOIN staff_roles AS sr ON sr.id = ur.staff_role 18 | WHERE ur.staff_role > 0 19 | GROUP BY u.userid 20 | ORDER BY u.userid' 21 | ); 22 | while ($r = $db->fetch_row($q)) { 23 | $staff[$r['userid']] = $r; 24 | } 25 | $db->free_result($q); 26 | echo ' 27 | Staff 28 |
29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | '; 39 | 40 | foreach ($staff as $r) { 41 | $on = ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) 42 | ? 'Online' 43 | : 'Offline'; 44 | echo ' 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | '; 54 | } 55 | echo '
UserRolesLevelMoneyLast SeenStatus
' . $r['username'] . ' [' . $r['userid'] . ']' . str_replace(',', ', ', $r['roles']) . '' . $r['level'] . '' . money_formatter((int)$r['money']) . '' . date('F j, Y, g:i:s a', (int)$r['laston']) . '' . $on . '
'; 56 | $h->endpage(); 57 | -------------------------------------------------------------------------------- /staffnotes.php: -------------------------------------------------------------------------------- 1 | > Go Home'; 15 | $h->endpage(); 16 | exit; 17 | } 18 | 19 | $_POST['ID'] = 20 | (isset($_POST['ID']) && is_numeric($_POST['ID'])) 21 | ? abs(intval($_POST['ID'])) : ''; 22 | $_POST['staffnotes'] = 23 | (isset($_POST['staffnotes']) && !is_array($_POST['staffnotes'])) 24 | ? $db->escape( 25 | strip_tags(stripslashes($_POST['staffnotes']))) 26 | : ''; 27 | if (empty($_POST['ID']) || empty($_POST['staffnotes'])) { 28 | echo 'You must enter data for this to work. 29 |
> Go Home'; 30 | $h->endpage(); 31 | exit; 32 | } 33 | $q = 34 | $db->query( 35 | "SELECT `staffnotes` 36 | FROM `users` 37 | WHERE `userid` = {$_POST['ID']}"); 38 | if ($db->num_rows($q) == 0) { 39 | $db->free_result($q); 40 | echo 'That user does not exist. 41 |
> Go Home'; 42 | $h->endpage(); 43 | exit; 44 | } 45 | $old = $db->escape($db->fetch_single($q)); 46 | $db->free_result($q); 47 | $db->query( 48 | "UPDATE `users` 49 | SET `staffnotes` = '{$_POST['staffnotes']}' 50 | WHERE `userid` = '{$_POST['ID']}'"); 51 | $db->query( 52 | "INSERT INTO `staffnotelogs` 53 | VALUES (NULL, $userid, {$_POST['ID']}, " . time() 54 | . ", '$old', 55 | '{$_POST['staffnotes']}')"); 56 | echo ' 57 | User notes updated! 58 |
59 | > Back To Profile 61 | '; 62 | $h->endpage(); 63 | -------------------------------------------------------------------------------- /stats.php: -------------------------------------------------------------------------------- 1 | query( 15 | "SELECT COUNT(`userid`) AS `c_users`, 16 | SUM(`money`) AS `s_money`, 17 | SUM(`crystals`) AS `s_crystals`, 18 | SUM(IF(`bankmoney` > -1, 1, 0)) AS `c_users_bank`, 19 | SUM(IF(`bankmoney` > -1, `bankmoney`, 0)) AS `s_bank`, 20 | SUM(IF(`gender` = 'Male', 1, 0)) AS `c_male`, 21 | SUM(IF(`gender` = 'Female', 1, 0)) AS `c_female` 22 | FROM `users`"); 23 | $mem_info = $db->fetch_row($q); 24 | foreach ($mem_info as $col => $value) { 25 | $mem_info[$col] = (int)$value; 26 | } 27 | $membs = $mem_info['c_users']; 28 | $total = $mem_info['s_money']; 29 | $avg = (int) ($total / (max($membs, 1))); 30 | $totalc = $mem_info['s_crystals']; 31 | $avgc = (int) ($totalc / (max($membs, 1))); 32 | $banks = $mem_info['c_users_bank']; 33 | $totalb = $mem_info['s_bank']; 34 | $avgb = (int) ($totalb / ($banks > 0 ? $banks : 1)); 35 | $male = $mem_info['c_male']; 36 | $fem = $mem_info['c_female']; 37 | $db->free_result($q); 38 | $q = $db->query('SELECT SUM(`inv_qty`) 39 | FROM `inventory`'); 40 | $totali = (int)$db->fetch_single($q); 41 | $db->free_result($q); 42 | $q = $db->query('SELECT COUNT(`mail_id`) 43 | FROM `mail`'); 44 | $mail = (int)$db->fetch_single($q); 45 | $db->free_result($q); 46 | $q = $db->query('SELECT COUNT(`evID`) 47 | FROM `events`'); 48 | $events = (int)$db->fetch_single($q); 49 | $db->free_result($q); 50 | echo "

{$set['game_name']} Statistics

51 | You step into the Statistics Department and login to the service. You see some stats that interest you.
52 | 53 | 54 | 55 | 56 | 57 | 58 | 62 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 90 | 94 | 95 |
UsersMoney and Crystals
59 | There are currently $membs {$set['game_name']} players, 60 | $male males and $fem females. 61 | 63 | Amount of cash in circulation: " . money_formatter($total) 64 | . '.
65 | The average player has: ' . money_formatter($avg) 66 | . '.
67 | Amount of cash in banks: ' . money_formatter($totalb) 68 | . ".
69 | Amount of players with bank accounts: $banks
70 | The average player has in their bank accnt: " 71 | . money_formatter($avgb) 72 | . '.
73 | Amount of crystals in circulation: ' 74 | . money_formatter($totalc, '') 75 | . '.
76 | The average player has: ' . money_formatter($avgc, '') 77 | . ' crystals. 78 |
Mails/EventsItems
86 | ' . money_formatter($mail, '') . ' mails and ' 87 | . money_formatter($events, '') 88 | . ' events have been sent. 89 | 91 | There are currently ' . money_formatter($totali, '') 92 | . ' items in circulation. 93 |
'; 96 | $h->endpage(); 97 | -------------------------------------------------------------------------------- /tablehgrad.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/tablehgrad.png -------------------------------------------------------------------------------- /title.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/title.jpg -------------------------------------------------------------------------------- /unequip.php: -------------------------------------------------------------------------------- 1 | endpage(); 19 | exit; 20 | } 21 | if ($ir[$_GET['type']] == 0) 22 | { 23 | echo 'You do not have anything equipped in this slot.'; 24 | $h->endpage(); 25 | exit; 26 | } 27 | item_add($userid, $ir[$_GET['type']], 1); 28 | $db->query( 29 | "UPDATE `users` 30 | SET `{$_GET['type']}` = 0 31 | WHERE `userid` = {$ir['userid']}"); 32 | $names = 33 | ['equip_primary' => 'Primary Weapon', 34 | 'equip_secondary' => 'Secondary Weapon', 35 | 'equip_armor' => 'Armor']; 36 | echo 'The item in your ' . $names[$_GET['type']] 37 | . ' slot was successfully unequipped.'; 38 | $h->endpage(); 39 | -------------------------------------------------------------------------------- /userlist.php: -------------------------------------------------------------------------------- 1 | Userlist'; 24 | $cnt = $db->query('SELECT COUNT(`userid`) 25 | FROM `users`'); 26 | $membs = $db->fetch_single($cnt); 27 | $db->free_result($cnt); 28 | $pages = (int) ($membs / 100) + 1; 29 | if ($membs % 100 == 0) 30 | { 31 | $pages--; 32 | } 33 | echo 'Pages: '; 34 | for ($i = 1; $i <= $pages; $i++) 35 | { 36 | $stl = ($i - 1) * 100; 37 | echo "$i "; 38 | } 39 | echo "
40 | Order By: 41 | User ID | 42 | Username | 43 | Level | 44 | Money 45 |
46 | Ascending | 47 | Descending 48 |

"; 49 | $q = 50 | $db->query( 51 | "SELECT `donatordays`, `username`, `userid`, `money`, `level`, 52 | `gender`, `gangPREF`, `laston` 53 | FROM `users` AS `u` 54 | LEFT JOIN `gangs` AS `g` 55 | ON `u`.`gang` = `g`.`gangID` 56 | ORDER BY `$by` $ord 57 | LIMIT $st, 100"); 58 | $no1 = $st + 1; 59 | $no2 = min($st + 100, $membs); 60 | echo " 61 | Showing users $no1 to $no2 by order of $by $ord. 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | "; 72 | while ($r = $db->fetch_row($q)) 73 | { 74 | $r['username'] = 75 | ($r['donatordays']) 76 | ? '' 77 | . $r['username'] 78 | . 'Donator: '
 79 |                             . $r['donatordays']
 80 |                             . ' Days Left' 82 | : $r['username']; 83 | echo ' 84 | 85 | 86 | 88 | 89 | 90 | 91 | 97 | 98 | '; 99 | } 100 | $db->free_result($q); 101 | echo '
IDNameMoneyLevelGenderOnline
' . $r['userid'] . '' 87 | . $r['gangPREF'] . ' ' . $r['username'] . '' . money_formatter((int)$r['money']) . '' . $r['level'] . '' . $r['gender'] . '' 92 | . (($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15 * 60) 93 | ? 'Online' 94 | : 'Offline') 95 | . ' 96 |
'; 102 | $h->endpage(); 103 | -------------------------------------------------------------------------------- /usersonline.php: -------------------------------------------------------------------------------- 1 | Users Online'; 13 | $cn = 0; 14 | $expiry_time = time() - 900; 15 | $q = 16 | $db->query( 17 | 'SELECT `userid`, `username`, `laston` 18 | FROM `users` 19 | WHERE `laston` > ' . $expiry_time 20 | . ' 21 | ORDER BY `laston` DESC'); 22 | while ($r = $db->fetch_row($q)) 23 | { 24 | $cn++; 25 | echo $cn . '. ' 26 | . $r['username'] . ' (' . datetime_parse($r['laston']) 27 | . ') 28 |
29 | '; 30 | } 31 | $db->free_result($q); 32 | $h->endpage(); 33 | -------------------------------------------------------------------------------- /views/assets/css/staff.css: -------------------------------------------------------------------------------- 1 | :root { 2 | --alert-success-text-color: #e0f8e0; 3 | --alert-success-bg-color: #012000; 4 | --alert-success-border-color: #025902; 5 | --alert-error-text-color: #f8e0e0; 6 | --alert-error-bg-color: #200000; 7 | --alert-error-border-color: #590202; 8 | } 9 | 10 | .form-group { 11 | padding: 5px 0; 12 | } 13 | 14 | .form-control { 15 | padding: 2px 1px; 16 | margin: 1px; 17 | } 18 | 19 | button.btn { 20 | padding: 0.8em 2rem; 21 | } 22 | 23 | form.form-roles { 24 | display: flex; 25 | flex-direction: column; 26 | flex-wrap: wrap; 27 | justify-content: space-between; 28 | } 29 | 30 | .alert { 31 | display: block; 32 | padding: 1em 10em; 33 | margin: 2em 3em; 34 | border: 1px solid; 35 | border-radius: 1em; 36 | } 37 | 38 | .alert-success { 39 | color: var(--alert-success-text-color); 40 | background-color: var(--alert-success-bg-color); 41 | border-color: var(--alert-success-border-color); 42 | } 43 | 44 | .alert-error { 45 | color: var(--alert-error-text-color); 46 | background-color: var(--alert-error-bg-color); 47 | border-color: var(--alert-error-border-color); 48 | } 49 | -------------------------------------------------------------------------------- /views/assets/js/staff.js: -------------------------------------------------------------------------------- 1 | const updateRoleMenu = (ev, roleElem) => { 2 | const userId = parseInt(ev.currentTarget.value) ?? 0; 3 | if (userId < -1) { 4 | console.error('Invalid userId'); 5 | return false; 6 | } 7 | const urlParams = new URLSearchParams(window.location.search); 8 | const action = urlParams.get("action"); 9 | const get = action === "grant" ? "non-user-roles" : "user-roles"; 10 | fetch(`/staff_api.php?get=${get}&id=${userId}`) 11 | .then(response => response.json()) 12 | .then(response => { 13 | if (response.type !== "success") { 14 | console.error(response.message); 15 | return false; 16 | } 17 | let roleMarkup = ``; 18 | for (const role of response.data) { 19 | roleMarkup += ``; 20 | } 21 | roleElem.innerHTML = roleMarkup; 22 | console.log(response); 23 | }) 24 | .catch(err => console.error(err)); 25 | }; 26 | document.addEventListener("DOMContentLoaded", () => { 27 | const userElem = document.getElementById("user"); 28 | const roleElem = document.getElementById("role"); 29 | userElem.addEventListener("change", ev => { 30 | updateRoleMenu(ev, roleElem); 31 | }); 32 | }); 33 | -------------------------------------------------------------------------------- /views/staff-roles/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/views/staff-roles/index.html -------------------------------------------------------------------------------- /views/staff-roles/role-grant.html: -------------------------------------------------------------------------------- 1 | 2 |
3 |
4 | 5 | 9 |
10 |
11 | 12 | 16 |
17 |
18 | 21 |
22 |
23 | 24 | 25 | -------------------------------------------------------------------------------- /views/staff-roles/role-index-entry.html: -------------------------------------------------------------------------------- 1 | 2 | {{ROLE-NAME}} 3 | {{ROLE-PERMISSIONS}} 4 | 5 | Edit · 6 | Remove 7 | 8 | 9 | -------------------------------------------------------------------------------- /views/staff-roles/role-index.html: -------------------------------------------------------------------------------- 1 | 2 |

Staff Role Management

3 |

4 | > Add Role + 5 |

6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | {{STAFF-ROLES}} 16 | 17 |
RolePermissionsActions
18 | -------------------------------------------------------------------------------- /views/staff-roles/role-remove.html: -------------------------------------------------------------------------------- 1 |
2 |

3 | 7 |

8 | 11 |
12 | -------------------------------------------------------------------------------- /views/staff-roles/role-revoke.html: -------------------------------------------------------------------------------- 1 | 2 |
3 |
4 | 5 | 9 |
10 |
11 | 12 | 16 |
17 |
18 | 21 |
22 |
23 | 24 | 25 | -------------------------------------------------------------------------------- /views/staff-roles/role-selection-menu.html: -------------------------------------------------------------------------------- 1 | 2 |
3 | 4 |
5 |
6 | 7 | 11 |
12 |
13 |
14 | 17 |
18 |
19 | -------------------------------------------------------------------------------- /views/staff-roles/role-upsert.html: -------------------------------------------------------------------------------- 1 | 2 |
3 | 4 |
5 |
6 | 7 | 8 |
9 | {{ROLE-PERMISSIONS}} 10 |
11 |
12 | 15 |
16 |
17 | -------------------------------------------------------------------------------- /willpdone.php: -------------------------------------------------------------------------------- 1 | endpage(); 25 | exit; 26 | } 27 | echo 'Thank you for your payment to ' . $set['game_name'] 28 | . '. Your transaction has been completed, and a receipt for 29 | your purchase has been emailed to you. You may log into your 30 | account at www.paypal.com 31 | to view details of this transaction. 32 | Your Will Potion should be credited within a few minutes, 33 | if not, contact an admin for assistance.'; 34 | } 35 | $h->endpage(); 36 | -------------------------------------------------------------------------------- /willpotion.php: -------------------------------------------------------------------------------- 1 | Will Potions 14 | 15 | Buy will potions today! They restore 100% will.
16 | Buy One: (\$1)
17 |
18 | 19 | 20 | 21 | 22 | 23 | 25 | 27 | 29 | 30 | 31 | 32 | 35 |
36 | Buy Five: (\$4.50)
37 |
38 | 39 | 40 | 41 | 42 | 43 | 45 | 47 | 49 | 50 | 51 | 52 | 55 |
56 | EOF; 57 | $h->endpage(); 58 | -------------------------------------------------------------------------------- /yellowbar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davemacaulay/mccodesv2/c3b7957de05a684a9003c5e0d40694b3a7d633ef/yellowbar.png --------------------------------------------------------------------------------