From 29f3e4e81334b9a0ce4ce2bff5d18aabb06b1a6f Mon Sep 17 00:00:00 2001 From: Dave Macaulay Date: Sat, 15 Jun 2024 10:41:48 -0500 Subject: [PATCH] Initial commit of v2.0.5b --- .gitignore | 2 + LICENSE | 21 + MCCodes2_Manual.htm | 119 ++ README.md | 112 ++ ad_filler.png | Bin 0 -> 7887 bytes announcements.php | 64 ++ attack.php | 436 +++++++ attackbeat.php | 139 +++ attacklost.php | 77 ++ attacktake.php | 146 +++ attackwon.php | 145 +++ authenticate.php | 117 ++ bank.php | 150 +++ bargreen.gif | Bin 0 -> 804 bytes barred.gif | Bin 0 -> 804 bytes battletent.php | 77 ++ bbcode_engine.php | 197 ++++ blacklist.php | 284 +++++ bluebar.png | Bin 0 -> 201 bytes captcha_verify.php | 131 +++ check.php | 228 ++++ checkem.php | 66 ++ checkun.php | 65 ++ class/class_db_mysql.php | 221 ++++ class/class_db_mysqli.php | 213 ++++ class/index.html | 11 + cmarket.php | 322 ++++++ contactlist.php | 183 +++ creategang.php | 80 ++ criminal.php | 58 + cron_day.php | 122 ++ cron_fivemins.php | 56 + cron_hour.php | 109 ++ cron_minute.php | 45 + crystaltemple.php | 160 +++ css/game.css | 139 +++ css/index.html | 11 + css/installer.css | 139 +++ css/login.css | 139 +++ css/register.css | 111 ++ cyberbank.php | 177 +++ dbdata.sql | 1309 +++++++++++++++++++++ dgrad.jpg | Bin 0 -> 342 bytes dgradl.jpg | Bin 0 -> 497 bytes dgradr.jpg | Bin 0 -> 489 bytes dlarchive.php | 110 ++ docrime.php | 115 ++ donator.gif | Bin 0 -> 374 bytes donator.php | 160 +++ donatordone.php | 49 + education.php | 130 +++ equip_armor.php | 84 ++ equip_weapon.php | 88 ++ estate.php | 106 ++ events.php | 144 +++ explore.php | 85 ++ fedjail.php | 85 ++ forums.php | 1761 ++++++++++++++++++++++++++++ friendslist.php | 318 ++++++ gamerules.php | 58 + gangcentral.php | 61 + gangs.php | 227 ++++ gangwars.php | 64 ++ global_func.php | 1281 +++++++++++++++++++++ globals.php | 162 +++ globals_nonauth.php | 71 ++ greenbar.png | Bin 0 -> 201 bytes gym.php | 129 +++ halloffame.php | 477 ++++++++ header.php | 215 ++++ helptutorial.php | 169 +++ hospital.php | 56 + imadd.php | 144 +++ index.php | 83 ++ installer.php | 567 +++++++++ installer_foot.php | 45 + installer_head.php | 51 + inventory.php | 168 +++ ipn_donator.php | 213 ++++ ipn_wp.php | 163 +++ itembuy.php | 95 ++ iteminfo.php | 100 ++ itemmarket.php | 638 +++++++++++ itemsell.php | 120 ++ itemsend.php | 134 +++ itemuse.php | 124 ++ jail.php | 65 ++ jailbail.php | 73 ++ jailbust.php | 90 ++ jailuser.php | 111 ++ job.php | 249 ++++ js/index.html | 11 + js/jquery-1.7.1.min.js | 4 + js/login.js | 111 ++ js/register.js | 77 ++ lgrad.jpg | Bin 0 -> 321 bytes lib/basic_error_handler.php | 147 +++ lib/index.html | 11 + lib/installer_error_handler.php | 114 ++ linegrad.PNG | Bin 0 -> 142 bytes loggedin.php | 122 ++ login.php | 99 ++ logo.png | Bin 0 -> 54642 bytes logout.php | 53 + lucky.php | 89 ++ macro1.php | 63 + macro2.php | 62 + mailban.php | 110 ++ mailbox.php | 475 ++++++++ mainmenu.php | 132 +++ mcc_splash_2.png | Bin 0 -> 13819 bytes monorail.php | 107 ++ newspaper.php | 43 + oclog.php | 62 + polling.php | 185 +++ polls_view.php | 83 ++ preferences.php | 405 +++++++ preport.php | 93 ++ redbar.png | Bin 0 -> 201 bytes register.php | 330 ++++++ rgrad.jpg | Bin 0 -> 315 bytes roulette.php | 116 ++ search.php | 52 + searchlocation.php | 78 ++ searchname.php | 74 ++ sendbank.php | 122 ++ sendcash.php | 138 +++ sendcrys.php | 144 +++ sendcyber.php | 123 ++ sglobals.php | 173 +++ shops.php | 126 ++ slotsmachine.php | 112 ++ smenu.php | 177 +++ staff.php | 397 +++++++ staff_battletent.php | 323 ++++++ staff_cities.php | 297 +++++ staff_courses.php | 335 ++++++ staff_crimes.php | 961 ++++++++++++++++ staff_forums.php | 408 +++++++ staff_gangs.php | 1066 +++++++++++++++++ staff_houses.php | 307 +++++ staff_items.php | 727 ++++++++++++ staff_jobs.php | 661 +++++++++++ staff_logs.php | 743 ++++++++++++ staff_polls.php | 220 ++++ staff_punit.php | 745 ++++++++++++ staff_shops.php | 241 ++++ staff_special.php | 533 +++++++++ staff_users.php | 1282 +++++++++++++++++++++ stafflist.php | 137 +++ staffnotes.php | 75 ++ stats.php | 105 ++ tablehgrad.png | Bin 0 -> 232 bytes title.jpg | Bin 0 -> 47699 bytes unequip.php | 48 + userlist.php | 114 ++ usersonline.php | 44 + viewuser.php | 304 +++++ willpdone.php | 49 + willpotion.php | 70 ++ yellowbar.png | Bin 0 -> 201 bytes yourgang.php | 1899 +++++++++++++++++++++++++++++++ 162 files changed, 32133 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 MCCodes2_Manual.htm create mode 100644 README.md create mode 100644 ad_filler.png create mode 100644 announcements.php create mode 100644 attack.php create mode 100644 attackbeat.php create mode 100644 attacklost.php create mode 100644 attacktake.php create mode 100644 attackwon.php create mode 100644 authenticate.php create mode 100644 bank.php create mode 100644 bargreen.gif create mode 100644 barred.gif create mode 100644 battletent.php create mode 100644 bbcode_engine.php create mode 100644 blacklist.php create mode 100644 bluebar.png create mode 100644 captcha_verify.php create mode 100644 check.php create mode 100644 checkem.php create mode 100644 checkun.php create mode 100644 class/class_db_mysql.php create mode 100644 class/class_db_mysqli.php create mode 100644 class/index.html create mode 100644 cmarket.php create mode 100644 contactlist.php create mode 100644 creategang.php create mode 100644 criminal.php create mode 100644 cron_day.php create mode 100644 cron_fivemins.php create mode 100644 cron_hour.php create mode 100644 cron_minute.php create mode 100644 crystaltemple.php create mode 100644 css/game.css create mode 100644 css/index.html create mode 100644 css/installer.css create mode 100644 css/login.css create mode 100644 css/register.css create mode 100644 cyberbank.php create mode 100644 dbdata.sql create mode 100644 dgrad.jpg create mode 100644 dgradl.jpg create mode 100644 dgradr.jpg create mode 100644 dlarchive.php create mode 100644 docrime.php create mode 100644 donator.gif create mode 100644 donator.php create mode 100644 donatordone.php create mode 100644 education.php create mode 100644 equip_armor.php create mode 100644 equip_weapon.php create mode 100644 estate.php create mode 100644 events.php create mode 100644 explore.php create mode 100644 fedjail.php create mode 100644 forums.php create mode 100644 friendslist.php create mode 100644 gamerules.php create mode 100644 gangcentral.php create mode 100644 gangs.php create mode 100644 gangwars.php create mode 100644 global_func.php create mode 100644 globals.php create mode 100644 globals_nonauth.php create mode 100644 greenbar.png create mode 100644 gym.php create mode 100644 halloffame.php create mode 100644 header.php create mode 100644 helptutorial.php create mode 100644 hospital.php create mode 100644 imadd.php create mode 100644 index.php create mode 100644 installer.php create mode 100644 installer_foot.php create mode 100644 installer_head.php create mode 100644 inventory.php create mode 100644 ipn_donator.php create mode 100644 ipn_wp.php create mode 100644 itembuy.php create mode 100644 iteminfo.php create mode 100644 itemmarket.php create mode 100644 itemsell.php create mode 100644 itemsend.php create mode 100644 itemuse.php create mode 100644 jail.php create mode 100644 jailbail.php create mode 100644 jailbust.php create mode 100644 jailuser.php create mode 100644 job.php create mode 100644 js/index.html create mode 100644 js/jquery-1.7.1.min.js create mode 100644 js/login.js create mode 100644 js/register.js create mode 100644 lgrad.jpg create mode 100644 lib/basic_error_handler.php create mode 100644 lib/index.html create mode 100644 lib/installer_error_handler.php create mode 100644 linegrad.PNG create mode 100644 loggedin.php create mode 100644 login.php create mode 100644 logo.png create mode 100644 logout.php create mode 100644 lucky.php create mode 100644 macro1.php create mode 100644 macro2.php create mode 100644 mailban.php create mode 100644 mailbox.php create mode 100644 mainmenu.php create mode 100644 mcc_splash_2.png create mode 100644 monorail.php create mode 100644 newspaper.php create mode 100644 oclog.php create mode 100644 polling.php create mode 100644 polls_view.php create mode 100644 preferences.php create mode 100644 preport.php create mode 100644 redbar.png create mode 100644 register.php create mode 100644 rgrad.jpg create mode 100644 roulette.php create mode 100644 search.php create mode 100644 searchlocation.php create mode 100644 searchname.php create mode 100644 sendbank.php create mode 100644 sendcash.php create mode 100644 sendcrys.php create mode 100644 sendcyber.php create mode 100644 sglobals.php create mode 100644 shops.php create mode 100644 slotsmachine.php create mode 100644 smenu.php create mode 100644 staff.php create mode 100644 staff_battletent.php create mode 100644 staff_cities.php create mode 100644 staff_courses.php create mode 100644 staff_crimes.php create mode 100644 staff_forums.php create mode 100644 staff_gangs.php create mode 100644 staff_houses.php create mode 100644 staff_items.php create mode 100644 staff_jobs.php create mode 100644 staff_logs.php create mode 100644 staff_polls.php create mode 100644 staff_punit.php create mode 100644 staff_shops.php create mode 100644 staff_special.php create mode 100644 staff_users.php create mode 100644 stafflist.php create mode 100644 staffnotes.php create mode 100644 stats.php create mode 100644 tablehgrad.png create mode 100644 title.jpg create mode 100644 unequip.php create mode 100644 userlist.php create mode 100644 usersonline.php create mode 100644 viewuser.php create mode 100644 willpdone.php create mode 100644 willpotion.php create mode 100644 yellowbar.png create mode 100644 yourgang.php diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..37a3805 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea/* +.DS_Store \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..1d61fb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2024 Dave Macaulay & MCCodes + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/MCCodes2_Manual.htm b/MCCodes2_Manual.htm new file mode 100644 index 0000000..d4bb444 --- /dev/null +++ b/MCCodes2_Manual.htm @@ -0,0 +1,119 @@ + + +MCCodes 2.0: A Beginner's Manual + + +

Introduction

+New to MCCodes? Or simply wanting reference on a simple task? That's what this beginner's manual is for. This manual contains general information to help you running your game.
+

Contents

+ +

1. Installation

+

1.1 Basic Installation

+So you have downloaded MCCodes 2.0, and are ready to set up. First, check these things:
+Got all the above? Good. Upload all the files and directories in the upload folder of the MCC2 .zip archive to your webserver. Normally, you will be uploading to either the public_html folder, or the root level folder. A good way to check this is to upload one file then try to access it thru your domain and see if it works. If it doesn't, you've got the path wrong. Once done, run install.php. First, your server diagnostics will be checked. If one of these tests fails, you will need to correct it before moving on. Next, you need to fill in your database info, and a few basic settings. Make sure the PayPal email you specify is the main email of the PayPal account, and that the account is at least Premier. Otherwise, the basic settings are up to you. After you submit this form, the installer should hopefully run, and insert all the tables and entries into SQL you need. If not, go back and check your config. Now the basic installation is complete, and you're ready to move on to setting up the Cron Jobs.
> Back To Top
+

1.2 Cronjobs

+The Cronjobs are the thing most people are confused on, or they simply do not work for them. However, if you follow the below instructions correctly, your crons should work fine, unless your server is configurated differently to a normal cPanel server. If you are not using cPanel, you will need shell access to your server (thru SSH or SFTP).
+If you are using cPanel, follow these instructions: + +If you do not have cPanel but do have shell access, follow these instructions: +
> Back To Top
+

1.3 PayPal Configuration.

+MCC2 uses several PayPal devices to ensure that donations are credited securely and accurately. However, some of these devices must be enabled in your PayPal account before MCC2 can use them. If these steps are not followed, your donation system will not work properly. Follow these steps to get it up and working: +NB: Will Potion crediting will still not work until you carry out the instructions in 2.1.
> Back To Top
+

2. Basic Usage & Tips

+

2.1 Setting up Will Potions

+So you've installed MCC2, and are ready to use it. Log in to your account (you specified the details during installation) and take a look around. On the left side should be a menu, containing the major functions of MCC2. First off, you will want to set up your Will Potion crediting. Click the Staff Panel link to be taken to the MCC2 Staff Panel. First, you need an item type to put the Will Potion item into. Scroll down and click > Add Item Type. Put in a name (suggestions: Special, Donation Item), then click the Add Item Type button to add the type. Now, scroll down to > Create New Item and click it. The Item Name can be anything you like, although it is advisable to make it something will-related, such as Will Potion or Will Bottle. Again, you can choose the Description. The Item Type you made before should be automatically selected, since it should be the only item type so far. Make the item unbuyable, unless you want to sell it in shops. If you do wish to sell it in shops, you will want to set a buy and sell price, otherwise just get these to 0. Now for the effect. Turn Effect 1 On with the appropriate radio button. For the Stat, choose Will. Direction should be left on Increase. For Amount, put in 100, and for the drop down box next to the amount, open it and choose Percent. Summary: This item will increase Will by 100%, as you specified. You're done configuring the Will Potion item - scroll down and click "Add Item To Game" to add it. Now to link it to your Will Potion payment system. Click Basic Settings on the lefthand menu. Now go down to the Will Potion Item setting. If your Will Potion is not already selected for some reason, select it in the drop down box. Now press Update Settings to save your Will Potion item as the item to credit when someone buys a Will Potion pack. Congratulations, your first item is complete.
> Back To Top
+

2.2 Tips for running a game

+
> Back To Top
diff --git a/README.md b/README.md new file mode 100644 index 0000000..7322b87 --- /dev/null +++ b/README.md @@ -0,0 +1,112 @@ +# MCCodes 2.0 +MCCodes v2 is now Open Source! You may use this under the terms of the MIT `LICENSE`. This is provided without warranty or support, you can open PRs and issues for others to fix if you desire. + +Introduction +------------ +New to MCCodes? Or simply wanting reference on a simple task? That's what this beginner's manual is for. This manual contains general information to help you running your game. + +Contents +-------- + +* 1\. Installation + * [1.1 Basic Installation](#1p1) + * [1.2 Cronjobs](#1p2) + * [1.3 Paypal Configuration](#1p3) +* 2\. Basic Usage & Tips + * [2.1 Setting up Will Potions](#2p1) + * [2.2 Tips for running a game](#2p2) + +1\. Installation +---------------- + +### 1.1 Basic Installation + +So you have downloaded MCCodes 2.0, and are ready to set up. First, check these things: + +* You have hosting which is at the root level of a domain or subdomain (aka not in a subdirectory) +* You have FTP (or some other file uploader) and MySQL access +* You have a MySQL database (preferably empty to avoid table name clashes) and a MySQL user with permissions to use that database (the specific permissions are up to you, although you'll need at least SELECT, INSERT, UPDATE, DELETE, CREATE TABLE, DROP TABLE and TRUNCATE). + + +Got all the above? Good. Upload all the files and directories in the upload folder of the MCC2 .zip archive to your webserver. Normally, you will be uploading to either the public\_html folder, or the root level folder. A good way to check this is to upload one file then try to access it thru your domain and see if it works. If it doesn't, you've got the path wrong. Once done, run install.php. First, your server diagnostics will be checked. If one of these tests fails, you will need to correct it before moving on. Next, you need to fill in your database info, and a few basic settings. Make sure the PayPal email you specify is the main email of the PayPal account, and that the account is at least Premier. Otherwise, the basic settings are up to you. After you submit this form, the installer should hopefully run, and insert all the tables and entries into SQL you need. If not, go back and check your config. Now the basic installation is complete, and you're ready to move on to setting up the Cron Jobs. + +* * * + +### 1.2 Cronjobs + +The Cronjobs are the thing most people are confused on, or they simply do not work for them. However, if you follow the below instructions correctly, your crons should work fine, unless your server is configurated differently to a normal cPanel server. If you are not using cPanel, you will need shell access to your server (thru SSH or SFTP). +**If you are using cPanel, follow these instructions:** + +* Login to cPanel (obviously) +* Look for Cron Jobs on the first page that comes up. If you cannot find them, you probably need to upgrade your hosting plan to enable them, or they may be located elsewhere. Either way, once you have successfully found Cron Jobs, click it. +* Click Advanced (Unix Style) +* Look at the first line of cron jobs given to you by the installer. Now visualize it split into six sections, split by spaces (" "). But, do not split the word php and the path by the space, or else you will end up with seven sections, and this is wrong. Now, begin typing in the sections into the row of empty boxes available, beginning with the Minute box for the first section, then the Hour box for the second section, then the Day box for the third section, then the Month box for the fourth section, then the Weekday box for the fifth section, and finally the Command box should contain the text "php /path/to/yourgame/blablabla" left over at the end of the line. +* But, you ask, how can I enter the rest of the crons? There are no more blank boxes, are there? Well, no, not yet. We need to make more appear. To do this, click Commit Changes. It should now say **Cron Updated!**. Click Go Back. Depending on your server config, it may go automatically back to the Crons page, complete with new blank boxes, or you may have to click **Advanced (Unix Style)** again. Either way, make your way back to the Cron input page. +* Repeat the above two steps for the three remaining cron lines. +* Something to note: If you leave an address to send cron output to in the **Please enter an email address where the cron output will be sent:** field, that address will get bombed from the constantly running MCC2 crons (you'd be getting about 73 emails per hour). If you erase this and click Commit Changes, it will no longer send any email to any address with the output, which is usually desirable, unless you are trying to debug your crons. +* The crons should work fine now, if not check your setup. They should look somewhat like this: + + **Minute** + + **Hour** + + **Day** + + **Month** + + **Weekday** + + **Command** + + + Except, obviously the path and code will be different. But this is a good guide to see if you have the basics right. + +**If you do not have cPanel but do have shell access, follow these instructions:** + +* Copy the 4 cron lines given to you into a file. Save this file as crons.txt. +* Login to your shell access account. +* Run the command: **crontab -l**. This will give you a list of crons currently on your account. You will need to copy these into crons.txt, making sure you have a new line for each cron. +* Upload crons.txt onto your server, making sure you know the server path to it (if you do not, you can ask your host). +* Go back to your shell access account and run this command: **crontab /path/to/crons.txt**, replacing /path/to/crons.txt with the server path of crons.txt, which you should have established last step. +* If everything goes to plan, you should now have working crons. + +* * * + +### 1.3 PayPal Configuration. + +MCC2 uses several PayPal devices to ensure that donations are credited securely and accurately. However, some of these devices must be enabled in your PayPal account before MCC2 can use them. If these steps are not followed, your donation system will not work properly. Follow these steps to get it up and working: + +* Login to your PayPal account. +* Up at the top menu, click Profile (it's next to Resolution Center) +* First, you will want to click Website Payment Preferences. +* If "Auto Return" is set to Off, set it to On. If **Return URL:** is blank, enter in **http://yourgame.com/donatordone.php**, replacing yourgame.com with your game's real domain or subdomain. +* If "Payment Data Transfer" is set to Off, set it to On. +* If "Block Non-encrypted Website Payment" is set to On, set it to Off. +* Scroll down and click Save (the rest of the settings do not affect the DP system). +* You should be redirected back to Profile, with the message **You have successfully saved your preferences.**. Next up to click is "Instant Payment Notification Preferences". Click it. +* If Instant Payment Notification (IPN) is listed as On on this page, you can ignore the next step. If not, click Edit. +* Click the checkbox next to "Instant Payment Notification integrates PayPal payment notification and authentication with your website's back-end operations...". Also, enter in **http://yourgame.com/ipn\_donator.php** into the Notification URL box, replacing yourgame.com with your game's real domain or subdomain. Click Save. +* Your donation system should now be up and running. Test it. If it doesn't work (give you the money and credit the account), recheck your PayPal config to make sure you have not missed anything. + +**NB:** Will Potion crediting will still not work until you carry out the instructions in 2.1. + +* * * + +2\. Basic Usage & Tips +---------------------- + +### 2.1 Setting up Will Potions + +So you've installed MCC2, and are ready to use it. Log in to your account (you specified the details during installation) and take a look around. On the left side should be a menu, containing the major functions of MCC2. First off, you will want to set up your Will Potion crediting. Click the **Staff Panel** link to be taken to the MCC2 Staff Panel. First, you need an item type to put the Will Potion item into. Scroll down and click **\> Add Item Type**. Put in a name (suggestions: Special, Donation Item), then click the Add Item Type button to add the type. Now, scroll down to **\> Create New Item** and click it. The Item Name can be anything you like, although it is advisable to make it something will-related, such as Will Potion or Will Bottle. Again, you can choose the Description. The Item Type you made before should be automatically selected, since it should be the only item type so far. Make the item unbuyable, unless you want to sell it in shops. If you do wish to sell it in shops, you will want to set a buy and sell price, otherwise just get these to 0. Now for the effect. Turn Effect 1 On with the appropriate radio button. For the Stat, choose Will. Direction should be left on Increase. For Amount, put in 100, and for the drop down box next to the amount, open it and choose Percent. Summary: This item will increase Will by 100%, as you specified. You're done configuring the Will Potion item - scroll down and click "Add Item To Game" to add it. Now to link it to your Will Potion payment system. Click **Basic Settings** on the lefthand menu. Now go down to the **Will Potion Item** setting. If your Will Potion is not already selected for some reason, select it in the drop down box. Now press Update Settings to save your Will Potion item as the item to credit when someone buys a Will Potion pack. Congratulations, your first item is complete. + +* * * + +### 2.2 Tips for running a game + +* **Attempt to customize your game as much as possible.** You have tools to customize a lot of things in the game, from the crimes to the houses. Don't just copy other games, try to go for unique storylines and names in order to get people hooked. +* **Don't just go for the vanilla look.** Editing the skin is highly advisable - you should, at least, add a new logo for your game. People won't be interested in your game if they have seen the layout 100x before. The layout included in MCC2 is just to start you off while you invent your own unique style. +* **Features == Good.** Your game can never have enough (good) features. MCC2 may come with a lot featurewise, but eventually, you should be adding more. Can't code what you want? There are lots of mod sellers out there who have done the coding for you, and charge a small fee to add their features to your game. +* **Don't put down other games publically.** You putting out public announcements about other games doing something bad to you may actually advertise them to players of your game, and they may join up and like that game better than yours, thus losing you money. +* **Avoid the players influencing you on everything you do.** While the public should have their say, it is YOUR game, not theirs. Something a player tells you to add may end up negatively affecting your game for a long time. Remember, there are millions of potential players out there, don't make huge sacrifices just to keep a few players playing your game. +* **Advertising is Advisable.** As well as advertising your game on various ad chains, you should also consider displaying ads on your own site. They are an easy source of money, and simple to maintain. As long as the ads do not dominate your game, players should be fine with them. +* **Someone else has probably had the same problem as you.** It is recommended you join [MakeWebGames](http://makewebgames.com), which is has an active community of MC Codes users. From there, you will be able to get support as well as download free user mods. Be careful though - 1.0 mods do not work on 2.0. If you don't wish to join MWG, you can always talk to other game owners you know about any problems you have. diff --git a/ad_filler.png b/ad_filler.png new file mode 100644 index 0000000000000000000000000000000000000000..a1daded6289702386c59e60311a9438eb48dc20b GIT binary patch literal 7887 zcmb7o1yEeix8_9x3=Y91VPKHp?(TzzV1qjY3>qL(;q_y1J|H>C@l&zK(vWp@fG`g$)1z9#mQW)uXil0F)stjK?oi z%P^it19DY1a0dXKr~kYtKxQ@t0AOp{%gMcbY3JhM;%?{SN(YsbqjP=jVr%bc0|4I0 z9BsIc_AZ&k)yjpeYE;k%RhL(!Sah#sV}eK$nOMOfLX{}+#|2WYZXyK*bn2n}D73h^ zpjc8ZcHDQ^^O!%upW;FbqTY?%tos!pX4|i}$L|~GBzG#$a~dWwyRdLmmHD&;f^f@Z zpAoHv4)zVK|KyYo#)h~8gjfyMVD~!)6yQ2QT%3)*3$qhI@t(oK0=m?*y0~c~9|-nj zGmKG!!ce+A5`|Tq-#FP~Kw1$cC?}ms8^}io%tx&(H-VQNfH`yE_6!h|bDiOb z0vLS&lcMA&0(4JpqT~TPF`#l%@0|hw;|54er6HszC z53kzF6 zf6lA)$r@RV==qif>|0M6Q6y1%nvp#|B6u1|VB9829P z`Mb32B9dM4IeT=!;7hm?{I$T!?Ph5Y2BFIgVLi0~Bco6(-@zE-u*fsQufg5Q=)^G) zy5T4iEqc{N0cD<7?{w&Nm1)l;UZaXc8Y{LYiVXq0A-56jN<1He>$N1l<2K5*lnPOW zDSpEFX6?a~8Bdm<_3ia%Dv4OZk2~Kg>x9`s$yTFv z^p&_315~wom1u3zmsXQ?Ug*TZ3SA&UbT3&ti)S**Fg2LQymBcW4TPTv2@(RKg=zIL z(M=z=u+y;(h5yX?+5404C-qP8nGtr5rL4t3Ecps?mxpeai2dDKZ{P230Mp`jj$5Wk+szWnc5l zqm^hm<(Wp>H~s0+U8P@XztAqcaPcBYLkFYaERRG(YZL2R(!>$$6qOXF6lzv3owD-c@|AKN-E-Yho%k|SZU1UTT|Vv2GSK(b z3f=OYm;2h(+VC>5(#Udnsf&(OVSvG1G=@R1TCb*Dp;msK*=G9y9gY=cgEu=EfmadX z87$DpR5!lx_6=)W`WnxsA;nxVebaat$t?YRQ@OO3M{lq*$b_hb6X5i5L7(e6L6lYd>JT3E6ZS za2hCJ!e9b3sjBa(A7#E$Zz+CJET$%=HaI>u{%L$RLm*3nXO4F#YbR?iYqiiDVR zap`8V?mK;%lhu&bb6C1qb0m0Ve-yctH^!g$BG-V={af#l+?v+bloU>03O8c4GC)&K zGZ@~u!@y<5m8f4eSKD0VReoi0OfLCb@^#*(P!hz50!NDumI*dOy}9;%3;r4>CAw(yyMEzNCN{rChEyg#q$*^qy9#VK zbdXR5zS>EjNSv_84}Tf(YxWza#kNIEZvZZHcx1SKgjAes6pU($Cr!X>YDvz0RsOGh zs{Be8oJUinhC@YwRkEDZK^!U6%HJwAz-enR_5+p!gF33xh;Xu23pzV?uHGJ=M{eY7 z;B5Mlr*jRNxcYpY=(z|lAuHn~W*1GBR*TXQ{%|5g$XZGk%Xs$Gi!lz{r-!x&PR}(Z zI2AQ7XUzIc<4l=V-8bnVv0cCi($81KzSR=OT$a$ThNrfiC7Mf?`G(GkS3WZliDe zbv$}RB()-!ZTxVoVPr8uDEm0?;gGn8cs;49C_+`AgBG^kQRyI3FYe~Eh`mYrge^i3 zqf-3KyCznrADR`1`f1ex9ZbIJh+xz1k&y026vRG`F7{Tq|Nhe4p@}Ap%V4$9;%`I_ zwIpfuyK0g}@-))Gd6p&bE$T>@k*^s`A3m2=^tD(|+D_Z^D2IpZC?q0@OkHb&aoEh)lHq5Q zu{kL@{sEkSmdqDFHTmsWO{_W)xE!|Siu(cyDS_AvV+S43jD5qJ^%xx$hnA{$b#?{;rXsdgo0v+U`j~c> zmi*P}ZPDFc*FI&<;y};9v(8~}J|5Exy_>^suO%5EKdke;yv~E&zCP z1Hhg+0Engo0J%$&S-&CxJl%uJ%jkF`4{`!szuN>1nvG5-^jV{+MCGcZ=DJ>o1_iPR z<7-(P=DYKHBJsV|X4!rOelFTkKcsP|8hlfXBy%71DbN-cDsr7e)J-9ToKOsG%Uus? zAVDlIlIRA~`_j?tAy^hSgI8I#e~!EYZIi{RS86h7hZ`o(AxDV3oj;ONoq09PH24fm zsW1LwL1dIeAXv}@bTBB14kAMwhBL#okv8imzDri+0Yw15(^anTQAP!4>VM&AgJ?XU zfy5_pchwW?QB>28!Oc8fQ&ZB6+0~^ny6kN1D{FVvA#Bj)vv@B(AD^qkETMR17i6pF zuRPU5=ND{@)}vkRovsV@-p4LeKc-;GSvPkfSfI2|?m8%@P>Qzd(og17pW5hW;#%RC z(4P5qHp4p0>qxdPW;C?r3B)w_TTSADD9YxQRv%mF@X2JAGy<_7Gd{tF`$b|vT$WgI zfwYRtxRsxax9V^tg-y)sXlcb`y@x!xNR_vP@j6>yfw`?U0ME6$?IulW3G){(bjX;E zWz?+wy6%ODNUuGIw0_`2K#*!0=iR{xgfd^<8MKc>Q?ES42p_|`29Yxj~~+8am3SJ7c}pH#CEckv%|jB_AOv@nzmoR zu{H#5k7do8yr9KR=y_M&m`afBU&qJGE$%yS-~)WM%?z!#Rtx;nnmo0n-j7p1+{|>$ z>4SZP&Lt!wElJAC+%;F}K?M{EF{zy6@73&3eSLjRT}NqxA|C3tT_-3nycoeIuid}q zef2(#Dx4wbYC1$VR`BR0POiJe%TMOJjHK3evpjB&ra|{71uu~uj4HE$Kei#CJQu{_ z+*OQ@(Z-eT6L^+HL1fJ$Xtl(p+$JGfVu+jVu@>QnmYp+(8BQ9B5put)xMC#In?qI% z!O-^UQeiZ0M{MRs@~@rFrD^CO&)eR?!WlBjW{xqVJa2m2;3$c0@74OZei(;y=?Ui2 zZ#ZXdl4QI!IKa^@!R~cO=@L>=kw#)eX!i?=f}}?S$P-XGV_#Pb43o2=1_DC4X*hW8 z*;5m@Cy_hyiIfe0rQUhj)sXpQw#8j4;Cx)@fnR2!^mF5y3I4K_2iL2x&7s2TxC56` z_qu9I#0*o;2|Q;P4W$!2$SeQvc&(};fE-PB%nk8>7@6J{Q@mq z*(|g6fXf@va6y$rRo41(e|X~W-}47HVexEy?&nJ7xJmod0GG;jXsJfSB)0JZ?GLG{ zk+3b=*0$efxgWK~^CX(OTGymvR zCKe;Vo|ek1t=+{^z82czNK{)LGCLd_#%@vgE zR($t7d#+17&P0oo-Ib}6;DH0Qsnp14A$3A}n+Ay`kUWqBG(fN&6o>^4di$1|I0{W9 zGRR^lo+&Ggw{nI=3stsDa6d0#=HAXKzWt|3MTMQ#5=zt_TeFN1sOxIebZn`EGpNZT0zH$iaAkS=YCMvjG(rSW_%& z8vH<>ct1lFd~;S3w~l76iGkZjKY|S^BdkxOpD@&ylBaRsZ8Vb384mnPL@b#uRI{G# zSu4u8A#PMoUW(#?im{r;U1k_^_fcrRCVzMJEi<-8#oFipXAb_;2~pK^yqNP7w}C0q zvYD(ncZq)gK?kxr@4h+Ewo85>JVTEBRf54y(vvcbaVf%{sd zmdd-U!{Mt$>6NmqWx31EgqI?g9ZCRgqJ_D6{>|CeXbutdt}Ce*78#Ug^`v;5+Q0=o z+oF?)v3*@-?mzX8^uc$u)w9>W3U<}<`|`5!&6_v({wyTER+G6BhjFig%EqJVQpcw=>C=?xA)qQa7;m6Vifi;K6{<--rrx;zmUcakSk*x`x6V-hdT zCwXFNsAJQ4%sP%cSF@7%crk{UO-z)MiPq??Mg!8WWO*WSp@6xq+o>_!@cLjOZKjM3 zxQ|!DX9W0-LK`r)VQ(+ryBNCm~Gp)`AtpoTMb^5nQv{oN3b*kzbZ(^`7Yb@DqRkJ4tal(^WVf~hX;9PwCy$mLlD1=lc@ho(m`2rE1ueTZPeyqZJ6aB59huBt_Z88XXn2U7oQ^> z9FW4?+~1ai1@?WZuQk`?^7$I~^pMZk)Kbka{Kq8oTtese{T+TEED)$=2|D$)4j9vY z@npM7`i^!yu|V(3&lDR{US6(rets^rwX-Aj5(e{T?$Q(MQhrv8x_?UN7WRFkKAQtn z;K-Z~!@v5_zp;NFfGd z*YghF-#aL_@H|kx-B1$)iJS`<#B6`>kEvoXjF=m}`1Gk<>wpocCA=TXnB6#A6N3Vh zcYpU4ci878uSsdbv7Wyq%^*a*N84lU4#y$qbo7!8ZZ}`xwN3p%V(GM}vpC3*+>P+E z(IN`juYBOQTcF37lzO<`9qH*2V@Rv5!NYY87{upnZd91?4wWALRvagxS-R#MX1Av;K27_9Z?B%N}k<=E!My?#KO(t6u>R{?&N6I(VKuWqqA7 zQHds2dxbOUl;;hTk~bPq=y0=@)1I-g?+4ZK@yEo|pr914f6|WoSkLN#>U3pN5=hi5%iZNr{{0l7(YK1K>5}G4&ONEmsgpXN>{OZRw@Yz$y=`11mL79 zhPDFJo4qppQdL3m21w!1zD@6FO7uAa!;%F#8IWfRf3w->5OgbYYVqJSbJ`)U$JZE2<;}yo!Go8-A4!pYI0tQe2 z^BVq}h>}NA)V)K(41LR26K6$TOnaYFmikqx8cK7>2%m=au2-{e#dh!AR!$J=_^JR79RMzNf@DkA*dp&4;?;m`T4WZxcY00$Zk7$ zXj0pYBx@oZCymprLv-u4x=}MzPBR|a(#K$fbV(-psSr{_@UunjQWrwWKh#j=_k`aP z=_XIVmmg@WDkpXp7pF2^%WPCj7OCn$mBUZ^W5{p)uI|N6bEPV)e#9F5droBX#FJCT z5z;{1<8j;EAh9xG=1}DnHAO5*G@Ih;d@2rbGEvAP1T4Wz3Z}^KUGropV6|D2Vr^}$Y<6}wP`SX){oSAUH0h*Z7*R<0zn1ZT zqsYo++VtpYD4n>vbCzGJxNm0-3Lt=uwP08e;d>Zd69ECE>>PLc$tbwFjcg@-DF_6e zWG;`qWzl=%C@ZvTEVz@XG$1Qm7)z&Dd4K^`PSPMARCq6rkwGxlY{p}0Nsctp4u?RX zn9;qgeWDmGRNf;d1H^4cXR5Nq7tM{HjiznCk3sbc&q6Pdt7q^0UtXh}h;j?Hj*&gi zRgo9C^7rpbhwkaw?U82SUS=oRTX5+DMtI=i3ROFkNvFohuwmEV;xyVwcldGxg#f1- zlG6RrakB);ZXR&^hxT?GoTTvGQ7nN$n?phkYcAOb#H>3#j_?f`VFu7<=-lC}3v^dx zEvBKG9!PHVX%P>Tw<3oLg_!10o3B94qh?U!^$Win=W2NJq16USKocp4(wq9_eTplB z<#Rq;C_$GPietmQffMqfVoE6akqBlT^d7x2JC1Nb!&vFI_ke|m*qnya_4&=4VAf6^ zg&?a6<$}i!SC%P=EfuhGHE!pzl!An60#D@HNw{mNc}-fku%M-;OW?hK4#q{el8RQ1kJ7pHOgsA3-{AvKi(2 zaPuGiko=2XPRu@qB4Cdm!Hfv_`mpm``sT#om;boLB5|9*BlnE*A2w*2eD=Wv7Tq0s zR%pKYdN9Ea6Zvw1vOy>Vy*ayXb>gIOd~?JzbN_5- zdz@MNJV@-NG;N4iQ_EKqJIiK%gR7@+BR^irA5<_tc4;>MTqJ8VD(}ue$xi+=q-r8Y zgQR_IKPrj6)V+M60hC(SN=7^=#pdicR2>(-w@2oEsHRr-yJZ1NhWqV4c$(IV^5cdl zRgK#qEe^)YRPKP~q+t%3ZhO*fy?;N!|NX}2|B&uO^lH(B#!!somH2KjuE;@AYJTe4 z#9&HFMQ4Yv=g8K^^3?H9T=tgUmmr77rw%G0>q^flb3>byKvfV;NE6C+4 z+D^;s1O20~ayawfOAx=+GqhK@8d+mBGUs7B!>+E#w3qxt--oSTkzCz=4Xp*=DVQhgbf^seF>-9(kM*-+WW0UjS~E^tnjC?=+-n$&S`#E8A~#!{PTbUwD*1I>Ey{_d%Ph8pb8rD)w1Rx{|09iqK^Oo literal 0 HcmV?d00001 diff --git a/announcements.php b/announcements.php new file mode 100644 index 0000000..9ac5359 --- /dev/null +++ b/announcements.php @@ -0,0 +1,64 @@ +query( + "SELECT `a_text`, `a_time` FROM `announcements` " + . "ORDER BY `a_time` DESC"); +echo ' + + + + + + '; +while ($r = $db->fetch_row($q)) +{ + if ($ac > 0) + { + $ac--; + $new = '
New!'; + } + else + { + $new = ''; + } + $r['a_text'] = nl2br($r['a_text']); + echo ' + + + + + '; +} +$db->free_result($q); +echo '
TimeAnnouncement
' . date('F j Y, g:i:s a', $r['a_time']) . $new + . '' . $r['a_text'] . '
'; +if ($ir['new_announcements'] > 0) +{ + $db->query( + "UPDATE `users` " . "SET `new_announcements` = 0 " + . "WHERE `userid` = '{$userid}'"); +} +$h->endpage(); diff --git a/attack.php b/attack.php new file mode 100644 index 0000000..daa5852 --- /dev/null +++ b/attack.php @@ -0,0 +1,436 @@ +> Go Home'; + die($h->endpage()); +} +else if ($_GET['ID'] == $userid) +{ + echo 'you can\'t attack yourself.
> Go Home'; + die($h->endpage()); +} +else if ($ir['hp'] <= 1) +{ + echo 'You\'re unconcious therefore you can\'t attack.
> Go Home'; + die($h->endpage()); +} +else if (isset($_SESSION['attacklost']) && $_SESSION['attacklost'] == 1) +{ + $_SESSION['attacklost'] = 0; + echo 'Only the losers of all their EXP attack when they\'ve already lost.
> Go Home'; + die($h->endpage()); +} +$youdata = $ir; +$odata_sql = + <<query($odata_sql); +if ($db->num_rows($q) == 0) +{ + echo 'That user doesn't exist
> Go Home'; + die($h->endpage()); +} +$odata = $db->fetch_row($q); +$db->free_result($q); +$myabbr = ($ir['gender'] == "Male") ? "his" : "her"; +$oabbr = ($odata['gender'] == "Male") ? "his" : "her"; +if ($ir['attacking'] && $ir['attacking'] != $_GET['ID']) +{ + $_SESSION['attacklost'] = 0; + echo 'Something went wrong.
> Go Home'; + die($h->endpage()); +} +$endattk_sql = + <<query($endattk_sql); + echo 'This player is unconscious.
> Go Home'; + die($h->endpage()); +} +else if ($odata['hospital']) +{ + $_SESSION['attacking'] = 0; + $ir['attacking'] = 0; + $db->query($endattk_sql); + echo 'This player is in hospital.
> Go Home'; + die($h->endpage()); +} +else if ($ir['hospital']) +{ + $_SESSION['attacking'] = 0; + $ir['attacking'] = 0; + $db->query($endattk_sql); + echo 'While in hospital you can\'t attack.
> Go Home'; + die($h->endpage()); +} +else if ($odata['jail']) +{ + $_SESSION['attacking'] = 0; + $ir['attacking'] = 0; + $db->query($endattk_sql); + echo 'This player is in jail.
> Go Home'; + die($h->endpage()); +} +else if ($ir['jail']) +{ + $_SESSION['attacking'] = 0; + $ir['attacking'] = 0; + $db->query($endattk_sql); + echo 'While in jail you can\'t attack.
> Go Home'; + die($h->endpage()); +} +echo ' + + + + + '; +if ($youdata['hp'] <= 0 OR $odata['hp'] <= 0) +{ + echo '
+ '; +$_GET['wepid'] = + (isset($_GET['wepid']) && is_numeric($_GET['wepid'])) + ? abs(intval($_GET['wepid'])) : ''; +if ($_GET['wepid']) +{ + $_GET['nextstep'] = + (isset($_GET['nextstep']) && is_numeric($_GET['nextstep'])) + ? abs(intval($_GET['nextstep'])) : 1; + if (!$_GET['nextstep']) + { + $_GET['nextstep'] = 1; + } + if ($_SESSION['attacking'] == 0 && $ir['attacking'] == 0) + { + if ($youdata['energy'] >= $youdata['maxenergy'] / 2) + { + $youdata['energy'] -= floor($youdata['maxenergy'] / 2); + $cost = floor($youdata['maxenergy'] / 2); + $db->query( + "UPDATE `users` SET `energy` = `energy` - {$cost} " + . "WHERE `userid` = {$userid}"); + $_SESSION['attacklog'] = ''; + $_SESSION['attackdmg'] = 0; + } + else + { + echo 'You can only attack someone when you have 50% energy.
> Go Home'; + die($h->endpage()); + } + } + $_SESSION['attacking'] = 1; + $ir['attacking'] = $odata['userid']; + $attackstatus_sql = + <<query($attackstatus_sql); + $_GET['nextstep'] = + (isset($_GET['nextstep']) && is_numeric($_GET['nextstep'])) + ? abs(intval($_GET['nextstep'])) : ''; + if ($_GET['wepid'] != $ir['equip_primary'] + && $_GET['wepid'] != $ir['equip_secondary']) + { + $abuse_sql = + <<query($abuse_sql); + echo 'Stop trying to abuse a game bug. You can lose all your EXP for that.
> Go Home'; + die($h->endpage()); + } + $winfo_sql = + <<query($winfo_sql); + if ($db->num_rows($qo) == 0) + { + echo 'That weapon doesn't exist...'; + die($h->endpage()); + } + $r1 = $db->fetch_row($qo); + $db->free_result($qo); + $mydamage = + (int) (($r1['weapon'] * $youdata['strength'] + / ($odata['guard'] / 1.5)) * (rand(8000, 12000) / 10000)); + $hitratio = max(10, min(60 * $ir['agility'] / $odata['agility'], 95)); + if (rand(1, 100) <= $hitratio) + { + if ($odata['equip_armor'] > 0) + { + $armorinfo_sql = + <<query($armorinfo_sql); + if ($db->num_rows($q3) > 0) + { + $mydamage -= $db->fetch_single($q3); + } + $db->free_result($q3); + } + if ($mydamage < -100000) + { + $mydamage = abs($mydamage); + } + else if ($mydamage < 1) + { + $mydamage = 1; + } + $crit = rand(1, 40); + if ($crit == 17) + { + $mydamage *= rand(20, 40) / 10; + } + else if ($crit == 25 OR $crit == 8) + { + $mydamage /= (rand(20, 40) / 10); + } + $mydamage = round($mydamage); + $odata['hp'] -= $mydamage; + if ($odata['hp'] == 1) + { + $odata['hp'] = 0; + $mydamage += 1; + } + $db->query( + "UPDATE `users` SET `hp` = `hp` - $mydamage WHERE `userid` = {$_GET['ID']}"); + echo "{$_GET['nextstep']}. Using your {$r1['itmname']} you hit {$odata['username']} doing $mydamage damage ({$odata['hp']})
\n"; + $_SESSION['attackdmg'] += $mydamage; + $_SESSION['attacklog'] .= + "{$_GET['nextstep']}. Using {$myabbr} {$r1['itmname']} {$ir['username']} hit {$odata['username']} doing $mydamage damage ({$odata['hp']})
\n"; + } + else + { + echo "{$_GET['nextstep']}. You tried to hit {$odata['username']} but missed ({$odata['hp']})
\n"; + $_SESSION['attacklog'] .= + "{$_GET['nextstep']}. {$ir['username']} tried to hit {$odata['username']} but missed ({$odata['hp']})
\n"; + } + if ($odata['hp'] <= 0) + { + $odata['hp'] = 0; + $_SESSION['attackwon'] = $_GET['ID']; + $db->query( + "UPDATE `users` SET `hp` = 0 WHERE `userid` = {$_GET['ID']}"); + echo " +
+What do you want to do with {$odata['username']} now?
+
+
+
+ "; + } + else + { + + $eq = + $db->query( + "SELECT `itmname`,`weapon` FROM `items` WHERE `itmid` IN({$odata['equip_primary']}, {$odata['equip_secondary']})"); + if ($db->num_rows($eq) == 0) + { + $wep = "Fists"; + $dam = + (int) ((((int) ($odata['strength'] / $ir['guard'] / 100)) + + 1) * (rand(8000, 12000) / 10000)); + } + else + { + $cnt = 0; + while ($r = $db->fetch_row($eq)) + { + $enweps[] = $r; + $cnt++; + } + $db->free_result($eq); + $weptouse = rand(0, $cnt - 1); + $wep = $enweps[$weptouse]['itmname']; + $dam = + (int) (($enweps[$weptouse]['weapon'] * $odata['strength'] + / ($youdata['guard'] / 1.5)) + * (rand(8000, 12000) / 10000)); + } + $hitratio = + max(10, min(60 * $odata['agility'] / $ir['agility'], 95)); + if (rand(1, 100) <= $hitratio) + { + if ($ir['equip_armor'] > 0) + { + $q3 = + $db->query( + "SELECT `armor` FROM `items` WHERE `itmid` = {$ir['equip_armor']} LIMIT 1"); + if ($db->num_rows($q3) > 0) + { + $dam -= $db->fetch_single($q3); + } + $db->free_result($q3); + } + if ($dam < -100000) + { + $dam = abs($dam); + } + else if ($dam < 1) + { + $dam = 1; + } + $crit = rand(1, 40); + if ($crit == 17) + { + $dam *= rand(20, 40) / 10; + } + else if ($crit == 25 OR $crit == 8) + { + $dam /= (rand(20, 40) / 10); + } + $dam = round($dam); + $youdata['hp'] -= $dam; + if ($youdata['hp'] == 1) + { + $dam += 1; + $youdata['hp'] = 0; + } + $db->query( + "UPDATE `users` SET `hp` = `hp` - $dam WHERE `userid` = $userid"); + $ns = $_GET['nextstep'] + 1; + echo "{$ns}. Using $oabbr $wep {$odata['username']} hit you doing $dam damage ({$youdata['hp']})
\n"; + $_SESSION['attacklog'] .= + "{$ns}. Using $oabbr $wep {$odata['username']} hit {$ir['username']} doing $dam damage ({$youdata['hp']})
\n"; + } + else + { + $ns = $_GET['nextstep'] + 1; + echo "{$ns}. {$odata['username']} tried to hit you but missed ({$youdata['hp']})
\n"; + $_SESSION['attacklog'] .= + "{$ns}. {$odata['username']} tried to hit {$ir['username']} but missed ({$youdata['hp']})
\n"; + } + if ($youdata['hp'] <= 0) + { + $youdata['hp'] = 0; + $_SESSION['attacklost'] = 1; + $db->query("UPDATE `users` SET `hp` = 0 WHERE `userid` = $userid"); + echo "
"; + } + } +} +else if ($odata['hp'] < 5) +{ + echo 'You can only attack those who have health.
> Go Home'; + die($h->endpage()); +} +else if ($ir['gang'] == $odata['gang'] && $ir['gang'] > 0) +{ + echo 'You are in the same gang as ' . $odata['username'] + . '! What are you smoking today dude!
> Go Home'; + die($h->endpage()); +} +else if ($youdata['energy'] < $youdata['maxenergy'] / 2) +{ + echo 'You can only attack someone when you have 50% energy.
> Go Home'; + die($h->endpage()); +} +else if ($youdata['location'] != $odata['location']) +{ + echo 'You can only attack someone in the same location!
> Go Home'; + die($h->endpage()); +} +echo ' +
'; +} +else +{ + $vars['hpperc'] = round($youdata['hp'] / $youdata['maxhp'] * 100); + $vars['hpopp'] = 100 - $vars['hpperc']; + $vars2['hpperc'] = round($odata['hp'] / $odata['maxhp'] * 100); + $vars2['hpopp'] = 100 - $vars2['hpperc']; + $mw = + $db->query( + "SELECT `itmid`,`itmname` FROM `items` WHERE `itmid` IN({$ir['equip_primary']}, {$ir['equip_secondary']})"); + echo ' + + Attack with:
+ '; + if ($db->num_rows($mw) > 0) + { + while ($r = $db->fetch_row($mw)) + { + if (!isset($_GET['nextstep'])) + { + $ns = 1; + } + else + { + $ns = $_GET['nextstep'] + 2; + } + if ($r['itmid'] == $ir['equip_primary']) + { + echo 'Primary Weapon: '; + } + if ($r['itmid'] == $ir['equip_secondary']) + { + echo 'Secondary Weapon: '; + } + echo "{$r['itmname']}
"; + } + } + else + { + echo "You have nothing to fight with."; + } + $db->free_result($mw); + echo ""; + echo "
Your Health:
Opponents Health:
"; +} +$h->endpage(); diff --git a/attackbeat.php b/attackbeat.php new file mode 100644 index 0000000..e14ac4b --- /dev/null +++ b/attackbeat.php @@ -0,0 +1,139 @@ +query("UPDATE `users` SET `attacking` = 0 WHERE `userid` = $userid"); +$od = + $db->query( + "SELECT * FROM `users` WHERE `userid` = {$_GET['ID']} LIMIT 1"); +if (!isset($_SESSION['attackwon']) || $_SESSION['attackwon'] != $_GET['ID']) +{ + die("Cheaters don't get anywhere."); +} +if ($db->num_rows($od) > 0) +{ + $r = $db->fetch_row($od); + $db->free_result($od); + if ($r['hp'] == 1) + { + echo "What a cheater you are."; + } + else + { + echo "You beat {$r['username']}!!
+You beat {$r['username']} severely on the ground. When there is lots of blood showing, you head up to the nearest 10-story building's roof and drop him over the edge. You run home silently and carefully."; + $hosptime = rand(50, 150) + floor($ir['level'] / 2); + $hospreason = + $db->escape( + "Hospitalized by {$ir['username']}"); + $db->query( + "UPDATE `users` SET `hp` = 1, `hospital` = $hosptime, + `hospreason` = '{$hospreason}' + WHERE `userid` = {$r['userid']}"); + event_add($r['userid'], + "{$ir['username']} beat you up.", + $c); + $atklog = $db->escape($_SESSION['attacklog']); + $db->query( + "INSERT INTO `attacklogs` VALUES(NULL, $userid, {$_GET['ID']}, + 'won', " . time() . ", -1, '$atklog')"); + $_SESSION['attackwon'] = 0; + if ($ir['gang'] > 0 && $r['gang'] > 0) + { + $gq = + $db->query( + "SELECT `gangRESPECT`, `gangID` FROM `gangs` WHERE `gangID` = {$r['gang']} LIMIT 1"); + if ($db->num_rows($gq) > 0) + { + $ga = $db->fetch_row($gq); + $warq = + $db->query( + "SELECT COUNT(`warDECLARER`) FROM `gangwars` + WHERE (`warDECLARER` = {$ir['gang']} AND `warDECLARED` = {$r['gang']}) + OR (`warDECLARED` = {$ir['gang']} AND `warDECLARER` = {$r['gang']})"); + if ($db->fetch_single($warq) > 0) + { + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` - 3 WHERE `gangID` = {$r['gang']}"); + $ga['gangRESPECT'] -= 3; + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` + 3 WHERE `gangID` = {$ir['gang']}"); + echo "
You earnt 3 respect for your gang!"; + + } + // Gang Kill + if ($ga['gangRESPECT'] <= 0 && $r['gang']) + { + $db->query( + "UPDATE `users` SET `gang` = 0 WHERE `gang` = {$r['gang']}"); + + $db->query("DELETE FROM `gangs` WHERE `gangRESPECT` <= 0"); + $db->query( + "DELETE FROM `gangwars` + WHERE `warDECLARER` = {$ga['gangID']} OR `warDECLARED` = {$ga['gangID']}"); + } + } + $db->free_result($gq); + } + if ($r['user_level'] == 0) + { + $q = + $db->query( + "SELECT `cb_money` FROM `challengebots` WHERE `cb_npcid` = {$r['userid']}"); + if ($db->num_rows($q) > 0) + { + $cb = $db->fetch_row($q); + $qk = + $db->query( + "SELECT COUNT(`npcid`) FROM `challengesbeaten` + WHERE `userid` = $userid AND `npcid` = {$r['userid']}"); + if ($db->fetch_single($qk) > 0) + { + $m = $cb['cb_money']; + $db->query( + "UPDATE `users` SET `money` = `money` + $m WHERE `userid` = $userid"); + echo "
You gained " . money_formatter($m) + . " for beating the challenge bot {$r['username']}"; + $db->query( + "INSERT INTO `challengesbeaten` VALUES($userid, {$r['userid']})"); + } + $db->free_result($qk); + } + $db->free_result($q); + } + + } +} +else +{ + $db->free_result($od); + echo "You beat Mr. non-existant!"; +} + +$h->endpage(); diff --git a/attacklost.php b/attacklost.php new file mode 100644 index 0000000..ddba2ac --- /dev/null +++ b/attacklost.php @@ -0,0 +1,77 @@ +query( + "SELECT `username`, `level`, `gang` FROM `users` WHERE `userid` = {$_GET['ID']}"); +if ($db->num_rows($od) > 0) +{ + $r = $db->fetch_row($od); + $db->free_result($od); + echo "You lost to {$r['username']}"; + $expgain = abs(($ir['level'] - $r['level']) ^ 3); + $expgainp = $expgain / $ir['exp_needed'] * 100; + echo " and lost $expgainp% EXP!"; + // Figure out their EXP, 0 or decreased? + $newexp = max($ir['exp'] - $expgain, 0); + $db->query( + "UPDATE `users` SET `exp` = {$newexp}, `attacking` = 0 WHERE `userid` = $userid"); + event_add($r['userid'], + "{$ir['username']} attacked you and lost.", + $c); + $atklog = $db->escape($_SESSION['attacklog']); + $db->query( + "INSERT INTO `attacklogs` VALUES(NULL, $userid, {$_GET['ID']}, + 'lost', " . time() . ", 0, '$atklog')"); + if ($ir['gang'] > 0 && $r['gang'] > 0) + { + $warq = + $db->query( + "SELECT * FROM `gangwars` + WHERE (`warDECLARER` = {$ir['gang']} AND `warDECLARED` = {$r['gang']}) + OR (`warDECLARED` = {$ir['gang']} AND `warDECLARER` = {$r['gang']})"); + if ($db->num_rows($warq) > 0) + { + $war = $db->fetch_row($warq); + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` + 1 WHERE `gangID` = {$r['gang']}"); + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` - 1 WHERE `gangID` = {$ir['gang']}"); + echo "
You lost 1 respect for your gang!"; + } + $db->free_result($warq); + } +} +else +{ + $db->free_result($od); + echo "You lost to Mr. Non-existant! =O"; +} +$h->endpage(); diff --git a/attacktake.php b/attacktake.php new file mode 100644 index 0000000..c739f64 --- /dev/null +++ b/attacktake.php @@ -0,0 +1,146 @@ +query("UPDATE `users` SET `attacking` = 0 WHERE `userid` = $userid"); +$od = + $db->query( + "SELECT * FROM `users` WHERE `userid` = {$_GET['ID']}"); +if (!isset($_SESSION['attackwon']) || $_SESSION['attackwon'] != $_GET['ID']) +{ + die("Cheaters don't get anywhere."); +} +if ($db->num_rows($od)) +{ + $r = $db->fetch_row($od); + $db->free_result($od); + if ($r['hp'] == 1) + { + echo "What a cheater u are."; + } + else + { + echo "You beat {$r['username']} "; + $qe = $r['level'] * $r['level'] * $r['level']; + $expgain = rand($qe / 2, $qe); + $expperc = (int) ($expgain / $ir['exp_needed'] * 100); + echo "and gained $expperc% EXP!
+You hide your weapons and drop {$r['username']} off outside the hospital entrance. Feeling satisfied, you walk home."; + $hosptime = rand(10, 20); + $db->query( + "UPDATE `users` SET `exp` = `exp` + $expgain WHERE `userid` = $userid"); + $hospreason = + $db->escape( + "Left by {$ir['username']}"); + $db->query( + "UPDATE `users` SET `hp` = 1, `hospital` = $hosptime, + `hospreason` = '$hospreason' + WHERE `userid` = {$r['userid']}"); + event_add($r['userid'], + "{$ir['username']} attacked you and left you lying outside the hospital.", + $c, 'combat'); + $atklog = $db->escape($_SESSION['attacklog']); + $db->query( + "INSERT INTO `attacklogs` VALUES(NULL, $userid, {$_GET['ID']}, + 'won', " . time() . ", -2, '$atklog')"); + $_SESSION['attackwon'] = 0; + if ($ir['gang'] > 0 && $r['gang'] > 0) + { + $gq = + $db->query( + "SELECT `gangRESPECT`, `gangID` FROM `gangs` WHERE `gangID` = {$r['gang']}"); + if ($db->num_rows($gq) > 0) + { + $ga = $db->fetch_row($gq); + $warq = + $db->query( + "SELECT COUNT(`warDECLARER`) FROM `gangwars` + WHERE (`warDECLARER` = {$ir['gang']} AND `warDECLARED` = {$r['gang']}) + OR (`warDECLARED` = {$ir['gang']} AND `warDECLARER` = {$r['gang']})"); + if ($db->fetch_single($warq) > 0) + { + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` - 1 WHERE `gangID` = {$r['gang']}"); + $ga['gangRESPECT'] -= 1; + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` + 1 WHERE `gangID` = {$ir['gang']}"); + echo "
You earnt 1 respect for your gang!"; + + } + $db->free_result($warq); + //Gang Kill + if ($ga['gangRESPECT'] <= 0 && $r['gang']) + { + $db->query( + "UPDATE `users` SET `gang` = 0 WHERE `gang` = {$r['gang']}"); + + $db->query("DELETE FROM `gangs` WHERE `gangRESPECT` <= 0"); + $db->query( + "DELETE FROM `gangwars` + WHERE `warDECLARER` = {$ga['gangID']} OR `warDECLARED` = {$ga['gangID']}"); + } + } + $db->free_result($gq); + } + + if ($r['user_level'] == 0) + { + $q = + $db->query( + "SELECT `cb_money` FROM `challengebots` WHERE `cb_npcid` = {$r['userid']}"); + if ($db->num_rows($q) > 0) + { + $cb = $db->fetch_row($q); + $qk = + $db->query( + "SELECT COUNT(`npcid`) FROM `challengesbeaten` + WHERE `userid` = $userid AND `npcid` = {$r['userid']}"); + if ($db->fetch_single($qk) > 0) + { + $m = $cb['cb_money']; + $db->query( + "UPDATE `users` SET `money` = `money` + $m WHERE `userid` = $userid"); + echo "
You gained " . money_formatter($m) + . " for beating the challenge bot {$r['username']}"; + $db->query( + "INSERT INTO `challengesbeaten` VALUES($userid, {$r['userid']})"); + } + $db->free_result($qk); + } + $db->free_result($q); + } + + } +} +else +{ + $db->free_result($od); + echo "You beat Mr. non-existant!"; +} + +$h->endpage(); diff --git a/attackwon.php b/attackwon.php new file mode 100644 index 0000000..dd6d1ea --- /dev/null +++ b/attackwon.php @@ -0,0 +1,145 @@ +query("UPDATE `users` SET `attacking` = 0 WHERE `userid` = $userid"); +$od = + $db->query( + "SELECT * FROM `users` WHERE `userid` = {$_GET['ID']}"); +if (!isset($_SESSION['attackwon']) || $_SESSION['attackwon'] != $_GET['ID']) +{ + die("Cheaters don't get anywhere."); +} +if ($db->num_rows($od) > 0) +{ + $r = $db->fetch_row($od); + $db->free_result($od); + if ($r['hp'] == 1) + { + echo "What a cheater you are."; + } + else + { + $stole = round($r['money'] / (rand(200, 5000) / 10)); + echo "You beat {$r['username']}!!
+ You knock {$r['username']} on the floor a few times to make sure he is unconscious, " + . "then open his wallet, snatch " . money_formatter($stole) + . ", and run home happily."; + $hosptime = rand(20, 40) + floor($ir['level'] / 8); + $expgain = 0; + $db->query( + "UPDATE `users` SET `exp` = `exp` + $expgain, `money` = `money` + $stole WHERE `userid` = $userid"); + $hospreason = + $db->escape( + "Mugged by {$ir['username']}"); + $db->query( + "UPDATE `users` + SET `hp` = 1, `money` = `money` - $stole, `hospital` = $hosptime, + `hospreason` = '{$hospreason}' WHERE `userid` = {$r['userid']}"); + event_add($r['userid'], + "{$ir['username']} mugged you and stole " + . money_formatter($stole) . ".", $c); + $atklog = $db->escape($_SESSION['attacklog']); + $db->query( + "INSERT INTO `attacklogs` VALUES(NULL, $userid, {$_GET['ID']}, + 'won', " . time() . ", $stole, '$atklog')"); + $_SESSION['attackwon'] = 0; + if ($ir['gang'] > 0 && $r['gang'] > 0) + { + $gq = + $db->query( + "SELECT `gangRESPECT`, `gangID` FROM `gangs` WHERE `gangID` = {$r['gang']}"); + if ($db->num_rows($gq) > 0) + { + $ga = $db->fetch_row($gq); + $warq = + $db->query( + "SELECT COUNT(`warDECLARER`) FROM `gangwars` + WHERE (`warDECLARER` = {$ir['gang']} AND `warDECLARED` = {$r['gang']}) + OR (`warDECLARED` = {$ir['gang']} AND `warDECLARER` = {$r['gang']})"); + if ($db->fetch_single($warq) > 0) + { + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` - 2 WHERE `gangID` = {$r['gang']}"); + $ga['gangRESPECT'] -= 2; + $db->query( + "UPDATE `gangs` SET `gangRESPECT` = `gangRESPECT` + 2 WHERE `gangID` = {$ir['gang']}"); + echo "
You earnt 2 respect for your gang!"; + + } + $db->free_result($warq); + //Gang Kill + if ($ga['gangRESPECT'] <= 0 && $r['gang']) + { + $db->query( + "UPDATE `users` SET `gang` = 0 WHERE `gang` = {$r['gang']}"); + + $db->query("DELETE FROM `gangs` WHERE `gangRESPECT` <= 0"); + $db->query( + "DELETE FROM `gangwars` + WHERE `warDECLARER` = {$ga['gangID']} OR `warDECLARED` = {$ga['gangID']}"); + } + } + $db->free_result($gq); + } + + if ($r['user_level'] == 0) + { + $q = + $db->query( + "SELECT `cb_money` FROM `challengebots` WHERE `cb_npcid` = {$r['userid']}"); + if ($db->num_rows($q) > 0) + { + $cb = $db->fetch_row($q); + $qk = + $db->query( + "SELECT COUNT(`npcid`) FROM `challengesbeaten` + WHERE `userid` = $userid AND `npcid` = {$r['userid']}"); + if ($db->fetch_single($qk) > 0) + { + $m = $cb['cb_money']; + $db->query( + "UPDATE `users` SET `money` = `money` + $m WHERE `userid` = $userid"); + echo "
You gained " . money_formatter($m) + . " for beating the challenge bot {$r['username']}"; + $db->query( + "INSERT INTO `challengesbeaten` VALUES($userid, {$r['userid']})"); + } + $db->free_result($qk); + } + $db->free_result($q); + } + + } +} +else +{ + $db->free_result($od); + echo "You beat Mr. non-existant! Haha, pwned!"; +} +$h->endpage(); diff --git a/authenticate.php b/authenticate.php new file mode 100644 index 0000000..250dd15 --- /dev/null +++ b/authenticate.php @@ -0,0 +1,117 @@ +{$set['game_name']} Error +Your request has expired for security reasons! Please try again.
+> Back"); +} +// Check username and password input +$username = + (array_key_exists('username', $_POST) && is_string($_POST['username'])) + ? $_POST['username'] : ''; +$password = + (array_key_exists('password', $_POST) && is_string($_POST['password'])) + ? $_POST['password'] : ''; +if (empty($username) || empty($password)) +{ + die( + "

{$set['game_name']} Error

+ You did not fill in the login form!
+ > Back"); +} +$form_username = $db->escape(stripslashes($username)); +$raw_password = stripslashes($password); +$uq = + $db->query( + "SELECT `userid`, `userpass`, `pass_salt` + FROM `users` + WHERE `login_name` = '$form_username'"); +if ($db->num_rows($uq) == 0) +{ + $db->free_result($uq); + die( + "

{$set['game_name']} Error

+ Invalid username or password!
+ > Back"); +} +else +{ + $mem = $db->fetch_row($uq); + $db->free_result($uq); + $login_failed = false; + // Pass Salt generation: autofix + if (empty($mem['pass_salt'])) + { + if (md5($raw_password) != $mem['userpass']) + { + $login_failed = true; + } + $salt = generate_pass_salt(); + $enc_psw = encode_password($mem['userpass'], $salt, true); + $e_salt = $db->escape($salt); // in case of changed salt function + $e_encpsw = $db->escape($enc_psw); // ditto for password encoder + $db->query( + "UPDATE `users` + SET `pass_salt` = '{$e_salt}', `userpass` = '{$e_encpsw}' + WHERE `userid` = {$mem['userid']}"); + } + else + { + $login_failed = + !(verify_user_password($raw_password, $mem['pass_salt'], + $mem['userpass'])); + } + if ($login_failed) + { + die( + "

{$set['game_name']} Error

+ Invalid username or password!
+ > Back"); + } + session_regenerate_id(); + $_SESSION['loggedin'] = 1; + $_SESSION['userid'] = $mem['userid']; + $IP = $db->escape($_SERVER['REMOTE_ADDR']); + $db->query( + "UPDATE `users` + SET `lastip_login` = '$IP', `last_login` = " + . $_SERVER['REQUEST_TIME'] + . " + WHERE `userid` = {$mem['userid']}"); + if ($set['validate_period'] == "login" && $set['validate_on']) + { + $db->query( + "UPDATE `users` + SET `verified` = 0 + WHERE `userid` = {$mem['userid']}"); + } + $loggedin_url = 'http://' . determine_game_urlbase() . '/loggedin.php'; + header("Location: {$loggedin_url}"); + exit; +} + diff --git a/bank.php b/bank.php new file mode 100644 index 0000000..b22bd70 --- /dev/null +++ b/bank.php @@ -0,0 +1,150 @@ +Bank"; +$bank_cost = 50000; +$bank_maxfee = 3000; +$bank_feepercent = 15; +if ($ir['bankmoney'] > -1) +{ + if (!isset($_GET['action'])) + { + $_GET['action'] = ''; + } + switch ($_GET['action']) + { + case "deposit": + deposit(); + break; + + case "withdraw": + withdraw(); + break; + + default: + index(); + break; + } + +} +else +{ + if (isset($_GET['buy'])) + { + if ($ir['money'] >= $bank_cost) + { + echo "Congratulations, you bought a bank account for " + . money_formatter($bank_cost) + . "!
+Start using my account"; + $db->query( + "UPDATE `users` SET `money` = `money` - {$bank_cost}, `bankmoney` = 0 WHERE `userid` = $userid"); + } + else + { + echo "You do not have enough money to open an account. +Back to town..."; + } + } + else + { + echo "Open a bank account today, just " . money_formatter($bank_cost) + . "!
+> Yes, sign me up!"; + } +} + +function index() +{ + global $db, $ir, $c, $userid, $h, $bank_maxfee, $bank_feepercent; + echo "\nYou currently have" . money_formatter($ir['bankmoney']) + . " in the bank.
+At the end of each day, your bank balance will go up by 2%.
+
Deposit Money
+It will cost you {$bank_feepercent}% of the money you deposit, rounded up. The maximum fee is " + . money_formatter($bank_maxfee) + . ". +Amount:
+		 +Withdraw Money
+There is no fee on withdrawals.
+Amount:
+
"; +} + +function deposit() +{ + global $db, $ir, $c, $userid, $h, $bank_maxfee, $bank_feepercent; + $_POST['deposit'] = abs((int) $_POST['deposit']); + if ($_POST['deposit'] > $ir['money']) + { + echo "You do not have enough money to deposit this amount."; + } + else + { + $fee = ceil($_POST['deposit'] * $bank_feepercent / 100); + if ($fee > $bank_maxfee) + { + $fee = $bank_maxfee; + } + $gain = $_POST['deposit'] - $fee; + $ir['bankmoney'] += $gain; + $db->query( + "UPDATE `users` SET `bankmoney` = `bankmoney` + $gain, + `money` = `money` - {$_POST['deposit']} WHERE `userid` = $userid"); + echo "You hand over " . money_formatter($_POST['deposit']) + . " to be deposited,
+after the fee is taken (" . money_formatter($fee) . ", " + . money_formatter($gain) + . " is added to your account.
+You now have " . money_formatter($ir['bankmoney']) + . " in the bank.
+> Back"; + } +} + +function withdraw() +{ + global $db, $ir, $c, $userid, $h; + $_POST['withdraw'] = abs((int) $_POST['withdraw']); + if ($_POST['withdraw'] > $ir['bankmoney']) + { + echo "You do not have enough banked money to withdraw this amount."; + } + else + { + + $gain = $_POST['withdraw']; + $ir['bankmoney'] -= $gain; + $db->query( + "UPDATE `users` SET `bankmoney` = `bankmoney` - $gain, + `money` = `money` + $gain WHERE `userid` = $userid"); + echo "You ask to withdraw " . money_formatter($gain) + . ",
+the banking lady grudgingly hands it over.
+You now have " . money_formatter($ir['bankmoney']) + . " in the bank.
+> Back"; + } +} +$h->endpage(); diff --git a/bargreen.gif b/bargreen.gif new file mode 100644 index 0000000000000000000000000000000000000000..9a994b71f7251a35bdc07579621bade4a42d423d GIT binary patch literal 804 zcmb`Gy-kE+41+^~1RVn~0$myqJwId6WR6=S9V0Np4d8t!&Et0lBAvd=C2?%$yZ6tx z=a;XWdZ^z@T+Zim9v8Ap;(EQB-(5Zro_r(t?f;^yrfRE{O=R8GQ@z!yc8b$AQ?oUy zaeB9Fr*>;q>x`;PQ`(YBVOs9;l(#Hs2RP7RF-*6!Co$dIt!`&6*-X#&sK;SJai@2C z)$5R=SJT>-T81N|?P+gYZMMQ1Fi67^TGUt!Hqc-(>54`?!t9q5My3SkWxq+v-bJXj1i&|o>vrA$s}*D(@(tR<6H##iLR zg5p|he8g!CfEVo;jasb44`?!t9dJT03SkWxq?v>kJXj1i(9Vg{O_`i97sE*Ov6f8d zC5x};-YK3F#^!UC^d6(*`tdHK$BrD~C=AjeotqpU0Y1>Y4qOTI(8Q{zyv_M9)ZKmE N-aUT&eDhCu{R4A;T>1b2 literal 0 HcmV?d00001 diff --git a/barred.gif b/barred.gif new file mode 100644 index 0000000000000000000000000000000000000000..bb4d9cbab102190b8e5c3a0087bdb102fd027599 GIT binary patch literal 804 zcmb`Gv29#o41?+J+!;vg5z?uN;ogb2a2n0=;4QR8Mz{gEk4xp_KZ6Av-svP!B=zq1 z``fRVzYluSmlD_cT<39-U5WeszWl!0^We!hg5SO`N@{5&XA@bKs#T-1YE$e|w|dl8 zZ+fRRtr?9qn^BkC^2nCMR9o8Cj@Hl)aG=3rnC{Jn8avPr2^7K_Fi69aR(P-&Y@or~IF~Xx;hBw*=wmIJJzji8 zE-Wa{dKMpX8Ux@(J4T}xEAa!GOk)R}5R5`t0|sd(p#={XgAMfNMCqnXPAnJ0Nc6Fm z%;zPGujk$=o)gCAbCvWSqvQJVE~Cee9N{Po(jlFj93BBa(7X;@3G>jzs-JnA^Iy>I PQ9o|afBt=ZUV8lxa?)JN literal 0 HcmV?d00001 diff --git a/battletent.php b/battletent.php new file mode 100644 index 0000000..545ef07 --- /dev/null +++ b/battletent.php @@ -0,0 +1,77 @@ +Battle Tent +Welcome to the battle tent! Here you can challenge NPCs for money. + + + + + + + + + + "; +$q = + $db->query( + "SELECT `cb`.`cb_money`, `c`.`npcid`, `cy`.`cityname`, + `u`.`userid`, `username`, `level`, `hp`, `maxhp`, `location`, `hospital`, `jail` + FROM `challengebots` AS `cb` + LEFT JOIN `users` AS `u` ON `cb`.`cb_npcid` = `u`.`userid` + LEFT JOIN `challengesbeaten` AS `c` ON `c`.`npcid` = `u`.`userid` AND `c`.`userid` = $userid + LEFT JOIN `cities` AS `cy` ON `u`.`location` = `cy`.`cityid`"); +while ($r = $db->fetch_row($q)) +{ + $earn = $r['cb_money']; + $v = $r['userid']; + $countq = + $db->query( + "SELECT COUNT(`npcid`) FROM `challengesbeaten` WHERE `npcid` = $v"); + $times = $db->fetch_single($countq); + $db->free_result($countq); + echo ""; +} +$db->free_result($q); +echo "
Bot NameLevelTimes OwnedReady To Be Challenged?LocationMoney WonChallenge
{$r['username']}{$r['level']}$times"; + if ($r['hp'] >= $r['maxhp'] / 2 && $r['location'] == $ir['location'] + && !$ir['hospital'] && !$ir['jail'] && !$r['hospital'] + && !$r['jail']) + { + echo "Yes"; + } + else + { + echo "No"; + } + echo "{$r['cityname']}$earn"; + if ($r['npcid']) + { + echo "Already"; + } + else + { + echo "Challenge"; + } + echo "
"; +$h->endpage(); diff --git a/bbcode_engine.php b/bbcode_engine.php new file mode 100644 index 0000000..91af768 --- /dev/null +++ b/bbcode_engine.php @@ -0,0 +1,197 @@ +parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = "<" . $tag . ">\\1"; + } + + function adv_bbcode_tag($tag = "", $reptag = "") + { + + if (!$tag) + { + break; + } + + $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = "<" . $reptag . ">\\1"; + } + + function simple_option_tag($tag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "") + { + break; + } + $this->parsings[] = + "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = + "<" . $tag . " " . $optionval . "='\\1'>\\2"; + } + + function adv_option_tag($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = + "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = + "<" . $reptag . " " . $optionval . "='\\1'>\\2"; + } + + function adv_option_tag_em($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = + "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = + "<" . $reptag . " " . $optionval . "='mailto:\\1'>\\2"; + } + + function simp_option_notext($tag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "=(.+?)\]/"; + $this->htmls[] = "<" . $tag . " " . $optionval . "='\\1' />"; + } + + function adv_option_notext($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "=(.+?)\]/"; + $this->htmls[] = "<" . $reptag . " " . $optionval . "='\\1' />"; + } + + function adv_option_notext_em($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "=(.+?)\]/"; + $this->htmls[] = + "<" . $reptag . " " . $optionval . "='mailto:\\1' >\\1"; + } + + function simp_bbcode_att($tag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = "<" . $tag . " " . $optionval . "='\\1' />"; + } + + function adv_bbcode_att($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = "<" . $reptag . " " . $optionval . "='\\1' />"; + } + + function adv_bbcode_att_em($tag = "", $reptag = "", $optionval = "") + { + + if ($tag == "" || $optionval == "" || $reptag == "") + { + break; + } + $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/"; + $this->htmls[] = + "<" . $reptag . " " . $optionval . "='mailto:\\1'>\\1"; + } + + function cust_tag($bbcode = "", $html = "") + { + + if ($bbcode == "" || $html == "") + { + break; + } + $this->parsings[] = $bbcode; + $this->htmls[] = $html; + } + + function parse_bbcode($text) + { + + $i = 0; + while (isset($this->parsings[$i])) + { + + $text = + preg_replace($this->parsings[$i], $this->htmls[$i], $text); + $i++; + } + return $text; + } + + function export_parsings() + { + return $this->parsings; + } + + function export_htmls() + { + return $this->htmls; + } +} + diff --git a/blacklist.php b/blacklist.php new file mode 100644 index 0000000..bac7df0 --- /dev/null +++ b/blacklist.php @@ -0,0 +1,284 @@ +endpage()); +} +echo '

Black List

'; +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "add": + add_enemy(); + break; +case "remove": + remove_enemy(); + break; +case "ccomment": + change_comment(); + break; +default: + black_list(); + break; +} + +function black_list() +{ + global $db, $ir, $c, $userid; + echo " +> Add an Enemy
+These are the people on your black list. +
+ {$ir['enemy_count']} people have added you to their list. +
+Most hated: ["; + $q2r = + $db->query( + "SELECT `username`, `userid` FROM `users` ORDER BY `enemy_count` DESC LIMIT 5"); + $r = 0; + while ($r2r = $db->fetch_row($q2r)) + { + $r++; + if ($r > 1) + { + echo ' | '; + } + echo "{$r2r['username']}"; + } + $db->free_result($q2r); + echo '] + + + + + + + + + + + + '; + $q = + $db->query( + "SELECT `bl`.`bl_COMMENT`, `bl_ID`, + `u`.`laston`, `donatordays`, `username`, `userid` + FROM `blacklist` AS `bl` + LEFT JOIN `users` AS `u` ON `bl`.`bl_ADDED` = `u`.`userid` + WHERE `bl`.`bl_ADDER` = $userid + ORDER BY `u`.`username` ASC"); + while ($r = $db->fetch_row($q)) + { + $on = + ($r['laston'] >= (($_SERVER['REQUEST_TIME'] - 15) * 60)) + ? 'Online' + : 'Offline'; + $d = ""; + if ($r['donatordays']) + { + $r['username'] = "{$r['username']}"; + $d = + "Donator: {$r["; + } + if (empty($r['bl_COMMENT'])) + { + $r['bl_COMMENT'] = 'N/A'; + } + echo " + + + + + + + + + + "; + } + $db->free_result($q); + echo "
IDNameMailAttackRemoveCommentChange CommentOnline?
{$r['userid']}{$r['username']} $dMailAttackRemove" . strip_tags($r['bl_COMMENT']) + . " Change$on
"; +} + +function add_enemy() +{ + global $db, $ir, $c, $userid; + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : ''; + $_POST['comment'] = + (isset($_POST['comment']) && is_string($_POST['comment'])) + ? $db->escape(strip_tags(stripslashes($_POST['comment']))) + : ''; + + if ($_POST['ID']) + { + $qc = + $db->query( + "SELECT COUNT(`bl_ADDER`) FROM `blacklist` WHERE `bl_ADDER` = $userid AND `bl_ADDED` = {$_POST['ID']}"); + $q = + $db->query( + "SELECT `username` FROM `users` WHERE `userid` = {$_POST['ID']}"); + $dupe_count = $db->fetch_single($qc); + $db->free_result($qc); + if ($dupe_count > 0) + { + + echo "You cannot add the same person twice."; + } + else if ($userid == $_POST['ID']) + { + echo "You cannot be so lonely that you have to try and add yourself."; + } + else if ($db->num_rows($q) == 0) + { + echo "Oh no, you're trying to add a ghost."; + } + else + { + $db->query( + "INSERT INTO `blacklist` VALUES(NULL, $userid, {$_POST['ID']}, '{$_POST['comment']}')"); + $r = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "UPDATE `users` SET `enemy_count` = `enemy_count` + 1 WHERE `userid` = {$_POST['ID']}"); + echo "{$r['username']} was added to your black list.
+> Back"; + } + } + else + { + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + echo " +Adding an enemy! +
+ Enemy's ID:
+ Comment (optional):
+
+ +
+ "; + } + +} + +function remove_enemy() +{ + global $db, $ir, $c, $userid, $h; + $_GET['b'] = + (isset($_GET['b']) && is_numeric($_GET['b'])) + ? abs(intval($_GET['b'])) : ''; + if (empty($_GET['b'])) + { + echo ' +You didn\'t select a real enemy.
+> Back + '; + die($h->endpage()); + } + + $q = + $db->query( + "SELECT `bl_ADDED` FROM `blacklist` WHERE `bl_ID` = {$_GET['b']} AND `bl_ADDER` = $userid"); + if ($db->num_rows($q) == 0) + { + echo 'Listing doesn\'t exist.'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "DELETE FROM `blacklist` WHERE `bl_ID` = {$_GET['b']} AND `bl_ADDER` = $userid"); + $db->query( + "UPDATE `users` SET `enemy_count` = `enemy_count` - 1 WHERE `userid` = {$r['bl_ADDED']}"); + echo " +Black list entry removed!
+> Back + "; +} + +function change_comment() +{ + global $db, $ir, $c, $userid, $h; + $_POST['b'] = + (isset($_POST['b']) && is_numeric($_POST['b'])) + ? abs(intval($_POST['b'])) : ''; + $_POST['comment'] = + (isset($_POST['comment']) && is_string($_POST['comment'])) + ? $db->escape(strip_tags(stripslashes($_POST['comment']))) + : ''; + if (!empty($_POST['comment']) && !empty($_POST['b'])) + { + $db->query( + "UPDATE `blacklist` SET `bl_COMMENT` = '{$_POST['comment']}' WHERE `bl_ID` = {$_POST['b']} AND `bl_ADDER` = $userid"); + echo " +Comment for enemy changed!
+> Back + "; + } + else + { + $_GET['b'] = + (isset($_GET['b']) && is_numeric($_GET['b'])) + ? abs(intval($_GET['b'])) : ''; + if (empty($_GET['b'])) + { + echo " +Invalid enemy.
+> Back + "; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `bl_COMMENT` FROM `blacklist` WHERE `bl_ID` = {$_GET['b']} AND `bl_ADDER` = $userid"); + if ($db->num_rows($q) > 0) + { + $r = $db->fetch_row($q); + $comment = stripslashes(strip_tags($r['bl_COMMENT'])); + echo " +Changing a comment. +
+
+ Comment:
+
+ +
+ "; + } + else + { + echo 'It would be impossible to edit something which isn\'t yours.
> Go Home'; + } + $db->free_result($q); + } +} +$h->endpage(); diff --git a/bluebar.png b/bluebar.png new file mode 100644 index 0000000000000000000000000000000000000000..0e799f4f23bfc93938c8c5fb22fcb268f783d11e GIT binary patch literal 201 zcmeAS@N?(olHy`uVBq!ia0vp^j6lrK!3-pY4u+lvQY`6?zK#qG>ra@ocD)4hB}-f* zN`mv#O3D+9QW+dm@{>{(JaZG%Q-e|yQz{EjrrH1%=?3_OxUwET%5d~J!@7QkafIs>qekz22WQ%mvv4FO#mOOO7Z{z literal 0 HcmV?d00001 diff --git a/captcha_verify.php b/captcha_verify.php new file mode 100644 index 0000000..8b91d9a --- /dev/null +++ b/captcha_verify.php @@ -0,0 +1,131 @@ + array(10, $f_x - 10), 1 => array(5, $f_y - 5), + 2 => array(10, $f_x - 10), 3 => array(5, $f_y - 5), + 4 => array(10, $f_x - 10), 5 => array(5, $f_y - 5), + 6 => array(10, $f_x - 10), 7 => array(5, $f_y - 5), + 8 => array(10, $f_x - 10), 9 => array(5, $f_y - 5),); + imagefilledpolygon($first, $points, 5, $red); +} +imagestring($first, 4, rand(0, $f_x / 3), rand(0, $f_y / 2.5), + $_SESSION['captcha'], $black); +imagecopyresized($second, $first, 0, 0, 0, 0, $s_x, $s_y, $f_x, $f_y); +imagedestroy($first); +$red = imagecolorallocate($second, 255, 0, 0); +$green = imagecolorallocate($second, 0, 128, 0); +$blue = imagecolorallocate($second, 0, 0, 255); +$RandomPixels = ceil($s_x * $s_y / 100); +for ($i = 0; $i < $RandomPixels; $i++) +{ + $locx = rand(0, $s_x - 1); + $locy = rand(0, $s_y - 1); + imagesetpixel($second, $locx, $locy, $red); +} +for ($i = 0; $i < $RandomPixels; $i++) +{ + $locx = rand(0, $s_x - 1); + $locy = rand(0, $s_y - 1); + imagesetpixel($second, $locx, $locy, $green); +} +for ($i = 0; $i < $RandomPixels; $i++) +{ + $locx = rand(0, $s_x - 1); + $locy = rand(0, $s_y - 1); + imagesetpixel($second, $locx, $locy, $blue); +} +$randcolor = + imagecolorallocate($second, rand(100, 255), rand(100, 255), + rand(100, 255)); +for ($i = 0; $i < 5; $i++) +{ + imageline($second, rand(0, $s_x), rand(0, $s_y), rand(0, $s_x), + rand(0, $s_y), $randcolor); + $randcolor = + imagecolorallocate($second, rand(100, 255), rand(100, 255), + rand(100, 255)); +} +@header("Content-Type: image/png"); +$finished = + imagerotate($second, rand(0, 15) - 7.5, + $bgcolor[2] * 65536 + $bgcolor[1] * 256 + $bgcolor[0]); +imagedestroy($second); +imagepng($finished); +imagedestroy($finished); diff --git a/check.php b/check.php new file mode 100644 index 0000000..518e647 --- /dev/null +++ b/check.php @@ -0,0 +1,228 @@ + "1", // 1. + 2 => "2", // 2. + 3 => "3", // 3. + 4 => "4", // 4. + 5 => "5", // 5. + 6 => "6", // 6. + 7 => "7", // 7. + 8 => "8", // 8. + 9 => "9", // 9. + 0 => "0" // 0. + ); // Closes the Array. + + $undercase = + array( // Creates our array to store a - z in. + 1 => "a", // a. + 2 => "b", // b. + 3 => "c", // c. + 4 => "d", // d. + 5 => "e", // e. + 6 => "f", // f. + 7 => "g", // g. + 8 => "h", // h. + 9 => "i", // i. + 10 => "j", // j. + 11 => "k", // k. + 12 => "l", // l. + 13 => "m", // m. + 14 => "n", // n. + 15 => "o", // o. + 16 => "p", // p. + 17 => "q", // q. + 18 => "r", // r. + 19 => "s", // s. + 20 => "t", // t. + 21 => "u", // u. + 22 => "v", // v. + 23 => "w", // w. + 24 => "x", // x. + 25 => "y", // y. + 26 => "z" // z. + ); // Closes the Array. + + $uppercase = + array( // Creates our array to store A - Z in. + 1 => "A", // A. + 2 => "B", // B. + 3 => "C", // C. + 4 => "D", // D. + 5 => "E", // E. + 6 => "F", // F. + 7 => "G", // G. + 8 => "H", // H. + 9 => "I", // I. + 10 => "J", // J. + 11 => "K", // K. + 12 => "L", // L. + 13 => "M", // M. + 14 => "N", // N. + 15 => "O", // O. + 16 => "P", // P. + 17 => "Q", // Q. + 18 => "R", // R. + 19 => "S", // S. + 20 => "T", // T. + 21 => "U", // U. + 22 => "V", // V. + 23 => "W", // W. + 24 => "X", // X. + 25 => "Y", // Y. + 26 => "Z" // Z. + ); // Closes the Array. + $symbs = + array('\\', '/', '"', "'", "{", "}", ")", "(", "|", "?", ".", + ",", "<", ">", "_", "-", "!", "#", "\$", "%", "^", + "&", "*"); + $strength = 0; + if (strlen($PASS) >= 7) + { + $strength += 3; + } + $nc = 0; + foreach ($numbers as $v) + { + if (strstr($PASS, $v)) + { + $nc++; + } + } + if ($nc >= 2) + { + $strength += 1; + } + if ($nc >= 5) + { + $strength += 1; + } + $nc = 0; + foreach ($undercase as $v) + { + if (strstr($PASS, $v)) + { + $nc++; + } + } + if ($nc >= 2) + { + $strength += 1; + } + if ($nc >= 5) + { + $strength += 1; + } + $nc = 0; + foreach ($uppercase as $v) + { + if (strstr($PASS, $v)) + { + $nc++; + } + } + if ($nc >= 2) + { + $strength += 1; + } + if ($nc >= 5) + { + $strength += 1; + } + $nc = 0; + foreach ($symbs as $v) + { + if (strstr($PASS, $v)) + { + $nc++; + } + } + if ($nc >= 1) + { + $strength += 1; + } + if ($nc >= 2) + { + $strength += 1; + } + if ($nc >= 5) + { + $strength += 1; + } + + if ($strength <= 2) + { // If there total points are equal or less than 5. + $overall = 'Weak'; // Eeek very week! + } + elseif ($strength <= 5) + { // If there total points are equal or less than 8. + $overall = 'Moderate'; // Omg week. + } + elseif ($strength <= 10) + { // If there total points are equal or less than 12. + $overall = 'Good'; // Meh Moderate. + } + elseif ($strength >= 12) + { // If there total points are greator than 12. + $overall = 'Excellent'; // Thats the way Superman. + } // End If. + + echo 'Password strength: ' . $overall . ''; // Tells them their passwords strength. + + } + elseif ($PASS == NULL) + { // ElseIf their password is NULL (empty). + echo ''; // Dont display anything. + } // End ElseIf. +} // End ElseIF. diff --git a/checkem.php b/checkem.php new file mode 100644 index 0000000..5f7fed7 --- /dev/null +++ b/checkem.php @@ -0,0 +1,66 @@ +Invalid - Blank"); +} +if (!valid_email($email)) +{ + die("Invalid - Bad Format"); +} +$e_email = $db->escape($email); +$q = + $db->query( + "SELECT COUNT(`userid`) FROM users WHERE `email` = '{$e_email}'"); +if ($db->fetch_single($q) != 0) +{ + echo 'Invalid - Already In Use'; +} +else +{ + echo 'Valid'; +} +$db->free_result($q); diff --git a/checkun.php b/checkun.php new file mode 100644 index 0000000..bf1f3ea --- /dev/null +++ b/checkun.php @@ -0,0 +1,65 @@ +Invalid - Blank"); +} +if ((strlen($username) < 3)) +{ + die("Invalid - Too Short"); +} +if ((strlen($username) > 31)) +{ + die("Invalid - Too Long"); +} +$e_username = $db->escape($username); +$q = + $db->query( + "SELECT COUNT(`userid`) FROM users WHERE login_name = '{$e_username}' OR username = '{$e_username}'"); +if ($db->fetch_single($q)) +{ + echo 'Invalid - Taken'; +} +else +{ + echo 'Valid'; +} +$db->free_result($q); diff --git a/class/class_db_mysql.php b/class/class_db_mysql.php new file mode 100644 index 0000000..81b66ff --- /dev/null +++ b/class/class_db_mysql.php @@ -0,0 +1,221 @@ +Error' . 'Error handler not present'); +} + +if (!extension_loaded('mysql')) +{ + // dl doesn't work anymore, crash + error_critical('Database connection failed', + 'MySQL extension not present but required', 'N/A', + debug_backtrace(false)); +} + +class database +{ + var $host; + var $user; + var $pass; + var $database; + var $persistent = 0; + var $last_query; + var $result; + var $connection_id; + var $num_queries = 0; + var $start_time; + + function configure($host, $user, $pass, $database, $persistent = 0) + { + $this->host = $host; + $this->user = $user; + $this->pass = $pass; + $this->database = $database; + $this->persistent = $persistent; + return 1; //Success. + } + + function connect() + { + if (!$this->host) + { + $this->host = "localhost"; + } + if (!$this->user) + { + $this->user = "root"; + } + if ($this->persistent) + { + $conn = mysql_pconnect($this->host, $this->user, $this->pass); + } + else + { + $conn = + mysql_connect($this->host, $this->user, $this->pass, true); + } + if ($conn === false) + { + error_critical('Database connection failed', + mysql_errno() . ': ' . mysql_error(), + 'Attempted to connect to database on ' . $this->host, + debug_backtrace(false)); + } + // @overridecharset mysql + $this->connection_id = $conn; + if (!mysql_select_db($this->database, $this->connection_id)) + { + error_critical('Database connection failed', + mysql_errno($conn) . ': ' . mysql_error($conn), + 'Attempted to select database: ' . $this->database, + debug_backtrace(false)); + } + return $this->connection_id; + } + + function disconnect() + { + if ($this->connection_id) + { + mysql_close($this->connection_id); + $this->connection_id = 0; + return 1; + } + else + { + return 0; + } + } + + function change_db($database) + { + if (!mysql_select_db($database, $this->connection_id)) + { + error_critical('Database change failed', + mysql_errno($this->connection_id) . ': ' + . mysql_error($this->connection_id), + 'Attempted to select database: ' . $database, + debug_backtrace(false)); + } + $this->database = $database; + } + + function query($query) + { + $this->last_query = $query; + $this->num_queries++; + $this->result = mysql_query($this->last_query, $this->connection_id); + if ($this->result === false) + { + error_critical('Query failed', + mysql_errno($this->connection_id) . ': ' + . mysql_error($this->connection_id), + 'Attempted to execute query: ' . nl2br($this->last_query), + debug_backtrace(false)); + } + return $this->result; + } + + function fetch_row($result = 0) + { + if (!$result) + { + $result = $this->result; + } + return mysql_fetch_assoc($result); + } + + function num_rows($result = 0) + { + if (!$result) + { + $result = $this->result; + } + return mysql_num_rows($result); + } + + function insert_id() + { + return mysql_insert_id($this->connection_id); + } + + function fetch_single($result = 0) + { + if (!$result) + { + $result = $this->result; + } + return mysql_result($result, 0, 0); + } + + function easy_insert($table, $data) + { + $query = "INSERT INTO `$table` ("; + $i = 0; + foreach ($data as $k => $v) + { + $i++; + if ($i > 1) + { + $query .= ", "; + } + $query .= $k; + } + $query .= ") VALUES("; + $i = 0; + foreach ($data as $k => $v) + { + $i++; + if ($i > 1) + { + $query .= ", "; + } + $query .= "'" . $this->escape($v) . "'"; + } + $query .= ")"; + return $this->query($query); + } + + function escape($text) + { + return mysql_real_escape_string($text, $this->connection_id); + } + + function affected_rows() + { + return mysql_affected_rows($this->connection_id); + } + + function free_result($result) + { + return mysql_free_result($result); + } + +} diff --git a/class/class_db_mysqli.php b/class/class_db_mysqli.php new file mode 100644 index 0000000..be992fa --- /dev/null +++ b/class/class_db_mysqli.php @@ -0,0 +1,213 @@ +Error' . 'Error handler not present'); +} + +if (!extension_loaded('mysqli')) +{ + // dl doesn't work anymore, crash + error_critical('Database connection failed', + 'MySQLi extension not present but required', 'N/A', + debug_backtrace(false)); +} + +class database +{ + var $host; + var $user; + var $pass; + var $database; + var $persistent = 0; + var $last_query; + var $result; + var $connection_id; + var $num_queries = 0; + var $start_time; + var $queries = array(); + + function configure($host, $user, $pass, $database, $persistent = 0) + { + $this->host = $host; + $this->user = $user; + $this->pass = $pass; + $this->database = $database; + return 1; //Success. + } + + function connect() + { + if (!$this->host) + { + $this->host = "localhost"; + } + if (!$this->user) + { + $this->user = "root"; + } + $conn = + mysqli_connect($this->host, $this->user, $this->pass, + $this->database); + if (mysqli_connect_error()) + { + error_critical('Database connection failed', + mysqli_connect_errno() . ': ' . mysqli_connect_error(), + 'Attempted to connect to database on ' . $this->host, + debug_backtrace(false)); + } + // @overridecharset mysqli + $this->connection_id = $conn; + return $this->connection_id; + } + + function disconnect() + { + if ($this->connection_id) + { + mysqli_close($this->connection_id); + $this->connection_id = 0; + return 1; + } + else + { + return 0; + } + } + + function change_db($database) + { + if (!mysqli_select_db($this->connection_id, $database)) + { + error_critical('Database change failed', + mysqli_errno($this->connection_id) . ': ' + . mysqli_error($this->connection_id), + 'Attempted to select database: ' . $database, + debug_backtrace(false)); + } + $this->database = $database; + } + + function query($query) + { + $this->last_query = $query; + $this->queries[] = $query; + $this->num_queries++; + $this->result = + mysqli_query($this->connection_id, $this->last_query); + if ($this->result === false) + { + error_critical('Query failed', + mysqli_errno($this->connection_id) . ': ' + . mysqli_error($this->connection_id), + 'Attempted to execute query: ' . nl2br($this->last_query), + debug_backtrace(false)); + } + return $this->result; + } + + function fetch_row($result = 0) + { + if (!$result) + { + $result = $this->result; + } + return mysqli_fetch_assoc($result); + } + + function num_rows($result = 0) + { + if (!$result) + { + $result = $this->result; + } + return mysqli_num_rows($result); + } + + function insert_id() + { + return mysqli_insert_id($this->connection_id); + } + + function fetch_single($result = 0) + { + if (!$result) + { + $result = $this->result; + } + //Ugly hack here + mysqli_data_seek($result, 0); + $temp = mysqli_fetch_array($result); + return $temp[0]; + } + + function easy_insert($table, $data) + { + $query = "INSERT INTO `$table` ("; + $i = 0; + foreach ($data as $k => $v) + { + $i++; + if ($i > 1) + { + $query .= ", "; + } + $query .= $k; + } + $query .= ") VALUES("; + $i = 0; + foreach ($data as $k => $v) + { + $i++; + if ($i > 1) + { + $query .= ", "; + } + $query .= "'" . $this->escape($v) . "'"; + } + $query .= ")"; + return $this->query($query); + } + + function escape($text) + { + return mysqli_real_escape_string($this->connection_id, $text); + } + + function affected_rows() + { + return mysqli_affected_rows($this->connection_id); + } + + function free_result($result) + { + return mysqli_free_result($result); + } + +} diff --git a/class/index.html b/class/index.html new file mode 100644 index 0000000..3e3bd3c --- /dev/null +++ b/class/index.html @@ -0,0 +1,11 @@ + + + + +Forbidden + + +

Access Forbidden

+ This folder is not designed to be accessed directly. + + \ No newline at end of file diff --git a/cmarket.php b/cmarket.php new file mode 100644 index 0000000..ae865b3 --- /dev/null +++ b/cmarket.php @@ -0,0 +1,322 @@ +Crystal Market + '; +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "buy": + crystal_buy(); + break; +case "remove": + crystal_remove(); + break; +case "add": + crystal_add(); + break; +default: + cmarket_index(); + break; +} + +function cmarket_index() +{ + global $db, $ir, $c, $userid, $h; + echo " + > Add A Listing

+ Viewing all listings... + + + + + + + + + "; + + $sql = + "SELECT `cm`.`cmADDER`, `cm`.`cmPRICE`, `cmID`, `cmQTY`, + `u`.`userid`, `username`, `level`, `money`, `crystals`, + `gender`, `donatordays` + FROM `crystalmarket` AS `cm` + LEFT JOIN `users` AS `u` ON `u`.`userid` = `cm`.`cmADDER` + ORDER BY (`cmPRICE`/`cmQTY`) ASC"; + $q = $db->query($sql); + + while ($r = $db->fetch_row($q)) + { + + if ($r['cmADDER'] == $userid) + { + $link = + 'Remove'; + } + else + { + $link = + "Buy"; + } + $each = (float) $r['cmPRICE'] * $r['cmQTY']; + $r['money'] = number_format($r['money']); + + echo " +
+ + + + "; + } + $db->free_result($q); + echo " +
AdderQtyPrice EachPrice TotalLinks
+ {$r['username']} [{$r['userid']}] + {$r['cmQTY']} " . money_formatter($r['cmPRICE']) . " " + . money_formatter($each) + . " [{$link}] +
+ "; +} + +function crystal_remove() +{ + global $db, $ir, $c, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + if (empty($_GET['ID'])) + { + echo 'Something went wrong.
> Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `cmQTY` FROM `crystalmarket` WHERE `cmID` = ' + . $_GET['ID'] . ' AND `cmADDER` = ' . $userid); + if (!$db->num_rows($q)) + { + echo "Error, either these crystals do not exist, or you are not the owner. +
+ > Back"; + $h->endpage(); + exit; + } + $r = $db->fetch_row($q); + $db->free_result($q); + $db->query( + 'UPDATE `users` SET `crystals` = `crystals` + ' . $r['cmQTY'] + . ' WHERE `userid` = ' . $userid); + $db->query('DELETE FROM `crystalmarket` WHERE `cmID` = ' . $_GET['ID']); + echo " + Crystals removed from market! +
+ > Back + "; +} + +function crystal_buy() +{ + global $db, $ir, $c, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + if (empty($_GET['ID'])) + { + echo 'Something went wrong.
> Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `cmPRICE`, `cmQTY`, `cmADDER` FROM `crystalmarket` WHERE `cmID` = ' + . $_GET['ID']); + if (!$db->num_rows($q)) + { + echo ' + Error, either these crystals do not exist, or they have already been bought. +
+ > Back + '; + $h->endpage(); + exit; + } + $r = $db->fetch_row($q); + $db->free_result($q); + $_POST['QTY'] = + (isset($_POST['QTY']) && is_numeric($_POST['QTY'])) + ? abs(intval($_POST['QTY'])) : ''; + if ($_GET['ID'] && $_POST['QTY']) + { + $cprice = $r['cmPRICE'] * $_POST['QTY']; + if ($cprice > $ir['money']) + { + echo ' + Error, you do not have the funds to buy these crystals. +
+ > Back + '; + $h->endpage(); + exit; + } + if ($_POST['QTY'] > $r['cmQTY']) + { + echo ' + Error, you selected more crystals than there are available in this listing. +
+ > Back + '; + $h->endpage(); + exit; + } + $db->query( + 'UPDATE `users` SET `crystals` = `crystals` + ' + . $_POST['QTY'] . ', `money` = `money` - ' . $cprice + . ' WHERE `userid` = ' . $userid); + if ($_POST['QTY'] < $r['cmQTY']) + { + $db->query( + 'UPDATE `crystalmarket` SET `cmQTY` = `cmQTY` - ' + . $_POST['QTY'] . ' WHERE `cmID` = ' . $_GET['ID']); + } + elseif ($_POST['QTY'] == $r['cmQTY']) + { + $db->query( + 'DELETE FROM `crystalmarket` WHERE `cmID` = ' + . $_GET['ID']); + } + $db->query( + 'UPDATE `users` SET `money` = `money` + ' . $cprice + . ' WHERE `userid` = ' . $r['cmADDER']); + + event_add($r['cmADDER'], + "{$ir['username']} bought of {$_POST['QTY']} your crystals from the market for " + . money_formatter($cprice) . ".", $c); + + echo ' + You bought the ' . $_POST['QTY'] . ' crystals from the market for $' + . number_format($cprice) + . '. +
+ >Back + '; + } + elseif ($_GET['ID'] AND !$_POST['QTY']) + { + + echo " +There is {$r['cmQTY']} available to buy. +
+ "; + echo ' +
+ Quantity: +
+ +
+ '; + + } + +} + +function crystal_add() +{ + global $db, $ir, $c, $userid, $h; + $_POST['amnt'] = + (isset($_POST['amnt']) && is_numeric($_POST['amnt'])) + ? abs(intval($_POST['amnt'])) : ''; + $_POST['price'] = + (isset($_POST['price']) && is_numeric($_POST['price'])) + ? abs(intval($_POST['price'])) : ''; + if (!empty($_POST['amnt']) && !empty($_POST['price'])) + { + if ($_POST['amnt'] > $ir['crystals']) + { + echo 'You are trying to add more crystals to the market than you have.'; + $h->endpage(); + exit; + } + + $ql = + $db->query( + 'SELECT `cmID` FROM `crystalmarket` WHERE cmADDER = ' + . $userid . ' AND cmPRICE = ' + . $_POST['price']); + if ($db->num_rows($ql)) + { + $gc = $db->fetch_row($ql); + $db->free_result($ql); + $db->query( + 'UPDATE `crystalmarket` SET `cmQTY` = `cmQTY` + ' + . $_POST['amnt'] . ' WHERE `cmID` = ' + . $gc['cmID']); + + } + else + { + $db->free_result($ql); + $tp = $_POST['price']; + $db->query( + 'INSERT INTO `crystalmarket` VALUES(NULL, ' + . $_POST['amnt'] . ', ' . $userid . ', ' . $tp + . ')'); + } + $db->query( + 'UPDATE `users` SET `crystals` = `crystals` - ' + . $_POST['amnt'] . ' WHERE userid = ' . $userid); + echo ' + Crystals added to market! +
+ > Back + '; + } + else + { + echo ' + +
+ + + + + + + + + +
Crystals:
Price Each:
+ +
+
+ '; + } +} +$h->endpage(); diff --git a/contactlist.php b/contactlist.php new file mode 100644 index 0000000..6d0de87 --- /dev/null +++ b/contactlist.php @@ -0,0 +1,183 @@ +My Contacts + + + + + + + + + +
InboxSent MessagesCompose MessageDelete All MessagesArchive MessagesMy Contacts
+
+ '; + +switch ($_GET['action']) +{ +case "add": + add_contact(); + break; +case "remove": + remove_contact(); + break; +default: + contacts_list(); + break; +} + +function contacts_list() +{ + global $db, $ir, $c, $userid; + echo " +> Add a Contact
+These are the people on your contact list. +
+ + + + + + + + "; + $q = + $db->query( + "SELECT `cl`.`cl_ID`, `u`.`donatordays`, `username`, `userid` + FROM `contactlist` AS `cl` + LEFT JOIN `users` AS `u` ON `cl`.`cl_ADDED` = `u`.`userid` + WHERE `cl`.`cl_ADDER` = $userid + ORDER BY `u`.`username` ASC"); + while ($r = $db->fetch_row($q)) + { + $d = ''; + if ($r['donatordays']) + { + $r['username'] = "{$r['username']}"; + $d = + "Donator: {$r["; + } + echo ' + + + + + + + '; + } + $db->free_result($q); + echo '
IDNameMailRemove
' . $r['userid'] . '' . $r['username'] + . ' ' . $d + . 'MailRemove
'; +} + +function add_contact() +{ + global $db, $ir, $c, $userid; + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : ''; + if ($_POST['ID']) + { + $qc = + $db->query( + "SELECT COUNT(`cl_ADDER`) FROM `contactlist` WHERE `cl_ADDER` = $userid AND `cl_ADDED` = {$_POST['ID']}"); + $dupe_count = $db->fetch_single($qc); + $db->free_result($qc); + $q = + $db->query( + "SELECT `username` FROM `users` WHERE `userid` = {$_POST['ID']}"); + if ($dupe_count > 0) + { + echo "You cannot add the same person twice."; + } + else if ($userid == $_POST['ID']) + { + echo "There is no point in adding yourself to your own list."; + } + else if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Oh no, you're trying to add a ghost."; + } + else + { + $db->query( + "INSERT INTO `contactlist` VALUES(NULL, $userid, {$_POST['ID']})"); + $r = $db->fetch_row($q); + $db->free_result($q); + echo "{$r['username']} was added to your contact list.
+> Back"; + } + } + else + { + echo " +Adding a contact! +
+ Contact's ID: +
+ +
+ "; + } +} + +function remove_contact() +{ + global $db, $ir, $c, $userid, $h; + $_GET['contact'] = + (isset($_GET['contact']) && is_numeric($_GET['contact'])) + ? abs(intval($_GET['contact'])) : ''; + if (empty($_GET['contact'])) + { + echo ' +You didn\'t select a real contact.
+> Back + '; + die($h->endpage()); + } + $qc = + $db->query( + "SELECT COUNT(`cl_ADDER`) FROM `contactlist` WHERE `cl_ADDER` = $userid AND `cl_ID` = {$_GET['contact']}"); + $exist_count = $db->fetch_single($qc); + $db->free_result($qc); + if ($exist_count == 0) + { + echo 'Listing doesn\'t exist.
> Go Back'; + die($h->endpage()); + } + $db->query( + "DELETE FROM `contactlist` WHERE `cl_ID` = {$_GET['contact']} AND `cl_ADDER` = $userid"); + echo " +Contact removed from your list.
+> Go Back + "; +} +$h->endpage(); diff --git a/creategang.php b/creategang.php new file mode 100644 index 0000000..ba0fbc1 --- /dev/null +++ b/creategang.php @@ -0,0 +1,80 @@ +endpage()); +} +if ($ir['gang']) +{ + echo "You're already in a gang!"; + die($h->endpage()); +} +if (isset($_POST['submit']) && isset($_POST['name']) && isset($_POST['desc']) + && !empty($_POST['name'])) +{ + if (!isset($_POST['verf']) + || !verify_csrf_code("creategang", stripslashes($_POST['verf']))) + { + echo '

Error

+ This transaction has been blocked for your security.
+ Please create your gang quickly after you open the form - do not leave it open in tabs.
+ > Try Again'; + die($h->endpage()); + } + $name = + $db->escape( + htmlentities(stripslashes($_POST['name']), ENT_QUOTES, + 'ISO-8859-1')); + $desc = + $db->escape( + htmlentities(stripslashes($_POST['desc']), ENT_QUOTES, + 'ISO-8859-1')); + $db->query( + "INSERT INTO `gangs` + (`gangNAME`, `gangDESC`, `gangRESPECT`, `gangPRESIDENT`, `gangVICEPRES`, `gangCAPACITY`) + VALUES('$name', '$desc', 100, $userid, $userid, 5)"); + $i = $db->insert_id(); + $db->query( + "UPDATE `users` SET `gang` = $i, `money` = `money` - {$cg_price} WHERE `userid` = $userid"); + echo "Gang created!"; +} +else +{ + $code = request_csrf_code('creategang'); + echo "

Create A Gang

+
+ + Name:
+ Description:
+ +
+ + +
"; +} +$h->endpage(); diff --git a/criminal.php b/criminal.php new file mode 100644 index 0000000..c364850 --- /dev/null +++ b/criminal.php @@ -0,0 +1,58 @@ +query( + "SELECT `crimeGROUP`, `crimeNAME`, `crimeBRAVE`, `crimeID` + FROM `crimes` + ORDER BY `crimeBRAVE` ASC"); +while ($r2 = $db->fetch_row($q2)) +{ + $crimes[] = $r2; +} +$db->free_result($q2); +$q = + $db->query( + "SELECT `cgID`, `cgNAME` FROM `crimegroups` ORDER BY `cgORDER` ASC"); +echo "

Criminal Centre


+"; +while ($r = $db->fetch_row($q)) +{ + echo ""; + foreach ($crimes as $v) + { + if ($v['crimeGROUP'] == $r['cgID']) + { + echo ""; + } + } +} +$db->free_result($q); +echo "
CrimeCostDo
{$r['cgNAME']}
{$v['crimeNAME']}{$v['crimeBRAVE']} BraveDo
"; +$h->endpage(); diff --git a/cron_day.php b/cron_day.php new file mode 100644 index 0000000..ddf2e2c --- /dev/null +++ b/cron_day.php @@ -0,0 +1,122 @@ +query("UPDATE `fedjail` SET `fed_days` = `fed_days` - 1"); +$q = $db->query("SELECT * FROM `fedjail` WHERE `fed_days` <= 0"); +$ids = array(); +while ($r = $db->fetch_row($q)) +{ + $ids[] = $r['fed_userid']; +} +$db->free_result($q); +if (count($ids) > 0) +{ + $db->query( + "UPDATE `users` SET `fedjail` = 0 WHERE `userid` IN(" + . implode(",", $ids) . ")"); +} +$db->query("DELETE FROM `fedjail` WHERE `fed_days` <= 0"); +$user_update_query = + "UPDATE `users` SET + `daysingang` = `daysingang` + IF(`gang` > 0, 1, 0), + `daysold` = `daysold` + 1, `boxes_opened` = 0, + `mailban` = `mailban` - IF(`mailban` > 0, 1, 0), + `donatordays` = `donatordays` - IF(`donatordays` > 0, 1, 0), + `cdays` = `cdays` - IF(`course` > 0, 1, 0), + `bankmoney` = `bankmoney` + IF(`bankmoney` > 0, `bankmoney` / 50, 0), + `cybermoney` = `cybermoney` + IF(`cybermoney` > 0, `cybermoney` / 100 * 7, 0)"; +$db->query($user_update_query); +$q = + $db->query( + "SELECT `userid`, `course` FROM `users` WHERE `cdays` <= 0 AND `course` > 0"); +$course_cache = array(); +while ($r = $db->fetch_row($q)) +{ + if (!array_key_exists($r['course'], $course_cache)) + { + $cd = + $db->query( + "SELECT `crSTR`, `crGUARD`, `crLABOUR`, `crAGIL`, `crIQ`, `crNAME` + FROM `courses` + WHERE `crID` = {$r['course']}"); + $coud = $db->fetch_row($cd); + $db->free_result($cd); + $course_cache[$r['course']] = $coud; + } + else + { + $coud = $course_cache[$r['course']]; + } + $userid = $r['userid']; + $db->query( + "INSERT INTO `coursesdone` VALUES({$r['userid']}, {$r['course']})"); + $upd = ""; + $ev = ""; + if ($coud['crSTR'] > 0) + { + $upd .= ", us.strength = us.strength + {$coud['crSTR']}"; + $ev .= ", {$coud['crSTR']} strength"; + } + if ($coud['crGUARD'] > 0) + { + $upd .= ", us.guard = us.guard + {$coud['crGUARD']}"; + $ev .= ", {$coud['crGUARD']} guard"; + } + if ($coud['crLABOUR'] > 0) + { + $upd .= ", us.labour = us.labour + {$coud['crLABOUR']}"; + $ev .= ", {$coud['crLABOUR']} labour"; + } + if ($coud['crAGIL'] > 0) + { + $upd .= ", us.agility = us.agility + {$coud['crAGIL']}"; + $ev .= ", {$coud['crAGIL']} agility"; + } + if ($coud['crIQ'] > 0) + { + $upd .= ", us.IQ = us.IQ + {$coud['crIQ']}"; + $ev .= ", {$coud['crIQ']} IQ"; + } + $ev = substr($ev, 1); + $db->query( + "UPDATE `users` AS `u` + INNER JOIN `userstats` AS `us` ON `u`.`userid` = `us`.`userid` + SET `u`.`course` = 0{$upd} + WHERE `u`.`userid` = {$userid}"); + event_add($userid, + "Congratulations, you completed the {$coud['crNAME']} and gained {$ev}!", + NULL); +} +$db->free_result($q); +$db->query("TRUNCATE TABLE `votes`"); diff --git a/cron_fivemins.php b/cron_fivemins.php new file mode 100644 index 0000000..e5ee65e --- /dev/null +++ b/cron_fivemins.php @@ -0,0 +1,56 @@ + 0, + LEAST(`energy` + (`maxenergy` / 6), `maxenergy`), + LEAST(`energy` + (`maxenergy` / 12.5), `maxenergy`))" + . ($ver_reset ? ', `verified` = 0' : ''); +$db->query($allusers_query); diff --git a/cron_hour.php b/cron_hour.php new file mode 100644 index 0000000..8980293 --- /dev/null +++ b/cron_hour.php @@ -0,0 +1,109 @@ +query( + "UPDATE `gangs` SET `gangCHOURS` = `gangCHOURS` - 1 WHERE `gangCRIME` > 0"); +$q = + $db->query( + "SELECT `gangID`,`ocSTARTTEXT`, `ocSUCCTEXT`, `ocFAILTEXT`, + `ocMINMONEY`, `ocMAXMONEY`, `ocID`, `ocNAME` + FROM `gangs` AS `g` + LEFT JOIN `orgcrimes` AS `oc` ON `g`.`gangCRIME` = `oc`.`ocID` + WHERE `g`.`gangCRIME` > 0 AND `g`.`gangCHOURS` <= 0"); +while ($r = $db->fetch_row($q)) +{ + $suc = rand(0, 1); + if ($suc) + { + $log = $r['ocSTARTTEXT'] . $r['ocSUCCTEXT']; + $muny = (int) (rand($r['ocMINMONEY'], $r['ocMAXMONEY'])); + $log = $db->escape(str_replace('{muny}', $muny, $log)); + $db->query( + "UPDATE `gangs` SET `gangMONEY` = `gangMONEY` + {$muny}, `gangCRIME` = 0 WHERE `gangID` = {$r['gangID']}"); + $db->query( + "INSERT INTO `oclogs` VALUES (NULL, {$r['ocID']}, {$r['gangID']}, + '$log', 'success', $muny, '{$r['ocNAME']}', " . time() + . ")"); + $i = $db->insert_id(); + $qm = + $db->query( + "SELECT `userid` FROM `users` WHERE `gang` = {$r['gangID']}"); + while ($rm = $db->fetch_row($qm)) + { + event_add($rm['userid'], + "Your Gang's Organised Crime Succeeded. Go here to view the details.", + NULL); + } + $db->free_result($qm); + } + else + { + $log = $r['ocSTARTTEXT'] . $r['ocFAILTEXT']; + $muny = 0; + $log = $db->escape(str_replace('{muny}', $muny, $log)); + $db->query( + "UPDATE `gangs` SET `gangCRIME` = 0 WHERE `gangID` = {$r['gangID']}"); + $db->query( + "INSERT INTO `oclogs` VALUES (NULL,{$r['ocID']},{$r['gangID']}, + '$log', 'failure', $muny, '{$r['ocNAME']}', " + . time() . ")"); + $i = $db->insert_id(); + $qm = + $db->query( + "SELECT `userid` FROM `users` WHERE `gang` = {$r['gangID']}"); + while ($rm = $db->fetch_row($qm)) + { + event_add($rm['userid'], + "Your Gang's Organised Crime Failed. Go here to view the details.", + $c); + } + $db->free_result($qm); + } +} +$db->free_result($q); +if (date('G') == 17) +{ + // Job stats update + $db->query( + "UPDATE `users` AS `u` + INNER JOIN `userstats` AS `us` ON `u`.`userid` = `us`.`userid` + LEFT JOIN `jobranks` AS `jr` ON `jr`.`jrID` = `u`.`jobrank` + SET `u`.`money` = `u`.`money` + `jr`.`jrPAY`, `u`.`exp` = `u`.`exp` + (`jr`.`jrPAY` / 20), + `us`.`strength` = (`us`.`strength` + 1) + `jr`.`jrSTRG` - 1, + `us`.`labour` = (`us`.`labour` + 1) + `jr`.`jrLABOURG` - 1, + `us`.`IQ` = (`us`.`IQ`+1) + `jr`.`jrIQG` - 1 + WHERE `u`.`job` > 0 AND `u`.`jobrank` > 0"); +} +if ($set['validate_period'] == 60 && $set['validate_on']) +{ + $db->query("UPDATE `users` SET `verified` = 0"); +} diff --git a/cron_minute.php b/cron_minute.php new file mode 100644 index 0000000..5f980c1 --- /dev/null +++ b/cron_minute.php @@ -0,0 +1,45 @@ +query( + "UPDATE `users` SET `hospital` = GREATEST(`hospital` - 1, 0), `jail` = GREATEST(`jail` - 1, 0)"); +$counts = + $db->fetch_row( + $db->query( + "SELECT SUM(IF(`hospital` > 0, 1, 0)) AS `hc`, SUM(IF(`jail` > 0, 1, 0)) AS `jc` FROM `users`")); +$db->query( + "UPDATE `settings` SET `conf_value` = '{$counts['hc']}' WHERE `conf_name` = 'hospital_count'"); +$db->query( + "UPDATE `settings` SET `conf_value` = '{$counts['jc']}' WHERE `conf_name` = 'jail_count'"); + diff --git a/crystaltemple.php b/crystaltemple.php new file mode 100644 index 0000000..63b1972 --- /dev/null +++ b/crystaltemple.php @@ -0,0 +1,160 @@ +Error
+ Your purchase has been blocked for your security.
+ Please make crystal purchases quickly after you open the form + - do not leave it open in tabs.
+ > Try Again'; + $h->endpage(); + exit; +} +if (!isset($_GET['spend'])) +{ + echo "Welcome to the crystal temple!
+You have {$ir['crystals']} crystals.
+What would you like to spend your crystals on?
+
+ +Energy Refill - {$set['ct_refillprice']} Crystals +
+ +IQ - {$set['ct_iqpercrys']} IQ per crystal +
+ +Money - " . money_formatter($set['ct_moneypercrys']) + . " per crystal
"; +} +else +{ + if ($_GET['spend'] == 'refill') + { + if ($ir['crystals'] < $set['ct_refillprice']) + { + echo "You don't have enough crystals!"; + } + else if ($ir['energy'] == $ir['maxenergy']) + { + echo "You already have full energy."; + } + else + { + $db->query( + "UPDATE `users` + SET `energy` = `maxenergy`, + `crystals` = `crystals` - {$set['ct_refillprice']} + WHERE `userid` = $userid"); + echo "You have paid {$set['ct_refillprice']} crystals to + refill your energy bar."; + } + } + else if ($_GET['spend'] == 'IQ') + { + $iq_csrf = request_csrf_code('ctemple_iq'); + echo "Type in the amount of crystals you want to swap for IQ.
+ You have {$ir['crystals']} crystals.
+ One crystal = {$set['ct_iqpercrys']} IQ. +
+
+ + +
"; + } + else if ($_GET['spend'] == 'IQ2') + { + if (!isset($_POST['verf']) + || !verify_csrf_code('ctemple_iq', + stripslashes($_POST['verf']))) + { + csrf_error('IQ'); + } + $_POST['crystals'] = + isset($_POST['crystals']) ? (int) $_POST['crystals'] : 0; + if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) + { + echo "Error, you either do not have enough crystals + or did not fill out the form.
+ Back"; + } + else + { + $iqgain = $_POST['crystals'] * $set['ct_iqpercrys']; + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` - {$_POST['crystals']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `userstats` + SET `IQ` = `IQ` + $iqgain + WHERE `userid` = $userid"); + echo "You traded {$_POST['crystals']} crystals for $iqgain IQ."; + } + } + else if ($_GET['spend'] == 'money') + { + $m_csrf = request_csrf_code('ctemple_money'); + echo "Type in the amount of crystals you want to swap for money.
+ You have {$ir['crystals']} crystals.
+ One crystal = " . money_formatter($set['ct_moneypercrys']) + . ". +
+
+ + +
"; + } + else if ($_GET['spend'] == 'money2') + { + if (!isset($_POST['verf']) + || !verify_csrf_code('ctemple_money', + stripslashes($_POST['verf']))) + { + csrf_error('money'); + } + $_POST['crystals'] = + isset($_POST['crystals']) ? (int) $_POST['crystals'] : 0; + if ($_POST['crystals'] <= 0 || $_POST['crystals'] > $ir['crystals']) + { + echo "Error, you either do not have enough crystals or did not + fill out the form.
+ Back"; + } + else + { + $iqgain = $_POST['crystals'] * $set['ct_moneypercrys']; + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` - {$_POST['crystals']}, + `money` = `money` + $iqgain + WHERE `userid` = $userid"); + echo "You traded {$_POST['crystals']} crystals for " + . money_formatter($iqgain) . "."; + } + } +} + +$h->endpage(); diff --git a/css/game.css b/css/game.css new file mode 100644 index 0000000..456be8b --- /dev/null +++ b/css/game.css @@ -0,0 +1,139 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: css/game.css + * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ +@CHARSET "ISO-8859-1"; + +body { + background-color: #DEDEDE; + margin-top: 0px; + margin-bottom: 0px; + font-family: calibri, helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; + scrollbar-base-color: #005B70; + scrollbar-arrow-color: #F3960B; + scrollbar-DarkShadow-Color: #000000; +} + +a:visited,a:active,a:hover,a:link { + color: black; + text-decoration: none; +} + +table,tr,td { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; +} + +img { + border: none; +} + +textarea { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; +} + +.table2 { + +} + +.lgrad { + background-image: url("../lgrad.jpg"); + background-repeat: repeat-y; + width: 19px; +} + +.linegrad { + background-image: url(../linegrad.PNG); + background-repeat: repeat-y; + background-align: center; + width: 2px; +} + +.rgrad { + background-image: url(../rgrad.jpg); + background-repeat: repeat-y; + width: 19px; +} + +.dgrad { + background-image: url(../dgrad.jpg); + background-repeat: repeat-x; + height: 38px; +} + +.dgradl { + background-image: url(../dgradl.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.dgradr { + background-image: url(../dgradr.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.center { + width: 932px; + background-color: #FFFFFF; + vertical-align: top; + text-align: center; +} + +.table { + background-color: #000000; +} + +.table3 { + background-color: #000000; +} + +.table td { + background-color: #DEDEDE; + height: 22px; +} + +.table3 td { + background-color: #CCCCCC; +} + +td .alt { + background-color: #EEEEEE; + height: 22px; +} + +td .h { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} + +.table th { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} \ No newline at end of file diff --git a/css/index.html b/css/index.html new file mode 100644 index 0000000..3e3bd3c --- /dev/null +++ b/css/index.html @@ -0,0 +1,11 @@ + + + + +Forbidden + + +

Access Forbidden

+ This folder is not designed to be accessed directly. + + \ No newline at end of file diff --git a/css/installer.css b/css/installer.css new file mode 100644 index 0000000..1c6b8df --- /dev/null +++ b/css/installer.css @@ -0,0 +1,139 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: css/installer.css + * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ + +@CHARSET "ISO-8859-1"; +body { + background-color: #DEDEDE; + margin-top: 0px; + margin-bottom: 0px; + font-family: calibri, helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; + scrollbar-base-color: #005B70; + scrollbar-arrow-color: #F3960B; + scrollbar-DarkShadow-Color: #000000; +} + +a:visited,a:active,a:hover,a:link { + color: black; + text-decoration: none; +} + +table,tr,td { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; +} + +img { + border: none; +} + +textarea { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; +} + +.table2 { + +} + +.lgrad { + background-image: url("../lgrad.jpg"); + background-repeat: repeat-y; + width: 19px; +} + +.linegrad { + background-image: url(../linegrad.PNG); + background-repeat: repeat-y; + background-align: center; + width: 2px; +} + +.rgrad { + background-image: url(../rgrad.jpg); + background-repeat: repeat-y; + width: 19px; +} + +.dgrad { + background-image: url(../dgrad.jpg); + background-repeat: repeat-x; + height: 38px; +} + +.dgradl { + background-image: url(../dgradl.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.dgradr { + background-image: url(../dgradr.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.center { + width: 932px; + background-color: #FFFFFF; + vertical-align: top; + text-align: center; +} + +.table { + background-color: #000000; +} + +.table3 { + background-color: #000000; +} + +.table td { + background-color: #DEDEDE; + height: 22px; +} + +.table3 td { + background-color: #CCCCCC; +} + +td .alt { + background-color: #EEEEEE; + height: 22px; +} + +td .h { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} + +.table th { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} \ No newline at end of file diff --git a/css/login.css b/css/login.css new file mode 100644 index 0000000..86b7d66 --- /dev/null +++ b/css/login.css @@ -0,0 +1,139 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: css/login.css + * Signature: cbae5999fc5ee7f66abb1dfeb0c0db49 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ +@CHARSET "ISO-8859-1"; + +body { + background-color: #DEDEDE; + margin-top: 0px; + margin-bottom: 0px; + font-family: calibri, helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; + scrollbar-base-color: #005B70; + scrollbar-arrow-color: #F3960B; + scrollbar-DarkShadow-Color: #000000; +} + +a:visited,a:active,a:hover,a:link { + color: black; + text-decoration: none; +} + +table,tr,td { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; +} + +img { + border: none; +} + +textarea { + font-family: helvetica, arial, geneva, sans-serif; + font-size: 12px; + color: black; +} + +.table2 { + +} + +.lgrad { + background-image: url("../lgrad.jpg"); + background-repeat: repeat-y; + width: 19px; +} + +.linegrad { + background-image: url(../linegrad.PNG); + background-repeat: repeat-y; + background-align: center; + width: 2px; +} + +.rgrad { + background-image: url(../rgrad.jpg); + background-repeat: repeat-y; + width: 19px; +} + +.dgrad { + background-image: url(../dgrad.jpg); + background-repeat: repeat-x; + height: 38px; +} + +.dgradl { + background-image: url(../dgradl.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.dgradr { + background-image: url(../dgradr.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.center { + width: 932px; + background-color: #FFFFFF; + vertical-align: top; + text-align: center; +} + +.table { + background-color: #000000; +} + +.table3 { + background-color: #000000; +} + +.table td { + background-color: #DEDEDE; + height: 22px; +} + +.table3 td { + background-color: #CCCCCC; +} + +td .alt { + background-color: #EEEEEE; + height: 22px; +} + +td .h { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} + +.table th { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} \ No newline at end of file diff --git a/css/register.css b/css/register.css new file mode 100644 index 0000000..c0a0b3f --- /dev/null +++ b/css/register.css @@ -0,0 +1,111 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: css/register.css + * Signature: ee13a1eed2e4bf7902ac57305a6820a8 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ +@CHARSET "ISO-8859-1"; + +body { + background-color: #DEDEDE; + margin-top: 0px; + margin-bottom: 0px; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 12px; +} + +.lgrad { + background-image: url("../lgrad.jpg"); + background-repeat: repeat-y; + width: 19px; +} + +.linegrad { + background-image: url(../linegrad.PNG); + background-repeat: repeat-y; + background-align: center; + width: 2px; +} + +.rgrad { + background-image: url(../rgrad.jpg); + background-repeat: repeat-y; + width: 19px; +} + +.dgrad { + background-image: url(../dgrad.jpg); + background-repeat: repeat-x; + height: 38px; +} + +.dgradl { + background-image: url(../dgradl.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.dgradr { + background-image: url(../dgradr.jpg); + background-repeat: no-repeat; + height: 38px; + width: 38px; +} + +.center { + width: 932px; + background-color: #FFFFFF; + vertical-align: top; + text-align: center; +} + +.table { + background-color: #000000; +} + +.table3 { + background-color: #000000; +} + +.table td { + background-color: #DEDEDE; + height: 22px; +} + +.table3 td { + background-color: #CCCCCC; +} + +td .alt { + background-color: #EEEEEE; + height: 22px; +} + +td .h { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} + +.table th { + background-image: url(../tablehgrad.png); + background-repeat: repeat-x; + font-weight: bold; + background-color: #D6D6D6; +} \ No newline at end of file diff --git a/cyberbank.php b/cyberbank.php new file mode 100644 index 0000000..2141187 --- /dev/null +++ b/cyberbank.php @@ -0,0 +1,177 @@ +Cyber Bank"; +$bank_cost = 10000000; +$bank_maxfee_dp = 1500000; +$bank_feepercent_dp = 15; +$bank_maxfee_wd = 750000; +$bank_feepercent_wd = 7.5; +if ($ir['cybermoney'] > -1) +{ + if (!isset($_GET['action'])) + { + $_GET['action'] = ''; + } + switch ($_GET['action']) + { + case "deposit": + deposit(); + break; + + case "withdraw": + withdraw(); + break; + + default: + index(); + break; + } + +} +else +{ + if (isset($_GET['buy'])) + { + if ($ir['money'] >= $bank_cost) + { + echo "Congratulations, you bought a bank account for " + . money_formatter($bank_cost) + . "!
+Start using my account"; + $db->query( + "UPDATE `users` + SET `money` = `money` - {$bank_cost}, + `cybermoney` = 0 + WHERE `userid` = $userid"); + } + else + { + echo "You do not have enough money to open an account. +Back to town..."; + } + } + else + { + echo "Open a bank account today, just " . money_formatter($bank_cost) + . "!
+> Yes, sign me up!"; + } +} + +function index() +{ + global $db, $ir, $c, $userid, $h, $bank_maxfee_dp, $bank_feepercent_dp, $bank_maxfee_wd, $bank_feepercent_wd; + echo "\nYou currently have " . money_formatter($ir['cybermoney']) + . " in the bank.
+At the end of each day, your bank balance will go up by 7%.
+
Deposit Money
+It will cost you {$bank_feepercent_dp}% of the money you deposit, rounded up. +The maximum fee is " . money_formatter($bank_maxfee_dp) + . ".
+Amount:
+
 +Withdraw Money
+It will cost you {$bank_feepercent_wd}% of the money you withdraw, rounded up. +The maximum fee is " . money_formatter($bank_maxfee_wd) + . ".
+Amount:
+
"; +} + +function deposit() +{ + global $db, $ir, $c, $userid, $h, $bank_maxfee_dp, $bank_feepercent_dp; + $_POST['deposit'] = + (isset($_POST['deposit']) && is_numeric($_POST['deposit'])) + ? abs((int) $_POST['deposit']) : 0; + if ($_POST['deposit'] > $ir['money']) + { + echo "You do not have enough money to deposit this amount."; + } + else if ($_POST['deposit'] == 0) + { + echo "There's no point depositing nothing."; + } + else + { + $fee = ceil($_POST['deposit'] * $bank_feepercent_dp / 100); + if ($fee > $bank_maxfee_dp) + { + $fee = $bank_maxfee_dp; + } + $gain = $_POST['deposit'] - $fee; + $ir['cybermoney'] += $gain; + $db->query( + "UPDATE `users` + SET `cybermoney` = `cybermoney` + $gain, + `money` = `money` - {$_POST['deposit']} + WHERE `userid` = $userid"); + echo "You hand over " . money_formatter($_POST['deposit']) + . " to be deposited,
+after the fee is taken (" . money_formatter($fee) . "), " + . money_formatter($gain) + . " is added to your account.
+You now have " . money_formatter($ir['cybermoney']) + . " in the Cyber Bank.
+> Back"; + } +} + +function withdraw() +{ + global $db, $ir, $c, $userid, $h, $bank_maxfee_wd, $bank_feepercent_wd; + $_POST['withdraw'] = + (isset($_POST['withdraw']) && is_numeric($_POST['withdraw'])) + ? abs((int) $_POST['withdraw']) : 0; + if ($_POST['withdraw'] > $ir['cybermoney']) + { + echo "You do not have enough banked money to withdraw this amount."; + } + else if ($_POST['withdraw'] == 0) + { + echo "There's no point withdrawing nothing."; + } + else + { + $fee = ceil($_POST['withdraw'] * $bank_feepercent_wd / 100); + if ($fee > $bank_maxfee_wd) + { + $fee = $bank_maxfee_wd; + } + $gain = $_POST['withdraw'] - $fee; + $ir['cybermoney'] -= $gain; + $db->query( + "UPDATE `users` + SET `cybermoney` = `cybermoney` - $gain, + `money` = `money` + $gain + WHERE `userid` = $userid"); + echo "You ask to withdraw " . money_formatter($gain) + . ",
+the teller hands it over after she takes the bank fees.
+You now have " . money_formatter($ir['cybermoney']) + . " in the Cyber Bank.
+> Back"; + } +} +$h->endpage(); diff --git a/dbdata.sql b/dbdata.sql new file mode 100644 index 0000000..5b69acc --- /dev/null +++ b/dbdata.sql @@ -0,0 +1,1309 @@ +-- -------------------------------------------------------- + +-- +-- Table structure for table `announcements` +-- + +CREATE TABLE `announcements` ( + `a_text` text NOT NULL, + `a_time` int(11) NOT NULL default '0' +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `announcements` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `applications` +-- + +CREATE TABLE `applications` ( + `appID` int(11) NOT NULL auto_increment, + `appUSER` int(11) NOT NULL default '0', + `appGANG` int(11) NOT NULL default '0', + `appTEXT` text NOT NULL, + PRIMARY KEY (`appID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `applications` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `attacklogs` +-- + +CREATE TABLE `attacklogs` ( + `log_id` int(11) NOT NULL auto_increment, + `attacker` int(11) NOT NULL default '0', + `attacked` int(11) NOT NULL default '0', + `result` enum('won','lost') NOT NULL default 'won', + `time` int(11) NOT NULL default '0', + `stole` int(11) NOT NULL default '0', + `attacklog` longtext NOT NULL, + PRIMARY KEY (`log_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `attacklogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `bankxferlogs` +-- + +CREATE TABLE `bankxferlogs` ( + `cxID` int(11) NOT NULL auto_increment, + `cxFROM` int(11) NOT NULL default '0', + `cxTO` int(11) NOT NULL default '0', + `cxAMOUNT` int(11) NOT NULL default '0', + `cxTIME` int(11) NOT NULL default '0', + `cxFROMIP` varchar(15) NOT NULL default '127.0.0.1', + `cxTOIP` varchar(15) NOT NULL default '127.0.0.1', + `cxBANK` enum('bank','cyber') NOT NULL default 'bank', + PRIMARY KEY (`cxID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `bankxferlogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `blacklist` +-- + +CREATE TABLE `blacklist` ( + `bl_ID` int(11) NOT NULL auto_increment, + `bl_ADDER` int(11) NOT NULL default '0', + `bl_ADDED` int(11) NOT NULL default '0', + `bl_COMMENT` varchar(255) NOT NULL default '', + PRIMARY KEY (`bl_ID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `blacklist` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `cashxferlogs` +-- + +CREATE TABLE `cashxferlogs` ( + `cxID` int(11) NOT NULL auto_increment, + `cxFROM` int(11) NOT NULL default '0', + `cxTO` int(11) NOT NULL default '0', + `cxAMOUNT` int(11) NOT NULL default '0', + `cxTIME` int(11) NOT NULL default '0', + `cxFROMIP` varchar(15) NOT NULL default '127.0.0.1', + `cxTOIP` varchar(15) NOT NULL default '127.0.0.1', + PRIMARY KEY (`cxID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `cashxferlogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `challengebots` +-- + +CREATE TABLE `challengebots` ( + `cb_npcid` int(11) NOT NULL default '0', + `cb_money` int(11) NOT NULL default '0' +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `challengebots` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `challengesbeaten` +-- + +CREATE TABLE `challengesbeaten` ( + `userid` int(11) NOT NULL default '0', + `npcid` int(11) NOT NULL default '0' +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `challengesbeaten` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `cities` +-- + +CREATE TABLE `cities` ( + `cityid` int(11) NOT NULL auto_increment, + `cityname` varchar(255) NOT NULL default '', + `citydesc` longtext NOT NULL, + `cityminlevel` int(11) NOT NULL default '0', + PRIMARY KEY (`cityid`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `cities` +-- + +INSERT INTO `cities` (`cityid`, `cityname`, `citydesc`, `cityminlevel`) VALUES +(1, 'Default City', 'A standard city added to start you off', 1); + +-- -------------------------------------------------------- + +-- +-- Table structure for table `contactlist` +-- + +CREATE TABLE `contactlist` ( + `cl_ID` int(11) NOT NULL auto_increment, + `cl_ADDER` int(11) NOT NULL default '0', + `cl_ADDED` int(11) NOT NULL default '0', + PRIMARY KEY (`cl_ID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `contactlist` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `courses` +-- + +CREATE TABLE `courses` ( + `crID` int(11) NOT NULL auto_increment, + `crNAME` varchar(255) NOT NULL default '', + `crDESC` text NOT NULL, + `crCOST` int(11) NOT NULL default '0', + `crENERGY` int(11) NOT NULL default '0', + `crDAYS` int(11) NOT NULL default '0', + `crSTR` int(11) NOT NULL default '0', + `crGUARD` int(11) NOT NULL default '0', + `crLABOUR` int(11) NOT NULL default '0', + `crAGIL` int(11) NOT NULL default '0', + `crIQ` int(11) NOT NULL default '0', + PRIMARY KEY (`crID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `courses` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `coursesdone` +-- + +CREATE TABLE `coursesdone` ( + `userid` int(11) NOT NULL default '0', + `courseid` int(11) NOT NULL default '0' +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `coursesdone` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `crimegroups` +-- + +CREATE TABLE `crimegroups` ( + `cgID` int(11) NOT NULL auto_increment, + `cgNAME` varchar(255) NOT NULL default '', + `cgORDER` int(11) NOT NULL default '0', + PRIMARY KEY (`cgID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `crimegroups` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `crimes` +-- + +CREATE TABLE `crimes` ( + `crimeID` int(11) NOT NULL auto_increment, + `crimeNAME` varchar(255) NOT NULL default '', + `crimeBRAVE` int(11) NOT NULL default '0', + `crimePERCFORM` text NOT NULL, + `crimeSUCCESSMUNY` int(11) NOT NULL default '0', + `crimeSUCCESSCRYS` int(11) NOT NULL default '0', + `crimeSUCCESSITEM` int(11) NOT NULL default '0', + `crimeGROUP` int(11) NOT NULL default '0', + `crimeITEXT` text NOT NULL, + `crimeSTEXT` text NOT NULL, + `crimeFTEXT` text NOT NULL, + `crimeJTEXT` text NOT NULL, + `crimeJAILTIME` int(10) NOT NULL default '0', + `crimeJREASON` varchar(255) NOT NULL default '', + `crimeXP` int(11) NOT NULL default '0', + PRIMARY KEY (`crimeID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `crimes` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `crystalmarket` +-- + +CREATE TABLE `crystalmarket` ( + `cmID` int(11) NOT NULL auto_increment, + `cmQTY` int(11) NOT NULL default '0', + `cmADDER` int(11) NOT NULL default '0', + `cmPRICE` int(11) NOT NULL default '0', + PRIMARY KEY (`cmID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `crystalmarket` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `crystalxferlogs` +-- + +CREATE TABLE `crystalxferlogs` ( + `cxID` int(11) NOT NULL auto_increment, + `cxFROM` int(11) NOT NULL default '0', + `cxTO` int(11) NOT NULL default '0', + `cxAMOUNT` int(11) NOT NULL default '0', + `cxTIME` int(11) NOT NULL default '0', + `cxFROMIP` varchar(15) NOT NULL default '127.0.0.1', + `cxTOIP` varchar(15) NOT NULL default '127.0.0.1', + PRIMARY KEY (`cxID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `crystalxferlogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `dps_accepted` +-- + +CREATE TABLE `dps_accepted` ( + `dpID` int(11) NOT NULL auto_increment, + `dpBUYER` int(11) NOT NULL default '0', + `dpFOR` int(11) NOT NULL default '0', + `dpTYPE` varchar(255) NOT NULL default '', + `dpTIME` int(11) NOT NULL default '0', + `dpTXN` varchar(255) NOT NULL default '', + PRIMARY KEY (`dpID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `dps_accepted` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `events` +-- + +CREATE TABLE `events` ( + `evID` int(11) NOT NULL auto_increment, + `evUSER` int(11) NOT NULL default '0', + `evTIME` int(11) NOT NULL default '0', + `evREAD` int(11) NOT NULL default '0', + `evTEXT` text NOT NULL, + PRIMARY KEY (`evID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `events` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `fedjail` +-- + +CREATE TABLE `fedjail` ( + `fed_id` int(11) NOT NULL auto_increment, + `fed_userid` int(11) NOT NULL default '0', + `fed_days` int(11) NOT NULL default '0', + `fed_jailedby` int(11) NOT NULL default '0', + `fed_reason` text NOT NULL, + PRIMARY KEY (`fed_id`), + UNIQUE (`fed_userid`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `fedjail` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `forum_forums` +-- + +CREATE TABLE IF NOT EXISTS `forum_forums` ( + `ff_id` int(11) NOT NULL auto_increment, + `ff_name` varchar(255) NOT NULL default '', + `ff_desc` varchar(255) NOT NULL default '', + `ff_posts` int(11) NOT NULL default '0', + `ff_topics` int(11) NOT NULL default '0', + `ff_lp_time` int(11) NOT NULL default '0', + `ff_lp_poster_id` int(11) NOT NULL default '0', + `ff_lp_poster_name` text NOT NULL, + `ff_lp_t_id` int(11) NOT NULL default '0', + `ff_lp_t_name` varchar(255) NOT NULL default '', + `ff_auth` enum('public','gang','staff') NOT NULL default 'public', + `ff_owner` int(11) NOT NULL default '0', + PRIMARY KEY (`ff_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `forum_forums` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `forum_posts` +-- + +CREATE TABLE IF NOT EXISTS `forum_posts` ( + `fp_id` int(11) NOT NULL auto_increment, + `fp_topic_id` int(11) NOT NULL default '0', + `fp_forum_id` int(11) NOT NULL default '0', + `fp_poster_id` int(11) NOT NULL default '0', + `fp_poster_name` text NOT NULL, + `fp_time` int(11) NOT NULL default '0', + `fp_subject` varchar(255) NOT NULL default '', + `fp_text` text NOT NULL default '', + `fp_editor_id` int(11) NOT NULL default '0', + `fp_editor_name` text NOT NULL, + `fp_editor_time` int(11) NOT NULL default '0', + `fp_edit_count` int(11) NOT NULL default '0', + PRIMARY KEY (`fp_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `forum_posts` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `forum_topics` +-- + +CREATE TABLE IF NOT EXISTS `forum_topics` ( + `ft_id` int(11) NOT NULL auto_increment, + `ft_forum_id` int(11) NOT NULL default '0', + `ft_name` varchar(150) NOT NULL default '', + `ft_desc` varchar(255) NOT NULL default '', + `ft_posts` int(11) NOT NULL default '0', + `ft_owner_id` int(11) NOT NULL default '0', + `ft_owner_name` text NOT NULL, + `ft_start_time` int(11) NOT NULL default '0', + `ft_last_id` int(11) NOT NULL default '0', + `ft_last_name` text NOT NULL, + `ft_last_time` int(11) NOT NULL default '0', + `ft_pinned` tinyint(4) NOT NULL default '0', + `ft_locked` tinyint(4) NOT NULL default '0', + PRIMARY KEY (`ft_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `forum_topics` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `friendslist` +-- + +CREATE TABLE `friendslist` ( + `fl_ID` int(11) NOT NULL auto_increment, + `fl_ADDER` int(11) NOT NULL default '0', + `fl_ADDED` int(11) NOT NULL default '0', + `fl_COMMENT` varchar(255) NOT NULL default '', + PRIMARY KEY (`fl_ID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `friendslist` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `gangevents` +-- + +CREATE TABLE `gangevents` ( + `gevID` int(11) NOT NULL auto_increment, + `gevGANG` int(11) NOT NULL default '0', + `gevTIME` int(11) NOT NULL default '0', + `gevTEXT` text NOT NULL, + PRIMARY KEY (`gevID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `gangevents` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `gangs` +-- + +CREATE TABLE `gangs` ( + `gangID` int(11) NOT NULL auto_increment, + `gangNAME` varchar(255) NOT NULL default '', + `gangDESC` text NOT NULL, + `gangPREF` varchar(12) NOT NULL default '', + `gangSUFF` varchar(12) NOT NULL default '', + `gangMONEY` int(11) NOT NULL default '0', + `gangCRYSTALS` int(11) NOT NULL default '0', + `gangRESPECT` int(11) NOT NULL default '0', + `gangPRESIDENT` int(11) NOT NULL default '0', + `gangVICEPRES` int(11) NOT NULL default '0', + `gangCAPACITY` int(11) NOT NULL default '0', + `gangCRIME` int(11) NOT NULL default '0', + `gangCHOURS` int(11) NOT NULL default '0', + `gangAMENT` longtext NOT NULL, + PRIMARY KEY (`gangID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `gangs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `gangwars` +-- + +CREATE TABLE `gangwars` ( + `warID` int(11) NOT NULL auto_increment, + `warDECLARER` int(11) NOT NULL default '0', + `warDECLARED` int(11) NOT NULL default '0', + `warTIME` int(11) NOT NULL default '0', + PRIMARY KEY (`warID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `gangwars` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `houses` +-- + +CREATE TABLE `houses` ( + `hID` int(11) NOT NULL auto_increment, + `hNAME` varchar(255) NOT NULL default '', + `hPRICE` int(11) NOT NULL default '0', + `hWILL` int(11) NOT NULL default '0', + PRIMARY KEY (`hID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `houses` +-- + +INSERT INTO `houses` (`hID`, `hNAME`, `hPRICE`, `hWILL`) VALUES +(1, 'Default House', 0, 100); + +-- -------------------------------------------------------- + +-- +-- Table structure for table `imarketaddlogs` +-- + +CREATE TABLE `imarketaddlogs` ( + `imaID` int(11) NOT NULL auto_increment, + `imaITEM` int(11) NOT NULL default '0', + `imaPRICE` int(11) NOT NULL default '0', + `imaINVID` int(11) NOT NULL default '0', + `imaADDER` int(11) NOT NULL default '0', + `imaTIME` int(11) NOT NULL default '0', + `imaCONTENT` text NOT NULL, + PRIMARY KEY (`imaID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `imarketaddlogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `imbuylogs` +-- + +CREATE TABLE `imbuylogs` ( + `imbID` int(11) NOT NULL auto_increment, + `imbITEM` int(11) NOT NULL default '0', + `imbADDER` int(11) NOT NULL default '0', + `imbBUYER` int(11) NOT NULL default '0', + `imbPRICE` int(11) NOT NULL default '0', + `imbIMID` int(11) NOT NULL default '0', + `imbINVID` int(11) NOT NULL default '0', + `imbTIME` int(11) NOT NULL default '0', + `imbCONTENT` text NOT NULL, + PRIMARY KEY (`imbID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `imbuylogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `imremovelogs` +-- + +CREATE TABLE `imremovelogs` ( + `imrID` int(11) NOT NULL auto_increment, + `imrITEM` int(11) NOT NULL default '0', + `imrADDER` int(11) NOT NULL default '0', + `imrREMOVER` int(11) NOT NULL default '0', + `imrIMID` int(11) NOT NULL default '0', + `imrINVID` int(11) NOT NULL default '0', + `imrTIME` int(11) NOT NULL default '0', + `imrCONTENT` text NOT NULL, + PRIMARY KEY (`imrID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `imremovelogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `inventory` +-- + +CREATE TABLE `inventory` ( + `inv_id` int(11) NOT NULL auto_increment, + `inv_itemid` int(11) NOT NULL default '0', + `inv_userid` int(11) NOT NULL default '0', + `inv_qty` int(11) NOT NULL default '0', + PRIMARY KEY (`inv_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `inventory` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `itembuylogs` +-- + +CREATE TABLE `itembuylogs` ( + `ibID` int(11) NOT NULL auto_increment, + `ibUSER` int(11) NOT NULL default '0', + `ibITEM` int(11) NOT NULL default '0', + `ibTOTALPRICE` int(11) NOT NULL default '0', + `ibQTY` int(11) NOT NULL default '0', + `ibTIME` int(11) NOT NULL default '0', + `ibCONTENT` text NOT NULL, + PRIMARY KEY (`ibID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `itembuylogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `itemmarket` +-- + +CREATE TABLE `itemmarket` ( + `imID` int(11) NOT NULL auto_increment, + `imITEM` int(11) NOT NULL default '0', + `imADDER` int(11) NOT NULL default '0', + `imPRICE` int(11) NOT NULL default '0', + `imCURRENCY` enum('money','crystals') NOT NULL default 'money', + `imQTY` int(11) NOT NULL default '0', + PRIMARY KEY (`imID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `itemmarket` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `items` +-- + +CREATE TABLE `items` ( + `itmid` int(11) NOT NULL auto_increment, + `itmtype` int(11) NOT NULL default '0', + `itmname` varchar(255) NOT NULL default '', + `itmdesc` text NOT NULL, + `itmbuyprice` int(11) NOT NULL default '0', + `itmsellprice` int(11) NOT NULL default '0', + `itmbuyable` int(11) NOT NULL default '0', + `effect1_on` tinyint(4) NOT NULL default '0', + `effect1` text NOT NULL, + `effect2_on` tinyint(4) NOT NULL default '0', + `effect2` text NOT NULL, + `effect3_on` tinyint(4) NOT NULL default '0', + `effect3` text NOT NULL, + `weapon` int(11) NOT NULL default '0', + `armor` int(11) NOT NULL default '0', + PRIMARY KEY (`itmid`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `items` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `itemselllogs` +-- + +CREATE TABLE `itemselllogs` ( + `isID` int(11) NOT NULL auto_increment, + `isUSER` int(11) NOT NULL default '0', + `isITEM` int(11) NOT NULL default '0', + `isTOTALPRICE` int(11) NOT NULL default '0', + `isQTY` int(11) NOT NULL default '0', + `isTIME` int(11) NOT NULL default '0', + `isCONTENT` text NOT NULL, + PRIMARY KEY (`isID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `itemselllogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `itemtypes` +-- + +CREATE TABLE `itemtypes` ( + `itmtypeid` int(11) NOT NULL auto_increment, + `itmtypename` varchar(255) NOT NULL default '', + PRIMARY KEY (`itmtypeid`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `itemtypes` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `itemxferlogs` +-- + +CREATE TABLE `itemxferlogs` ( + `ixID` int(11) NOT NULL auto_increment, + `ixFROM` int(11) NOT NULL default '0', + `ixTO` int(11) NOT NULL default '0', + `ixITEM` int(11) NOT NULL default '0', + `ixQTY` int(11) NOT NULL default '0', + `ixTIME` int(11) NOT NULL default '0', + `ixFROMIP` varchar(255) NOT NULL default '', + `ixTOIP` varchar(255) NOT NULL default '', + PRIMARY KEY (`ixID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `itemxferlogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `jaillogs` +-- + +CREATE TABLE `jaillogs` ( + `jaID` int(11) NOT NULL auto_increment, + `jaJAILER` int(11) NOT NULL default '0', + `jaJAILED` int(11) NOT NULL default '0', + `jaDAYS` int(11) NOT NULL default '0', + `jaREASON` longtext NOT NULL, + `jaTIME` int(11) NOT NULL default '0', + PRIMARY KEY (`jaID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `jaillogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `jobranks` +-- + +CREATE TABLE `jobranks` ( + `jrID` int(11) NOT NULL auto_increment, + `jrNAME` varchar(255) NOT NULL default '', + `jrJOB` int(11) NOT NULL default '0', + `jrPAY` int(11) NOT NULL default '0', + `jrIQG` int(11) NOT NULL default '0', + `jrLABOURG` int(11) NOT NULL default '0', + `jrSTRG` int(11) NOT NULL default '0', + `jrIQN` int(11) NOT NULL default '0', + `jrLABOURN` int(11) NOT NULL default '0', + `jrSTRN` int(11) NOT NULL default '0', + PRIMARY KEY (`jrID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `jobranks` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `jobs` +-- + +CREATE TABLE `jobs` ( + `jID` int(11) NOT NULL auto_increment, + `jNAME` varchar(255) NOT NULL default '', + `jFIRST` int(11) NOT NULL default '0', + `jDESC` varchar(255) NOT NULL default '', + `jOWNER` varchar(255) NOT NULL default '', + PRIMARY KEY (`jID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `jobs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `mail` +-- + +CREATE TABLE `mail` ( + `mail_id` int(11) NOT NULL auto_increment, + `mail_read` int(11) NOT NULL default '0', + `mail_from` int(11) NOT NULL default '0', + `mail_to` int(11) NOT NULL default '0', + `mail_time` int(11) NOT NULL default '0', + `mail_subject` varchar(255) NOT NULL default '', + `mail_text` text NOT NULL, + PRIMARY KEY (`mail_id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `mail` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `oclogs` +-- + +CREATE TABLE `oclogs` ( + `oclID` int(11) NOT NULL auto_increment, + `oclOC` int(11) NOT NULL default '0', + `oclGANG` int(11) NOT NULL default '0', + `oclLOG` text NOT NULL, + `oclRESULT` enum('success','failure') NOT NULL default 'success', + `oclMONEY` int(11) NOT NULL default '0', + `ocCRIMEN` varchar(255) NOT NULL default '', + `ocTIME` int(11) NOT NULL default '0', + PRIMARY KEY (`oclID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `oclogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `orgcrimes` +-- + +CREATE TABLE `orgcrimes` ( + `ocID` int(11) NOT NULL auto_increment, + `ocNAME` varchar(255) NOT NULL default '', + `ocUSERS` int(11) NOT NULL default '0', + `ocSTARTTEXT` text NOT NULL, + `ocSUCCTEXT` text NOT NULL, + `ocFAILTEXT` text NOT NULL, + `ocMINMONEY` int(11) NOT NULL default '0', + `ocMAXMONEY` int(11) NOT NULL default '0', + PRIMARY KEY (`ocID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `orgcrimes` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `papercontent` +-- + +CREATE TABLE `papercontent` ( + `content` longtext NOT NULL +) ENGINE=MyISAM ; + +INSERT INTO `papercontent` VALUES('Here you can put game news, or prehaps an update log.'); + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `polls` +-- + +CREATE TABLE `polls` ( + `id` int(11) NOT NULL auto_increment, + `active` enum('0','1') NOT NULL default '0', + `question` varchar(255) NOT NULL default '', + `choice1` varchar(255) NOT NULL default '', + `choice2` varchar(255) NOT NULL default '', + `choice3` varchar(255) NOT NULL default '', + `choice4` varchar(255) NOT NULL default '', + `choice5` varchar(255) NOT NULL default '', + `choice6` varchar(255) NOT NULL default '', + `choice7` varchar(255) NOT NULL default '', + `choice8` varchar(255) NOT NULL default '', + `choice9` varchar(255) NOT NULL default '', + `choice10` varchar(255) NOT NULL default '', + `voted1` int(11) NOT NULL default '0', + `voted2` int(11) NOT NULL default '0', + `voted3` int(11) NOT NULL default '0', + `voted4` int(11) NOT NULL default '0', + `voted5` int(11) NOT NULL default '0', + `voted6` int(11) NOT NULL default '0', + `voted7` int(11) NOT NULL default '0', + `voted8` int(11) NOT NULL default '0', + `voted9` int(11) NOT NULL default '0', + `voted10` int(11) NOT NULL default '0', + `votes` int(11) NOT NULL default '0', + `winner` int(11) NOT NULL default '0', + `hidden` tinyint(4) NOT NULL default '0', + PRIMARY KEY (`id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `polls` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `preports` +-- + +CREATE TABLE `preports` ( + `prID` int(11) NOT NULL auto_increment, + `prREPORTER` int(11) NOT NULL default '0', + `prREPORTED` int(11) NOT NULL default '0', + `prTEXT` longtext NOT NULL, + PRIMARY KEY (`prID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `preports` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `referals` +-- + +CREATE TABLE `referals` ( + `refID` int(11) NOT NULL auto_increment, + `refREFER` int(11) NOT NULL default '0', + `refREFED` int(11) NOT NULL default '0', + `refTIME` int(11) NOT NULL default '0', + `refREFERIP` varchar(15) NOT NULL default '127.0.0.1', + `refREFEDIP` varchar(15) NOT NULL default '127.0.0.1', + PRIMARY KEY (`refID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `referals` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `settings` +-- + +CREATE TABLE `settings` ( + `conf_id` int(11) NOT NULL auto_increment, + `conf_name` varchar(255) NOT NULL default '', + `conf_value` text NOT NULL, + PRIMARY KEY (`conf_id`) +) ENGINE=MyISAM ; + +INSERT INTO `settings` VALUES (NULL, 'validate_period', '15'); +INSERT INTO `settings` VALUES (NULL, 'validate_on', '0'); +INSERT INTO `settings` VALUES (NULL, 'regcap_on', '0'); +INSERT INTO `settings` VALUES (NULL, 'hospital_count', '0'); +INSERT INTO `settings` VALUES (NULL, 'jail_count', '0'); +INSERT INTO `settings` VALUES (NULL, 'sendcrys_on', '1'); +INSERT INTO `settings` VALUES (NULL, 'sendbank_on', '1'); +INSERT INTO `settings` VALUES (NULL, 'ct_refillprice', '12'); +INSERT INTO `settings` VALUES (NULL, 'ct_iqpercrys', '5'); +INSERT INTO `settings` VALUES (NULL, 'ct_moneypercrys', '200'); +INSERT INTO `settings` VALUES (NULL, 'staff_pad', 'Here you can store notes for all staff to see.'); +INSERT INTO `settings` VALUES (NULL, 'willp_item', '0'); +INSERT INTO `settings` VALUES (NULL, 'jquery_location', 'js/jquery-1.7.1.min.js'); + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `shopitems` +-- + +CREATE TABLE `shopitems` ( + `sitemID` int(11) NOT NULL auto_increment, + `sitemSHOP` int(11) NOT NULL default '0', + `sitemITEMID` int(11) NOT NULL default '0', + PRIMARY KEY (`sitemID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `shopitems` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `shops` +-- + +CREATE TABLE `shops` ( + `shopID` int(11) NOT NULL auto_increment, + `shopLOCATION` int(11) NOT NULL default '0', + `shopNAME` varchar(255) NOT NULL default '', + `shopDESCRIPTION` text NOT NULL, + PRIMARY KEY (`shopID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `shops` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `stafflog` +-- + +CREATE TABLE `stafflog` ( + `id` int(11) NOT NULL auto_increment, + `user` int(11) NOT NULL default '0', + `time` int(11) NOT NULL default '0', + `action` varchar(255) NOT NULL default '', + `ip` varchar(15) NOT NULL default '', + PRIMARY KEY (`id`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `stafflog` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `staffnotelogs` +-- + +CREATE TABLE `staffnotelogs` ( + `snID` int(11) NOT NULL auto_increment, + `snCHANGER` int(11) NOT NULL default '0', + `snCHANGED` int(11) NOT NULL default '0', + `snTIME` int(11) NOT NULL default '0', + `snOLD` longtext NOT NULL, + `snNEW` longtext NOT NULL, + PRIMARY KEY (`snID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `staffnotelogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `surrenders` +-- + +CREATE TABLE `surrenders` ( + `surID` int(11) NOT NULL auto_increment, + `surWAR` int(11) NOT NULL default '0', + `surWHO` int(11) NOT NULL default '0', + `surTO` int(11) NOT NULL default '0', + `surMSG` varchar(255) NOT NULL default '', + PRIMARY KEY (`surID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `surrenders` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `unjaillogs` +-- + +CREATE TABLE `unjaillogs` ( + `ujaID` int(11) NOT NULL auto_increment, + `ujaJAILER` int(11) NOT NULL default '0', + `ujaJAILED` int(11) NOT NULL default '0', + `ujaTIME` int(11) NOT NULL default '0', + PRIMARY KEY (`ujaID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `unjaillogs` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `users` +-- + +CREATE TABLE IF NOT EXISTS `users` ( + `userid` int(11) NOT NULL auto_increment, + `username` varchar(255) NOT NULL default '', + `userpass` varchar(255) NOT NULL default '', + `level` int(11) NOT NULL default '0', + `exp` decimal(11,4) NOT NULL default '0.0000', + `money` int(11) NOT NULL default '0', + `crystals` int(11) NOT NULL default '0', + `laston` int(11) NOT NULL default '0', + `lastip` varchar(255) NOT NULL default '', + `job` int(11) NOT NULL default '0', + `energy` int(11) NOT NULL default '0', + `will` int(11) NOT NULL default '0', + `maxwill` int(11) NOT NULL default '0', + `brave` int(11) NOT NULL default '0', + `maxbrave` int(11) NOT NULL default '0', + `maxenergy` int(11) NOT NULL default '0', + `hp` int(11) NOT NULL default '0', + `maxhp` int(11) NOT NULL default '0', + `lastrest_life` int(11) NOT NULL default '0', + `lastrest_other` int(11) NOT NULL default '0', + `location` int(11) NOT NULL default '0', + `hospital` int(11) NOT NULL default '0', + `jail` int(11) NOT NULL default '0', + `jail_reason` varchar(255) NOT NULL default '', + `fedjail` int(11) NOT NULL default '0', + `user_level` int(11) NOT NULL default '1', + `gender` enum('Male','Female') NOT NULL default 'Male', + `daysold` int(11) NOT NULL default '0', + `signedup` int(11) NOT NULL default '0', + `gang` int(11) NOT NULL default '0', + `daysingang` int(11) NOT NULL default '0', + `course` int(11) NOT NULL default '0', + `cdays` int(11) NOT NULL default '0', + `jobrank` int(11) NOT NULL default '0', + `donatordays` int(11) NOT NULL default '0', + `email` varchar(255) NOT NULL default '', + `login_name` varchar(255) NOT NULL default '', + `display_pic` text NOT NULL, + `duties` varchar(255) NOT NULL default 'N/A', + `bankmoney` int(11) NOT NULL default '0', + `cybermoney` int(11) NOT NULL default '-1', + `staffnotes` longtext NOT NULL, + `mailban` int(11) NOT NULL default '0', + `mb_reason` varchar(255) NOT NULL default '', + `hospreason` varchar(255) NOT NULL default '', + `lastip_login` varchar(255) NOT NULL default '127.0.0.1', + `lastip_signup` varchar(255) NOT NULL default '127.0.0.1', + `last_login` int(11) NOT NULL default '0', + `voted` text NOT NULL, + `crimexp` int(11) NOT NULL default '0', + `attacking` int(11) NOT NULL default '0', + `verified` int(11) NOT NULL default '0', + `forumban` int(11) NOT NULL default '0', + `fb_reason` varchar(255) NOT NULL default '', + `posts` int(11) NOT NULL default '0', + `forums_avatar` varchar(255) NOT NULL default '', + `forums_signature` varchar(250) NOT NULL default '', + `new_events` int(11) NOT NULL default '0', + `new_mail` int(11) NOT NULL default '0', + `friend_count` int(11) NOT NULL default '0', + `enemy_count` int(11) NOT NULL default '0', + `new_announcements` int(11) NOT NULL default '0', + `boxes_opened` int(11) NOT NULL default '0', + `user_notepad` text NOT NULL, + `equip_primary` int(11) NOT NULL default '0', + `equip_secondary` int(11) NOT NULL default '0', + `equip_armor` int(11) NOT NULL default '0', + `force_logout` tinyint(4) NOT NULL default '0', + `pass_salt` varchar(8) NOT NULL default '', + PRIMARY KEY (`userid`) +) ENGINE=MyISAM ; +-- +-- Dumping data for table `users` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `userstats` +-- + +CREATE TABLE `userstats` ( + `userid` int(11) NOT NULL default '0', + `strength` float NOT NULL default '0', + `agility` float NOT NULL default '0', + `guard` float NOT NULL default '0', + `labour` float NOT NULL default '0', + `IQ` float NOT NULL default '0', + PRIMARY KEY (`userid`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `userstats` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `votes` +-- + +CREATE TABLE `votes` ( + `userid` int(11) NOT NULL default '0', + `list` varchar(255) NOT NULL default '' +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `votes` +-- + + +-- -------------------------------------------------------- + +-- +-- Table structure for table `willps_accepted` +-- + +CREATE TABLE `willps_accepted` ( + `dpID` int(11) NOT NULL auto_increment, + `dpBUYER` int(11) NOT NULL default '0', + `dpFOR` int(11) NOT NULL default '0', + `dpAMNT` varchar(255) NOT NULL default '', + `dpTIME` int(11) NOT NULL default '0', + `dpTXN` varchar(255) NOT NULL default '', + PRIMARY KEY (`dpID`) +) ENGINE=MyISAM ; + +-- +-- Dumping data for table `willps_accepted` +-- \ No newline at end of file diff --git a/dgrad.jpg b/dgrad.jpg new file mode 100644 index 0000000000000000000000000000000000000000..9ee638692162fa75110d520835e03183c0f2b2dc GIT binary patch literal 342 zcmex=iF;o{=v;^GnD0RsUZK7IjyJ|1CV5fNcw z8EI*08F@HhWM^mR<>8eO5Ri}(6%>_%OAyQWe}F-dgF%gfk(p7Dfk}{&S&;Gn5r!BB z1}0{pBar|T8#@OhBa#4^DFE~`GbgerW6(q*u~imtNgxzxApNEG0|C;~>+cJ*; literal 0 HcmV?d00001 diff --git a/dgradl.jpg b/dgradl.jpg new file mode 100644 index 0000000000000000000000000000000000000000..687a3d5d16f3695594d1bbc080c0fe566bc81952 GIT binary patch literal 497 zcmex=iF;o{=v;^GnD0RsUZK7IjyJ|1CV5fNcw z8EI*08F@HhWM^mR<>8eO5Ri}(6%>_%OAyQWe}F-dgF%f!jhRu9fk}{&S&;Gn5r%9A z1}0`kMxZlcfQ5~Ll^snCEGNLgz{1SR%nMTp^cfSgAPcLaqmU8X=F9Acg%cM#1x*%7 zDKQlj7eqD^tmFSJ1|DWcpv}yJ4E7B7;!h-qX-9@IPHv57wtOGHDT8?i2czwqWsG?n zI+i*}{D_%jV!7$->YFBvM_3pZymVD#nzrPe$_%cXw&78iKb<@6vFUK{j)%L_K7}nl zlBx17tXp9MlTTrD)VB0CKZl>Ut7{niZIf#6oaw#T< uG3YC=mdyh8U!Rhvu(c&vgh?OZ+m!TKK~BqO?JK=z#&eQ>A4?nl-vj_g40mY& literal 0 HcmV?d00001 diff --git a/dgradr.jpg b/dgradr.jpg new file mode 100644 index 0000000000000000000000000000000000000000..0cc1cdf1651c39229c89c8fe828d969fed11c1f1 GIT binary patch literal 489 zcmex=iF;o{=v;^GnD0RsUZK7IjyJ|1CV5fNcw z8EI*08F@HhWM^mR<>8eO5Ri}(6%>_%OAyQWe}F-dgF%f!jhRu9fk}{&S&;Gn5r#|# z1|}wEMxZlcfSHwroq>ssgArK}EGfXi$il$P29$;ZMg}Hk7C}c=#fd^rZ0vc5`8 zcz2n_O>JdCMuFn!Lo%^vp34*#u}@Kc$jGc0BKo + + From + Subject/Message + "; + $q = + $db->query( + "SELECT `mail_time`, `mail_subject`, `mail_text`, + `userid`, `username` + FROM `mail` AS `m` + LEFT JOIN `users` AS `u` ON `m`.`mail_from` = `u`.`userid` + WHERE `m`.`mail_to` = $userid + ORDER BY `mail_time` DESC"); + while ($r = $db->fetch_row($q)) + { + $sent = date('F j, Y, g:i:s a', $r['mail_time']); + echo " + "; + if ($r['userid']) + { + echo "{$r['username']} [{$r['userid']}]"; + } + else + { + echo "SYSTEM"; + } + echo " + {$r['mail_subject']} + + + Sent at: $sent + {$r['mail_text']} + "; + } + $db->free_result($q); + echo ""; +} +else if ($_GET['a'] == 'outbox') +{ + header('Content-type: text/html'); + header( + 'Content-Disposition: attachment; ' . 'filename="outbox_archive_' + . $userid . '_' . time() . '.htm"'); + echo " + + + + "; + $q = + $db->query( + "SELECT `mail_time`, `mail_subject`, `mail_text`, + `userid`, `username` + FROM `mail` AS `m` + LEFT JOIN `users` AS `u` ON `m`.`mail_to` = `u`.`userid` + WHERE `m`.`mail_from` = $userid + ORDER BY `mail_time` DESC"); + while ($r = $db->fetch_row($q)) + { + $sent = date('F j, Y, g:i:s a', $r['mail_time']); + echo " + + + + + + + "; + } + $db->free_result($q); + echo "
ToSubject/Message
{$r['username']} [{$r['userid']}]{$r['mail_subject']}
Sent at: $sent{$r['mail_text']}
"; +} +else +{ + header('HTTP/1.1 400 Bad Request'); + exit; +} diff --git a/docrime.php b/docrime.php new file mode 100644 index 0000000..45ba58b --- /dev/null +++ b/docrime.php @@ -0,0 +1,115 @@ + 0 || $ir['hospital'] > 0) +{ + die("This page cannot be accessed while in jail or hospital."); +} +if ($_GET['c'] <= 0) +{ + echo "Invalid crime"; +} +else +{ + $q = + $db->query( + "SELECT * + FROM `crimes` + WHERE `crimeID` = {$_GET['c']} + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + echo 'Invalid crime.'; + $h->endpage(); + exit; + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($ir['brave'] < $r['crimeBRAVE']) + { + echo "You do not have enough Brave to perform this crime."; + } + else + { + $ec = + "\$sucrate=" + . str_replace( + array("LEVEL", "CRIMEXP", "EXP", "WILL", "IQ"), + array($ir['level'], $ir['crimexp'], + $ir['exp'], $ir['will'], $ir['IQ']), + $r['crimePERCFORM']) . ";"; + eval($ec); + print $r['crimeITEXT']; + $ir['brave'] -= $r['crimeBRAVE']; + $db->query( + "UPDATE `users` + SET `brave` = {$ir['brave']} + WHERE `userid` = $userid"); + if (rand(1, 100) <= $sucrate) + { + print + str_replace("{money}", $r['crimeSUCCESSMUNY'], + $r['crimeSTEXT']); + $ir['money'] += $r['crimeSUCCESSMUNY']; + $ir['crystals'] += $r['crimeSUCCESSCRYS']; + $ir['exp'] += (int) ($r['crimeSUCCESSMUNY'] / 8); + $db->query( + "UPDATE `users` + SET `money` = {$ir['money']}, + `crystals` = {$ir['crystals']}, `exp` = {$ir['exp']}, + `crimexp` = `crimexp` + {$r['crimeXP']} + WHERE `userid` = $userid", $c); + if ($r['crimeSUCCESSITEM']) + { + item_add($userid, $r['crimeSUCCESSITEM'], 1); + } + } + else + { + if (rand(1, 2) == 1) + { + print $r['crimeFTEXT']; + } + else + { + print $r['crimeJTEXT']; + $db->query( + "UPDATE `users` + SET `jail` = '{$r['crimeJAILTIME']}', + `jail_reason` = '{$r['crimeJREASON']}' + WHERE `userid` = $userid"); + } + } + + echo "
Try Again
+Crimes"; + } +} + +$h->endpage(); diff --git a/donator.gif b/donator.gif new file mode 100644 index 0000000000000000000000000000000000000000..96725b77f4c992cd1fbb1498067b4045a8b2c10b GIT binary patch literal 374 zcmZ?rEn{Q=12Z700mNKT%*Y@C7I%QkgE^?ge+C9LgdvZt0H_uQ;M&mSA>v?Tk!6tC iU{gQ@+zeC(wd5hDBHIGD2gw&`@-P_)4c7o?K;;26I8}cD literal 0 HcmV?d00001 diff --git a/donator.php b/donator.php new file mode 100644 index 0000000..134e2ed --- /dev/null +++ b/donator.php @@ -0,0 +1,160 @@ +Donations +[Buy Will Potions]
+If you become a donator to {$set['game_name']}, you will receive + (each time you donate):
+1st Offer:
    +
  • {$fiveK} game money
    • +
  • 50 crystals
    • +
  • 50 IQ, the hardest stat to get in the game!
    • +
  • 30 days Donator Status: Red name + cross next to your name
    • +
  • NEW! Friend and Black Lists
    • +
  • NEW! 17% Energy every 5 mins instead of 8%

+
+ + + + + + + + + + + + +
+2nd Offer:
    +
  • 100 crystals
    • +
  • 30 days Donator Status: Red name + cross next to your name
    • +
  • NEW! Friend and Black Lists
    • +
  • NEW! 17% Energy every 5 mins instead of 8%

+
+ + + + + + + + + + + + +
+3rd Offer:
    +
  • 120 IQ, the hardest stat to get in the game!
    • +
  • 30 days Donator Status: Red name + cross next to your name
    • +
  • NEW! Friend and Black Lists
    • +
  • NEW! 17% Energy every 5 mins instead of 8%

+
+ + + + + + + + + + + + +
+4th Offer ($5.00 pack):
    +
  • {$fiftK} game money
    • +
  • 75 crystals
    • +
  • 80 IQ, the hardest stat to get in the game!
    • +
  • 55 days Donator Status: Red name + cross next to your name
    • +
  • NEW! Friend and Black Lists
    • +
  • NEW! 17% Energy every 5 mins instead of 8%

+
+ + + + + + + + + + + + +
+5th Offer ($10.00 pack):
    +
  • {$thirtfvK} game money
    • +
  • 160 crystals
    • +
  • 180 IQ, the hardest stat to get in the game!
    • +
  • 115 days Donator Status: Red name + cross next to your name
    • +
  • NEW! Friend and Black Lists
    • +
  • NEW! 17% Energy every 5 mins instead of 8%

+
+ + + + + + + + + + + + +
+EOF; +$h->endpage(); diff --git a/donatordone.php b/donatordone.php new file mode 100644 index 0000000..5f22357 --- /dev/null +++ b/donatordone.php @@ -0,0 +1,49 @@ +endpage()); + } + echo 'Thank you for your payment to ' . $set['game_name'] + . '. Your transaction has been completed, and a receipt for + your purchase has been emailed to you. You may log into your + account at www.paypal.com + to view details of this transaction. + Your donator pack should be credited within a few minutes, + if not, contact an admin for assistance.'; +} +$h->endpage(); diff --git a/education.php b/education.php new file mode 100644 index 0000000..2b384fd --- /dev/null +++ b/education.php @@ -0,0 +1,130 @@ +Schooling"; +if ($ir['course'] > 0) +{ + $cd = + $db->query( + "SELECT `crNAME` + FROM `courses` + WHERE `crID` = {$ir['course']}"); + $coud = $db->fetch_row($cd); + $db->free_result($cd); + echo "You are currently doing the {$coud['crNAME']}, you have + {$ir['cdays']} days remaining."; +} +else +{ + if (isset($_GET['cstart'])) + { + $_GET['cstart'] = abs((int) $_GET['cstart']); + //Verify. + $cd = + $db->query( + "SELECT `crCOST`, `crDAYS`, `crNAME` + FROM `courses` + WHERE `crID` = {$_GET['cstart']}"); + if ($db->num_rows($cd) == 0) + { + echo "You are trying to start a non-existant course!"; + } + else + { + $coud = $db->fetch_row($cd); + $db->free_result($cd); + $cdo = + $db->query( + "SELECT COUNT(`userid`) + FROM `coursesdone` + WHERE `userid` = $userid + AND `courseid` = {$_GET['cstart']}"); + if ($ir['money'] < $coud['crCOST']) + { + echo "You don't have enough money to start this course."; + $h->endpage(); + exit; + } + if ($db->fetch_single($cdo) > 0) + { + $db->free_result($cdo); + echo "You have already done this course."; + $h->endpage(); + exit; + } + $db->free_result($cdo); + $db->query( + "UPDATE `users` + SET `course` = {$_GET['cstart']}, + `cdays` = {$coud['crDAYS']}, + `money` = `money` - {$coud['crCOST']} + WHERE `userid` = $userid"); + echo "You have started the {$coud['crNAME']}, + it will take {$coud['crDAYS']} days to complete."; + } + } + else + { + //list courses + echo "Here is a list of available courses.
"; + $q = + $db->query( + "SELECT `crID`, `crNAME`, `crDESC`, `crCOST` + FROM `courses`"); + echo " + + + + + + "; + while ($r = $db->fetch_row($q)) + { + $cdo = + $db->query( + "SELECT COUNT(`userid`) + FROM `coursesdone` + WHERE `userid` = $userid + AND `courseid` = {$r['crID']}"); + if ($db->fetch_single($cdo) > 0) + { + $do = "Done"; + } + else + { + $do = "Take"; + } + $db->free_result($cdo); + echo " + + + + + "; + } + $db->free_result($q); + echo "
CourseDescriptionCostTake
{$r['crNAME']}{$r['crDESC']}" . money_formatter($r['crCOST']) + . "$do
"; + } +} +$h->endpage(); diff --git a/equip_armor.php b/equip_armor.php new file mode 100644 index 0000000..946818b --- /dev/null +++ b/equip_armor.php @@ -0,0 +1,84 @@ +query( + "SELECT `armor`, `itmid`, `itmname` + FROM `inventory` AS `iv` + LEFT JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = $userid + LIMIT 1"); +if ($db->num_rows($id) == 0) +{ + $db->free_result($id); + echo "Invalid item ID"; + $h->endpage(); + exit; +} +else +{ + $r = $db->fetch_row($id); + $db->free_result($id); +} +if ($r['armor'] <= 0) +{ + echo "This item cannot be equipped to this slot."; + $h->endpage(); + exit; +} +if (isset($_POST['type'])) +{ + if ($_POST['type'] !== 'equip_armor') + { + echo "This slot ID is not valid."; + $h->endpage(); + exit; + } + if ($ir['equip_armor'] > 0) + { + item_add($userid, $ir['equip_armor'], 1); + } + item_remove($userid, $r['itmid'], 1); + $db->query( + "UPDATE `users` + SET `equip_armor` = {$r['itmid']} + WHERE `userid` = {$userid}"); + echo "Item {$r['itmname']} equipped successfully."; +} +else +{ + echo "

Equip Armor

+
+Click Equip Armor to equip {$r['itmname']} as your armor, + if you currently have any armor equipped it will be removed back + to your inventory.
+ + +
"; +} +$h->endpage(); diff --git a/equip_weapon.php b/equip_weapon.php new file mode 100644 index 0000000..ddf6adc --- /dev/null +++ b/equip_weapon.php @@ -0,0 +1,88 @@ +query( + "SELECT `weapon`, `itmid`, `itmname` + FROM `inventory` AS `iv` + LEFT JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = $userid + LIMIT 1"); +if ($db->num_rows($id) == 0) +{ + $db->free_result($id); + echo "Invalid item ID"; + $h->endpage(); + exit; +} +else +{ + $r = $db->fetch_row($id); + $db->free_result($id); +} +if (!$r['weapon']) +{ + echo "This item cannot be equipped to this slot."; + $h->endpage(); + exit; +} +if (isset($_POST['type'])) +{ + if (!in_array($_POST['type'], array("equip_primary", "equip_secondary"), + true)) + { + echo "This slot ID is not valid."; + $h->endpage(); + exit; + } + if ($ir[$_POST['type']] > 0) + { + item_add($userid, $ir[$_POST['type']], 1); + } + item_remove($userid, $r['itmid'], 1); + $db->query( + "UPDATE `users` + SET `{$_POST['type']}` = {$r['itmid']} + WHERE `userid` = {$userid}"); + echo "Item {$r['itmname']} equipped successfully."; +} +else +{ + echo "

Equip Weapon

+
+Please choose the slot to equip {$r['itmname']} to, + if there is already a weapon in that slot, + it will be removed back to your inventory.
+ + Primary
+ + Secondary
+ +
"; +} +$h->endpage(); diff --git a/estate.php b/estate.php new file mode 100644 index 0000000..65b1b75 --- /dev/null +++ b/estate.php @@ -0,0 +1,106 @@ +query( + "SELECT * + FROM `houses` + WHERE `hWILL` = {$ir['maxwill']} + LIMIT 1"); +$mp = $db->fetch_row($mpq); +$db->free_result($mpq); +if (isset($_GET['property']) && is_numeric($_GET['property'])) +{ + $_GET['property'] = abs((int) $_GET['property']); + $npq = + $db->query( + "SELECT `hWILL`, `hPRICE`, `hNAME` + FROM `houses` + WHERE `hID` = {$_GET['property']}"); + if ($db->num_rows($npq) == 0) + { + $db->free_result($npq); + echo "That house doesn't exist."; + $h->endpage(); + exit; + } + $np = $db->fetch_row($npq); + $db->free_result($npq); + if ($np['hWILL'] < $mp['hWILL']) + { + echo "You cannot go backwards in houses!"; + } + else if ($np['hPRICE'] > $ir['money']) + { + echo "You do not have enough money to buy the {$np['hNAME']}."; + } + else + { + $db->query( + "UPDATE `users` + SET `money` = `money` - {$np['hPRICE']}, + `will` = 0, `maxwill` = {$np['hWILL']} + WHERE `userid` = $userid"); + echo "Congrats, you bought the {$np['hNAME']} for " + . money_formatter($np['hPRICE']) . "!"; + } +} +else if (isset($_GET['sellhouse'])) +{ + if ($ir['maxwill'] == 100) + { + echo "You already live in the lowest property!"; + } + else + { + $db->query( + "UPDATE `users` + SET `money` = `money` + {$mp['hPRICE']}, + `will` = 0, `maxwill` = 100 + WHERE `userid` = $userid"); + echo "You sold your {$mp['hNAME']} and went back to your shed."; + } +} +else +{ + echo "Your current property: {$mp['hNAME']}
+The houses you can buy are listed below. Click a house to buy it.
"; + if ($ir['maxwill'] > 100) + { + echo "Sell Your House
"; + } + $hq = + $db->query( + "SELECT * + FROM `houses` + WHERE `hWILL` > {$ir['maxwill']} + ORDER BY `hWILL` ASC"); + while ($r = $db->fetch_row($hq)) + { + echo "{$r['hNAME']}" + . "   - Cost: " . money_formatter($r['hPRICE']) + . "   - Will Bar: {$r['hWILL']}
"; + } + $db->free_result($hq); +} +$h->endpage(); diff --git a/events.php b/events.php new file mode 100644 index 0000000..2fef411 --- /dev/null +++ b/events.php @@ -0,0 +1,144 @@ + 0) +{ + $d_c = + $db->query( + "SELECT COUNT(`evUSER`) + FROM `events` + WHERE `evID` = {$_GET['delete']} + AND `evUSER` = {$userid}"); + if ($db->fetch_single($d_c) == 0) + { + echo 'Event doesn\'t exist
'; + } + else + { + $db->query( + "DELETE FROM `events` + WHERE `evID` = {$_GET['delete']} + AND `evUSER` = {$userid}"); + echo 'Event Deleted
'; + } + $db->free_result($d_c); +} +if (isset($_GET['delall']) && $_GET['delall']) +{ + $delall_verf = request_csrf_code('events_delall'); + echo " + This will delete all your events.
+ There is NO undo, so be sure.
+ > Yes, + delete all my events
+ > No, go back
+ "; + $h->endpage(); + exit; +} +if (isset($_GET['delall2']) && $_GET['delall2']) +{ + if (!isset($_GET['verf']) + || !verify_csrf_code('events_delall', stripslashes($_GET['verf']))) + { + echo '

Error

+ This action has been blocked for your security.
+ You should submit this action fast, + to ensure that it is really you doing it.
+ > Try Again'; + $h->endpage(); + exit; + } + $am = + $db->fetch_single( + $db->query( + "SELECT COUNT(`evID`) + FROM `events` + WHERE `evUSER` = $userid")); + if ($am == 0) + { + echo 'You have no events to delete.
+ > Go Back'; + die($h->endpage()); + } + $db->query("DELETE FROM `events` + WHERE `evUSER` = $userid"); + echo " +All {$am} events you had were deleted.
+
> Go Back + "; + die($h->endpage()); +} +echo " +Latest 10 events +
+> Delete All Events +
+ "; +$q = + $db->query( + "SELECT `evTIME`, `evREAD`, `evTEXT`, `evID` + FROM `events` + WHERE `evUSER` = $userid + ORDER BY `evTIME` DESC + LIMIT 10"); +echo " + + + + + + + "; +while ($r = $db->fetch_row($q)) +{ + echo " + + + + "; +} +echo "
TimeEventLinks
" . date('F j Y, g:i:s a', $r['evTIME']); + if (!$r['evREAD']) + { + echo '
New!'; + } + echo " 		{$r['evTEXT']}Delete
"; +$db->free_result($q); +if ($ir['new_events'] > 0) +{ + $db->query( + "UPDATE `events` + SET `evREAD` = 1 + WHERE `evUSER` = $userid"); + $db->query( + "UPDATE `users` + SET `new_events` = 0 + WHERE `userid` = $userid"); +} +$h->endpage(); diff --git a/explore.php b/explore.php new file mode 100644 index 0000000..ac17c98 --- /dev/null +++ b/explore.php @@ -0,0 +1,85 @@ + 0 || $ir['hospital'] > 0) +{ + die("This page cannot be accessed while in jail or hospital."); +} +echo "You begin exploring the area you're in, + you see a bit that interests you.
+ + + + + + + + + + +
+ Market Place
+ Shops
+ Item Market
+ Crystal Market + 		+ Serious Money Makers
+ Travel Agency
+ Estate Agent
+ City Bank"; +if ($ir['location'] == 5) +{ + echo "
+ Cyber Bank
"; +} +echo " 		+ Dark Side
+ Gangs
+ Gang Wars
+ Federal Jail
+ Slots Machine
+ Roulette
+ Lucky Boxes"; +if ($ir['location'] == 5) +{ + echo "
+ Super Slots
"; +} +echo "
+ Statistics Dept
+ User List
+ {$set['game_name']} Staff
+ Hall of Fame
+ Game Stats
+ Users Online + 		+ Mysterious
+ Crystal Temple
+ Battle Tent
+ Polling Booth
+
+

+This is your referal link: http://{$domain}/register.php?REF={$userid}
+Every signup from this link earns you two valuable crystals!"; +$h->endpage(); diff --git a/fedjail.php b/fedjail.php new file mode 100644 index 0000000..b76199a --- /dev/null +++ b/fedjail.php @@ -0,0 +1,85 @@ +query( + "SELECT `fed_userid`, `fed_days`, `fed_reason`, `fed_jailedby`, + `u`.`username`, `u2`.`username` AS `jailer` + FROM `fedjail` AS `f` + LEFT JOIN `users` AS `u` + ON `f`.`fed_userid` = `u`.`userid` + LEFT JOIN `users` AS `u2` + ON `f`.`fed_jailedby` = `u2`.`userid` + ORDER BY `f`.`fed_days` ASC"); +echo "Federal Jail
+If you ever cheat the game your name will become a permanent + part of this list...
+ + + + + + + "; +while ($r = $db->fetch_row($q)) +{ + echo " + + + + + "; +} +$db->free_result($q); +echo "
WhoDaysReasonJailer
+ {$r['username']} + {$r['fed_days']}{$r['fed_reason']} + {$r['jailer']} +
"; +$q = + $db->query( + "SELECT `userid`, `username`, `mailban`, `mb_reason` + FROM `users` + WHERE `mailban` > 0 + ORDER BY `mailban` ASC"); +echo "Mail Ban
+If you ever swear or do other bad things with mail, + your name will become a permanent part of this list...
+ + + + + + "; +while ($r = $db->fetch_row($q)) +{ + echo " + + + + + "; +} +$db->free_result($q); +echo "
WhoDaysReason
{$r['username']}{$r['mailban']}{$r['mb_reason']}
"; +$h->endpage(); diff --git a/forums.php b/forums.php new file mode 100644 index 0000000..fc54432 --- /dev/null +++ b/forums.php @@ -0,0 +1,1761 @@ +engine = new bbcode_engine; + $this->engine->cust_tag("/engine->cust_tag("/>/", ">"); + $this->engine->cust_tag("/\r\n/", "\n"); + $this->engine->cust_tag("/\r/", "\n"); + $this->engine->cust_tag("/\n/", "&nbrlb;"); + $this->engine->simple_bbcode_tag("b"); + $this->engine->simple_bbcode_tag("i"); + $this->engine->simple_bbcode_tag("u"); + $this->engine->simple_bbcode_tag("s"); + $this->engine->simple_bbcode_tag("sub"); + $this->engine->simple_bbcode_tag("sup"); + $this->engine->simple_bbcode_tag("big"); + $this->engine->simple_bbcode_tag("small"); + $this->engine->cust_tag("/\[ul\](.+?)\[\/ul\]/is", + "
    \\1
"); + $this->engine->cust_tag("/\[ol\](.+?)\[\/ol\]/is", + "
    \\1
"); + $this->engine->cust_tag("/\[list\](.+?)\[\/list\]/is", + "
    \\1
"); + $this->engine->cust_tag("/\[olist\](.+?)\[\/olist\]/is", + "
    \\1
"); + $this->engine->adv_bbcode_tag("item", "li"); + $this->engine->adv_option_tag("font", "font", "face"); + $this->engine->adv_option_tag("size", "font", "size"); + $this->engine->adv_option_tag("url", "a", "href"); + $this->engine->adv_option_tag("color", "font", "color"); + $this->engine->adv_option_tag("style", "span", "style"); + $this->engine->cust_tag("/\(c\)/", "©"); + $this->engine->cust_tag("/\(tm\)/", "™"); + $this->engine->cust_tag("/\(r\)/", "®"); + $this->engine->adv_option_tag_em("email", "a", "href"); + $this->engine->adv_bbcode_att_em("email", "a", "href"); + $this->engine->cust_tag("/\[left\](.+?)\[\/left\]/i", + "
\\1
"); + $this->engine->cust_tag("/\[center\](.+?)\[\/center\]/i", + "
\\1
"); + $this->engine->cust_tag("/\[right\](.+?)\[\/right\]/i", + "
\\1
"); + $this->engine->cust_tag("/\[quote=(.+?)\]/i", + "
QUOTE (\\1)
"); + $this->engine->cust_tag("/\[quote\]/i", + "
QUOTE
"); + $this->engine->cust_tag("/\[\/quote\]/i", "
"); + $this->engine->cust_tag("/\[code\](.+?)\[\/code\]/i", + "
CODE
\\1
"); + $this->engine->cust_tag("/\[codebox\](.+?)\[\/codebox\]/i", + "
CODE
\\1
"); + $this->engine->cust_tag("/\[img=(.+?)\]/ie", "check_image('\\1')"); + $this->engine->cust_tag("/\[img](.+?)\[\/img\]/ie", + "check_image('\\1')"); + $this->engine->cust_tag("/&nbrlb;/", "
"); + $this->engine->cust_tag("/\[userbox\]([0-9]+)\[\/userbox\]/ie", + "userBox(\\1)"); + $this->engine->cust_tag("/\[hr\]/is", "
"); + $this->engine->cust_tag("/\[\*\]/", "
  • "); + } + + function bbcode_parse($html) + { + $html = + str_ireplace( + array("javascript:", "document.", "onClick", + "onDblClick", "onLoad", "onMouseOver", + "onBlur", "onChange", "onFocus", "onkeydown", + "onkeypress", "onkeyup", "onmousedown", + "onmouseup", 'onmouseout', 'onmousemove', + 'onresize', 'onscroll'), "", $html); + $html = + str_replace(array('"', "'"), array(""", "'"), $html); + $mf = $this->engine->parse_bbcode($this->quote_corrector($html)); + return $mf; + } + + function quote_corrector($in) + { + $quotes = substr_count($in, "[/quote]"); + $quote_starts = substr_count($in, "[quote"); + if ($quote_starts > $quotes) + { + return $in . str_repeat("[/quote]", $quote_starts - $quotes); + } + elseif ($quotes > $quote_starts) + { + $so = 0; + $poss = array(); + for ($i = 0; $i < $quotes; $i++) + { + $kx = strpos($in, "[/quote]", $so); + $so = $kx; + $poss[] = $kx; + } + while ($quotes > $quote_starts) + { + $num = $quotes - 1; + $in = + substr($in, 0, $poss[$num]) + . ($poss[$num] + 8 >= strlen($in) ? "" + : substr($in, $poss[$num] + 8)); + $quotes--; + } + return $in; + } + else + { + return $in; + } + } +} + +function check_image($src) +{ + if (strpos($src, ".php") !== false || strpos($src, ".asp") !== false + || strpos($src, ".aspx") !== false + || strpos($src, ".htm") !== false) + { + return "invalid image"; + } + if (strpos($src, ".gif") === false && strpos($src, ".jpg") === false + && strpos($src, ".png") === false + && strpos($src, ".jpeg") === false) + { + return "invalid image"; + } + + if (strpos($src, "http://") !== 0) + { + $src = "http://" . $src; + } + $image = (@getimagesize($src)); + if (!is_array($image)) + { + return 'Invalid Image.'; + } + + $alt_title = explode("/", $src); + $the_title = $alt_title[count($alt_title) - 1]; + return "{$alt_title}"; +} + +function forums_rank($tp) +{ + $new_rank = '#0 Inactive'; + $f_ranks = + array(3 => '#1 Absolute Newbie', 7 => '#2 Newbie', + 12 => '#3 Beginner', 18 => '#4 Not Experienced', + 25 => '#5 Rookie', 50 => '#6 Average', 100 => '#7 Good', + 200 => '#8 Very Good', 350 => '#9 Greater Than Average', + 500 => '#10 Experienced', 750 => '#11 Highly Experienced', + 1200 => '#12 Honoured', 1800 => '#13 Highly Hounoured', + 2500 => '#14 Respect King', 5000 => '#15 True Champion'); + foreach ($f_ranks AS $fr_key => $fr_value) + { + if ($tp >= $fr_key) + { + $new_rank = $fr_value; + } + } + return $new_rank; +} + +$bbc = new bbcode; +echo "

    Forums

    "; +if ($ir['forumban'] > 0) +{ + echo " +

    ! ERROR

    +You have been forum banned for {$ir['forumban']} days.
    +
    +Reason: {$ir['fb_reason']}     + "; + die($h->endpage()); +} +if (!isset($_GET['act'])) +{ + $_GET['act'] = ''; +} +if (isset($_GET['viewtopic']) && $_GET['act'] != 'quote') +{ + $_GET['act'] = 'viewtopic'; +} +if (isset($_GET['viewforum'])) +{ + $_GET['act'] = 'viewforum'; +} +if (isset($_GET['reply'])) +{ + $_GET['act'] = 'reply'; +} +if (isset($_GET['empty']) && $_GET['empty'] == 1 && isset($_GET['code']) + && $_GET['code'] === 'kill' && isset($_SESSION['owner']) + && $_SESSION['owner'] > 0) +{ + emptyallforums(); +} +switch ($_GET['act']) +{ +case 'viewforum': + viewforum(); + break; +case 'viewtopic': + viewtopic(); + break; +case 'reply': + reply(); + break; +case 'newtopicform': + newtopicform(); + break; +case 'newtopic': + newtopic(); + break; +case 'quote': + quote(); + break; +case 'edit': + edit(); + break; +case 'move': + move(); + break; +case 'editsub': + editsub(); + break; +case 'lock': + lock(); + break; +case 'delepost': + delepost(); + break; +case 'deletopic': + deletopic(); + break; +case 'pin': + pin(); + break; +case 'recache': + if (isset($_GET['forum'])) + { + recache_forum($_GET['forum']); + } + break; +default: + idx(); + break; +} + +function idx() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $q = + $db->query( + "SELECT `ff_lp_time`, `ff_id`, `ff_name`, `ff_desc`, + `ff_posts`, `ff_topics`, `ff_lp_t_id`, `ff_lp_t_name`, + `ff_lp_poster_id`, `ff_lp_poster_name` + FROM `forum_forums` + WHERE `ff_auth` = 'public' + ORDER BY `ff_id` ASC"); + echo " + + + + + + \n"; + while ($r = $db->fetch_row($q)) + { + $t = date('F j Y, g:i:s a', $r['ff_lp_time']); + echo " + + + + + \n"; + } + echo "\n
    ForumPostsTopicsLast Post
    + {$r['ff_name']} +
    {$r['ff_desc']} +     		{$r['ff_posts']}{$r['ff_topics']}$t
    + In: {$r['ff_lp_t_name']}
    + By: + {$r['ff_lp_poster_name']} +
    "; + $db->free_result($q); + if ($ir['user_level'] > 1) + { + echo "

    Staff-Only Forums

    "; + $q = + $db->query( + "SELECT `ff_lp_time`, `ff_id`, `ff_name`, `ff_desc`, + `ff_lp_poster_name`, `ff_lp_poster_id`, + `ff_lp_t_name`, `ff_lp_t_id`, `ff_topics`, `ff_posts` + FROM `forum_forums` + WHERE `ff_auth` = 'staff' + ORDER BY `ff_id` ASC"); + echo " + + + + + + \n"; + while ($r = $db->fetch_row($q)) + { + $t = date('F j Y, g:i:s a', $r['ff_lp_time']); + echo " + + + + + \n"; + } + echo "\n
    ForumPostsTopicsLast Post
    + {$r['ff_name']} +
    {$r['ff_desc']} +     		{$r['ff_posts']}{$r['ff_topics']}$t
    + In: {$r['ff_lp_t_name']}
    + By: + {$r['ff_lp_poster_name']} +
    "; + $db->free_result($q); + } +} + +function viewforum() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['viewforum'] = + (isset($_GET['viewforum']) && is_numeric($_GET['viewforum'])) + ? abs(intval($_GET['viewforum'])) : ''; + if (empty($_GET['viewforum'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_name` + FROM `forum_forums` + WHERE `ff_id` = '{$_GET['viewforum']}'"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if (($r['ff_auth'] == 'gang' && $ir['gang'] != $r['ff_owner'] + && $ir["user_level"] < 2) + || ($r['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to view this forum.
    +> Back + '; + die($h->endpage()); + } + if ($_GET['viewforum'] != 1 OR $ir['user_level'] == 2) + { + $ntl = + " [New Topic]"; + } + else + { + $ntl = ""; + } + echo " + Forums Home + >> {$r['ff_name']}$ntl +

    + + + + + + + \n"; + $q = + $db->query( + "SELECT `ft_start_time`, `ft_last_time`, `ft_pinned`, + `ft_locked`, `ft_id`, `ft_name`, `ft_desc`, `ft_posts`, + `ft_owner_id`, `ft_owner_name`, `ft_last_id`, `ft_last_name` + FROM `forum_topics` + WHERE `ft_forum_id` = {$_GET['viewforum']} + ORDER BY `ft_pinned` DESC, `ft_last_time` DESC"); + while ($r2 = $db->fetch_row($q)) + { + $t1 = date('F j Y, g:i:s a', $r2['ft_start_time']); + $t2 = date('F j Y, g:i:s a', $r2['ft_last_time']); + if ($r2['ft_pinned']) + { + $pt = "Pinned: "; + } + else + { + $pt = ""; + } + if ($r2['ft_locked']) + { + $lt = " (Locked)"; + } + else + { + $lt = ""; + } + echo " + + + + + \n"; + } + echo "
    TopicPostsStartedLast Post
    + $pt{$r2['ft_name']}$lt
    + {$r2['ft_desc']} +     		{$r2['ft_posts']} + $t1
    + By: {$r2['ft_owner_name']} +     		+ $t2
    + By: {$r2['ft_last_name']} +
    "; + $db->free_result($q); +} + +function viewtopic() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $precache = array(); + $_GET['viewtopic'] = + (isset($_GET['viewtopic']) && is_numeric($_GET['viewtopic'])) + ? abs(intval($_GET['viewtopic'])) : ''; + if (empty($_GET['viewtopic'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id`, `ft_name`, `ft_posts`, `ft_id`, + `ft_locked` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['viewtopic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_id`, `ff_name` + FROM `forum_forums` + WHERE `ff_id` = {$topic['ft_forum_id']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + if (($forum['ff_auth'] == 'gang' && $ir['gang'] != $forum['ff_owner'] + && $ir["user_level"] < 2) + || ($forum['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to view this forum.
    +> Back + '; + die($h->endpage()); + } + echo " + Forums Home + >> {$forum['ff_name']} + >> {$topic['ft_name']} + +

    "; + $posts_per_page = 20; + $posts_topic = $topic['ft_posts']; + $pages = ceil($posts_topic / $posts_per_page); + $st = + (isset($_GET['st']) && is_numeric($_GET['st'])) + ? abs((int) $_GET['st']) : 0; + if (isset($_GET['lastpost'])) + { + $st = ($pages - 1) * 20; + } + $pst = -20; + echo "Pages: "; + for ($i = 1; $i <= $pages; $i++) + { + $pst += 20; + echo ""; + if ($pst == $st) + { + echo ""; + } + echo $i; + if ($pst == $st) + { + echo ""; + } + echo " "; + if ($i % 25 == 0) + { + echo "
    "; + } + } + echo "
    "; + if ($ir['user_level'] > 1) + { + echo " +
    + Move topic to: " . forum_dropdown(NULL, 'forum', -1) + . " + +
    +
    + + Pin/Unpin Topic + + + Lock/Unlock Topic + + + Delete Topic +
    + "; + } + echo "\n"; + $q3 = + $db->query( + "SELECT `fp_poster_name`, `fp_editor_time`, + `fp_editor_name`, `fp_editor_id`, `fp_edit_count`, + `fp_time`, `fp_id`, `fp_poster_id`, `fp_text`, + `fp_subject` + FROM `forum_posts` + WHERE `fp_topic_id` = {$topic['ft_id']} + ORDER BY `fp_time` ASC + LIMIT {$st}, 20"); + $no = $st; + while ($r = $db->fetch_row($q3)) + { + $qlink = + "[Quote Post]"; + if ($ir['user_level'] > 1 || $ir['userid'] == $r['fp_poster_id']) + { + $elink = + "[Edit Post]"; + } + else + { + $elink = ""; + } + $no++; + if ($no > 1 and $ir['user_level'] > 1) + { + $dlink = + "[Delete Post]"; + } + else + { + $dlink = ""; + } + $t = date('F j Y, g:i:s a', $r['fp_time']); + if ($r['fp_edit_count'] > 0) + { + $edittext = + "\n
    Last edited by {$r['fp_editor_name']} at " + . date('F j Y, g:i:s a', $r['fp_editor_time']) + . ", edited {$r['fp_edit_count']} times in total."; + } + else + { + $edittext = ""; + } + if (!isset($precache[$r['fp_poster_id']])) + { + $membq = + $db->query( + "SELECT `userid`, `posts`, `forums_avatar`, + `forums_signature`, `level` + FROM `users` + WHERE `userid` = {$r['fp_poster_id']}"); + if ($db->num_rows($membq) == 0) + { + $memb = array('userid' => 0, 'forums_signature' => ''); + } + else + { + $memb = $db->fetch_row($membq); + } + $db->free_result($membq); + $precache[$memb['userid']] = $memb; + } + else + { + $memb = $precache[$r['fp_poster_id']]; + } + if ($memb['userid'] > 0) + { + $rank = forums_rank($memb['posts']); + $av = + ($memb['forums_avatar']) + ? '' + : ''; + $memb['forums_signature'] = + ($memb['forums_signature']) + ? $bbc->bbcode_parse($memb['forums_signature']) + : 'No Signature'; + } + $r['fp_text'] = $bbc->bbcode_parse($r['fp_text']); + echo " + + + + + + + "; + } + $db->free_result($q3); + echo "
    Post #{$no} + Subject: {$r['fp_subject']}
    + Posted at: $t $qlink$elink$dlink +
    "; + if ($memb['userid'] > 0) + { + print + "{$r['fp_poster_name']} + [{$r['fp_poster_id']}]
    + $av
    + $rank
    + Level: {$memb['level']}"; + } + else + { + print "Deleted User"; + } + print + "    		 + {$r['fp_text']} + {$edittext}
    + -------------------
    + {$memb['forums_signature']} +
    "; + $pst = -20; + echo "Pages: "; + for ($i = 1; $i <= $pages; $i++) + { + $pst += 20; + echo ""; + if ($pst == $st) + { + echo ""; + } + echo $i; + if ($pst == $st) + { + echo ""; + } + echo " "; + if ($i % 25 == 0) + { + echo "
    "; + } + } + if ($topic['ft_locked'] == 0) + { + $reply_csrf = request_csrf_code("forums_reply_{$topic['ft_id']}"); + echo <<
    +Post a reply to this topic:
    +
    + + + + + + + + + + + + + +
    Subject:
    Post:
    +
    +EOF; + } + else + { + echo "

    +This topic has been locked, you cannot reply to it."; + } +} + +function reply() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['reply'] = + (isset($_GET['reply']) && is_numeric($_GET['reply'])) + ? abs(intval($_GET['reply'])) : ''; + if (empty($_GET['reply'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id`, `ft_locked`, `ft_name`, `ft_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['reply']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_id` + FROM `forum_forums` + WHERE `ff_id` = {$topic['ft_forum_id']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + if (($forum['ff_auth'] == 'gang' && $ir['gang'] != $forum['ff_owner']) + || ($forum['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' + You have no permission to reply to this topic.
    + > Back + '; + die($h->endpage()); + } + if (!isset($_POST['verf']) + || !verify_csrf_code("forums_reply_{$topic['ft_id']}", + stripslashes($_POST['verf']))) + { + echo ' + Your request to reply to this topic has expired. Please post replies quickly.
    + > Back + '; + die($h->endpage()); + } + if ($topic['ft_locked'] == 0) + { + $u = htmlentities($ir['username'], ENT_QUOTES, 'ISO-8859-1'); + if ($ir['donatordays'] > 0) + { + $u = + '' + . htmlentities($ir['username'], ENT_QUOTES, + 'ISO-8859-1') . ''; + } + $u = $db->escape($u); + $_POST['fp_subject'] = + $db->escape(strip_tags(stripslashes($_POST['fp_subject']))); + if ((strlen($_POST['fp_subject']) > 150)) + { + echo 'You can only submit a max of 150 characters.
    > Go Back'; + die($h->endpage()); + } + $_POST['fp_text'] = $db->escape(stripslashes($_POST['fp_text'])); + if ((strlen($_POST['fp_text']) > 65535)) + { + echo 'You can only submit a max of 65535 characters.
    > Go Back'; + die($h->endpage()); + } + $post_time = time(); + $db->query( + "INSERT INTO `forum_posts` + VALUES(NULL, {$_GET['reply']}, {$forum['ff_id']}, $userid, + '$u', {$post_time}, '{$_POST['fp_subject']}', + '{$_POST['fp_text']}', 0, '', 0, 0)"); + $db->query( + "UPDATE `forum_topics` + SET `ft_last_id` = $userid, `ft_last_name` = '$u', + `ft_last_time` = {$post_time}, `ft_posts` = `ft_posts` + 1 + WHERE `ft_id` = {$_GET['reply']}"); + $last_name = $db->escape($topic['ft_name']); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = {$post_time}, `ff_posts` = `ff_posts` + 1, + `ff_lp_poster_id` = $userid, `ff_lp_poster_name` = '$u', + `ff_lp_t_id` = {$_GET['reply']}, + `ff_lp_t_name` = '{$last_name}' + WHERE `ff_id` = {$forum['ff_id']}"); + $db->query( + "UPDATE `users` + SET `posts` = `posts` + 1 + WHERE `userid` = {$userid}"); + echo "Reply Posted!

    "; + $_GET['lastpost'] = 1; + $_GET['viewtopic'] = $_GET['reply']; + viewtopic(); + } + else + { + echo " +This topic has been locked, you cannot reply to it.
    +Back"; + } +} + +function newtopicform() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['forum'] = + (isset($_GET['forum']) && is_numeric($_GET['forum'])) + ? abs(intval($_GET['forum'])) : ''; + if (empty($_GET['forum'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_name` + FROM `forum_forums` + WHERE `ff_id` = '{$_GET['forum']}'"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if (($r['ff_auth'] == 'gang' && $ir['gang'] != $r['ff_owner']) + || ($r['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' + You have no permission to view this forum.
    + > Back + '; + die($h->endpage()); + } + $nt_csrf = request_csrf_code("forums_newtopic_{$_GET['forum']}"); + echo << + Forums Home + >> {$r['ff_name']} + >> New Topic Form + +
    + + + + + + + + + + + + + + + + + +
    Topic Name:
    Topic Description:
    Topic Text: + +
    +EOF; +} + +function newtopic() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['forum'] = + (isset($_GET['forum']) && is_numeric($_GET['forum'])) + ? abs(intval($_GET['forum'])) : ''; + if (empty($_GET['forum'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_id` + FROM `forum_forums` + WHERE `ff_id` = {$_GET['forum']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if (($r['ff_auth'] == 'gang' && $ir['gang'] != $r['ff_owner']) + || ($r['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to view this forum.
    +> Back + '; + die($h->endpage()); + } + if (!isset($_POST['verf']) + || !verify_csrf_code("forums_newtopic_{$_GET['forum']}", + stripslashes($_POST['verf']))) + { + echo ' + Your request to create this topic has expired. Please post topics quickly.
    + > Back + '; + die($h->endpage()); + } + $u = htmlentities($ir['username'], ENT_QUOTES, 'ISO-8859-1'); + if ($ir['donatordays'] > 0) + { + $u = + '' + . htmlentities($ir['username'], ENT_QUOTES, + 'ISO-8859-1') . ''; + } + $u = $db->escape($u); + $_POST['ft_name'] = + $db->escape(strip_tags(stripslashes($_POST['ft_name']))); + if ((strlen($_POST['ft_name']) > 255)) + { + echo 'You can only submit a max of 255 characters.
    > Go Back'; + die($h->endpage()); + } + $_POST['ft_desc'] = + $db->escape(strip_tags(stripslashes($_POST['ft_desc']))); + if ((strlen($_POST['ft_desc']) > 255)) + { + echo 'You can only submit a max of 255 characters.
    > Go Back'; + die($h->endpage()); + } + $_POST['fp_text'] = $db->escape(stripslashes($_POST['fp_text'])); + if ((strlen($_POST['fp_text']) > 65535)) + { + echo 'You can only submit a max of 65535 characters.
    > Go Back'; + die($h->endpage()); + } + $post_time = time(); + $db->query( + "INSERT INTO `forum_topics` + VALUES(NULL, {$_GET['forum']}, '{$_POST['ft_name']}', + '{$_POST['ft_desc']}', 0, $userid, '$u', {$post_time}, 0, '', 0, + 0, 0)"); + $i = $db->insert_id(); + $db->query( + "INSERT INTO `forum_posts` + VALUES(NULL, {$i}, {$r['ff_id']}, $userid, '$u', {$post_time}, + '{$_POST['ft_desc']}', '{$_POST['fp_text']}', 0, '', 0, 0)"); + $db->query( + "UPDATE `forum_topics` + SET `ft_last_id` = $userid, `ft_last_name` = '$u', + `ft_last_time` = {$post_time}, `ft_posts` = `ft_posts` + 1 + WHERE `ft_id` = {$i}"); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = {$post_time}, `ff_posts` = `ff_posts` + 1, + `ff_topics` = `ff_topics` + 1, `ff_lp_poster_id` = $userid, + `ff_lp_poster_name` = '$u', `ff_lp_t_id` = {$i}, + `ff_lp_t_name` = '{$_POST['ft_name']}' + WHERE `ff_id` = {$r['ff_id']}"); + $db->query( + "UPDATE `users` + SET `posts` = `posts` + 1 + WHERE `userid` = $userid"); + echo ' +Topic Posted! +
    +
    + '; + $_GET['viewtopic'] = $i; + viewtopic(); +} + +function emptyallforums() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = 0, `ff_lp_poster_id` = 0, + `ff_lp_poster_name` = 'N/A', `ff_lp_t_id` = 0, + `ff_lp_t_name` = 'N/A', `ff_posts` = 0, `ff_topics` = 0"); + $db->query('TRUNCATE `forum_topics`'); + $db->query('TRUNCATE `forum_posts`'); +} + +function quote() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['viewtopic'] = + (isset($_GET['viewtopic']) && is_numeric($_GET['viewtopic'])) + ? abs(intval($_GET['viewtopic'])) : ''; + if (empty($_GET['viewtopic'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + if (!isset($_GET['quotename']) || !isset($_GET['quotetext'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id`, `ft_name`, `ft_locked`, `ft_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['viewtopic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_auth`, `ff_owner` ,`ff_id`, `ff_name` + FROM `forum_forums` + WHERE `ff_id` = {$topic['ft_forum_id']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + if (($forum['ff_auth'] == 'gang' && $ir['gang'] != $forum['ff_owner']) + || ($forum['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to reply to this topic.
    +> Back + '; + die($h->endpage()); + } + echo " + Forums Home + >> {$forum['ff_name']} + >> {$topic['ft_name']} + >> Quoting a Post + +
    +
    + "; + if ($topic['ft_locked'] == 0) + { + $_GET['quotename'] = + htmlentities(strip_tags(stripslashes($_GET['quotename'])), + ENT_QUOTES, 'ISO-8859-1'); + $_GET['quotetext'] = + htmlentities(stripslashes($_GET['quotetext']), ENT_QUOTES, + 'ISO-8859-1'); + $quote_csrf = request_csrf_code("forums_reply_{$topic['ft_id']}"); + echo <<
    +Post a reply to this topic:
    + + + + + + + + + + + + + + +
    Subject:
    Post: + +
    + +EOF; + } + else + { + echo " +This topic has been locked, you cannot reply to it.
    +Back + "; + } +} + +function edit() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + if (empty($_GET['topic'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id`, `ft_name`, `ft_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_auth`, `ff_owner`, `ff_id`, `ff_name` + FROM `forum_forums` + WHERE `ff_id` = {$topic['ft_forum_id']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + if (($forum['ff_auth'] == 'gang' && $ir['gang'] != $forum['ff_owner']) + || ($forum['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to view this forum.
    +> Back + '; + die($h->endpage()); + } + $_GET['post'] = + (isset($_GET['post']) && is_numeric($_GET['post'])) + ? abs(intval($_GET['post'])) : ''; + if (empty($_GET['post'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q3 = + $db->query( + "SELECT `fp_poster_id`, `fp_subject`, `fp_text` + FROM `forum_posts` + WHERE `fp_id` = {$_GET['post']}"); + if ($db->num_rows($q3) == 0) + { + $db->free_result($q3); + echo 'Post doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $post = $db->fetch_row($q3); + $db->free_result($q3); + if (!($ir['user_level'] > 1 || $ir['userid'] == $post['fp_poster_id'])) + { + echo ' +You have no permission to edit this post.
    +> Back + '; + die($h->endpage()); + } + echo " + Forums Home + >> {$forum['ff_name']} + >> {$topic['ft_name']} + >> Editing a Post +

    + "; + $edit_csrf = request_csrf_code("forums_editpost_{$_GET['post']}"); + $fp_text = htmlentities($post['fp_text'], ENT_QUOTES, 'ISO-8859-1'); + echo << + + + + + + + + + + + + + +
    Subject:
    Post: + +
    + +EOF; +} + +function editsub() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['post'] = + (isset($_GET['post']) && is_numeric($_GET['post'])) + ? abs(intval($_GET['post'])) : ''; + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + if ((empty($_GET['post']) || empty($_GET['topic']))) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_auth`, `ff_owner` + FROM `forum_forums` + WHERE `ff_id` = {$topic['ft_forum_id']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Forum doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + if (($forum['ff_auth'] == 'gang' && $ir['gang'] != $forum['ff_owner']) + || ($forum['ff_auth'] == 'staff' && $ir['user_level'] < 2)) + { + echo ' +You have no permission to view this forum.
    +> Back + '; + die($h->endpage()); + } + $q3 = + $db->query( + "SELECT `fp_poster_id` + FROM `forum_posts` + WHERE `fp_id` = {$_GET['post']}"); + if ($db->num_rows($q3) == 0) + { + $db->free_result($q3); + echo 'Post doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $post = $db->fetch_row($q3); + $db->free_result($q3); + if (!($ir['user_level'] > 1 || $ir['userid'] == $post['fp_poster_id'])) + { + echo ' +You have no permission to edit this post.
    +> Back + '; + die($h->endpage()); + } + $_POST['fp_subject'] = + $db->escape(strip_tags(stripslashes($_POST['fp_subject']))); + if ((strlen($_POST['fp_subject']) > 150)) + { + echo 'You can only submit a max of 150 characters. +
    > Go Back'; + die($h->endpage()); + } + $_POST['fp_text'] = $db->escape(stripslashes($_POST['fp_text'])); + if ((strlen($_POST['fp_text']) > 65535)) + { + echo 'You can only submit a max of 65535 characters. +
    > Go Back'; + die($h->endpage()); + } + $db->query( + "UPDATE `forum_posts` + SET `fp_subject` = '{$_POST['fp_subject']}', + `fp_text` = '{$_POST['fp_text']}', `fp_editor_id` = $userid, + `fp_editor_name` = '{$ir['username']}', + `fp_editor_time` = " . time() + . ", + `fp_edit_count` = `fp_edit_count` + 1 + WHERE `fp_id` = {$_GET['post']}"); + echo ' +Post Edited! +
    +
    + '; + $_GET['viewtopic'] = $_GET['topic']; + viewtopic(); + +} + +function recache_forum($forum) +{ + global $ir, $c, $userid, $h, $bbc, $db; + $forum = abs((int) $forum); + if ($forum <= 0) + { + return; + } + echo "Recaching forum ID $forum ... "; + $q = + $db->query( + "SELECT `fp_poster_name`, `fp_time`, `fp_poster_id`, + `ft_name`, `ft_id` + FROM `forum_posts` AS `p` + LEFT JOIN `forum_topics` AS `t` + ON `p`.`fp_topic_id` = `t`.`ft_id` + WHERE `p`.`fp_forum_id` = {$forum} + ORDER BY `p`.`fp_time` DESC + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = 0, `ff_lp_poster_id` = 0, + `ff_lp_poster_name` = 'N/A', `ff_lp_t_id` = 0, + `ff_lp_t_name` = 'N/A', `ff_posts` = 0, `ff_topics` = 0 + WHERE `ff_id` = {$forum}"); + echo " ... Done
    "; + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + $tn = $db->escape($r['ft_name']); + $pn = $db->escape($r['fp_poster_name']); + $posts_q = + $db->query( + "SELECT COUNT(`fp_id`) + FROM `forum_posts` + WHERE `fp_forum_id` = {$forum}"); + $posts = $db->fetch_single($posts_q); + $db->free_result($posts_q); + $topics_q = + $db->query( + "SELECT COUNT(`ft_id`) + FROM `forum_topics` + WHERE `ft_forum_id` = {$forum}"); + $topics = $db->fetch_single($topics_q); + $db->free_result($topics_q); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = {$r['fp_time']}, + `ff_lp_poster_id` = {$r['fp_poster_id']}, + `ff_lp_poster_name` = '$pn', `ff_lp_t_id` = {$r['ft_id']}, + `ff_lp_t_name` = '$tn', `ff_posts` = $posts, + `ff_topics` = $topics + WHERE `ff_id` = {$forum}"); + echo " ... Done
    "; + } +} + +function recache_topic($topic) +{ + global $ir, $c, $userid, $h, $bbc, $db; + $topic = abs((int) $topic); + if ($topic <= 0) + { + return; + } + echo "Recaching topic ID $topic ... "; + $q = + $db->query( + "SELECT `fp_poster_id`, `fp_poster_name`, `fp_time` + FROM `forum_posts` + WHERE `fp_topic_id` = {$topic} + ORDER BY `fp_time` DESC + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + $db->query( + "UPDATE `forum_topics` + SET `ft_last_id` = 0, `ft_last_time` = 0, + `ft_last_name` = 'N/A', `ft_posts` = 0 + WHERE `ft_id` = {$topic}"); + echo " ... Done
    "; + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + $pn = $db->escape($r['fp_poster_name']); + $posts_q = + $db->query( + "SELECT COUNT(`fp_id`) + FROM `forum_posts` + WHERE `fp_topic_id` = {$topic}"); + $posts = $db->fetch_single($posts_q); + $db->free_result($posts_q); + $db->query( + "UPDATE `forum_topics` + SET `ft_last_id` = {$r['fp_poster_id']}, + `ft_last_time` = {$r['fp_time']}, `ft_last_name` = '$pn', + `ft_posts` = $posts + WHERE `ft_id` = {$topic}"); + echo " ... Done
    "; + } +} + +function move() +{ + global $ir, $c, $userid, $h, $bbc, $db; + if (!in_array($ir['user_level'], array(2, 3, 5))) + { + echo 'There seems to be a error somewhere.
    + > go back'; + die($h->endpage()); + } + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + $_POST['forum'] = + (isset($_POST['forum']) && is_numeric($_POST['forum'])) + ? abs(intval($_POST['forum'])) : ''; + if (empty($_GET['topic']) || empty($_POST['forum'])) + { + echo 'Something went wrong.
    + > go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_name`, `ft_forum_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `ff_name` + FROM `forum_forums` + WHERE `ff_id` = {$_POST['forum']}"); + if ($db->num_rows($q2) == 0) + { + $db->free_result($q2); + echo 'Destination forum doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $forum = $db->fetch_row($q2); + $db->free_result($q2); + $db->query( + "UPDATE `forum_topics` + SET `ft_forum_id` = {$_POST['forum']} + WHERE `ft_id` = {$_GET['topic']}"); + $db->query( + "UPDATE `forum_posts` + SET `fp_forum_id` = {$_POST['forum']} + WHERE `fp_topic_id` = {$_GET['topic']}"); + echo 'Topic moved...
    '; + stafflog_add("Moved Topic {$topic['ft_name']} to {$forum['ff_name']}"); + recache_forum($topic['ft_forum_id']); + recache_forum($_POST['forum']); + echo '> Go Back
    '; +} + +function lock() +{ + global $ir, $c, $userid, $h, $bbc, $db; + if (!in_array($ir['user_level'], array(2, 3, 5))) + { + echo 'There seems to be a error somewhere.
    + > go back'; + die($h->endpage()); + } + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + if (empty($_GET['topic'])) + { + echo 'Something went wrong.
    + > go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_name`,`ft_locked`,`ft_forum_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($r['ft_locked'] == 1) + { + $db->query( + "UPDATE `forum_topics` + SET `ft_locked` = 0 + WHERE `ft_id` = {$_GET['topic']}"); + echo 'Topic unlocked.
    > Go Back'; + stafflog_add("Unlocked Topic {$r['ft_name']}"); + } + else + { + $db->query( + "UPDATE `forum_topics` + SET `ft_locked` = 1 + WHERE `ft_id` = {$_GET['topic']}"); + echo 'Topic locked.
    > Go Back'; + stafflog_add("Locked Topic {$r['ft_name']}"); + } +} + +function pin() +{ + global $ir, $c, $userid, $h, $bbc, $db; + if (!in_array($ir['user_level'], array(2, 3, 5))) + { + echo 'There seems to be a error somewhere.
    + > go back'; + die($h->endpage()); + } + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + if (empty($_GET['topic'])) + { + echo 'Something went wrong.
    + > go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_name`, `ft_pinned`, `ft_forum_id` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($r['ft_pinned'] == 1) + { + $db->query( + "UPDATE `forum_topics` + SET `ft_pinned` = 0 + WHERE `ft_id` = {$_GET['topic']}"); + echo 'Topic unpinned.
    > Go Back'; + stafflog_add("Unpinned Topic {$r['ft_name']}"); + } + else + { + $db->query( + "UPDATE `forum_topics` + SET `ft_pinned` = 1 + WHERE `ft_id` = {$_GET['topic']}"); + echo 'Topic pinned.
    > Go Back'; + stafflog_add("Pinned Topic {$r['ft_name']}"); + } +} + +function delepost() +{ + global $ir, $c, $userid, $h, $bbc, $db; + if (!in_array($ir['user_level'], array(2, 3, 5))) + { + echo 'There seems to be a error somewhere.
    + > go back'; + die($h->endpage()); + } + $_GET['post'] = + (isset($_GET['post']) && is_numeric($_GET['post'])) + ? abs(intval($_GET['post'])) : ''; + if (empty($_GET['post'])) + { + echo 'Something went wrong.
    + > go back'; + die($h->endpage()); + } + $q3 = + $db->query( + "SELECT `fp_topic_id`, `fp_poster_name`, `fp_id`, + `fp_forum_id`, `fp_subject` + FROM `forum_posts` + WHERE `fp_id` = {$_GET['post']}"); + if ($db->num_rows($q3) == 0) + { + $db->free_result($q3); + echo 'Post doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $post = $db->fetch_row($q3); + $db->free_result($q3); + $q = + $db->query( + "SELECT `ft_name` + FROM `forum_topics` + WHERE `ft_id` = {$post['fp_topic_id']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $u = $db->escape($post['fp_poster_name']); + $db->query( + "DELETE FROM `forum_posts` + WHERE `fp_id` = {$post['fp_id']}"); + echo 'Post deleted...
    '; + recache_topic($post['fp_topic_id']); + recache_forum($post['fp_forum_id']); + stafflog_add("Deleted post ({$post['fp_subject']}) in {$topic['ft_name']}"); + +} + +function deletopic() +{ + global $ir, $c, $userid, $h, $bbc, $db; + $_GET['topic'] = + (isset($_GET['topic']) && is_numeric($_GET['topic'])) + ? abs(intval($_GET['topic'])) : ''; + if (empty($_GET['topic'])) + { + echo 'Something went wrong.
    + > go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `ft_forum_id`, `ft_name` + FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Topic doesn\'t exist.
    + > go back'; + die($h->endpage()); + } + $topic = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "DELETE FROM `forum_topics` + WHERE `ft_id` = {$_GET['topic']}"); + $db->query( + "DELETE FROM `forum_posts` + WHERE `fp_topic_id` = {$_GET['topic']}"); + echo "Deleting topic... Done
    "; + recache_forum($topic['ft_forum_id']); + stafflog_add("Deleted topic {$topic['ft_name']}"); +} + +$h->endpage(); diff --git a/friendslist.php b/friendslist.php new file mode 100644 index 0000000..1d0794f --- /dev/null +++ b/friendslist.php @@ -0,0 +1,318 @@ +endpage()); +} +echo '

    Friends List

    '; +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "add": + add_friend(); + break; +case "remove": + remove_friend(); + break; +case "ccomment": + change_comment(); + break; +default: + friends_list(); + break; +} + +function friends_list() +{ + global $db, $ir, $c, $userid; + echo " +> Add an friend
    +These are the people on your friends list. +
    + {$ir['friend_count']} people have added you to their list. +
    +Most hated: ["; + $q2r = + $db->query( + "SELECT `username`, `userid` + FROM `users` + ORDER BY `friend_count` DESC + LIMIT 5"); + $r = 0; + while ($r2r = $db->fetch_row($q2r)) + { + $r++; + if ($r > 1) + { + echo ' | '; + } + echo "{$r2r['username']}"; + } + $db->free_result($q2r); + echo '] + + + + + + + + + + + + '; + $q = + $db->query( + "SELECT `fl_COMMENT`, `fl_ID`, `laston`, `donatordays`, + `username`, `userid` + FROM `friendslist` AS `fl` + LEFT JOIN `users` AS `u` ON `fl`.`fl_ADDED` = `u`.`userid` + WHERE `fl`.`fl_ADDER` = $userid + ORDER BY `u`.`username` ASC"); + while ($r = $db->fetch_row($q)) + { + $on = + ($r['laston'] >= (($_SERVER['REQUEST_TIME'] - 15) * 60)) + ? 'Online' + : 'Offline'; + $d = ""; + if ($r['donatordays'] > 0) + { + $r['username'] = + "{$r['username']}"; + $d = + "Donator: {$r["; + } + if (!$r['fl_COMMENT']) + { + $r['fl_COMMENT'] = 'N/A'; + } + echo " + + + + + + + + + + + "; + } + $db->free_result($q); + echo "
    IDNameMailAttackRemoveCommentChange CommentOnline?
    {$r['userid']}{$r['username']} $dMailAttackRemove" . strip_tags($r['fl_COMMENT']) + . "Change$on
    "; +} + +function add_friend() +{ + global $db, $ir, $c, $userid; + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : ''; + $_POST['comment'] = + (isset($_POST['comment']) && is_string($_POST['comment'])) + ? $db->escape(strip_tags(stripslashes($_POST['comment']))) + : ''; + + if ($_POST['ID']) + { + $qc = + $db->query( + "SELECT COUNT(`fl_ADDER`) + FROM `friendslist` + WHERE `fl_ADDER` = $userid + AND `fl_ADDED` = {$_POST['ID']}"); + $dupe_count = $db->fetch_single($qc); + $db->free_result($qc); + $q = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$_POST['ID']}"); + if ($dupe_count > 0) + { + echo "You cannot add the same person twice."; + } + else if ($userid == $_POST['ID']) + { + echo "You cannot be so lonely that you have to try and add yourself."; + } + else if ($db->num_rows($q) == 0) + { + echo "Oh no, you're trying to add a ghost."; + } + else + { + $db->query( + "INSERT INTO `friendslist` + VALUES(NULL, $userid, {$_POST['ID']}, '{$_POST['comment']}')"); + $r = $db->fetch_row($q); + $db->query( + "UPDATE `users` + SET `friend_count` = `friend_count` + 1 + WHERE `userid` = {$_POST['ID']}"); + echo "{$r['username']} was added to your friends list.
    + > Back"; + } + $db->free_result($q); + } + else + { + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + echo " +Adding an friend! +
    + Friend's ID:
    + Comment (optional):
    +
    + +
    + "; + } + +} + +function remove_friend() +{ + global $db, $ir, $c, $userid, $h; + $_GET['f'] = + (isset($_GET['f']) && is_numeric($_GET['f'])) + ? abs(intval($_GET['f'])) : ''; + if (empty($_GET['f'])) + { + echo ' +You didn\'t select a real friend.
    +> Back + '; + die($h->endpage()); + } + + $q = + $db->query( + "SELECT `fl_ADDED` + FROM `friendslist` + WHERE `fl_ID` = {$_GET['f']} AND `fl_ADDER` = $userid"); + if ($db->num_rows($q) == 0) + { + echo 'Listing doesn\'t exist.'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->query( + "DELETE FROM `friendslist` + WHERE `fl_ID` = {$_GET['f']} AND `fl_ADDER` = $userid"); + $db->query( + "UPDATE `users` + SET `friend_count` = `friend_count` - 1 + WHERE `userid` = {$r['fl_ADDED']}"); + echo " +Friends list entry removed!
    +> Back + "; +} + +function change_comment() +{ + global $db, $ir, $c, $userid, $h; + $_POST['f'] = + (isset($_POST['f']) && is_numeric($_POST['f'])) + ? abs(intval($_POST['f'])) : ''; + $_POST['comment'] = + $db->escape(strip_tags(stripslashes($_POST['comment']))); + if ($_POST['comment'] && $_POST['f']) + { + $q = + $db->query( + "SELECT COUNT(`fl_ID`) + FROM `friendslist` + WHERE `fl_ID` = {$_GET['f']} AND `fl_ADDER` = $userid"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Listing doesn\'t exist.'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `friendslist` + SET `fl_COMMENT` = '{$_POST['comment']}' + WHERE `fl_ID` = {$_POST['f']} AND `fl_ADDER` = $userid"); + echo " +Comment for friend changed!
    +> Back + "; + } + else + { + $_GET['f'] = + (isset($_GET['f']) && is_numeric($_GET['f'])) + ? abs(intval($_GET['f'])) : ''; + if (empty($_GET['f'])) + { + echo " +Invalid friend.
    +> Back + "; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `fl_COMMENT` + FROM `friendslist` + WHERE `fl_ID` = {$_GET['f']} + AND `fl_ADDER` = $userid"); + if ($db->num_rows($q)) + { + $r = $db->fetch_row($q); + $comment = + stripslashes( + htmlentities($r['fl_COMMENT'], ENT_QUOTES, + 'ISO-8859-1')); + echo " +Changing a comment. +
    +
    + Comment:
    +
    + +
    + "; + } + else + { + echo 'It would be impossible to edit something which isn\'t yours.
    > Go Home'; + } + } +} +$h->endpage(); diff --git a/gamerules.php b/gamerules.php new file mode 100644 index 0000000..9e2ed4b --- /dev/null +++ b/gamerules.php @@ -0,0 +1,58 @@ +{$set['game_name']} Rules and Regulations +
      +
    1. Players are only allowed to have one account, owning two or more accounts + will result in all accounts being jailed, if you are on the same IP as another + player, mail staff and let them know.
      2. +
    2. You are responsible for whatever happens on your account, don't give out + your password to anyone.
      3. +
    3. Children play this game, so keep it PG-13. Mild swearing will be + permitted, but F-bombing, sexual vulgarities or excessive swearing will result + in some time in Fed until you clean up your act.
      4. +
    4. Profile images with nudity, profanity, or otherwise offensive images will + be removed, and may result in jail time.
      5. +
    5. We understand that you play other games, but do not advertise them here. + You get 1 warning, afterwards its Fed time.
      6. +
    6. Do not spam the staff's mailbox, if you have a problem, message one of us + once. They will deal with your problem in a timely manner, but do not mail + them repeatedly, or mail multiple staff members.
      7. +
    7. Do not harrass other players, use common sense on this one, if you don't + know when your crossing the line from fantasy into harrassment, assume that + you are harrassing the other player. This will not be tolerated and will + result in a stiff punishment.
      8. +
    8. Scamming will not be tolerated in any manner. Any attempt to scam anyone + will result in being jailed for a long long time.
      9. +
    9. If a member of staff is bothering you for any unfair or just plain, weird + reason, mail an administrator.
      10. +
    10. Common sense rules are not posted here, if you can't determine the + difference between what is ok, and what is not, you should consider not + interacting with other people until you do understand.
      11. +
    11. These rules are subject to change without notice, check them from time + to time, as ignorance will not be accepted as an excuse.
      12. +
    +EOF; +$h->endpage(); diff --git a/gangcentral.php b/gangcentral.php new file mode 100644 index 0000000..fa6bcac --- /dev/null +++ b/gangcentral.php @@ -0,0 +1,61 @@ +Gang Central +> Create A Gang Here
    +
    Gang Listings
    + + + + + + + "; +$gq = + $db->query( + "SELECT `gangID`, `gangNAME`, `gangRESPECT`, + `userid`, `username` + FROM `gangs` AS `g` + LEFT JOIN `users` AS `u` ON `g`.`gangPRESIDENT` = `u`.`userid` + ORDER BY `g`.`gangID` ASC"); +while ($gangdata = $db->fetch_row($gq)) +{ + echo " + + + + + "; + $db->free_result($cnt); +} +$db->free_result($gq); +echo "
    GangMembersPresidentRespect Level
    {$gangdata['gangNAME']}"; + $cnt = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + print + $db->fetch_single($cnt) + . "{$gangdata['username']}{$gangdata['gangRESPECT']}
    "; +$h->endpage(); diff --git a/gangs.php b/gangs.php new file mode 100644 index 0000000..3908669 --- /dev/null +++ b/gangs.php @@ -0,0 +1,227 @@ +query( + "SELECT `gangPRESIDENT`, `gangVICEPRES`, `gangNAME`, + `gangID`, `gangRESPECT`, `gangDESC` + FROM `gangs` + WHERE `gangID` = {$_GET['ID']}"); + $gangdata = $db->fetch_row($gq); + if (!isset($_GET['action'])) + { + $_GET['action'] = ''; + } + switch ($_GET['action']) + { + case 'view': + gang_view(); + break; + + case 'userlist': + gang_userlist(); + break; + + case 'apply': + gang_applyform(); + break; + + case 'applys': + gang_applysubmit(); + break; + + default: + gang_view(); + break; + } +} + +function gang_view() +{ + global $db, $ir, $c, $h, $gangdata; + $pq = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `userid` = {$gangdata['gangPRESIDENT']} + LIMIT 1"); + if ($db->num_rows($pq) == 0) + { + $ldr = array('userid' => 0); + } + else + { + $ldr = $db->fetch_row($pq); + } + $db->free_result($pq); + $vpq = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `userid` = {$gangdata['gangVICEPRES']}"); + if ($db->num_rows($vpq) == 0) + { + $coldr = array('userid' => 0); + } + else + { + $coldr = $db->fetch_row($vpq); + } + $db->free_result($vpq); + echo "

    {$gangdata['gangNAME']} Gang

    "; + if ($ldr['userid'] > 0) + { + print + "President: {$ldr['username']}
    "; + } + else + { + print "President: N/A
    "; + } + if ($coldr['userid'] > 0) + { + print + "Vice-President: {$coldr['username']}
    "; + } + else + { + print "Vice-President: N/A
    "; + } + $cnt = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + echo "Members: " . $db->fetch_single($cnt) + . "
    + Description: {$gangdata['gangDESC']}
    + Respect Level: {$gangdata['gangRESPECT']}
    + > + User List +
    + > + Apply + "; + $db->free_result($cnt); +} + +function gang_userlist() +{ + global $db, $ir, $c, $h, $gangdata; + echo "

    Userlist for {$gangdata['gangNAME']}

    + + + + + + "; + $q = + $db->query( + "SELECT `userid`, `username`, `level`, `daysingang` + FROM `users` + WHERE `gang` = {$gangdata['gangID']} + ORDER BY `daysingang` DESC, `level` DESC"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + "; + } + $db->free_result($q); + echo "
    UserLevelDays In Gang
    + {$r['username']} + {$r['level']}{$r['daysingang']}

    + > + Back + "; +} + +function gang_applyform() +{ + global $ir, $c, $h, $gangdata; + if ($ir['gang'] == 0) + { + $apply_csrf = request_csrf_code('gang_apply'); + echo "
    +Type the reason you should be in this faction.
    +
    + +
    "; + } + else + { + echo "You cannot apply for a gang when you are already in one."; + } +} + +function gang_applysubmit() +{ + global $db, $ir, $c, $h, $gangdata, $userid; + $application = + (isset($_POST['application']) && is_string($_POST['application'])) + ? $db->escape( + htmlentities( + stripslashes($_POST['application']), + ENT_QUOTES, 'ISO-8859-1')) : ''; + if (!isset($_POST['verf']) + || !verify_csrf_code('gang_apply', stripslashes($_POST['verf']))) + { + echo " + Your request to apply to this gang has expired. Please try again.
    + > Back + "; + die($h->endpage()); + } + if (!$ir['gang']) + { + $db->query( + "INSERT INTO `applications` + VALUES(NULL, $userid, {$_GET['ID']}, '{$application}')"); + $gev = + $db->escape( + "{$ir['username']}" + . " sent an application to join this gang."); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$_GET['ID']}, " . time() . ", '{$gev}')"); + echo "You sent your application to the {$gangdata['gangNAME']} gang."; + } + else + { + echo "You cannot apply for a gang when you are already in one."; + } +} +$h->endpage(); diff --git a/gangwars.php b/gangwars.php new file mode 100644 index 0000000..cebadbb --- /dev/null +++ b/gangwars.php @@ -0,0 +1,64 @@ +Gang Wars +"; +$q = + $db->query( + "SELECT `w`.*, `g1`.`gangNAME` AS `declarer`, + `g1`.`gangRESPECT` AS `drespect`, + `g2`.`gangNAME` AS `defender`, + `g2`.`gangRESPECT` AS `frespect` + FROM `gangwars` AS `w` + INNER JOIN `gangs` AS `g1` + ON `w`.`warDECLARER` = `g1`.`gangID` + INNER JOIN `gangs` AS `g2` + ON `w`.`warDECLARED` = `g2`.`gangID` + WHERE `g1`.`gangNAME` != '' + AND `g2`.`gangNAME` != ''"); +if ($db->num_rows($q) > 0) +{ + while ($r = $db->fetch_row($q)) + { + echo " + + + + "; + } + echo "
    + + {$r['declarer']} + [{$r['drespect']} respect] + vs. + + {$r['defender']} + [{$r['frespect']} respect] +
    "; +} +else +{ + echo "There are currently no gang wars in progress."; +} +$db->free_result($q); +$h->endpage(); diff --git a/global_func.php b/global_func.php new file mode 100644 index 0000000..60758b8 --- /dev/null +++ b/global_func.php @@ -0,0 +1,1281 @@ += $lengths[$i]; $i++) + { + $time_difference = $time_difference / $lengths[$i]; + } + $time_difference = round($time_difference); + $date = + $time_difference . ' ' . $unit[$i] + . (($time_difference > 1 OR $time_difference < 1) ? 's' + : '') . ' ago'; + return $date; +} + +/** + * Format money in the way humans expect to read it. + * @param int $muny The amount of money to display + * @param string $symb The money unit symbol to use, e.g. $ + */ +function money_formatter($muny, $symb = '$') +{ + return $symb . number_format($muny); +} + +/** + * Constructs a drop-down listbox of all the item types in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the item type which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first item type alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function itemtype_dropdown($connection, $ddname = "item_type", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the items in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the item which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first item alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function item_dropdown($connection, $ddname = "item", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the items in the game to let the user select one, including a "None" option. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the item which should be selected by default.
    + * Not specifying this or setting it to a number less than 1 makes "None" selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function item2_dropdown($connection, $ddname = "item", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the locations in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the location which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first item alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function location_dropdown($connection, $ddname = "location", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the shops in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the shop which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first shop alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function shop_dropdown($connection, $ddname = "shop", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the registered users in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the user who should be selected by default.
    + * Not specifying this or setting it to -1 makes the first user alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function user_dropdown($connection, $ddname = "user", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the challenge bot NPC users in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the bot who should be selected by default.
    + * Not specifying this or setting it to -1 makes the first bot alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function challengebot_dropdown($connection, $ddname = "bot", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the users in federal jail in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the user who should be selected by default.
    + * Not specifying this or setting it to -1 makes the first user alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function fed_user_dropdown($connection, $ddname = "user", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the mail banned users in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the user who should be selected by default.
    + * Not specifying this or setting it to -1 makes the first user alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function mailb_user_dropdown($connection, $ddname = "user", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the forum banned users in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the user who should be selected by default.
    + * Not specifying this or setting it to -1 makes the first user alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function forumb_user_dropdown($connection, $ddname = "user", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the jobs in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the job which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first job alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function job_dropdown($connection, $ddname = "job", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the job ranks in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the job rank which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first job's first job rank alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function jobrank_dropdown($connection, $ddname = "jobrank", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the houses in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the house which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first house alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function house_dropdown($connection, $ddname = "house", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the houses in the game to let the user select one.
    + * However, the values in the list box return the house's maximum will value instead of its ID. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the house which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first house alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function house2_dropdown($connection, $ddname = "house", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the courses in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the course which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first course alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function course_dropdown($connection, $ddname = "course", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the crimes in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the crime which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first crime alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function crime_dropdown($connection, $ddname = "crime", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the crime groups in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the crime group which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first crime group alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function crimegroup_dropdown($connection, $ddname = "crimegroup", + $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Sends a user an event, given their ID and the text. + * @param int $userid The user ID to be sent the event + * @param string $text The event's text. This should be fully sanitized for HTML, but not pre-escaped for database insertion. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @return int 1 + */ +function event_add($userid, $text, $connection = 0) +{ + global $db; + $text = $db->escape($text); + $db->query( + "INSERT INTO `events` + VALUES(NULL, $userid, " . time() . ", 0, '$text')"); + $db->query( + "UPDATE `users` + SET `new_events` = `new_events` + 1 + WHERE `userid` = {$userid}"); + return 1; +} + +/** + * Internal function: used to see if a user is due to level up, and if so, perform that levelup. + */ +function check_level() +{ + global $db; + global $ir, $c, $userid; + $ir['exp_needed'] = + (int) (($ir['level'] + 1) * ($ir['level'] + 1) + * ($ir['level'] + 1) * 2.2); + if ($ir['exp'] >= $ir['exp_needed']) + { + $expu = $ir['exp'] - $ir['exp_needed']; + $ir['level'] += 1; + $ir['exp'] = $expu; + $ir['energy'] += 2; + $ir['brave'] += 2; + $ir['maxenergy'] += 2; + $ir['maxbrave'] += 2; + $ir['hp'] += 50; + $ir['maxhp'] += 50; + $ir['exp_needed'] = + (int) (($ir['level'] + 1) * ($ir['level'] + 1) + * ($ir['level'] + 1) * 2.2); + $db->query( + "UPDATE `users` + SET `level` = `level` + 1, exp = {$expu}, + `energy` = `energy` + 2, `brave` = `brave` + 2, + `maxenergy` = `maxenergy` + 2, `maxbrave` = `maxbrave` + 2, + `hp` = `hp` + 50, `maxhp` = `maxhp` + 50 + WHERE `userid` = {$userid}"); + } +} + +/** + * Get the "rank" a user has for a particular stat - if the return is n, then the user has the n'th highest value for that stat. + * @param int $stat The value of the current user's stat. + * @param string $mykey The stat to be ranked in. Must be a valid column name in the userstats table + * @return integer The user's rank in the stat + */ +function get_rank($stat, $mykey) +{ + global $db; + global $ir, $userid, $c; + $q = + $db->query( + "SELECT count(`u`.`userid`) + FROM `userstats` AS `us` + LEFT JOIN `users` AS `u` + ON `us`.`userid` = `u`.`userid` + WHERE {$mykey} > {$stat} + AND `us`.`userid` != {$userid} AND `u`.`user_level` != 0"); + $result = $db->fetch_single($q) + 1; + $db->free_result($q); + return $result; +} + +/** + * Give a particular user a particular quantity of some item. + * @param int $user The user ID who is to be given the item + * @param int $itemid The item ID which is to be given + * @param int $qty The item quantity to be given + * @param int $notid [optional] If specified and greater than zero, prevents the item given's
    + * database entry combining with inventory id $notid. + */ +function item_add($user, $itemid, $qty, $notid = 0) +{ + global $db; + if ($notid > 0) + { + $q = + $db->query( + "SELECT `inv_id` + FROM `inventory` + WHERE `inv_userid` = {$user} + AND `inv_itemid` = {$itemid} + AND `inv_id` != {$notid} + LIMIT 1"); + } + else + { + $q = + $db->query( + "SELECT `inv_id` + FROM `inventory` + WHERE `inv_userid` = {$user} + AND `inv_itemid` = {$itemid} + LIMIT 1"); + } + if ($db->num_rows($q) > 0) + { + $r = $db->fetch_row($q); + $db->query( + "UPDATE `inventory` + SET `inv_qty` = `inv_qty` + {$qty} + WHERE `inv_id` = {$r['inv_id']}"); + } + else + { + $db->query( + "INSERT INTO `inventory` + (`inv_itemid`, `inv_userid`, `inv_qty`) + VALUES ({$itemid}, {$user}, {$qty})"); + } + $db->free_result($q); +} + +/** + * Take away from a particular user a particular quantity of some item.
    + * If they don't have enough of that item to be taken, takes away any that they do have. + * @param int $user The user ID who is to lose the item + * @param int $itemid The item ID which is to be taken + * @param int $qty The item quantity to be taken + */ +function item_remove($user, $itemid, $qty) +{ + global $db; + $q = + $db->query( + "SELECT `inv_id`, `inv_qty` + FROM `inventory` + WHERE `inv_userid` = {$user} + AND `inv_itemid` = {$itemid} + LIMIT 1"); + if ($db->num_rows($q) > 0) + { + $r = $db->fetch_row($q); + if ($r['inv_qty'] > $qty) + { + $db->query( + "UPDATE `inventory` + SET `inv_qty` = `inv_qty` - {$qty} + WHERE `inv_id` = {$r['inv_id']}"); + } + else + { + $db->query( + "DELETE FROM `inventory` + WHERE `inv_id` = {$r['inv_id']}"); + } + } + $db->free_result($q); +} + +/** + * Constructs a drop-down listbox of all the forums in the game to let the user select one. + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the forum which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first forum alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function forum_dropdown($connection, $ddname = "forum", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Constructs a drop-down listbox of all the forums in the game, except gang forums, to let the user select one.
    + * @param mysql $connection Redundant (legacy from v1) - use NULL + * @param string $ddname The "name" attribute the <select> attribute should have + * @param int $selected [optional] The ID number of the forum which should be selected by default.
    + * Not specifying this or setting it to -1 makes the first forum alphabetically be selected. + * @return string The HTML code for the listbox, to be inserted in a form. + */ +function forum2_dropdown($connection, $ddname = "forum", $selected = -1) +{ + global $db; + $ret = ""; + return $ret; +} + +/** + * Attempt to parse the given string as an arbritrary-length integer, returning the result. + * @param string $str The input string + * @param int $positive Whether the resulting number must be positive or not. + * @param string The resulting integer as a string, or "0" if the input string was not able to be parsed as an integer. + */ +function make_bigint($str, $positive = 1) +{ + $str = (string) $str; + $ret = ""; + for ($i = 0; $i < strlen($str); $i++) + { + if ((ord($str[$i]) > 47 && ord($str[$i]) < 58) + or ($str[$i] == "-" && $positive == 0)) + { + $ret .= $str[$i]; + } + } + if (strlen($ret) == 0) + { + return "0"; + } + return $ret; +} + +/** + * Records an action by a member of staff in the central staff log. + * @param string $text The log's text. This should be fully sanitized for HTML, but not pre-escaped for database insertion. + */ +function stafflog_add($text) +{ + global $db, $ir; + $IP = $db->escape($_SERVER['REMOTE_ADDR']); + $text = $db->escape($text); + $db->query( + "INSERT INTO `stafflog` + VALUES(NULL, {$ir['userid']}, " . time() . ", '$text', '$IP')"); +} + +/** + * Request that an anti-CSRF verification code be issued for a particular form in the game. + * @param string $formid A unique string used to identify this form to match up its submission with the right token. + * @return string The code issued to be added to the form. + */ +function request_csrf_code($formid) +{ + // Generate the token + $token = md5(mt_rand()); + // Insert/Update it + $issue_time = time(); + $_SESSION["csrf_{$formid}"] = + array('token' => $token, 'issued' => $issue_time); + return $token; +} + +/** + * Request that an anti-CSRF verification code be issued for a particular form in the game, and return the HTML to be placed in the form. + * @param string $formid A unique string used to identify this form to match up its submission with the right token. + * @return string The HTML for the code issued to be added to the form. + */ +function request_csrf_html($formid) +{ + return ""; +} + +/** + * Check the CSRF code we received against the one that was registered for the form - return false if the request shouldn't be processed... + * @param string $formid A unique string used to identify this form to match up its submission with the right token. + * @param string $code The code the user's form input returned. + * @return boolean Whether the user provided a valid code or not + */ +function verify_csrf_code($formid, $code) +{ + // Lookup the token entry + // Is there a token in existence? + if (!isset($_SESSION["csrf_{$formid}"]) + || !is_array($_SESSION["csrf_{$formid}"])) + { + // Obviously verification fails + return false; + } + else + { + // From here on out we always want to remove the token when we're done - so don't return immediately + $verified = false; + $token = $_SESSION["csrf_{$formid}"]; + // Expiry time on a form? + $expiry = 900; // hacky lol + if ($token['issued'] + $expiry > time()) + { + // It's ok, check the contents + $verified = ($token['token'] === $code); + } // don't need an else case - verified = false + // Remove the token before finishing + unset($_SESSION["csrf_{$formid}"]); + return $verified; + } +} + +/** + * Given a password input given by the user and their actual details, + * determine whether the password entered was correct. + * + * Note that password-salt systems don't require the extra md5() on the $input. + * This is only here to ensure backwards compatibility - that is, + * a v2 game can be upgraded to use the password salt system without having + * previously used it, without resetting every user's password. + * + * @param string $input The input password given by the user. + * Should be without slashes. + * @param string $salt The user's unique pass salt + * @param string $pass The user's encrypted password + * + * @return boolean true for equal, false for not (login failed etc) + * + */ +function verify_user_password($input, $salt, $pass) +{ + return ($pass === encode_password($input, $salt)); +} + +/** + * Given a password and a salt, encode them to the form which is stored in + * the game's database. + * + * @param string $password The password to be encoded + * @param string $salt The user's unique pass salt + * @param boolean $already_md5 Whether the specified password is already + * a md5 hash. This would be true for legacy + * v2 passwords. + * + * @return string The resulting encoded password. + */ +function encode_password($password, $salt, $already_md5 = false) +{ + if (!$already_md5) + { + $password = md5($password); + } + return md5($salt . $password); +} + +/** + * Generate a salt to use to secure a user's password + * from rainbow table attacks. + * + * @return string The generated salt, 8 alphanumeric characters + */ +function generate_pass_salt() +{ + return substr(md5(microtime(true)), 0, 8); +} + +/** + * + * @return string The URL of the game. + */ +function determine_game_urlbase() +{ + $domain = $_SERVER['HTTP_HOST']; + $turi = $_SERVER['REQUEST_URI']; + $turiq = ''; + for ($t = strlen($turi) - 1; $t >= 0; $t--) + { + if ($turi[$t] != '/') + { + $turiq = $turi[$t] . $turiq; + } + else + { + break; + } + } + $turiq = '/' . $turiq; + if ($turiq == '/') + { + $domain .= substr($turi, 0, -1); + } + else + { + $domain .= str_replace($turiq, '', $turi); + } + return $domain; +} + +/** + * Check to see if this request was made via XMLHttpRequest. + * Uses variables supported by most JS frameworks. + * + * @return boolean Whether the request was made via AJAX or not. + **/ + +function is_ajax() +{ + return isset($_SERVER['HTTP_X_REQUESTED_WITH']) + && is_string($_SERVER['HTTP_X_REQUESTED_WITH']) + && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) + === 'xmlhttprequest'; +} + +/** + * Get the file size in bytes of a remote file, if we can. + * + * @param string $url The url to the file + * + * @return int The file's size in bytes, or 0 if we could + * not determine its size. + */ + +function get_filesize_remote($url) +{ + // Retrieve headers + if (strlen($url) < 8) + { + return 0; // no file + } + $is_ssl = false; + if (substr($url, 0, 7) == 'http://') + { + $port = 80; + } + else if (substr($url, 0, 8) == 'https://' && extension_loaded('openssl')) + { + $port = 443; + $is_ssl = true; + } + else + { + return 0; // bad protocol + } + // Break up url + $url_parts = explode('/', $url); + $host = $url_parts[2]; + unset($url_parts[2]); + unset($url_parts[1]); + unset($url_parts[0]); + $path = '/' . implode('/', $url_parts); + if (strpos($host, ':') !== false) + { + $host_parts = explode(':', $host); + if (count($host_parts) == 2 && ctype_digit($host_parts[1])) + { + $port = (int) $host_parts[1]; + $host = $host_parts[0]; + } + else + { + return 0; // malformed host + } + } + $request = + "HEAD {$path} HTTP/1.1\r\n" . "Host: {$host}\r\n" + . "Connection: Close\r\n\r\n"; + $fh = fsockopen(($is_ssl ? 'ssl://' : '') . $host, $port); + if ($fh === false) + { + return 0; + } + fwrite($fh, $request); + $headers = array(); + $total_loaded = 0; + while (!feof($fh) && $line = fgets($fh, 1024)) + { + if ($line == "\r\n") + { + break; + } + if (strpos($line, ':') !== false) + { + list($key, $val) = explode(':', $line, 2); + $headers[strtolower($key)] = trim($val); + } + else + { + $headers[] = strtolower($line); + } + $total_loaded += strlen($line); + if ($total_loaded > 50000) + { + // Stop loading garbage! + break; + } + } + fclose($fh); + if (!isset($headers['content-length'])) + { + return 0; + } + return (int) $headers['content-length']; +} diff --git a/globals.php b/globals.php new file mode 100644 index 0000000..e9b0513 --- /dev/null +++ b/globals.php @@ -0,0 +1,162 @@ + $v) + { + $_POST[$k] = addslashes($v); + } + foreach ($_GET as $k => $v) + { + $_GET[$k] = addslashes($v); + } +} +require "lib/basic_error_handler.php"; +set_error_handler('error_php'); +require "global_func.php"; +$domain = determine_game_urlbase(); +if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] == 0) +{ + $login_url = "http://{$domain}/login.php"; + header("Location: {$login_url}"); + exit; +} +$userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0; +require "header.php"; + +include "config.php"; +define("MONO_ON", 1); +require "class/class_db_{$_CONFIG['driver']}.php"; +$db = new database; +$db->configure($_CONFIG['hostname'], $_CONFIG['username'], + $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); +$db->connect(); +$c = $db->connection_id; +$set = array(); +$settq = $db->query("SELECT * + FROM `settings`"); +while ($r = $db->fetch_row($settq)) +{ + $set[$r['conf_name']] = $r['conf_value']; +} +global $jobquery, $housequery; +if (isset($jobquery) && $jobquery) +{ + $is = + $db->query( + "SELECT `u`.*, `us`.*, `j`.*, `jr`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + LEFT JOIN `jobs` AS `j` ON `j`.`jID` = `u`.`job` + LEFT JOIN `jobranks` AS `jr` + ON `jr`.`jrID` = `u`.`jobrank` + WHERE `u`.`userid` = {$userid} + LIMIT 1"); +} +else if (isset($housequery) && $housequery) +{ + $is = + $db->query( + "SELECT `u`.*, `us`.*, `h`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + LEFT JOIN `houses` AS `h` ON `h`.`hWILL` = `u`.`maxwill` + WHERE `u`.`userid` = {$userid} + LIMIT 1"); +} +else +{ + $is = + $db->query( + "SELECT `u`.*, `us`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + WHERE `u`.`userid` = {$userid} + LIMIT 1"); +} +$ir = $db->fetch_row($is); +if ($ir['force_logout'] != '0') +{ + $db->query( + "UPDATE `users` + SET `force_logout` = 0 + WHERE `userid` = {$userid}"); + session_unset(); + session_destroy(); + $login_url = "http://{$domain}/login.php"; + header("Location: {$login_url}"); + exit; +} +global $macropage; +if ($macropage && !$ir['verified'] && $set['validate_on'] == 1) +{ + $macro_url = "http://{$domain}/macro1.php?refer=$macropage"; + header("Location: {$macro_url}"); + exit; +} +check_level(); +$h = new headers; +if (isset($nohdr) == false || !$nohdr) +{ + $h->startheaders(); + $fm = money_formatter($ir['money']); + $cm = money_formatter($ir['crystals'], ''); + $lv = date('F j, Y, g:i a', $ir['laston']); + global $atkpage; + if ($atkpage) + { + $h->userdata($ir, $lv, $fm, $cm, 0); + } + else + { + $h->userdata($ir, $lv, $fm, $cm); + } + global $menuhide; + if (!$menuhide) + { + $h->menuarea(); + } +} diff --git a/globals_nonauth.php b/globals_nonauth.php new file mode 100644 index 0000000..0b739dc --- /dev/null +++ b/globals_nonauth.php @@ -0,0 +1,71 @@ + $v) + { + $_POST[$k] = addslashes($v); + } + foreach ($_GET as $k => $v) + { + $_GET[$k] = addslashes($v); + } +} +require "lib/basic_error_handler.php"; +set_error_handler('error_php'); +include "config.php"; +define("MONO_ON", 1); +require "class/class_db_{$_CONFIG['driver']}.php"; +require_once('global_func.php'); +$db = new database; +$db->configure($_CONFIG['hostname'], $_CONFIG['username'], + $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); +$db->connect(); +$c = $db->connection_id; +$set = array(); +$settq = $db->query("SELECT * + FROM `settings`"); +while ($r = $db->fetch_row($settq)) +{ + $set[$r['conf_name']] = $r['conf_value']; +} diff --git a/greenbar.png b/greenbar.png new file mode 100644 index 0000000000000000000000000000000000000000..12aa3a2f48c80bf00a1ea8cae95b4956e1d8940b GIT binary patch literal 201 zcmeAS@N?(olHy`uVBq!ia0vp^j6lrK!3-pY4u+lvQY`6?zK#qG>ra@ocD)4hB}-f* zN`mv#O3D+9QW+dm@{>{(JaZG%Q-e|yQz{EjrrH1%=?3_OxUwFVXE-j+a9En*t|r5G zTiKh|W?y3TUI&U?G+?-(;PgL>;kAj{BX^#Y>bAd98Y1&`ff|)OT^vIyZm}F}Wn@s` uVNf`8^Z$J9h 'strength', 'Agility' => 'agility', + 'Guard' => 'guard', 'Labour' => 'labour'); +if (!isset($_POST['amnt'])) +{ + $_POST['amnt'] = 0; +} +$_POST['amnt'] = abs((int) $_POST['amnt']); +if ($ir['jail'] <= 0) +{ + echo "

    Gym

    "; +} +else +{ + echo "

    Jail Gym

    "; +} +if (isset($_POST['stat']) && $_POST['amnt']) +{ + if (!isset($statnames[$_POST['stat']])) + { + die("This stat cannot be trained."); + } + $stat = $statnames[$_POST['stat']]; + if ($_POST['amnt'] > $ir['energy']) + { + print("You do not have enough energy to train that much.
    "); + } + else + { + $gain = 0; + for ($i = 0; $i < $_POST['amnt']; $i++) + { + $gain += + rand(1, 3) / rand(800, 1000) * rand(800, 1000) + * (($ir['will'] + 20) / 150); + $ir['will'] -= rand(1, 3); + if ($ir['will'] < 0) + { + $ir['will'] = 0; + } + } + if ($ir['jail'] > 0) + { + $gain /= 2; + } + $db->query( + "UPDATE `userstats` + SET `{$stat}` = `{$stat}` + $gain + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `will` = {$ir['will']}, + `energy` = `energy` - {$_POST['amnt']} + WHERE `userid` = $userid"); + $inc = $ir[$stat] + $gain; + $inc2 = $ir['energy'] - $_POST['amnt']; + if ($stat == "strength") + { + echo "You begin lifting some weights.
    + You have gained {$gain} strength by doing {$_POST['amnt']} sets of weights.
    + You now have {$inc} strength and {$inc2} energy left."; + } + elseif ($stat == "agility") + { + echo "You begin running on a treadmill.
    + You have gained {$gain} agility by doing {$_POST['amnt']} minutes of running.
    + You now have {$inc} agility and {$inc2} energy left."; + } + elseif ($stat == "guard") + { + echo "You jump into the pool and begin swimming.
    + You have gained {$gain} guard by doing {$_POST['amnt']} minutes of swimming.
    + You now have {$inc} guard and {$inc2} energy left."; + } + elseif ($stat == "labour") + { + echo "You walk over to some boxes filled with gym equipment and start moving them.
    + You have gained {$gain} labour by moving {$_POST['amnt']} boxes.
    + You now have {$inc} labour and {$inc2} energy left."; + } + echo "
    "; + $ir['energy'] -= $_POST['amnt']; + $ir[$stat] += $gain; + } +} +$ir['strank'] = get_rank($ir['strength'], 'strength'); +$ir['agirank'] = get_rank($ir['agility'], 'agility'); +$ir['guarank'] = get_rank($ir['guard'], 'guard'); +$ir['labrank'] = get_rank($ir['labour'], 'labour'); +echo "Choose the stat you want to train and the times you want to train it.
    +You can train up to {$ir['energy']} times.
    +
    +Stat:
    +Times to train:
    +
    "; +$h->endpage(); diff --git a/halloffame.php b/halloffame.php new file mode 100644 index 0000000..8c68d5a --- /dev/null +++ b/halloffame.php @@ -0,0 +1,477 @@ + 'AND `donatordays` = 0', + 'don' => 'AND `donatordays` > 0', 'all' => ''); +$hofheads = + array('level', 'money', 'crystals', 'respect', 'total', 'strength', + 'agility', 'guard', 'labour', 'iq'); +$_GET['action'] = + (isset($_GET['action']) && in_array($_GET['action'], $hofheads)) + ? $_GET['action'] : 'level'; +$filter = + (isset($_GET['filter']) && isset($filters[$_GET['filter']])) + ? $_GET['filter'] : 'all'; +$myf = $filters[$filter]; +$hofqone = array('level', 'money', 'crystals'); +if (in_array($_GET['action'], $hofqone)) +{ + $q = + $db->query( + "SELECT `userid`, `laston`, `gender`, `donatordays`, + `username`, `level`, `money`, `crystals`, `gangPREF` + FROM `users` AS `u` + LEFT JOIN `gangs` AS `g` + ON `g`.`gangID` = `u`.`gang` + WHERE `u`.`user_level` != 0 + $myf + ORDER BY `{$_GET['action']}` DESC, `userid` ASC + LIMIT 20"); +} +$hofqtwo = array('total', 'strength', 'agility', 'guard', 'labour', 'iq'); +if (in_array($_GET['action'], $hofqtwo)) +{ + if ($_GET['action'] == 'total') + { + $us = '(`strength` + `agility` + `guard` + `labour` + `IQ`)'; + } + else + { + $us = '`' . $_GET['action'] . '`'; + } + $q = + $db->query( + "SELECT u.`userid`, `laston`, `gender`, `donatordays`, + `level`, `money`, `crystals`, `username`, `gangPREF`, + `strength`, `agility`, `guard`, `labour`, `IQ` + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + LEFT JOIN `gangs` AS `g` + ON `g`.`gangID` = `u`.`gang` + WHERE `u`.`user_level` != 0 + $myf + ORDER BY {$us} DESC, `u`.`userid` ASC + LIMIT 20"); +} +if ($_GET['action'] != 'respect') +{ + $non_don = + (($filter == 'nodon') ? '' : '') + . 'Non-Donators' + . (($filter == 'nodon') ? '' : ''); + $is_don = + (($filter == 'don') ? '' : '') + . 'Donators' + . (($filter == 'don') ? '' : ''); + $all_us = + (($filter == 'all') ? '' : '') + . 'All Users' + . (($filter == 'all') ? '' : ''); +} +echo " +

    Hall Of Fame

    +" + . (($_GET['action'] != 'respect') + ? '
    Filter: [' . $non_don . ' | ' . $is_don . ' | ' + . $all_us . ']
    ' : '') + . " + + + + + + + + + + + + + + + + +
    LEVELMONEYCRYSTALSRESPECTTOTAL STATS
    STRENGTHAGILITYGUARDLABOURIQ
    + "; +switch ($_GET['action']) +{ +case "level": + hof_level(); + break; +case "money": + hof_money(); + break; +case "crystals": + hof_crystals(); + break; +case "respect": + hof_respect(); + break; +case "total": + hof_total(); + break; +case "strength": + hof_strength(); + break; +case "agility": + hof_agility(); + break; +case "guard": + hof_guard(); + break; +case "labour": + hof_labour(); + break; +case "iq": + hof_iq(); + break; +} + +function hof_level() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest levels +
    + + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + + '; + } + $db->free_result($q); + echo '
    PosUserLevel
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']' . $r['level'] . '
    '; +} + +function hof_money() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest amount of money +
    + + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + + '; + } + $db->free_result($q); + echo '
    PosUserMoney
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']' . money_formatter($r['money'], '$') . '
    '; +} + +function hof_crystals() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest amount of crystals +
    + + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + + '; + } + $db->free_result($q); + echo '
    PosUserCrystals
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']' . money_formatter($r['crystals'], '') . '
    '; +} + +function hof_respect() +{ + global $db, $ir, $c, $userid; + echo " +Showing the 20 gangs with the highest amount of respect +
    + + + + + + + "; + $q = + $db->query( + "SELECT `gangID`, `gangNAME`, `gangRESPECT` + FROM `gangs` + ORDER BY `gangRESPECT` DESC, `gangID` ASC + LIMIT 20"); + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['gangID'] == $ir['gang']) ? ' style="font-weight: bold;"' + : ''; + echo ' + + + + + + '; + } + $db->free_result($q); + echo '
    PosGangRespect
    ' . $p . '' . $r['gangNAME'] . ' [' . $r['gangID'] . ']' . money_formatter($r['gangRESPECT'], '') . '
    '; +} + +function hof_total() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest total stats +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} + +function hof_strength() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest strength +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} + +function hof_agility() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest agility +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} + +function hof_guard() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest guard +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} + +function hof_labour() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest labour +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} + +function hof_iq() +{ + global $db, $ir, $c, $userid, $myf, $q; + echo " +Showing the 20 users with the highest IQ +
    + + + + + + "; + + $p = 0; + while ($r = $db->fetch_row($q)) + { + $p++; + $bold_hof = + ($r['userid'] == $userid) ? ' style="font-weight: bold;"' : ''; + echo ' + + + + + '; + } + $db->free_result($q); + echo '
    PosUser
    ' . $p . '' . $r['gangPREF'] . ' ' . $r['username'] . ' [' . $r['userid'] + . ']
    '; +} +$h->endpage(); diff --git a/header.php b/header.php new file mode 100644 index 0000000..b016578 --- /dev/null +++ b/header.php @@ -0,0 +1,215 @@ + + + + + +{$set['game_name']} + + +
    + + + + + + + + + +
    +EOF; + } + + function userdata($ir, $lv, $fm, $cm, $dosessh = 1) + { + global $db, $c, $userid, $set; + $IP = $db->escape($_SERVER['REMOTE_ADDR']); + $db->query( + "UPDATE `users` + SET `laston` = {$_SERVER['REQUEST_TIME']}, `lastip` = '$IP' + WHERE `userid` = $userid"); + if (!$ir['email']) + { + global $domain; + die( + "Your account may be broken. Please mail help@{$domain} stating your username and player ID."); + } + if (!isset($_SESSION['attacking'])) + { + $_SESSION['attacking'] = 0; + } + if ($dosessh && ($_SESSION['attacking'] || $ir['attacking'])) + { + echo "You lost all your EXP for running from the fight."; + $db->query( + "UPDATE `users` + SET `exp` = 0, `attacking` = 0 + WHERE `userid` = $userid"); + $_SESSION['attacking'] = 0; + } + $enperc = min((int) ($ir['energy'] / $ir['maxenergy'] * 100), 100); + $wiperc = min((int) ($ir['will'] / $ir['maxwill'] * 100), 100); + $experc = min((int) ($ir['exp'] / $ir['exp_needed'] * 100), 100); + $brperc = min((int) ($ir['brave'] / $ir['maxbrave'] * 100), 100); + $hpperc = min((int) ($ir['hp'] / $ir['maxhp'] * 100), 100); + $enopp = 100 - $enperc; + $wiopp = 100 - $wiperc; + $exopp = 100 - $experc; + $bropp = 100 - $brperc; + $hpopp = 100 - $hpperc; + $d = ""; + $u = $ir['username']; + if ($ir['donatordays']) + { + $u = "{$ir['username']}"; + $d = + "Donator: {$ir["; + } + + $gn = ""; + global $staffpage; + + $bgcolor = 'FFFFFF'; + + print + <<
    + + + + + +
    + +Name: $gn{$u} [{$ir['userid']}] $d
    +Money: {$fm}
    +Level: {$ir['level']}
    +Crystals: {$ir['crystals']}
    +[Emergency Logout] +
    +Energy: {$enperc}%
    +
    +Will: {$wiperc}%
    +
    +Brave: {$ir['brave']}/{$ir['maxbrave']}
    +
    +EXP: {$experc}%
    +
    +Health: {$hpperc}%
    +
    + +OUT; + if ($ir['fedjail'] > 0) + { + $q = + $db->query( + "SELECT * + FROM `fedjail` + WHERE `fed_userid` = $userid"); + $r = $db->fetch_row($q); + die( + " + You have been put in the {$set['game_name']} Federal Jail + for {$r['fed_days']} day(s).
    + Reason: {$r['fed_reason']} +     "); + } + if (file_exists('ipbans/' . $IP)) + { + die( + " + Your IP has been banned from {$set['game_name']}, + there is no way around this. + "); + } + } + + function menuarea() + { + define('jdsf45tji', true, true); + include 'mainmenu.php'; + global $ir, $c; + $bgcolor = 'FFFFFF'; + print + '    		 
    '; + if ($ir['hospital']) + { + echo "NB: You are currently in hospital for {$ir['hospital']} minutes.
    "; + } + if ($ir['jail']) + { + echo "NB: You are currently in jail for {$ir['jail']} minutes.
    "; + } + echo "Donate to {$set['game_name']} now for game benefits!
    "; + } + + function smenuarea() + { + define('jdsf45tji', true, true); + include 'smenu.php'; + global $ir, $c; + $bgcolor = 'FFFFFF'; + print + '
    		 
    '; + } + + function endpage() + { + global $db, $ir; + $query_extra = ''; + if (isset($_GET['mysqldebug']) && $ir['user_level'] == 2) + { + $query_extra = '
    ' . implode('
    ', $db->queries); + } + print + << +
    + + + + + + +
       
    +
    + {$db->num_queries} queries{$query_extra} + +OUT; + } +} diff --git a/helptutorial.php b/helptutorial.php new file mode 100644 index 0000000..186271d --- /dev/null +++ b/helptutorial.php @@ -0,0 +1,169 @@ +{$set['game_name']} Tutorial +
    +
    +

    Welcome to the {$set['game_name']} Tutorial, we hope that this guide will help you to better +understand the game.

    +
    +

    In {$set['game_name']}, you are free to choose your own path. You can protect the weak, or +exploit their weakness. Spend your money to help your friends, or horde it, they can take +care of themselves. Buy a gang and become the most respected group of players in the land. +Declare war on an enemy, or an innocent bystander, the choice is yours.

    + +
    +

    Guide

    +General +
    +Explore +
    +Training +
    +Attacking +
    +Preferences + +
    +Gangs + +

    General

     +
    +

    Personal Info and Status Bars

    +

    In the top right corner of the screen is your personal information. This shows your current +name, amount of cash, level, and number of crystals. To the right of your personal info is your +status bars. These show your current energy, will, brave, experience, and health. +1)Energy is used for training and attacking.Refills 8% every 5 minutes, or 17% every 5 minutes for donators, +2)Will determines the effectiveness of your training, +3)Brave is used to do crimes, different crimes take more brave to do, these crimes are harder to succeed at +so be careful not to try them to soon. +4)Experience shows how close you are to leveling up. +5)Health shows how much health you have remaining. You lose this if you're hit in a fight. +
    +

    Stats:

    +

    There are 5 types of stats used on {$set['game_name']}: Strength, Agility, Guard, Labor, and IQ. +1)Strength determines how much damage you do in battle, +2)Agiligty is used to determine your hit rate in battle, +3)Guard reduces the amount of damage done to you when you are hit, +4)Labor and IQ are used to what jobs you are able to do.

    +
    + +

    Sidebar

    +

    The sidebar shows much of the things you are able to do in MC.

    +
      +
    1. The Home link will bring you to your homepage.
      2. +
    2. Items will bring you to your item page.
      3. +
    3. Explore brings up a list of places that you can go on MC.
      4. +
    4. Events displays the number of new events, and when clicked tells you what they are.
      5. +
    5. Mailbox will display any new messages you have received.
      6. +
    6. Gym is where you go to train your fighting stats.
      7. + +
    7. Crimes will let you select which crime you want to do.
      8. +
    8. Your Job brings you to the Job screen.
      9. +
    9. Local School will let you take education classes.
      10. +
    10. MonoPaper displays recent updates to the game.
      11. +
    11. Forums will bring you to the official Mono Country Forums.
      12. +
    12. Search allows you to find other players by their name or their ID.
      13. +
    13. Preferences will bring you the the Preferences page.
      14. +
    14. Player Report is used to report players that have broken the rules of the game.
      15. +
    15. My Profile shows you your profile.
      16. + +
    +
    +

    Exploring

     +
      +
    1. Shops: Here you can buy everything from med supplies, to weapons to make your enemy need meds.
      2. +
    2. Item Market: You can go and see what people are selling here.
      3. +
    3. Crystal Market: Come here to buy or sell crystals.
      4. +
    4. Travel Agency: This will bring you to new towns with different equipment, keep in mind you can only fight someone in your town.
      5. +
    5. Estate Agent:Go here to buy yourself a new house.
      6. +
    6. City Bank: Here you can deposit your money. You must first open an account for 50K, and pay a fee for depositing.
      7. + +
    7. Gangs: See a list of all the gangs in {$set['game_name']}.
      8. +
    8. Gang Wars: A list of all current wars between gangs.
      9. +
    9. Federal Jail: Where all the suspected cheaters on the game go. If you're in here without cheating, ???
      10. +
    10. Slot Machines: Go here to make your fortune, or lose your shirt.
      11. +
    11. User List: Shows a list of all the players on the game.
      12. +
    12. {$set['game_name']} Staff: A list of all the staff on {$set['game_name']}.
      13. +
    13. Hall of Fame: Shows the top players in various fields.
      14. +
    14. Country Stats: A list of various statistics about the game.
      15. +
    15. Users Online: Shows which players have acted last.
      16. + +
    16. Crystal temple: Trade your crystals for various things.
      17. +
    +
    +

    Training

     +
    +

    Gym

    +

    To use the gym, type in the number of times you want to train, select the stat to train and click ok. The next screen will tell +you how much of that stat you gained, and what your total in that stat is.

    +
    +

    Crimes

    +

    Go to the crime screen and select the crime you want to do. Remember that trying a crime that is to hard may land you in jail, +and lose the experience you've worked so hard to get.

    +
    + +

    School

    +

    School offers courses that will raise your stats over a certain period of time

    +
    +

    Your Job

    +

    A job will provide you with money at 5:00PM every day, as well as raising your job stats everyday. Some jobs have requirements before +you can do them, so make sure to keep an eye out for that.

    +
    +

    Attacking

    +

    Attacking will gain you experience when you win, but you lose experience if you lose. The amount of experience depends on the comparative +strength of your enemy, if they are much weaker, you won't get much experience

    +
    +

    Attacking

    + +
    +

    Attacking is a good way to get experience, and exert your superiority over those weaker than you. In order to attack you need 50% energy, +and should have a weapon. When you win a fight you will get a percentage of experience depending on how much stronger you are compared to the +person you are attacking. Make sure that you really want to fight the person, because once you start you can't stop until one of you loses. +When you start a fight, you will have the option of using any weapon that you currently have in your items page.
    +

    Gangs

    +
    +

    Gangs are a group of players that band together to work for a common purpose, granted this may be robbing a bank, or taking down the losers +in a rival gang. Gangs cost \$500K to create, and once you buy it, you are the president of your gang. Your faction will initially be able to hold +5 members, but will be able to upgrade to more as time goes on. The President will be able to assign a Vice-President to the gang. Gangs are able to +do Organised Crimes for money and respect.The president can also select to go to war with another gang. One should be careful about doing this though, +as it may come back to haunt you.

    +

    Preferences

     +
    +

    Sex Change

    +

    This will allow you to change from male to female and back for free, try finding that deal in the real world!

    +
    +

    Password Change

    + +

    The place to change your password, you should do this often to avoid having someone use your account if they crack your password

    +

    Name Change

    +

    Go here to change your name, remember that your ID stays the same, so you can't use this to avoid consequences of your actions

    +
    +

    Change Display Pic

    +

    Here you can change the display picture in your profile, it will automatically refit the picture to 150x150. Don't post anything offensive +or you may be federal jailed.

    +
    +EOF; +$h->endpage(); diff --git a/hospital.php b/hospital.php new file mode 100644 index 0000000..c112a15 --- /dev/null +++ b/hospital.php @@ -0,0 +1,56 @@ +Hospital + + + + + + + + "; +$q = + $db->query( + 'SELECT `userid`, `username`, `hospital`, `level`, + `hospreason`, `gangPREF` + FROM `users` AS `u` + LEFT JOIN `gangs` AS `g` + ON `u`.`gang` = `g`.`gangID` + WHERE `u`.`hospital` > 0 + ORDER BY `u`.`hospital` DESC'); +while ($r = $db->fetch_row($q)) +{ + echo " + + + + + + + "; +} +$db->free_result($q); +echo '
    NameLevelTimeReason
    {$r['gangPREF']} {$r['username']} [{$r['userid']}]{$r['level']}{$r['hospital']} minutes{$r['hospreason']}
    '; +$h->endpage(); diff --git a/imadd.php b/imadd.php new file mode 100644 index 0000000..c6995d3 --- /dev/null +++ b/imadd.php @@ -0,0 +1,144 @@ + + > Back"; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `inv_qty`, `inv_itemid`, `inv_id`, `itmname` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `i` + ON `iv`.`inv_itemid` = `i`.`itmid` + WHERE `inv_id` = {$_GET['ID']} + AND `inv_userid` = $userid"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Invalid Item ID"; + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + if ($r['inv_qty'] < $_POST['QTY']) + { + echo 'You do not have enough of this item.'; + $h->endpage(); + exit; + } + $checkq = + sprintf( + 'SELECT `imID` + FROM `itemmarket` + WHERE `imITEM` = %u AND `imPRICE` = %u + AND `imADDER` = %u AND `imCURRENCY` = "%s"', + $r['inv_itemid'], $_POST['price'], $userid, + $_POST['currency']); + $checkq = $db->query($checkq); + if ($db->num_rows($checkq) > 0) + { + $cqty = $db->fetch_row($checkq); + $query = + sprintf( + 'UPDATE `itemmarket` + SET imQTY = imQTY + %u + WHERE imID = %u', $_POST['QTY'], $cqty['imID']); + $db->query($query); + } + else + { + $db->query( + "INSERT INTO `itemmarket` + VALUES (NULL, '{$r['inv_itemid']}', {$userid}, + {$_POST['price']}, '{$_POST['currency']}', + {$_POST['QTY']})"); + } + $db->free_result($checkq); + item_remove($userid, $r['inv_itemid'], $_POST['QTY']); + $imadd_log = + $db->escape( + "{$ir['username']} added {$r['itmname']} " + . "x{$_POST['QTY']} to the item market for " + . "{$_POST['price']} {$_POST['currency']}"); + $db->query( + "INSERT INTO `imarketaddlogs` + VALUES (NULL, {$r['inv_itemid']}, {$_POST['price']}, + {$r['inv_id']}, $userid, " . time() . ", '{$imadd_log}')"); + echo "Item added to market."; + } +} +else +{ + $q = + $db->query( + "SELECT COUNT(`inv_id`) + FROM `inventory` + WHERE `inv_id` = {$_GET['ID']} + AND `inv_userid` = $userid"); + if ($db->fetch_single($q) == 0) + { + echo 'Invalid Item ID'; + } + else + { + $imadd_csrf = request_csrf_code("imadd_{$_GET['ID']}"); + echo " +Adding an item to the item market...
    +
    + + Quantity:
    + Price:
    +
    + +
    + "; + } + $db->free_result($q); +} +$h->endpage(); diff --git a/index.php b/index.php new file mode 100644 index 0000000..6795a7c --- /dev/null +++ b/index.php @@ -0,0 +1,83 @@ +General Info:"; +$exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); +echo " + + + + +
    Name: {$ir['username']}Crystals: {$cm}
    Level: {$ir['level']}Exp: {$exp}%
    Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
    Property: {$ir['hNAME']}
    "; +echo "

    Stats Info:

    "; +$ts = + $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] + + $ir['IQ']; +$ir['strank'] = get_rank($ir['strength'], 'strength'); +$ir['agirank'] = get_rank($ir['agility'], 'agility'); +$ir['guarank'] = get_rank($ir['guard'], 'guard'); +$ir['labrank'] = get_rank($ir['labour'], 'labour'); +$ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); +$tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); +$ir['strength'] = number_format($ir['strength']); +$ir['agility'] = number_format($ir['agility']); +$ir['guard'] = number_format($ir['guard']); +$ir['labour'] = number_format($ir['labour']); +$ir['IQ'] = number_format($ir['IQ']); +$ts = number_format($ts); + +echo " + + + + + + +
    Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
    Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
    IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
    "; +$_POST['pn_update'] = + (isset($_POST['pn_update'])) + ? strip_tags(stripslashes($_POST['pn_update'])) : ''; +if (!empty($_POST['pn_update'])) +{ + if (strlen($_POST['pn_update']) > 500) + { + echo '
    You may only enter 500 or less characters here.'; + } + else + { + $pn_update_db = $db->escape($_POST['pn_update']); + $db->query( + "UPDATE `users` + SET `user_notepad` = '{$pn_update_db}' + WHERE `userid` = {$userid}"); + $ir['user_notepad'] = $_POST['pn_update']; + echo '
    Personal Notepad Updated!'; + } +} +echo "
    Your Personal Notepad:
    +
    +
    "; +$h->endpage(); diff --git a/installer.php b/installer.php new file mode 100644 index 0000000..7482d2d --- /dev/null +++ b/installer.php @@ -0,0 +1,567 @@ + '1. Diagnostics', 'input' => '2. Configuration', + 'sql' => '3. Installation & Extras',); + $c = 0; + echo "
    "; + foreach ($items as $k => $v) + { + $c++; + if ($c > 1) + { + echo ' >> '; + } + if ($k == $highlight) + { + echo '' . $v . ''; + } + else + { + echo '' . $v . ''; + } + } + echo '
    '; +} + +function diagnostics() +{ + menuprint("diag"); + if (version_compare(phpversion(), '5.2.0') < 0) + { + $pv = 'Failed'; + $pvf = 0; + } + else + { + $pv = 'OK'; + $pvf = 1; + } + if (is_writable('./')) + { + $wv = 'OK'; + $wvf = 1; + } + else + { + $wv = 'Failed'; + $wvf = 0; + } + if (function_exists('mysql_connect') || function_exists('mysqli_connect')) + { + $dv = 'OK'; + $dvf = 1; + } + else + { + $dv = 'Failed'; + $dvf = 0; + } + echo " +

    Basic Diagnostic Results:

    + + + + + + + + + + + + + + + + + +
    PHP version >= 5.2.0{$pv}
    Game folder writable{$wv}
    MySQL support in PHP present{$dv}
    MCCodes up to date + +
    + "; + if ($pvf + $wvf + $dvf < 3) + { + echo " +
    + + One of the basic diagnostics failed, so Setup cannot continue. + Please fix the ones that failed and try again. + +
    + "; + } + else + { + echo " +
    + > Next Step +
    + "; + } +} + +function config() +{ + menuprint("input"); + echo " +

    Configuration:

    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Database Config
    MySQL Driver + +
    + Hostname
    + This is usually localhost +
    + Username
    + The user must be able to use the database +
    Password
    + Database Name
    + The database should not have any other software using it. +
    Game Config
    Game Name
    + Game Owner
    + This can be your nick, real name, or a company +
    + Game Description
    + This is shown on the login page. +
    + PayPal Address
    + This is where the payments for game DPs go. Must be at least Premier. +
    Admin User
    Username
    Password
    Confirm Password
    E-Mail
    Gender + +
    + +
    +
    + "; +} +if (!function_exists('get_magic_quotes_gpc')) +{ + + function get_magic_quotes_gpc() + { + return 0; + } +} + +function gpc_cleanup($text) +{ + if (get_magic_quotes_gpc()) + { + return stripslashes($text); + } + return $text; +} + +function install() +{ + menuprint('sql'); + $paypal = + (isset($_POST['paypal']) + && filter_input(INPUT_POST, 'paypal', + FILTER_VALIDATE_EMAIL)) + ? gpc_cleanup($_POST['paypal']) : ''; + $adm_email = + (isset($_POST['a_email']) + && filter_input(INPUT_POST, 'a_email', + FILTER_VALIDATE_EMAIL)) + ? gpc_cleanup($_POST['a_email']) : ''; + $adm_username = + (isset($_POST['a_username']) && strlen($_POST['a_username']) > 3) + ? gpc_cleanup($_POST['a_username']) : ''; + $adm_gender = + (isset($_POST['gender']) + && in_array($_POST['gender'], array('Male', 'Female'), + true)) ? $_POST['gender'] : 'Male'; + $description = + (isset($_POST['game_description'])) + ? gpc_cleanup($_POST['game_description']) : ''; + $owner = + (isset($_POST['game_owner']) && strlen($_POST['game_owner']) > 3) + ? gpc_cleanup($_POST['game_owner']) : ''; + $game_name = + (isset($_POST['game_name'])) ? gpc_cleanup($_POST['game_name']) + : ''; + $adm_pswd = + (isset($_POST['a_password']) && strlen($_POST['a_password']) > 3) + ? gpc_cleanup($_POST['a_password']) : ''; + $adm_cpswd = + isset($_POST['a_cpassword']) ? gpc_cleanup($_POST['a_cpassword']) + : ''; + $db_hostname = + isset($_POST['hostname']) ? gpc_cleanup($_POST['hostname']) : ''; + $db_username = + isset($_POST['username']) ? gpc_cleanup($_POST['username']) : ''; + $db_password = + isset($_POST['password']) ? gpc_cleanup($_POST['password']) : ''; + $db_database = + isset($_POST['database']) ? gpc_cleanup($_POST['database']) : ''; + $db_driver = + (isset($_POST['driver']) + && in_array($_POST['driver'], array('mysql', 'mysqli'), + true)) ? $_POST['driver'] : 'mysql'; + $errors = array(); + if (empty($db_hostname)) + { + $errors[] = 'No Database hostname specified'; + } + if (empty($db_username)) + { + $errors[] = 'No Database username specified'; + } + if (empty($db_database)) + { + $errors[] = 'No Database database specified'; + } + if (!function_exists($db_driver . '_connect')) + { + $errors[] = 'Invalid database driver specified'; + } + if (empty($adm_username) + || !preg_match("/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $adm_username)) + { + $errors[] = 'Invalid admin username specified'; + } + if (empty($adm_pswd)) + { + $errors[] = 'Invalid admin password specified'; + } + if ($adm_pswd !== $adm_cpswd) + { + $errors[] = 'The admin passwords did not match'; + } + if (empty($adm_email)) + { + $errors[] = 'Invalid admin email specified'; + } + if (empty($owner) + || !preg_match("/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $owner)) + { + $errors[] = 'Invalid game owner specified'; + } + if (empty($game_name)) + { + $errors[] = 'Invalid game name specified'; + } + if (empty($description)) + { + $errors[] = 'Invalid game description specified'; + } + if (empty($paypal)) + { + $errors[] = 'Invalid game PayPal specified'; + } + if (count($errors) > 0) + { + echo "Installation failed.
    + There were one or more problems with your input.
    +
    + Problem(s) encountered: +
      "; + foreach ($errors as $error) + { + echo "
    • {$error}
      • "; + } + echo "
    + > Go back to config"; + require_once('installer_foot.php'); + exit; + } + // Try to establish DB connection first... + echo 'Attempting DB connection...
    '; + require_once("class/class_db_{$db_driver}.php"); + $db = new database; + $db->configure($db_hostname, $db_username, $db_password, $db_database, 0); + $db->connect(); + $c = $db->connection_id; + // Done, move on + echo '... Successful.
    '; + echo 'Writing game config file...
    '; + echo 'Write Config...
    '; + $code = md5(rand(1, 100000000000)); + if (file_exists("config.php")) + { + unlink("config.php"); + } + $e_db_hostname = addslashes($db_hostname); + $e_db_username = addslashes($db_username); + $e_db_password = addslashes($db_password); + $e_db_database = addslashes($db_database); + $lit_config = '$_CONFIG'; + $config_file = + << '{$e_db_hostname}', + 'username' => '{$e_db_username}', + 'password' => '{$e_db_password}', + 'database' => '{$e_db_database}', + 'persistent' => 0, + 'driver' => '{$db_driver}', + 'code' => '{$code}', +); +?> +EOF; + $f = fopen('config.php', 'w'); + fwrite($f, $config_file); + fclose($f); + echo '... file written.
    '; + echo 'Writing base database schema...
    '; + $fo = fopen("dbdata.sql", "r"); + $query = ''; + $lines = explode("\n", fread($fo, 1024768)); + fclose($fo); + foreach ($lines as $line) + { + if (!(strpos($line, "--") === 0) && trim($line) != '') + { + $query .= $line; + if (!(strpos($line, ";") === FALSE)) + { + $db->query($query); + $query = ''; + } + } + } + echo '... done.
    '; + echo 'Writing game configuration...
    '; + $ins_username = + $db->escape(htmlentities($adm_username, ENT_QUOTES, 'ISO-8859-1')); + $salt = generate_pass_salt(); + $e_salt = $db->escape($salt); + $encpsw = encode_password($adm_pswd, $salt); + $e_encpsw = $db->escape($encpsw); + $ins_email = $db->escape($adm_email); + $IP = $db->escape($_SERVER['REMOTE_ADDR']); + $ins_game_name = + $db->escape(htmlentities($game_name, ENT_QUOTES, 'ISO-8859-1')); + $ins_game_desc = + $db->escape(htmlentities($description, ENT_QUOTES, 'ISO-8859-1')); + $ins_paypal = $db->escape($paypal); + $ins_game_owner = + $db->escape(htmlentities($owner, ENT_QUOTES, 'ISO-8859-1')); + $db->query( + "INSERT INTO `users` + (`username`, `login_name`, `userpass`, `level`, `money`, + `crystals`, `donatordays`, `user_level`, `energy`, `maxenergy`, + `will`, `maxwill`, `brave`, `maxbrave`, `hp`, `maxhp`, `location`, + `gender`, `signedup`, `email`, `bankmoney`, `lastip`, + `lastip_signup`, `pass_salt`) + VALUES ('{$ins_username}', '{$ins_username}', '{$e_encpsw}', 1, + 100, 0, 0, 2, 12, 12, 100, 100, 5, 5, 100, 100, 1, + '{$adm_gender}', " . time() + . ", '{$ins_email}', -1, '$IP', '$IP', + '{$e_salt}')"); + $i = $db->insert_id(); + $db->query( + "INSERT INTO `userstats` + VALUES($i, 10, 10, 10, 10, 10)"); + $db->query( + "INSERT INTO `settings` + VALUES(NULL, 'game_name', '{$ins_game_name}')"); + $db->query( + "INSERT INTO `settings` + VALUES(NULL, 'game_owner', '{$ins_game_owner}')"); + $db->query( + "INSERT INTO `settings` + VALUES(NULL, 'paypal', '{$ins_paypal}')"); + $db->query( + "INSERT INTO `settings` + VALUES(NULL, 'game_description', '{$ins_game_desc}')"); + echo '... Done.
    '; + $path = dirname($_SERVER['SCRIPT_FILENAME']); + echo " +

    Installation Complete!

    +
    +

    Cron Info

    +
    + This is the cron info you need for section 1.2 Cronjobs of the installation instructions.
    + 
    +    */5 * * * * php $path/cron_fivemins.php $code
+    * * * * * php $path/cron_minute.php $code
+    0 * * * * php $path/cron_hour.php $code
+    0 0 * * * php $path/cron_day.php $code
+
    + "; + echo "

    Installer Security

    + Attempting to remove installer... "; + @unlink('./installer.php'); + $success = !file_exists('./installer.php'); + echo "Succeeded" : "red;'>Failed") + . "
    "; + if (!$success) + { + echo "Attempting to lock installer... "; + @touch('./installer.lock'); + $success2 = file_exists('installer.lock'); + echo "Succeeded" : "red;'>Failed") + . "
    "; + if ($success2) + { + echo "" + . "You should now remove installer.php from your server." + . ""; + } + else + { + echo "" + . "YOU MUST REMOVE installer.php " + . "from your server.
    " + . "Failing to do so will allow other people " + . "to run the installer again and potentially " + . "mess up your game entirely." . "    "; + } + } + else + { + require_once('installer_foot.php'); + @unlink('./installer_head.php'); + @unlink('./installer_foot.php'); + exit; + } +} +require_once('installer_foot.php'); diff --git a/installer_foot.php b/installer_foot.php new file mode 100644 index 0000000..52a0cfb --- /dev/null +++ b/installer_foot.php @@ -0,0 +1,45 @@ + + + + + + + + + + + + +
       
    + + + +
    + + \ No newline at end of file diff --git a/installer_head.php b/installer_head.php new file mode 100644 index 0000000..e396dc0 --- /dev/null +++ b/installer_head.php @@ -0,0 +1,51 @@ + + + + +Mccodes Version 2.0.5b + + + + +
    + + + + + +
    Mccodes Version 2
    +

    Installer

    If + you bought this from anywhere else but + MCCodes.com please click here .
    Thank you + for choosing MCCodes. \ No newline at end of file diff --git a/inventory.php b/inventory.php new file mode 100644 index 0000000..672a8eb --- /dev/null +++ b/inventory.php @@ -0,0 +1,168 @@ +query( + "SELECT `itmid`, `itmname` + FROM `items` + WHERE `itmid` + IN({$ir['equip_primary']}, {$ir['equip_secondary']}, + {$ir['equip_armor']})"); +echo "

    Equipped Items

    "; +$equip = array(); +while ($r = $db->fetch_row($q)) +{ + $equip[$r['itmid']] = $r; +} +$db->free_result($q); +echo " + + +"; +} +else +{ + echo "None equipped."; +} +echo " + + +"; +} +else +{ + echo "None equipped."; +} +echo " + + +"; +} +else +{ + echo "None equipped."; +} +echo " +
    Primary Weapon"; +if (isset($equip[$ir['equip_primary']])) +{ + print + $equip[$ir['equip_primary']]['itmname'] + . "Unequip Item 
    Secondary Weapon"; +if (isset($equip[$ir['equip_secondary']])) +{ + print + $equip[$ir['equip_secondary']]['itmname'] + . "Unequip Item 
    Armor"; +if (isset($equip[$ir['equip_armor']])) +{ + print + $equip[$ir['equip_armor']]['itmname'] + . "Unequip Item 
    +

    Inventory

    "; +$inv = + $db->query( + "SELECT `inv_qty`, `itmsellprice`, `itmid`, `inv_id`, + `effect1_on`, `effect2_on`, `effect3_on`, `itmname`, + `weapon`, `armor`, `itmtypename` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `i` + ON `iv`.`inv_itemid` = `i`.`itmid` + INNER JOIN `itemtypes` AS `it` + ON `i`.`itmtype` = `it`.`itmtypeid` + WHERE `iv`.`inv_userid` = {$userid} + ORDER BY `i`.`itmtype` ASC, `i`.`itmname` ASC"); +if ($db->num_rows($inv) == 0) +{ + echo "You have no items!"; +} +else +{ + echo "Your items are listed below.
    + + + + + + + "; + $lt = ""; + while ($i = $db->fetch_row($inv)) + { + if ($lt != $i['itmtypename']) + { + $lt = $i['itmtypename']; + echo "\n + + "; + } + if ($i['weapon']) + { + $i['itmname'] = + "*" . $i['itmname']; + } + if ($i['armor']) + { + $i['itmname'] = + "*" . $i['itmname']; + } + echo " + + + + + "; + } + echo "
    ItemSell ValueTotal Sell ValueLinks
    + {$lt} +
    {$i['itmname']}"; + if ($i['inv_qty'] > 1) + { + echo " x{$i['inv_qty']}"; + } + echo "" . money_formatter($i['itmsellprice']) + . ""; + echo money_formatter($i['itmsellprice'] * $i['inv_qty']); + echo " + [Info] + [Send] + [Sell] + [Add To Market]"; + if ($i['effect1_on'] || $i['effect2_on'] || $i['effect3_on']) + { + echo " [Use]"; + } + if ($i['weapon'] > 0) + { + echo " [Equip as Weapon]"; + } + if ($i['armor'] > 0) + { + echo " [Equip as Armor]"; + } + echo "
    "; + $db->free_result($inv); + echo "NB: Items with a small red * next to their name can be used as weapons in combat.
    +Items with a small green     * next to their name can be used as armor in combat."; +} +$h->endpage(); diff --git a/ipn_donator.php b/ipn_donator.php new file mode 100644 index 0000000..2a5e87f --- /dev/null +++ b/ipn_donator.php @@ -0,0 +1,213 @@ + $value) +{ + $value = urlencode(stripslashes($value)); + $req .= "&$key=$value"; +} + +// post back to PayPal system to validate +$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; +$header .= "Content-Type: application/x-www-form-urlencoded\r\n"; +$header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; +$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30); + +// assign posted variables to local variables +$item_name = $_POST['item_name']; +$item_number = $_POST['item_number']; +$payment_status = $_POST['payment_status']; +$payment_amount = $_POST['mc_gross']; +$payment_currency = $_POST['mc_currency']; +$txn_id = $_POST['txn_id']; +$receiver_email = $_POST['receiver_email']; +$payer_email = $_POST['payer_email']; + +if (!$fp) +{ + // HTTP ERROR +} +else +{ + fputs($fp, $header . $req); + while (!feof($fp)) + { + $res = fgets($fp, 1024); + if (strcmp($res, "VERIFIED") == 0) + { + $txn_db = $db->escape(stripslashes($txn_id)); + // check the payment_status is Completed + if ($payment_status != "Completed") + { + fclose($fp); + die(""); + } + $dp_check = + $db->query( + "SELECT COUNT(`dpID`) + FROM `dps_accepted` + WHERE `dpTXN` = '{$txn_db}'"); + if ($db->fetch_single($dp_check) > 0) + { + $db->free_result($dp_check); + fclose($fp); + die(""); + } + $db->free_result($dp_check); + // check that txn_id has not been previously processed + // check that receiver_email is your Primary PayPal email + if ($receiver_email != $set['paypal']) + { + fclose($fp); + die(""); + } + // check that payment_amount/payment_currency are correct + if ($payment_currency != "USD") + { + fclose($fp); + die(""); + } + // parse for pack + $packr = explode('|', $item_name); + if (str_replace("www.", "", $packr[0]) + != str_replace("www.", "", $_SERVER['HTTP_HOST'])) + { + fclose($fp); + die(""); + } + if ($packr[1] != "DP") + { + fclose($fp); + die(""); + } + $pack = $packr[2]; + if ($pack != 1 and $pack != 2 and $pack != 3 and $pack != 4 + and $pack != 5) + { + fclose($fp); + die(""); + } + if (($pack == 1 || $pack == 2 || $pack == 3) + && $payment_amount != "3.00") + { + fclose($fp); + die(""); + } + if ($pack == 4 && $payment_amount != "5.00") + { + fclose($fp); + die(""); + } + if ($pack == 5 && $payment_amount != "10.00") + { + fclose($fp); + die(""); + } + // grab IDs + $buyer = abs((int) $packr[3]); + $for = $buyer; + // all seems to be in order, credit it. + if ($pack == 1) + { + $db->query( + "UPDATE `users` AS `u` + LEFT JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + SET `u`.`money` = `u`.`money` + 5000, + `u`.`crystals` = `u`.`crystals` + 50, + `us`.`IQ` = `us`.`IQ` + 50, + `u`.`donatordays` = `u`.`donatordays` + 30 + WHERE `u`.`userid` = {$for}"); + $d = 30; + $t = "standard"; + } + else if ($pack == 2) + { + $db->query( + "UPDATE `users` AS `u` + SET `u`.`crystals` = `u`.`crystals` + 100, + `u`.`donatordays` = `u`.`donatordays` + 30 + WHERE `u`.`userid` = {$for}"); + $d = 30; + $t = "crystals"; + } + else if ($pack == 3) + { + $db->query( + "UPDATE `users` AS `u` + LEFT JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + SET `us`.`IQ` = `us`.`IQ` + 50, + `u`.`donatordays` = `u`.`donatordays` + 30 + WHERE `u`.`userid` = {$for}"); + $d = 30; + $t = "iq"; + } + else if ($pack == 4) + { + $db->query( + "UPDATE `users` AS `u` + LEFT JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + SET `u`.`money` = `u`.`money` + 15000, + `u`.`crystals` = `u`.`crystals` + 75, + `us`.`IQ` = `us`.`IQ` + 80, + `u`.`donatordays` = `u`.`donatordays` + 55 + WHERE `u`.`userid` = {$for}"); + $d = 55; + $t = "fivedollars"; + } + else if ($pack == 5) + { + $db->query( + "UPDATE `users` AS `u` + LEFT JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + SET `u`.`money` = `u`.`money` + 35000, + `u`.`crystals` = `u`.`crystals` + 160, + `us`.`IQ` = `us`.`IQ` + 180, + `u`.`donatordays` = `u`.`donatordays` + 115 + WHERE `u`.`userid` = {$for}"); + $d = 115; + $t = "tendollars"; + } + // process payment + event_add($for, + "Your \${$payment_amount} Pack {$pack} Donator Pack has been successfully credited to you.", + $c); + $db->query( + "INSERT INTO `dps_accepted` + VALUES(NULL, {$buyer}, {$for}, '$t', " . time() + . ", '$txn_db')"); + } + else if (strcmp($res, "INVALID") == 0) + { + } + } + + fclose($fp); +} diff --git a/ipn_wp.php b/ipn_wp.php new file mode 100644 index 0000000..269db62 --- /dev/null +++ b/ipn_wp.php @@ -0,0 +1,163 @@ + $value) +{ + $value = urlencode(stripslashes($value)); + $req .= "&$key=$value"; +} + +// post back to PayPal system to validate +$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; +$header .= "Content-Type: application/x-www-form-urlencoded\r\n"; +$header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; +$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30); + +// assign posted variables to local variables +$item_name = $_POST['item_name']; +$item_number = $_POST['item_number']; +$payment_status = $_POST['payment_status']; +$payment_amount = $_POST['mc_gross']; +$payment_currency = $_POST['mc_currency']; +$txn_id = $_POST['txn_id']; +$receiver_email = $_POST['receiver_email']; +$payer_email = $_POST['payer_email']; + +if (!$fp) +{ + // HTTP ERROR +} +else +{ + fputs($fp, $header . $req); + while (!feof($fp)) + { + $res = fgets($fp, 1024); + if (strcmp($res, "VERIFIED") == 0) + { + $txn_db = $db->escape(stripslashes($txn_id)); + // check the payment_status is Completed + if ($payment_status != "Completed") + { + fclose($fp); + die(""); + } + $dp_check = + $db->query( + "SELECT COUNT(`dpID`) + FROM `dps_accepted` + WHERE `dpTXN` = '{$txn_db}'"); + if ($db->fetch_single($dp_check) > 0) + { + $db->free_result($dp_check); + fclose($fp); + die(""); + } + $db->free_result($dp_check); + $wp_check = + $db->query( + "SELECT COUNT(`dpID`) + FROM `willps_accepted` + WHERE `dpTXN` = '{$txn_db}'"); + if ($db->fetch_single($wp_check) > 0) + { + $db->free_result($wp_check); + fclose($fp); + die(""); + } + $db->free_result($wp_check); + // check that txn_id has not been previously processed + // check that receiver_email is your Primary PayPal email + if ($receiver_email != $set['paypal']) + { + fclose($fp); + die(""); + } + // check that payment_amount/payment_currency are correct + if ($payment_currency != "USD") + { + fclose($fp); + die(""); + } + // parse for pack + $packr = explode('|', $item_name); + if (str_replace("www.", "", $packr[0]) + != str_replace("www.", "", $_SERVER['HTTP_HOST'])) + { + fclose($fp); + die(""); + } + if ($packr[1] != "WP") + { + fclose($fp); + die(""); + } + $pack = $packr[2]; + if ($pack != 1 and $pack != 5) + { + fclose($fp); + die(""); + } + if (($pack == 1) && $payment_amount != "1.00") + { + fclose($fp); + die(""); + } + if ($pack == 5 && $payment_amount != "4.50") + { + fclose($fp); + die(""); + } + // grab IDs + $buyer = abs((int) $packr[3]); + $for = $buyer; + // all seems to be in order, credit it. + if ($pack == 1) + { + item_add($for, $set['willp_item'], 1); + + } + else if ($pack == 5) + { + item_add($for, $set['willp_item'], 5); + + } + // process payment + + event_add($for, + "Your \${$payment_amount} worth of Will Potions ($pack) has been successfully credited.", + $c); + $db->query( + "INSERT INTO `willps_accepted` + VALUES(NULL, {$buyer}, {$for}, '$pack', " . time() + . ", '$txn_db')"); + } + else if (strcmp($res, "INVALID") == 0) + { + } + } + fclose($fp); +} diff --git a/itembuy.php b/itembuy.php new file mode 100644 index 0000000..90f5007 --- /dev/null +++ b/itembuy.php @@ -0,0 +1,95 @@ +query( + "SELECT `itmid`, `itmbuyprice`, `itmname`, `itmbuyable`, `shopLOCATION` + FROM `shopitems` AS `si` + INNER JOIN `shops` AS `s` + ON `si`.`sitemSHOP` = `s`.`shopID` + INNER JOIN `items` AS `i` + ON `si`.`sitemITEMID` = `i`.`itmid` + WHERE `sitemID` = {$_GET['ID']}"); + if ($db->num_rows($q) == 0) + { + echo 'Invalid item ID'; + } + else + { + $itemd = $db->fetch_row($q); + if ($ir['money'] < ($itemd['itmbuyprice'] * $_POST['qty'])) + { + echo 'You don\'t have enough money to buy ' . $_POST['qty'] . ' ' + . $itemd['itmname'] + . '!
    > Go Home'; + die($h->endpage()); + } + if ($itemd['itmbuyable'] == 0) + { + echo 'This item can\'t be bought! +
    > Go Home'; + die($h->endpage()); + } + if ($itemd['shopLOCATION'] != $ir['location']) + { + echo 'You can\'t buy items from other cities. +
    > Go Home'; + die($h->endpage()); + } + + $price = ($itemd['itmbuyprice'] * $_POST['qty']); + item_add($userid, $itemd['itmid'], $_POST['qty']); + $db->query( + "UPDATE `users` + SET `money` = `money` - $price + WHERE `userid` = $userid"); + $ib_log = + $db->escape( + "{$ir['username']} bought {$_POST['qty']} " + . "{$itemd['itmname']}(s) for {$price}"); + $db->query( + "INSERT INTO `itembuylogs` + VALUES (NULL, $userid, {$itemd['itmid']}, $price, {$_POST['qty']}, + " . time() . ", '{$ib_log}')"); + echo 'You bought ' . $_POST['qty'] . ' ' . $itemd['itmname'] . ' ' + . (($_POST['qty'] > 1) ? 's' : '') . ' for ' + . money_formatter($price) + . '
    > Goto your inventory'; + } + $db->free_result($q); +} +$h->endpage(); diff --git a/iteminfo.php b/iteminfo.php new file mode 100644 index 0000000..cad124b --- /dev/null +++ b/iteminfo.php @@ -0,0 +1,100 @@ +query( + "SELECT `itmname`, `itmdesc`, `itmbuyprice`, + `itmsellprice`, `itmtypename` + FROM `items` AS `i` + INNER JOIN `itemtypes` AS `it` + ON `i`.`itmtype` = `it`.`itmtypeid` + WHERE `i`.`itmid` = {$itmid} + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + echo 'Invalid item ID'; + } + else + { + $id = $db->fetch_row($q); + echo " + + + + + + + + + + + + + + + + + +
    Looking up info on {$id['itmname']}
    The {$id['itmname']} is a/an {$id['itmtypename']} Item - {$id['itmdesc']} +
    Item Info
    Item Buy PriceItem Sell Price
    + "; + if ($id['itmbuyprice']) + { + echo money_formatter($id['itmbuyprice']); + } + else + { + echo 'N/A'; + } + echo ' + + '; + if ($id['itmsellprice']) + { + echo money_formatter($id['itmsellprice']) + . ' +
    + '; + } + else + { + echo ' +N/A
    + '; + } + } + $db->free_result($q); +} +$h->endpage(); diff --git a/itemmarket.php b/itemmarket.php new file mode 100644 index 0000000..864a6e6 --- /dev/null +++ b/itemmarket.php @@ -0,0 +1,638 @@ +Item Market"; +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} + +function csrf_error($goBackTo) +{ + global $h; + echo '

    Error

    + Your transaction has been blocked for your security.
    + Please try again.
    + > Try Again'; + $h->endpage(); + exit; +} +switch ($_GET['action']) +{ +case "buy": + item_buy(); + break; +case "gift1": + item_gift1(); + break; +case "gift2": + item_gift2(); + break; +case "remove": + itemm_remove(); + break; +default: + imarket_index(); + break; +} + +function imarket_index() +{ + global $db, $ir, $c, $userid, $h; + echo ' +
    + + + + + + + + + '; + + $q = + $db->query( + "SELECT `imPRICE`, `imQTY`, `imCURRENCY`, `imADDER`, + `imID`, `itmid`, `itmname`, `userid`,`username`, + `itmtypename` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `im`.`imITEM` = `i`.`itmid` + INNER JOIN `users` AS `u` + ON `u`.`userid` = `im`.`imADDER` + INNER JOIN `itemtypes` AS `it` + ON `i`.`itmtype` = `it`.`itmtypeid` + ORDER BY `i`.`itmtype`, `i`.`itmname`, `u`.`username` ASC"); + $cblah = 1; + $lt = ''; + while ($r = $db->fetch_row($q)) + { + if ($lt != $r['itmtypename']) + { + $lt = $r['itmtypename']; + echo ' + + + + '; + } + $ctprice = ($r['imPRICE'] * $r['imQTY']); + if ($r['imCURRENCY'] == "money") + { + $price = money_formatter($r['imPRICE']); + $tprice = money_formatter($ctprice); + } + else + { + $price = number_format($r['imPRICE']) . " crystal(s)"; + $tprice = number_format($ctprice) . " crystal(s)"; + } + if ($r['imADDER'] == $userid) + { + $link = + "[Remove]"; + } + else + { + $link = + "[Buy] + [Gift]"; + } + echo ' + + + + + + + + '; + } + $db->free_result($q); + echo ' +
    AdderItemPrice EachPrice TotalLinks
    ' . $lt . '
    ' . $r['username'] + . ' [' . $r['userid'] + . ']' . $r['itmname'] + . ' + '; + if ($r['imQTY'] > 1) + { + echo ' x' . $r['imQTY']; + } + echo ' + ' . $price . '' . $tprice . '' . $link . ' + '; + echo ' +
    + '; +} + +function itemm_remove() +{ + global $db, $ir, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + if (empty($_GET['ID'])) + { + echo 'Something went wrong. +
    > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `imITEM`, `imQTY`, `imADDER`, `imID`, `itmname` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `im`.`imITEM` = `i`.`itmid` + WHERE `im`.`imID` = {$_GET['ID']} + AND `im`.`imADDER` = $userid"); + if ($db->num_rows($q) == 0) + { + echo "Error, either this item does not exist, or you are not the owner. +
    + > Back + "; + die($h->endpage()); + } + $r = $db->fetch_row($q); + item_add($userid, $r['imITEM'], $r['imQTY']); + $i = ($db->insert_id()) ? $db->insert_id() : 99999; + $db->query("DELETE FROM `itemmarket` + WHERE `imID` = {$_GET['ID']}"); + $imr_log = + $db->escape( + "{$ir['username']} removed {$r['itmname']} x {$r['imQTY']}" + . ' from the item market.'); + $db->query( + "INSERT INTO `imremovelogs` + VALUES (NULL, {$r['imITEM']}, {$r['imADDER']}, $userid, + {$r['imID']}, $i, " . time() . ", '{$imr_log}')"); + echo ' + Item removed from market! +
    + > Back + '; +} + +function item_buy() +{ + global $db, $ir, $c, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + $_POST['QTY'] = + (isset($_POST['QTY']) && is_numeric($_POST['QTY'])) + ? abs(intval($_POST['QTY'])) : ''; + if ($_GET['ID'] && !$_POST['QTY']) + { + $q = + $db->query( + "SELECT `imADDER`, `imCURRENCY`, `imPRICE`, `imQTY`, + `imITEM`, `imID`, `itmname` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `i`.`itmid` = `im`.`imITEM` + WHERE `im`.`imID` = {$_GET['ID']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Error, this item does not exist. +
    + > Back + "; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $imbuy_csrf = request_csrf_code("imbuy_{$_GET['ID']}"); + echo ' + Enter how many ' . $r['itmname'] + . ' you want to buy. +
    + There is ' . $r['imQTY'] + . ' available. +
    +
    + + Quantity: +
    + +
    + '; + } + elseif (!$_GET['ID']) + { + echo 'Invalid use of file.'; + } + else + { + $q = + $db->query( + "SELECT `imADDER`, `imCURRENCY`, `imPRICE`, `imQTY`, + `imITEM`, `imID`, `itmname` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `i`.`itmid` = `im`.`imITEM` + WHERE `im`.`imID` = {$_GET['ID']}"); + if (!$db->num_rows($q)) + { + $db->free_result($q); + echo ' + Error, either this item does not exist, or it has already been bought. +
    + > Back + '; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if (!isset($_POST['verf']) + || !verify_csrf_code("imbuy_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + csrf_error('buy&ID=' . $_GET['ID']); + } + if ($r['imADDER'] == $userid) + { + echo ' + Error, you cannot buy your own items.
    + > Back + '; + die($h->endpage()); + } + $curr = $r['imCURRENCY']; + $final_price = $r['imPRICE'] * $_POST['QTY']; + if ($final_price > $ir[$curr]) + { + echo ' + Error, you do not have the funds to buy this item. +
    + > Back + '; + die($h->endpage()); + } + if ($_POST['QTY'] > $r['imQTY']) + { + echo ' + Error, you cannot buy more than ' . $r['imQTY'] . ' ' + . $r['itmname'] + . '(s) +
    + > Back + '; + die($h->endpage()); + } + item_add($userid, $r['imITEM'], $_POST['QTY']); + $i = ($db->insert_id()) ? $db->insert_id() : 99999; + if ($_POST['QTY'] == $r['imQTY']) + { + $db->query( + "DELETE FROM `itemmarket` + WHERE `imID` = {$_GET['ID']}"); + } + elseif ($_POST['QTY'] < $r['imQTY']) + { + $db->query( + 'UPDATE `itemmarket` + SET `imQTY` = `imQTY` - ' . $_POST['QTY'] + . ' + WHERE `imID` = ' . $_GET['ID']); + } + + $db->query( + "UPDATE `users` + SET `$curr` = `$curr` - {$final_price} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `$curr` = `$curr` + {$final_price} + WHERE `userid` = {$r['imADDER']}"); + if ($curr == "money") + { + event_add($r['imADDER'], + "{$ir['username']}" + . " bought your {$r['itmname']} item " + . ' from the market for ' + . money_formatter($final_price) . ".", $c); + $imb_log = + $db->escape( + "{$ir['username']} bought {$r['itmname']} x{$r['imQTY']}" + . " from the item market for " + . money_formatter($final_price) + . " from user ID {$r['imADDER']}"); + $db->query( + "INSERT INTO `imbuylogs` + VALUES (NULL, {$r['imITEM']}, {$r['imADDER']}, $userid, + {$final_price}, {$r['imID']}, {$i}, " . time() + . ", '{$imb_log}')"); + echo " + You bought the {$r['itmname']} x{$_POST['QTY']} from the market for " + . money_formatter($final_price) . "."; + } + else + { + event_add($r['imADDER'], + "{$ir['username']}" + . " bought your {$r['itmname']} item " + . ' from the market for ' + . number_format($final_price) . " crystals.", $c); + $imb_log = + $db->escape( + "{$ir['username']} bought {$r['itmname']} x{$r['imQTY']}" + . " from the item market for " + . number_format($final_price) + . " crystals from user ID {$r['imADDER']}"); + $db->query( + "INSERT INTO `imbuylogs` + VALUES (NULL, {$r['imITEM']}, {$r['imADDER']}, $userid, + {$final_price}, {$r['imID']}, {$i}, " . time() + . ", '{$imb_log}')"); + echo " + You bought the {$r['itmname']} x{$_POST['QTY']} from the market for " + . number_format($final_price) . " crystals."; + } + } + +} + +function item_gift1() +{ + global $db, $ir, $c, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + if (empty($_GET['ID'])) + { + echo 'Something went wrong. +
    > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `imCURRENCY`, `imPRICE`, `imQTY`, `itmname` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `i`.`itmid` = `im`.`imITEM` + WHERE `im`.`imID` = {$_GET['ID']}"); + if ($db->num_rows($q) == 0) + { + echo " + Error, either this item does not exist, or it has already been bought. +
    + > Back + "; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $curr = $r['imCURRENCY']; + if ($r['imPRICE'] > $ir[$curr]) + { + echo ' + Error, you do not have the funds to buy this item. +
    + > Back + '; + die($h->endpage()); + } + if ($curr == "money") + { + echo " + Buying the {$r['itmname']} for " + . money_formatter($r['imPRICE']) . " each as a gift."; + } + else + { + echo " + Buying the {$r['itmname']} for " . number_format($r['imPRICE']) + . " crystals each as a gift."; + } + $imgift_csrf = request_csrf_code("imgift_{$_GET['ID']}"); + echo " +
    + There is {$r['imQTY']} available. +
    +
    + + + User to give gift to: " . user_dropdown(NULL, 'user') + . " +
    + Quantity: +
    + +
    + "; +} + +function item_gift2() +{ + global $db, $ir, $c, $userid, $h; + $_POST['QTY'] = + (isset($_POST['QTY']) && is_numeric($_POST['QTY'])) + ? abs(intval($_POST['QTY'])) : ''; + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : ''; + if ((empty($_POST['ID']) || empty($_POST['user']) || empty($_POST['QTY']))) + { + echo 'Something went wrong. +
    > Go Back'; + die($h->endpage()); + } + if (!isset($_POST['verf']) + || !verify_csrf_code("imgift_{$_POST['ID']}", + stripslashes($_POST['verf']))) + { + csrf_error('gift1&ID=' . $_GET['ID']); + } + $query_user_exist = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = {$_POST['user']}"); + if ($db->fetch_single($query_user_exist) == 0) + { + echo ' + User doesn\'t exist. +
    + > Back + '; + die($h->endpage()); + } + $db->free_result($query_user_exist); + $q = + $db->query( + "SELECT `imADDER`, `imCURRENCY`, `imPRICE`, `imQTY`, + `imITEM`, `imID`, `itmname` + FROM `itemmarket` AS `im` + INNER JOIN `items` AS `i` + ON `i`.`itmid` = `im`.`imITEM` + WHERE `im`.`imID` = {$_POST['ID']}"); + if ($db->num_rows($q) == 0) + { + echo ' + Error, either this item does not exist, or it has already been bought. +
    + > Back + '; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($r['imADDER'] == $userid) + { + echo ' + Error, you cannot buy your own items.
    + > Back + '; + die($h->endpage()); + } + $curr = $r['imCURRENCY']; + $final_price = $r['imPRICE'] * $_POST['QTY']; + if ($final_price > $ir[$curr]) + { + echo " + Error, you do not have the funds to buy this item. +
    + > Back + "; + die($h->endpage()); + } + if ($_POST['QTY'] > $r['imQTY']) + { + echo ' + Error, you cannot buy more than ' . $r['imQTY'] . ' ' + . $r['itmname'] + . '(s) +
    + > Back + '; + die($h->endpage()); + } + item_add($_POST['user'], $r['imITEM'], $_POST['QTY']); + $i = ($db->insert_id()) ? $db->insert_id() : 99999; + if ($_POST['QTY'] == $r['imQTY']) + { + $db->query( + "DELETE FROM `itemmarket` + WHERE `imID` = {$_POST['ID']}"); + } + elseif ($_POST['QTY'] < $r['imQTY']) + { + $db->query( + 'UPDATE `itemmarket` + SET `imQTY` = `imQTY` - ' . $_POST['QTY'] + . ' + WHERE `imID` = ' . $_POST['ID']); + } + + $db->query( + "UPDATE `users` + SET `$curr` = `$curr` - {$final_price} + WHERE `userid`= $userid"); + $db->query( + "UPDATE `users` + SET `$curr` = `$curr` + {$final_price} + WHERE `userid` = {$r['imADDER']}"); + if ($curr == "money") + { + event_add($r['imADDER'], + "{$ir['username']}" + . " bought your {$r['itmname']} x{$_POST['QTY']} item(s)" + . " from the market for " + . money_formatter($final_price) . ".", $c); + event_add($_POST['user'], + "{$ir['username']}" + . " bought you {$r['itmname']} x{$_POST['QTY']}" + . " from the item market as a gift.", $c); + + $u = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$_POST['user']}"); + $uname = $db->fetch_single($u); + $db->free_result($u); + $img_log = + $db->escape( + "{$ir['username']} bought {$r['itmname']} x{$r['imQTY']} from the item market for " + . money_formatter($final_price) + . " from user ID {$r['imADDER']} as a gift for $uname [{$_POST['user']}]"); + $db->query( + "INSERT INTO `imbuylogs` + VALUES (NULL, {$r['imITEM']}, {$r['imADDER']}, $userid, + {$final_price}, {$r['imID']}, $i, " . time() + . ", '{$img_log}')"); + echo " + You bought the {$r['itmname']} from the market for " + . money_formatter($final_price) + . " and sent the gift to $uname. + "; + } + else + { + event_add($r['imADDER'], + "{$ir['username']}" + . " bought your {$r['itmname']} x{$_POST['QTY']} item(s)" + . " from the market for " + . number_format($final_price) . " crystals.", $c); + event_add($_POST['user'], + "{$ir['username']}" + . " bought you {$r['itmname']} x{$_POST['QTY']}" + . " from the item market as a gift.", $c); + + $u = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$_POST['user']}"); + $uname = $db->fetch_single($u); + $db->free_result($u); + $img_log = + $db->escape( + "{$ir['username']} bought {$r['itmname']} x{$r['imQTY']} from the item market for " + . number_format($final_price) + . " crystals from user ID {$r['imADDER']} as a gift for $uname [{$_POST['user']}]"); + $db->query( + "INSERT INTO `imbuylogs` + VALUES (NULL, {$r['imITEM']}, {$r['imADDER']}, $userid, + {$final_price}, {$r['imID']}, $i, " . time() + . ", '{$img_log}')"); + echo " + You bought the {$r['itmname']} from the market for " + . number_format($final_price) + . " crystals and sent the gift to $uname. + "; + } +} +$h->endpage(); diff --git a/itemsell.php b/itemsell.php new file mode 100644 index 0000000..8906fc9 --- /dev/null +++ b/itemsell.php @@ -0,0 +1,120 @@ +query( + "SELECT `inv_qty`, `itmsellprice`, `itmid`, `itmname` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = {$userid} + LIMIT 1"); + if ($db->num_rows($id) == 0) + { + echo 'Invalid item ID'; + } + else + { + $r = $db->fetch_row($id); + if (!isset($_POST['verf']) + || !verify_csrf_code("sellitem_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please sell items quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + if ($_POST['qty'] > $r['inv_qty']) + { + echo 'You are trying to sell more than you have!'; + } + else + { + $price = $r['itmsellprice'] * $_POST['qty']; + item_remove($userid, $r['itmid'], $_POST['qty']); + $db->query( + "UPDATE `users` + SET `money` = `money` + {$price} + WHERE `userid` = $userid"); + $priceh = money_formatter($price); + echo 'You sold ' . $_POST['qty'] . ' ' . $r['itmname'] + . '(s) for ' . $priceh; + $is_log = + $db->escape( + "{$ir['username']} sold {$_POST['qty']} {$r['itmname']}(s) for {$priceh}"); + $db->query( + "INSERT INTO `itemselllogs` + VALUES (NULL, $userid, {$r['itmid']}, $price, + {$_POST['qty']}, " . time() . ", '{$is_log}')"); + } + } + $db->free_result($id); +} +else if (!empty($_GET['ID']) && empty($_POST['qty'])) +{ + $id = + $db->query( + "SELECT `inv_qty`, `itmname` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = {$userid} + LIMIT 1"); + if ($db->num_rows($id) == 0) + { + echo 'Invalid item ID'; + } + else + { + $r = $db->fetch_row($id); + $code = request_csrf_code("sellitem_{$_GET['ID']}"); + echo " + Enter how many {$r['itmname']} you want to sell. You have {$r['inv_qty']} to sell. +
    +
    + + Quantity: +
    + +
    + "; + } + $db->free_result($id); +} +else +{ + echo 'Invalid use of file.'; +} +$h->endpage(); diff --git a/itemsend.php b/itemsend.php new file mode 100644 index 0000000..003e9c2 --- /dev/null +++ b/itemsend.php @@ -0,0 +1,134 @@ +query( + "SELECT `inv_qty`, `inv_itemid`, `itmname`, `itmid` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND iv.`inv_userid` = {$userid} + LIMIT 1"); + if ($db->num_rows($id) == 0) + { + echo 'Invalid item ID'; + } + else + { + $r = $db->fetch_row($id); + $m = + $db->query( + "SELECT `lastip`,`username` + FROM `users` + WHERE `userid` = {$_POST['user']} + LIMIT 1"); + if (!isset($_POST['verf']) + || !verify_csrf_code("senditem_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please send items quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + else if ($_POST['qty'] > $r['inv_qty']) + { + echo 'You are trying to send more than you have!'; + } + else if ($db->num_rows($m) == 0) + { + echo 'You are trying to send to an invalid user!'; + } + else + { + $rm = $db->fetch_row($m); + item_remove($userid, $r['inv_itemid'], $_POST['qty']); + item_add($_POST['user'], $r['inv_itemid'], $_POST['qty']); + echo 'You sent ' . $_POST['qty'] . ' ' . $r['itmname'] . '(s) to ' + . $rm['username']; + event_add($_POST['user'], + "You received {$_POST['qty']} {$r['itmname']}(s) from {$ir['username']}", + $c); + $db->query( + "INSERT INTO `itemxferlogs` + VALUES(NULL, $userid, {$_POST['user']}, {$r['itmid']}, + {$_POST['qty']}, " . time() + . ", '{$ir['lastip']}', '{$rm['lastip']}')"); + } + $db->free_result($m); + } + $db->free_result($id); +} +else if (!empty($_GET['ID'])) +{ + $id = + $db->query( + "SELECT `inv_qty`, `itmname` + FROM `inventory` iv + INNER JOIN `items` AS `it` + ON `iv`.`inv_itemid` = `it`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = $userid + LIMIT 1"); + if ($db->num_rows($id) == 0) + { + echo 'Invalid item ID'; + } + else + { + $r = $db->fetch_row($id); + $code = request_csrf_code("senditem_{$_GET['ID']}"); + echo " + Enter who you want to send {$r['itmname']} to and how many you want to send. + You have {$r['inv_qty']} to send. +
    +
    + User ID: +
    + Quantity: +
    + + +
    + "; + } + $db->free_result($id); +} +else +{ + echo 'Invalid use of file.'; +} +$h->endpage(); diff --git a/itemuse.php b/itemuse.php new file mode 100644 index 0000000..28c3f18 --- /dev/null +++ b/itemuse.php @@ -0,0 +1,124 @@ +query( + "SELECT `effect1`, `effect2`, `effect3`, + `effect1_on`, `effect2_on`, `effect3_on`, + `itmname`, `inv_itemid` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `i` + ON `iv`.`inv_itemid` = `i`.`itmid` + WHERE `iv`.`inv_id` = {$_GET['ID']} + AND `iv`.`inv_userid` = $userid"); + if ($db->num_rows($i) == 0) + { + $db->free_result($i); + echo 'Invalid item ID'; + } + else + { + $r = $db->fetch_row($i); + $db->free_result($i); + if (!$r['effect1_on'] && !$r['effect2_on'] && !$r['effect3_on']) + { + echo 'Sorry, this item cannot be used as it has no effect.'; + die($h->endpage()); + } + for ($enum = 1; $enum <= 3; $enum++) + { + if ($r["effect{$enum}_on"]) + { + $einfo = unserialize($r["effect{$enum}"]); + if ($einfo['inc_type'] == "percent") + { + if (in_array($einfo['stat'], + array('energy', 'will', 'brave', 'hp'))) + { + $inc = + round( + $ir['max' . $einfo['stat']] / 100 + * $einfo['inc_amount']); + } + else + { + $inc = + round( + $ir[$einfo['stat']] / 100 + * $einfo['inc_amount']); + } + } + else + { + $inc = $einfo['inc_amount']; + } + if ($einfo['dir'] == "pos") + { + if (in_array($einfo['stat'], + array('energy', 'will', 'brave', 'hp'))) + { + $ir[$einfo['stat']] = + min($ir[$einfo['stat']] + $inc, + $ir['max' . $einfo['stat']]); + } + else + { + $ir[$einfo['stat']] += $inc; + } + } + else + { + $ir[$einfo['stat']] = max($ir[$einfo['stat']] - $inc, 0); + } + $upd = $ir[$einfo['stat']]; + if (in_array($einfo['stat'], + array('strength', 'agility', 'guard', 'labour', 'IQ'))) + { + $db->query( + "UPDATE `userstats` + SET `{$einfo['stat']}` = '{$upd}' + WHERE `userid` = {$userid}"); + } + else + { + $db->query( + "UPDATE `users` + SET `{$einfo['stat']}` = '{$upd}' + WHERE `userid` = {$userid}"); + } + } + } + echo $r['itmname'] . ' used successfully!'; + item_remove($userid, $r['inv_itemid'], 1); + } +} +$h->endpage(); diff --git a/jail.php b/jail.php new file mode 100644 index 0000000..039a963 --- /dev/null +++ b/jail.php @@ -0,0 +1,65 @@ +Jail + + + + + + + + + "; +$q = + $db->query( + "SELECT `jail_reason`, `jail`, `level`, `username`, `userid`, + `gangPREF` + FROM `users` AS `u` + LEFT JOIN `gangs` AS `g` + ON `u`.`gang` = `g`.`gangID` + WHERE `u`.`jail` > 0 + ORDER BY `u`.`jail` DESC"); +while ($r = $db->fetch_row($q)) +{ + echo " + + + + + + + + "; +} +$db->free_result($q); +echo '
    NameLevelTimeReasonActions
    + {$r['gangPREF']} + {$r['username']} + [{$r['userid']}] + {$r['level']}{$r['jail']} minutes{$r['jail_reason']} + [Bust] + [Bail] +
    '; +$h->endpage(); diff --git a/jailbail.php b/jailbail.php new file mode 100644 index 0000000..773912d --- /dev/null +++ b/jailbail.php @@ -0,0 +1,73 @@ +endpage()); +} +$_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : 0; +$jail_q = + $db->query( + "SELECT `userid`, `jail`, `level`, `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); +if ($db->num_rows($jail_q) == 0) +{ + $db->free_result($jail_q); + echo "Invalid user"; + die($h->endpage()); +} +$r = $db->fetch_row($jail_q); +$db->free_result($jail_q); +if (!$r['jail']) +{ + echo "That user is not in jail!"; + die($h->endpage()); +} +$cost = $r['level'] * 2000; +$cf = money_formatter($cost); +if ($ir['money'] < $cost) +{ + echo "Sorry, you do not have enough money to bail out {$r['username']}." + . " You need {$cf}."; + die($h->endpage()); +} + +echo "You successfully bailed {$r['username']} out of jail for $cf.
    + > Back"; +$db->query( + "UPDATE `users` + SET `money` = `money` - {$cost} + WHERE `userid` = $userid"); +$db->query( + "UPDATE `users` + SET `jail` = 0 + WHERE `userid` = {$r['userid']}"); +event_add($r['userid'], + "{$ir['username']} bailed you out of jail.", + $c); +$h->endpage(); diff --git a/jailbust.php b/jailbust.php new file mode 100644 index 0000000..b7e7eb8 --- /dev/null +++ b/jailbust.php @@ -0,0 +1,90 @@ +endpage()); +} +if ($ir['jail']) +{ + echo "You cannot bust out people while in jail."; + die($h->endpage()); +} +$_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : 0; +$jail_q = + $db->query( + "SELECT `userid`, `jail`, `level`, `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); +if ($db->num_rows($jail_q) == 0) +{ + $db->free_result($jail_q); + echo "Invalid user"; + die($h->endpage()); +} +$r = $db->fetch_row($jail_q); +$db->free_result($jail_q); +if (!$r['jail']) +{ + echo "That user is not in jail!"; + die($h->endpage()); +} +$mult = $r['level'] * $r['level']; +$chance = min(($ir['crimexp'] / $mult) * 50 + 1, 95); +if (rand(1, 100) < $chance) +{ + $gain = $r['level'] * 5; + echo "You successfully busted {$r['username']} out of jail.
    + > Back"; + $db->query( + "UPDATE `users` + SET `crimexp` = `crimexp` + {$gain}, `energy` = `energy` - 10 + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `jail` = 0 + WHERE `userid` = {$r['userid']}"); + event_add($r['userid'], + "{$ir['username']} busted you out of jail.", + $c); +} +else +{ + echo "While trying to bust out your friend, a guard spotted you and dragged you into jail yourself. Unlucky!
    + > Back"; + $time = min($mult, 100); + $jail_reason = $db->escape("Caught trying to bust out {$r['username']}"); + $db->query( + "UPDATE `users` + SET `jail` = $time, `jail_reason` = '{$jail_reason}', + `energy` = `energy` - 10 + WHERE `userid` = $userid"); + event_add($r['userid'], + "{$ir['username']} was caught trying to bust you out of jail.", + $c); +} +$h->endpage(); diff --git a/jailuser.php b/jailuser.php new file mode 100644 index 0000000..5030695 --- /dev/null +++ b/jailuser.php @@ -0,0 +1,111 @@ + + > Go Home'; + die($h->endpage()); +} +$_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; +$_POST['reason'] = + (isset($_POST['reason']) + && ((strlen($_POST['reason']) > 3) + && (strlen($_POST['reason']) < 50))) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) : ''; +$_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; +if (!empty($_POST['user']) && !empty($_POST['reason']) + && !empty($_POST['days'])) +{ + if (!isset($_POST['verf']) + || !verify_csrf_code('jailuser', stripslashes($_POST['verf']))) + { + echo '

    Error

    + This operation has been blocked for your security.
    + Please try again.
    + > Try Again'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    > Go Back'; + die($h->endpage()); + } + $f_q = $db->fetch_row($q); + $db->free_result($q); + if ($f_q['user_level'] == 2) + { + echo 'You cannot fed admins, please destaff them first. +
    > Go Back'; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `fedjail` = 1 + WHERE `userid` = {$_POST['user']}"); + $db->query( + "INSERT INTO `fedjail` + VALUES(NULL, {$_POST['user']}, {$_POST['days']}, $userid, + '{$_POST['reason']}')"); + $db->query( + "INSERT INTO `jaillogs` + VALUES(NULL, $userid, {$_POST['user']}, {$_POST['days']}, + '{$_POST['reason']}', " . time() . ")"); + echo 'User was fedded.
    + > Go Home'; +} +else +{ + $jail_csrf = request_csrf_code('jailuser'); + $_GET['userid'] = + (isset($_GET['userid']) && is_numeric($_GET['userid'])) + ? abs(intval($_GET['userid'])) : -1; + echo " +

    Jailing User

    + The user will be put in fed jail and will be unable to do anything in the game. +
    +
    + User: " . user_dropdown(NULL, 'user', $_GET['userid']) + . " +
    + Days: +
    + Reason: +
    + + +
    + "; +} +$h->endpage(); diff --git a/job.php b/job.php new file mode 100644 index 0000000..a7aa38d --- /dev/null +++ b/job.php @@ -0,0 +1,249 @@ + + "; + $q = + $db->query( + "SELECT `jID`,`jDESC`,`jNAME` + FROM `jobs`"); + while ($r = $db->fetch_row($q)) + { + echo " + > {$r['jNAME']} - {$r['jDESC']} - Go to interview +
    + "; + } + $db->free_result($q); + } + else + { + $q = + $db->query( + "SELECT `jOWNER`, `jrID`, `jrIQN`, `jrLABOURN`, + `jrSTRN` + FROM `jobs` AS `j` + INNER JOIN `jobranks` AS `jr` + ON `j`.`jFIRST` = `jr`.`jrID` + WHERE `j`.`jID` = {$_GET['interview']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + print "Invalid job specified."; + $h->endpage(); + exit; + } + $r = $db->fetch_row($q); + $db->free_result($q); + echo " + {$r['jOWNER']}: So {$ir['username']}, you were looking for a job with us? +
    + {$ir['username']}: Yes please! +
    + "; + if ($ir['strength'] >= $r['jrSTRN'] + && $ir['labour'] >= $r['jrLABOURN'] + && $ir['IQ'] >= $r['jrIQN']) + { + $db->query( + "UPDATE `users` + SET `job` = {$_GET['interview']}, `jobrank` = {$r['jrID']} + WHERE `userid` = $userid"); + echo " + {$r['jOWNER']}: Okay {$ir['username']}, we're good to go, see you tomorrow. +
    + {$ir['username']}: Thanks! +
    + > Go Home + "; + } + else + { + echo " + {$r['jOWNER']}: Sorry {$ir['username']}, you're not far enough in the game to work in this job. You'll need: + "; + if ($ir['strength'] < $r['jrSTRN']) + { + $s = $r['jrSTRN'] - $ir['strength']; + echo " $s more strength, "; + } + if ($ir['labour'] < $r['jrLABOURN']) + { + $s = $r['jrLABOURN'] - $ir['labour']; + echo " $s more labour, "; + } + if ($ir['IQ'] < $r['jrIQN']) + { + $s = $r['jrIQN'] - $ir['IQ']; + echo " $s more IQ, "; + } + echo " + before you'll be able to work here! +
    + > Go Home + "; + } + } +} +else +{ + if (!isset($_GET['action'])) + { + $_GET['action'] = ''; + } + switch ($_GET['action']) + { + case 'quit': + quit_job(); + break; + case 'promote': + job_promote(); + break; + default: + job_index(); + break; + } +} + +function job_index() +{ + global $db, $ir, $c, $userid, $h; + echo " +

    Your Job

    + You currently work in the {$ir['jNAME']}! You receive " + . money_formatter($ir['jrPAY']) + . " each day at 5pm! +
    + You also receive {$ir['jrIQG']} IQ, {$ir['jrSTRG']} strength, and {$ir['jrLABOURG']} labour! +
    + + + + + + + + + +
    Strength: {$ir['strength']}IQ: {$ir['IQ']}
    Labour: {$ir['labour']}Job Rank: {$ir['jrNAME']}
    + Job Ranks +
    + + + + + + + + + "; + $q = + $db->query( + "SELECT `jrNAME`, `jrPAY`, `jrSTRN`, `jrIQN`, `jrLABOURN` + FROM `jobranks` + WHERE `jrJOB` = {$ir['job']} + ORDER BY `jrPAY` ASC"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + + "; + } + $db->free_result($q); + echo " +
    TitlePayStrength ReqdIQ ReqdLabour Reqd
    {$r['jrNAME']}" . money_formatter($r['jrPAY']) + . "{$r['jrSTRN']}{$r['jrIQN']}{$r['jrLABOURN']}
    +
    + > Try To Get Promoted +
    + > Quit + "; +} + +function job_promote() +{ + global $db, $ir, $c, $userid, $h; + $q = + $db->query( + "SELECT `jrID`,`jrNAME` + FROM `jobranks` + WHERE `jrPAY` > {$ir['jrPAY']} + AND `jrSTRN` <= {$ir['strength']} + AND `jrLABOURN` <= {$ir['labour']} + AND `jrIQN` <= {$ir['IQ']} AND `jrJOB` = {$ir['job']} + ORDER BY `jrPAY` DESC + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + echo " + Sorry, you cannot be promoted at this time. +
    + > Go Back + "; + } + else + { + $r = $db->fetch_row($q); + $db->query( + "UPDATE `users` + SET `jobrank` = {$r['jrID']} + WHERE `userid` = $userid"); + echo " + Congrats, you have been promoted to {$r['jrNAME']}. +
    + > Go Back + "; + } + $db->free_result($q); +} + +function quit_job() +{ + global $db, $ir, $c, $userid, $h; + $db->query( + "UPDATE `users` + SET `job` = 0, `jobrank` = 0 + WHERE `userid` = $userid"); + echo " + You have quit your job! +
    + > Go Back + "; +} +$h->endpage(); diff --git a/js/index.html b/js/index.html new file mode 100644 index 0000000..3e3bd3c --- /dev/null +++ b/js/index.html @@ -0,0 +1,11 @@ + + + + +Forbidden + + +

    Access Forbidden

    + This folder is not designed to be accessed directly. + + \ No newline at end of file diff --git a/js/jquery-1.7.1.min.js b/js/jquery-1.7.1.min.js new file mode 100644 index 0000000..198b3ff --- /dev/null +++ b/js/jquery-1.7.1.min.js @@ -0,0 +1,4 @@ +/*! jQuery v1.7.1 jquery.com | jquery.org/license */ +(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"":"")+""),cm.close();d=cm.createElement(a),cm.body.appendChild(d),e=f.css(d,"display"),b.removeChild(cl)}ck[a]=e}return ck[a]}function cu(a,b){var c={};f.each(cq.concat.apply([],cq.slice(0,b)),function(){c[this]=a});return c}function ct(){cr=b}function cs(){setTimeout(ct,0);return cr=f.now()}function cj(){try{return new a.ActiveXObject("Microsoft.XMLHTTP")}catch(b){}}function ci(){try{return new a.XMLHttpRequest}catch(b){}}function cc(a,c){a.dataFilter&&(c=a.dataFilter(c,a.dataType));var d=a.dataTypes,e={},g,h,i=d.length,j,k=d[0],l,m,n,o,p;for(g=1;g0){if(c!=="border")for(;g=0===c})}function S(a){return!a||!a.parentNode||a.parentNode.nodeType===11}function K(){return!0}function J(){return!1}function n(a,b,c){var d=b+"defer",e=b+"queue",g=b+"mark",h=f._data(a,d);h&&(c==="queue"||!f._data(a,e))&&(c==="mark"||!f._data(a,g))&&setTimeout(function(){!f._data(a,e)&&!f._data(a,g)&&(f.removeData(a,d,!0),h.fire())},0)}function m(a){for(var b in a){if(b==="data"&&f.isEmptyObject(a[b]))continue;if(b!=="toJSON")return!1}return!0}function l(a,c,d){if(d===b&&a.nodeType===1){var e="data-"+c.replace(k,"-$1").toLowerCase();d=a.getAttribute(e);if(typeof d=="string"){try{d=d==="true"?!0:d==="false"?!1:d==="null"?null:f.isNumeric(d)?parseFloat(d):j.test(d)?f.parseJSON(d):d}catch(g){}f.data(a,c,d)}else d=b}return d}function h(a){var b=g[a]={},c,d;a=a.split(/\s+/);for(c=0,d=a.length;c)[^>]*$|#([\w\-]*)$)/,j=/\S/,k=/^\s+/,l=/\s+$/,m=/^<(\w+)\s*\/?>(?:<\/\1>)?$/,n=/^[\],:{}\s]*$/,o=/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g,p=/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,q=/(?:^|:|,)(?:\s*\[)+/g,r=/(webkit)[ \/]([\w.]+)/,s=/(opera)(?:.*version)?[ \/]([\w.]+)/,t=/(msie) ([\w.]+)/,u=/(mozilla)(?:.*? rv:([\w.]+))?/,v=/-([a-z]|[0-9])/ig,w=/^-ms-/,x=function(a,b){return(b+"").toUpperCase()},y=d.userAgent,z,A,B,C=Object.prototype.toString,D=Object.prototype.hasOwnProperty,E=Array.prototype.push,F=Array.prototype.slice,G=String.prototype.trim,H=Array.prototype.indexOf,I={};e.fn=e.prototype={constructor:e,init:function(a,d,f){var g,h,j,k;if(!a)return this;if(a.nodeType){this.context=this[0]=a,this.length=1;return this}if(a==="body"&&!d&&c.body){this.context=c,this[0]=c.body,this.selector=a,this.length=1;return this}if(typeof a=="string"){a.charAt(0)!=="<"||a.charAt(a.length-1)!==">"||a.length<3?g=i.exec(a):g=[null,a,null];if(g&&(g[1]||!d)){if(g[1]){d=d instanceof e?d[0]:d,k=d?d.ownerDocument||d:c,j=m.exec(a),j?e.isPlainObject(d)?(a=[c.createElement(j[1])],e.fn.attr.call(a,d,!0)):a=[k.createElement(j[1])]:(j=e.buildFragment([g[1]],[k]),a=(j.cacheable?e.clone(j.fragment):j.fragment).childNodes);return e.merge(this,a)}h=c.getElementById(g[2]);if(h&&h.parentNode){if(h.id!==g[2])return f.find(a);this.length=1,this[0]=h}this.context=c,this.selector=a;return this}return!d||d.jquery?(d||f).find(a):this.constructor(d).find(a)}if(e.isFunction(a))return f.ready(a);a.selector!==b&&(this.selector=a.selector,this.context=a.context);return e.makeArray(a,this)},selector:"",jquery:"1.7.1",length:0,size:function(){return this.length},toArray:function(){return F.call(this,0)},get:function(a){return a==null?this.toArray():a<0?this[this.length+a]:this[a]},pushStack:function(a,b,c){var d=this.constructor();e.isArray(a)?E.apply(d,a):e.merge(d,a),d.prevObject=this,d.context=this.context,b==="find"?d.selector=this.selector+(this.selector?" ":"")+c:b&&(d.selector=this.selector+"."+b+"("+c+")");return d},each:function(a,b){return e.each(this,a,b)},ready:function(a){e.bindReady(),A.add(a);return this},eq:function(a){a=+a;return a===-1?this.slice(a):this.slice(a,a+1)},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},slice:function(){return this.pushStack(F.apply(this,arguments),"slice",F.call(arguments).join(","))},map:function(a){return this.pushStack(e.map(this,function(b,c){return a.call(b,c,b)}))},end:function(){return this.prevObject||this.constructor(null)},push:E,sort:[].sort,splice:[].splice},e.fn.init.prototype=e.fn,e.extend=e.fn.extend=function(){var a,c,d,f,g,h,i=arguments[0]||{},j=1,k=arguments.length,l=!1;typeof i=="boolean"&&(l=i,i=arguments[1]||{},j=2),typeof i!="object"&&!e.isFunction(i)&&(i={}),k===j&&(i=this,--j);for(;j0)return;A.fireWith(c,[e]),e.fn.trigger&&e(c).trigger("ready").off("ready")}},bindReady:function(){if(!A){A=e.Callbacks("once memory");if(c.readyState==="complete")return setTimeout(e.ready,1);if(c.addEventListener)c.addEventListener("DOMContentLoaded",B,!1),a.addEventListener("load",e.ready,!1);else if(c.attachEvent){c.attachEvent("onreadystatechange",B),a.attachEvent("onload",e.ready);var b=!1;try{b=a.frameElement==null}catch(d){}c.documentElement.doScroll&&b&&J()}}},isFunction:function(a){return e.type(a)==="function"},isArray:Array.isArray||function(a){return e.type(a)==="array"},isWindow:function(a){return a&&typeof a=="object"&&"setInterval"in a},isNumeric:function(a){return!isNaN(parseFloat(a))&&isFinite(a)},type:function(a){return a==null?String(a):I[C.call(a)]||"object"},isPlainObject:function(a){if(!a||e.type(a)!=="object"||a.nodeType||e.isWindow(a))return!1;try{if(a.constructor&&!D.call(a,"constructor")&&!D.call(a.constructor.prototype,"isPrototypeOf"))return!1}catch(c){return!1}var d;for(d in a);return d===b||D.call(a,d)},isEmptyObject:function(a){for(var b in a)return!1;return!0},error:function(a){throw new Error(a)},parseJSON:function(b){if(typeof b!="string"||!b)return null;b=e.trim(b);if(a.JSON&&a.JSON.parse)return a.JSON.parse(b);if(n.test(b.replace(o,"@").replace(p,"]").replace(q,"")))return(new Function("return "+b))();e.error("Invalid JSON: "+b)},parseXML:function(c){var d,f;try{a.DOMParser?(f=new DOMParser,d=f.parseFromString(c,"text/xml")):(d=new ActiveXObject("Microsoft.XMLDOM"),d.async="false",d.loadXML(c))}catch(g){d=b}(!d||!d.documentElement||d.getElementsByTagName("parsererror").length)&&e.error("Invalid XML: "+c);return d},noop:function(){},globalEval:function(b){b&&j.test(b)&&(a.execScript||function(b){a.eval.call(a,b)})(b)},camelCase:function(a){return a.replace(w,"ms-").replace(v,x)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toUpperCase()===b.toUpperCase()},each:function(a,c,d){var f,g=0,h=a.length,i=h===b||e.isFunction(a);if(d){if(i){for(f in a)if(c.apply(a[f],d)===!1)break}else for(;g0&&a[0]&&a[j-1]||j===0||e.isArray(a));if(k)for(;i1?i.call(arguments,0):b,j.notifyWith(k,e)}}function l(a){return function(c){b[a]=arguments.length>1?i.call(arguments,0):c,--g||j.resolveWith(j,b)}}var b=i.call(arguments,0),c=0,d=b.length,e=Array(d),g=d,h=d,j=d<=1&&a&&f.isFunction(a.promise)?a:f.Deferred(),k=j.promise();if(d>1){for(;c
    a",d=q.getElementsByTagName("*"),e=q.getElementsByTagName("a")[0];if(!d||!d.length||!e)return{};g=c.createElement("select"),h=g.appendChild(c.createElement("option")),i=q.getElementsByTagName("input")[0],b={leadingWhitespace:q.firstChild.nodeType===3,tbody:!q.getElementsByTagName("tbody").length,htmlSerialize:!!q.getElementsByTagName("link").length,style:/top/.test(e.getAttribute("style")),hrefNormalized:e.getAttribute("href")==="/a",opacity:/^0.55/.test(e.style.opacity),cssFloat:!!e.style.cssFloat,checkOn:i.value==="on",optSelected:h.selected,getSetAttribute:q.className!=="t",enctype:!!c.createElement("form").enctype,html5Clone:c.createElement("nav").cloneNode(!0).outerHTML!=="<:nav>",submitBubbles:!0,changeBubbles:!0,focusinBubbles:!1,deleteExpando:!0,noCloneEvent:!0,inlineBlockNeedsLayout:!1,shrinkWrapBlocks:!1,reliableMarginRight:!0},i.checked=!0,b.noCloneChecked=i.cloneNode(!0).checked,g.disabled=!0,b.optDisabled=!h.disabled;try{delete q.test}catch(s){b.deleteExpando=!1}!q.addEventListener&&q.attachEvent&&q.fireEvent&&(q.attachEvent("onclick",function(){b.noCloneEvent=!1}),q.cloneNode(!0).fireEvent("onclick")),i=c.createElement("input"),i.value="t",i.setAttribute("type","radio"),b.radioValue=i.value==="t",i.setAttribute("checked","checked"),q.appendChild(i),k=c.createDocumentFragment(),k.appendChild(q.lastChild),b.checkClone=k.cloneNode(!0).cloneNode(!0).lastChild.checked,b.appendChecked=i.checked,k.removeChild(i),k.appendChild(q),q.innerHTML="",a.getComputedStyle&&(j=c.createElement("div"),j.style.width="0",j.style.marginRight="0",q.style.width="2px",q.appendChild(j),b.reliableMarginRight=(parseInt((a.getComputedStyle(j,null)||{marginRight:0}).marginRight,10)||0)===0);if(q.attachEvent)for(o in{submit:1,change:1,focusin:1})n="on"+o,p=n in q,p||(q.setAttribute(n,"return;"),p=typeof q[n]=="function"),b[o+"Bubbles"]=p;k.removeChild(q),k=g=h=j=q=i=null,f(function(){var a,d,e,g,h,i,j,k,m,n,o,r=c.getElementsByTagName("body")[0];!r||(j=1,k="position:absolute;top:0;left:0;width:1px;height:1px;margin:0;",m="visibility:hidden;border:0;",n="style='"+k+"border:5px solid #000;padding:0;'",o="
    "+""+"
    ",a=c.createElement("div"),a.style.cssText=m+"width:0;height:0;position:static;top:0;margin-top:"+j+"px",r.insertBefore(a,r.firstChild),q=c.createElement("div"),a.appendChild(q),q.innerHTML="
    t
    ",l=q.getElementsByTagName("td"),p=l[0].offsetHeight===0,l[0].style.display="",l[1].style.display="none",b.reliableHiddenOffsets=p&&l[0].offsetHeight===0,q.innerHTML="",q.style.width=q.style.paddingLeft="1px",f.boxModel=b.boxModel=q.offsetWidth===2,typeof q.style.zoom!="undefined"&&(q.style.display="inline",q.style.zoom=1,b.inlineBlockNeedsLayout=q.offsetWidth===2,q.style.display="",q.innerHTML="
    ",b.shrinkWrapBlocks=q.offsetWidth!==2),q.style.cssText=k+m,q.innerHTML=o,d=q.firstChild,e=d.firstChild,h=d.nextSibling.firstChild.firstChild,i={doesNotAddBorder:e.offsetTop!==5,doesAddBorderForTableAndCells:h.offsetTop===5},e.style.position="fixed",e.style.top="20px",i.fixedPosition=e.offsetTop===20||e.offsetTop===15,e.style.position=e.style.top="",d.style.overflow="hidden",d.style.position="relative",i.subtractsBorderForOverflowNotVisible=e.offsetTop===-5,i.doesNotIncludeMarginInBodyOffset=r.offsetTop!==j,r.removeChild(a),q=a=null,f.extend(b,i))});return b}();var j=/^(?:\{.*\}|\[.*\])$/,k=/([A-Z])/g;f.extend({cache:{},uuid:0,expando:"jQuery"+(f.fn.jquery+Math.random()).replace(/\D/g,""),noData:{embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000",applet:!0},hasData:function(a){a=a.nodeType?f.cache[a[f.expando]]:a[f.expando];return!!a&&!m(a)},data:function(a,c,d,e){if(!!f.acceptData(a)){var g,h,i,j=f.expando,k=typeof c=="string",l=a.nodeType,m=l?f.cache:a,n=l?a[j]:a[j]&&j,o=c==="events";if((!n||!m[n]||!o&&!e&&!m[n].data)&&k&&d===b)return;n||(l?a[j]=n=++f.uuid:n=j),m[n]||(m[n]={},l||(m[n].toJSON=f.noop));if(typeof c=="object"||typeof c=="function")e?m[n]=f.extend(m[n],c):m[n].data=f.extend(m[n].data,c);g=h=m[n],e||(h.data||(h.data={}),h=h.data),d!==b&&(h[f.camelCase(c)]=d);if(o&&!h[c])return g.events;k?(i=h[c],i==null&&(i=h[f.camelCase(c)])):i=h;return i}},removeData:function(a,b,c){if(!!f.acceptData(a)){var d,e,g,h=f.expando,i=a.nodeType,j=i?f.cache:a,k=i?a[h]:h;if(!j[k])return;if(b){d=c?j[k]:j[k].data;if(d){f.isArray(b)||(b in d?b=[b]:(b=f.camelCase(b),b in d?b=[b]:b=b.split(" ")));for(e=0,g=b.length;e-1)return!0;return!1},val:function(a){var c,d,e,g=this[0];{if(!!arguments.length){e=f.isFunction(a);return this.each(function(d){var g=f(this),h;if(this.nodeType===1){e?h=a.call(this,d,g.val()):h=a,h==null?h="":typeof h=="number"?h+="":f.isArray(h)&&(h=f.map(h,function(a){return a==null?"":a+""})),c=f.valHooks[this.nodeName.toLowerCase()]||f.valHooks[this.type];if(!c||!("set"in c)||c.set(this,h,"value")===b)this.value=h}})}if(g){c=f.valHooks[g.nodeName.toLowerCase()]||f.valHooks[g.type];if(c&&"get"in c&&(d=c.get(g,"value"))!==b)return d;d=g.value;return typeof d=="string"?d.replace(q,""):d==null?"":d}}}}),f.extend({valHooks:{option:{get:function(a){var b=a.attributes.value;return!b||b.specified?a.value:a.text}},select:{get:function(a){var b,c,d,e,g=a.selectedIndex,h=[],i=a.options,j=a.type==="select-one";if(g<0)return null;c=j?g:0,d=j?g+1:i.length;for(;c=0}),c.length||(a.selectedIndex=-1);return c}}},attrFn:{val:!0,css:!0,html:!0,text:!0,data:!0,width:!0,height:!0,offset:!0},attr:function(a,c,d,e){var g,h,i,j=a.nodeType;if(!!a&&j!==3&&j!==8&&j!==2){if(e&&c in f.attrFn)return f(a)[c](d);if(typeof a.getAttribute=="undefined")return f.prop(a,c,d);i=j!==1||!f.isXMLDoc(a),i&&(c=c.toLowerCase(),h=f.attrHooks[c]||(u.test(c)?x:w));if(d!==b){if(d===null){f.removeAttr(a,c);return}if(h&&"set"in h&&i&&(g=h.set(a,d,c))!==b)return g;a.setAttribute(c,""+d);return d}if(h&&"get"in h&&i&&(g=h.get(a,c))!==null)return g;g=a.getAttribute(c);return g===null?b:g}},removeAttr:function(a,b){var c,d,e,g,h=0;if(b&&a.nodeType===1){d=b.toLowerCase().split(p),g=d.length;for(;h=0}})});var z=/^(?:textarea|input|select)$/i,A=/^([^\.]*)?(?:\.(.+))?$/,B=/\bhover(\.\S+)?\b/,C=/^key/,D=/^(?:mouse|contextmenu)|click/,E=/^(?:focusinfocus|focusoutblur)$/,F=/^(\w*)(?:#([\w\-]+))?(?:\.([\w\-]+))?$/,G=function(a){var b=F.exec(a);b&&(b[1]=(b[1]||"").toLowerCase(),b[3]=b[3]&&new RegExp("(?:^|\\s)"+b[3]+"(?:\\s|$)"));return b},H=function(a,b){var c=a.attributes||{};return(!b[1]||a.nodeName.toLowerCase()===b[1])&&(!b[2]||(c.id||{}).value===b[2])&&(!b[3]||b[3].test((c["class"]||{}).value))},I=function(a){return f.event.special.hover?a:a.replace(B,"mouseenter$1 mouseleave$1")}; +f.event={add:function(a,c,d,e,g){var h,i,j,k,l,m,n,o,p,q,r,s;if(!(a.nodeType===3||a.nodeType===8||!c||!d||!(h=f._data(a)))){d.handler&&(p=d,d=p.handler),d.guid||(d.guid=f.guid++),j=h.events,j||(h.events=j={}),i=h.handle,i||(h.handle=i=function(a){return typeof f!="undefined"&&(!a||f.event.triggered!==a.type)?f.event.dispatch.apply(i.elem,arguments):b},i.elem=a),c=f.trim(I(c)).split(" ");for(k=0;k=0&&(h=h.slice(0,-1),k=!0),h.indexOf(".")>=0&&(i=h.split("."),h=i.shift(),i.sort());if((!e||f.event.customEvent[h])&&!f.event.global[h])return;c=typeof c=="object"?c[f.expando]?c:new f.Event(h,c):new f.Event(h),c.type=h,c.isTrigger=!0,c.exclusive=k,c.namespace=i.join("."),c.namespace_re=c.namespace?new RegExp("(^|\\.)"+i.join("\\.(?:.*\\.)?")+"(\\.|$)"):null,o=h.indexOf(":")<0?"on"+h:"";if(!e){j=f.cache;for(l in j)j[l].events&&j[l].events[h]&&f.event.trigger(c,d,j[l].handle.elem,!0);return}c.result=b,c.target||(c.target=e),d=d!=null?f.makeArray(d):[],d.unshift(c),p=f.event.special[h]||{};if(p.trigger&&p.trigger.apply(e,d)===!1)return;r=[[e,p.bindType||h]];if(!g&&!p.noBubble&&!f.isWindow(e)){s=p.delegateType||h,m=E.test(s+h)?e:e.parentNode,n=null;for(;m;m=m.parentNode)r.push([m,s]),n=m;n&&n===e.ownerDocument&&r.push([n.defaultView||n.parentWindow||a,s])}for(l=0;le&&i.push({elem:this,matches:d.slice(e)});for(j=0;j0?this.on(b,null,a,c):this.trigger(b)},f.attrFn&&(f.attrFn[b]=!0),C.test(b)&&(f.event.fixHooks[b]=f.event.keyHooks),D.test(b)&&(f.event.fixHooks[b]=f.event.mouseHooks)}),function(){function x(a,b,c,e,f,g){for(var h=0,i=e.length;h0){k=j;break}}j=j[a]}e[h]=k}}}function w(a,b,c,e,f,g){for(var h=0,i=e.length;h+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,d="sizcache"+(Math.random()+"").replace(".",""),e=0,g=Object.prototype.toString,h=!1,i=!0,j=/\\/g,k=/\r\n/g,l=/\W/;[0,0].sort(function(){i=!1;return 0});var m=function(b,d,e,f){e=e||[],d=d||c;var h=d;if(d.nodeType!==1&&d.nodeType!==9)return[];if(!b||typeof b!="string")return e;var i,j,k,l,n,q,r,t,u=!0,v=m.isXML(d),w=[],x=b;do{a.exec(""),i=a.exec(x);if(i){x=i[3],w.push(i[1]);if(i[2]){l=i[3];break}}}while(i);if(w.length>1&&p.exec(b))if(w.length===2&&o.relative[w[0]])j=y(w[0]+w[1],d,f);else{j=o.relative[w[0]]?[d]:m(w.shift(),d);while(w.length)b=w.shift(),o.relative[b]&&(b+=w.shift()),j=y(b,j,f)}else{!f&&w.length>1&&d.nodeType===9&&!v&&o.match.ID.test(w[0])&&!o.match.ID.test(w[w.length-1])&&(n=m.find(w.shift(),d,v),d=n.expr?m.filter(n.expr,n.set)[0]:n.set[0]);if(d){n=f?{expr:w.pop(),set:s(f)}:m.find(w.pop(),w.length===1&&(w[0]==="~"||w[0]==="+")&&d.parentNode?d.parentNode:d,v),j=n.expr?m.filter(n.expr,n.set):n.set,w.length>0?k=s(j):u=!1;while(w.length)q=w.pop(),r=q,o.relative[q]?r=w.pop():q="",r==null&&(r=d),o.relative[q](k,r,v)}else k=w=[]}k||(k=j),k||m.error(q||b);if(g.call(k)==="[object Array]")if(!u)e.push.apply(e,k);else if(d&&d.nodeType===1)for(t=0;k[t]!=null;t++)k[t]&&(k[t]===!0||k[t].nodeType===1&&m.contains(d,k[t]))&&e.push(j[t]);else for(t=0;k[t]!=null;t++)k[t]&&k[t].nodeType===1&&e.push(j[t]);else s(k,e);l&&(m(l,h,e,f),m.uniqueSort(e));return e};m.uniqueSort=function(a){if(u){h=i,a.sort(u);if(h)for(var b=1;b0},m.find=function(a,b,c){var d,e,f,g,h,i;if(!a)return[];for(e=0,f=o.order.length;e":function(a,b){var c,d=typeof b=="string",e=0,f=a.length;if(d&&!l.test(b)){b=b.toLowerCase();for(;e=0)?c||d.push(h):c&&(b[g]=!1));return!1},ID:function(a){return a[1].replace(j,"")},TAG:function(a,b){return a[1].replace(j,"").toLowerCase()},CHILD:function(a){if(a[1]==="nth"){a[2]||m.error(a[0]),a[2]=a[2].replace(/^\+|\s*/g,"");var b=/(-?)(\d*)(?:n([+\-]?\d*))?/.exec(a[2]==="even"&&"2n"||a[2]==="odd"&&"2n+1"||!/\D/.test(a[2])&&"0n+"+a[2]||a[2]);a[2]=b[1]+(b[2]||1)-0,a[3]=b[3]-0}else a[2]&&m.error(a[0]);a[0]=e++;return a},ATTR:function(a,b,c,d,e,f){var g=a[1]=a[1].replace(j,"");!f&&o.attrMap[g]&&(a[1]=o.attrMap[g]),a[4]=(a[4]||a[5]||"").replace(j,""),a[2]==="~="&&(a[4]=" "+a[4]+" ");return a},PSEUDO:function(b,c,d,e,f){if(b[1]==="not")if((a.exec(b[3])||"").length>1||/^\w/.test(b[3]))b[3]=m(b[3],null,null,c);else{var g=m.filter(b[3],c,d,!0^f);d||e.push.apply(e,g);return!1}else if(o.match.POS.test(b[0])||o.match.CHILD.test(b[0]))return!0;return b},POS:function(a){a.unshift(!0);return a}},filters:{enabled:function(a){return a.disabled===!1&&a.type!=="hidden"},disabled:function(a){return a.disabled===!0},checked:function(a){return a.checked===!0},selected:function(a){a.parentNode&&a.parentNode.selectedIndex;return a.selected===!0},parent:function(a){return!!a.firstChild},empty:function(a){return!a.firstChild},has:function(a,b,c){return!!m(c[3],a).length},header:function(a){return/h\d/i.test(a.nodeName)},text:function(a){var b=a.getAttribute("type"),c=a.type;return a.nodeName.toLowerCase()==="input"&&"text"===c&&(b===c||b===null)},radio:function(a){return a.nodeName.toLowerCase()==="input"&&"radio"===a.type},checkbox:function(a){return a.nodeName.toLowerCase()==="input"&&"checkbox"===a.type},file:function(a){return a.nodeName.toLowerCase()==="input"&&"file"===a.type},password:function(a){return a.nodeName.toLowerCase()==="input"&&"password"===a.type},submit:function(a){var b=a.nodeName.toLowerCase();return(b==="input"||b==="button")&&"submit"===a.type},image:function(a){return a.nodeName.toLowerCase()==="input"&&"image"===a.type},reset:function(a){var b=a.nodeName.toLowerCase();return(b==="input"||b==="button")&&"reset"===a.type},button:function(a){var b=a.nodeName.toLowerCase();return b==="input"&&"button"===a.type||b==="button"},input:function(a){return/input|select|textarea|button/i.test(a.nodeName)},focus:function(a){return a===a.ownerDocument.activeElement}},setFilters:{first:function(a,b){return b===0},last:function(a,b,c,d){return b===d.length-1},even:function(a,b){return b%2===0},odd:function(a,b){return b%2===1},lt:function(a,b,c){return bc[3]-0},nth:function(a,b,c){return c[3]-0===b},eq:function(a,b,c){return c[3]-0===b}},filter:{PSEUDO:function(a,b,c,d){var e=b[1],f=o.filters[e];if(f)return f(a,c,b,d);if(e==="contains")return(a.textContent||a.innerText||n([a])||"").indexOf(b[3])>=0;if(e==="not"){var g=b[3];for(var h=0,i=g.length;h=0}},ID:function(a,b){return a.nodeType===1&&a.getAttribute("id")===b},TAG:function(a,b){return b==="*"&&a.nodeType===1||!!a.nodeName&&a.nodeName.toLowerCase()===b},CLASS:function(a,b){return(" "+(a.className||a.getAttribute("class"))+" ").indexOf(b)>-1},ATTR:function(a,b){var c=b[1],d=m.attr?m.attr(a,c):o.attrHandle[c]?o.attrHandle[c](a):a[c]!=null?a[c]:a.getAttribute(c),e=d+"",f=b[2],g=b[4];return d==null?f==="!=":!f&&m.attr?d!=null:f==="="?e===g:f==="*="?e.indexOf(g)>=0:f==="~="?(" "+e+" ").indexOf(g)>=0:g?f==="!="?e!==g:f==="^="?e.indexOf(g)===0:f==="$="?e.substr(e.length-g.length)===g:f==="|="?e===g||e.substr(0,g.length+1)===g+"-":!1:e&&d!==!1},POS:function(a,b,c,d){var e=b[2],f=o.setFilters[e];if(f)return f(a,c,b,d)}}},p=o.match.POS,q=function(a,b){return"\\"+(b-0+1)};for(var r in o.match)o.match[r]=new RegExp(o.match[r].source+/(?![^\[]*\])(?![^\(]*\))/.source),o.leftMatch[r]=new RegExp(/(^(?:.|\r|\n)*?)/.source+o.match[r].source.replace(/\\(\d+)/g,q));var s=function(a,b){a=Array.prototype.slice.call(a,0);if(b){b.push.apply(b,a);return b}return a};try{Array.prototype.slice.call(c.documentElement.childNodes,0)[0].nodeType}catch(t){s=function(a,b){var c=0,d=b||[];if(g.call(a)==="[object Array]")Array.prototype.push.apply(d,a);else if(typeof a.length=="number")for(var e=a.length;c",e.insertBefore(a,e.firstChild),c.getElementById(d)&&(o.find.ID=function(a,c,d){if(typeof c.getElementById!="undefined"&&!d){var e=c.getElementById(a[1]);return e?e.id===a[1]||typeof e.getAttributeNode!="undefined"&&e.getAttributeNode("id").nodeValue===a[1]?[e]:b:[]}},o.filter.ID=function(a,b){var c=typeof a.getAttributeNode!="undefined"&&a.getAttributeNode("id");return a.nodeType===1&&c&&c.nodeValue===b}),e.removeChild(a),e=a=null}(),function(){var a=c.createElement("div");a.appendChild(c.createComment("")),a.getElementsByTagName("*").length>0&&(o.find.TAG=function(a,b){var c=b.getElementsByTagName(a[1]);if(a[1]==="*"){var d=[];for(var e=0;c[e];e++)c[e].nodeType===1&&d.push(c[e]);c=d}return c}),a.innerHTML="",a.firstChild&&typeof a.firstChild.getAttribute!="undefined"&&a.firstChild.getAttribute("href")!=="#"&&(o.attrHandle.href=function(a){return a.getAttribute("href",2)}),a=null}(),c.querySelectorAll&&function(){var a=m,b=c.createElement("div"),d="__sizzle__";b.innerHTML="

    ";if(!b.querySelectorAll||b.querySelectorAll(".TEST").length!==0){m=function(b,e,f,g){e=e||c;if(!g&&!m.isXML(e)){var h=/^(\w+$)|^\.([\w\-]+$)|^#([\w\-]+$)/.exec(b);if(h&&(e.nodeType===1||e.nodeType===9)){if(h[1])return s(e.getElementsByTagName(b),f);if(h[2]&&o.find.CLASS&&e.getElementsByClassName)return s(e.getElementsByClassName(h[2]),f)}if(e.nodeType===9){if(b==="body"&&e.body)return s([e.body],f);if(h&&h[3]){var i=e.getElementById(h[3]);if(!i||!i.parentNode)return s([],f);if(i.id===h[3])return s([i],f)}try{return s(e.querySelectorAll(b),f)}catch(j){}}else if(e.nodeType===1&&e.nodeName.toLowerCase()!=="object"){var k=e,l=e.getAttribute("id"),n=l||d,p=e.parentNode,q=/^\s*[+~]/.test(b);l?n=n.replace(/'/g,"\\$&"):e.setAttribute("id",n),q&&p&&(e=e.parentNode);try{if(!q||p)return s(e.querySelectorAll("[id='"+n+"'] "+b),f)}catch(r){}finally{l||k.removeAttribute("id")}}}return a(b,e,f,g)};for(var e in a)m[e]=a[e];b=null}}(),function(){var a=c.documentElement,b=a.matchesSelector||a.mozMatchesSelector||a.webkitMatchesSelector||a.msMatchesSelector;if(b){var d=!b.call(c.createElement("div"),"div"),e=!1;try{b.call(c.documentElement,"[test!='']:sizzle")}catch(f){e=!0}m.matchesSelector=function(a,c){c=c.replace(/\=\s*([^'"\]]*)\s*\]/g,"='$1']");if(!m.isXML(a))try{if(e||!o.match.PSEUDO.test(c)&&!/!=/.test(c)){var f=b.call(a,c);if(f||!d||a.document&&a.document.nodeType!==11)return f}}catch(g){}return m(c,null,null,[a]).length>0}}}(),function(){var a=c.createElement("div");a.innerHTML="
    ";if(!!a.getElementsByClassName&&a.getElementsByClassName("e").length!==0){a.lastChild.className="e";if(a.getElementsByClassName("e").length===1)return;o.order.splice(1,0,"CLASS"),o.find.CLASS=function(a,b,c){if(typeof b.getElementsByClassName!="undefined"&&!c)return b.getElementsByClassName(a[1])},a=null}}(),c.documentElement.contains?m.contains=function(a,b){return a!==b&&(a.contains?a.contains(b):!0)}:c.documentElement.compareDocumentPosition?m.contains=function(a,b){return!!(a.compareDocumentPosition(b)&16)}:m.contains=function(){return!1},m.isXML=function(a){var b=(a?a.ownerDocument||a:0).documentElement;return b?b.nodeName!=="HTML":!1};var y=function(a,b,c){var d,e=[],f="",g=b.nodeType?[b]:b;while(d=o.match.PSEUDO.exec(a))f+=d[0],a=a.replace(o.match.PSEUDO,"");a=o.relative[a]?a+"*":a;for(var h=0,i=g.length;h0)for(h=g;h=0:f.filter(a,this).length>0:this.filter(a).length>0)},closest:function(a,b){var c=[],d,e,g=this[0];if(f.isArray(a)){var h=1;while(g&&g.ownerDocument&&g!==b){for(d=0;d-1:f.find.matchesSelector(g,a)){c.push(g);break}g=g.parentNode;if(!g||!g.ownerDocument||g===b||g.nodeType===11)break}}c=c.length>1?f.unique(c):c;return this.pushStack(c,"closest",a)},index:function(a){if(!a)return this[0]&&this[0].parentNode?this.prevAll().length:-1;if(typeof a=="string")return f.inArray(this[0],f(a));return f.inArray(a.jquery?a[0]:a,this)},add:function(a,b){var c=typeof a=="string"?f(a,b):f.makeArray(a&&a.nodeType?[a]:a),d=f.merge(this.get(),c);return this.pushStack(S(c[0])||S(d[0])?d:f.unique(d))},andSelf:function(){return this.add(this.prevObject)}}),f.each({parent:function(a){var b=a.parentNode;return b&&b.nodeType!==11?b:null},parents:function(a){return f.dir(a,"parentNode")},parentsUntil:function(a,b,c){return f.dir(a,"parentNode",c)},next:function(a){return f.nth(a,2,"nextSibling")},prev:function(a){return f.nth(a,2,"previousSibling")},nextAll:function(a){return f.dir(a,"nextSibling")},prevAll:function(a){return f.dir(a,"previousSibling")},nextUntil:function(a,b,c){return f.dir(a,"nextSibling",c)},prevUntil:function(a,b,c){return f.dir(a,"previousSibling",c)},siblings:function(a){return f.sibling(a.parentNode.firstChild,a)},children:function(a){return f.sibling(a.firstChild)},contents:function(a){return f.nodeName(a,"iframe")?a.contentDocument||a.contentWindow.document:f.makeArray(a.childNodes)}},function(a,b){f.fn[a]=function(c,d){var e=f.map(this,b,c);L.test(a)||(d=c),d&&typeof d=="string"&&(e=f.filter(d,e)),e=this.length>1&&!R[a]?f.unique(e):e,(this.length>1||N.test(d))&&M.test(a)&&(e=e.reverse());return this.pushStack(e,a,P.call(arguments).join(","))}}),f.extend({filter:function(a,b,c){c&&(a=":not("+a+")");return b.length===1?f.find.matchesSelector(b[0],a)?[b[0]]:[]:f.find.matches(a,b)},dir:function(a,c,d){var e=[],g=a[c];while(g&&g.nodeType!==9&&(d===b||g.nodeType!==1||!f(g).is(d)))g.nodeType===1&&e.push(g),g=g[c];return e},nth:function(a,b,c,d){b=b||1;var e=0;for(;a;a=a[c])if(a.nodeType===1&&++e===b)break;return a},sibling:function(a,b){var c=[];for(;a;a=a.nextSibling)a.nodeType===1&&a!==b&&c.push(a);return c}});var V="abbr|article|aside|audio|canvas|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",W=/ jQuery\d+="(?:\d+|null)"/g,X=/^\s+/,Y=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/ig,Z=/<([\w:]+)/,$=/",""],legend:[1,"
    ","
    "],thead:[1,"","
    "],tr:[2,"","
    "],td:[3,"","
    "],col:[2,"","
    "],area:[1,"",""],_default:[0,"",""]},bh=U(c);bg.optgroup=bg.option,bg.tbody=bg.tfoot=bg.colgroup=bg.caption=bg.thead,bg.th=bg.td,f.support.htmlSerialize||(bg._default=[1,"div
    ","
    "]),f.fn.extend({text:function(a){if(f.isFunction(a))return this.each(function(b){var c=f(this);c.text(a.call(this,b,c.text()))});if(typeof a!="object"&&a!==b)return this.empty().append((this[0]&&this[0].ownerDocument||c).createTextNode(a));return f.text(this)},wrapAll:function(a){if(f.isFunction(a))return this.each(function(b){f(this).wrapAll(a.call(this,b))});if(this[0]){var b=f(a,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&b.insertBefore(this[0]),b.map(function(){var a=this;while(a.firstChild&&a.firstChild.nodeType===1)a=a.firstChild;return a}).append(this)}return this},wrapInner:function(a){if(f.isFunction(a))return this.each(function(b){f(this).wrapInner(a.call(this,b))});return this.each(function(){var b=f(this),c=b.contents();c.length?c.wrapAll(a):b.append(a)})},wrap:function(a){var b=f.isFunction(a);return this.each(function(c){f(this).wrapAll(b?a.call(this,c):a)})},unwrap:function(){return this.parent().each(function(){f.nodeName(this,"body")||f(this).replaceWith(this.childNodes)}).end()},append:function(){return this.domManip(arguments,!0,function(a){this.nodeType===1&&this.appendChild(a)})},prepend:function(){return this.domManip(arguments,!0,function(a){this.nodeType===1&&this.insertBefore(a,this.firstChild)})},before:function(){if(this[0]&&this[0].parentNode)return this.domManip(arguments,!1,function(a){this.parentNode.insertBefore(a,this)});if(arguments.length){var a=f.clean(arguments);a.push.apply(a,this.toArray());return this.pushStack(a,"before",arguments)}},after:function(){if(this[0]&&this[0].parentNode)return this.domManip(arguments,!1,function(a){this.parentNode.insertBefore(a,this.nextSibling)});if(arguments.length){var a=this.pushStack(this,"after",arguments);a.push.apply(a,f.clean(arguments));return a}},remove:function(a,b){for(var c=0,d;(d=this[c])!=null;c++)if(!a||f.filter(a,[d]).length)!b&&d.nodeType===1&&(f.cleanData(d.getElementsByTagName("*")),f.cleanData([d])),d.parentNode&&d.parentNode.removeChild(d);return this},empty:function() +{for(var a=0,b;(b=this[a])!=null;a++){b.nodeType===1&&f.cleanData(b.getElementsByTagName("*"));while(b.firstChild)b.removeChild(b.firstChild)}return this},clone:function(a,b){a=a==null?!1:a,b=b==null?a:b;return this.map(function(){return f.clone(this,a,b)})},html:function(a){if(a===b)return this[0]&&this[0].nodeType===1?this[0].innerHTML.replace(W,""):null;if(typeof a=="string"&&!ba.test(a)&&(f.support.leadingWhitespace||!X.test(a))&&!bg[(Z.exec(a)||["",""])[1].toLowerCase()]){a=a.replace(Y,"<$1>");try{for(var c=0,d=this.length;c1&&l0?this.clone(!0):this).get();f(e[h])[b](j),d=d.concat(j)}return this.pushStack(d,a,e.selector)}}),f.extend({clone:function(a,b,c){var d,e,g,h=f.support.html5Clone||!bc.test("<"+a.nodeName)?a.cloneNode(!0):bo(a);if((!f.support.noCloneEvent||!f.support.noCloneChecked)&&(a.nodeType===1||a.nodeType===11)&&!f.isXMLDoc(a)){bk(a,h),d=bl(a),e=bl(h);for(g=0;d[g];++g)e[g]&&bk(d[g],e[g])}if(b){bj(a,h);if(c){d=bl(a),e=bl(h);for(g=0;d[g];++g)bj(d[g],e[g])}}d=e=null;return h},clean:function(a,b,d,e){var g;b=b||c,typeof b.createElement=="undefined"&&(b=b.ownerDocument||b[0]&&b[0].ownerDocument||c);var h=[],i;for(var j=0,k;(k=a[j])!=null;j++){typeof k=="number"&&(k+="");if(!k)continue;if(typeof k=="string")if(!_.test(k))k=b.createTextNode(k);else{k=k.replace(Y,"<$1>");var l=(Z.exec(k)||["",""])[1].toLowerCase(),m=bg[l]||bg._default,n=m[0],o=b.createElement("div");b===c?bh.appendChild(o):U(b).appendChild(o),o.innerHTML=m[1]+k+m[2];while(n--)o=o.lastChild;if(!f.support.tbody){var p=$.test(k),q=l==="table"&&!p?o.firstChild&&o.firstChild.childNodes:m[1]===""&&!p?o.childNodes:[];for(i=q.length-1;i>=0;--i)f.nodeName(q[i],"tbody")&&!q[i].childNodes.length&&q[i].parentNode.removeChild(q[i])}!f.support.leadingWhitespace&&X.test(k)&&o.insertBefore(b.createTextNode(X.exec(k)[0]),o.firstChild),k=o.childNodes}var r;if(!f.support.appendChecked)if(k[0]&&typeof (r=k.length)=="number")for(i=0;i=0)return b+"px"}}}),f.support.opacity||(f.cssHooks.opacity={get:function(a,b){return br.test((b&&a.currentStyle?a.currentStyle.filter:a.style.filter)||"")?parseFloat(RegExp.$1)/100+"":b?"1":""},set:function(a,b){var c=a.style,d=a.currentStyle,e=f.isNumeric(b)?"alpha(opacity="+b*100+")":"",g=d&&d.filter||c.filter||"";c.zoom=1;if(b>=1&&f.trim(g.replace(bq,""))===""){c.removeAttribute("filter");if(d&&!d.filter)return}c.filter=bq.test(g)?g.replace(bq,e):g+" "+e}}),f(function(){f.support.reliableMarginRight||(f.cssHooks.marginRight={get:function(a,b){var c;f.swap(a,{display:"inline-block"},function(){b?c=bz(a,"margin-right","marginRight"):c=a.style.marginRight});return c}})}),c.defaultView&&c.defaultView.getComputedStyle&&(bA=function(a,b){var c,d,e;b=b.replace(bs,"-$1").toLowerCase(),(d=a.ownerDocument.defaultView)&&(e=d.getComputedStyle(a,null))&&(c=e.getPropertyValue(b),c===""&&!f.contains(a.ownerDocument.documentElement,a)&&(c=f.style(a,b)));return c}),c.documentElement.currentStyle&&(bB=function(a,b){var c,d,e,f=a.currentStyle&&a.currentStyle[b],g=a.style;f===null&&g&&(e=g[b])&&(f=e),!bt.test(f)&&bu.test(f)&&(c=g.left,d=a.runtimeStyle&&a.runtimeStyle.left,d&&(a.runtimeStyle.left=a.currentStyle.left),g.left=b==="fontSize"?"1em":f||0,f=g.pixelLeft+"px",g.left=c,d&&(a.runtimeStyle.left=d));return f===""?"auto":f}),bz=bA||bB,f.expr&&f.expr.filters&&(f.expr.filters.hidden=function(a){var b=a.offsetWidth,c=a.offsetHeight;return b===0&&c===0||!f.support.reliableHiddenOffsets&&(a.style&&a.style.display||f.css(a,"display"))==="none"},f.expr.filters.visible=function(a){return!f.expr.filters.hidden(a)});var bD=/%20/g,bE=/\[\]$/,bF=/\r?\n/g,bG=/#.*$/,bH=/^(.*?):[ \t]*([^\r\n]*)\r?$/mg,bI=/^(?:color|date|datetime|datetime-local|email|hidden|month|number|password|range|search|tel|text|time|url|week)$/i,bJ=/^(?:about|app|app\-storage|.+\-extension|file|res|widget):$/,bK=/^(?:GET|HEAD)$/,bL=/^\/\//,bM=/\?/,bN=/)<[^<]*)*<\/script>/gi,bO=/^(?:select|textarea)/i,bP=/\s+/,bQ=/([?&])_=[^&]*/,bR=/^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+))?)?/,bS=f.fn.load,bT={},bU={},bV,bW,bX=["*/"]+["*"];try{bV=e.href}catch(bY){bV=c.createElement("a"),bV.href="",bV=bV.href}bW=bR.exec(bV.toLowerCase())||[],f.fn.extend({load:function(a,c,d){if(typeof a!="string"&&bS)return bS.apply(this,arguments);if(!this.length)return this;var e=a.indexOf(" ");if(e>=0){var g=a.slice(e,a.length);a=a.slice(0,e)}var h="GET";c&&(f.isFunction(c)?(d=c,c=b):typeof c=="object"&&(c=f.param(c,f.ajaxSettings.traditional),h="POST"));var i=this;f.ajax({url:a,type:h,dataType:"html",data:c,complete:function(a,b,c){c=a.responseText,a.isResolved()&&(a.done(function(a){c=a}),i.html(g?f("
    ").append(c.replace(bN,"")).find(g):c)),d&&i.each(d,[c,b,a])}});return this},serialize:function(){return f.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?f.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||bO.test(this.nodeName)||bI.test(this.type))}).map(function(a,b){var c=f(this).val();return c==null?null:f.isArray(c)?f.map(c,function(a,c){return{name:b.name,value:a.replace(bF,"\r\n")}}):{name:b.name,value:c.replace(bF,"\r\n")}}).get()}}),f.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),function(a,b){f.fn[b]=function(a){return this.on(b,a)}}),f.each(["get","post"],function(a,c){f[c]=function(a,d,e,g){f.isFunction(d)&&(g=g||e,e=d,d=b);return f.ajax({type:c,url:a,data:d,success:e,dataType:g})}}),f.extend({getScript:function(a,c){return f.get(a,b,c,"script")},getJSON:function(a,b,c){return f.get(a,b,c,"json")},ajaxSetup:function(a,b){b?b_(a,f.ajaxSettings):(b=a,a=f.ajaxSettings),b_(a,b);return a},ajaxSettings:{url:bV,isLocal:bJ.test(bW[1]),global:!0,type:"GET",contentType:"application/x-www-form-urlencoded",processData:!0,async:!0,accepts:{xml:"application/xml, text/xml",html:"text/html",text:"text/plain",json:"application/json, text/javascript","*":bX},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText"},converters:{"* text":a.String,"text html":!0,"text json":f.parseJSON,"text xml":f.parseXML},flatOptions:{context:!0,url:!0}},ajaxPrefilter:bZ(bT),ajaxTransport:bZ(bU),ajax:function(a,c){function w(a,c,l,m){if(s!==2){s=2,q&&clearTimeout(q),p=b,n=m||"",v.readyState=a>0?4:0;var o,r,u,w=c,x=l?cb(d,v,l):b,y,z;if(a>=200&&a<300||a===304){if(d.ifModified){if(y=v.getResponseHeader("Last-Modified"))f.lastModified[k]=y;if(z=v.getResponseHeader("Etag"))f.etag[k]=z}if(a===304)w="notmodified",o=!0;else try{r=cc(d,x),w="success",o=!0}catch(A){w="parsererror",u=A}}else{u=w;if(!w||a)w="error",a<0&&(a=0)}v.status=a,v.statusText=""+(c||w),o?h.resolveWith(e,[r,w,v]):h.rejectWith(e,[v,w,u]),v.statusCode(j),j=b,t&&g.trigger("ajax"+(o?"Success":"Error"),[v,d,o?r:u]),i.fireWith(e,[v,w]),t&&(g.trigger("ajaxComplete",[v,d]),--f.active||f.event.trigger("ajaxStop"))}}typeof a=="object"&&(c=a,a=b),c=c||{};var d=f.ajaxSetup({},c),e=d.context||d,g=e!==d&&(e.nodeType||e instanceof f)?f(e):f.event,h=f.Deferred(),i=f.Callbacks("once memory"),j=d.statusCode||{},k,l={},m={},n,o,p,q,r,s=0,t,u,v={readyState:0,setRequestHeader:function(a,b){if(!s){var c=a.toLowerCase();a=m[c]=m[c]||a,l[a]=b}return this},getAllResponseHeaders:function(){return s===2?n:null},getResponseHeader:function(a){var c;if(s===2){if(!o){o={};while(c=bH.exec(n))o[c[1].toLowerCase()]=c[2]}c=o[a.toLowerCase()]}return c===b?null:c},overrideMimeType:function(a){s||(d.mimeType=a);return this},abort:function(a){a=a||"abort",p&&p.abort(a),w(0,a);return this}};h.promise(v),v.success=v.done,v.error=v.fail,v.complete=i.add,v.statusCode=function(a){if(a){var b;if(s<2)for(b in a)j[b]=[j[b],a[b]];else b=a[v.status],v.then(b,b)}return this},d.url=((a||d.url)+"").replace(bG,"").replace(bL,bW[1]+"//"),d.dataTypes=f.trim(d.dataType||"*").toLowerCase().split(bP),d.crossDomain==null&&(r=bR.exec(d.url.toLowerCase()),d.crossDomain=!(!r||r[1]==bW[1]&&r[2]==bW[2]&&(r[3]||(r[1]==="http:"?80:443))==(bW[3]||(bW[1]==="http:"?80:443)))),d.data&&d.processData&&typeof d.data!="string"&&(d.data=f.param(d.data,d.traditional)),b$(bT,d,c,v);if(s===2)return!1;t=d.global,d.type=d.type.toUpperCase(),d.hasContent=!bK.test(d.type),t&&f.active++===0&&f.event.trigger("ajaxStart");if(!d.hasContent){d.data&&(d.url+=(bM.test(d.url)?"&":"?")+d.data,delete d.data),k=d.url;if(d.cache===!1){var x=f.now(),y=d.url.replace(bQ,"$1_="+x);d.url=y+(y===d.url?(bM.test(d.url)?"&":"?")+"_="+x:"")}}(d.data&&d.hasContent&&d.contentType!==!1||c.contentType)&&v.setRequestHeader("Content-Type",d.contentType),d.ifModified&&(k=k||d.url,f.lastModified[k]&&v.setRequestHeader("If-Modified-Since",f.lastModified[k]),f.etag[k]&&v.setRequestHeader("If-None-Match",f.etag[k])),v.setRequestHeader("Accept",d.dataTypes[0]&&d.accepts[d.dataTypes[0]]?d.accepts[d.dataTypes[0]]+(d.dataTypes[0]!=="*"?", "+bX+"; q=0.01":""):d.accepts["*"]);for(u in d.headers)v.setRequestHeader(u,d.headers[u]);if(d.beforeSend&&(d.beforeSend.call(e,v,d)===!1||s===2)){v.abort();return!1}for(u in{success:1,error:1,complete:1})v[u](d[u]);p=b$(bU,d,c,v);if(!p)w(-1,"No Transport");else{v.readyState=1,t&&g.trigger("ajaxSend",[v,d]),d.async&&d.timeout>0&&(q=setTimeout(function(){v.abort("timeout")},d.timeout));try{s=1,p.send(l,w)}catch(z){if(s<2)w(-1,z);else throw z}}return v},param:function(a,c){var d=[],e=function(a,b){b=f.isFunction(b)?b():b,d[d.length]=encodeURIComponent(a)+"="+encodeURIComponent(b)};c===b&&(c=f.ajaxSettings.traditional);if(f.isArray(a)||a.jquery&&!f.isPlainObject(a))f.each(a,function(){e(this.name,this.value)});else for(var g in a)ca(g,a[g],c,e);return d.join("&").replace(bD,"+")}}),f.extend({active:0,lastModified:{},etag:{}});var cd=f.now(),ce=/(\=)\?(&|$)|\?\?/i;f.ajaxSetup({jsonp:"callback",jsonpCallback:function(){return f.expando+"_"+cd++}}),f.ajaxPrefilter("json jsonp",function(b,c,d){var e=b.contentType==="application/x-www-form-urlencoded"&&typeof b.data=="string";if(b.dataTypes[0]==="jsonp"||b.jsonp!==!1&&(ce.test(b.url)||e&&ce.test(b.data))){var g,h=b.jsonpCallback=f.isFunction(b.jsonpCallback)?b.jsonpCallback():b.jsonpCallback,i=a[h],j=b.url,k=b.data,l="$1"+h+"$2";b.jsonp!==!1&&(j=j.replace(ce,l),b.url===j&&(e&&(k=k.replace(ce,l)),b.data===k&&(j+=(/\?/.test(j)?"&":"?")+b.jsonp+"="+h))),b.url=j,b.data=k,a[h]=function(a){g=[a]},d.always(function(){a[h]=i,g&&f.isFunction(i)&&a[h](g[0])}),b.converters["script json"]=function(){g||f.error(h+" was not called");return g[0]},b.dataTypes[0]="json";return"script"}}),f.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/javascript|ecmascript/},converters:{"text script":function(a){f.globalEval(a);return a}}}),f.ajaxPrefilter("script",function(a){a.cache===b&&(a.cache=!1),a.crossDomain&&(a.type="GET",a.global=!1)}),f.ajaxTransport("script",function(a){if(a.crossDomain){var d,e=c.head||c.getElementsByTagName("head")[0]||c.documentElement;return{send:function(f,g){d=c.createElement("script"),d.async="async",a.scriptCharset&&(d.charset=a.scriptCharset),d.src=a.url,d.onload=d.onreadystatechange=function(a,c){if(c||!d.readyState||/loaded|complete/.test(d.readyState))d.onload=d.onreadystatechange=null,e&&d.parentNode&&e.removeChild(d),d=b,c||g(200,"success")},e.insertBefore(d,e.firstChild)},abort:function(){d&&d.onload(0,1)}}}});var cf=a.ActiveXObject?function(){for(var a in ch)ch[a](0,1)}:!1,cg=0,ch;f.ajaxSettings.xhr=a.ActiveXObject?function(){return!this.isLocal&&ci()||cj()}:ci,function(a){f.extend(f.support,{ajax:!!a,cors:!!a&&"withCredentials"in a})}(f.ajaxSettings.xhr()),f.support.ajax&&f.ajaxTransport(function(c){if(!c.crossDomain||f.support.cors){var d;return{send:function(e,g){var h=c.xhr(),i,j;c.username?h.open(c.type,c.url,c.async,c.username,c.password):h.open(c.type,c.url,c.async);if(c.xhrFields)for(j in c.xhrFields)h[j]=c.xhrFields[j];c.mimeType&&h.overrideMimeType&&h.overrideMimeType(c.mimeType),!c.crossDomain&&!e["X-Requested-With"]&&(e["X-Requested-With"]="XMLHttpRequest");try{for(j in e)h.setRequestHeader(j,e[j])}catch(k){}h.send(c.hasContent&&c.data||null),d=function(a,e){var j,k,l,m,n;try{if(d&&(e||h.readyState===4)){d=b,i&&(h.onreadystatechange=f.noop,cf&&delete ch[i]);if(e)h.readyState!==4&&h.abort();else{j=h.status,l=h.getAllResponseHeaders(),m={},n=h.responseXML,n&&n.documentElement&&(m.xml=n),m.text=h.responseText;try{k=h.statusText}catch(o){k=""}!j&&c.isLocal&&!c.crossDomain?j=m.text?200:404:j===1223&&(j=204)}}}catch(p){e||g(-1,p)}m&&g(j,k,m,l)},!c.async||h.readyState===4?d():(i=++cg,cf&&(ch||(ch={},f(a).unload(cf)),ch[i]=d),h.onreadystatechange=d)},abort:function(){d&&d(0,1)}}}});var ck={},cl,cm,cn=/^(?:toggle|show|hide)$/,co=/^([+\-]=)?([\d+.\-]+)([a-z%]*)$/i,cp,cq=[["height","marginTop","marginBottom","paddingTop","paddingBottom"],["width","marginLeft","marginRight","paddingLeft","paddingRight"],["opacity"]],cr;f.fn.extend({show:function(a,b,c){var d,e;if(a||a===0)return this.animate(cu("show",3),a,b,c);for(var g=0,h=this.length;g=i.duration+this.startTime){this.now=this.end,this.pos=this.state=1,this.update(),i.animatedProperties[this.prop]=!0;for(b in i.animatedProperties)i.animatedProperties[b]!==!0&&(g=!1);if(g){i.overflow!=null&&!f.support.shrinkWrapBlocks&&f.each(["","X","Y"],function(a,b){h.style["overflow"+b]=i.overflow[a]}),i.hide&&f(h).hide();if(i.hide||i.show)for(b in i.animatedProperties)f.style(h,b,i.orig[b]),f.removeData(h,"fxshow"+b,!0),f.removeData(h,"toggle"+b,!0);d=i.complete,d&&(i.complete=!1,d.call(h))}return!1}i.duration==Infinity?this.now=e:(c=e-this.startTime,this.state=c/i.duration,this.pos=f.easing[i.animatedProperties[this.prop]](this.state,c,0,1,i.duration),this.now=this.start+(this.end-this.start)*this.pos),this.update();return!0}},f.extend(f.fx,{tick:function(){var a,b=f.timers,c=0;for(;c-1,k={},l={},m,n;j?(l=e.position(),m=l.top,n=l.left):(m=parseFloat(h)||0,n=parseFloat(i)||0),f.isFunction(b)&&(b=b.call(a,c,g)),b.top!=null&&(k.top=b.top-g.top+m),b.left!=null&&(k.left=b.left-g.left+n),"using"in b?b.using.call(a,k):e.css(k)}},f.fn.extend({position:function(){if(!this[0])return null;var a=this[0],b=this.offsetParent(),c=this.offset(),d=cx.test(b[0].nodeName)?{top:0,left:0}:b.offset();c.top-=parseFloat(f.css(a,"marginTop"))||0,c.left-=parseFloat(f.css(a,"marginLeft"))||0,d.top+=parseFloat(f.css(b[0],"borderTopWidth"))||0,d.left+=parseFloat(f.css(b[0],"borderLeftWidth"))||0;return{top:c.top-d.top,left:c.left-d.left}},offsetParent:function(){return this.map(function(){var a=this.offsetParent||c.body;while(a&&!cx.test(a.nodeName)&&f.css(a,"position")==="static")a=a.offsetParent;return a})}}),f.each(["Left","Top"],function(a,c){var d="scroll"+c;f.fn[d]=function(c){var e,g;if(c===b){e=this[0];if(!e)return null;g=cy(e);return g?"pageXOffset"in g?g[a?"pageYOffset":"pageXOffset"]:f.support.boxModel&&g.document.documentElement[d]||g.document.body[d]:e[d]}return this.each(function(){g=cy(this),g?g.scrollTo(a?f(g).scrollLeft():c,a?c:f(g).scrollTop()):this[d]=c})}}),f.each(["Height","Width"],function(a,c){var d=c.toLowerCase();f.fn["inner"+c]=function(){var a=this[0];return a?a.style?parseFloat(f.css(a,d,"padding")):this[d]():null},f.fn["outer"+c]=function(a){var b=this[0];return b?b.style?parseFloat(f.css(b,d,a?"margin":"border")):this[d]():null},f.fn[d]=function(a){var e=this[0];if(!e)return a==null?null:this;if(f.isFunction(a))return this.each(function(b){var c=f(this);c[d](a.call(this,b,c[d]()))});if(f.isWindow(e)){var g=e.document.documentElement["client"+c],h=e.document.body;return e.document.compatMode==="CSS1Compat"&&g||h&&h["client"+c]||g}if(e.nodeType===9)return Math.max(e.documentElement["client"+c],e.body["scroll"+c],e.documentElement["scroll"+c],e.body["offset"+c],e.documentElement["offset"+c]);if(a===b){var i=f.css(e,d),j=parseFloat(i);return f.isNumeric(j)?j:i}return this.css(d,typeof a=="string"?a:a+"px")}}),a.jQuery=a.$=f,typeof define=="function"&&define.amd&&define.amd.jQuery&&define("jquery",[],function(){return f})})(window); \ No newline at end of file diff --git a/js/login.js b/js/login.js new file mode 100644 index 0000000..32c8f28 --- /dev/null +++ b/js/login.js @@ -0,0 +1,111 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: js/login.js + * Signature: 45166f2fb1d14bc62137b8dc74f14cf1 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ +function getCookieVal(offset) +{ + var endstr = document.cookie.indexOf(";", offset); + if (endstr == -1) + endstr = document.cookie.length; + return unescape(document.cookie.substring(offset, endstr)); +} +function GetCookie(name) +{ + var arg = name + "="; + var alen = arg.length; + var clen = document.cookie.length; + var i = 0; + while (i < clen) + { + var j = i + alen; + if (document.cookie.substring(i, j) == arg) + return getCookieVal(j); + i = document.cookie.indexOf(" ", i) + 1; + if (i == 0) + break; + } + return null; +} +function SetCookie(name, value, expires, path, domain, secure) +{ + document.cookie = name + "=" + escape(value) + + ((expires) ? "; expires=" + expires.toGMTString() : "") + + ((path) ? "; path=" + path : "") + + ((domain) ? "; domain=" + domain : "") + + ((secure) ? "; secure" : ""); +} + +function DeleteCookie(name, path, domain) +{ + if (GetCookie(name)) + { + document.cookie = name + "=" + ((path) ? "; path=" + path : "") + + ((domain) ? "; domain=" + domain : "") + + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; + } +} +var usr; +var pw; +var sv; +function getme() +{ + usr = document.login.username; + pw = document.login.password; + sv = document.login.save; + + if (GetCookie('username') != null) + { + usr.value = GetCookie('username'); + pw.value = GetCookie('password'); + } + if (GetCookie('save') == 'true') + { + sv[0].checked = true; + } + else + { + sv[1].checked = true; + } + +} +function saveme() +{ + if (usr.value.length != 0 && pw.value.length != 0) + { + if (sv[0].checked) + { + expdate = new Date(); + expdate.setTime(expdate.getTime() + 31536000000); + SetCookie('username', usr.value, expdate); + SetCookie('password', pw.value, expdate); + SetCookie('save', 'true', expdate); + } + if (sv[1].checked) + { + DeleteCookie('username'); + DeleteCookie('password'); + DeleteCookie('save'); + } + } + else + { + alert('You must enter a username/password.'); + return false; + } +} \ No newline at end of file diff --git a/js/register.js b/js/register.js new file mode 100644 index 0000000..45632f3 --- /dev/null +++ b/js/register.js @@ -0,0 +1,77 @@ +/** + * MCCodes Version 2.0.5b + * Copyright (C) 2005-2012 Dabomstew + * All rights reserved. + * + * Redistribution of this code in any form is prohibited, except in + * the specific cases set out in the MCCodes Customer License. + * + * This code license may be used to run one (1) game. + * A game is defined as the set of users and other game database data, + * so you are permitted to create alternative clients for your game. + * + * If you did not obtain this code from MCCodes.com, you are in all likelihood + * using it illegally. Please contact MCCodes to discuss licensing options + * in this case. + * + * File: js/register.js + * Signature: 4bea7180c37e405b9005226355cea1a1 + * Date: Fri, 20 Apr 12 08:50:30 +0000 + */ + +/** + * Functions for Register Page (mostly just simple AJAX calls) + */ + +function CheckPasswords(password) +{ + $.ajax({ + type : "POST", + url : "check.php", + data : "password=" + escape(password), + success : function(resps) + { + $("#passwordresult").html(resps); + } + }); +} + +function CheckUsername(name) +{ + $.ajax({ + type : "POST", + url : "checkun.php", + data : "username=" + escape(name), + success : function(resps) + { + $("#usernameresult").html(resps); + } + }); +} + +function CheckEmail(email) +{ + $.ajax({ + type : "POST", + url : "checkem.php", + data : "email=" + escape(email), + success : function(resps) + { + $("#emailresult").html(resps); + } + }); +} + +function PasswordMatch() +{ + pwt1 = $("#pw1").val(); + pwt2 = $("#pw2").val(); + if (pwt1 == pwt2) + { + $("#cpasswordresult").html("OK"); + } + else + { + $("#cpasswordresult").html("Not Matching"); + } +} \ No newline at end of file diff --git a/lgrad.jpg b/lgrad.jpg new file mode 100644 index 0000000000000000000000000000000000000000..902fe5482bbb653e9ce001a53704d1653c8358e8 GIT binary patch literal 321 zcmex=iF;o{=v;^GnD0RsUZK7IjyJ|1CV5fNcw z8EI*08F@HhWM^mR<>8eO5Ri}(6%>_%OAyQWe}F-d1L#O$W=25' . $set['game_name'] . ' - Critical Error'; + } + else + { + echo '

    Internal Server Error

    '; + } + if (DEBUG) + { + echo 'A critical error has occurred, and page execution has stopped. ' + . 'Below are the details:
    ' . $debug_error + . '

    ' . 'Action taken: ' . $action + . '

    '; + // Only uncomment the below if you know what you're doing, + // for debug purposes. + //if (is_array($context) && count($context) > 0) + //{ + // echo 'Context at error time: ' . '

    ' + // . nl2br(print_r($context, true)); + //} + } + else + { + echo 'A critical error has occurred, and this page cannot be displayed. ' + . 'Please try again later.'; + if (!empty($human_error)) + { + echo '
    ' . $human_error; + } + } + exit; +} + +function error_php($errno, $errstr, $errfile = '', $errline = 0, + $errcontext = array()) +{ + // What's happened? + // If it's a PHP warning or user error/warning, don't go further - indicates bad code, unsafe + if ($errno == E_WARNING) + { + error_critical('', + 'PHP Warning: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else if ($errno == E_RECOVERABLE_ERROR) + { + error_critical('', + 'PHP Recoverable Error: ' . $errstr . ' (' + . $errno . ')', + 'Line executed: ' . $errfile . ':' . $errline, $errcontext); + } + else if ($errno == E_USER_ERROR) + { + error_critical('', + 'Engine Error: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else if ($errno == E_USER_WARNING) + { + error_critical('', + 'Engine Warning: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else + { + // Only do anything if DEBUG is on, now + if (DEBUG) + { + // Determine the name to display from the error type + $errname = 'Unknown Error'; + switch ($errno) + { + case E_NOTICE: + $errname = 'PHP Notice'; + break; + case E_USER_NOTICE: + $errname = 'User Notice'; + break; + case 8192: + $errname = 'PHP Deprecation Notice'; + break; // E_DEPRECATED [since 5.3] + case 16384: + $errname = 'User Deprecation Notice'; + break; // E_USER_DEPRECATED [since 5.3] + } + echo 'A non-critical error has occurred. Page execution will continue. ' + . 'Below are the details:
    ' . $errname + . ': ' . $errstr . ' (' . $errno . ')' + . '

    ' . 'Line executed: ' + . $errfile . ':' . $errline . '

    '; + // Only uncomment the below if you know what you're doing, + // for debug purposes. + //if (is_array($errcontext) && count($errcontext) > 0) + //{ + // echo 'Context at error time: ' + // . '

    ' . nl2br(print_r($errcontext, true)); + //} + } + } +} \ No newline at end of file diff --git a/lib/index.html b/lib/index.html new file mode 100644 index 0000000..3e3bd3c --- /dev/null +++ b/lib/index.html @@ -0,0 +1,11 @@ + + + + +Forbidden + + +

    Access Forbidden

    + This folder is not designed to be accessed directly. + + \ No newline at end of file diff --git a/lib/installer_error_handler.php b/lib/installer_error_handler.php new file mode 100644 index 0000000..8597365 --- /dev/null +++ b/lib/installer_error_handler.php @@ -0,0 +1,114 @@ +Installer Error'; + echo 'A critical error has occurred, and installation has stopped. ' + . 'Below are the details:
    ' . $debug_error . '

    ' + . 'Action taken: ' . $action . '

    '; + if (is_array($context) && count($context) > 0) + { + echo 'Context at error time: ' . '

    ' + . nl2br(print_r($context, true)); + } + require_once('./installer_foot.php'); + exit; +} + +function error_php($errno, $errstr, $errfile = '', $errline = 0, + $errcontext = array()) +{ + // What's happened? + // If it's a PHP warning or user error/warning, don't go further - indicates bad code, unsafe + if ($errno == E_WARNING) + { + error_critical('', + 'PHP Warning: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else if ($errno == E_RECOVERABLE_ERROR) + { + error_critical('', + 'PHP Recoverable Error: ' . $errstr . ' (' + . $errno . ')', + 'Line executed: ' . $errfile . ':' . $errline, $errcontext); + } + else if ($errno == E_USER_ERROR) + { + error_critical('', + 'User Error: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else if ($errno == E_USER_WARNING) + { + error_critical('', + 'User Warning: ' . $errstr . ' (' . $errno + . ')', 'Line executed: ' . $errfile . ':' . $errline, + $errcontext); + } + else + { + // Only do anything if DEBUG is on, now + if (DEBUG) + { + // Determine the name to display from the error type + $errname = 'Unknown Error'; + switch ($errno) + { + case E_NOTICE: + $errname = 'PHP Notice'; + break; + case E_USER_NOTICE: + $errname = 'User Notice'; + break; + case 8192: + $errname = 'PHP Deprecation Notice'; + break; // E_DEPRECATED [since 5.3] + case 16384: + $errname = 'User Deprecation Notice'; + break; // E_USER_DEPRECATED [since 5.3] + } + require_once('./installer_head.php'); // in case it hasn't been included + echo 'A non-critical error has occurred. Page execution will continue. ' + . 'Below are the details:
    ' . $errname + . ': ' . $errstr . ' (' . $errno . ')' + . '

    ' . 'Line executed: ' + . $errfile . ':' . $errline . '

    '; + if (is_array($errcontext) && count($errcontext) > 0) + { + echo 'Context at error time: ' + . '

    ' . nl2br(print_r($errcontext, true)); + } + } + } +} \ No newline at end of file diff --git a/linegrad.PNG b/linegrad.PNG new file mode 100644 index 0000000000000000000000000000000000000000..23bd51213bd334682640982c99f1a4dab91cd295 GIT binary patch literal 142 zcmeAS@N?(olHy`uVBq!ia0vp^j3CUx1SBVv2j2s6ii6yp7}lMWc?smOq&xaLGB9lH z=l+w(3gjy!dj$D1FjT2AFf_C + WARNING: you have not deleted installer.php from the server. +
    + We suggest you do this immediately. + + '; +} +echo ' +Welcome, ' . $ir['username'] . '! +
    +Your last visit was: ' . $lv . '. + '; + +$exp = (int) ($ir['exp'] / $ir['exp_needed'] * 100); +if ($ir['hospital']) +{ + $geninf = + '
    '; +} +elseif ($ir['jail']) +{ + $geninf = + ''; +} +else +{ + $geninf = ''; +} +echo " +
    You are in Hospital for ' + . $ir['hospital'] . ' minute(s)
    You are in Jail for ' + . $ir['jail'] . ' minute(s)
    + + + +{$geninf} + + + + + + + + + + + + + + + + + "; +$ts = + $ir['strength'] + $ir['agility'] + $ir['guard'] + $ir['labour'] + + $ir['IQ']; +$ir['strank'] = get_rank($ir['strength'], 'strength'); +$ir['agirank'] = get_rank($ir['agility'], 'agility'); +$ir['guarank'] = get_rank($ir['guard'], 'guard'); +$ir['labrank'] = get_rank($ir['labour'], 'labour'); +$ir['IQrank'] = get_rank($ir['IQ'], 'IQ'); +$tsrank = get_rank($ts, 'strength+agility+guard+labour+IQ'); +$ir['strength'] = number_format($ir['strength']); +$ir['agility'] = number_format($ir['agility']); +$ir['guard'] = number_format($ir['guard']); +$ir['labour'] = number_format($ir['labour']); +$ir['IQ'] = number_format($ir['IQ']); +$ts = number_format($ts); +echo " + + + + + + + + + + + + + + +
    General Information
    Name: {$ir['username']}Crystals: {$cm}
    Level: {$ir['level']}Exp: {$exp}%
    Money: $fmHP: {$ir['hp']}/{$ir['maxhp']}
    Property: {$ir['hNAME']}Days Old: {$ir['daysold']}
    Stats Info
    Strength: {$ir['strength']} [Ranked: {$ir['strank']}]Agility: {$ir['agility']} [Ranked: {$ir['agirank']}]
    Guard: {$ir['guard']} [Ranked: {$ir['guarank']}]Labour: {$ir['labour']} [Ranked: {$ir['labrank']}]
    IQ: {$ir['IQ']} [Ranked: {$ir['IQrank']}]Total stats: {$ts} [Ranked: $tsrank]
    + "; +$q = $db->query("SELECT `content` FROM `papercontent`"); +$news = $db->fetch_single($q); +$db->free_result($q); +echo $set['game_name'] . ' Latest News: +
    +' . nl2br($news) . ' +
    + '; +$h->endpage(); diff --git a/login.php b/login.php new file mode 100644 index 0000000..c9811fd --- /dev/null +++ b/login.php @@ -0,0 +1,99 @@ + + + +{$set['game_name']} + + + + + +
    + + + + + + + + +
    Mccodes Version 2
    + +EOF; +$IP = str_replace(array('/', '\\', '\0'), '', $_SERVER['REMOTE_ADDR']); +if (file_exists('ipbans/' . $IP)) +{ + die( + " + Your IP has been banned, there is no way around this. + "); +} +$year = date('Y'); +echo "

    > {$set['game_name']} Log-In

    + + + +
    +
    +About {$set['game_name']} +" . nl2br($set['game_description']) . " +
    +    		"; +echo << +Login +
    +Username:
    +Password:
    +Remember me?
    + Yes + No
    + + +
    + +EOF; +echo "

    +

    REGISTER NOW!


    +
    Powered by codes made by Dabomstew (© {$year}). Game Copyright ©{$year} {$set['game_owner']}.
    "; +print + << +
    + + + + + + + +
       
    +
    + + +OUT; diff --git a/logo.png b/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..0a095e673c05ff43077fe4d5d9aa1c37b5d7aa26 GIT binary patch literal 54642 zcmW(+1z6i`7Y#Zb1`Kx}6nA$W&d}lRTHM`bxHDuhhP%5DAH&_<-T!`no}_8hrg_@? zzUSU^?n$JwqBJTJ0TKWJsIoE=ssI431$pj)01bJ}=O#>s><}Ggv|RuI8SB3d3dqdH z0{|oiD{*mUWlIOJgNvnuBbltYIGLlfgSnNh8RYDx95r{Xq83>I)(!l=oFFM+QbNhbw{>y~tBznL{Oq%a|1=awsYN!C;0%^RGO#etn0Q4uB4OlXaz0qC^ zxB&pTfbsP316K>bKvg*a(17DC6BXvr=6i6fGL0rc_8r)uz}!cMN>BxcnZ6EV1H*Vg zwOXAi5&-$Rww^v>6u@s(;N(VD2o6{%OYf?bP+=!AVUl^29WVU1L7oD<1l3MFh5xSc5Rdz zIEFUMKmpyODdTBh{<32?r%VyJUtMf$k#F_d)`%J5e#S6I+@Z)$%c8`R*@uyzKmh=P z$LXFo9^r)jy`9ZH^L^X%n}LEin+pdDA@a-hxAqulSO7zD@_fl)cXtlPaR{o~wacdT z8?dASSgt?nu`eV3&_SB=dW`nuc@ZJW%~u{4ASOaWMn0uB&hKE^juv`n-*niB_Pc|; z`?l`p zF0>K6ga`^%w*ZD1{7wK7Qa)a)DE`-Oz6IEZY8ZkaA2T;G>U&suQ1>@5bpwwbap4W| za(nUG!w_LbhY_%h$oV2Z8pkbAOd#N9#KBS+$#5hF6pp_Dpc%q3+129Ii03pR*5Y>iMA)5cbdEp; z9UXvmf}kIQ(Q6x&kRYukuOC`vlT%TF*t;^mzE;wmr^~o7v^KXhcRDGf|gV{ z%^5ifc`mg+EgF_Vk_;8vNaBtn5;=7On=G=djm)wPW06{s&|eIzY)~rd~f^`ye53+4EbWXnY4`IuPpOygc%m;=;;pXTJ(4HKA*n-!A#*x z(Ma)2+5i1j-9=q^*7G;=*D`hVGJOr-Vkz}Hi2crNruOrCgO0s_v@s%9APv zg`EbkK~E;AwPB%BKf+`RznU}+;>VKX46>PBYKhG`Yrq_XY|<5sztujT$h*Nk6S^^b z%d3gI{5CH)|8AbM=QIw5HdwQ9!Mm6(H$gsuI^oR-!zj#HGiP04Ug1~4z2vpjxnz9m ze2Q~=ymapBm?M${%DLsUEzMpJeP z&RYLA%-j}cwPmeTEZY5B9TObzEqhjA$|4-m>k~W|y}7v8+HxA(&MC<%>AgTSp;Bxv?DaR?(cCShzNLW)z`MVkn5H z+N91&4&As{gpVfdD;A*4=}&(Uaz5!0KCz6^$dk-{j0>AYSjX^lD1MYb9BV{~*pRl3 zXePD7&%k~3#r{ms_M7QQrCtr}1ilB&mG5XjTXe)-#+Syl@Go08I=fkvTidGInw(@c z2Q>d~4)h3rki1O81Y=Plo<{EUFZ2sWZo5G5+h($7?__>W1)Egvt`xN3?j25y=DG`L zb808}@Pwvgrqv4X29t>?Gvg`kme?y0V_k)0g(^vQ7Q_~))HF5A2_)|2Xr$cntn&Mc zKUsz;Nx2TPBPyvfcz(xEY@xhX(2$s0E1z6+T4dx+&Q8uQR7JH)t!J2LX`*XVGG|~& zLf!G)v-?As6#nOahw{E4Rll&O3$!*CjLo_-r^EMLCL=PJDO%JJ75)p)HaYwBF2S(@uwb@#qT3nu==zjmH{(%!(} zp=r}0>3eJc_bg~Np1_!}wQJ9BwOQI-X&^V=`=|GZJIV87Yp{duN>x`^Eux(&S1gGP zpW|*;fWuPOX{LLFqYgbhct zAA$cl?Fzhy*?9)a+M?(zHeM^3y3E%uHJtjR%DMc9@pF>JY zh)U3LWjc|xSyEeqHTlO+9zBDS!osD5akeQ z`-G?9W${bJ#Io;s^Lgv~PzPxS-HXVZ^7ZtS$xz9Z(!J2W&)W<0eaQ7Q_1`>pNVN%T zA*vt>05x$w&niif*JLI#stN$$MGXJ}!2t014%r_9fGZ0C92o)tUpfHbIwTqlNCCi~ zcv%V2uO3S$zMeir7QS!yIX3HyF6OSM2R9FL8kgVInTq-oY{kTO08x8HEetxjZxJiV z$T9>f2USSQ)=kMeA*l#-5@^X)E|MbAT)aL+qbE3LrsgAq2v4BwLtSoQZ=I#gv2^b*(i>?I_XJ{!Ix4 zu%4Zs>NQxWP|4(4^DeA2kFw!Nel&>*ZEejA3xfxgv3JAQpZ+z>&e^O48sqYKm>LC& zwP48>8)f2c;)V1Mes|(Y)W12lh_g&j$&4(90;u?$?5m6rICGz3SW?H)opG(Kt=X7E ztul)_IsVfwyfwF4{i!@bZ7P|zX=^2{JvagQau+z@d}sZ~vPo$^W-FHN($#jo_7 zoSZ2Wrdp|j(UkGAvA6A4f2O7jcXxL`?e6~k`7;y_E{N#(x|is}+%@YN9U^4JDrN3lMq3*KUh0T*pzqF9_AstSc&+TDp%f3$eu zl8vFb)BXE*2@?f=zWg}ZtZECHeyWUKBGE}fA$C3sMnyXnIo0nh64zhj z+G;9xTal_zoC5AUPmCoC$L@4y3{ppg;Op)6MgGrah8|9pSDV} zEltw6xvL&G0M={Lso0AdV?!CL)uBq1r?Jyu=wtEciwB!pTl-Lf@9i3@Yzf}xrJv6A zHn&;Ci`5Qpm=zGnO^cw|baf;fTUI!7#4gKYOG-!bMNIW)iLzqjhm70Y&ix9TG!u)q z3MkTMthR_oSt1Hh`dCz0NaCf7ixWqRUWtBeeC2rhm!!l78od^nyvB*qjw_@?A_rGi zSyPb6nvsR zir6uf2y{>e6LbB&DLU=eMdRoDxD#0daNw1=;RBRk@yT1KesaxLSzB8pg^F$ZK>;u# z?$QpLN*}C*+(bxJ5@At*ATq-k*1>#b8I>SHF582nBP94>00Ra7+qZ9$Dz+gBm$bt&$yc-wKo&=~cThoa7)mH)l`A{uRG&Mo&(&=4Ygp_1xC~4Pj>O8mIQiFGs zJzlGkX`MFKM+H!k6~T48_&jAM7cZ|>({hEzao+HCISLBX?;<_8xEj0dPS3lnRBUt1 z{-B!N5!2eI!$yJ(sZ_8oMl+aZV2OTVVLX6KCG=!-b%sRAj1JrDxS|Q|bJWoGcdF9n z=7m!?{v5>^*3nvoZiyZ(P_ZOMhWy~6qa%^K+oX-P_0cb`;3b;jAqb$W_ z@fs%N@}Qp@p&d4)(CP=qkH!7Ou+rwsi!YYT zosmoCfgX_sfjGImxl+)ZGuvFLPyrYN^OQ}T?%r8Ga_CSP<`a_NW)^>Q>@*IwQy?cs zL`wJ6Qtf_NtTqxiF!)i$oFFb2Us6*uoh<9^?aj~6PhKN2S*@uOd@lDfry^hmdkUL{ zqrX^c;!!*nLvp5kzC@9FR*Y?0B^HZpE*md;N7m!p`!IYn5G-0*KmNpVT z?Quc7*-%`~`$O01ssDLZrUP6f<|2LbLPJ8fpRdPNWLh4A60Ix+tNWR*Y+_VY)QWx6 z=;4m%TKllJp3+a%8ZG%54#2TR*FqD8`*c^+K+yT-7ibiM!2<&WL1bEXTyw_xmIN4l z^Y<>c)*<;WN*F<3+z=7sO;j)<15+8F9=F?c&ipSx(>?4#va-p)caMsT2ODgb5y{(T z4GY)T7nf!lom_pzbNnB#ic=UM!ABtf{afg&(7T}K-|sBiD9^rAfDk?|u)Wi=b{PyW z6SmagU(~4mt2F$qyJj`?NGUqV6X6DIqMh(9i_diNi&xx7ZO}&C8du6MPi$-`Q$#A! zJu^hWBNrD|R3*8=W_~aHcK&IZZ;twF!_S}8KFuWsAvw%aWpdKdc4`8E!mi_mUJtn> zlq7i=mllEX(uHSp4Tczpq*1h_I}cliJO_a*ACZNVPg>t)joIjl+w(PZd%}q6Uv^<_ zmHOpV97v$z3h2U&cv4Yqbm&u@`G^E2{Ub=tIkCNNQ_?zH_9oe>tm;@=jqt)0`5!*K z-Af|FykC!h`}h}im1omNjz(?%Pvf^LCc^1@-o>wcl3HCs7hi#@sAA%29x=_mVy zpaE!l#{ffd4dm(=Q59MsQgl-+V1(d2gBVCfRFOx(7KI?&?|ZI1$2qNTVm%vf+ZC4O z3d<`B(y9p61uXqIR+^CX%AOa#HG=cjMlOXJ0s?~MO|*CtSIV88?y#O-iZCt=ulcH< zG?b=v!6q@yT#h6@#0UXm5&2fOH9W*|)x`r?h{xIkZ5<99E}%te0>!E70d zKmV3~rGbPb2PZnz2oK35vsgPdCrVQ9ZbD*}%hx;fqt=e8~t2CT^Xn~vxPL8d-9SXu*(2i_9)-(7@!v2R0><2$O4g|=RQ39Pl}#n&IIa)dAuk#<)Q>_NJB#yH0VE`f zVQ3k=_8|H{LO_B<3|xNMe~ZoC#_8!P;5aiI{bXP}Xql`0aT&lQOD~z{ojWTZAM^pb0%;Tl+xtmZxrB-UnmLd1^ zZ$`}L^%{`PCQoL8R#=U^lFfGn^8Q2TMY~4y^*#Xs0grh$2a1f>p|~dPu-5y@c6qkf z;JmIt%l4N{=i#F3gdSxCj6bGzz_3phMI_Y${J0Z%ZrGF!%(khg^Sq))`1VG)zIZc8 z*h&2b83}3ZI1+;mg)&7hBcC+{BW>o8rwlCYP-tSJ*Y(~pdI(}>W=<(8D4^)st<|YG zdAvfK7-Niz76qZ+czZoDEru%-aH0&Gl4pczVQ!rS^-15q+^)|OV_A4zKJwawHXOAo zDzEcE*-!0$Rr3~F*lDii-B6)ubdCX|QPqdUMTTxG)X;`j-9$W|T290|ugYSFAAg!t zKxbnj39jPxDl=+wS7@DHKmFt@xHJAM9#LFsG#dk^COAB>6AVO-0x;pVp=FbyL^N!w zL3BNxb8~aE3b%e$Q;p=m=;(nEF>-+JbKl72n%EVzP5g%)5 zXPnaElv%aCOl=r8c$-Z;+YxBCnB?5C1AvbV5dQ#?)j7=jbdD_EpPzGa^S&I?WpUcN zwH=y{n?i6cX2@8F%J`s_4q;!$F;1%RnAA79;1H6m{{H>Dm57=4Um6NC`zV?7Vg83z zsVNA5E&jCouZUUzlS=Owk#ra_;zTQ%B9WZhV$^oy0i^Uxw9Y)d4EM)4sbmbRD=#x` zAYgUm-g4`PfY~6HG#AudM^ZINs@CGAT0%_}dU5dAu2)DQd0!NHn5+vz z09q38R}^7If0dP8&&|({_{k=F|3jOQwifO8;QsIwO@D<~cMTwtt- zol*lzzbr_Uk7z8Y!H2Q>b_fS_DNzupAktYk)Bdvap@w8y!J*VR8Z-&S1s1~zLwr-A zsDEw!Vrm4tTGiEtRB#V#T$8=a;pNmTvrf?>GR{mkg)#O zuQyxK%$ZHbi3wEX1$3GDFDQM6aVB(sdTSSqBjpuJ^AjNTgLDt^{<_=A8awfl{kB8w zpjxzPVDi#_O3V71-~kx7>O#{*hZY|Outb6~dpxxXZz9Ee95#bXkUb;GF1DNVZ#IEa zAZPi@A~>#-aR|E2IrqEo^1E7Z^544a(!OmN&;&_gn;m#5qUHRTmNd%L9or_SXQLtU z^M79UpkRg2rt(oCie9faWL^Tl+Cd{&hX#tLdHyJC4iEPjx zIPxZKjtce{s{_R4FaT2}rd7wr$M&~c-r0QE-_E~iNDHPuD^E!v44Q`U{W%IViZRPB zgmZP4mVT%vz%uO_qqeoQwY}loS9^|>@_K%5OF4V`bSp^6&BfVR{>uusJ4f(TZz0RDeQa8^3-qM`bX6<+L9?L}6+XD*m;eeuU{#WXPY_I8r{#Ryjf;JKzioTtcW6r# z`-TdG504jSbiw}bZgp^!%+M-CyU#i>GT&|=6+uBqW~LsWr|`HH2MsyMagJ6weB4c3 zPfx{Yv#hGq>tdrvg5skR6=tMF;PNTB#Ur=Lk!ZA*LxCM+)8pagMHt7o&s?8O{*vg`Bq>**~R`Tt}-|lWKiq` zRpkB8)4|5Rma+~oTC3;C=SKYK?#8~sJ17`{K6>geZ?#BkNHs1Y<=9ceh!{PL4u_hH z-D-yT{33O9oBKUX02v}JI>YSu!NI|Kt~b+CghP<&?ac3|V)J2E^IkXzOeaa2etmoy zzka`+$I3TE09XbE0;uGoF#kmyT|d$0b-3mGhctzZ&^+BZxP#>GjU4MQJ>(fV>Vx@v!) z<#Rxps?v5LgYdu|628K;DBOXlhG-ZV4-}O6BYUiKO z89T?p_hxTnMKZ|z_7tJ)Sy3I^afA@b&JAZg>V$!asD?9$E zV4~gl>({}`PjjilX$u37&5e9c;#SrWSwJE=0 zsS)lQF7@{Eg*VX@UL+Uu;wt78WNg&1qeuD|fn2|e8(URTS)or0QpR|^Op{`*X2?jY z;ZtTw4q7Ep;;P67hr;E;5W@4rrwcgl4^`>D-)OkxOiWBTQq&X_*Oa@86i?sRma=Y%?%g?$%4kAm(6rhis60M4VjWHW5eRe zLyP5e2RAnl4<0;3IJ!)A*7Kq72PC|F9Bw<^bzP5Hf1>{8y*kSzw~H|>l8LU!IbDxwO3_?Pr}ZK~1ke7_~z8&)fzltBp?% z=T@)#q!PxFr>_p{zV`+%tLrc0uJiiG&MmNM$Jt@4oi~5K@VlRJv>28SseRQt;5#=e z7;3iCQi!qpTpJh)73MdOCN}wE7F;FtUubuq!(x?uogS$lS|S250EmKuB9hIXia;tH zXu|G6h3-Kcoq7(1d>x!!ov%HM;i11+f${G2P9Z39_a!B5l_j>3R@GbeFyl(*02@{_ zZ@_6h4~$dWO0G5YsCoYMnBe=9nqF{@fm+5)B+Z^^;ML3g?HY+kgLH; zaoMsYNr$7~@mAUMbk$>IMEVL$5{7-8tG|ql>)`n}h2imC5&)i8xIl-7{J8nju`FzF6EWco$>c?dKtxjbBFYC0*<2nlnqNy8eS%FqTsd9O-5FOM{2^;h59Z{x z9FH#Js9q+Lh~h7rVAj;1M~=2inBsge86dnTClO0LLlLGdp^Pw(Kj~3@I~*~RF_#EM z718>~#G^ASxw#}=>s7xyLNH_#dW~ksUif>6J=l=E1bMNOsjDJ`D$4k{Dzy*qWoZ+H z$zWN|5Py{|J%3dnH>jCqfXvP#f_CREQi9Icnb`H`+96EDn))6x336cRg-wLpx$7En z1|gszpxF6Mr4Jy0k`7LR`5=V_<2(2WCx(SG-dmWyuNRhYwe-+0G2OBm3MlL7c$F

    M%IuiIk3(xk+gISjw*N_6^P8A#Ku4$*RFdq=$aer;G&06O>oja!a{Kw$d=-ZzS&+4@uWzX7Z*TOF}7q)kLb1RPv_XFBrbi+S>7x^leI3y`U z!0zr@&3GYXgAd7_-R>fyllD%tPiGLcb}c)0q4QX&$Z0bce2prg)32H@=gDkC6QD7w zm}bU0eX?kbTXPEi!x~W>QyvEbk-@g2;S<;LnY#Avbh0ao_Oo`g@!rFS2ABlwclY#d zOch^lzJ~sNxke2II3%I^v^+^r#AoWKYihO%3S8>>V=lKOqvfcrp5usp9XjzNC5nrS zqmYmltPiS}J#)GB!f@hD@CSRHG;-Y+Y%e{0_;3jEh)lKTb|KlAiDA+}S#rrEdUxC3 zZ&LI9)V~h<+etl}6jvD`(5-A~$=2c&{`Rmvu@r*l9KT2T`D7FK0{W>d>#l5g)pdH&r~DJD89+4Usl^k zfeTZ`(EJzXZtwzA7H1KR7Vmez&n35p|GnaT(Y9z@=WzU!@(8{gM#} z83~janN-0)15HG_=N73|%uO~&{4uX8KdBU0RS+vc+AU>-b2*?`Ofk$zSZ3Kw2+>qe z?Wofv3z13WU=c{s16p$_MLzjD><@ zIwNjK_><<%$#Vk1IBeQes6Q~OQ7*EL>L5g{9EW9DaT@!A$oV3SnoXeoeD@kXgau0i z3D78;Wr>lYV&mhYLF#R}9{YrY^W@NK1tG4G7S8?2Vxg6eii(P;Xy7-Du^q2E=i<*v zwIG`st#XaB)lCS|`fm&nsH@MK*JY4Ml+Ahtl5L%GKlhoK2tQ5xyS>d2x2I6lU;_v6 zwn#(@N<=MXXKcZyO1l_54Sg`IAV((3j8ghE66<%R35|;zH6PbD200Sjl9duW?7KwIm++`u zKUW8;IGO8GH!%Dv?O40`M-hy;M>w;QM1F?iHV~)OenUit^V(Cjy$@`S_e1-?W%vS1uSZ+QTnPOz@I(P`>n#QO)x_qDH3ve z`oDTgadCk`#gdsr@DfB|YTPA{cY3vJ5}bWKlHf3Zs-i=ZRJ%B~fN|BtPD$aFrE(es zV>l6+DB~FC4K2!rh5f_TKYQw07kXOte=2c_5}&rbS=`TCZ?VxdGyAz{So^DbiW&jZ zzA#!um-`48@Rd!dv|ZOwoJ#=f^R>OSjD+*i!4{<6ayf#qI7QqXqBVQ>yaibEWh0gv z_LPVduT$D2aekgP&i70yt2b0`e=}eA=d0Hv#nE!!XGrYxh?Z*nUG{Hweze)voHssK zJuJ-Y^F2ImED)wh9>`0zB{yEK;ggH+V>e^5)l`jkL|Al|hW zaPddXH>aE<^N21177Fy#F{`OtEHLN2G1wB8B+b!TwqAW&n#i4iMBmIAoP{Gz^3hy(@G71OvO>ro=WQUr0#@K1t z(B~-9Bo(85j2?h6(AvfFReNsa810I=Yl9LRoM=gtnF(lVHj>HRU&=Rgfu)+z(r>;dC1p&sWgM+xq?Qe6Pr0@64Ib6@L_p6%v8g7az7ZCQ$=W$`kWT2b~Nl1F6 z^%T~bwXZEF9#vn&xR4!BO6wBVgZZqF3Q8qRO(&(iSDhs69LFMbs=C}RodJ)_eFj`D zcdzJxBBN)u)zWW%stq13kZ41OsmCekqs9BTWArZP^(}fT?4G+<2b5%{Qb^t4JWc!z z?Eqv?Tc-WxTH~kWD7>h^*(m+Ye|~Uy$lBJO7ny^h;l&0^f~#9-C4r$sIOp2EG#6LQ zRo5YIFAg%E#zv=>MYHNzER5tN2qL%jncsUm~5RK}tgcje)gaktQ6XN|l1k2lOnw4Vplhve`$Vr581DEBZi zpa4uvL>R!<*5>KKcl~X3nIe>oD5DsJ6JRB~BPsfJKzr0hHQG*t2x&;PenSO!-Uw@s zb@)6638Lg&W3#az{aTKbLKkS-_^srx{8ud(_ez6-jDwT&XIzX7$z%(fB1CKdk_yUz zP@kUQ4^8I_|4Hu9P0Ocl(FF%!K4P~v#PH(t1S7oEZM@Wm1HQ>?2nkD3EKx0`8d;R! z@d11AWXSWKxV5d?*Da2XYo`jf(I(3MOdQ#P5WYwW8d_S~!69iWY2LU(R1-cpLuH`5 z`eY7ACi}O1Nab_us#Ng7Q9bkl4_#xM2`Frq(T=A2(cwE7se0)4^^0<0hQME%=?Y_XCfBAGs zle78$?b-^H=Y+>z%ef|_KGS#?c{d~ULdN>e_|WG&HX2V@XWMS zy&g5RZtXoLryS)5p6M>i2l#cfv$(i8c33g2&3*#L73Q6`$w~7-Rbr@a&wDMQ{`yj* z1|+#J-X<0{@%Y41a50kP=ZgGL3UHzbH=m!M@~qmKY=;8y4S!`=x4<9pnX-wfO2vq9 z7#Z4LjuyyaV!|WBAQ-j^Ds6<)Tx(!#Nbb@l5nO z@nnsg*WqU|=8P1nm42m9k>3Sn$V*Xtteg9+Fw;J3z3Umn+Nd?=BwvzdHOvtuhH$u8 zZjTpMY2m6jX+Hj4mMueuYU|R2gCHj}GfIM@6r8!u;{uAg40^oQPWAO(J~K5Z0s@Up z*$&rE^OuDi7c?TaP1GzF(0W-=emsKgEOHu~8i^2MA2eOM6get%ah7=i)5yNpF_Pr*j&Ru0ETl@M!FK^Q_ z*o6O!ZrZ=;`)&jkriUqOsI*UvpR?Y^>zF@BQH)+?SVsm096PUOUQL<7XHMXxUEQ`R zRF_{rw({`@TX#YH5?S*})y38XfJ|bMRVD{}@mFaUoVjwFiW@EBlK>dXu|1zv8e)#D z%VIVRrQUzdSJO7_9Z1W%jKD9TND~S}WJUx#o|6JQo>%}N>Jz@M)9l4FmBpS7nW`gM zTIPclBXk2*`)%eN1I42O@>uxv5pnp}RuW zS2K?b___NEh6ttB5WQ^XPypS#Y4KE3*J)tI^Exb!WVO!yd_u2nC5SAl0HPjbI$Ad9 zR6uyAG1sPvxnayUkKR0FSeVu=%G2aPn#PA8jARiNgp<0yDT2R?BpMwiFe@V9tI}txoRD7JG-}Ph~ z^hh@Ew1qZ-mQddpj$VhZH4|mLZ+82Y?KhpT&)i_wX>3l5iELHbtK{V7@jW@bEM}qu zm(><))Y6d!Jz)_$=3hj6r z6{`8dD5UCe^ucQw4J$|rrhUd6ls_x}DhnCi&*d>&)XMY$MUz^0R;igOE-FH%9 z^CS=lhYIc;bH(V^25NH)^kJU~3S7z+lGjIZGFSsoP!S_-$!b3l_Cn>bAgQO{`DLNAy^C$fl)`8 zB+@+{Gi-nb9M{j3E9e3wFp>7mpn5|LyVl>U))hXwDbl;}B*FCoVbEhiFu}`cNqv*& z$Nue4lzGo&4&rK*k_eQhG;8s(@w7=JE@>K0LE5bPEdFnhIbPLr^jka%;@uLbq%@xk zfmE72L^MR1|0Y5x*ax!A@xsg$WJb;FX!1r)*|hbzjn13b{ZZi7p^&XI%`G#z0*&{$ z6;uFaeGqnA2|yS2GxvzU|8F%oPEbMB0*N-P=Rz!#affA&!(;1FfqUJrWYk_*TI=8P z{5_=Y&7)U&Rm%qPbwo!?s(=?xX^>R+YbyG!oLb*6|6N?$qdOaRpI1%Y^{U=1F%VWg zkD(Vma@)S?DdG|@)HucQxFUKpd6A8M`aLmTbg=Zd$KS_P$-uw>()GuW3%F!`Wsi^B z%d1nF+KCP{oXnhlwGk`qJ1i8?j~~bpU;F-Cc)oI-!GP3kSAe?6T08d8in^^; z@h=S?H?6Gz(G(T7$s|Uz!Lm%f-B>*q6oh%E`BgSGusd>u-17nkNTKQ#H1@V==EfM# z8$Bw1($yW~AI`T(kQGDd$qZrDUv00g@Pq>}B>M{FdVf1UIms|0{D79B)wLsWScmAtHTK zuB%fDa9<}G>`LHzSH94i)tW*Cj}XhuV#~}-Z4s5PR1kYl{8dcGwmC{ns8!e&Pcl#B z$6O}IK^BzYt=gFGrD(AaLyf2We_z~@CnPEFEIF30uSQ>AUm-3Vh}R}@$m9<9KXXZR z=o=aRuN>Q@hYgR5dr3vA1!r)A7imQr3$japHlL33qx0lTHj|Dz?8r?dLtD8aed<~5 z0Huk;*9k8~qS=`EWJdUauN1~cP!rvc&rDKnrso6FmJ`|l5vp5^MA^qkg;ke*h%9~F z(GdS(ZB@@1Q*lRSs$Qhp!ok1C5!MiwxO4_r-fa#ry5oyARLvE5de5lbTFa;Dj)Oh8<>AP@5Gs#=EOrPJddo=MAEZjVVX#v?Ea=m^M>#Y7;0DNXUcP&!^CIW2F0D-V+F zuR@WT4Vo_~=k>S+IKVP0cW3Jk@DWS4Ty3AOgyp4R;13T|{s1AQ~V*AdaC?<;Bm@W<- zD@#GcLj>{FS>&K8Dk!|(xpxr~kT5}f1Q0jn=g*%(bdKX3F=He7q#U@g0l}~FtZG@v zQ7+(we4t|#BMR%S93)U2mw9*%fm+hre25T)Xru9o{Ik=O6DZOjarrY($QA{7}4mSfTH~aHd;)zxWsovb-u(CPHk?da_Qt8AokR&H0S* z_)aVoOH*-wX#y@*#?k7bf{W=I++n8E+;*LCy!2--|OVt^|C=5ssPuHTflgb zA{}C&axUf}>F2f2oa62W_mep}Ip+K;BFc#6&=9(aJez*+!3rc`O!s2Y{P?J>e!KGr zXb^HR$=Rv8CP@-sXMlwU&ie9o8d^HiFt)DcfNC*JAHT?*-6{7qxLigy8?6M0N$v|A zt$FxWT2MhZOB`jW^xf;3V}^s`Z7eAZHslUN1(oz|Iv}c`VEUKyLv=~fj=U;(qV*FF zHpHR}(yldic2-3Vh5zs&r7ygPzUzc&FjOgQ%WK%^`}3ilu;*jNTuPH8U(w8G zU;~6Bn6!wU{p%)zn#V31r4@lE4z8c7C5R!7iSN27n!Uc``A+a{C&`P8Uo%yKLQ7eB z!;z<4VA6?5QpLRO5Iq$cx_fiAO5*Od(wK`_;(T7cwHmwQ?r88>=sNiKz$ot;CvSaU zDlu4FNwhg_LbS{OmKM2E@AG(>fqh zMVndjPdhr@aO}RCZiuvc<_(9uKWMEY=C$qRhd)7*9V}veU z2`5CG(+1LA)_6bF?7ZHEqfQl+RCK%=E(*4sGwQ3kGQlvfGOcU5<9O5Q`dw;n#4aX7 zX9>McYE=KI^TPsG#lrC|fVGrbOHJo^heTb4bC%&tt^5Q6oKo^*FP?Xbp}{`$T*X`O zCpUqaVGQDDcvfUIl21G_R%~4LuiTQm(Y6!4=y!2rFz^;NWFeMO#+F{Drc^l55Dm{y z8Sw-n$e+3ysOUjV$bv$w`M-~*rlxWQy=}R&#;tcNG?K_NFS8#LaA?lQM*B8nh9k|V zE_qnST-{mumG-Kct4cF5(sM3(GN*ZAV5Ci?X^7`jU=Flbn+uX(CvYq6t^8{c7CWnb z5J#Q0L+*$aULM}{{Z4j+h2O$=8H9y|Kk`dL{*7rvCsX#mL2b!GOOB_#Zw?)uR!L+C zKh@Q#A)qWN8AJwgu|h1YPB$M^Ey^89wK;o!3d1#wr>gAi=)?>dyU2J{99-M%PV*&Ck}SZSFX8AC9Jg z9icDEGvVTiqAZXr)dh+c0O&R)yfp(LQ}vG)hG~X}S)}F8zcrDoGjGL@(0C3AiMNEo zK~%#O|Aw^^U=zvC%{T(??p&Qi+oBft>M7P>#g6bQEG(;?$ri}I2Z>WMpZS(8xsR^v zV{p@mVN2E!g^wwJOpTSGxTKV(XP}?(Uwd-;UD~(l$g{)ig3=cuRhX2NRJgrONeL0> z#53gKC-JyVTKG6=M2qPDyhy5WC``f+2;l7;tfM^aLOX&XEUT{7KIjL2t~HHqh?Er8 zB52^k5Dy{$E8FekHzvaP1pk*sQa%F`EgiGVheeS8dZv8$*=@akt z#zMx~Jw%v;4Lm1A_^8ZYq+E}W2<5wVwZZ&$(Fv={4i{wEzkmCj#*BV)7PuYg=(g4o z`3)e8GA6^YeH}FLwQD&rx=(9W34|HL%Sc*394pu)g3&-rVQ)i$o#}sgz>GhiQHYc< zK3!_4E7QxGo8GFbN`eZYLI56Yc5;90rTl~#SI8xg(BKGOue`-eXBLr|E0a0^GH*xw zE(@MceC~deL;#~hPcU#l*W3QKBwg%-^HstZN?z)UCc;Z9zSjNkuW&B7x}Kt7xzX@R zWjrnBB-y%MUml{|?Cflm@bIuOpxd}6 zy%bGepOMp!rk@5qbO>q_1=ieUx_A*XyGP7FiZPYUoH;^p9U{GCtqKX0!#A}fc@fYp zt>`M1yl=W_u7hu1hV)Tx7!LFEN1#b;&$j$uv%XbjThLzaScyyk{eSPSpu@YX$DT{X z0!20!_jARuIo;1z5)(0#5cr7E)~p*GiBcSXo9bflH2WV9mI}rvBM;jNhYIiN8R~yr zBK6w-{>-4@^jEjJ2r2f|M058LtM0)Ui!*G9v+SwKu=52bKY4I6OEWMQ9nsv7!MpX46n%lYT&DxA-W$oX; zo3#O0C@cl!n>#OG)RI6E(V2jRY&u8}*)E~Yp_Kjyng{IH4ZuQwk!SY7eAN*dSp#_i zWH@A47=lX31!=nF$$ubxsa>c24tt1b?TR^w_aZcMp7c^77$`EepEA$!$nTvz*jlIg zI|3s{bYdRg105q;^5i3Qhv2yXqR;y38pY^@7%k7kN>)!~eJ=c1P?EHyBIS3a@W$7r z%}V-GU2x!qn3_nv7RdZT7KB4cNDOhx{-$SO{&m-~VBCZA#YhxtjOrgv(ugU&nR!1g zW~2uQM~O;?O%_2`QON@0l%`2i6CGEK<*?(D+0jbf=9w_Axo(Hs&OZ8cZEiS$XrTbb ziA^xVG8h*@vgW1VS# z3hKU}>O-2E2D6>~A&U|9-FxT-eu46}i`v20=Ac)XnZ+L&_((A=*_4YrVU>~>vGQOoP{B1*uPOyZdl`{W~kEE!A-m5D{{^Mgchhw{oLwT>!h=+}JYg?O=5Pg>> zd_ZyB+3j&~S=JFGavbU~0iRrJ3;xH_S%$^YblrLecZcBaI=E|a2@>2TxI4k!EfCxZ z65N6Xhv4pR!5xD8*Ux)S!%v{+qN}QRt-aP=KW(#)1)kNV5Odwt9&#_yp+R^w80{qM zK>_dg?++hQAW+m$%Sn9zaSP?>K$?twKaD~G#@o0_kv2;w(L=HzJ8w;X16fII5JC_| zD_@y*aOEe{-S2Vq76^slGJK`kVRdf-JT_MU1hHDb=eq+#FNz#_K*R)0F~HOKz3#w? zIm7H#W}i7n_@!0txQDn3YsOfeY|tzK0R-E`x*n zEM3!CoW<+c&+Lik6W1e&_bAk#%V1hsxn>F0Sxtmsz4RzRTUu%CCojJ(KYRA2X#2zjS(+vBj2ka8az}zlX@| zooTKd6G+i40Um`Ug$63YlaER0H`(2z^K+oG#BEszy2w&eQjaAGc(JX%AB&O05i;>k zUt9fe5XklBbScTwvQFOOU<3N|dp+l7;9uYz!`1QWf zJir+&UNCF`*jt^sBv6!GnTg`0J>f%u{}ylss5w2%4aA+iU2onKllIQ^(#uOzs^$|9 z3NNAbU*dxT#S=%8`1omX#Sn@=Td(-4qvV*i3j26i)@OLa!cJSct=^phJ}&_!)qmOi zz`hR1T?CU8Qw1|CP)GvvWa?K=&AX|<5_>5Iu0S{cj$liR7$hagJ|gZ6T6zN+f1Niy z3XL@FLV*#p_F2&s@PCacb?Dg62zXnby-56wi2&p6;sA7GvR!flHZT;Y{Jhl+7DfM%Ev~eqt4oSUt zwOLhE*nWW;LcKr{hqM4RC2{NhEUtZy%y@x~tzZ4=+0jwOwS-Jez}L|y?*LP!4^bF$jq_6FiL@Vrmv zG?KrcQ%VF7cg!9ZH>&0qWlJ55f}CAt*rvIkY^O&}t;+PC)b zh_eu51hGg6o|S3jOPre~*~--=>1q3EChmv1*J%1^4wME#@Hm8cP-)O~2OAqG0fF&e zNbi4`r)_U@Tt=7oqBGc6JU=>e`Z3J&_44xR;*1aCX0HS*Ma4<`y<{phRXsiwTaLqv z`m?9`BNY0lf#G5NFZghlCYUoisn843vvQv|ZVWw^2}l!M9xgd2g?R-y)b#c3Xc01% zgiafTf=h_K3#?sycpcN%uADM{e&C-xWN!u8ALQ4a)v9{!Ejm1X**RS)0D5$bOrl>O z=5IUym7TD?Z%tY{je!D9w|imt@As&(QA3SE3eflU+PP zAb71B5h+R-icsUVxjDDr=?|Tqoq$zlkkqfG>fg)t@46&F-4uNL;% zjp8SVbIcVET#etS`LYl7VwS_(v+#O@!zNl zhgGFCDYQZCQnsl|Q>w8vX#A4vW>yvYRVWM0NO*IusTlorM6>g&t`6N!<4KCxr8Yy0 zXxH%0$T@>^p@d+I*Pn)NwScvQZ=UzM{8RSy6+{`Qe-0PkO|(zii}PA)YcaY{KZ!YK zXP8@Uw;UZELBpd1;)_n|V@BKGKFbJn^p_UD^&XYOi?@>~x`1ofk8HnKTA~?rp6(_F zMLgmAIrSMcU_!N11^BS^9{WD@QT2u9M`InZy&X*u;iVN}(U}&Q;Nx5<>WyeaK{Y ztmcxeK8e!2NJb$`64kp{-lXeW(Lap%AF$k4dZq#5Sr7>kU4jEV$VXgb{_kGr>P6Sz z0Usk@FB%w6|61*b88ox+9i$-Irn45n?Td_!oYBA|OaX!(Yq3S50FpOE#37y9t}PDJ zGe#meuNxa1si~>h$KOn2m1XdrpPm)~h9dURF&rQk9v9R0`G72qyY z^T*aU>m@jHoP*t7$sN>DMdD|}M-k<#qDn;grK`rUR}w=CgpeF6??naz{UjWY$>2AI zPei82t<@>TL2jYThYH-JW1yI6)6-FjKu^~uo3sd+Ofya!0{ zVIDhbKtL*7jt@U|k1u|Zk1+0htrgf(j6_GH=c%o96$cnREAKsO7(Gt>K0qt%@XNX^ zeS1|wN#{7aO^YWM;Ankt;gv5%flewrEo2=0vH9D*LgFp|^xU`o-Lh-bWxQ9fOsC&g z5$Bh-wj`%Oe<^dAJ`W2*SiMldYSUSiqy(QZ24IHf_4aADTkdty*DyCXF)8pVX<&D3 z)Mdu=D2amkO@1`LZ6FMMW;_*WQt%qjmxgYs1Hx>1F;ZB%2#@xK$40eL%!USI$)Lf! z$Igqp=MVaA|5AMxMBn;|sx$A!dncQ~JIJEi=pZ)Xb{DRH(&pP?UMWiCLV`77w0N1Q z2^Qte`03Dwt9Q4`xWaYrC-%IHe*ZX`w5oJ(C-z$Z8yA&2*8@yM@25K(7aRS^YhppD zl7f6+Lk?7EZOLJDi6P2lYA%XHXJ0Heibishhbv{A+N>`IS-?|Db>KA&{jbG9C>)$5-}tuTlqWL**wE-yB~ zFQsu8c>2wS@g#Pk9P9A(vyx8ZGTYvsR*hEmeGIwRtAAr>+5CuE7Hnm zzwP4`T^}TNSomYsYEWTCJ6YS71Ase{_@z_u9f;}eF{c8a`Z(!khgD5|HOj9-WOjG2 zI={3G{T_L{9>*KWTFc+qx*EAp*KX$minV<_40Eb!tk0&-slE*wZWwlKVdM0FX&~qW zA%8UT$!N3q_UdpP9ngM~T87AyB@gZQQe_OP=L556hkaZy-HN$~zi+?!tB}`z{i$@+ zedL*zFb=NC;k7Tz(SkFh@ULm}s=<~=o5fmC30|ghd^==#UhHzdVEoL%Ou38*>2xR_ z71`$scF0b|Sl@YPQ4z=YYI}0C#n?u5uQI#0tW3+OZSuT2ai2}k>1>1~1l@r1Vkv+M zFm>{dm2c9p@_{obog@FCBFD(b2Ve?(<(KQT`U46ak&v9JRUVJi(ebj&k$nkm>n69B zElEJdjp`Gb2L*;<3GDfUjj5rAe{I+2_K}nC+bJsr0>9SCW@7b+Jy55Ql;n90>)~OB z>CJM-wRyeWe>$bJq{O0YlTA*oQ&AU!e+ne}PES?t&O7~-$a8aBU6q?j}#7B5v5hDox%k)!~2Z};R$~7ZQ zU*OcP+xtX;HWv3o#~b1D2^ecZb54VoC67BSlYCKq@mKr6cQK8)^lpo{u4Oh%D0_pR zrf}@6*jt#n-^bb7$0@auUq8#BGU}>O80tX4Y%zCq`OiyUUY^y1Pe{n=;aT*-WVXDktE%oO<<)9c#qNG< zq4i(RGIcWF!&A>IUS5?4s>Pd}(ru}>=C0t;CuTU4uQ(v4g_ugswYPBI`Gh^hi zp_P1;JyrvPVavB)Y>%5Awpr(TpVsB(>F$2}LFAslZ60vpoUb)jG}k0xnEuUM{NxlZ!hS+XH(p0BSI;CY(xQUVNELC4SQ&Astr6k{M4uadz~q->_sU}8 zAbOYHUN!usPSwmVyB_yAwwmWC#L&-(OTOKF_*KAQ+mZbL#?iaQG|hsF0}AYB|F*`p z?P_`2Unj*m$U^i9mUPT?)?N?XGUCfvprslIqx89A^fVJy1wwB7mt(K{a)A?XWerJ!C0ycDLli-PiSlI zd(*C=VU~k3UVp#XP*S2sLWe`eOAFcZL0Zgw-s(t84oA^q`%aW!4zacXPch7)8%gj><^e|jsgh>-x2Me};olk%Z3J$!d z=w>nKFrq$krQUgW04=oWLKrBph6Z$ySb(Fl%CN>%s(Hp>A#=p|3cE;+Q)LP{1t>o> zGSt=G&|AYaIAfCu3(6!3qNTr`i~wE^x&B8Bg3+Kvgb{+m_nN&+A`}{)Zff2=w>myw}GA(f7r-$+ZTvKTCp{LN0uLSR;O|MnXya-Vfaymk1#0 z5~>8ZuGX7+!E6sk+&m7qmiEx!jVqYZgw#30@$iIjqjj`82YSQxv-h9ycTIgt&k48h$d0d znfK2WM9kO)Q$fV|W1(hlb;S#3L_CU@>AA$Q=pCIy$~nIMAH1h*YXBvm9|5Gmgo*F; zrPs@};yRk>qT_nN$FhcBnE%0I(eK+?mV;sJ*f+oC&6@K7ztx>MWcm2jozuPlSzUMc zeOxjRayEU3POZQok(L0U2w!f0hX2HruD6%E>EG2_|DOl)?m6PVqtkPAK(OmBB>QjU z`)$^RPM*AEuCLSdZCZg@qUhh3Q_nVV{`251wfkIuo*=mp-Dhl-#LpW9NPKWQEL*#A zP=b=fL27uWl!@~42Nh~?Qa?~CEX%$`9(3Cf)S5v8?C}1$8k=;-A{1jB!l@w8U!%qs zaw}yiA-Qu(bJ@Cxr_1B(64RENNM;Q$q?vy$xr9fA<!_7(8Lawfgy(wy&wcN zO&BJ_-ZARt#F|Thx-Z6ilC1e2;o*!F9D=dwQi6?aBjRo{f!6T(f*{jEXTh{i zn?1h&e+oR{my(i7NlE$efw;V23UC;_RHZIV2E49jg~z=G&Ala>Y+`4WPUhr&iz}Pz znaVnq2*vn^^8GKQ@Pv4fByp%PO3niOn{w>L7r-kzu`d6I-a5< zpBC8PdX$oO9JOtQQgioFw+Z zAFfzwV=hx_PFalzL<)SfDI5td1g6Y#YFTYi{p<(VH^6Rm&$8NeZe zHK?${n{u5#=PcEPf+cI1-ELrrY-wtkf&E>+Zjx|Iqk_Tqo*xHDtfrMv%r6dxJY$^e zh2xG_jvwdr(4ehTIn_MY+0n6vKAPxv+v@77xz61%215AnCyA3xTcuBBHj;Sx!xsRu zloC;a2cbVp;{hjZ#6fP)fQ z273=X~#gSQ9AOKvM}C@Z4303vMj6+b-t%z27EJ*s|4V`_G!11&=~075`8d zP;?fGQ47y~1{k!9I$#rCtz$vL=-16~8M)}Eb5Xzha@+XZT4EBCbpR9Kb9Y)mAdLf) z3$@A|Epd33n@-F;VD({g1v`9cJ@xzVBm1;QtWPI!lN{h&}jv8~mg{rnY?9+V0Whl>Xr z!e_yn*C$R$&?4)Qxb=x4?8$dbb%CGAkUyJaGq`RDO1Q8WhH}kEVTr_lX!5vuIw^lOEO7T@b;bZiN*^!Y+}*;0 z#8kg)RA}zqFKnd=k`3YFAuwiUm}08S*_PH9^v8g|LqKpkcq_VO2rwbHs7i@Q2TRw_ z9&cnjVVqxLB;cyze!kjzQgdCP8ksC1r|D)e;8|etew@Wi?Z;pB63LbQV_Mg|>7UiC zTfxY*Ug*`cuN#|?5OCqMd2R63d=~osX@ndXUzSwmb}4@w@#M?HnS}ng2@ASps`93j z5hUf+W461l_4nbfH-A2%$NA^?oid}Ej(_DRvjrG~@h8@84xmdEi9i&RAO|Pb@+IW< zXU~MLmh;lC%6G|EgS_Y1bqh|7sU9ks4d0V0z@!2!Yr{Lvzx9F6*R~VT#bBD$gNP77 zv1#KWfHJrc9iF~&Em81C%7B_l_#xV?7C63+O@I^lSt~PA?Gu@6?^X8I80Th1G`i4nS#Cl7G#bWulO!DO)Fjy>5_Em?M9}$Jv|6AxdGaHdUHZK1l+!d zt-);c%D4aOE#s96XBmuJ12PbAg(m4_2X=$qi0cI;v7E>a8a~RQg#M*Q6}&$iz>kk!052=@+=|5&vg!K;YHS$0(tq5>_Y@oI>Pa5cQdG;Hw@ z`?xtFQZ)c=h&YL62aYv2ksio)1~*mzWEX8-7<~-0UyqIorb{2(v9>LrtVx}fLcIDK z7NKX$P8-;tSpLi7#{Tr58OX@~_21qo@7o(@CWqDW=`QR+9pqjj1Vf1cMJe2)(J@AO ztnGZXx;Gm6=_s!s?TEm`s$uzWl%x>eYO`Y=SVdi%ue5w*+eu#q-T{9g;QiDR$Ncdw zpn5gU*-<22J^c2E$#0uXJ~yrsWi6c%wG4H6L8Q8)vPyG1y9;}=6uls;LOCO^sJ7osnZDGRFvbtV#sy7CsL@5EbtR=purDIlPB;{sj+ z0tzQ!h5><+ro4l7SOd%Zs1C5UDqPj4QtwpPh=tSXpG~{sG$zI2`Yrg_0Df&?UgA8LnXhot+}6vJG1u&9zbOqX;O?ei z(cWj(6RN-eMVBQ<2&u#Eu$!OeooSg`~MAkF%AgrvB?cWiTq=P4FQOt;d&_(`mf7 z&%PpnRSS{fzj+P|O3mPmfVZYcJdZg$ z8O0poE{-rzhIaZ1rd2IU=&v+*o-+2c806}wn=nz&bOO9^6BV5Paq2C-s)eHUPf5dG zLjGTzF1z1edD=SKf2lLF?1}P8`rbA!c5cl48#Q{@H59n-w_om&)r>0q1yP!4F=?rt{yOI>8^TSz_ zOR}mxk=J1%UriWRW>q{#ygaZdeE#tIQ1ANO$o^qnDe#-+SykBTV6+hl5}vNoBZ9m0`@})sZ9#($!sA_|?e8 z#Z_t0mWn}{<|G79{Mt!ao^xKGg{h1Hz-a)1fnA!?M|$(gU!N#Dz6i^nycl!FJDfKB~k>tQl0PP_zu(K^`}Pfx8=c5_nm&vXk;RG&8t8% z+@2@v=zV9L9zUjEF~Zn_8?}=@RAu(>^f0ue`@p?B-fD>gQjh&;*g)+~1PrWFx7XQi zX^rhe(7FM`Sl7sRe zm$t61Wn>f(i%?E6<&j0&)7TNU5xBs-#ccu#^dR*#oso5FkbwzoYU0Ur3}N<0oc{eB zY(lf7e!*Qv0dl*KphhWavfjVU$kXz2-Y`M{iKpB!nl$`FrfA(#<18q2_nW%FB_wib zy^ec3HVosUw;`eM$E+Y(?=gl%WY%ZPs5Eq`;giS0>R?4Nd%}KyTNk!x83#>mY_K9g zQ4}>a%npAnzWq54mHu&z-)moqnaiNH)dulb(6Y7rMZiTo{Y=tiioqqv5qrl63b9Cu z$P)V05*B9Lem?ug5;XuqCYJ<^1!7^BU0~Lu^a0eo?`bJf4$Zg3G7HqRM|tjUV;P(W zdYcae_>kv;*gk9qiA3>&B&PuaP7Zo3_5s*YTv~dHP|D0Ex8bCk8pBu50N0CmhqX*a z%M+2Nmk*-v*5W2T8^Ud!uL^tziyT&EBGvAKq=3G>u62_QR;6#psoP&VD2OD>E`1U_qB`dxsYij zFaXNSe!sgbUom*3jdZI+{j&}}Al$h={wW9l5uS&IRp{VZxJIP6!MMZ|0|OQgD$%@^ z4S#KEnV-iTMbFK8B5CMm+EPFOqWV!@4D~K}#TH8(1W|R0qvoQMCF{1qq)xdp1?j*T zT9w~6xw$w0FBJl|mG9WBDdRv$rzgY%%W7-%kw;k=sDncoA{YtX>`omGR6}4Dxj3+u zsP;f8kp%jgT7op-eRpx$+1dHI$8UZ30g9@Rl(vc`E-BO53=-ytj9OJW)!7WiU&u2lLw(<> zCkM>xHaa_*YV@DxyWSWF>wuVtuC}2zMXL?<)rgbtJEhU@@_HyUJCF83d?1SkIOlLp ztTJ;AsGcbSD#p?BSZA|8(eib`r`N<%1SE^$g4QYg2bJ5R4hz<&`BBkt`)sahY@K_# zGDbeT6%jHC>HWi$&P$y8H}jj0o?0bX-(CX_+bs#AX}9j#-oF52VkX!;#8pe=F5*@r zOl+pse(CF|(SFj){z`m{7k)NA49L2tp0@!v3!RvK*u3Dv&`1O|Kr?^9S>e)B{Spki9=O{`Yl2?-RcB zxrQ`>4(Ct+47+$E?kIMG>0}=aWOBA_z&xRdpc@7oOVlIOPyn=HU_e50rld5k{aL6! z0Rwfk^)R&r*Znb2t-(AAi?SY`m!*ciP41?==m*`}@^{-p9CfZh;t;Ni(!C_i;W{g| zBy#_nt$QR;Jy!Y2dKDZlE+{jVZ1hmAPm)R{pCoL>qpV;BCp6*&N{z%tTEhx36hgwd2Yy7%H3!tX`zkLdi87VxyRfgTgFs@R zfs%-8@aVV0c8emd+1?}IgZota`N)kiL$O#5fZ18C91bB+gqr9?tQ%^ptE=gsVuju- z;{i!hJs=VaApEjk{JD{%P*B3+>gcsOjTH!fgBNgWuPT%EzUK*9Wybga#m2@4YJ>Z= zS+_}Hr6V^1QDbpu{=Gn1Uu~=!oUb~nxvd3vRQP5KMgGjAkTHg<3t+gkD)6@WSv{K_ z^(81!;s}WS+WWW1Z&C6v5HXQ0wANyL+$hueG|l!hXVCdD@w|Z#Z2NYnNkGPIKigf0 zNr*4xX(-v=POm%b88}&da(9NZh|b#_`q8WPuAtrD|4qFqWzV}GtjFzV2AyAQx^pwS z^q#PZ3JZVjS~ma&k?`+#^c>)Hohr|k(GOYCdp_7gbP4B9X>51%o1)Hck6U+fYl0O& zk_G=gue@6v{2jTzdNnu{ORvfI>(#dlcP#4jvFR|p$mAyCb+7|CZr&YnadFf*vOiyG zk-`x%+1=ps+q4X*5NVN`Ky#S&;=^S>>=CW5o_yW^hL8w1Ha_I~02SKY)RY(kdz%!D zj}H#&u`m`MMa}oSiLLBVIiKbkeYWQg2?LQRC@}yaZwQjeuls0io7m35L*eA1ZT(jC z1^sTsFo~}^lYZZMHd+8gZX)+@L`lTjOgW+Ou12@9ysd5Z;@&J4$TA>OY+98&_wh`_ z@gV=5=)m}57@$yH$n1pDTiN3ZA@tVISR(1P>u;|h#J@8=c@M+@sc_lj!^zD4u67Oo z_8%mB@(TwoeaY+*5KrO=C{>e5AQg5yRAEe!Kro2~h(&rhz#f1cflErK%2F4fJ$YE@ z>F|eUR@I}e(L73I@s<-lno>zgDMf}PO`W1DwK*}_DZueDIYSxm-BGun-afuA%7Ca-dFE0vzC}z0*+e&4%zkrkR zHj+ZbS?V#D;u(!lK@(oa(;yF|(tB&}obtQ~PT&IMgFcivFpx2-e;=O^yTA7{|NQ7; z&dVmjcBcRSM1^Ve`U)&EC6`vgajhj8lg+=7I_`$F0L`Bb*rZf+k%3C+;Ee)yZGjN# z<3U?vv4#~O^y}P(MeuFVuxR70bRFd^8mUFyy%)@`Edp|vW1j0q;AL?8>o^>O#ej*2 zCij^-oSHRNGOTb#@|Ti|3S@D2jdoBJp&G6dYKFeb9}L>s0@3N+w9GzyoJRC~ zY^M*jpegvN)W9Z<(X5x;MxtQU#$4`-7pxmDUS4Rij~}6p3Am&vOg)v2UTrc0iBWEz z+Oa@f^9R8?k>pT68GGsxgvC+S)r@v1qShP>F~h`MJE&t?8k8%N>rTO-!!xbl-ofaV zHyIsY0i_d~rgB~mf6|TokC0~X6gC3S!c!fy7f9@ei@O>)oJj~>^u_5U1U($57{KW> z){dDsecKQjj2ROo{A_SI=cWT*7ixiH1Ny2qKUUhr`p8M-)e> zH(_bFoUAT=dro_Q9gU~&Cfo2nDeZbOcUBE5Edqk894U2rBMhNc{{h}xb=?{$dRyqF z`U+kh<4>RbJPrwlVZ*}6S6qr8U8f7k1o&?Nvtm4+_f%6*gyGwja(&B;stPPxlnZGf_{$=Elp!RqKdC|I^-Wt5>3Vqm$JP;s)$`0ef)P`GZ-Ks^C9?H#`Rj51EsL=~$xT>zzT)vYFpQ4!{gY^{` zE3;58X|Ahe<4;$0?$+^u04X$rP-KSVFV&#Lg_Wm2BoAT<%w+Bp6EzXZ5no{>Tec=xV!uLxfDYvECu0ilD zmw~Mlr_&CGZfoWpUoiztqP_~zv2}gL{4L_Azdf7GJ9eGzN1=V0u?K>*`0Yqce*GOg z7IvvJwjer=hNVNIrbEsUNdqubuoz^`$!$SUL&p#$V_(8vc3BK7Yim^;^ZsaDr3%f* zcEjQ>h0np%l^Il?Fy#4(>*M~F`!4f>U|v%w&>09cr4E?hl|#+ohMuTMl0g1`G|p9L7q;3gjjY zk%1b6mcwXRcJyg3#9CV*uW~4Nyf{S+`$vF11=L1KAdnCq(aDLd_P-$svqnjfP~p@9 zWeE9@VM965ujb|&gSLgBZAVd~&%JgmE}5=DJ-KIpqBw&-a@spf(*n@Otp4w zx0>HN+D?P|n{?Kh9ZPgMzAa^P*kCbUl=L1cGie!N@bTE>Q|0?U-mw6FI2a-<-0}5# zAILSxN=acttFv&HiGM+|wl?EH?q^uX9fb(=TcBp{peu@GDJhS$wKDy%gi%+47}RsN zybhS>{WS=4@wG$yA*!bPblHclP+VN59(`a>U1d%YWj%eK-fTXax+?N^74yV2WHB27 zrELA2w_m8on8VL97Y}Y2V5fX2Rp+2}WMvxrMb9xYGQxS1P2$$gJhp3>?cJRtW4xLV z28DI{06jw5g!A;3+16ceH~+08Xp7Kr=So}2g}_Sx$`Ba2J}&lOd{*p{^~m9cJh|g5 zGtdkiQfm4ACT>W@_2hDD5d1&*yxb2_gpkqF3^$c&pklGNu}P9bVFa-SqU48O8v=;X zC~`9u_T1r@(czpw7s))oxS1Vw0w#s;)3-TC)7b94T(U+$L;@=iJYzUQfY43%lV09d zfipCPT+YiJvv!UMh4Hm#KF%Hgqo=21$flkVRYsf6?5?fDbaMc`PpZfg@QZznu- zPrY6-O=BHIGtMPZZtonvu#XY!uCnYgKR@b~r(19j|frvmVnixJAGzj9nA7$o4KSLLG zTRafCztVH0fm5V4hA74je#S$@>V{Fc{Q$__v6By(s{83f2)Tbc+ zr>%&~ZNl4$Oqbs6e3E4OTeV_N}7C*rDpQsV^yMQ172H&Hjg6CiwY@9v){X5|g$)R8r( z$l!Ta6%&9a01(ksxlk-{m><0lY5WXf^;#}zH8lEU3XgteSp-g30a5W(gNV$`%&{9m zCFEY5s(#U%t`BIOMqPO+GBhf`#pN8#2^tUNc!d`w_n`6563UJ{)mg-h!j0yjyYOMG^*fq zh6T8KY92YtK;DQh6GV_=KQ4l`{RMDGN2^3=KR*%@5_D00WKfV;eq&=JP<;;fb>!VX zX0MK{tLzS$qh>k&AtUC=Rz&><;F2oXtA%Si-v<6{uPU&18D#q0MqI1r?tT4X<-JeK z>w?cu<%i#Z0)k5*_4D2tP|D%~i@}kn201B;a>317*J9LK=1VFdm3?P%z!yl7x1`TU z&fZYui2=yrCpwzQGT^Oq(f8}rT&4G$S+aolf1|EX+q-{YjAgD&@mjtl;asP6JPdT9 zl-ZPJY`Cgscpsj96P_%J7usq1gQOrvCv@swBb;wDNNWGFQSYemkg=PTtD){6qGsBz-ceiW)(F6 ze+ZDraF75*+<6Z?ncF1*(NFPYarH9Ri$abj9_kNCfwd?hyMU*6KZto#;esG&BQbL= zF%LPghkDuR`<)I=RqVivsJcAb_v6OA;gC9V#fap(lpD5roXu+)b+{d=nFbPu)X~Rc z`WYihe^&VpJ1IFL?nYsO&j5pf=|^dXft)nv0FXrRrJrsW4M|B!Sy@;*E_~i68=NLe zMN(|>338D*+4Zfm%s?r_7Lq4IS*46Z{5r>1`jQ`_Z{oVFBQ=1kLvD`-Z^q{yX&%R35Oxb>j1f5qA~_8fm#fxK>73| zr^ieCJqQ4kg>vkdEDQ*VVu)5<<8?^mjoVg>ca9gMa66Q7w6(~$R{?}^dI1m0)1qt- zt%G3WFhU1@<%%u@vR(FTEp-(Y3blj*S7lOKqv3+s%)i8fNF<3|F1uYV3xd@*KHKj8 z4j$`m@;rqHklB$gQQ^#}czBSQQ~d09%=kDZl((nLZ)wtuqJ}QZRZ_TGFASnDZNWWn zZ*R8=BJ#6tgvMNGKH;3t;SKDlh}QHZ3MwJ8S-MqXevibM7uDqBthB%f?1LHB|iw48d&q*}rkB^UI{{D?6S>~?4fBdtB z>|xe20xm?&7OL0jW~P)invoFI_qf&PYgJi`Fe01>{Nxn!#>_S-5e2S;*$10^k~d{S z`x#_Bc1wxRpOMQ=da-dqFev0B`FC0CbX-ab)L4?J#zWJU8yGM+5(vw+1r1fjkNB%Q zVHW80(JP=9WLXw5M||C0d4N|Zm-ND&r1K&*pI^Z{wZ5)(g1Zo2;9+sX4RsEEX$zdu zCIZIBq6LA#VWAQQD)j2l-zr!uDqIC~0KSsRa+ssy4 z^0)ia95@g45KFbEm;g9kAAQ?)mUCAW@i>-=@iJ{nmnk@SZ`+ypvQ_1E2$@l|`GFsg z;r;b+x!e8D2t66W=)hp;MxyD3_Rt^F5W-8ExF-A&VeY&7xhhoHt8xM1Aub^^@g802DB z>w>h?kDyRm62&6%7y>HHC56;;5w4c~LGKV zZR>BvZ5Nt2duix?7kQnvm*2F0pE!6)c2)wk80qe)^W1J#8mk7~x2sVR_%s+}Q|qGs z@Q6Fq^NWDb7!1e?xO$ImqTw+FnWORAt(byvSqMBp5O&B0oGZLf&QIa&#nUVpba2Fp zDVJEYA~35?_v0W*132%&oFbVU6j%b_0xg0Lx_gP4wB1X3w-hnr5F_?gcw)1K5Hvr= zRBTgqkrE%GrL3#-Z5lP@-zgt2uhy9jt~z$TRv7(9ttBDP7$YTBPWaTrC+@rO6JG&0 zv4|7=R2L&>J52SdB-n!fPtk2`P$f#~r!r{0!9Gk7pVzLj5awp1Z5m?e>^BBR6H5m8 zQAkAZ8gF0TsGlN4CUR0GvFVf4nhhh%EfrYoRj%1h|0f`PomTCWFOte<&hEn3IHBaZe4T zkxcUqBS}RAq|zq|gBlo$2!m7a;QkRnp8-ThGc&V`aCgJ8gE>_ZFh_gQ&odzh*)3^u zTMG=d-o!zkbXB?W@*>;5T8sS$a}+S;gb0;RH_-~=iU5$-A$dBiH%E*3h$A(9*5s58 zST1~~(kCz8BND{3vxwx53d;Ot`z)*b|5aTdJy47}a2f#WA)jkxn9KaA%TSO`H*vaq z60;)O`#%hX!DrYwf?uQQD9Z2#@X#*Kav63Gj~gatJDNN9S%B;b68i>?ms;4`zvWz@ zzR+UBYHyAj8d!|V1pkRtUvsy+mD>A;m8PtHC($CXAn*s6)3|}04!v+blA5-+U@#m_ zl>7IywD_C$@*ZzJ@q0nQB}$*yRdJd=>!OV4Z)W?z%-|yN1nSry(_EiaT?dl&r9J=j z$daAZ^?|VE(J%xs$4OVnHhvX-k&@fC-*aVKCDW-qk%Y%5AOM35CdCiBFSl`OSuOhy zzie9hcGc|GB$t&H{3!U3_-be@mi~z*{I0!_p{69l2-B&44w03V_`gNB{UAZy`23$i z=5MxTsR;zsz)G}X6v-%dcGQGBshUUakEF0*F^&1VI}boHI=g*-4YfjS%=`IDP0Ud& ziwTVwfrAS|jxJntofOV2k)uXP2iohwizfzkrm!G4H@DF5DrTcAZ|+sVxg^Ow!)gtM z3+ctpeJ!}MsNKW9MX>n>RO5ll4_Z)kia$}XG1!e&FTMAw<8e{P?Xxz#c3eHz`>)$) z|FafYAXe~)(Wi3#E&C{k#<~Lr(Zdi!XP;=Z{Cw$W=O+#WW|ac;D3Ed+B!=#qmHYk` zfh&qc?&D0QR3hv;q+Z~LEIij>AP9q)nBA-H<>{p6{eWx(K&@j+Bx7SgqZ9MF9Znf) zuv~fh&s?2q#K?>4vJew|ilThzII2H-#gSkJ!fiJ`PaD^#Q?U$V3#^*xK}Kx-yt%*31azkXBqeYx1MpN;aXPT92!~yJgkFG!3A1Lgt-j3K zUQh3>YrUuTw2J$A!Yr28%~4ymt9Nr|VWVjU9yD)APWY2?NUf^yF1#Qoq6vm)PbK+s z7=$E7XRI{4fbg)?GmLc!b&4hr$*MQ*#!8S%I6XN!>UfSZ67qex%r0jPH}T4~)WHL_ zZ;lxXe&9Ata4?Fl_eMLwC&Wk6-fzi<_tRu=U4G*aha=2c;5G#?<&S9$k)`CRq1L8< zlEh{bCwdzMm(HtnzEu3Y^A>fP7joqKUEF1qE9hzGD@2S&6$+42$)nSJI!u&&w!=Ok zQ1oFBZ2U0k(mF@2*nD1pXcj$aEWTS}&Ob43Pso17-g2USCT;b?u$MN0qKq0}nHYb* z7qR%};553J#!~sLBI4!fuw3sq7$5NPv&MhwYhZ@$!ciV|N&hJh%S_)je(a>D1> z4$Uo^eA*1w7`fZY!@t&bZOjxrPuI@7*iSuX0=K5NfHUC>Kks1A_6M{5eDi+aHPcF| z8Y!XA+|E8P?;9y_qwRx`IiX!mb#BP*#TEUIQYK@l3#xztlH@Fr2QFvOY~ouq&k%(l zztPILsFN_1y2UC1{6Y1tw`I-L2b8<}dk=T_ENfpI?H)SI#|(^6XL5|g)g>x~-q`Y} zXN|QPuS%Z~a)ca%9D93vCQad%g4P}x$lRPn0GSnHA{dkj&ICWUBWII(I;G+8E!_ ze&fYx^RYM0L9CS=XQ*}jUxGL37{_vUku?Zk;1Hw(f^_Ex&R8PFPeyN#6`LIc(xnjM zXT+($(tK#!_$cgJ9l!0d>dvXLM87VYXZQcRTXhtDxz1xVtiMdodp!l12Qt_D(j@Q0OoHJX6D}PjE-zk9DR@|40qQ%Ctc<2<}5Y>40crL;0{G7 zf(dszc_~qCYb!rKinlp~GM-7vi~NQV=_C-Q2SVCARde}-d9~jodR<#>sLnW=xy2xVca>e>mkRlAmURmR3 z1=mst*Ny)h*=LFRj^=~`%JqBunlMN;I)napYXpGXAOn;G0D=r%=rWLbw2)rjuqGo@ z&A?!Nb93_p0^CRcJZ2c&v)ihOi)YSzXMR1)K8uK%TF%oc2e9S;adg)4biREYzjbq% z?l@{pH`CoQwdsyA-OY3}9n%xjG2PwFbayiyx9Z-3EywP zVF^)2LDcc4ekX;^$ciVn3FoS4&I$3OF&G0c$?59l+Epn~>+uY3XK!#EL|(`8CI2*LFGc?L0>SiK?AZPrw^^m z$5SM_iHIU|R?qB0VKa!(O3|S+pv|ev4A>w}7?~sD-PMRiOo2gz!$(ZtC0gzIYR0F4=gp)SU&{6WZ5|A&DoN#5S z{pr*4+FFN&(x z2HZrcZuq*GZU-f$?0v2VPOVD4MbLE&)HqDf&2===EXaP;dVIg(8wSU7iFL(+2vn7n z)5ps~&4#bBw^Allzo>GfIooDvX=@WKw77yIX3)jpKX9!sD%C0*Gbwn>De+`6RoU!Z zPm-dIiBcn|nMmS%@28TM`)AYLS7;CDHN+3pkfo$wsFn9uf9i^LUc=1@Qp7irON%DT zLqRhgQml(ip`v=S@cCqckT)>^%Jb#Iy(HC{U4SpB@A_% zw?MPQyMGiXKfO$MNNx^R8u-VHHc1|AiolzBFkZ1hk{E}PCMAS{A3`R;=65kY{WAKF zR=ah?x8J$4_98aw*mDh3K!D~hU<}CqO-1_k-?BT-nnbqd8HdPkg%NzP~HI$>HT4%_cWVc>q# z#_BaHoU3e37Rw)+ow?e1r>Db#P4>Qx)`=^g)H5^k%+Z8luX__d6Tt&B9p}e`{T*h` zIf$0M`kUtNv9jg-6UpoHi=yu7B-5yjSJur?Pu zTD{B~DC^7X%d4xWmmVHta1fv(5ZD@#jDolQYdT(+xUX~$k4 z_k*4%0rfViAnwk~+70K)8&kDg&))YiU^y+FV*Vc;y4&dDuJiTZ3{%zfZ+a1HkPDiG zoha8jjvv(zuFT7wQK!ut7Y~*3_Xpz#J7l5K;r~0=_*8-;LFd(eaqAGskb>7LJwTJR zbZz;Zs;?nnoU4vdZamnf3aU7gyAE)pi%>hS4jMb#++CfWuNV`)H2yT~>}YNE1}`z2 z^I>xhM?y--$zt2~&no|a#~?3ZD>0Gc-=M$GjjbV*yG+MlH5cW5W(}eOtM3>_4Aq3- zF&Pzq8$34uRdOku);QxNUAV>axr>IT@gXIjiL6K)U(3LnfF)?l82W9=eWUBNY283| zL#xig0X9~#3tK79;>VWk0Quw=`qZ##G%}T}`ge^k`ffG=!ZyUydEXdZpt87V68YDx zR`s9_hp_dBi-(yyKemNCT8maWAdSLfGAF%zvxox^V?w`|}KZk36x|{^Ok-$c5Mf!}tp_{BCWv(Iz!-}sfh|q0p%7C7SJcV4DXl%Vp zi!MUKA-8br4`Vz?W%ra6EB;Iodc<3_IN@TEbF)Z zZwoQbXL*fgT$GjL_Jn;Gz&`Z6V7qszA{FnWIfE8cS?DT$^ z!r+~&(yiO8*I)y+W?=DA-%w@u#n#^bRzV36)ig?lw0@l!QW>iaI2>W z^jvFV08!(weg}E2ozJ@*?509Ak7Iul#{=ms~~t4wiG?1*+rTerDiAaa4N7g zaBzT!pzf=}Pui%jGyVPFqF5J@goz`-s$iG(>}88o<{sTOr|D#N?VGRE{oF9RPwY}a-A*V?+g z_L--s492)HyqxrG#Tm=Xn^DS{ljSs#kD}MsQ|(nK@mp z6+xbDLEh;;HT4o)&wYev-T3-8a00Q-E_eX!{j)C+aBu|dPv#n`tE+?PmvM_%(|;4~ z-oe`AV%*LfW&8&jpk05#Q&Pjc#G2D<;dSRx}j`3D%$M5sn+qEyWvi)^E+7r&wdAW<1?9{s8KwEyKZw=T`V z#@&Us_U6#h|`Bd(# zGvDCRt%OS+=Bf3mh8MAG-Vc%?^HOx{Y8>&j6Pm%%Xx{O1bBhj<0WI8Rl!=aqW}jVk z=^3lN?DRXobIa!3*A=#?v4?*z<2B2$;orDj{SN>14rd zfqB$e0)TO7tfgXsQ4b=Uie3tHje#*?3nssi^{-Wh_RpHv3wjNoF zlTiEev7ZdeM_a2|aS1MKCTGECP!HS&u!-qLVq8RA{A5kD6#OXN_ z3TAHLDqlXs+eq-5lTwS8Hf?X82A4=h8O-oKKpp}B@#v}z3L#D*cuX2@ymk1&gBu~K z_-hklgaS}fe)oU4sI3ydlsst3{Bu9gprL`s^v8bn^{u(H<>%3yb>WA7g7q zx`Q*r@0X3>O%b2=UHrfG#+%HkrN*S8;hq?^p7~wXjuWcRY~L0$gsWYh2+&C|6K@vf zeJ3Inbl2Pm#2kHmwo+9@e2-iFYdy;i`H^Y1(|Og|(qJ+u7fO8&JyM2)H4(-`-jn17 z2U-irBr4OuIdiz71VOoEORf;rcHQ*N;vF*zxs_(oe~z^#0!XEtnzxzb-{Aqm(45KM z#In);K#H@a_G6tuhtF0`)U@qN(5zt(ay-PzG7!#p6h z#U;YMAFui017V56{$`>A3uBu>oy9mo$92){{(pRJ6+x*OM?8b1&&B>6#NdIL4h)1h zBHdt*`v6)nQ;wD4SZq;4X+eMW4;yx7~(^NLDWI{W&i$}fPFnE4nGc*bX75p zJ-eK6+lnhg7TN-4&bSBwxKV8=T5O6RxUx#(3&pWTeh?6B4KN2U)xs^@g%(w0ol-l~ z^F0wsm;h?yV_P1;^;;ZHNR$8mWz`crKHNS*{GvTd$s_pl?7#)*iy?Xdgaj3tTU^O( zwm24vf~zUBl*K!2&g{OIdD28`kq}R5f4_}^p&uL8PeMVauvMcQCxEpG>dkA%!CybQ z4;Ns@K@>NLq2I(A-D~d-f&x(0aitOqiAbIgvfW<@H%6+2IqnIQvm)x1Oo~xw6-&86 zVV~6_m(rMZUvyb)p!0W&lHVtzhwZE?Cm~d12{{VPE3~(@nw5W}_|M-)jr(O_fy3U# z#D%}X4A_E<+*%kXcqUW30KID>CEE_OM zfe&T>_PluB2y_j^kic}E-*L|)!OHeH<+WoYo^!P)`Bt+JL?phgM%U&V#$u=&PD(T3 z@mTcW_@grqe$gZM)H7ZFLZ|vY#daDUElCaLa)jG-B3MAUX{(gu_JEah_?J%}fFKDdzK4hOa|3ak7N*kqEipZ_%%#wwPUmU{NzBCW}=SX4xYT5y>Txw25;=*_EHhu7ZO>ZH{a;@=|IQ-kfjsP%jciUw$I+B`ukEhK z^M0K-8!*#5QS+5hSf+4IJOUO7^`7Ee^jtdWAII^dnKm4uLI|dRGEmwOs6eLD@0pb@ z8fN+yJhd!d!DNXkH6#uTGxTZbh3pL)dRRbr^yEHgyC*3U2O^lF!-$6R@ME9L)|=|h zPeImxO?&rb%VuU~dV70gDn;r=R20R$Nog~DtaNu3-eHh&`N1)lH=(sGnebw zTmLM_m~*S=hGVMd;^okhkN7uR9cC`ojm-7~XMn9BSL4958zvwKBJTL@ZVpWzca(1~ zu5C7I9L&9B$UUL8{L|BLg_*|Uzt<3h-hKqLUVS$U@Y^)Lu-Q{Jh!M)~u3ZD@xo2`MXy zqby|bwX6fCfS)Zs)#Y82M+%KwdUm;63X5}Uj@c<*FWc?OqIa*-xz4+a1rEdlPZI{) zAzg>VfLgByoj(cl?{udWPsweyCU?qKepkbICXOW(p30)f2I$eX|8{lW#wa&fxjf%C z6@khT2V@a&U`%1}y3Fp*bbnA9H{YgtqLaBT+-=ucOd?tSsd7T+5LpA%0=6)ja1dLq zs-SOl71w!b6z?TohCIDBbIcjp6jE8ZConxVGsoTLG`00z=QQ{HXAkR#337dI=2)c+ z%Re>K`_OwD!%|79Szdt61Zf>bq`?_B4iuFa*G@`gP$mf`2j9a>C0TPcI1En^xJ^T{ zeIXP;?6yF@iA)luoQd&xKQ$DecG3kFfE8s}ps=%%wTrdOIc5{0<0LWp{Mn=${*;}2 zt;&T9MT~X82^C;8N!*lTX9SZC+{i#x^~8nqD9P^3PFono}r zC0gW8BnA*qK2_o8bTN8O-xyJ-1J_~;vF5)O9;P5tvVj=y7 z=SxwIEvhdc*{c+{&$+z7OlfKzjeS~R8vvUM=OnKW%7Vetw*ZRh8&SAlSMfzCBU8-M z2J^C0Fac9eZwkK=JAag|uw>+rm|+u4XwKZ`t6b!E)Z+*eNcC=QG!@u>m^e>e^W;Osx!tAMKOk!bf_u{)~+L3UlEn zZcm_&)%&zzKI8S@g^cjumDrbK)(*&(?Zn9k=Z^sp%Bu7u`p~RU0vTJ(*t2{66Qa)b zICjK}A38a7sva-!YO_!|dwUyO+b`A?wx7>qDJF<(_|~(lW?$ak8R++$l} z9_JhlqWzO{VnoIk5qDTZDFRK2s00DSg}O>?;<|W`s)WeG*OKSUPQCBqO2>)VkUU#@ z*tF1&OQg|TId6pi4^y#DZ{khip>{h9Bt@kr7GbTl9p=WXm{M%#;<3ruw~ngX_eXuWMlfLd6v6(oVkuH?`;m&pif}+LwI73b=fQ{mz0qL${O-Y*ik;^a^IguR(sq#qhHKQ% zH-O{{(oCoolrU0b2x!ceV)uM+E8C}bG@stbMSpQVQi#Wu94QxXusbG zKZK9sKCfA^<|6%YEi3>}?wa}!^lOJG;N@+~uB$kpXlT`~U%@c4vWfg~>~U5tAO%W? z9zJjfeYeh_mW#{}FYuB{Wi|AhTyn_6P?GBkXfa~>@H+qC4p827n5*i&G=|f9v5T?XUvOc!rI}uka5Aeka6s- z1*~y24D6b`8?rY8j6Qag9vVRac-0pBw7yByMLpurY;I&hAvui+v}pd~C=#RlReK`u zb$QD6Wlgj?qQwqEm4oIck_EAK&$v+2v>BYzC>|ypA?#896WCljzjfbJ5N)~yuwmK! zN$b1VTO%FFIQ+WY)=W%oWsVZ3O$U@Om+|G*_>?RXG|G*i7a%BM1P63>U%VwXag?Y!>aaM`XAK6&^L`@h zkn`p7|BhFT+;m9$+NPyO{1TnV|db;>va^!>X(pj9R#)9jUpc|D=Rx|Ij(Fy zYq523xERiT-VyZoc@AuG4wWRefiofJ;LlE0M~~?T`2Ur>L1+`YHbH!Lfph7dib+2w zjxSi;QPN#KL~@z+Sf;NQcy?`nn8kWrFGblEaN(sGshlQOoB;dpBcaF$4Dn zK0deQzvX1GY7tFBg-SLX_U(n7-FRhYE@gfqc1Yyy?|R%)bH3#*jf=>3l*51p4B8Oag?s4+NV#SG&Bmz%6fM>4mWC8RG8i}tv^({zyJI2`Won-+nZ#| zZVnH82LSZHY%W~Ui>zbCBT}z8Ut>aH3K}E*PZnOxU%7$rMDgQhoMr4;F!mWkFxL3( za1g|wGu|#e>635xBSjxfh5c63v`QI;OVCM~3$qj9`M*u0S0~25$3k9*jrh~-7*D`P zBNV)^lza4slY6e1gDuur@oV06LUv6WL*%&9O$-dYdXJCW_Az!nB{It*Z_Gf2j z)>c2zzKUPTe_)E7S$mNk3WLXYz1G*K`uR_&0#jS zG|NFG1WW20OME24UYgUm&#`uhKp!=y;egL{Zgl^)WA2xn91@G_sY8c&kngSrwMImV zI}9g9=S=6vqS#&RbDYSix_}Y@wH~b@KXaV?#?4cY0UH5UC2JiT#Y&mOP+fvADJVEl zGx{52Eb8CswL%(Rry<|72}jSIKBW>F#ka(`qDW{+eynT$ae}}($|68YP&J(nh;!P# z&kQSNjxHTI!2MzM&Ef>}t2o&^4CZk8T8h!g9~-jbF?URK58iDB>6Uq}rWJX{zA`ec zhwB=+2n6gTxsze+Je*M76eZc}JnbU_M+LY~2gJx<@6%Ai(9z1&jl$j|KSGY=`tmPz zxVnsYY^|)U?Cpie7?;*68PpZttgpr)kfY{x(`;%n3kR^D5t!GF)zo2$8z3Xgg!GDY z)yFe=Cr2;Rh!qo1g@CkLQ25LH=S3rLs{^c3OG_DvV?xEL7-JQ=r(evNQ%*nuN)hG3V`oIXKO~EtTcv|Wkassy;2me$~Dq3JBEmI z1B4;=+oYzt^5fVnHjcOY^-_Z7mD7h)MwrEHLrDWu@X@LrgMOC-1#vzNj5|qvA&Jq( zx)CMc+dpw|azn(YW4&^_5I=d(^K!Yn2;BF?c_YG9eF3<~ROX|MLewZt#I}DEt&nhS!D1-Q7JiT^@861^+@vM~=C! z*amy38ON}fkfG;BAZV1CI%+Nvp3lH{`+-HUS8=O9;B~V@KKq2=a{1qvx}+Waem=f3 ztP!KXq5vB*Tlk`I4ReA>bDm%jWyzgNVtrow<741^P#!#kwu_Ucpj$vtVSD{-8ZxUq zEu?5>WQHpJ*F5g!IYyf$sFb*piU($MN5+WIG8-<(?_VG#=43}UbM$@4lDzkgzKo?syLnH>3 zm{CcDK084cg1!Y=UZgpz2{_M^l9Rudf#DN<8B&B*-wU8P7H$McuCb`i_2 z!m^S9r@w{l-)M?k-w}ms&Wphfsnp2@QC_e7f|2ef@ZL&G({P@h45)nLHuyb1fy+5L zs0a)x#9d5F1alxNYgOlmtIHc9PShsoCWmpmB}QP?hrjv%9Y_qMA)a%7>!L%h;MyfaG<_H+b;Y$uBq zVx;ny^G=?Ed5~E?Wd6i4aw!u#V;_ePM7wWG<1qDJLiD@C46STUt>~`Y!uT`bNn31JK65yvYQL`wRu3p4L z27-hQdLR)I39^N%JG^KJmWLrQfQcFxku~UFe_J740N!^>@7}%S?+`?L0BqPbqL74P zG~-501qxA}ZValtpZG8vA*f0n5>u|Yy>IbFgPN6++lG(`FXK;;0A#@BHZZ@8jH)<| zm?evjI@U6(y_QfgOF5&MKh{+Dk41w`OHQ{3xJ}_>(qr6Y=seDS?lCAReAhh54iIkt zcO4wx@bK_N=HI7+gUn#}6*Vm_tscjU!EKjjQcNV!v4tnI-vpG`#Pu2)H!ah15>P{4 zCYfC3IdxkEu1`zIKX&*$Xm>u&wG8Gwj|rGWirKB{nj&g8S|EZI`lXV-{?G|UvLYP_Wdrrdl#sMy+uFV>aXwPe zQJF9kHaj4ZE#|AmRakz=3grpL ztz?);y=+?LbDw#|NOkq>#GhW?$REM$?3T|$66 zvGDU)POxWt2sIT}lpDVBW_n2Pyn5pfNExAAVenR%TRDWP8G8DCIfso4*HukD)q_JAxG%89FwI z^czMhhAzDlaRUN`7Q!OzHuCof?BR##h`a0iJS#Uk42t0Yg``v{Vt<6H#b#${w86T&mFqdlE*D?JMw3{wYH}r;LukzfMYLu z*0hD$SgJ=E*6)_LKU?nByeXPb8+Fgue6Gepo$Jc7&AP$XC1@ijt{mKk2oDnqPr8SI` zXtgIkO4K87xf|uLrGL|l6B_kM<^BEOm+YG}@3pI(yS9CBkKPVEPU|oKf`fx=vIS}U z@oD9jn!cg%aa%dVUo*ahD6QXphRwJ6qB`$fHW@9{0*RX*AH7ea>Q}gH}p9)=k>@7;R zcLNyXepa`ffR!nF6pjNd@=3kcSb}>Lgr0J(gqnPEsvFGBeT3r(2hJQQLzuOg>}ukn za?@OPHK4sn4LCetGHq(r)lw=E@jh>FF`nXz`OGt5?+$XI;WH$w`KUdD+(TCFbA@a( zxUvN_KKvD&WEb%(sx4}`@fW!li|Xg7`Z8$TB$!>9p}@jT5YB=~$}=?!gbfG40&+7C z*}boIrcQPGtSA*;lu|Qv5cNnWQq9vu~x z8z{f%gTY6S0Cifxop96ok&#>FpLyz&CF`vJ@_xrn_W8<%|GMY26akrag=}P*Ze6j( zc!usWXtcz`$HyS2{&~64m-Q?ODu>&zz?9b#0vR!~<7PGnztj2Tt7TZAk;ZMKrK-4l z0K35+9yQ!nQ3%V~994`p8(n@WBvN&vn}?ny^~{_-*8AYiL3(=e^smnA1f(yaz#4+Y z+~2?Zu7t#g&bK{bl#;|#*vlEkQSGfZB!bF@!jjhno~mJen2F7G8#_BYK}Bb212^$G zCh|%`tv;%?u&-Q^aOv+yo$g5_esUlvX#PVY6Ibp!L;&9J>Zl?^FJ1!Kk@@(FU{*{@ zt>a<*3s2kYKk}w!Fm_b@5&s8{CvZZ(7Rv>Fmz%MvSvbAbV@aLdMF%qS!5RES+M;g< zWwoz*<%?%7U)kYBu7Bg}{MCw#$ZgHK@6{WY`ROi6P0hGv--mD7dq5TsM5r1*P*z+k zbGNmS%h%>y*2Q1ogQGQ(+-7<`?+#QU=W zWs4u@`Nl5_WA0ovYR1V@>}1`a@$ybB%9cp|4Xt70k1ljT6mn~MxWG=#;U@wG2u{;nu<-iG`t7{%;G@zNB>MfMhESCc>miAi2 z0J?{T#1~t)7zY@qk;o--nFbb$Z|Az8{L zuS*Sqw)4USah=y&QJZHvY`@j^vE)4fCe$A|T5Pbo3E#wLyFEc(eGoINQD5e9umj(7 zod3!F$EPq5`;jH}maR_Dc@HW(3-%wRjk~2FePf@(eDdgB-|e{w49@Hu>tDRuONn?* zTj*cLzCP^!D}G~5#UmsX-315mz@`Wqg@1jEiHI3wKUPQCsEb`ZNXdC-P}?}xzypT} zBl_;-h_I#mJ4dFxzSA_l$D{x^r@^m|7UN&YcO(O&i;DORq70pFWkMwy1sd1#AUPCy zGI06Q#U_R$diBsDYr+`hTn{JGDpYnn9+mjtl>c7n(A>40=FS*LZo=yMfM~F2Yj$;U zB%C(Zb(_pCgyJn7xbGRe4KG%`d)-Ume@KjgdY&4oJa5k;(tG^M*BDj*dl&~ z^zAuH^L+hyPiY_7RPXlt%ToQ}f%+11-rk-C`!^fAV_69_?R~Q2#*@>RK zJ)ka6rVMLtp8Jnn;tIvN#y3fCGNdc`E3k@QmRLTxi&GW%FK! z>0>2x9IUHVF%5b!Vy|@2w=A;jx*0bjdjGpUU(G*Eww0$#y80&LJIpP6L%Y#UEkWS; ztoG36u9crqQg~F6Oz$hBvkmwPothr|rYeK>C6k&8%%6?Rr{@IlvD+RmR;B+y|M~Q^ ztd&N)PXgI~Zu`ofg9qSpAXF|9&s>V}*LxbCr5{yQ=Vxb?rnYRE=*aS-8y4awq+3+v zVSkkVIUA2GrF_s*P9dUPK&BAY$@ z|7J>It01I8hLb;cuc^&|bu|C``sAZeWHPK2Y&^_m_;!Le1fIe{*a%^^7v$bur;5Bj zbUdAzzR#(xKo^?(<)^qgCFVs|Su{#6ybqkQWAhpL5^4 z_kYjaDF$0ymv4V+HJOK|2WHQBwyH(Q5|McNEI6g*AJhwLnp9+|Be|RBfA>FtsOiLG zwVcjnk$D$3`(RBiu< z^$tBAhvorSJZ!q^!N@qsS5ADkW2d7H*zv(_~_grSbDdhl|f zSG-^^U-raYs(}C(mkZ@LoTfV(langec2Cc)_0?4xhvH?eO>=B$MF4!(hB>x_FaRm~ z;9ntB%&j@lxW*348UY%$CY6fV@MOUK!RCbnSV zB%F&?jV{BW&o(Eye~T%E!+3ou)XV0nG|Lr3i5%5$Qn#qsj33s^4$3Rsnr9B{uccrA zH9>gi^&V2~Oi6?v*Af-h_ik!~C>_udp~!72igf095hfK)yl*3^2NpIR?tMD2xVSuo z{yWyO=Ac>VoJ~=z0`~QXWm*Em=UJu9kLRsl$}EoyF!l-YZ4g6po&RZP+1l86?S0DS zGKCqm!8(RdASI-_uXWW45@9%kQ6hR-`#rT48+g*v((*bysiTK2%4*5|CVAFN zeLaeFoP2ykI-4`{CLDFLE&PwA zU%_Ey5e5dBZ80PEv|+-dz{3;@yL(Y{4aFuF5Q!S3)45EcY!%{~5r-;6j3P%NqC1qC zoK8<+v;3zYnrQV4gQMIUNiYBqb5n94O(mO{&k!|d)1dQTN5`gN%Eel47}Bh+W&ldE z!BbSxDTV_9uHg^?L+uh`xkeW^Nos6=HbO`|Lm(wG9WaJt1Q)Qhw4}t+3Qb)l~gIcogfKlBdVJoOO(P7ll zg0+d2wWP`>+vMymuL?c+ICNN$fmv8!LgLt3aD>{!CYuPZgAG~Kfe6d6UeE*d#4Tis zi$JI~*EyQq`7DGgheGdi`Tb~2WYfRz*E)lH4NlpG4l&!a^EM0B1Ug(6A-$Z_crxcKB*M_T zv$FN7jlgA5+E`~gyzQcE&6qo%VRVn&K1-*Yj8TEkoAal;bHiFQ6gXlTVjd>DI&iD; zR&CbQc|r4ccOsHIouEY>xHXp{W=T~=7R4Er7G`C^A@Shzai0C4C9CK6uYX6}frhWQ zNcP$&gd-0aA%~!PD6-3dkon|dc5H*Qbi|_!z8|A^3Im)`*DaoaQ#tTWF^_^I+;#uw zOCRCa-(UPVSyAQxUgt6g9bt`NkbEyfTWU>z#DCMoW4{6l2Nu@WEKGC^ITmMhu(|@8 zq~(J?&W|;HS!?6h(k1}A+HVXNhUgHX(CYBrs89I#s%%u^-mKS9(d5M(crF!B&Cq%u?iu2$;gPE?|htVJ+bne7|a?N;8a7{*58XAQ%_{7no)+w0X)Y zGy;QRzV}op<5@(Y%PW5&mW0) z&L3mI!%kb_0@Um^ot+8hiya-pbH|n$f*-~*4AmAXXR!&Mwnv9Xm_?zUv~r1^2km%QDr5|`4|dN?-OobA@MY-dTxkQl+J z)hA4^_dfNf?p2(&;T*WF!S%Rm*f3uytcMDet-cEdJf$HYb0wK_kGLW)<*gG| z>Np?1jVJJ1$snN?~x%sfl73NvUB} zn#cNT@J`s5k%` zyRk3^Si@lrB*WaI=j9gONYE9SJJV>{B7B>tlc^6R8(T$YJ1EpRw|@4Fwy^!6>VvC$p;smWf6E@?7~8W6g-x~?pj?sR-2(z$&06j}e)=H_8# z<>K<2fp`?upy2g1&!X?v7ikb%-gCWnkaXN>o0e?p)S5Al)+AX?5?O?lU?RxK$RHsh zeXFS{$?-aRea?NI1rsK}G0ASft}SNVEQG*W_bOPE&dL4bvol1X+pwG(1|q7jJ#DFI zKM;^?=JoM|A3+bFYfk$m{~l)Xrh^DyceB2dBhFNF zB0I_CFj|qx@}-+vG#nv#S?&CI_bC?)@bg~fvV10Fn{QaZU*tOdiDX*W*S@QnE1%bM zOONp1o5ck1c6akK?NL`$KUE1H9;5ZK$#BXURrfB`usxA~fkY#587{q*@kgXgYR zrnlj~SAJfpCQqB|+5he{D$iIAeJ=aao-vx1|DCTtYPFrmJ_$c9_T{w4b-Z318++b78*ff#@G)&))m>UDP9xL=0lN5C5%^MZeZePE&IZY{4kY z&uyrU9Xd_JCk$!;MkUu#I+6LJoJNUMa&Y0g+Y$kJfeE?Ux3$2n9L1(u)2v%8FvErp zhfa)~saBgGO&jA$d?oy?;!%eSBxU1zZbf`8FzOC!Xz+j8rg#mldK#H6IWGgLn^NP| z&Za!TuUCSW48bVO!@?T1HweznS!HElrqWA8W4gUPz5cxSpSH-cK_U<{5`74c^MP)Q zlv;Z5nl5O381jEaB7uHg*q!i8fZ2#0c0Wbw=r(_(v$O!saI|EsJ9iNTe33 zg+EiRI4^uPrj=*-lQTUa6iu5sx?4Zi{~ROoulMe(J+Z+CDN3Zpda%Efto>+t{Y70$ zs^2j#dKI+v#d+u=bJyX0-QJv~uCx4K0NoBE@k6%7FvK}w4?px!I-Mo}makZG76IXj z&jN+epsK196B8q&qvPY_kACx;-}~P83Me>>4$hMrGZ)?vK!3#N^RX=3+}s?AL?F;~ z42OjkkVW7G0QP8*8EE##H>FZyTU#5?^Xu2I_ac^+`V}v)Vi_xnp9g;s5X&-%V}VyV zq$1wSdokjRyC(Ma_0`wcUw{4eOL)Gtw6q|HJ(u-Qzcv;$s^`b8zra&I1B+8s!kjJ* zep!|)$|@|R9RNyf;I_ev63ftdZgAAdk;J%zF3oCrqew3MSmA>pWW06T_%CnZzmd(4 z8;~#Fg<NVzClunRw=L`VEcK_f(#d;aa|Y`RtkDOdEN!2Gk4A1?&hnh@0Zyn>%U+#L!4kx1nB z+i$=8vdil0>nkfNN;uBxblPmTMLKx4o7H1IU8%WlmuuZkHx3RS1OTi-H3ut7sZy6= zFChlqR+T1mc7r&9RuCjuUX_11l^@+U_`{5LfFKU@6I!h{ucb!IVZ#7}FbtcqYK84n z%^!R4$?aLnV}9l(W!0OWhWqZj@5E8iw9?Yjr@FiU@1IM4__tF&-x1{EleTCl!U#_o z1vN7?sH)2N_|VA6>pON_a_Oao9MOUeu%Pq<_JYVP00j|1GA;;gV`Eb)l?sQ$5NZL$ z9uWx9dM7A_2K3oZz2j}JRA-u;<2XYmby@Y7yQWUKhjTOjN|cm zG#VXvWk9Dh_qMh=9gY%?<5Op&4#9^NkRop0fV4PqqK~)+cI}F-2V8cZz+ae2_pc|H-5#fA9#n=YCVZ(EeJyQ zlTW^{p~36UysL&d)wkJVwcz>jV4eXWJdu=flU(O>IjpJ^L?ZF*v(N5)b@*lQ*X&?%j{;i4}}qg$@5{4@|2!_W>p(`>%fxoT=^ zKSf#?yJN``tLs`DztYxld*ferMekS&qgm&Ob@kGvOHcY}tX;eId*A);ZOzTEK48>% zPx0M#PCqiHpvLK}BV5!OI0S?zxTe;$oJj}A#zsd+fBE#&4?XnITqT#{=-^>=@Cd-h zNg~Elb8{yE^!E0${<89&~!JF2tE8#e|+wF2X9S(=xZbt~&Y_@Yn0&UT(~GF zU&Fs`Z}}(U6k_3`E!uGd;fX8&3z?$hPVKJ18>q!_QokW9^N> zfFKCHy}gM<5?Y@<;)n4Ouuze>-e%d?0HOA`pq_IN3Hel?4}8r$008g^LOl2c98~0B zsOFZNZ+5%g3__Kal_ebKa=A?Wvsf$^i-n@7>9$ix7}$jkxN#mP%baDF0mo@hxVKm= z*9C(=e)7rpyyrbGm&-x{qG2gVEGdJj4CE$_ajVsl%{mDExCYDsgUsiMc~B4l2!hba z?f=*;z4^k*<-9{d(JvnO-gj5t|IkAuyW(HAtWHl&wKdk9x^w@;$3OlAz?EP7+Tb^g z68ovT%@(E97Cv>G>W_;5+)o}G9RvU+31WX! zqyqrDySpK{9$5Y@$_MAt#DQJ_fKWRepS}_X0FVH91QG_MfS|BRmK6j++_fwC_P2XH z9**NUj&nGjW|@QufpCQ8sEc;i0U=?hY5FwJ1Zyt4?8-G)ywbnrhJU(lsTFb_$Z5px zQQN+uOv+0kf#>$lx>(}zF& z;fEi7xY%KKitOVb|M=j+gWvh*4yGM{*64I}FrUw0JUKZj zE6VSF|NDFIy?2&VbeawpC5yf_9Yg@}a4_hv_4&f#a6H}*f#%}@Gft3Y3{pR!6B;84 z0{~zZL>U8sKNLzPlXkm(y8AprCLJ^rL{C<0q{W5WX)tWqNrC{wIGult&30+cCH>o8 z(+mRu7z!#qu*9V=Ed!SWG6alUtyzjFk|8w+ASlX0oS4{}0fx)%URwFK1H1n5t&T6Y ze4;V@t#1(dTzOeZ_0sB8Dy3`MX*hj{-9D9By!Fn!sj7-GUL1!*jPUr_v99Zyre(6( zsdRdLVnP`kb0c?ibMsN?pt!(#Eewn_pdcn34!5K?je-=X`Y#Ofb<6YE$pg zN(mQ&g#ds7DIh5j3^i>EhbO0|^7*`OHj|uNBlwmm_f{eCBlWB}SM79W0W5qj(5;%L zo&Mjw`l_oZ{`998`uc*wpw|L2HoQn%%2MKxevq>eG{I;TW#p`B!q5Q-(q^;MG>Nln zE|)tVI5fZ@0l7)GjBxICek63+-A(TvKCpLWg3i0!>XTJC z@s@{lif*&>L1OK+oWaES#Kh#}qHFXJ5S|Df#28ObPAZDh|H_LGbv!cbW5v-y0FVb3 z<`+ev2HOUDT4Jp+Z(TD4TaMqi8Ei$#UR4%>_rr;-erCduqKt#S+E8=Lv#~#TKk^Y3 z<7_UcY1*;Y3qJQIkoV1QD)5=>iSP%B0uV0Vou}HyGxQnp4k3gpD=UA}{S&|6&oE4h zji{)wRbj1?%a1AKh|A(mYouOi# zzy2XV@xCjGtEv}o!_#E{(SOkoU$TvljS&RF*zM)z?)R6DE)Gi(BRmc|Xc&1-%Ve|Z zbb5SzJdLr_SyEeDdvrR8`M0VaEGBcUQLl9#H{W&F^KWjsZY2OfE}K1{0@=D@oIPRFy%S7E zw~!P$nlZB3>=_y6E3des@43DgUU*^Mx^dPBf^<5kW=NW(Yyd+^ zZET`)S?$M~ZoRwh-;mW(wdB30?!?!vTlc4R>vrwh_4KcP)%@Gvj_uv@!2ogF<;3+X zPjt_krY+`v9Lctim+fcY^MfBYogQX>ZZg8-xOvRl!5KRE>>vKn6%Nm(gQgYQEy?17 z_it)vvnLK<3dk}rCo^ALQa}*Um6u%kx4-@MrWEBBT&%Pta5!|AVBvEsA$-S^r1 z?%ThA|I@$vRogSq?Ek@wpSgi(y@Bu?uizb4RlBY)M%RyYzd2p5#lbl$5FY!arfFI( zpEs37Guf;Sk$(R?3M{5y^l*4Qrd#_2Jy5_TdsL1C#GeHGgXu7#zySa>v~@iE>G#&Y z?fR+7Nw>?D%jIaAHVorLGi7E1X|gQy`TY5IyPXA(;omdYG&eU_SD$&8Tvb&SNs-_F z_P6i3=bmyaUL4k;}d%%{HI)A!1*58ko1^P@M?#$aiFoK#0g zN5@X*AS_w3oMwKls6Sp8NI#w;bmaG(JA=IS(G0Qxi%zbbYZ6&RYQC zvAPq?G?{EBWBNsZ{_~$V{PRE0O9uyv`VPwC$wRn>;;5pE{SbWcr0-akaa~<)q`LY| zQFOUn9#v)RcC(1^#CM+93nWDz92#78hP-yCh!Fz7_v6N0wFG%axuLt1x7+P!$-rK5 z`Q=}H;DM^Ds`tI`eal_2A7#lm`o|N0AKU#ZmpkaU?%G~Cs@wT;ov&m+_(#`^FNoiJ zd-Ve(NzGp=c=&W`BMoGuN~+N^j&cVqPOk 0) + { + echo "You lost all your EXP for running from the fight.
    "; + require_once('globals_nonauth.php'); + $db->query( + "UPDATE `users` + SET `exp` = 0, `attacking` = 0 + WHERE `userid` = {$sessid}"); + $_SESSION['attacking'] = 0; + session_regenerate_id(true); + session_unset(); + session_destroy(); + die("Continue to login..."); + } +} +session_regenerate_id(true); +session_unset(); +session_destroy(); +$login_url = 'http://' . determine_game_urlbase() . '/login.php'; +header("Location: {$login_url}"); diff --git a/lucky.php b/lucky.php new file mode 100644 index 0000000..132ca30 --- /dev/null +++ b/lucky.php @@ -0,0 +1,89 @@ +Lucky Boxes

    "; +$box_cost = 1000; +$bc_format = money_formatter($box_cost); +if (isset($_GET['open']) && $_GET['open']) +{ + if ($ir['boxes_opened'] >= 5) + { + die( + "Sorry, you have already opened 5 boxes today. Come back tomorrow."); + } + if ($ir['money'] < $box_cost) + { + die( + "Sorry, it costs {$bc_format} to open a box. Come back when you have enough."); + } + $num = rand(1, 5); + $db->query( + "UPDATE `users` + SET `boxes_opened` = `boxes_opened` + 1, + `money` = `money` - {$box_cost} + WHERE `userid` = $userid"); + $ir['money'] -= 1000; + switch ($num) + { + case 1: + $tokens = rand(1, 5); + echo "First outcome here (gained {$tokens} crystals)"; + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` + {$tokens} + WHERE `userid` = {$userid}"); + break; + case 2: + $money = rand(330, 3300); + echo "Second outcome here (gained " . money_formatter($money) . ")"; + $db->query( + "UPDATE `users` + SET `money` = `money` + {$money} + WHERE `userid` = {$userid}"); + break; + case 3: + $stole = min(rand($ir['money'] / 10, $ir['money'] / 5), 5000); + echo "Third outcome here (lost " . money_formatter($stole) . ")"; + $db->query( + "UPDATE `users` + SET `money` = `money` - {$stole} + WHERE `userid` = {$userid}"); + break; + case 4: + echo "Fourth outcome here (nothing)"; + break; + case 5: + echo "Fifth outcome here (nothing)"; + break; + } + echo "
    + Open Another
    + Back to Town"; +} +else +{ + echo "A man comes up to you and whispers, \"I have magical boxes, I let you open one for {$bc_format}. You can open a maximum of 5 a day. Deal or no deal?
    + Okay, open one.
    + No thanks."; +} +$h->endpage(); diff --git a/macro1.php b/macro1.php new file mode 100644 index 0000000..86a2f25 --- /dev/null +++ b/macro1.php @@ -0,0 +1,63 @@ +endpage(); + exit; +} +if (!isset($_GET['refer']) || !is_string($_GET['refer'])) +{ + echo "Invalid usage."; + $h->endpage(); + exit; +} +unset($_SESSION['captcha']); +$chars = + "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!?\\/%^"; +$len = strlen($chars); +$_SESSION['captcha'] = ""; +for ($i = 0; $i < 6; $i++) +{ + $_SESSION['captcha'] .= $chars[rand(0, $len - 1)]; +} +$valid_csrf = request_csrf_code('validation'); +echo "

    Validation

    +Enter the text you see in the image into the box below. +
    "; +if (isset($_GET['code'])) +{ + echo "Invalid code or blank
    "; +} +$_GET['refer'] = + addslashes( + htmlentities(stripslashes($_GET['refer']), ENT_QUOTES, + 'ISO-8859-1')); +echo " +CAPTCHA - refresh if invisible
    +Text:
    + + +
    "; +$h->endpage(); diff --git a/macro2.php b/macro2.php new file mode 100644 index 0000000..ad76e32 --- /dev/null +++ b/macro2.php @@ -0,0 +1,62 @@ +query( + "UPDATE `users` + SET `verified` = 1 + WHERE `userid` = {$userid}"); +header("Location: {$dest_url}"); diff --git a/mailban.php b/mailban.php new file mode 100644 index 0000000..51efd28 --- /dev/null +++ b/mailban.php @@ -0,0 +1,110 @@ +> Go Home'; + die($h->endpage()); +} +$_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; +$_POST['reason'] = + (isset($_POST['reason']) + && ((strlen($_POST['reason']) > 3) + && (strlen($_POST['reason']) < 50))) + ? strip_tags(stripslashes($_POST['reason'])) : ''; +$_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; +if (!empty($_POST['user']) && !empty($_POST['reason']) + && !empty($_POST['days'])) +{ + if (!isset($_POST['verf']) + || !verify_csrf_code('mailban', stripslashes($_POST['verf']))) + { + echo '

    Error

    + This operation has been blocked for your security.
    + Please try again.
    + > Try Again'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $f_q = $db->fetch_row($q); + $db->free_result($q); + if ($f_q['user_level'] == 2) + { + echo 'You cannot mailban admins, please destaff them first. +
    > Go Back'; + die($h->endpage()); + } + $e_reason = $db->escape($_POST['reason']); + $re = + $db->query( + "UPDATE `users` + SET `mailban` = {$_POST['days']}, + `mb_reason` = '{$e_reason}' + WHERE `userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were banned from mail for {$_POST['days']} day(s) for the following reason: {$_POST['reason']}", + $c); + echo 'User was mail banned.
    + > Go Home'; +} +else +{ + $mb_csrf = request_csrf_code('mailban'); + $_GET['userid'] = + (isset($_GET['userid']) && is_numeric($_GET['userid'])) + ? abs(intval($_GET['userid'])) : -1; + echo " +

    Mail Banning User

    + The user will not be able to use the mail system for a set period of days. +
    +
    + User: " . user_dropdown(NULL, 'user', $_GET['userid']) + . " +
    + Days: +
    + Reason: +
    + + +
    + "; +} +$h->endpage(); diff --git a/mailbox.php b/mailbox.php new file mode 100644 index 0000000..a0b0455 --- /dev/null +++ b/mailbox.php @@ -0,0 +1,475 @@ +

    ! ERROR

    +You have been mail banned for {$ir['mailban']} days.
    +
    +Reason: {$ir['mb_reason']}"); +} +$_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; +echo " + + + + + + + + +
    InboxSent MessagesCompose MessageDelete All MessagesArchive MessagesMy Contacts

    "; +if (!isset($_GET['action'])) +{ + $_GET['action'] = 'inbox'; +} +switch ($_GET['action']) +{ +case 'inbox': + mail_inbox(); + break; +case 'outbox': + mail_outbox(); + break; +case 'compose': + mail_compose(); + break; +case 'delete': + mail_delete(); + break; +case 'send': + mail_send(); + break; +case 'delall': + mail_delall(); + break; +case 'delall2': + mail_delall2(); + break; +case 'archive': + mail_archive(); + break; +default: + mail_inbox(); + break; +} + +function mail_inbox() +{ + global $db, $ir, $c, $userid, $h; + print + << + + + + + +OUT; + $q = + $db->query( + "SELECT `m`.*, `userid`, `username` + FROM `mail` AS `m` + LEFT JOIN `users` AS `u` + ON `m`.`mail_from` = `u`.`userid` + WHERE `m`.`mail_to` = $userid + ORDER BY `mail_time` DESC + LIMIT 25"); + while ($r = $db->fetch_row($q)) + { + $sent = date('F j, Y, g:i:s a', $r['mail_time']); + echo " + + + + + + +EOF; + } + $db->free_result($q); + if ($ir['new_mail'] > 0) + { + $db->query( + "UPDATE `mail` + SET `mail_read` = 1 + WHERE `mail_to` = $userid"); + $db->query( + "UPDATE `users` + SET `new_mail` = 0 + WHERE `userid` = $userid"); + } + echo '
    FromSubject/Message
    "; + if ($r['userid']) + { + echo "{$r['username']} [{$r['userid']}]"; + } + else + { + echo "SYSTEM"; + } + $fm = urlencode($r['mail_text']); + print + << + {$r['mail_subject']}
    + Sent at: {$sent}
    + Reply +
    + Delete +
    + Report +     		{$r['mail_text']}
    '; +} + +function mail_outbox() +{ + global $db, $ir, $c, $userid, $h; + echo "Only the last 25 messages you have sent are visible.
    + + + + + "; + $q = + $db->query( + "SELECT `m`.*, `userid`, `username` + FROM `mail` AS `m` + LEFT JOIN `users` AS `u` + ON `m`.`mail_to` = `u`.`userid` + WHERE `m`.`mail_from` = $userid + ORDER BY `mail_time` DESC + LIMIT 25"); + while ($r = $db->fetch_row($q)) + { + $sent = date('F j, Y, g:i:s a', $r['mail_time']); + echo " + + + + + + + "; + } + $db->free_result($q); +} + +function mail_compose() +{ + global $db, $ir, $c, $userid, $h; + echo " + +
    ToSubject/Message
    + {$r['username']} + [{$r['userid']}] + {$r['mail_subject']}
    Sent at: $sent{$r['mail_text']}
    + + + + + + + + + + + + + + + + + + + +
    Contact to send to:"; + $q = + $db->query( + "SELECT `c`.*, `username` + FROM `contactlist` AS `c` + INNER JOIN `users` AS `u` + ON `c`.`cl_ADDED` = `u`.`userid` + WHERE `c`.`cl_ADDER` = {$userid} + ORDER BY u.`username` ASC"); + if ($db->num_rows($q) == 0) + { + echo "You have no contacts!"; + } + else + { + echo ""; + } + $db->free_result($q); + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + $user_exists = false; + if ($_GET['ID']) + { + $un_query = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); + if ($db->num_rows($un_query) > 0) + { + $user_exists = true; + $user = $db->fetch_single($un_query); + } + else + { + $user = ''; + } + $db->free_result($un_query); + } + else + { + $user = ''; + } + $esc_user = addslashes($user); + echo "
    + OR + Enter a username to send to: +
    Subject:
    Message:
    + +
    "; + if ($user_exists) + { + echo "
    + + + + "; + $q = + $db->query( + "SELECT `mail_time`, `mail_text`, `mail_from` + FROM `mail` + WHERE (`mail_from` = $userid + AND `mail_to` = {$_GET['ID']}) + OR (`mail_to` = $userid + AND `mail_from` = {$_GET['ID']}) + ORDER BY `mail_time` DESC + LIMIT 5"); + while ($r = $db->fetch_row($q)) + { + $sender = + ($_GET['ID'] == $r['mail_from']) ? $user : $ir['username']; + $sent = date('F j, Y, g:i:s a', $r['mail_time']); + echo " + + + "; + } + $db->free_result($q); + echo "
    Your last 5 mails to/from this person:
    $sent{$sender} wrote: {$r['mail_text']}
    "; + } +} + +function mail_send() +{ + global $db, $ir, $c, $userid, $h; + $subj = + $db->escape( + str_replace("\n", "
    ", + strip_tags(stripslashes($_POST['subject'])))); + $msg = + $db->escape( + str_replace("\n", "
    ", + strip_tags(stripslashes($_POST['message'])))); + if (empty($subj) || empty($msg)) + { + echo ' + You must enter a message and subject.
    + > Go Back + '; + die($h->endpage()); + } + elseif ((strlen($msg) > 250) || (strlen($subj) > 50)) + { + echo ' + Messages/Subjects are limited to 250/50 characters per time.
    + > Go Back + '; + die($h->endpage()); + } + $_POST['user1'] = + (isset($_POST['user1']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['user1']) + && ((strlen($_POST['user1']) < 32) + && (strlen($_POST['user1']) >= 3))) + ? $_POST['user1'] : ''; + $_POST['user2'] = + (isset($_POST['user2']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['user2']) + && ((strlen($_POST['user2']) < 32) + && (strlen($_POST['user2']) >= 3))) + ? $_POST['user2'] : ''; + if ($_POST['user1'] && $_POST['user2']) + { + echo " + Please do not select a contact AND enter a username, only do one. +
    + > Back + "; + die($h->endpage()); + } + if (empty($_POST['user1']) && empty($_POST['user2'])) + { + echo "You must select a contact or enter a username.
    + > Back"; + die($h->endpage()); + } + $sendto = ($_POST['user1']) ? $_POST['user1'] : $_POST['user2']; + $q = + $db->query( + "SELECT `userid` + FROM `users` + WHERE `username` = '{$sendto}'"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "You cannot send mail to nonexistant users.
    +> Back"; + die($h->endpage()); + } + $to = $db->fetch_single($q); + $db->free_result($q); + $db->query( + "INSERT INTO `mail` + VALUES (NULL, 0, $userid, $to, " . time() . ", '$subj', '$msg')"); + $db->query( + "UPDATE `users` + SET `new_mail` = `new_mail` + 1 + WHERE `userid` = {$to}"); + echo "Message sent.
    + > Back"; +} + +function mail_delete() +{ + global $db, $ir, $c, $userid, $h; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + if (empty($_GET['ID'])) + { + echo 'Invalid ID.
    > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT COUNT(`mail_id`) + FROM `mail` + WHERE `mail_id` = {$_GET['ID']} + AND `mail_to` = {$userid}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid ID. +
    > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "DELETE FROM `mail` + WHERE `mail_id` = {$_GET['ID']} + AND `mail_to` = $userid"); + echo "Message deleted.
    + > Back"; +} + +function mail_delall() +{ + global $ir, $c, $userid, $h; + $delall_verf = request_csrf_code('mailbox_delall'); + echo " + This will delete all the messages in your inbox. +
    + There is NO undo, so be sure. +
    + > Yes, delete all messages +
    + > No, go back + "; +} + +function mail_delall2() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_GET['verf']) + || !verify_csrf_code('mailbox_delall', stripslashes($_GET['verf']))) + { + echo '

    Error

    + This action has been blocked for your security.
    + You should submit this action fast, + to ensure that it is really you doing it.
    + > Try Again'; + $h->endpage(); + exit; + } + $m_c = + $db->query( + "SELECT COUNT(`mail_id`) + FROM `mail` + WHERE `mail_to` = {$userid}"); + if ($db->fetch_single($m_c) == 0) + { + echo 'You have no mails to delete. +
    > Go Back'; + } + else + { + $db->query( + "DELETE FROM `mail` + WHERE `mail_to` = $userid"); + echo " + All " . $db->affected_rows() + . " mails in your inbox were deleted.
    + > Go Back + "; + } + $db->free_result($m_c); +} + +function mail_archive() +{ + global $ir, $c, $userid, $h; + echo "This tool will download an archive of all your messages.
    + > Download Inbox
    + > Download Outbox"; +} +$h->endpage(); diff --git a/mainmenu.php b/mainmenu.php new file mode 100644 index 0000000..dda64b8 --- /dev/null +++ b/mainmenu.php @@ -0,0 +1,132 @@ +Hospital ($hc)
    + Inventory
    + "; +} +elseif ($ir['jail']) +{ + echo "Jail ($jc)
    "; +} +else +{ + echo "Home
    + Inventory
    "; +} +echo ($ec > 0) + ? 'Events (' . $ec + . ')
    ' : 'Events (0)
    '; +echo ($mc > 0) + ? 'Mailbox (' . $mc + . ')
    ' : 'Mailbox (0)
    '; +if ($ir['jail'] and !$ir['hospital']) +{ + echo " + Jail Gym
    + Hospital ($hc)
    + "; +} +else if (!$ir['hospital']) +{ + echo " + Explore
    + Gym
    + Crimes
    + Your Job
    + Local School
    + Hospital ($hc)
    + Jail ($jc)
    + "; +} +else +{ + echo "Jail ($jc)
    "; +} +echo "Forums
    "; +echo ($ir['new_announcements']) + ? 'Announcements (' + . $ir['new_announcements'] . ')
    ' + : 'Announcements (0)
    '; +echo " +Newspaper
    +Search
    + "; +if (!$ir['jail'] && $ir['gang']) +{ + echo "Your Gang
    "; +} +if ($ir['user_level'] > 1) +{ + echo " +
    + Staff Panel
    +
    + Staff Online:
    + "; + $online_cutoff = time() - 900; + $q = + $db->query( + "SELECT `userid`, `username`, `laston` + FROM `users` + WHERE `laston` > ({$online_cutoff}) + AND `user_level` > 1 + ORDER BY `userid` ASC"); + while ($r = $db->fetch_row($q)) + { + echo '' . $r['username'] + . ' (' . DateTime_Parse($r['laston']) . ')
    '; + } + $db->free_result($q); +} +if ($ir['donatordays']) +{ + echo " +
    + Donators Only
    + Friends List
    + Black List + "; +} +echo " +
    +Preferences
    +Player Report
    +Help Tutorial
    +Game Rules
    +My Profile
    +Logout

    +Time is now
    +" . date('F j, Y') . "
    " . date('g:i:s a'); diff --git a/mcc_splash_2.png b/mcc_splash_2.png new file mode 100644 index 0000000000000000000000000000000000000000..3bba57f462572271a1eec6c2787348157ca87b0b GIT binary patch literal 13819 zcmZ{KQ*b5>uFVkzB?U2S;LQQBh(?X9o+QtvLYTxs|8tp_THADX{-)j-(;7ao3b#8w4OFtA(CG)-Fa) z1{jATqY90NMZ#*JW1!?psgDG&!b;^u{wbvHuoRAt)QM5oOL>iFSLNS6|&CV)5za6pQB1_zR;0+?V_n?MIlU;`Ref1AMqQUL&4 zFJBQ-Ks5s3>PcDv05?vZy7=L4~>jM(RN-^q>PnfWlfKQbzEB zdXPZvHWo?Hz+MP|d%RX6l8_M~FiV7f20+XO3J@hkn*}4511n@&>OZJ5bPVf|0s#z6 zr_E-_F0rC_q%GijJlq}pA^9_8+azL)MT2Ysb4;3>kwbaTAbP5K8+TC+uS*j3Xt6IfA_?Kf&-8h=5MzQPfpgr9LGT#-TG~+bOBo$0IU5s zeb#N5LLJxz@3$B)u1_Jt{34|ZJ_3ALIJj#HlcHXxqZol7)Q?ca6paB4}!XVm4VJP@P^x6T$+(Ck#0W45sNHHOJ z@&P_%5y;~}eApuFbYUE|0iF%;)lkjVw*+W7DE2Ow&IFK*>g8n zfM0aHY2YF=qDAbcv0iM1xKWfAF6B6;>4_G*MgqGjfflDb2Hrrv@hvntXiOm56|_Mp z@{nzCVxpv$oR(-M#T8i#Y8SL7Oh_p65EW@krD6+(H|pDnrwLC}qLxH0sweoCL{t9$;Bu{~kv|XXQ(l6DB zDl|5?Y>L?&Ows95hLY8VY@j9Z)#}%UYZuIJ2%&h!LdKHKIn>43MaYu}JVH1^$hedV zHI5CA4^9PkJI=2xxpIi*jI0SYrgav)EXz!!Ob2x>+80`1jHD^lG@dk#H2<`-YBhBi zb-`7yYB;qTb)*^t4Zm^;_1{WIRWK`fKcw^>Zp7DhW#S%7!In!U0>o~W(xB9kBuAQ$juP?W5-5m3T z^62xPdF*&z-C(*nx|F-Zy0+cs{|YRdUV2@?JWo9%UhFPPKHEK&JY)U6UAtW*;$&ij z=19b`W#%%yn@Kc1x5)%{EZ&74R-#N>btR2hl`Kk^P<2q=L|7iNdtwP#)H>js)UxfF z@7VAen*dq1OGipakNaq5Q*E*>x)xiOU1w${=yz&2YA3JaxmR;-@{Rj8d$vF0!pg*R zM`dC-V#d?A(tW2P(&f`%Ycn+jG`uvPHP&mT*YqywFYVSeZI$pebKrA$a;DoV>vHNw z+;i;q(f^<)&@9nBtJ-fdUwvM|US(fFUUR<~zfio`z04EL;G+_(@w)Q*I=i~fxZ67R zT$UcP4Ofj+4PR(l;#n5CJRhZ3P0VwYW;DVIm)ZZsTg`pJo{zfZlG=O(MzcKJC`zl zjmd6edqnr3ciP8@M}Xh_eeMEGU`znCz`G!#ue^_RpTCdHf6YJ3AL=vzgZF*ZNh&YID$Y1aR7$Wd62--x>DGmcz4|s2; ztUH$U*^3xc(0Ld-c<)RzlyZb?DDmO*(EG^#4&`rh7c*_pkq45tksU-poGh$2KXe*e zmTJbo$}Os{POh)?YqiJPAC|rG_X$<8oxI!DZO-nNwbr&Owx(A(9f2Ly9YLNE|HSVz zP+if;VXmW&M>a}cwAr;2eYwIiQ8Sta zPeO=Alzw3=o>bV&6QDhW=7cGV_Z7z#D>t=w$nYhf=4qt8aP9K?iN0HfD@wSHvBD^- z(0L`{BzKZM%4>+N?bXh2I&Cs=r{<>SmZ%^A(_84)ncAt_6)ouKQV@>4PVJ`fQX-~a zkICL#9=9=U!{ioAT2$(l5HaO`RnmFtV(WT#NcBqTtg!A|eE)qTgA2y=?M-Y{>S+AE z(c!6me?ZzV-i=8Xql)Fh$gHo@W#$RITk@N>nr=@2Qu?E%qW)m*wet|K60%fQCQ28q z$(B}?Iyr4$|D@Atiea2)rhaRkv8t;PK#P@TSnF6@S^uw5qT}?Brh?(B@3WWP*4Ca( z`_%QN)Me?VeeJ7ue}hb~weadf_#HwW-hJE&o}r!0o@h4e%k0!F7`rk1weCz? z?e;?vN6CwKUV#3z##dcUd*3GI)>{9rhtDHo2muD~-fiktPb;0LrcJN7-?RPFP4I34 zt_faO|Ed3Ohopz%XnulEnGe*9`0b^&tAp)MLw|oWjGYQc9HA7C<4I1S!&c69wnwX@ z4lUx4@W~+6ez~vDkVlo#C+Prq9&Ly27>e^Kx4d2C4@fdPSJ zU;B^$E%TA7+c*V9!S%UsukK+^RtI0M+yKEhQJ-?*C-rKP&ymouaUHlG;uIGR5FV|Qeus3o$`rZki4WE5mUw@(Ak^Tm> zd^ed7*d6>c8Zeq4)<(KTgo()iPW@SqI9!sPkz6H{Ad5@LBO<~>!0ml7n@c&YXs$q; zpYqrE@w#-WIotpG^C3I0^|^5e_ZBnXU+-1*=zLpK)xa}OHcr$t=f!_t{#iG-?RVR8 z+qFO5OO!?ZDfF%MxcF{5Ua_F~Dsble{rT%P^znmYsetuAwFz!1EH4ZIG{yUVD5w0_ z6Prq@$O8c06aYYA2mtW*^B-RT0B%eGz+WQ(fF~0Gz;Z}79F+h7=&+^5gw;H^uJo1D z>3HqQy#Jb^ZA$btkI=u964_-)fu>e}%*hFu6mU=a?b_>>sYsIpf+K%E3;y*8Gz7d{ zUa~?ItXmrU85D#)d--9mo&7IrYyI!||6cYQ#uk1YUbKGSeEs_NsSp17e0|twviLUi z75I@R%KTaOUC;Q?5Ig8)!R`t0e3#j|)%lT;wd-Q);%tof6eLKT&+m(OCU}J?e^sTj z&tCZCekbh3d5!3gm>s_i+-?=-q_TUMB>E-b|AP?%P5Q;Q`{&_y{kGqr;QJl+Nf8`0 zaoWbl-oVbhYO=UfQjZbpqWl=;@tLZ{<>{;9jd|inDxfk3_5Pb-UvqZgIJG^(^2A6Ik+|-@8um-Z#^8 z`hYMIp#CZ@CMa?95$)Rax(l-WwS>@Z&uOObd;#jz(8e}w?!Kl<^O|(Znn2mMy``(tj zS$53ev_h_n{CZ)n{A4iTrMmo%ZizcXDYj*^JGP;+4(Zf{F^`jYdXA>%r6#8p`Fhh~ z^Tv0&MvH6~o9L673CS*(lJqG6WZxg3sm>pBH1PoW$C{PPLorjeABNoz=RbxUnCUJ4 zL7-E(N?(=`N+eSA4IwE|)qJJ(1)-8`$N?5L)nf#%p=U>!^B~;GSFn5MF>a8V>>Mf+ z`pn20eB?N3We#9Jq~JX;AL9s@2nECMkY3hxpcwv0_*rGn(UgkMW{d8kSZ!`_>EZ1P zQKXPwvT{(?J7@Ms(I^LqNC9|UU>uqq^XzNe z;|$e~M8US3cWL>W>814Jjb1dU_G!fqVGM&Sy~%9jaf9qiWK;ME1G#y}Pgngvf_hv; zUx|H+m7o490!-KQiLGV%cFl> z#b3^Hyh3fs-z?VoQFlgvoeE13d=8(9i9)RLPw4-0c{r?pO{;3Ohv1|ZMQ~=s>TufW zDTmlH-Br9SixO5W< zFMunOt~w-SfwB59V`U2x;^OT^g%5A!79)cjf2OxkYW>Cu%jG&IQuQBjs88h3kTwj# zz1w&6m2j<$dBuy&_`DZbQ)(C&K;tYErC+L+fA4CA={KLca}bEQ#YbbWzpMpV(--s+ z1hWu3=tMD@n@l>o&_rd6`N?2XWFQW%zZN^v$2P0b#LC3%Utq7!x%7anK1h`ul+8r= znjm2%s}QbSK9hB^8#*s$=P^`AG!Kv@NbRjEtMHXGr?pT7WG?|KiE=X2<;-2FxrY@h zhZU|yI7{=hRLO&z{nR9rGygF%Li@xK*x-pGlp5fx?W!eZjZal4QHWYnj2lox9$$#Z ziEZOnkBiTv(RswrSgFV66A;^F!iHi;91EY5&vzkEs}XOgF2@Hqmr_w!8uwd#(4ar0 z#UFEOPEGv?X|IYsONzs4y$xnQj(7vjyesjq@=I>rrLI+^qxFa(hlE6$@-~7_`MCuw zq$eBf0?iXv(VWjLqaQmsClSW2fJiPbADy)yS)FG2;T4D6Q*}INQwh)3nW|cMP!HAm z8eIrs0e3-{l7^^Z_nX*n!v*6Flmp6|9}P#}I0uO#1jdnEX3w!%`hQ3v-BZSveIw1{ z`ZM>autwgv1K#xwp<<))sVU%(0_CvULqi}eYD6Mw=pRdUdRxz?Esfc>s>aKQZ0JP4 zB}*N*>j~BD>Sh%epplpyKF-aRUtf|YWcIzXk0 z@y#4rz*+kfT@wi2Lbo-&Ris0{&C@_|vr?Kz2_puj@`}ek{IKZ{DOG}F9l?Fnh28SB zVaIs6mnqRut@g1Dgy%4QdMUx>RoNTiqz^EZ!z3=z>RWN)C-*`5B`G$c%4y`brf5tt zM<)=MOWp>ce>7Rvg}G=`>=OJr?E0(xY5FXl%BH{y z$O2hF7Kcr4#etkfpw%X^LTpB*qEtT?h!+H30Sd*9W^=feeiDULLT(FkQxRsx^mv(L z8=%9W0aqMk;pkWD&oT* zHMo^x_FNTlTj&fB!lOl+M0T7>TRM;*xnjn|`fge;dMGb(UBfYeY)CpjecY*za;==6E~bO0XWt zgfLJ%J%$1t{Ufx%hjY(4ap?P#`ZvFb)SgND`-!C>;QfVxtx#~MxT%C;#D)Sh3z5to z1(L9d90AWilzmON!RS{(?HGJwdRnU62lcvKx@it3vy9+;EcQkkVxE=DKbhspU5J#@ z_2YDC;{9q&W2UeTZe;WY@QVlL!{XG)Qi~35%g{!;hAd(81^sGlg}Q+|Uqdix>L)~V zCrJVhBd$$eP4f1koy3*M2{qR+twWMJ zvptM-67yCZuc7W*Bz5y`m-bX+Kzw}diBMa*xS~+;-}Z$xgV2~%U5HAh7G!FYj=_*9745UsYMcFmme)SM>_13_lU~(qJ+{Ko|a^Hs(Y7Fq#LXVY~HD zdVCT#cnSO&e4v+Kl`pMD55}1~(E5eboGj;k9(zh2OEXdjWq(hoWbkiU(*^k&bm5?^ z`Sy;c9h>>4!Tl`Gt+FE$t7Q~v>y`lzmW$Ra_7}aD&^o*qqrju_#1rI9-`fk z76^gaQ()z{)-B$SJw-eYl^)k$0l!?<+7c#;W6HsQJrBBmHdZi>j*;i(yh>F<;lQ@$ zhAp1#R}P`hAOhRK@zsU!hngJm{#o|tK^6*aH0DG}qIjEOV#p{qC8oXM#uyQmO_Y%s zSOI_09_>|+XMaOnC|klttmSn<(iHHf!D9~^CQ&gC9wRTkm83A%?5`E-%-uLhVTk=Y zy)cZhj4InLp!^9sY~Tw!(|R;m?|;tRsA`9DJp0-=1Vb4su!*G#82OU?^m-?#{U>0l zbRhR}#|%-PJN6L~Kj5zi4wh`cNb56zaFSMS!FwFtKChKRB2wyvIDZl7M z(7gbwa!bQl(3xuilo+g6>0m@fjoz+LSf3>nn0Oh0v3r3PgiuC)fNQA5e|4~ zA(c4%=xPL(T;i0bA;EL&!q}U;U}m?IeW4<&wTrJ@Mj5xX2;B^(oB3G&l=Zhs$ z>J5l}^>r!~O}a&@$70K;R2FPKuyT`Hew_286$4|we1HA84ORAEmgtc>(j!Q8^@GWk9?<% z(5DH3c*;s2YW#!PmjXj+q{Z218$0;5$z$HXFM=B_4x|w{FN|@HC`K0hTS8{=ky;!H zKy@r}J46!G-{q{wZSC}~EWL0H7fkF2gDw;?KL$i_3R4-=<+)kvgW_Y!D8Sn}>c~T+ zy(~#Ij7~zbopY`^jGu%O^dAa{>#$eo%6MBfan|JZ3$ZIXOg#$UonwGVBPbIp{6T&A zx7A0^w#7QDF;!^h6}RO=*Rn~z!UliCEBV-RudntnOe?jfbRoPDQM6uj%6(ew$CX`t zzDubADV^NYlY~@o2z0uEH#;sd!*sAdgf^)6RCK_MH`qDq(sggjC(WD9c)CtfSd2X zcB6LXD+@3Jgio1n3G(#7(WG4Ezag_IrI-S8y5;*Q?4GV=0=_1ndTF>{Mb#Wz@Kip> z^;w`fXkUe(Cwyfs>O9+|ViR~ZpHD9L12ounZ4ge$25yN1 zP!SS+k$VYE7T%d*_%sZLnf275tisj@QNVLUr?jJaV*YR6oj>qEab>v_A`8_-*|*aF;pTQMiz7UClwWe2+E;yW8LwyJj;EoQgXaA$oc^ zw#5Y7m!qgPGEUD##?teb(hBYb6#sKJuL&}VS;!rJ zjoQhgKt!%N_=C4oPu`AVNp7!UH&VHfnf zhOm*MA`iJ%a0PtR*8eJ_781f$;uAN{F<`E~?kri&-nx+I%;6Y&phde)iu3gAWx*vW zd<6>WuGS;<7%bQrZS&|WXN;-GWaoUZ$^Wt7ZVm;E{0EJ`0b-1qIhJYsaS<&!qwe}V@ zv+MT}$mW6Ew%D%s?A7Z1p!^$?4iyq5v8zbSNqtH^R*lV6987f{p(1>%RfSqT|Iye4 zw>4Jxio*h4mfM;J; z6H2;`>I2Yb|C+WrSWHpwrHuyV-&9m#6P--pMbt}x_rH$|-<}M-HdV!`^X>nz**E9Q z8o9|p;6_Rck*cBehGVf<+dkv1V$_Y7 zI(tKjtQq)i;dF*SB+y9o4&D6rxWp?-xKo%!;4QW3ddn&ex;U<~ zigx4Kg%XCK#%h;8=QigMzfbqQ4p<;1i&DUD3H!g2)~i=VAI;V#`%!8gW0(YA$NVyb zzg?pZQa&(rp_~dDlgGOMkT@1J30IS+6AbhF3Vf2BCyfESAliydS#4dEJEU6h(mTS$ z=L}AMPv|2lR4<4_1Aa?R6#OF@b=AQOFZ91Sv18aC-I-NDAy6ul9rX*JD?PVUutzp7 zeJJS+rSo0V{AA7c$VKpJ;u(H=R{_3b`}mM`FtVNZY0J*!g-JX|1E6}uo$=$J+A!VN zhZDRRWQFHc*6`}j*;w?8-VsxAk07r1;+TfFo3h75o07;Jb7PW;q}|;sXIgr-E|@nq zzAG5Up~g#DehG&z>x|mkshI1A6Jr)>)krIk3qF?=hsN?hrN)TI%s{Sb_hvCD?&p}K zZwzc=y8#ex_@gJL%@R??bc@yg+=N{6BlI5B@Lvjdy0bqanc??!g|*XqjJc#N8H-$1 zVGnc3(=$PLTnzXnEQmfSAA)&ZGHS1nu?K#B6px%wkr*bx3THjt*Orym@>=U!@188a zqR}O>mqWL&hLQSxBX6k^u+eq#7B^r=BF!lujTy<+6y&jh-fL-~&wY9=8<@vysG2Xf z!Vz#VhLo?ZfaITAKWYf#nbatftFg@>!k9>Su;+-b5^NOV`f|4c<*}7RfTvtnSa~7` z*rB#2CLM;O<>dwO%+4Oj%m$G&lbSHlYB0+mJi5awNmY%g5FSW%`thueOt5qfX~I+- z4d!OG7COfo{pr{COJzX>7`6#StQ*+zR8c5*s#)lz^A3IWm>h3I1CWsmf~?jL_9=s( z`sS+~JuQ5>noeZ)P~0lp!6qW4t>s%CHJuZ6+aZJLjAg8G{OmHJr)**5o1k?q|^5AbH0`>y@BvE^1?VBhm#PsM7;jzg(Pn*s2{R!5CTHbLs zU>y3UX!G$~bm2n`)C{htrAjPJt1Jjq8+w~~Z)NJDL7`-vRcZCWVH?n;vAWf1B~eLGh;>_pqE zo7`worFj|ZDwS^Q63pY&sqt{krKJ3-%5sWoGwvLo8}*{CB}oSB(RiEeLAKS})zm|H zyJ$U3c2M^^7|iBq5-`z0!5l60lqay@HAXx#+%$&j{8b%zTs>Etd7?EW1syHmEL9CZ zjDASAp7W;Z-QTB(9(>>uN(>Qg_+}G&#Tg7R2$S)CBvDCGbC(!{e**n_lJNe}%AD2o zLAhKiAzIcK!{!s)HeJ(sF1fT4D)IDMTQBLd1Nba`b>OUQ15c>t+V_u^nhW`yJ{s5l zqS$*+%&1hHy-%m7AHAD-#Wg zvY?#dO!##B#}JU#GZ4I6prT}FyMYP5+;2%lxv*~lrwngIWuW4L~Pl?a#o z6H5l~7w_IYQajox$oL-E35Q7)!OH#J-?_TMez|Tan`54nbXdM60@zYfbkjsj`7g86 zpB*-~E7e;*T{Y7ZtzwSH!`!I+SOY!jBLRdmAo|vv7z4@NtHSOXLkvC}LuScp31WSi zbfgcAi^`YcLn$LzmLs9>;x)ior)h~AT^WktQ~xSmRI7*QSEWU3ovb3>l8pZIU>!X@ zZuXQ%#j%#>FMWmefek-S68>;p0j~_H9UZIzv^OO_90EUm&6RwjNS(|{F4G4%p!^RD z+ibu{z^6w5^=wI_pYXRCR=N>qzW}M%=a7=|GZqmLGRl(3GoOE?{|5rfWn<82NSVlQ zem&M{oH{3#;n9sN$qTfc+e(|rBxUX;|1&0Sbh(9ZP^u!)K7?;PghS;6a)6ad_WE&{ zn zv{!!TyaOHLd8u8s+NP6u9;5$e&P54^(9KwWtl-@bq*llelI-HCAaI?$v8w*7+ZNm* z$ZmN&)#I$nsH!Er?2}%>Z_dYWi+c&KxJJwYDJTs8SmI?)CwpAbH?I5wIyb)kv1TY; z72G%YG`{ENPvryCCjDB=Um z=~iq!#SU%+ynoWoy3cDIei|aBw?vt|ulbG%6^RY+Ye^TQyh2@#l5KaEuG4D7=ngbO z-DCixt}!j2EjB{K;z?*7@{1MukC|qBTtfw<#W>Oh{m@QPCPWvFt0H*9N9>uGAGQZ={mp)s#MJ-OdUXNethC%rwVWm&uHG-@y2i z8Pms9;dVehwg8%wSvQA^8BsT}#f857gj#IDUjaRAs_P^) zU-4JF+}>?N%HFP1R1JsngO{0olbZP^gS;$__+-rb&w2lVLhuWk7b*)hF*;l6!>Q(i z%v`6iEd11nXivWrxPUjcBl!8G0tp@AAdY{;u!aNyKNOS_7E1GTdct9~!!0D(F}N%4Bp8UxiVeM#UK*hC!XG)jfh1P|e2%BL8q5;N~^m7=T+#Ie< z8a{*)Won|@>@wk4a`7Ja6>0Y6$+cm;W+PTIJlMS$$i}|)b-q(6 zd?)E#@-c8)k_%<{Viyo!9zk4a^4gSEf`u$1{Z)B1t0*bMK!ILUfIc@U*`X)REap+P zSb4LAPpDGe#HxitnGQ(>)0`==CC1NO<)7%TvUl7N3qT6<;pX7uF+h3Wj36uKF~u>3 zbB1OHJ;NBF-Ho!$13Bo4W_o>l9t<^Qd6~_l(Jqn{_O}!mz1LJ78^bXW@qAf<-Db8L z)+Ka3ryD4OaHp`(kt*OjxxIS$oa6twm!=LkzOC*rZ*~*F0BuY*la&;^J#`@(be!Zj~A8q>3=r<0e84#Q;Y~4I&9HT~+0er{Zx=eHSXQNYU zXH$O7a0Fi4+IGf(QTu&QTtQ+N znJS|)F{3PB+#@wz`h+!YuT!r9#t^Y*QHSJ+o_}(nLXkQ+ayE1t_vQK1 z2-sUJlB%#Ee8c8+pF3?Auz&^I8O3v8H2hyu*<$kw;$Q0pC#Eq_nfs)BwiE%OiW#6DUvV{aQUvr!*0X1J2i@6i-%Ui>3pPA^hm=TJ6jX!AOL zz^H~s^PfPUs_a;M5Y~L~hO}xt|4o3{+iJv?67#o+=7WY=>9cwK|)Gl0y@D6*eoGlb>HDHEF~cRcC0;>Q#3({zQ9@1Pi^Qc)cMD^~zVO#x}T} z^^%O*L2%nUL&m_t6^e~82-hE+oh8b+2b)^enY7%oo?`X=gt!gziMDiNTdJ1}UyIur)@LI@_M^Y1_R~gtJio9AbUhrfIY#X?CJl;~i0hEi z9f{JunW)Tjd;MUYH2P7P{fAHyr6k#BLMczF^Qn(LB5&*LhI=xJIw8tLVaUgFa!VWW z@iSSKF6_eZT=kGvof64X(eYr$n}c^n_Eyol*2~u{p%R50;vuCJTTm2z>g(v)6u>3#hoXcx$!sI1i9}my+^a1uYgbQ4k4nan)gA7rNzIw%jL67 z-y*hOkDWibgD}vIb1;TD(N1J-`c?UCsNVF$Cla^py+1IiZaR#g*H4e7Fl2dYQe0pl z@oC>0cAuBy(Sn}ankTMV6AF3x%mJO&_8xPiY?+5^&HUe^60bU6_D$LeCfIDx zy7X>dBwXpKk>>gKB+{M9H+fQfktR3Rt`*8sCcbNC2&-H)!;G7b+%)5e5o73F&h6TV=3)X)(wz_a?RY1jA++ zt;o}(2SbPIj&eO2;yBbE+B9I{5eFpEE76o?Tv~r$W`0idMzpY8cTh(^cawvQq+qq8 zdW0`l&Ym}Sv}jQlx!#WMj`p=SZngMLAF#Av7>~rKw8OJ0G@&T6-H{E;Xy+Z~V8-YF z;gc>OAIZX;_Zn%={|$Q6cte%M-{#t#=MwAjVxtMD$R*@rEIEir&?hP zu6SSm8@!lEL0_7UBmjQbt$aLot~Tuczoif+E`$cJnVgN%*N8Oo@H$;cYFDV&ab zpoi5=g^1wB=vi@@v!Z(3g;fXXgT=aQ<_E2Jrn)Yq1BUJcIqsQyo~V{Vs7m)o4-Yl( zdz!^OZmLte6RwHjL*T_HO|En=HezJWCZZmcLs#eaKQA4YZ`TRWd?Nd24@K_0rn{RL z9bj>_Ci`H_V2ds574Ro7&>wA)i6E>f58Z5Hxd{$uoH8HBCw3h`#G191&$?C~ina{x z4O_xT8Qn!DF?GK`oQaTk|StUF&(j zU@f^xBHe22ta-O+P(qwYxO1CQrD-Rz-c>8X@b}X>m1KHZ zjU250zWe@nS#=5eNLRT3$(?Zm!EIcY=$()n6rE?3LMOzhn!G53TscV-s=cKf3}!TRSg+U)$Ri_MbX}r#ZvA + Where would you like to travel today? +
    + '; + $q = + $db->query( + "SELECT `cityid`, `cityname`, `citydesc`, `cityminlevel` + FROM `cities` + WHERE `cityid` != {$ir['location']} + AND `cityminlevel` <= {$ir['level']}"); + echo " + + + + + + + + "; + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + "; + } + echo '
    NameDescriptionMin Level 
    {$r['cityname']}{$r['citydesc']}{$r['cityminlevel']}Go
    '; + $db->free_result($q); +} +else +{ + if ($ir['money'] < $cost_of_travel) + { + echo 'You don\'t have enough money.'; + } + elseif ($ir['location'] == $_GET['to']) + { + echo 'You are already here.'; + } + else + { + $q = + $db->query( + "SELECT `cityname` + FROM `cities` + WHERE `cityid` = {$_GET['to']} + AND `cityminlevel` <= {$ir['level']}"); + if (!$db->num_rows($q)) + { + echo 'Error, this city either does not exist or you cannot go there.'; + } + else + { + $db->query( + "UPDATE `users` + SET `money` = `money` - $cost_of_travel, + `location` = {$_GET['to']} + WHERE `userid` = $userid"); + $cityName = $db->fetch_single($q); + echo 'Congratulations, you paid ' + . money_formatter($cost_of_travel) . ' and travelled to ' + . $cityName . ' on the monorail!'; + } + $db->free_result($q); + } + echo '
    > Go back to index.'; +} +$h->endpage(); diff --git a/newspaper.php b/newspaper.php new file mode 100644 index 0000000..63ebc62 --- /dev/null +++ b/newspaper.php @@ -0,0 +1,43 @@ +The MonoPaper'; +$paperQ = $db->query("SELECT `content` + FROM `papercontent`"); +$paper = $db->fetch_single($paperQ); +$db->free_result($paperQ); +echo ' + + + + + + + + + + +
    YOUR JOBLOCAL GYMHALL OF FAME
    Ad' . nl2br($paper) + . '
    + '; +$h->endpage(); diff --git a/oclog.php b/oclog.php new file mode 100644 index 0000000..3bad1ce --- /dev/null +++ b/oclog.php @@ -0,0 +1,62 @@ + + > Go Home'; + die($h->endpage()); +} +$q = + $db->query( + 'SELECT `ocCRIMEN`, `ocTIME`, `oclLOG`, `oclRESULT`, `oclMONEY` + FROM `oclogs` + WHERE `oclID` = ' . $_GET['ID']); +if ($db->num_rows($q) == 0) +{ + $db->free_result($q); + echo 'Invalid OC.
    + > Go Home'; + die($h->endpage()); +} +$r = $db->fetch_row($q); +$db->free_result($q); +echo " +Here is the detailed view on this crime. +
    +Crime: {$r['ocCRIMEN']} +
    +Time Executed: " . date('F j, Y, g:i:s a', $r['ocTIME']) + . " +
    + {$r['oclLOG']} +
    +
    +Result: {$r['oclRESULT']} +
    +Money Made: " . money_formatter($r['oclMONEY']) . " + "; +$h->endpage(); diff --git a/polling.php b/polling.php new file mode 100644 index 0000000..5e7bcf3 --- /dev/null +++ b/polling.php @@ -0,0 +1,185 @@ +Polling Booth +Cast your vote today!
    "; +$_POST['poll'] = + (isset($_POST['poll']) && is_numeric($_POST['poll'])) + ? abs(intval($_POST['poll'])) : ''; +$_POST['choice'] = + (isset($_POST['choice']) && is_numeric($_POST['choice'])) + ? abs(intval($_POST['choice'])) : ''; +$ir['voted'] = unserialize($ir['voted']); +if (!$_POST['choice'] || !$_POST['poll']) +{ + echo "> View Old Polls"; +} +echo "
    \n"; +if ($_POST['choice'] && $_POST['poll']) +{ + if ($ir['voted'][$_POST['poll']]) + { + echo "You've already voted in this poll.
    + > Back"; + die($h->endpage()); + } + $check_q = + $db->query( + "SELECT COUNT(`id`) + FROM `polls` + WHERE `active` = '1' + AND `id` = {$_POST['poll']}"); + if ($db->fetch_single($check_q) == 0) + { + $db->free_result($check_q); + echo "You are trying to vote in an invalid or finished poll.
    + > Back"; + die($h->endpage()); + } + $db->free_result($check_q); + $ir['voted'][$_POST['poll']] = $_POST['choice']; + $ser = $db->escape(serialize($ir['voted'])); + $db->query( + "UPDATE `users` + SET `voted` = '$ser' + WHERE `userid` = $userid"); + $db->query( + "UPDATE `polls` + SET `voted{$_POST['choice']}` = `voted{$_POST['choice']}` + 1, + `votes` = `votes` + 1 + WHERE `active` = '1' AND `id` = {$_POST['poll']}"); + echo "Your vote has been cast.
    + > Back To Polling Booth"; +} +else +{ + $q = + $db->query( + "SELECT * + FROM `polls` + WHERE `active` = '1'"); + if (!$db->num_rows($q)) + { + echo "There are no active polls at this time"; + } + else + { + while ($r = $db->fetch_row($q)) + { + if ($ir['voted'][$r['id']]) + { + echo "
    + + + + + + + + + + "; + if (!$r['hidden']) + { + for ($i = 1; $i <= 10; $i++) + { + if ($r['choice' . $i]) + { + $k = 'choice' . $i; + $ke = 'voted' . $i; + if ($r['votes'] != 0) + { + $perc = $r[$ke] / $r['votes'] * 100; + } + else + { + $perc = 0; + } + echo " + + + + + "; + } + } + } + else + { + echo " + + "; + } + $myvote = $r['choice' . $ir['voted'][$r['id']]]; + echo " + + + +
    ChoiceVotesBarPercentage
    {$r['question']} (Already Voted)
    {$r[$k]}{$r[$ke]} + Bar + $perc%
    + Sorry, the results of this poll are hidden until its end. +
    Your Vote: {$myvote}Total Votes: {$r['votes']}
    "; + } + else + { + echo "
    +
    + + + + + + + + + "; + for ($i = 1; $i <= 10; $i++) + { + if ($r['choice' . $i]) + { + $k = 'choice' . $i; + if ($i == 1) + { + $c = "checked='checked'"; + } + else + { + $c = ""; + } + echo " + + + "; + } + } + echo " + + +
    ChoiceChoose
    {$r['question']} (Not Voted)
    {$r[$k]}
    "; + } + } + } + $db->free_result($q); +} +$h->endpage(); diff --git a/polls_view.php b/polls_view.php new file mode 100644 index 0000000..fae787b --- /dev/null +++ b/polls_view.php @@ -0,0 +1,83 @@ +query( + "SELECT * + FROM `polls` + WHERE `active` = '0' + ORDER BY `id` DESC"); +if (!$db->num_rows($q)) +{ + echo "There are no finished polls right now"; +} +else +{ + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + + + "; + for ($i = 1; $i <= 10; $i++) + { + if ($r['choice' . $i]) + { + $k = 'choice' . $i; + $ke = 'voted' . $i; + if ($r['votes'] != 0) + { + $perc = $r[$ke] / $r['votes'] * 100; + } + else + { + $perc = 0; + } + echo " + + + + + "; + } + } + echo " + + + + + +
    ChoiceVotesBarPercentage
    {$r['question']}
    {$r[$k]}{$r[$ke]} + Bar + $perc%
    Total Votes: {$r['votes']}
    Winner: " . $r['choice' . $r['winner']] + . "

    "; + } +} +$db->free_result($q); +$h->endpage(); diff --git a/preferences.php b/preferences.php new file mode 100644 index 0000000..27ce6c6 --- /dev/null +++ b/preferences.php @@ -0,0 +1,405 @@ +Error
    + Your change has been blocked for your security.
    + Please make profile changes quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + $h->endpage(); + exit; +} +switch ($_GET['action']) +{ +case 'sexchange2': + do_sex_change(); + break; +case 'sexchange': + conf_sex_change(); + break; +case 'passchange2': + do_pass_change(); + break; +case 'passchange': + pass_change(); + break; +case 'namechange2': + do_name_change(); + break; +case 'namechange': + name_change(); + break; +case 'picchange2': + do_pic_change(); + break; +case 'picchange': + pic_change(); + break; +case 'forumchange2': + do_forum_change(); + break; +case 'forumchange': + forum_change(); + break; +default: + prefs_home(); + break; +} + +function prefs_home() +{ + global $db, $ir, $c, $userid, $h; + echo " +

    Preferences

    + Sex Change
    + Password Change
    + Name Change
    + Display Pic Change
    + Forum Info Change
    + "; +} + +function conf_sex_change() +{ + global $ir, $c, $userid, $h; + $code = request_csrf_code('prefs_sexchange'); + if ($ir['gender'] == "Male") + { + $g = "Female"; + } + else + { + $g = "Male"; + } + echo " + Are you sure you want to become a $g? +
    + Yes | No + "; +} + +function do_sex_change() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_GET['verf']) + || !verify_csrf_code('prefs_sexchange', + stripslashes($_GET['verf']))) + { + csrf_error('sexchange'); + } + $g = ($ir['gender'] == "Female") ? 'Male' : 'Female'; + $db->query( + "UPDATE `users` + SET `gender` = '$g' + WHERE `userid` = $userid"); + echo " + Success, you are now $g!
    + Back + "; +} + +function pass_change() +{ + global $ir, $c, $userid, $h; + $code = request_csrf_code('prefs_passchange'); + echo " +

    Password Change

    +
    + Current Password:
    + New Password:
    + Confirm:
    + + +
    + "; +} + +function do_pass_change() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_POST['verf']) + || !verify_csrf_code('prefs_passchange', + stripslashes($_POST['verf']))) + { + csrf_error('passchange'); + } + $oldpw = stripslashes($_POST['oldpw']); + $newpw = stripslashes($_POST['newpw']); + $newpw2 = stripslashes($_POST['newpw2']); + if (!verify_user_password($oldpw, $ir['pass_salt'], $ir['userpass'])) + { + echo " + The current password you entered was wrong.
    + > Back + "; + } + else if ($newpw !== $newpw2) + { + echo "The new passwords you entered did not match!
    + > Back"; + } + else + { + // Re-encode password + $new_psw = $db->escape(encode_password($newpw, $ir['pass_salt'])); + $db->query( + "UPDATE `users` + SET `userpass` = '{$new_psw}' + WHERE `userid` = {$ir['userid']}"); + echo "Password changed!
    + > Go Back"; + } +} + +function name_change() +{ + global $ir, $c, $userid, $h; + $code = request_csrf_code('prefs_namechange'); + echo " +

    Name Change

    + Please note that you still use the same name to login, this procedure simply changes the name that is displayed. +
    + New Name: +
    + + +
    + "; +} + +function do_name_change() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_POST['verf']) + || !verify_csrf_code('prefs_namechange', + stripslashes($_POST['verf']))) + { + csrf_error('namechange'); + } + $_POST['newname'] = + (isset($_POST['newname']) && is_string($_POST['newname'])) + ? stripslashes($_POST['newname']) : ''; + if (empty($_POST['newname'])) + { + echo ' + You did not enter a new username.
    + > Back + '; + die($h->endpage()); + } + elseif (((strlen($_POST['newname']) > 32) + OR (strlen($_POST['newname']) < 3))) + { + echo ' + Usernames can only be a max of 32 characters or a min of 3 characters.
    + > Back + '; + die($h->endpage()); + } + if (!preg_match("/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['newname'])) + { + echo ' + Your username can only consist of Numbers, Letters, underscores and spaces.
    + > Back + '; + die($h->endpage()); + } + $check_ex = + $db->query( + 'SELECT `userid` + FROM `users` + WHERE `username` = "' . $db->escape($_POST['newname']) + . '"'); + if ($db->num_rows($check_ex) > 0) + { + echo ' + This username is already in use.
    + > Back + '; + die($h->endpage()); + } + $_POST['newname'] = + $db->escape( + htmlentities($_POST['newname'], ENT_QUOTES, 'ISO-8859-1')); + $db->query( + "UPDATE `users` + SET `username` = '{$_POST['newname']}' + WHERE `userid` = $userid"); + echo "Username changed!"; +} + +function pic_change() +{ + global $ir, $c, $userid, $h; + $code = request_csrf_code('prefs_picchange'); + echo " +

    Pic Change

    + Please note that this must be externally hosted, + Photobucket is our recommendation. +
    + Any images that are not 150x150 will be automatically resized +
    + New Pic: + +
    + +
    + "; +} + +function do_pic_change() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_POST['verf']) + || !verify_csrf_code('prefs_picchange', + stripslashes($_POST['verf']))) + { + csrf_error('picchange'); + } + $npic = + (isset($_POST['newpic']) && is_string($_POST['newpic'])) + ? stripslashes($_POST['newpic']) : ''; + if (!empty($npic)) + { + if (strlen($npic) < 8 + || !(substr($npic, 0, 7) == 'http://' + || substr($npic, 0, 8 == 'https://'))) + { + echo 'Invalid Image.
    + > Go Back'; + die($h->endpage()); + } + $sz = get_filesize_remote($npic); + if ($sz <= 0 || $sz >= 1048576) + { + echo "Invalid new pic entered.
    + > Back"; + $h->endpage(); + exit; + } + $image = (@getimagesize($npic)); + if (!is_array($image)) + { + echo 'Invalid Image.
    + > Go Back'; + die($h->endpage()); + } + } + echo htmlentities($_POST['newpic'], ENT_QUOTES, 'ISO-8859-1') . '
    '; + $db->query( + 'UPDATE `users` + SET `display_pic` = "' . $db->escape($npic) + . '" + WHERE `userid` = ' . $userid); + echo 'Pic changed!
    + > Go Home'; +} + +function forum_change() +{ + global $ir, $c, $userid, $h; + $code = request_csrf_code('prefs_forumchange'); + echo " +

    Forum Info Change

    + Please note that the avatar must be externally hosted, + Photobucket is our recommendation. +
    + Any avatars that are not 150x150 will be automatically resized +
    + Avatar: +
    + Signature (you may use BBcode): + +
    + + +
    + "; +} + +function do_forum_change() +{ + global $db, $ir, $c, $userid, $h; + if (!isset($_POST['verf']) + || !verify_csrf_code('prefs_forumchange', + stripslashes($_POST['verf']))) + { + csrf_error('forumchange'); + } + $av = + (isset($_POST['forums_avatar']) + && is_string($_POST['forums_avatar'])) + ? stripslashes($_POST['forums_avatar']) : ''; + if (!empty($av)) + { + if (strlen($av) < 8 + || !(substr($av, 0, 7) == 'http://' + || substr($av, 0, 8 == 'https://'))) + { + echo 'Invalid Image.
    + > Go Back'; + die($h->endpage()); + } + $sz = get_filesize_remote($av); + if ($sz <= 0 || $sz >= 1048576) + { + echo "Invalid new pic entered.
    + > Back"; + $h->endpage(); + exit; + } + $image = (@getimagesize($av)); + if (!is_array($image)) + { + echo 'Invalid Image.
    + > Go Back'; + die($h->endpage()); + } + } + + $_POST['forums_signature'] = + $db->escape(strip_tags(stripslashes($_POST['forums_signature']))); + if (strlen($_POST['forums_signature']) > 250) + { + echo 'You may only have a forums signature consisting of 250 characters or less. +
    > Go Back'; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `forums_avatar` = '" . $db->escape($av) + . "', + `forums_signature` = '{$_POST['forums_signature']}' + WHERE `userid` = $userid"); + echo 'Forum Info changed!
    + > Go Home'; +} +$h->endpage(); diff --git a/preport.php b/preport.php new file mode 100644 index 0000000..e096f0b --- /dev/null +++ b/preport.php @@ -0,0 +1,93 @@ +Player Report'; +$_POST['report'] = + (isset($_POST['report']) && is_string($_POST['report'])) + ? $db->escape(strip_tags(stripslashes($_POST['report']))) : ''; +$_POST['player'] = + (isset($_POST['player']) && is_numeric($_POST['player'])) + ? abs(intval($_POST['player'])) : ''; +if ($_POST['report'] && $_POST['player']) +{ + if (strlen($_POST['report']) > 500) + { + echo 'You may only enter 500 characters or less here. +
    >Go Back'; + die($h->endpage()); + } + if (!isset($_POST['verf']) + || !verify_csrf_code('preport_send', stripslashes($_POST['verf']))) + { + echo '

    Error

    + This action has been blocked for your security.
    + Please try again.
    + > Try Again'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['player']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'User doesn\'t exist.
    + >Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `preports` + VALUES(NULL, $userid, {$_POST['player']}, '{$_POST['report']}')"); + echo 'Report processed!
    + > Home'; +} +else +{ + $_GET['report'] = + (isset($_GET['report']) && is_string($_GET['report'])) + ? htmlentities(strip_tags(stripslashes($_GET['report'])), + ENT_QUOTES, 'ISO-8859-1') : ''; + $_GET['ID'] = + (isset($_GET['ID']) && is_numeric($_GET['ID'])) + ? abs(intval($_GET['ID'])) : ''; + $preport_csrf = request_csrf_code('preport_send'); + echo " + Know of a player that's breaking the rules? + Don't hesitate to report them. + Reports are kept confidential. +
    +
    + + Player's ID:
    + What they've done:
    +
    + +
    + "; +} + +$h->endpage(); diff --git a/redbar.png b/redbar.png new file mode 100644 index 0000000000000000000000000000000000000000..61b14d86c99e6d80ef5923cc193026e42abe9c4c GIT binary patch literal 201 zcmeAS@N?(olHy`uVBq!ia0vp^j6lrK!3-pY4u+lvQY`6?zK#qG>ra@ocD)4hB}-f* zN`mv#O3D+9QW+dm@{>{(JaZG%Q-e|yQz{EjrrH1%=?3_OxE^I^J zhF?CmuPyX$D$737S3Aka^TpZhe~{Bf36Z-z46j8Qe8Y}^1Zq_Bba4!+xW#g?m61V# vhe6@Y&HwYYZ_HXMeaLX4>ea7P^batwO=QSAv10QbplSwBS3j3^P6 + + +{$set['game_name']} + + + + + + +
    + + + + + + + + +
    Mccodes Version 2
    + +EOF; +$IP = str_replace(array('/', '\\', '\0'), '', $_SERVER['REMOTE_ADDR']); +if (file_exists('ipbans/' . $IP)) +{ + die( + " + Your IP has been banned, there is no way around this. + "); +} +$username = + (isset($_POST['username']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['username']) + && ((strlen($_POST['username']) < 32) + && (strlen($_POST['username']) >= 3))) + ? stripslashes($_POST['username']) : ''; +if (!empty($username)) +{ + if ($set['regcap_on']) + { + if (!$_SESSION['captcha'] || !isset($_POST['captcha']) + || $_SESSION['captcha'] != $_POST['captcha']) + { + unset($_SESSION['captcha']); + echo "Captcha Test Failed
    + > Back"; + register_footer(); + } + unset($_SESSION['captcha']); + } + if (!isset($_POST['email']) || !valid_email(stripslashes($_POST['email']))) + { + echo "Sorry, the email is invalid.
    + > Back"; + register_footer(); + } + // Check Gender + if (!isset($_POST['gender']) + || ($_POST['gender'] != 'Male' && $_POST['gender'] != 'Female')) + { + echo "Sorry, the gender is invalid.
    + > Back"; + register_footer(); + } + $e_gender = $db->escape(stripslashes($_POST['gender'])); + $sm = 100; + if (isset($_POST['promo']) && $_POST['promo'] == "Your Promo Code Here") + { + $sm += 100; + } + $e_username = $db->escape($username); + $e_email = $db->escape(stripslashes($_POST['email'])); + $q = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `username` = '{$e_username}' + OR `login_name` = '{$e_username}'"); + $q2 = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `email` = '{$e_email}'"); + $u_check = $db->fetch_single($q); + $e_check = $db->fetch_single($q2); + $db->free_result($q); + $db->free_result($q2); + $base_pw = + (isset($_POST['password']) && is_string($_POST['password'])) + ? stripslashes($_POST['password']) : ''; + $check_pw = + (isset($_POST['cpassword']) && is_string($_POST['cpassword'])) + ? stripslashes($_POST['cpassword']) : ''; + if ($u_check > 0) + { + echo "Username already in use. Choose another.
    + > Back"; + } + else if ($e_check > 0) + { + echo "E-Mail already in use. Choose another.
    + > Back"; + } + else if (empty($base_pw) || empty($check_pw)) + { + echo "You must specify your password and confirm it.
    + > Back"; + } + else if ($base_pw != $check_pw) + { + echo "The passwords did not match, go back and try again.
    + > Back"; + } + else + { + $_POST['ref'] = + (isset($_POST['ref']) && is_numeric($_POST['ref'])) + ? abs(intval($_POST['ref'])) : ''; + $IP = $db->escape($_SERVER['REMOTE_ADDR']); + if ($_POST['ref']) + { + $q = + $db->query( + "SELECT `lastip` + FROM `users` + WHERE `userid` = {$_POST['ref']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Referrer does not exist.
    + > Back"; + register_footer(); + } + $rem_IP = $db->fetch_single($q); + $db->free_result($q); + if ($rem_IP == $_SERVER['REMOTE_ADDR']) + { + echo "No creating referral multies.
    + > Back"; + register_footer(); + } + } + $salt = generate_pass_salt(); + $e_salt = $db->escape($salt); + $encpsw = encode_password($base_pw, $salt); + $e_encpsw = $db->escape($encpsw); + $db->query( + "INSERT INTO `users` + (`username`, `login_name`, `userpass`, `level`, + `money`, `crystals`, `donatordays`, `user_level`, + `energy`, `maxenergy`, `will`, `maxwill`, `brave`, + `maxbrave`, `hp`, `maxhp`, `location`, `gender`, + `signedup`, `email`, `bankmoney`, `lastip`, + `lastip_signup`, `pass_salt`) + VALUES('{$e_username}', '{$e_username}', '{$e_encpsw}', 1, + $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, + '{$e_gender}', " . time() + . ",'{$e_email}', -1, '$IP', + '$IP', '{$e_salt}')"); + $i = $db->insert_id(); + $db->query( + "INSERT INTO `userstats` + VALUES($i, 10, 10, 10, 10, 10)"); + + if ($_POST['ref']) + { + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` + 2 + WHERE `userid` = {$_POST['ref']}"); + event_add($_POST['ref'], + "For refering $username to the game, you have earnt 2 valuable crystals!", + $c); + $e_rip = $db->escape($rem_IP); + $db->query( + "INSERT INTO `referals` + VALUES(NULL, {$_POST['ref']}, $i, " . time() + . ", '{$e_rip}', '$IP')"); + } + echo "You have signed up, enjoy the game.
    + > Login"; + } +} +else +{ + if ($set['regcap_on']) + { + $chars = + "123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!?\\/%^"; + $len = strlen($chars); + $_SESSION['captcha'] = ""; + for ($i = 0; $i < 6; $i++) + $_SESSION['captcha'] .= $chars[rand(0, $len - 1)]; + } + + echo "

    {$set['game_name']} Registration

    "; + echo "
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + "; + if ($set['regcap_on']) + { + echo " + + "; + } + echo " + + + +
    Username + +
    Password + +
    Confirm Password + +
    Email + +
    Gender + +
    Promo Code
    +
    + +
    + +
    +

    + > Go Back"; +} +register_footer(); + +function register_footer() +{ + print + << +
    + + + + + + +
       
    +
    +
    + + +OUT; + exit; +} diff --git a/rgrad.jpg b/rgrad.jpg new file mode 100644 index 0000000000000000000000000000000000000000..ec000533fc41ee610038b695a4bc4411385acead GIT binary patch literal 315 zcma)$v1$TA6h-fwnVnsC$8{dF3*rj-f;6cGBZ#0?J|XB@iCBn*U5eztEYhbs_w&C6vuJXG~3p;J0+K$^W)yb z@4!hY=_D}(lVtLrcmYx9cpdHM00z4@O% D5}+t# literal 0 HcmV?d00001 diff --git a/roulette.php b/roulette.php new file mode 100644 index 0000000..9439967 --- /dev/null +++ b/roulette.php @@ -0,0 +1,116 @@ + + > Back"); +} +$_SESSION['tresde'] = $_GET['tresde']; + +echo "

    Roulette: Pick a number between 0 - 36

    "; +if (isset($_POST['bet']) && is_numeric($_POST['bet'])) +{ + $_POST['bet'] = abs((int) $_POST['bet']); + if (!isset($_POST['number'])) + { + $_POST['number'] = 0; + } + $_POST['number'] = abs((int) $_POST['number']); + if ($_POST['bet'] > $ir['money']) + { + die( + "You are trying to bet more than you have.
    + > Back"); + } + else if ($_POST['bet'] > $maxbet) + { + die( + "You have gone over the max bet.
    + > Back"); + } + else if ($_POST['number'] > 36 or $_POST['number'] < 0 + or $_POST['bet'] < 0) + { + die( + "The Numbers are only 0 - 36.
    + > Back"); + } + $slot = array(); + $slot[1] = (int) rand(0, 36); + echo "You place " . money_formatter($_POST['bet']) + . " into the slot and pull the pole.
    + You see the number: $slot[1]
    + You bet " . money_formatter($_POST['bet']) . " "; + if ($slot[1] == $_POST['number']) + { + $won = $_POST['bet'] * 37; + $gain = $_POST['bet'] * 36; + echo "and won " . money_formatter($won) + . " by matching the number you bet pocketing you " + . money_formatter($gain) . " extra."; + } + else + { + $won = 0; + $gain = -$_POST['bet']; + echo "and lost it."; + } + $db->query( + "UPDATE `users` + SET `money` = `money` + ({$gain}) + WHERE `userid` = $userid"); + $tresder = (int) (rand(100, 999)); + echo "
    +
    + + + +
    + > I'll continue, but I'm changing my bet.
    + > Enough's enough, I'm off."; +} +else +{ + echo "Ready to try your luck? Play today!
    + The maximum bet for your level is " . money_formatter($maxbet) + . ".
    +
    + Bet: \$
    + Pick (0-36):
    + +
    "; +} + +$h->endpage(); diff --git a/search.php b/search.php new file mode 100644 index 0000000..f4db3c1 --- /dev/null +++ b/search.php @@ -0,0 +1,52 @@ +Search +Search by Name +
    +
    + +
    +Search by ID +
    +
    + +
    "; +echo "
    Search by Location +
    +
    + +
    "; +$h->endpage(); diff --git a/searchlocation.php b/searchlocation.php new file mode 100644 index 0000000..4be786d --- /dev/null +++ b/searchlocation.php @@ -0,0 +1,78 @@ +query( + 'SELECT `cityid` + FROM `cities` + WHERE `cityid` = ' . $_POST['location']); + if ($db->num_rows($check_it) == 0) + { + $db->free_result($check_it); + echo 'This location doesn\'t exist.
    > Go Back'; + die($h->endpage()); + } + $db->free_result($check_it); + $q = + $db->query( + "SELECT `userid`, `level`, `money`, `crystals`, `username` + FROM `users` + WHERE `location` = '{$_POST['location']}' + ORDER BY `username` + LIMIT 100"); + echo $db->num_rows($q) + . ' players found.
    + + + + + + + + '; + while ($r = $db->fetch_row($q)) + { + echo ' + + + + + + + '; + } + $db->free_result($q); + echo '
    UserLevelMoneyCrystals
    ' + . $r['username'] . '' . $r['level'] . '' . money_formatter($r['money']) . '' . number_format($r['crystals']) . '
    '; +} +echo '
    > Go Back'; +$h->endpage(); diff --git a/searchname.php b/searchname.php new file mode 100644 index 0000000..e1d0608 --- /dev/null +++ b/searchname.php @@ -0,0 +1,74 @@ + 32) OR (strlen($_POST['name']) < 3))) +{ + echo 'Usernames can only be a max of 32 characters or a min of 3 characters.'; +} +else +{ + $e_name_check = '%' . $db->escape($_POST['name']) . '%'; + $q = + $db->query( + "SELECT `userid`, `username`, `level`, `money`, `crystals` + FROM `users` + WHERE `username` LIKE ('{$e_name_check}')"); + echo $db->num_rows($q) + . ' players found.
    + + + + + + + + '; + while ($r = $db->fetch_row($q)) + { + echo ' + + + + + + + '; + } + $db->free_result($q); + echo '
    UserLevelMoneyCrystals
    ' + . $r['username'] . '' . $r['level'] . '' . money_formatter($r['money']) . '' . number_format($r['crystals']) . '
    '; +} +echo '
    > Go Back'; +$h->endpage(); diff --git a/sendbank.php b/sendbank.php new file mode 100644 index 0000000..c21b338 --- /dev/null +++ b/sendbank.php @@ -0,0 +1,122 @@ +query( + "SELECT `bankmoney`, `lastip`, `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); + if ($db->num_rows($it) == 0) + { + $db->free_result($it); + echo "That user doesn't exist."; + $h->endpage(); + exit; + } + $er = $db->fetch_row($it); + $db->free_result($it); + if ($er['bankmoney'] == -1 || $ir['bankmoney'] == -1) + { + die( + "Sorry,you or the person you are sending to does not have a bank account."); + } + if ((int) $_POST['xfer']) + { + if (!isset($_POST['verf']) + || !verify_csrf_code("sendbank_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please send money quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + else if ($_POST['xfer'] > $ir['bankmoney']) + { + echo "Not enough money to send."; + } + else + { + $db->query( + "UPDATE `users` + SET `bankmoney` = `bankmoney` - {$_POST['xfer']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `bankmoney` = `bankmoney` + {$_POST['xfer']} + WHERE `userid` = {$_GET['ID']}"); + echo "You Bank Transferred " . money_formatter($_POST['xfer']) + . " to {$er['username']} (ID {$_GET['ID']})."; + event_add($_GET['ID'], + "You received " . money_formatter($_POST['xfer']) + . " into your bank account from {$ir['username']}.", + $c); + + $db->query( + "INSERT INTO `bankxferlogs` + VALUES (NULL, $userid, {$_GET['ID']}, + {$_POST['xfer']}, " . time() + . ", '{$ir['lastip']}', + '{$er['lastip']}', 'bank')"); + } + } + else + { + $code = request_csrf_code("sendbank_{$_GET['ID']}"); + echo "

    Bank Xfer

    + You are sending bank money to {$er['username']} (ID {$_GET['ID']}). +
    You have " . money_formatter($ir['bankmoney']) + . " you can send. +
    + Money:
    + + +
    "; + } +} +$h->endpage(); diff --git a/sendcash.php b/sendcash.php new file mode 100644 index 0000000..8d4c2c2 --- /dev/null +++ b/sendcash.php @@ -0,0 +1,138 @@ +query( + "SELECT `lastip`, `username` FROM `users` WHERE `userid` = {$_GET['ID']}"); + if ($db->num_rows($it) == 0) + { + $db->free_result($it); + echo "That user doesn't exist."; + $h->endpage(); + exit; + } + $er = $db->fetch_row($it); + $db->free_result($it); + if ((int) $_POST['money']) + { + if (!isset($_POST['verf']) + || !verify_csrf_code("sendcash_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please send money quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + else if ($_POST['money'] > $ir['money']) + { + echo "Not enough money to send."; + } + else + { + $db->query( + "UPDATE `users` + SET `money` = `money` - {$_POST['money']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `money` = `money` + {$_POST['money']} + WHERE `userid` = {$_GET['ID']}"); + echo "You sent " . money_formatter($_POST['money']) + . " to {$er['username']} (ID {$_GET['ID']})."; + event_add($_GET['ID'], + "You received " . money_formatter($_POST['money']) + . " from {$ir['username']}.", $c); + $db->query( + "INSERT INTO `cashxferlogs` + VALUES (NULL, $userid, {$_GET['ID']}, {$_POST['money']}, + " . time() . ", '{$ir['lastip']}', '{$er['lastip']}')"); + } + } + else + { + $code = request_csrf_code("sendcash_{$_GET['ID']}"); + echo "

    Sending Money

    + You are sending money to {$er['username']} (ID {$_GET['ID']}). +
    You have " . money_formatter($ir['money']) + . " you can send. +
    + Amnt:
    + + +
    "; + echo "

    Latest 5 Transfers

    + + + + + + + "; + $q = + $db->query( + "SELECT `cxTO`, `cxTIME`, `cxAMOUNT`, + `u`.`username` AS `recipient` + FROM `cashxferlogs` AS `cx` + INNER JOIN `users` AS `u` + ON `cx`.`cxTO` = `u`.`userid` + WHERE `cxFROM` = {$userid} + ORDER BY `cxTIME` DESC + LIMIT 5"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + "; + } + $db->free_result($q); + echo "
    TimeUser FromUser ToAmount
    " . date("F j, Y, g:i:s a", $r['cxTIME']) + . "{$ir['username']} [{$ir['userid']}] {$r['recipient']} [{$r['cxTO']}] " . money_formatter($r['cxAMOUNT']) + . "
    "; + } +} +$h->endpage(); diff --git a/sendcrys.php b/sendcrys.php new file mode 100644 index 0000000..348971f --- /dev/null +++ b/sendcrys.php @@ -0,0 +1,144 @@ +query( + "SELECT `lastip`, `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); + if ($db->num_rows($it) == 0) + { + $db->free_result($it); + echo "That user doesn't exist."; + $h->endpage(); + exit; + } + $er = $db->fetch_row($it); + $db->free_result($it); + if ((int) $_POST['crystals']) + { + if (!isset($_POST['verf']) + || !verify_csrf_code("sendcrys_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please send money quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + else if ($_POST['crystals'] > $ir['crystals']) + { + echo "Not enough crystals to send."; + } + else + { + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` - {$_POST['crystals']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `crystals` = `crystals` + {$_POST['crystals']} + WHERE `userid` = {$_GET['ID']}"); + echo "You sent {$_POST['crystals']} crystals to {$er['username']} (ID {$_GET['ID']})."; + event_add($_GET['ID'], + "You received {$_POST['crystals']} crystals from {$ir['username']}.", + $c); + $db->query( + "INSERT INTO `crystalxferlogs` + VALUES (NULL, $userid, {$_GET['ID']}, + {$_POST['crystals']}, " . time() + . ", '{$ir['lastip']}', '{$er['lastip']}')"); + } + } + else + { + $code = request_csrf_code("sendcrys_{$_GET['ID']}"); + echo "

    Sending Crystals

    + You are sending crystals to {$er['username']} (ID {$_GET['ID']}). +
    You have " . number_format($ir['crystals']) + . " crystals you can send. +
    + Crystals:
    + + +
    "; + echo "

    Latest 5 Transfers

    + + + + + + + "; + $q = + $db->query( + "SELECT `cxTO`, `cxTIME`, `cxAMOUNT`, + `u`.`username` AS `recipient` + FROM `crystalxferlogs` AS `cx` + INNER JOIN `users` AS `u` + ON `cx`.`cxTO` = `u`.`userid` + WHERE `cxFROM` = {$userid} + ORDER BY `cxTIME` DESC + LIMIT 5"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + "; + } + $db->free_result($q); + echo "
    TimeUser FromUser ToAmount
    " . date("F j, Y, g:i:s a", $r['cxTIME']) + . "{$ir['username']} [{$ir['userid']}] {$r['recipient']} [{$r['cxTO']}] " . number_format($r['cxAMOUNT']) + . " crystals
    "; + } +} +$h->endpage(); diff --git a/sendcyber.php b/sendcyber.php new file mode 100644 index 0000000..a8b9f66 --- /dev/null +++ b/sendcyber.php @@ -0,0 +1,123 @@ +query( + "SELECT `cybermoney`, `lastip`, `username` + FROM `users` + WHERE `userid` = {$_GET['ID']}"); + if ($db->num_rows($it) == 0) + { + $db->free_result($it); + echo "That user doesn't exist."; + $h->endpage(); + exit; + } + $er = $db->fetch_row($it); + $db->free_result($it); + if ($er['cybermoney'] == -1 || $ir['cybermoney'] == -1) + { + die( + "Sorry,you or the person you are sending to does not have a cyber bank account."); + } + if ((int) $_POST['xfer']) + { + if (!isset($_POST['verf']) + || !verify_csrf_code("sendcyber_{$_GET['ID']}", + stripslashes($_POST['verf']))) + { + echo '

    Error

    + This transaction has been blocked for your security.
    + Please send money quickly after you open the form - do not leave it open in tabs.
    + > Try Again'; + die($h->endpage()); + } + else if ($_POST['xfer'] > $ir['cybermoney']) + { + echo "Not enough money to send."; + } + else + { + $db->query( + "UPDATE `users` + SET `cybermoney` = `cybermoney` - {$_POST['xfer']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `users` + SET `cybermoney` = `cybermoney` + {$_POST['xfer']} + WHERE `userid` = {$_GET['ID']}"); + echo "You CyberBank Transferred " + . money_formatter($_POST['xfer']) + . " to {$er['username']} (ID {$_GET['ID']})."; + event_add($_GET['ID'], + "You received " . money_formatter($_POST['xfer']) + . " into your cyber bank account from {$ir['username']}.", + $c); + + $db->query( + "INSERT INTO `bankxferlogs` + VALUES (NULL, $userid, {$_GET['ID']}, + {$_POST['xfer']}, " . time() + . ", '{$ir['lastip']}', + '{$er['lastip']}', 'cyber')"); + } + } + else + { + $code = request_csrf_code("sendcyber_{$_GET['ID']}"); + echo "

    CyberBank Xfer

    + You are sending cyber bank money to {$er['username']} (ID {$_GET['ID']}). +
    You have " . money_formatter($ir['cybermoney']) + . " you can send. +
    + Money:
    + + +
    "; + } +} +$h->endpage(); diff --git a/sglobals.php b/sglobals.php new file mode 100644 index 0000000..98ccc5c --- /dev/null +++ b/sglobals.php @@ -0,0 +1,173 @@ +Error
    + Your action has been blocked for security reasons.
    + > Try Again'; + $h->endpage(); + exit; +} + +/** + * Check the CSRF code we received against the one that was registered for the form - using default code properties ($_POST['verf']). + * If verification fails, end execution immediately. + * If not, continue. + * @param string $formid A unique string used to identify this form to match up its submission with the right token. + * @param string $code The code the user's form input returned. + * @return boolean Whether the user provided a valid code or not + */ +function staff_csrf_stdverify($formid, $goBackTo) +{ + if (!isset($_POST['verf']) + || !verify_csrf_code($formid, stripslashes($_POST['verf']))) + { + staff_csrf_error($goBackTo); + } +} +if (strpos($_SERVER['PHP_SELF'], "sglobals.php") !== false) +{ + exit; +} +session_name('MCCSID'); +session_start(); +if (!isset($_SESSION['started'])) +{ + session_regenerate_id(); + $_SESSION['started'] = true; +} +ob_start(); +if (get_magic_quotes_gpc() == 0) +{ + foreach ($_POST as $k => $v) + { + $_POST[$k] = addslashes($v); + } + foreach ($_GET as $k => $v) + { + $_GET[$k] = addslashes($v); + } +} +require "lib/basic_error_handler.php"; +set_error_handler('error_php'); +require "global_func.php"; +$domain = determine_game_urlbase(); +if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] == 0) +{ + $login_url = "http://{$domain}/login.php"; + header("Location: {$login_url}"); + exit; +} +$userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0; +require "header.php"; + +include "config.php"; +global $_CONFIG; +define("MONO_ON", 1); +require "class/class_db_{$_CONFIG['driver']}.php"; +$db = new database; +$db->configure($_CONFIG['hostname'], $_CONFIG['username'], + $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); +$db->connect(); +$c = $db->connection_id; +$set = array(); +$settq = $db->query("SELECT * + FROM `settings`"); +while ($r = $db->fetch_row($settq)) +{ + $set[$r['conf_name']] = $r['conf_value']; +} +global $jobquery, $housequery; +if (isset($jobquery) && $jobquery) +{ + $is = + $db->query( + "SELECT `u`.*, `us`.*, `j`.*, `jr`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + LEFT JOIN `jobs` AS `j` ON `j`.`jID` = `u`.`job` + LEFT JOIN `jobranks` AS `jr` + ON `jr`.`jrID` = `u`.`jobrank` + WHERE `u`.`userid` = '{$userid}' + LIMIT 1"); +} +else if (isset($housequery) && $housequery) +{ + $is = + $db->query( + "SELECT `u`.*, `us`.*, `h`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + LEFT JOIN `houses` AS `h` ON `h`.`hWILL` = `u`.`maxwill` + WHERE `u`.`userid` = '{$userid}' + LIMIT 1"); +} +else +{ + $is = + $db->query( + "SELECT `u`.*, `us`.* + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid`=`us`.`userid` + WHERE `u`.`userid` = '{$userid}' + LIMIT 1"); +} +$ir = $db->fetch_row($is); +if ($ir['force_logout'] != '0') +{ + $db->query( + "UPDATE `users` + SET `force_logout` = 0 + WHERE `userid` = {$userid}"); + session_unset(); + session_destroy(); + $login_url = "http://{$domain}/login.php"; + header("Location: {$login_url}"); + exit; +} +if (!in_array($ir['user_level'], array(2, 3, 5))) +{ + echo 'This page cannot be accessed.
    > Go Home'; + die; +} +check_level(); +$h = new headers; +$h->startheaders(); +$fm = money_formatter($ir['money']); +$cm = money_formatter($ir['crystals'], ''); +$lv = date('F j, Y, g:i a', $ir['laston']); +global $atkpage; +$staffpage = 1; +if ($atkpage) +{ + $h->userdata($ir, $lv, $fm, $cm, 0); +} +else +{ + $h->userdata($ir, $lv, $fm, $cm); +} +$h->smenuarea(); diff --git a/shops.php b/shops.php new file mode 100644 index 0000000..dc38bf8 --- /dev/null +++ b/shops.php @@ -0,0 +1,126 @@ +"; + $q = + $db->query( + "SELECT `shopID`, `shopNAME`, `shopDESCRIPTION` + FROM `shops` + WHERE `shopLOCATION` = {$ir['location']}"); + echo " + + + + "; + while ($r = $db->fetch_row($q)) + { + echo " + + + "; + } + echo "
    ShopDescription
    + {$r['shopNAME']} + {$r['shopDESCRIPTION']}
    "; + $db->free_result($q); +} +else +{ + $sd = + $db->query( + "SELECT `shopLOCATION`, `shopNAME` + FROM `shops` + WHERE `shopID` = {$_GET['shop']}"); + if ($db->num_rows($sd) > 0) + { + $shopdata = $db->fetch_row($sd); + if ($shopdata['shopLOCATION'] == $ir['location']) + { + echo "Browsing items at {$shopdata['shopNAME']}...
    + + + + + + + + "; + $qtwo = + $db->query( + "SELECT `itmtypename`, `itmname`, `itmdesc`, + `itmbuyprice`, `itmsellprice`, `sitemID` + FROM `shopitems` AS `si` + INNER JOIN `items` AS `i` + ON `si`.`sitemITEMID` = `i`.`itmid` + INNER JOIN `itemtypes` AS `it` + ON `i`.`itmtype` = `it`.`itmtypeid` + WHERE `si`.`sitemSHOP` = {$_GET['shop']} + ORDER BY `itmtype` ASC, `itmbuyprice` ASC, + `itmname` ASC"); + $lt = ""; + while ($r = $db->fetch_row($qtwo)) + { + if ($lt != $r['itmtypename']) + { + $lt = $r['itmtypename']; + echo "\n + + "; + } + echo "\n + + + + + + "; + } + $db->free_result($qtwo); + echo "
    ItemDescriptionPriceSell PriceBuy
    {$lt}
    {$r['itmname']}{$r['itmdesc']}" . money_formatter($r['itmbuyprice']) + . "" . money_formatter($r['itmsellprice']) + . " +
    + Qty: + +
    +
    "; + } + else + { + echo "You are trying to access a shop in another city!"; + } + } + else + { + echo "You are trying to access an invalid shop!"; + } + $db->free_result($sd); +} +$h->endpage(); diff --git a/slotsmachine.php b/slotsmachine.php new file mode 100644 index 0000000..da6654e --- /dev/null +++ b/slotsmachine.php @@ -0,0 +1,112 @@ + + > Back"); +} +$_SESSION['tresde'] = $_GET['tresde']; +echo "

    Slots

    "; +if (isset($_POST['bet']) && is_numeric($_POST['bet'])) +{ + $_POST['bet'] = abs((int) $_POST['bet']); + if ($_POST['bet'] > $ir['money']) + { + die( + "You are trying to bet more than you have.
    + > Back"); + } + else if ($_POST['bet'] > $maxbet) + { + die( + "You have gone over the max bet.
    + > Back"); + } + + $slot[1] = (int) rand(0, 9); + $slot[2] = (int) rand(0, 9); + $slot[3] = (int) rand(0, 9); + echo "You place " . money_formatter($_POST['bet']) + . " into the slot and pull the pole.
    + You see the numbers: $slot[1] $slot[2] $slot[3]
    + You bet " . money_formatter($_GET['bet']) . " "; + if ($slot[1] == $slot[2] && $slot[2] == $slot[3]) + { + $won = $_POST['bet'] * 26; + $gain = $_POST['bet'] * 25; + echo "and won " . money_formatter($won) + . " by lining up 3 numbers pocketing you " + . money_formatter($gain) . " extra."; + } + else if ($slot[1] == $slot[2] || $slot[2] == $slot[3] + || $slot[1] == $slot[3]) + { + $won = $_POST['bet'] * 3; + $gain = $_POST['bet'] * 2; + echo "and won " . money_formatter($won) + . " by lining up 2 numbers pocketing you " + . money_formatter($gain) . " extra."; + } + else + { + $won = 0; + $gain = -$_POST['bet']; + echo "and lost it."; + } + $db->query( + "UPDATE `users` + SET `money` = `money` + ({$gain}) + WHERE `userid` = $userid"); + $tresder = (int) (rand(100, 999)); + echo "
    +
    + + +
    + > I'll continue, but I'm changing my bet.
    + > Enough's enough, I'm off."; +} +else +{ + echo "Ready to try your luck? Play today!
    + The maximum bet for your level is " . money_formatter($maxbet) + . ".
    +
    + Bet: \$
    + +
    "; +} + +$h->endpage(); diff --git a/smenu.php b/smenu.php new file mode 100644 index 0000000..e45f4a1 --- /dev/null +++ b/smenu.php @@ -0,0 +1,177 @@ +Back To Game
    +General
    +> Index
    "; +if ($ir['user_level'] == 2) +{ + echo " + > Basic Settings
    + > Add Announcement
    "; +} +if ($ir['user_level'] <= 3) +{ + echo "
    + Users
    "; + if ($ir['user_level'] == 2) + { + echo "> Create New User
    + > Edit User
    + > Delete User
    "; + } + echo "> View User Inventory
    + > Credit User
    "; + if ($ir['user_level'] == 2) + { + echo "> Mass Payment
    + > Force User Logout
    "; + } + echo " + > Player Reports
    "; + echo "
    + Items
    "; + if ($ir['user_level'] == 2) + { + echo ">Create New Item
    "; + } + echo "> Give Item To User
    "; + if ($ir['user_level'] == 2) + { + echo "> Edit Item
    + > Delete An Item
    + > Add Item Type
    "; + } +} +echo "
    Logs
    +> Attack Logs
    +> Cash Xfer Logs
    +> Crystal Xfer Logs
    +> Bank Xfer Logs
    +> Item Xfer Logs
    +> Mail Logs
    "; +if ($ir['user_level'] == 2) +{ + echo "> Staff Logs
    "; +} +if ($ir['user_level'] <= 3) +{ + echo "
    + Gangs
    + > Gang Record
    + > Credit Gang
    + > Manage Gang Wars
    + > Edit Gang
    "; +} +if ($ir['user_level'] == 2) +{ + echo "
    + Shops
    + > Create New Shop
    + > Add Item To Shop
    + > Delete Shop
    +
    Polls
    + > Start Poll
    + > End A Poll
    +
    Jobs
    + > Make a new Job
    + > Edit a Job
    + > Delete a Job
    + > Make a new Job Rank
    + > Edit a Job Rank
    + > Delete a Job Rank
    +
    Houses
    + > Add House
    + > Edit House
    + > Delete House
    +
    Cities
    + > Add City
    + > Edit City
    + > Delete City
    +
    Forums
    + > Add Forum
    + > Edit Forum
    + > Delete Forum
    +
    Courses
    + > Add Course
    + > Edit Course
    + > Delete Course
    +
    Crimes
    + > Create New Crime
    + > Edit Crime
    + > Delete Crime
    + > Create New Crime Group
    + > Edit Crime Group
    + > Delete Crime Group
    + > Reorder Crime Groups
    +
    Battle Tent
    + > Add Challenge Bot
    + > Edit Challenge Bot
    + > Remove Challenge Bot
    "; +} +echo "
    +Punishments
    +> Mail Ban User
    +> Un-Mailban User
    +> Forum Ban User
    +> Un-Forumban User
    +> Jail User
    +> Edit Fedjail Sentence
    +> Unjail User
    +> Ip Search
    "; +if ($ir['user_level'] == 2) +{ + echo "
    Special
    + > Edit Newspaper
    + > Mass mailer
    + > Staff List
    + > Adjust User Level
    + > Give User Donator Pack
    "; +} +echo "
    "; +echo "Staff Online:
    "; +$online_cutoff = time() - 900; +$q = + $db->query( + "SELECT `userid`, `username`, `laston` + FROM `users` + WHERE `laston` > ({$online_cutoff}) + AND `user_level` > 1 + ORDER BY `userid` ASC"); +while ($r = $db->fetch_row($q)) +{ + echo '' . $r['username'] + . ' (' . DateTime_Parse($r['laston']) . ')
    '; +} +$db->free_result($q); +echo "
    +> Logout

    +Time is now
    +"; +echo date('F j, Y') . "
    " . date('g:i:s a'); + diff --git a/staff.php b/staff.php new file mode 100644 index 0000000..56b3e1d --- /dev/null +++ b/staff.php @@ -0,0 +1,397 @@ + + > Go Back'; + die($h->endpage()); + } + $_POST['game_name'] = + (isset($_POST['game_name']) + && preg_match( + "/^[a-z0-9_.]+([\\s]{1}[a-z0-9_.]|[a-z0-9_.])+$/i", + $_POST['game_name'])) + ? $db->escape( + strip_tags(stripslashes($_POST['game_name']))) : ''; + $_POST['game_owner'] = + (isset($_POST['game_owner']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['game_owner'])) + ? $db->escape( + strip_tags(stripslashes($_POST['game_owner']))) + : ''; + $_POST['game_description'] = + (isset($_POST['game_description'])) + ? $db->escape( + strip_tags( + stripslashes($_POST['game_description']))) + : ''; + $_POST['paypal'] = + (isset($_POST['paypal']) + && filter_input(INPUT_POST, 'paypal', + FILTER_VALIDATE_EMAIL)) + ? $db->escape(stripslashes($_POST['paypal'])) : ''; + $_POST['ct_refillprice'] = + (isset($_POST['ct_refillprice']) + && is_numeric($_POST['ct_refillprice'])) + ? abs(intval($_POST['ct_refillprice'])) : ''; + $_POST['ct_iqpercrys'] = + (isset($_POST['ct_iqpercrys']) + && is_numeric($_POST['ct_iqpercrys'])) + ? abs(intval($_POST['ct_iqpercrys'])) : ''; + $_POST['ct_moneypercrys'] = + (isset($_POST['ct_moneypercrys']) + && is_numeric($_POST['ct_moneypercrys'])) + ? abs(intval($_POST['ct_moneypercrys'])) : ''; + $_POST['willp_item'] = + (isset($_POST['willp_item']) && is_numeric($_POST['willp_item'])) + ? abs(intval($_POST['willp_item'])) : ''; + $_POST['validate_on'] = + (isset($_POST['validate_on']) + && in_array($_POST['validate_on'], array('1', '0'), true)) + ? $_POST['validate_on'] : FALSE; + $_POST['validate_period'] = + (isset($_POST['validate_period']) + && in_array($_POST['validate_period'], + array('5', '15', '60', 'login'), true)) + ? $_POST['validate_period'] : FALSE; + $_POST['regcap_on'] = + (isset($_POST['regcap_on']) + && in_array($_POST['regcap_on'], array('1', '0'), true)) + ? $_POST['regcap_on'] : FALSE; + $_POST['sendcrys_on'] = + (isset($_POST['sendcrys_on']) + && in_array($_POST['sendcrys_on'], array('1', '0'), true)) + ? $_POST['sendcrys_on'] : FALSE; + $_POST['sendbank_on'] = + (isset($_POST['sendbank_on']) + && in_array($_POST['sendbank_on'], array('1', '0'), true)) + ? $_POST['sendbank_on'] : FALSE; + if (empty($_POST['game_name']) || empty($_POST['game_owner']) + || empty($_POST['game_description']) || empty($_POST['paypal']) + || empty($_POST['ct_refillprice']) + || empty($_POST['ct_iqpercrys']) + || empty($_POST['ct_moneypercrys']) + || is_bool($_POST['validate_on']) + || is_bool($_POST['validate_period']) + || is_bool($_POST['regcap_on']) || is_bool($_POST['sendcrys_on']) + || is_bool($_POST['sendbank_on'])) + { + $csrf = request_csrf_html('staff_basicset'); + echo " +

    Basic Settings

    +
    +
    + Game Name:
    + Game Owner:
    + Game Description:
    +
    + Paypal Address:
    + Gym/Crimes Validation: +
    + Validation Period: +
    + Registration CAPTCHA: +
    + Send Crystals: +
    + Bank Transfers: +
    + Energy Refill Price (crystals): + +
    + IQ per crystal: + +
    + Money per crystal: + +
    + Will Potion Item: " + . item_dropdown(NULL, "willp_item", $set['willp_item']) + . "
    + {$csrf} + +
    + "; + } + else + { + staff_csrf_stdverify('staff_basicset', 'staff.php?action=basicset'); + unset($_POST['verf']); + if (!empty($_POST['willp_item'])) + { + $qi = + $db->query( + 'SELECT `itmid` + FROM `items` + WHERE `itmid` = ' . $_POST['willp_item']); + if ($db->num_rows($qi) == 0) + { + echo ' + The item you tried to input doesn\'t seem to be a real item.
    + > Go Back + '; + die($h->endpage()); + } + } + else + { + $_POST['willp_item'] = 0; + echo 'Please remember to make a will potion item and set it
    '; + } + foreach ($_POST as $k => $v) + { + $db->query( + "UPDATE `settings` + SET `conf_value` = '$v' + WHERE `conf_name` = '$k'"); + } + echo ' + Settings updated!
    + > Go Back + '; + stafflog_add("Updated the basic game settings"); + } +} + +function announcements() +{ + global $db, $ir, $c, $h, $userid, $set; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + if (isset($_POST['text']) && !empty($_POST['text'])) + { + staff_csrf_stdverify('staff_announcement', 'staff.php?action=announce'); + $_POST['text'] = + $db->escape( + htmlentities(stripslashes($_POST['text']), ENT_QUOTES, + 'ISO-8859-1')); + $db->query( + "INSERT INTO `announcements` + VALUES('{$_POST['text']}', " . time() . ")"); + $db->query( + "UPDATE `users` + SET `new_announcements` = `new_announcements` + 1"); + echo ' + Announcement added!
    + > Back + '; + stafflog_add("Added a new announcement"); + } + else + { + $csrf = request_csrf_html('staff_announcement'); + echo ' + Adding an announcement... +
    + Please try to make sure the announcement is concise and covers everything you want it to. +
    + Announcement text:
    + +
    + ' . $csrf + . ' + +
    + '; + } +} + +function index() +{ + global $db, $ir, $c, $h, $userid, $set, $_CONFIG; + if ($ir['user_level'] == 2) + { + $versq = $db->query("SELECT VERSION()"); + $mv = $db->fetch_single($versq); + $db->free_result($versq); + $versionno = intval('20503'); + $version = '2.0.5b'; + echo " +

    System Info

    +
    + + + + + + + + + + + + + + + + + + + + + +
    PHP Version:" . phpversion() + . "
    MySQL Version:$mv
    MySQL Driver:" . $_CONFIG['driver'] + . "
    Codes Version:$version (Build: $versionno)
    Update Status: + +
    +
    +

    Last 20 Staff Actions

    + + + + + + + + "; + $q = + $db->query( + "SELECT `user`, `action`, `time`, `ip`, `username` + FROM `stafflog` AS `s` + INNER JOIN `users` AS `u` + ON `s`.`user` = `u`.`userid` + ORDER BY `s`.`time` DESC + LIMIT 20"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + "; + } + $db->free_result($q); + echo '
    StaffActionTimeIP
    {$r['username']} [{$r['user']}]{$r['action']}" . date('F j Y g:i:s a', $r['time']) + . "{$r['ip']}
    '; + } + echo '

    Staff Notepad

    '; + if (isset($_POST['pad'])) + { + staff_csrf_stdverify('staff_notepad', 'staff.php'); + $pad = $db->escape(stripslashes($_POST['pad'])); + $db->query( + "UPDATE `settings` + SET `conf_value` = '{$pad}' + WHERE `conf_name` = 'staff_pad'"); + $set['staff_pad'] = stripslashes($_POST['pad']); + echo 'Staff Notepad Updated!
    '; + } + $csrf = request_csrf_html('staff_notepad'); + echo " +
    + +
    + {$csrf} + +
    + "; +} +$h->endpage(); diff --git a/staff_battletent.php b/staff_battletent.php new file mode 100644 index 0000000..f290f56 --- /dev/null +++ b/staff_battletent.php @@ -0,0 +1,323 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "addbot": + addbot(); + break; +case "editbot": + editbot(); + break; +case "delbot": + delbot(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function addbot() +{ + global $db, $ir, $c, $h, $userid; + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : ''; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : ''; + if ($_POST['userid'] && $_POST['money']) + { + staff_csrf_stdverify('staff_addbot', + 'staff_battletent.php?action=addbot'); + $q = + $db->query( + "SELECT `user_level`, `userid`, `username` + FROM `users` + WHERE `userid` = {$_POST['userid']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Non-existant user.
    + > Goto Main'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($r['user_level'] != 0) + { + echo 'Challenge bots must be NPCs.
    + > Goto Main'; + die($h->endpage()); + } + $q2 = + $db->query( + "SELECT COUNT(`cb_npcid`) + FROM `challengebots` + WHERE `cb_npcid` = {$r['userid']}"); + if ($db->fetch_single($q2) > 0) + { + $db->free_result($q2); + echo 'This user is already a Challenge Bot. If you wish to change the payout, edit the Challenge Bot.
    > Goto Main'; + die($h->endpage()); + } + $db->free_result($q2); + $db->query( + "INSERT INTO `challengebots` + VALUES('{$r['userid']}', '{$_POST['money']}')"); + echo 'Challenge Bot ' . $r['username'] + . ' added.
    + > Goto Main'; + stafflog_add("Added Challenge Bot {$r['username']}."); + } + else + { + $csrf = request_csrf_html('staff_addbot'); + echo " +

    Adding a Battle Tent Challenge Bot

    +
    +
    + Bot: " . user_dropdown(NULL, 'userid') + . " +
    + Bounty for Beating: +
    + {$csrf} + +
    + "; + } +} + +function editbot() +{ + global $db, $ir, $c, $h, $userid; + $_GET['step'] = + (isset($_GET['step']) && in_array($_GET['step'], array(1, 2, 3))) + ? abs(intval($_GET['step'])) : ''; + switch ($_GET['step']) + { + case "2": + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : ''; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : ''; + if (empty($_POST['userid']) || empty($_POST['money'])) + { + echo 'Something went wrong.
    > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editbot_2', + 'staff_battletent.php?action=editbot'); + $q = + $db->query( + "SELECT `username`,`userid` + FROM `users` + WHERE `userid` = {$_POST['userid']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Non-existing user.
    + > Goto Main'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT COUNT(`cb_npcid`) + FROM `challengebots` + WHERE `cb_npcid` = {$r['userid']}"); + if ($db->fetch_single($q2) == 0) + { + $db->free_result($q2); + echo 'This user is not a Challenge Bot.
    > Goto Main'; + die($h->endpage()); + } + $db->free_result($q2); + $db->query( + "UPDATE `challengebots` + SET `cb_money` = {$_POST['money']} + WHERE `cb_npcid` = {$r['userid']}"); + echo 'Challenge Bot ' . $r['username'] + . ' was updated.
    > Goto Main'; + stafflog_add("Edited Challenge Bot {$r['username']}."); + break; + case "1": + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : ''; + if (empty($_POST['userid'])) + { + echo 'Something went wrong.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editbot_1', + 'staff_battletent.php?action=editbot'); + $q = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `userid` = {$_POST['userid']}"); + if ($db->num_rows($q) == 0) + { + echo 'Non-existant user.
    + > Goto Main'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT `cb_money` + FROM `challengebots` + WHERE `cb_npcid` = {$r['userid']}"); + if (!$db->num_rows($q2)) + { + $db->free_result($q2); + echo 'This user is not a Challenge Bot.
    + > Goto Main'; + die($h->endpage()); + } + $mn = $db->fetch_single($q2); + $db->free_result($q2); + $csrf = request_csrf_html('staff_editbot_2'); + echo " +

    Edit Challenge Bot

    +
    + You are editing the challenge bot: {$r['username']} +
    + Bounty for Beating: +
    + + {$csrf} + +
    + "; + break; + default: + $csrf = request_csrf_html('staff_editbot_1'); + echo " +

    Edit Challenge Bot

    +
    +
    + Bot: " . challengebot_dropdown(NULL, 'userid') + . " +
    + {$csrf} + +
    + "; + break; + } +} + +function delbot() +{ + global $db, $ir, $c, $h, $userid; + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : ''; + $_POST['delcb'] = + (isset($_POST['delcb']) && $_POST['delcb'] == 'Yes') + ? $_POST['delcb'] : ''; + if (!empty($_POST['userid'])) + { + staff_csrf_stdverify('staff_delbot', + 'staff_battletent.php?action=delbot'); + $q = + $db->query( + "SELECT `username`, `userid` + FROM `users` + WHERE `userid` = {$_POST['userid']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Non-existant user.
    + > Goto Main'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $q2 = + $db->query( + "SELECT COUNT(`cb_npcid`) + FROM `challengebots` + WHERE `cb_npcid` = {$r['userid']}"); + if ($db->fetch_single($q2) == 0) + { + $db->free_result($q2); + echo 'This user is not a Challenge Bot.
    + > Goto Main'; + die($h->endpage()); + } + $db->free_result($q2); + $db->query( + "DELETE FROM `challengebots` + WHERE `cb_npcid` = {$r['userid']}"); + if ($_POST['delcb'] == 'Yes') + { + $db->query( + "DELETE FROM `challengesbeaten` + WHERE `npcid` = {$r['userid']}"); + } + echo 'Challenge Bot ' . $r['username'] + . ' removed.
    + > Goto Main'; + stafflog_add("Removed Challenge Bot {$r['username']}"); + } + else + { + $csrf = request_csrf_html('staff_delbot'); + echo " +

    Remove Challenge Bot

    +
    + This will not delete the user from the game, only remove their entry as a Battle Tent Challenge Bot. +
    + Bot: " . challengebot_dropdown(NULL, "userid") + . " +
    + Delete challengesbeaten entries for this bot? + Yes + No +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_cities.php b/staff_cities.php new file mode 100644 index 0000000..bd3361a --- /dev/null +++ b/staff_cities.php @@ -0,0 +1,297 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "addcity": + addcity(); + break; +case "editcity": + editcity(); + break; +case "delcity": + delcity(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function addcity() +{ + global $db, $ir, $c, $h, $userid; + $minlevel = + (isset($_POST['minlevel']) && is_numeric($_POST['minlevel'])) + ? abs(intval($_POST['minlevel'])) : ''; + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $desc = + (isset($_POST['desc']) + && preg_match( + "/^[a-z0-9_.]+([\\s]{1}[a-z0-9_.]|[a-z0-9_.])+$/i", + $_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + if ($minlevel && $desc && $name) + { + staff_csrf_stdverify('staff_addcity', + 'staff_cities.php?action=addcity'); + $q = + $db->query( + "SELECT COUNT(`cityid`) + FROM `cities` + WHERE `cityname` = '{$name}'"); + if ($db->fetch_single($q) > 0) + { + $db->free_result($q); + echo 'Sorry, you cannot have two cities with the same name.
    + > Goto Main'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `cities` + VALUES(NULL, '$name', '$desc', '$minlevel')"); + echo 'City ' . $name + . ' added to the game.
    > Goto Main'; + stafflog_add("Created City $name"); + } + else + { + $csrf = request_csrf_html('staff_addcity'); + echo " +

    Add City

    +
    +
    + Name: +
    + Description: +
    + Minimum Level: +
    + {$csrf} + +
    + "; + } +} + +function editcity() +{ + global $db, $ir, $c, $h, $userid; + if (!isset($_POST['step'])) + { + $_POST['step'] = '0'; + } + switch ($_POST['step']) + { + case "2": + $minlevel = + (isset($_POST['minlevel']) && is_numeric($_POST['minlevel'])) + ? abs(intval($_POST['minlevel'])) : ''; + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $desc = + (isset($_POST['desc']) + && preg_match( + "/^[a-z0-9_.]+([\\s]{1}[a-z0-9_.]|[a-z0-9_.])+$/i", + $_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + $_POST['id'] = + (isset($_POST['id']) && is_numeric($_POST['id'])) + ? abs(intval($_POST['id'])) : ''; + if (empty($minlevel) || empty($name) || empty($desc) + || empty($_POST['id'])) + { + echo 'Something went wrong.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editcity2', + 'staff_cities.php?action=editcity'); + $q = + $db->query( + "SELECT COUNT(`cityid`) + FROM `cities` + WHERE `cityname` = '{$name}' + AND `cityid` != {$_POST['id']}"); + if ($db->fetch_single($q) > 0) + { + $db->free_result($q); + echo 'Sorry, you cannot have two cities with the same name.
    > Goto Main'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `cities` + SET `cityminlevel` = $minlevel, `citydesc` = '$desc', + `cityname` = '$name' + WHERE `cityid` = {$_POST['id']}"); + echo 'City ' . $name + . ' was edited successfully.
    + > Goto Main'; + stafflog_add("Edited city $name"); + break; + case "1": + $_POST['city'] = + (isset($_POST['city']) && is_numeric($_POST['city'])) + ? abs(intval($_POST['city'])) : ''; + if (empty($_POST['city'])) + { + echo 'Something went wrong.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editcity1', + 'staff_cities.php?action=editcity'); + $q = + $db->query( + "SELECT `cityminlevel`, `citydesc`, `cityname` + FROM `cities` + WHERE `cityid` = {$_POST['city']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'City doesn\'t exist.
    + > Goto Main'; + die($h->endpage()); + } + $old = $db->fetch_row($q); + $db->free_result($q); + $csrf = request_csrf_html('staff_editcity2'); + echo " +

    Editing a City

    +
    +
    + + + Name:
    + Description:
    + Minimum Level:
    + {$csrf} + +
    + "; + break; + default: + $csrf = request_csrf_html('staff_editcity1'); + echo " +

    Editing a City

    +
    +
    + + City: " . location_dropdown(NULL, "city") + . " +
    + {$csrf} + +
    + "; + break; + } +} + +function delcity() +{ + global $db, $ir, $c, $h, $userid; + $_POST['city'] = + (isset($_POST['city']) && is_numeric($_POST['city'])) + ? abs(intval($_POST['city'])) : ''; + if ($_POST['city']) + { + $q = + $db->query( + "SELECT `cityid`, `cityname` + FROM `cities` + WHERE `cityid` = {$_POST['city']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'City doesn\'t exist.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_delcity', + 'staff_cities.php?action=delcity'); + $old = $db->fetch_row($q); + $db->free_result($q); + if ($old['cityid'] == 1) + { + echo 'This city cannot be deleted.
    + > Goto Main'; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `location` = 1 + WHERE `location` = {$old['cityid']}"); + $db->query( + "UPDATE `shops` + SET `shopLOCATION` = 1 + WHERE `shopLOCATION` = {$old['cityid']}"); + $db->query( + "DELETE FROM `cities` + WHERE `cityid` = {$old['cityid']}"); + echo 'City ' . $old['cityname'] + . ' deleted.
    > Goto Main'; + stafflog_add("Deleted city {$old['cityname']}"); + } + else + { + $csrf = request_csrf_html('staff_delcity'); + echo " +

    Delete City

    +
    + Deleting a city is permanent - be sure. Any users and shops that are currently in the city you delete will be moved to the default city (ID 1). +
    + City: " . location_dropdown(NULL, "city") + . " +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_courses.php b/staff_courses.php new file mode 100644 index 0000000..6eae613 --- /dev/null +++ b/staff_courses.php @@ -0,0 +1,335 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "addcourse": + addcourse(); + break; +case "editcourse": + editcourse(); + break; +case "delcourse": + delcourse(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function addcourse() +{ + global $db, $ir, $c, $h, $userid; + $cost = + (isset($_POST['cost']) && is_numeric($_POST['cost'])) + ? abs(intval($_POST['cost'])) : ''; + $energy = + (isset($_POST['energy']) && is_numeric($_POST['energy'])) + ? abs(intval($_POST['energy'])) : ''; + $days = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + $str = + (isset($_POST['str']) && is_numeric($_POST['str'])) + ? abs(intval($_POST['str'])) : ''; + $agil = + (isset($_POST['agil']) && is_numeric($_POST['agil'])) + ? abs(intval($_POST['agil'])) : ''; + $gua = + (isset($_POST['gua']) && is_numeric($_POST['gua'])) + ? abs(intval($_POST['gua'])) : ''; + $lab = + (isset($_POST['lab']) && is_numeric($_POST['lab'])) + ? abs(intval($_POST['lab'])) : ''; + $iq = + (isset($_POST['iq']) && is_numeric($_POST['iq'])) + ? abs(intval($_POST['iq'])) : ''; + $_POST['name'] = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $_POST['desc'] = + (isset($_POST['desc']) + && preg_match( + "/^[a-z0-9_.]+([\\s]{1}[a-z0-9_.]|[a-z0-9_.])+$/i", + $_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + if ($_POST['name'] && $_POST['desc'] && $cost && $days && $cost && $energy + && $str && $agil && $gua && $lab && $iq) + { + staff_csrf_stdverify('staff_addcourse', + 'staff_courses.php?action=addcourse'); + $db->query( + "INSERT INTO `courses` + VALUES(NULL, '{$_POST['name']}', '{$_POST['desc']}', '$cost', + '$energy', '$days', '$str', '$gua', '$lab', '$agil', + '$iq')"); + echo 'Course ' . $_POST['name'] + . ' added.
    > Goto Main'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_addcourse'); + echo " +

    Add Course

    +
    + Name: +
    + Description: +
    + Cost (Money): +
    + Cost (Energy): +
    + Length (Days): +
    + Strength Gain: +
    + Agility Gain: +
    + Guard Gain: +
    + Labour Gain: +
    + IQ Gain: +
    + {$csrf} + +
    + "; + } +} + +function editcourse() +{ + global $db, $ir, $c, $h, $userid; + if (!isset($_POST['step'])) + { + $_POST['step'] = '0'; + } + switch ($_POST['step']) + { + case "2": + $cost = + (isset($_POST['cost']) && is_numeric($_POST['cost'])) + ? abs(intval($_POST['cost'])) : ''; + $energy = + (isset($_POST['energy']) && is_numeric($_POST['energy'])) + ? abs(intval($_POST['energy'])) : ''; + $days = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + $str = + (isset($_POST['str']) && is_numeric($_POST['str'])) + ? abs(intval($_POST['str'])) : ''; + $agil = + (isset($_POST['agil']) && is_numeric($_POST['agil'])) + ? abs(intval($_POST['agil'])) : ''; + $gua = + (isset($_POST['gua']) && is_numeric($_POST['gua'])) + ? abs(intval($_POST['gua'])) : ''; + $lab = + (isset($_POST['lab']) && is_numeric($_POST['lab'])) + ? abs(intval($_POST['lab'])) : ''; + $iq = + (isset($_POST['iq']) && is_numeric($_POST['iq'])) + ? abs(intval($_POST['iq'])) : ''; + $_POST['name'] = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $_POST['desc'] = + (isset($_POST['desc']) + && preg_match( + "/^[a-z0-9_.]+([\\s]{1}[a-z0-9_.]|[a-z0-9_.])+$/i", + $_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + if (empty($_POST['name']) || empty($_POST['desc']) || empty($cost) + || empty($days) || empty($cost) || empty($energy) + || empty($str) || empty($agil) || empty($gua) || empty($lab) + || empty($iq)) + { + echo 'Something went wrong.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editcourse2', + 'staff_courses.php?action=editcourse'); + $db->query( + "UPDATE `courses` + SET `crNAME` = '{$_POST['name']}', + `crDESC` = '{$_POST['desc']}', `crCOST` = $cost, + `crENERGY` = $energy, `crDAYS` = $days, `crSTR` = $str, + `crGUARD` = $gua, `crLABOUR` = $lab, `crAGIL` = $agil, + `crIQ` = $iq + WHERE `crID` = {$_POST['id']}"); + echo 'Course ' . $_POST['name'] + . ' was edited successfully.
    + > Goto Main'; + stafflog_add("Edited course {$_POST['name']}"); + die($h->endpage()); + break; + case "1": + $_POST['course'] = + (isset($_POST['course']) && is_numeric($_POST['course'])) + ? abs(intval($_POST['course'])) : ''; + $q = + $db->query( + "SELECT `crIQ`, `crLABOUR`, `crGUARD`, `crAGIL`, + `crSTR`, `crDAYS`, `crENERGY`, `crCOST`, `crDESC`, + `crNAME` + FROM `courses` + WHERE `crID` = {$_POST['course']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid course.
    + > Goto Main'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editcourse1', + 'staff_courses.php?action=editcourse'); + $old = $db->fetch_row($q); + $db->free_result($q); + $csrf = request_csrf_html('staff_editcourse2'); + echo " +

    Editing a Course

    +
    +
    + + + Name: +
    + Description: +
    + Cost (Money): +
    + Cost (Energy): +
    + Length (Days): +
    + Strength Gain: +
    + Agility Gain: +
    + Guard Gain: +
    + Labour Gain: +
    + IQ Gain: +
    + {$csrf} + +
    + "; + break; + default: + $csrf = request_csrf_html('staff_editcourse1'); + echo " +

    Editing a Course

    +
    +
    + + Course: " . course_dropdown(NULL, "course") + . " +
    + {$csrf} + +
    + "; + break; + } +} + +function delcourse() +{ + global $db, $ir, $c, $h, $userid; + $_POST['course'] = + (isset($_POST['course']) && is_numeric($_POST['course'])) + ? abs(intval($_POST['course'])) : ''; + if ($_POST['course']) + { + staff_csrf_stdverify('staff_delcourse', + 'staff_courses.php?action=delcourse'); + $q = + $db->query( + "SELECT `crNAME` + FROM `courses` + WHERE `crID` = {$_POST['course']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid course.
    + > Goto Main'; + die($h->endpage()); + } + $old = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "UPDATE `users` + SET `course` = 0, `cdays` = 0 + WHERE `course` = {$_POST['course']}"); + $db->query( + "DELETE FROM `courses` + WHERE `crID` = {$_POST['course']}"); + echo 'Course ' . $old['crNAME'] + . ' deleted.
    + > Goto Main'; + stafflog_add("Deleted course {$old['crNAME']}"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_delcourse'); + echo " +

    Deleting a Course

    +
    +
    + Course: " . course_dropdown(NULL, "course") + . "
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_crimes.php b/staff_crimes.php new file mode 100644 index 0000000..62df204 --- /dev/null +++ b/staff_crimes.php @@ -0,0 +1,961 @@ + + > Go Back'; + die($h->endpage()); +} +//This contains crime stuffs +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'newcrime': + new_crime_form(); + break; +case 'newcrimesub': + new_crime_submit(); + break; +case 'editcrime': + edit_crime_begin(); + break; +case 'editcrimeform': + edit_crime_form(); + break; +case 'editcrimesub': + edit_crime_sub(); + break; +case 'delcrime': + delcrime(); + break; +case 'newcrimegroup': + new_crimegroup_form(); + break; +case 'newcrimegroupsub': + new_crimegroup_submit(); + break; +case 'editcrimegroup': + edit_crimegroup_begin(); + break; +case 'editcrimegroupform': + edit_crimegroup_form(); + break; +case 'editcrimegroupsub': + edit_crimegroup_sub(); + break; +case 'delcrimegroup': + delcrimegroup(); + break; +case 'reorder': + reorder_crimegroups(); + break; +default: + echo 'Error: This script requires an action.'; + break; +} + +function new_crime_form() +{ + $csrf = request_csrf_html('staff_newcrime'); + echo " + Adding a new crime.
    +
    + Name: +
    + Brave Cost (1-9 chars only): +
    + Success % Formula: +
    + Success Money (1-9 chars only): +
    + Success Crystals (1-9 chars only): +
    + Success Item: " . item2_dropdown(NULL, 'item') + . " +
    + Group: " . crimegroup_dropdown(NULL, 'group') + . " +
    + Initial Text: +
    + Success Text: +
    + Failure Text: +
    + Jail Text: +
    + Jail Time (1-9 chars only): +
    + Jail Reason: +
    + Crime XP Given (1-9 chars only): +
    + {$csrf} + +
    + "; +} + +function new_crime_submit() +{ + global $c, $userid, $db, $h; + $_POST['name'] = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])*$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $_POST['brave'] = + (isset($_POST['brave']) && is_numeric($_POST['brave'])) + ? abs(intval($_POST['brave'])) : ''; + $_POST['percform'] = + (isset($_POST['percform'])) + ? $db->escape(strip_tags(stripslashes($_POST['percform']))) + : ''; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : ''; + $_POST['crys'] = + (isset($_POST['crys']) && is_numeric($_POST['crys'])) + ? abs(intval($_POST['crys'])) : ''; + $_POST['item'] = + (isset($_POST['item']) && is_numeric($_POST['item'])) + ? abs(intval($_POST['item'])) : 0; + $_POST['group'] = + (isset($_POST['group']) && is_numeric($_POST['group'])) + ? abs(intval($_POST['group'])) : ''; + $_POST['itext'] = + (isset($_POST['itext'])) + ? $db->escape(strip_tags(stripslashes($_POST['itext']))) + : ''; + $_POST['stext'] = + (isset($_POST['stext'])) + ? $db->escape(strip_tags(stripslashes($_POST['stext']))) + : ''; + $_POST['ftext'] = + (isset($_POST['ftext'])) + ? $db->escape(strip_tags(stripslashes($_POST['ftext']))) + : ''; + $_POST['jtext'] = + (isset($_POST['jtext'])) + ? $db->escape(strip_tags(stripslashes($_POST['jtext']))) + : ''; + $_POST['jailtime'] = + (isset($_POST['jailtime']) && is_numeric($_POST['jailtime'])) + ? abs(intval($_POST['jailtime'])) : ''; + $_POST['jailreason'] = + (isset($_POST['jailreason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])*$/i", + $_POST['jailreason'])) + ? $db->escape( + strip_tags(stripslashes($_POST['jailreason']))) + : ''; + $_POST['crimexp'] = + (isset($_POST['crimexp']) && is_numeric($_POST['crimexp'])) + ? abs(intval($_POST['crimexp'])) : ''; + if (empty($_POST['name']) || empty($_POST['brave']) + || empty($_POST['percform']) || empty($_POST['money']) + || empty($_POST['crys']) || empty($_POST['group']) + || empty($_POST['itext']) || empty($_POST['stext']) + || empty($_POST['ftext']) || empty($_POST['jtext']) + || empty($_POST['jailtime']) || empty($_POST['jailreason']) + || empty($_POST['crimexp'])) + { + echo 'One or more of the inputs seems to of the wrong format, + please go back and try again.
    + > Go back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_newcrime', 'staff_crimes.php?action=newcrime'); + if (!empty($_POST['item'])) + { + $qi = + $db->query( + 'SELECT COUNT(`itmid`) + FROM `items` + WHERE `itmid` = ' . $_POST['item']); + $exist_check = $db->fetch_single($qi); + $db->free_result($qi); + if ($exist_check == 0) + { + echo 'Item you selected doesn\'t seem to exist.
    + > Go back'; + die($h->endpage()); + } + } + $db->query( + "INSERT INTO `crimes` + (`crimeNAME`, `crimeBRAVE`, `crimePERCFORM`, `crimeSUCCESSMUNY`, + `crimeSUCCESSCRYS`, `crimeSUCCESSITEM`, `crimeGROUP`, + `crimeITEXT`, `crimeSTEXT`, `crimeFTEXT`, `crimeJTEXT`, + `crimeJAILTIME`, `crimeJREASON`, `crimeXP`) + VALUES('{$_POST['name']}', '{$_POST['brave']}', + '{$_POST['percform']}', '{$_POST['money']}', {$_POST['crys']}, + {$_POST['item']}, '{$_POST['group']}', '{$_POST['itext']}', + '{$_POST['stext']}', '{$_POST['ftext']}', '{$_POST['jtext']}', + {$_POST['jailtime']}, '{$_POST['jailreason']}', + {$_POST['crimexp']})"); + echo 'Crime (' . $_POST['name'] + . ') created.
    + > Goto Main'; + stafflog_add('Created crime ' . $_POST['name']); +} + +function edit_crime_begin() +{ + $csrf = request_csrf_html('staff_editcrime1'); + echo " +

    Editing Crime

    + You can edit any aspect of this crime. +
    +
    + Crime: " . crime_dropdown(NULL, 'crime') + . " +
    + {$csrf} + +
    + "; +} + +function edit_crime_form() +{ + global $c, $h, $userid, $db; + $_POST['crime'] = + (isset($_POST['crime']) && is_numeric($_POST['crime'])) + ? abs(intval($_POST['crime'])) : ''; + staff_csrf_stdverify('staff_editcrime1', + 'staff_crimes.php?action=editcrime'); + $d = + $db->query( + "SELECT `crimeXP`, `crimeJREASON`, `crimeJAILTIME`, + `crimeJTEXT`, `crimeFTEXT`, `crimeSTEXT`, `crimeITEXT`, + `crimeGROUP`, `crimeSUCCESSITEM`, `crimeSUCCESSCRYS`, + `crimeSUCCESSMUNY`, `crimePERCFORM`, `crimeBRAVE`, + `crimeNAME` + FROM `crimes` + WHERE `crimeID` = {$_POST['crime']}"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Crime doesn\'t seem to exist.
    > Go back'; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $csrf = request_csrf_html('staff_editcrime2'); + echo " +

    Editing Crime

    +
    + + Name: +
    + Brave Cost: +
    + Success % Formula: +
    + Success Money: +
    + Success Crystals: +
    + Success Item: " + . item2_dropdown(NULL, 'crimeSUCCESSITEM', + $itemi['crimeSUCCESSITEM']) . " +
    + Group: " + . crimegroup_dropdown(NULL, 'crimeGROUP', $itemi['crimeGROUP']) + . " +
    + Initial Text: +
    + Success Text: +
    + Failure Text: +
    + Jail Text: +
    + Jail Time: +
    + Jail Reason: +
    + Crime XP Given: +
    + {$csrf} + +
    + "; +} + +function edit_crime_sub() +{ + global $c, $h, $userid, $db; + $_POST['crimeNAME'] = + (isset($_POST['crimeNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['crimeNAME'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeNAME']))) : ''; + $_POST['crimeBRAVE'] = + (isset($_POST['crimeBRAVE']) && is_numeric($_POST['crimeBRAVE'])) + ? abs(intval($_POST['crimeBRAVE'])) : ''; + $_POST['crimePERCFORM'] = + (isset($_POST['crimePERCFORM'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimePERCFORM']))) + : ''; + $_POST['crimeSUCCESSMUNY'] = + (isset($_POST['crimeSUCCESSMUNY']) + && is_numeric($_POST['crimeSUCCESSMUNY'])) + ? abs(intval($_POST['crimeSUCCESSMUNY'])) : ''; + $_POST['crimeSUCCESSCRYS'] = + (isset($_POST['crimeSUCCESSCRYS']) + && is_numeric($_POST['crimeSUCCESSCRYS'])) + ? abs(intval($_POST['crimeSUCCESSCRYS'])) : ''; + $_POST['crimeSUCCESSITEM'] = + (isset($_POST['crimeSUCCESSITEM']) + && is_numeric($_POST['crimeSUCCESSITEM'])) + ? abs(intval($_POST['crimeSUCCESSITEM'])) : 0; + $_POST['crimeGROUP'] = + (isset($_POST['crimeGROUP']) && is_numeric($_POST['crimeGROUP'])) + ? abs(intval($_POST['crimeGROUP'])) : ''; + $_POST['crimeITEXT'] = + (isset($_POST['crimeITEXT'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeITEXT']))) + : ''; + $_POST['crimeSTEXT'] = + (isset($_POST['crimeSTEXT'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeSTEXT']))) + : ''; + $_POST['crimeFTEXT'] = + (isset($_POST['crimeFTEXT'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeFTEXT']))) + : ''; + $_POST['crimeJTEXT'] = + (isset($_POST['crimeJTEXT'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeJTEXT']))) + : ''; + $_POST['crimeJAILTIME'] = + (isset($_POST['crimeJAILTIME']) + && is_numeric($_POST['crimeJAILTIME'])) + ? abs(intval($_POST['crimeJAILTIME'])) : ''; + $_POST['crimeJREASON'] = + (isset($_POST['crimeJREASON']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['crimeJREASON'])) + ? $db->escape( + strip_tags(stripslashes($_POST['crimeJREASON']))) + : ''; + $_POST['crimeXP'] = + (isset($_POST['crimeXP']) && is_numeric($_POST['crimeXP'])) + ? abs(intval($_POST['crimeXP'])) : ''; + if (empty($_POST['crimeNAME']) || empty($_POST['crimeBRAVE']) + || empty($_POST['crimePERCFORM']) + || empty($_POST['crimeSUCCESSMUNY']) + || empty($_POST['crimeSUCCESSCRYS']) + || empty($_POST['crimeGROUP']) || empty($_POST['crimeITEXT']) + || empty($_POST['crimeSTEXT']) || empty($_POST['crimeFTEXT']) + || empty($_POST['crimeJTEXT']) || empty($_POST['crimeJAILTIME']) + || empty($_POST['crimeJREASON']) || empty($_POST['crimeXP'])) + { + echo 'One or more of the inputs seems to be of the wrong format, + please go back and try again.
    + > Go back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editcrime2', + 'staff_crimes.php?action=editcrime'); + if (!empty($_POST['crimeSUCCESSITEM'])) + { + $qi = + $db->query( + 'SELECT COUNT(`itmid`) + FROM `items` + WHERE `itmid` = ' . $_POST['crimeSUCCESSITEM']); + $exist_check = $db->fetch_single($qi); + $db->free_result($qi); + if ($exist_check == 0) + { + echo 'Item you selected doesn\'t seem to exist.
    + > Go back'; + die($h->endpage()); + } + } + $db->query( + "UPDATE `crimes` + SET `crimeNAME` = '{$_POST['crimeNAME']}', + `crimeBRAVE` = '{$_POST['crimeBRAVE']}', + `crimePERCFORM` = '{$_POST['crimePERCFORM']}', + `crimeSUCCESSMUNY` = '{$_POST['crimeSUCCESSMUNY']}', + `crimeSUCCESSCRYS` = '{$_POST['crimeSUCCESSCRYS']}', + `crimeSUCCESSITEM` = '{$_POST['crimeSUCCESSITEM']}', + `crimeGROUP` = '{$_POST['crimeGROUP']}', + `crimeITEXT` = '{$_POST['crimeITEXT']}', + `crimeSTEXT` = '{$_POST['crimeSTEXT']}', + `crimeFTEXT` = '{$_POST['crimeFTEXT']}', + `crimeJTEXT` = '{$_POST['crimeJTEXT']}', + `crimeJAILTIME` = {$_POST['crimeJAILTIME']}, + `crimeJREASON` = '{$_POST['crimeJREASON']}', + `crimeXP` = {$_POST['crimeXP']} + WHERE `crimeID` = {$_POST['crimeID']}"); + echo 'Crime (' . $_POST['crimeNAME'] + . ') edited.
    + > Goto Main'; + stafflog_add('Edited crime ' . $_POST['crimeNAME']); + +} + +function delcrime() +{ + global $c, $h, $userid, $db; + switch ($_GET['step']) + { + default: + $csrf = request_csrf_html('staff_delcrime1'); + echo " +

    Deleting Crime

    + Here you can delete a crime.
    +
    + Crime: " . crime_dropdown(NULL, 'crime') + . " +
    + {$csrf} + +
    + "; + break; + case 2: + $target = + (isset($_POST['crime']) && is_numeric($_POST['crime'])) + ? abs(intval($_POST['crime'])) : ''; + staff_csrf_stdverify('staff_delcrime1', + 'staff_crimes.php?action=delcrime'); + if (empty($target)) + { + echo 'Invalid Crime.
    + > Go back'; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `crimeNAME` + FROM `crimes` + WHERE `crimeID` = '$target'"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Crime you selected doesn\'t seem to exist.
    + > Go back'; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $csrf = request_csrf_html('staff_delcrime2'); + echo " +

    Confirm

    + Delete crime - " . $itemi["crimeNAME"] + . "? +
    + + {$csrf} + + +
    + "; + break; + case 3: + $target = + (isset($_POST['crimeID']) && is_numeric($_POST['crimeID'])) + ? abs(intval($_POST['crimeID'])) : ''; + staff_csrf_stdverify('staff_delcrime2', + 'staff_crimes.php?action=delcrime'); + if (empty($target)) + { + echo 'Invalid Crime.
    + > Go back'; + die($h->endpage()); + } + $_POST['yesorno'] = + (isset($_POST['yesorno']) + && in_array($_POST['yesorno'], array('Yes', 'No'))) + ? $_POST['yesorno'] : 'No'; + if ($_POST['yesorno'] == 'No') + { + echo ' + Crime not deleted.
    + > Goto Main + '; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `crimeNAME` + FROM `crimes` + WHERE `crimeID` = '$target'"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Crime you selected doesn\'t seem to exist.
    + > Go back'; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $db->query( + "DELETE FROM `crimes` + WHERE `crimeID` = '$target'"); + echo 'Crime (' . $itemi['crimeNAME'] + . ') Deleted.
    + > Goto Main.'; + stafflog_add('Deleted crime ' . $itemi['crimeNAME']); + break; + } +} + +function new_crimegroup_form() +{ + $csrf = request_csrf_html('staff_newcrimegroup'); + echo " + Adding a new crime group. +
    +
    + Name: +
    + Order Number: +
    + {$csrf} + +
    + "; +} + +function new_crimegroup_submit() +{ + global $c, $userid, $db, $h; + $_POST['cgNAME'] = + (isset($_POST['cgNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['cgNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['cgNAME']))) + : ''; + $_POST['cgORDER'] = + (isset($_POST['cgORDER']) && is_numeric($_POST['cgORDER'])) + ? abs(intval($_POST['cgORDER'])) : ''; + if (empty($_POST['cgNAME']) || empty($_POST['cgORDER'])) + { + echo 'You missed one or more of the required fields. + Please go back and try again.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_newcrimegroup', + 'staff_crimes.php?action=newcrimegroup'); + $d = + $db->query( + 'SELECT COUNT(`cgID`) + FROM `crimegroups` + WHERE `cgORDER` = ' . $_POST['cgORDER']); + if ($db->fetch_single($d) > 0) + { + $db->free_result($d); + echo 'You cannot put two crime groups in the same order.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + "INSERT INTO `crimegroups` + (`cgNAME`, `cgORDER`) + VALUES('{$_POST['cgNAME']}', '{$_POST['cgORDER']}')"); + echo 'Crime Group created!
    + > Go Back'; + stafflog_add('Created Crime Group ' . $_POST['cgNAME']); +} + +function edit_crimegroup_begin() +{ + $csrf = request_csrf_html('staff_editcrimegroup1'); + global $c, $h, $userid, $db; + echo " +

    Editing A Crime Group

    +
    + Crime Group: " . crimegroup_dropdown(NULL, 'crimeGROUP') + . " +
    + {$csrf} + +
    + "; +} + +function edit_crimegroup_form() +{ + global $c, $h, $userid, $db; + $_POST['crimeGROUP'] = + (isset($_POST['crimeGROUP']) && is_numeric($_POST['crimeGROUP'])) + ? abs(intval($_POST['crimeGROUP'])) : ''; + staff_csrf_stdverify('staff_editcrimegroup1', + 'staff_crimes.php?action=editcrimegroup'); + if (empty($_POST['crimeGROUP'])) + { + echo 'Invalid Group.
    + > Go back'; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `cgORDER`, `cgNAME` + FROM `crimegroups` + WHERE `cgID` = {$_POST['crimeGROUP']}"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Group you selected doesn\'t seem to exist.
    + > Go back'; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $csrf = request_csrf_html('staff_editcrimegroup2'); + echo " +

    Editing Crime Group

    +
    + + Name: +
    + Order Number: +
    + {$csrf} + +
    + "; +} + +function edit_crimegroup_sub() +{ + global $c, $h, $userid, $db; + $_POST['cgNAME'] = + (isset($_POST['cgNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['cgNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['cgNAME']))) + : ''; + $_POST['cgORDER'] = + (isset($_POST['cgORDER']) && is_numeric($_POST['cgORDER'])) + ? abs(intval($_POST['cgORDER'])) : ''; + $_POST['cgID'] = + (isset($_POST['cgID']) && is_numeric($_POST['cgID'])) + ? abs(intval($_POST['cgID'])) : ''; + staff_csrf_stdverify('staff_editcrimegroup2', + 'staff_crimes.php?action=editcrimegroup'); + if (empty($_POST['cgNAME']) || empty($_POST['cgORDER'])) + { + echo 'You missed one or more of the required fields. + Please go back and try again.
    + > Go Back'; + die($h->endpage()); + } + else + { + $d = + $db->query( + 'SELECT COUNT(`cgID`) + FROM `crimegroups` + WHERE `cgORDER` = ' . $_POST['cgORDER'] + . ' + AND `cgID` != ' . $_POST['cgID']); + if ($db->fetch_single($d) > 0) + { + $db->free_result($d); + echo 'You cannot put two crime groups in the same order.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + "UPDATE `crimegroups` + SET `cgNAME` = '{$_POST['cgNAME']}', + `cgORDER` = '{$_POST['cgORDER']}' + WHERE `cgID` = '{$_POST['cgID']}'"); + echo 'Crime Group edited
    + > Go Back'; + stafflog_add("Edited Crime Group {$_POST['cgNAME']}"); + } +} + +function delcrimegroup() +{ + global $c, $h, $userid, $db; + switch ($_GET['step']) + { + default: + $csrf = request_csrf_html('staff_delcrimegroup1'); + echo " +

    Deleting Crime Group

    +
    + Crime Group: " . crimegroup_dropdown(NULL, 'crimeGROUP') + . "
    + Move crimes in deleted group to: " + . crimegroup_dropdown(NULL, 'crimeGROUP2') + . "
    + {$csrf} + +
    "; + break; + case 2: + $target = + (isset($_POST['crimeGROUP']) + && is_numeric($_POST['crimeGROUP'])) + ? abs(intval($_POST['crimeGROUP'])) : ''; + $target2 = + (isset($_POST['crimeGROUP2']) + && is_numeric($_POST['crimeGROUP2'])) + ? abs(intval($_POST['crimeGROUP2'])) : ''; + staff_csrf_stdverify('staff_delcrimegroup1', + 'staff_crimes.php?action=delcrimegroup'); + if ((empty($target) || empty($target2)) || ($target == $target2)) + { + echo 'One of two things may have went wrong.
    + 1) You didn\'t input the fields correctly.
    + 2) Fields are the same.
    + > Go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT COUNT(`cgID`) + FROM `crimegroups` + WHERE `cgID` IN($target, $target2)"); + if ($db->fetch_single($q) < 2) + { + $db->free_result($q); + echo 'One of the two or both groups selected don\'t exist.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $d = + $db->query( + "SELECT `cgNAME` + FROM `crimegroups` + WHERE `cgID` = $target"); + $itemi = $db->fetch_single($d); + $db->free_result($d); + $csrf = request_csrf_html('staff_delcrimegroup2'); + echo " +

    Confirm

    + Delete crime group - " . $itemi + . "? +
    + + + {$csrf} + + +
    + "; + break; + case 3: + $target = + (isset($_POST['cgID']) && is_numeric($_POST['cgID'])) + ? abs(intval($_POST['cgID'])) : ''; + $target2 = + (isset($_POST['cgID2']) && is_numeric($_POST['cgID2'])) + ? abs(intval($_POST['cgID2'])) : ''; + staff_csrf_stdverify('staff_delcrimegroup2', + 'staff_crimes.php?action=delcrimegroup'); + if ((empty($target) || empty($target2)) || ($target == $target2)) + { + echo 'One of two things may have went wrong.
    + 1) You didn\'t input the fields correctly.
    + 2) Fields are the same.
    + > Go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT COUNT(`cgID`) + FROM `crimegroups` + WHERE `cgID` IN($target, $target2)"); + if ($db->fetch_single($q) < 2) + { + $db->free_result($q); + echo 'One of the two or both groups selected don\'t exist.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $_POST['yesorno'] = + (isset($_POST['yesorno']) + && in_array($_POST['yesorno'], array('Yes', 'No'))) + ? $_POST['yesorno'] : 'No'; + if ($_POST['yesorno'] == 'No') + { + echo 'Group not deleted.
    + > Goto Main'; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `cgNAME` + FROM `crimegroups` + WHERE `cgID` = $target"); + $itemi = $db->fetch_row($d); + $db->free_result($d); + $db->query( + "DELETE FROM `crimegroups` + WHERE `cgID` = $target"); + $db->query( + "UPDATE `crimes` + SET `crimeGROUP` = {$target2} + WHERE `crimeGROUP` = {$target}"); + stafflog_add("Deleted crime group {$itemi['cgNAME']}"); + echo 'Crime Group deleted.
    + > Goto Main'; + break; + } +} + +function reorder_crimegroups() +{ + global $db, $c, $h, $userid; + if (isset($_POST['submit'])) + { + unset($_POST['submit']); + staff_csrf_stdverify('staff_reorder_crimegroups', + 'staff_crimes.php?action=reorder'); + unset($_POST['verf']); + $used = array(); + foreach ($_POST as $v) + { + $v = (isset($v) && is_numeric($v)) ? abs(intval($v)) : ''; + if (empty($v)) + { + echo 'Invalid group.
    + > Go Back'; + die($h->endpage()); + } + if (in_array($v, $used)) + { + echo 'You have used the same order number twice.
    + > Go Back'; + die($h->endpage()); + } + $used[] = $v; + } + $ro_cnt = count($used); + $ro = implode(',', $used); + $c_g = + $db->query( + 'SELECT COUNT(`cgID`) + FROM `crimegroups` + WHERE `cgORDER` IN(' . $ro . ')'); + if ($db->fetch_single($c_g) < $ro_cnt) + { + $db->free_result($c_q); + echo 'Group order doesn\'t exist.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($c_q); + foreach ($_POST as $k => $v) + { + $cg = str_replace("order", "", $k); + $db->query( + "UPDATE `crimegroups` + SET `cgORDER` = {$v} + WHERE `cgID` = {$cg}"); + } + echo "Crime group order updated!"; + stafflog_add("Reordered crime groups"); + } + else + { + $q = + $db->query( + "SELECT `cgID`, `cgNAME` + FROM `crimegroups` + ORDER BY `cgORDER` ASC, `cgID` ASC"); + $rows = $db->num_rows($q); + $i = 0; + $csrf = request_csrf_html('staff_reorder_crimegroups'); + echo " +

    Re-ordering Crime Groups

    + + + + + + + + {$csrf} + "; + while ($r = $db->fetch_row($q)) + { + $i++; + echo " + + + + + '; + } + $db->free_result($q); + echo " + + + + +
    Crime GroupOrder
    {$r['cgNAME']} +
    + "; + } +} +$h->endpage(); diff --git a/staff_forums.php b/staff_forums.php new file mode 100644 index 0000000..b5a4b46 --- /dev/null +++ b/staff_forums.php @@ -0,0 +1,408 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "addforum": + addforum(); + break; +case "editforum": + editforum(); + break; +case "delforum": + delforum(); + break; +default: + echo 'Error: This script requires an action.'; + break; +} + +function addforum() +{ + global $db, $ir, $c, $h, $userid; + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $desc = + (isset($_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + $auth = + (isset($_POST['auth']) + && in_array($_POST['auth'], array('staff', 'public'), true)) + ? $_POST['auth'] : 'public'; + if ($auth && $desc && $name) + { + staff_csrf_stdverify('staff_addforum', + 'staff_forums.php?action=addforum'); + $q = + $db->query( + "SELECT COUNT(`ff_id`) + FROM `forum_forums` + WHERE `ff_name` = '{$name}'"); + if ($db->fetch_single($q)) + { + $db->free_result($q); + echo 'Forum name already exists, please try another.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `forum_forums` + (`ff_name`, `ff_desc`, `ff_auth`, `ff_lp_poster_name`, + `ff_lp_t_name`) + VALUES('$name', '$desc', '$auth', 'N/A', 'N/A')"); + echo 'Forum ' . $name + . ' added to the game.
    > Goto Main'; + stafflog_add('Created ' . $auth . ' Forum ' . $name); + } + else + { + $csrf = request_csrf_html('staff_addforum'); + echo " +

    Add Forum

    +
    +
    + Name: +
    + Description: +
    + Authorization: + Public + Staff Only +
    + {$csrf} + +
    + "; + } +} + +function editforum() +{ + global $db, $ir, $c, $h, $userid; + if (!isset($_POST['step'])) + { + $_POST['step'] = '0'; + } + switch ($_POST['step']) + { + case "2": + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + $desc = + (isset($_POST['desc'])) + ? $db->escape(strip_tags(stripslashes($_POST['desc']))) + : ''; + $auth = + (isset($_POST['auth']) + && in_array($_POST['auth'], array('staff', 'public'))) + ? $_POST['auth'] : 'public'; + $_POST['id'] = + (isset($_POST['id']) && is_numeric($_POST['id'])) + ? abs(intval($_POST['id'])) : ''; + if (empty($_POST['id']) || empty($name) || empty($desc)) + { + echo 'Invalid input.
    + > Go back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editforum2', + 'staff_forums.php?action=editforum'); + $q = + $db->query( + "SELECT COUNT(`ff_id`) + FROM `forum_forums` + WHERE `ff_name` = '{$name}' + AND `ff_id` != {$_POST['id']}"); + if ($db->fetch_single($q) > 0) + { + $db->free_result($q); + echo 'Forum name already exists.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $q = + $db->query( + "SELECT COUNT(`ff_id`) + FROM `forum_forums` + WHERE `ff_id` = {$_POST['id']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Forum id doesn\'t exist.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `forum_forums` + SET `ff_desc` = '$desc', `ff_name` = '$name', + `ff_auth` = '$auth' + WHERE `ff_id` = {$_POST['id']}"); + echo 'Forum ' . $name + . ' was edited successfully.
    + > Goto Main'; + stafflog_add("Edited forum $name"); + break; + case "1": + $_POST['id'] = + (isset($_POST['id']) && is_numeric($_POST['id'])) + ? abs(intval($_POST['id'])) : ''; + if (empty($_POST['id'])) + { + echo 'Invalid input.
    + > Go back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_editforum1', + 'staff_forums.php?action=editforum'); + $q = + $db->query( + "SELECT `ff_auth`, `ff_name`, `ff_desc` + FROM `forum_forums` + WHERE `ff_id` = {$_POST['id']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Forum id doesn\'t exist.
    + > Go back'; + die($h->endpage()); + } + $old = $db->fetch_row($q); + $db->free_result($q); + $check_p = ($old['ff_auth'] == 'public') ? 'checked' : ''; + $check_s = ($old['ff_auth'] == 'staff') ? 'checked' : ''; + $csrf = request_csrf_html('staff_editforum2'); + echo ' +

    Editing a Forum

    +
    + + + Name: +
    + Description: +
    + Authorization: Public Staff +
    + ' . $csrf + . ' + +
    + '; + break; + default: + $csrf = request_csrf_html('staff_editforum1'); + echo " +

    Editing a Forum

    +
    + + Forum: " . forum2_dropdown(NULL, "id") + . "
    + {$csrf} + +
    + "; + break; + } +} + +function delforum() +{ + global $db, $ir, $c, $h, $userid; + $_POST['forum'] = + (isset($_POST['forum']) && is_numeric($_POST['forum'])) + ? abs(intval($_POST['forum'])) : ''; + $_POST['forum2'] = + (isset($_POST['forum2']) && is_numeric($_POST['forum2'])) + ? abs(intval($_POST['forum2'])) : ''; + if ($_POST['forum'] && $_POST['forum2']) + { + staff_csrf_stdverify('staff_delforum', + 'staff_forums.php?action=delforum'); + if ($_POST['forum'] == $_POST['forum2']) + { + echo 'Fields are the same.
    + > Go back'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT COUNT(`ff_id`) + FROM `forum_forums` + WHERE `ff_id` IN({$_POST['forum']}, + {$_POST['forum2']})"); + if ($db->fetch_single($q) < 2) + { + $db->free_result($q); + echo 'One of the two forums selected doesn\'t exist.
    + > Go back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `forum_posts` + SET `fp_forum_id` = {$_POST['forum2']} + WHERE `fp_forum_id` = {$_POST['forum']}"); + $db->query( + "UPDATE `forum_topics` + SET `ft_forum_id` = {$_POST['forum2']} + WHERE `ft_forum_id` = {$_POST['forum']}"); + recache_forum($_POST['forum2']); + $q = + $db->query( + "SELECT `ff_name` + FROM `forum_forums` + WHERE `ff_id` = {$_POST['forum']}"); + $old = $db->fetch_single($q); + $db->free_result($q); + $db->query( + "DELETE FROM `forum_forums` + WHERE `ff_id` = {$_POST['forum']}"); + echo 'Forum ' . $old + . ' deleted.
    + > Goto Main'; + stafflog_add("Deleted forum {$old}"); + } + else + { + $csrf = request_csrf_html('staff_delforum'); + echo " + +

    Delete Forum

    +
    + Deleting a forum is permanent - be sure. +
    + Forum: " . forum2_dropdown(NULL, "forum") + . " +
    + Move posts & topics in the deleted forum to: " + . forum2_dropdown(NULL, "forum2") + . " +
    + {$csrf} + +
    "; + } +} + +function recache_forum($forum) +{ + global $ir, $c, $userid, $h, $bbc, $db; + $forum = abs((int) $forum); + if ($forum <= 0) + { + return; + } + echo "Recaching forum ID $forum ... "; + $q = + $db->query( + "SELECT `fp_poster_name`, `fp_time`, `fp_poster_id`, + `ft_name`, `ft_id` + FROM `forum_posts` AS `p` + LEFT JOIN `forum_topics` AS `t` + ON `p`.`fp_topic_id` = `t`.`ft_id` + WHERE `p`.`fp_forum_id` = {$forum} + ORDER BY `p`.`fp_time` DESC + LIMIT 1"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = 0, `ff_lp_poster_id` = 0, + `ff_lp_poster_name` = 'N/A', `ff_lp_t_id` = 0, + `ff_lp_t_name` = 'N/A', `ff_posts` = 0, `ff_topics` = 0 + WHERE `ff_id` = {$forum}"); + echo " ... Done
    "; + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + $tn = $db->escape($r['ft_name']); + $pn = $db->escape($r['fp_poster_name']); + $posts_q = + $db->query( + "SELECT COUNT(`fp_id`) + FROM `forum_posts` + WHERE `fp_forum_id` = {$forum}"); + $posts = $db->fetch_single($posts_q); + $db->free_result($posts_q); + $topics_q = + $db->query( + "SELECT COUNT(`ft_id`) + FROM `forum_topics` + WHERE `ft_forum_id` = {$forum}"); + $topics = $db->fetch_single($topics_q); + $db->free_result($topics_q); + $db->query( + "UPDATE `forum_forums` + SET `ff_lp_time` = {$r['fp_time']}, + `ff_lp_poster_id` = {$r['fp_poster_id']}, + `ff_lp_poster_name` = '$pn', `ff_lp_t_id` = {$r['ft_id']}, + `ff_lp_t_name` = '$tn', `ff_posts` = $posts, + `ff_topics` = $topics + WHERE `ff_id` = {$forum}"); + echo " ... Done
    "; + } +} +$h->endpage(); diff --git a/staff_gangs.php b/staff_gangs.php new file mode 100644 index 0000000..199bd2a --- /dev/null +++ b/staff_gangs.php @@ -0,0 +1,1066 @@ + + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_POST['gang']) && is_numeric($_POST['gang'])) + ? abs(intval($_POST['gang'])) : ''; + $_POST['reason'] = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + if ($gang) + { + staff_csrf_stdverify('staff_gangs_record', + 'staff_gangs.php?action=grecord'); + $q = + $db->query( + "SELECT `gangNAME`, `gangDESC`, `gangPREF`, + `gangMONEY`, `gangCRYSTALS`, `gangRESPECT`, + `gangPRESIDENT`, `gangVICEPRES`, `gangCAPACITY`, + `gangCRIME`, `gangCHOURS`, `gangAMENT`, `gangID` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + $_POST['gang'] = 0; + admin_gang_record(); + } + else if (!$_POST['reason']) + { + $_POST['gang'] = 0; + admin_gang_record(); + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + echo " + + + + +
    + Gang Name: {$r['gangNAME']} +
    + Gang Description: {$r['gangDESC']} +
    + Prefix: {$r['gangPREF']} +
    + Money: {$r['gangMONEY']} +
    + Crystals: {$r['gangCRYSTALS']} +
    + Respect: {$r['gangRESPECT']} +
    + President: {$r['gangPRESIDENT']} +
    + Vice-President: {$r['gangVICEPRES']} +
    + Capacity: {$r['gangCAPACITY']} +
    + Crime: {$r['gangCRIME']} +
    + Hours Left: {$r['gangCHOURS']} +
    + Annnouncement: {$r['gangAMENT']} +
    + "; + stafflog_add( + $ir['username'] . ' looked at gang id ' . $r['gangID'] + . ' (' . $r['gangNAME'] + . ')\'s record. with the reason ' + . $_POST['reason']); + } + } + else + { + $csrf = request_csrf_html('staff_gangs_record'); + echo " +
    +

    Gang Record

    + Enter a gang ID to view the record of:
    + Reason for viewing:
    + {$csrf} + +
    + "; + } +} + +function admin_gang_credit() +{ + global $db, $ir, $userid, $c, $h; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_POST['gang']) && is_numeric($_POST['gang'])) + ? abs(intval($_POST['gang'])) : ''; + $money = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + $crystals = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + $reason = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + if (($money != 0 || $crystals != 0) && ($gang && $reason)) + { + $q = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Invalid gang."; + die($h->endpage()); + } + staff_csrf_stdverify('staff_gangs_credit2', + 'staff_gangs.php?action=gcredit'); + $gangname = $db->fetch_single($q); + $db->free_result($q); + $db->query( + "UPDATE `gangs` + SET `gangMONEY` = `gangMONEY` + $money, + `gangCRYSTALS` = `gangCRYSTALS` + $crystals + WHERE `gangID` = $gang"); + echo "The gang {$gangname} was successfully credited."; + stafflog_add( + "{$ir['username']} credited {$gangname} (gang ID {$gang}) + with {$money} money and/or {$crystals} crystals + with the reason {$reason}"); + } + else if ($gang && ($money != 0 || $crystals != 0)) + { + staff_csrf_stdverify('staff_gangs_credit1', + 'staff_gangs.php?action=gcredit'); + $q = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Invalid gang."; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_gangs_credit2'); + echo " + You are crediting " . $db->fetch_single($q) . " with " + . money_formatter($money) + . " and/or $crystals crystals. +
    +
    + + + + {$csrf} + Reason: +
    + +
    + "; + $db->free_result($q); + } + else + { + $csrf = request_csrf_html('staff_gangs_credit1'); + echo " +

    Credit Gang

    +
    + + + + + + + + + + + + + + + + +
    Gang's ID: + +
    Money: + +
    Crystals: + +
    + {$csrf} + +
    + "; + } +} + +function admin_gang_wars() +{ + global $db, $ir, $userid, $c, $h; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + echo ' +

    Manage Gang Wars

    + + '; + $q = + $db->query( + "SELECT `warID`, `warDECLARED`, `warDECLARER`, + `g1`.`gangNAME` AS `declarer`, + `g1`.`gangRESPECT` AS `drespect`, + `g2`.`gangNAME` AS `defender`, + `g2`.`gangRESPECT` AS `frespect` + FROM `gangwars` AS `w` + LEFT JOIN `gangs` AS `g1` + ON `w`.`warDECLARER` = `g1`.`gangID` + LEFT JOIN `gangs` AS `g2` + ON `w`.`warDECLARED` = `g2`.`gangID`"); + while ($r = $db->fetch_row($q)) + { + $csrf = request_csrf_html("staff_gangs_wardelete{$r['warID']}"); + echo " + + + + + + + "; + } + $db->free_result($q); + echo '
    + + {$r['declarer']} + + [{$r['drespect']} respect] + vs. + + {$r['defender']} + + [{$r['frespect']} respect] + + + {$csrf} + + +
    '; +} + +function admin_gang_wardelete() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $_GET['war'] = + (isset($_GET['war']) && is_numeric($_GET['war'])) + ? abs(intval($_GET['war'])) : 0; + staff_csrf_stdverify("staff_gangs_wardelete{$_GET['war']}", + 'staff_gangs.php?action=gwar'); + $q = + $db->query( + "SELECT `warDECLARED`, `warDECLARER`, + `g1`.`gangNAME` AS `declarer`, + `g1`.`gangRESPECT` AS `drespect`, + `g2`.`gangNAME` AS `defender`, + `g2`.`gangRESPECT` AS `frespect` + FROM `gangwars` AS `w` + LEFT JOIN `gangs` AS `g1` + ON `w`.`warDECLARER` = `g1`.`gangID` + LEFT JOIN `gangs` AS `g2` + ON `w`.`warDECLARED` = `g2`.`gangID` + WHERE `w`.`warID` = {$_GET['war']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid war.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $db->query("DELETE FROM `gangwars` + WHERE `warID` = {$_GET['war']}"); + echo 'War cleared.
    + > Go Back'; + stafflog_add( + "{$ir['username']} deleted war ID {$_GET['war']} + ({$r['declarer']} + [{$r['drespect']} respect] + vs. + {$r['defender']} + [{$r['frespect']} respect])"); +} + +function admin_gang_edit_begin() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_POST['gang']) && is_numeric($_POST['gang'])) + ? abs(intval($_POST['gang'])) : ''; + if ($gang) + { + $q = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Invalid gang."; + die($h->endpage()); + } + $theirname = $db->fetch_single($q); + $edits = + array(1 => array('Name And Description', 'gedit_name', '4'), + 2 => array('Prefix', 'gedit_prefix', '4'), + 3 => array('Finances + Respect', 'gedit_finances', '4'), + 4 => array('Staff', 'gedit_staff', '4'), + 5 => array('Capacity', 'gedit_capacity', '4'), + 6 => array('Organised Crime', 'gedit_crime', '4'), + 7 => array('Announcement', 'gedit_ament', '4')); + echo " +

    Manage Gang

    + You are managing the gang: $theirname +
    + Choose an edit to perform. +
    + + + + + + + "; + foreach ($edits as $k => $v) + { + if ($v[2] >= $ir['user_level']) + { + $a = "green'>Yes"; + $l = + "Go"; + } + else + { + $a = "red'>No"; + $l = "N/A"; + } + echo " + + +
    Edit TypeAvailable For UseUse
    $v[0]'; + } + else + { + echo " +
    +

    Gang Management

    + Enter a gang ID to manage: +
    + +
    + "; + } +} + +function admin_gang_edit_name() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $_POST['gangNAME'] = + (isset($_POST['gangNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['gangNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['gangNAME']))) + : ''; + $_POST['gangDESC'] = + (isset($_POST['gangDESC'])) + ? $db->escape(strip_tags(stripslashes($_POST['gangDESC']))) + : ''; + $q = + $db->query( + "SELECT `gangNAME`,`gangDESC` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $_POST['gangNAME'] && $_POST['gangDESC']) + { + staff_csrf_stdverify('staff_gangs_edit_name', + "staff_gangs.php?action=gedit_name&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangNAME` = '{$_POST['gangNAME']}', + `gangDESC` = '{$_POST['gangDESC']}' + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add($userid, + "{$ir['username']} edited gang ID $gang's name and/or description", + $c); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_name'); + echo " +

    Gang Management: Name/Description

    + Editing the gang: {$r['gangNAME']} +
    +
    + + + + + + + + + + + + +
    Name: + +
    Description: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_prefix() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $_POST['gangPREF'] = + (isset($_POST['gangPREF']) && strlen($_POST['gangPREF']) <= 5) + ? $db->escape(strip_tags(stripslashes($_POST['gangPREF']))) + : ''; + $q = + $db->query( + "SELECT `gangNAME`, `gangPREF` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $_POST['gangPREF']) + { + staff_csrf_stdverify('staff_gangs_edit_prefix', + "staff_gangs.php?action=gedit_prefix&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangPREF` = '{$_POST['gangPREF']}' + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add("{$ir['username']} edited gang ID $gang's prefix"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_prefix'); + echo " +

    Gang Management: Prefix

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + +
    Prefix: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_finances() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $money = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + $crystals = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + $reason = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $respect = + (isset($_POST['respect']) && is_numeric($_POST['respect'])) + ? abs(intval($_POST['respect'])) : 0; + $q = + $db->query( + "SELECT `gangNAME`, `gangMONEY`, `gangCRYSTALS`, + `gangRESPECT` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $reason) + { + staff_csrf_stdverify('staff_gangs_edit_finances', + "staff_gangs.php?action=gedit_finances&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangMONEY` = $money, `gangCRYSTALS` = $crystals, + `gangRESPECT` = $respect + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add( + "{$ir['username']} edited gang ID $gang's finances with the reason $reason"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_finances'); + echo " +

    Gang Management: Financial Details

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + + + + + + + + + + + + + +
    Money: + +
    Crystals: + +
    Respect: + +
    Reason for editing: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_staff() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $president = + (isset($_POST['president']) && is_numeric($_POST['president'])) + ? abs(intval($_POST['president'])) : ''; + $vicepres = + (isset($_POST['vicepres']) && is_numeric($_POST['vicepres'])) + ? abs(intval($_POST['vicepres'])) : ''; + $reason = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $q = + $db->query( + "SELECT `gangNAME`, `gangPRESIDENT`, `gangVICEPRES` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $reason && $president && $vicepres) + { + staff_csrf_stdverify('staff_gangs_edit_staff', + "staff_gangs.php?action=gedit_staff&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangPRESIDENT` = $president, + `gangVICEPRES` = $vicepres + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add( + "{$ir['username']} edited gang ID $gang's staff with the reason $reason"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_staff'); + echo " +

    Gang Management: Staff

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + + + + + + + + + +
    President: + +
    Vice-President: + +
    Reason for editing: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_capacity() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $capacity = + (isset($_POST['capacity']) && is_numeric($_POST['capacity'])) + ? abs(intval($_POST['capacity'])) : ''; + $reason = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $q = + $db->query( + "SELECT `gangNAME`, `gangCAPACITY` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $reason && $capacity) + { + staff_csrf_stdverify('staff_gangs_edit_capacity', + "staff_gangs.php?action=gedit_capacity&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangCAPACITY` = $capacity + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add( + "{$ir['username']} edited gang ID $gang's capacity with the reason $reason"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_capacity'); + echo " +

    Gang Management: Capacity

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + + + + + +
    Capacity: + +
    Reason for editing: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_crime() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : 0; + $crime = + (isset($_POST['crime']) && is_numeric($_POST['crime'])) + ? abs(intval($_POST['crime'])) : ''; + $chours = + (isset($_POST['chours']) && is_numeric($_POST['chours'])) + ? abs(intval($_POST['chours'])) : ''; + $reason = + (isset($_POST['reason']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $q = + $db->query( + "SELECT `gangNAME`, `gangCRIME`, `gangCHOURS` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $reason && $crime && $chours) + { + staff_csrf_stdverify('staff_gangs_edit_crime', + "staff_gangs.php?action=gedit_crime&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangCRIME` = $crime, `gangCHOURS` = $chours + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add( + "{$ir['username']} edited gang ID $gang's organised crime with the reason $reason"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_crime'); + echo " +

    Gang Management: Organised Crimes

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + + + + + + + + + +
    Crime ID: + +
    Crime Hours Left: + +
    Reason for editing: + +
    + {$csrf} + +
    +
    + "; + } +} + +function admin_gang_edit_ament() +{ + global $db, $ir, $userid, $h, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $gang = + (isset($_GET['gang']) && is_numeric($_GET['gang'])) + ? abs(intval($_GET['gang'])) : ''; + $_POST['gangAMENT'] = + (isset($_POST['gangAMENT'])) + ? $db->escape( + strip_tags(stripslashes($_POST['gangAMENT']))) : ''; + $q = + $db->query( + "SELECT `gangNAME`, `gangAMENT` + FROM `gangs` + WHERE `gangID` = $gang"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid gang.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + if ($gang && $_POST['gangAMENT']) + { + staff_csrf_stdverify('staff_gangs_edit_ament', + "staff_gangs.php?action=gedit_ament&gang={$gang}"); + $db->query( + "UPDATE `gangs` + SET `gangAMENT` = '{$_POST['gangAMENT']}' + WHERE `gangID` = $gang"); + echo 'Gang has been successfully modified.
    + > Go Back'; + stafflog_add("{$ir['username']} edited gang ID $gang's announcement"); + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_gangs_edit_ament'); + echo " +

    Gang Management: Announcement

    + Editing the gang: {$r['gangNAME']}
    +
    + + + + + + + + +
    Announcement: + +
    + {$csrf} + +
    +
    + "; + } +} +$h->endpage(); diff --git a/staff_houses.php b/staff_houses.php new file mode 100644 index 0000000..1baa7fc --- /dev/null +++ b/staff_houses.php @@ -0,0 +1,307 @@ + + > Go Back'; + die($h->endpage()); +} +//This contains house stuffs +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case "addhouse": + addhouse(); + break; +case "edithouse": + edithouse(); + break; +case "delhouse": + delhouse(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function addhouse() +{ + global $db, $ir, $c, $h, $userid; + $price = + (isset($_POST['price']) && is_numeric($_POST['price'])) + ? abs(intval($_POST['price'])) : ''; + $will = + (isset($_POST['will']) && is_numeric($_POST['will'])) + ? abs(intval($_POST['will'])) : ''; + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + if ($price && $will && $name) + { + staff_csrf_stdverify('staff_addhouse', + 'staff_houses.php?action=addhouse'); + $q = + $db->query( + "SELECT COUNT(`hID`) + FROM `houses` + WHERE `hWILL` = {$will}"); + if ($db->fetch_single($q) > 0) + { + $db->free_result($q); + echo 'Sorry, you cannot have two houses with the same maximum will.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `houses` + VALUES(NULL, '$name', '$price', '$will')"); + stafflog_add('Created House ' . $name); + echo 'House ' . $name + . ' added to the game.
    + > Go Back'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_addhouse'); + echo " +

    Add House

    +
    +
    + Name:
    + Price:
    + Max Will:
    + {$csrf} + +
    + "; + } +} + +function edithouse() +{ + global $db, $ir, $c, $h, $userid; + if (!isset($_POST['step'])) + { + $_POST['step'] = '0'; + } + switch ($_POST['step']) + { + case "2": + $price = + (isset($_POST['price']) && is_numeric($_POST['price'])) + ? abs(intval($_POST['price'])) : 0; + $will = + (isset($_POST['will']) && is_numeric($_POST['will'])) + ? abs(intval($_POST['will'])) : 0; + $_POST['id'] = + (isset($_POST['id']) && is_numeric($_POST['id'])) + ? abs(intval($_POST['id'])) : 0; + if (!$price || !$will || !$_POST['id']) + { + echo 'Sorry, invalid input. +
    > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_edithouse2', + 'staff_houses.php?action=edithouse'); + $q = + $db->query( + "SELECT `hID` + FROM `houses` + WHERE `hWILL` = {$will} AND `hID` != {$_POST['id']}"); + if ($db->num_rows($q)) + { + echo 'Sorry, you cannot have two houses with the same maximum will. +
    > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `hWILL` + FROM `houses` + WHERE `hID` = ' . $_POST['ID']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid house.
    + > Go Back'; + die($h->endpage()); + } + $oldwill = $db->fetch_single($q); + $name = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + if ($oldwill == 100 && $oldwill != $will) + { + echo 'Sorry, this house\'s will bar cannot be edited.
    + > Go Back'; + die($h->endpage()); + } + $db->query( + "UPDATE `houses` + SET `hWILL` = $will, `hPRICE` = $price, `hNAME` = '$name' + WHERE `hID` = {$_POST['id']}"); + $db->query( + "UPDATE `users` + SET `maxwill` = $will, `will` = LEAST(`will`, $will) + WHERE `maxwill` = {$old['hWILL']}"); + stafflog_add('Edited house ' . $name); + echo 'House ' . $name + . ' was edited successfully.
    + > Go Back'; + die($h->endpage()); + break; + case "1": + $_POST['house'] = + (isset($_POST['house']) && is_numeric($_POST['house'])) + ? abs(intval($_POST['house'])) : 0; + staff_csrf_stdverify('staff_edithouse1', + 'staff_houses.php?action=edithouse'); + $q = + $db->query( + "SELECT `hWILL`, `hPRICE`, `hNAME` + FROM `houses` + WHERE `hID` = {$_POST['house']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid house.
    + > Go Back'; + die($h->endpage()); + } + $old = $db->fetch_row($q); + $db->free_result($q); + $csrf = request_csrf_html('staff_edithouse2'); + echo " +

    Editing a House

    +
    +
    + + + Name: +
    + Price: +
    + Max Will: +
    + {$csrf} + +
    + "; + break; + default: + $csrf = request_csrf_html('staff_edithouse1'); + echo " +

    Editing a House

    +
    +
    + + House: " . house_dropdown(NULL, "house") + . " +
    + {$csrf} + +
    + "; + break; + } +} + +function delhouse() +{ + global $db, $ir, $c, $h, $userid; + $_POST['house'] = + (isset($_POST['house']) && is_numeric($_POST['house'])) + ? abs(intval($_POST['house'])) : ''; + if ($_POST['house']) + { + staff_csrf_stdverify('staff_delhouse', + 'staff_houses.php?action=delhouse'); + $q = + $db->query( + "SELECT `hWILL`, `hPRICE`, `hID`, `hNAME` + FROM `houses` + WHERE `hID` = {$_POST['house']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid house.
    + > Go Back'; + die($h->endpage()); + } + $old = $db->fetch_row($q); + $db->free_result($q); + if ($old['hWILL'] == 100) + { + echo 'This house cannot be deleted.
    + > Go Back'; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `money` = `money` + {$old['hPRICE']}, + `maxwill` = 100, `will` = LEAST(100, `will`) + WHERE `maxwill` = {$old['hWILL']}"); + $db->query( + "DELETE FROM `houses` + WHERE `hID` = {$old['hID']}"); + stafflog_add('Deleted house ' . $old['hNAME']); + echo 'House ' . $old['hNAME'] + . ' deleted.
    + > Go Back'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_delhouse'); + echo " +

    Delete House

    + Deleting a house is permanent - be sure. + Any users that are currently living in the house you delete + will be returned to the first house, + and their money will be refunded. +
    + House: " . house_dropdown(NULL, "house") + . " +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_items.php b/staff_items.php new file mode 100644 index 0000000..c938d7f --- /dev/null +++ b/staff_items.php @@ -0,0 +1,727 @@ + + > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_newitem'); + echo " +

    Adding an item to the game

    +
    + Item Name: +
    + Item Desc.: +
    + Item Type: " . itemtype_dropdown(NULL, 'itmtype') + . " +
    + Item Buyable: +
    + Item Price: +
    + Item Sell Value: +
    +
    +
    + Usage Form"; + for ($i = 1; $i <= 3; $i++) + { + echo "
    + Effect {$i} +
    + On? + Yes + No +
    + Stat: + Direction: +
    + Amount: + "; + } + echo " +
    + Combat Usage +
    + Weapon Power: +
    + Armor Defense: +
    + {$csrf} + +
    + "; +} + +function new_item_submit() +{ + global $db, $ir, $c, $h; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_newitem', 'staff_items.php?action=newitem'); + $itmname = + (isset($_POST['itmname']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['itmname'])) + ? $db->escape(strip_tags(stripslashes($_POST['itmname']))) + : ''; + $itmdesc = + (isset($_POST['itmdesc'])) + ? $db->escape(strip_tags(stripslashes($_POST['itmdesc']))) + : ''; + $weapon = + (isset($_POST['weapon']) && is_numeric($_POST['weapon'])) + ? abs(intval($_POST['weapon'])) : 0; + $armor = + (isset($_POST['armor']) && is_numeric($_POST['armor'])) + ? abs(intval($_POST['armor'])) : 0; + $_POST['itmtype'] = + (isset($_POST['itmtype']) && is_numeric($_POST['itmtype'])) + ? abs(intval($_POST['itmtype'])) : ''; + $_POST['itmbuyprice'] = + (isset($_POST['itmbuyprice']) && is_numeric($_POST['itmbuyprice'])) + ? abs(intval($_POST['itmbuyprice'])) : ''; + $_POST['itmsellprice'] = + (isset($_POST['itmsellprice']) + && is_numeric($_POST['itmsellprice'])) + ? abs(intval($_POST['itmsellprice'])) : ''; + if (empty($itmname) || empty($itmdesc) || empty($_POST['itmtype']) + || empty($_POST['itmbuyprice']) || empty($_POST['itmsellprice'])) + { + echo 'You missed one or more of the fields. Please go back and try again.
    + > Go Back'; + die($h->endpage()); + } + $itmbuy = ($_POST['itmbuyable'] == 'on') ? 1 : 0; + $effects = array(); + for ($i = 1; $i <= 3; $i++) + { + $efxkey = "effect{$i}"; + $_POST[$efxkey . 'stat'] = + (isset($_POST[$efxkey . 'stat']) + && in_array($_POST[$efxkey . 'stat'], + array('energy', 'will', 'brave', 'hp', + 'strength', 'agility', 'guard', + 'labour', 'IQ', 'hospital', 'jail', + 'money', 'crystals', 'cdays', + 'bankmoney', 'cybermoney', 'crimexp'))) + ? $_POST[$efxkey . 'stat'] : 'energy'; + $_POST[$efxkey . 'dir'] = + (isset($_POST[$efxkey . 'dir']) + && in_array($_POST[$efxkey . 'dir'], + array('pos', 'neg'))) ? $_POST[$efxkey . 'dir'] + : 'pos'; + $_POST[$efxkey . 'type'] = + (isset($_POST[$efxkey . 'type']) + && in_array($_POST[$efxkey . 'type'], + array('figure', 'percent'))) + ? $_POST[$efxkey . 'type'] : 'figure'; + $_POST[$efxkey . 'amount'] = + (isset($_POST[$efxkey . 'amount']) + && is_numeric($_POST[$efxkey . 'amount'])) + ? abs(intval($_POST[$efxkey . 'amount'])) : 0; + $_POST[$efxkey . 'on'] = + (isset($_POST[$efxkey . 'on']) + && in_array($_POST[$efxkey . 'on'], array('1', '0'))) + ? $_POST[$efxkey . 'on'] : 0; + $effects[$i] = + $db->escape( + serialize( + array("stat" => $_POST[$efxkey . 'stat'], + "dir" => $_POST[$efxkey . 'dir'], + "inc_type" => $_POST[$efxkey . 'type'], + "inc_amount" => abs( + (int) $_POST[$efxkey + . 'amount'])))); + } + $m = + $db->query( + "INSERT INTO `items` + VALUES(NULL, {$_POST['itmtype']}, '$itmname', '$itmdesc', + {$_POST['itmbuyprice']}, {$_POST['itmsellprice']}, + $itmbuy, '{$_POST['effect1on']}', '{$effects[1]}', + '{$_POST['effect2on']}', '{$effects[2]}', + '{$_POST['effect3on']}', '{$effects[3]}', $weapon, + $armor)"); + stafflog_add("Created item {$_POST['itmname']}"); + echo 'The ' . $_POST['itmname'] + . ' Item was added to the game.
    + > Go Home'; + die($h->endpage()); +} + +function give_item_form() +{ + global $db, $ir, $c; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_giveitem'); + echo " +

    Giving Item To User

    +
    + User: " . user_dropdown(NULL, 'user') . " +
    + Item: " . item_dropdown(NULL, 'item') + . " +
    + Quantity: +
    + {$csrf} + +
    + "; +} + +function give_item_submit() +{ + global $db, $ir, $c, $h; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_giveitem', 'staff_items.php?action=giveitem'); + $_POST['item'] = + (isset($_POST['item']) && is_numeric($_POST['item'])) + ? abs(intval($_POST['item'])) : ''; + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['qty'] = + (isset($_POST['qty']) && is_numeric($_POST['qty'])) + ? abs(intval($_POST['qty'])) : ''; + if (empty($_POST['item']) || empty($_POST['user']) || empty($_POST['qty'])) + { + echo 'Something was inputted incorrectly, please try again.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`itmid`) + FROM `items` + WHERE `itmid` = ' . $_POST['item']); + $q2 = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->fetch_single($q) == 0 OR $db->fetch_single($q2) == 0) + { + $db->free_result($q); + $db->free_result($q2); + echo 'Item/User doesn\'t seem to exist.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->free_result($q2); + item_add($_POST['user'], $_POST['item'], $_POST['qty']); + stafflog_add( + "Gave {$_POST['qty']} of item ID {$_POST['item']} to user ID {$_POST['user']}"); + echo 'You gave ' . $_POST['qty'] . ' of item ID ' . $_POST['item'] + . ' to user ID ' . $_POST['user'] + . '
    + > Go Back'; + die($h->endpage()); +} + +function kill_item_form() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_killitem'); + echo " +

    Deleting Item

    + The item will be permanently removed from the game. +
    +
    + Item: " . item_dropdown(NULL, 'item') + . " +
    + {$csrf} + +
    + "; +} + +function kill_item_submit() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_killitem', 'staff_items.php?action=killitem'); + $_POST['item'] = + (isset($_POST['item']) && is_numeric($_POST['item'])) + ? abs(intval($_POST['item'])) : ''; + if (empty($_POST['item'])) + { + echo 'Invalid Item.
    + > Go Back'; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `itmname` + FROM `items` + WHERE `itmid` = {$_POST['item']}"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Item doesn\'t seem to exist.
    + > Go Back'; + die($h->endpage()); + } + $itemname = $db->fetch_single($d); + $db->free_result($d); + $db->query("DELETE FROM `items` + WHERE `itmid` = {$_POST['item']}"); + $db->query( + "DELETE FROM `shopitems` + WHERE `sitemITEMID` = {$_POST['item']}"); + $db->query( + "DELETE FROM `inventory` + WHERE `inv_itemid` = {$_POST['item']}"); + $db->query( + "DELETE FROM `itemmarket` + WHERE `imITEM` = {$_POST['item']}"); + stafflog_add("Deleted item {$itemi['itmname']}"); + echo 'The ' . $itemi['itmname'] + . ' Item was removed from the game.
    + > Go Home'; + die($h->endpage()); +} + +function edit_item_begin() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_edititem1'); + echo " +

    Editing Item

    + You can edit any aspect of this item.
    +
    + Item: " . item_dropdown(NULL, 'item') + . " +
    + {$csrf} + +
    + "; +} + +function edit_item_form() +{ + global $db, $ir, $c, $h; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_edititem1', 'staff_items.php?action=edititem'); + $_POST['item'] = + (isset($_POST['item']) && is_numeric($_POST['item'])) + ? abs(intval($_POST['item'])) : ''; + if (empty($_POST['item'])) + { + echo 'Invalid Item.
    + > Go Back'; + die($h->endpage()); + } + $d = + $db->query( + "SELECT * + FROM `items` + WHERE `itmid` = {$_POST['item']}"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo 'Item doesn\'t seem to exist.
    + > Go Back'; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $csrf = request_csrf_html('staff_edititem2'); + $itmname = addslashes($itemi['itmname']); + $itmdesc = addslashes($itemi['itmdesc']); + echo " +

    Editing Item

    +
    + + Item Name: +
    + Item Desc.: +
    + Item Type: " . itemtype_dropdown(NULL, 'itmtype', $itemi['itmtype']) + . " +
    + Item Buyable: +
    + Item Price: +
    + Item Sell Value: +
    + Usage Form +
    + "; + $stats = + array("energy" => "Energy", "will" => "Will", "brave" => "Brave", + "hp" => "Health", "strength" => "Strength", + "agility" => "Agility", "guard" => "Guard", + "labour" => "Labour", "IQ" => "IQ", + "hospital" => "Hospital Time", "jail" => "Jail Time", + "money" => "Money", "crystals" => "Crystals", + "cdays" => "Education Days Left", + "bankmoney" => "Bank money", + "cybermoney" => "Cyber money", "crimexp" => "Crime XP"); + for ($i = 1; $i <= 3; $i++) + { + if (!empty($itemi["effect" . $i])) + { + $efx = unserialize($itemi["effect" . $i]); + } + else + { + $efx = array("inc_amount" => 0); + } + $switch1 = + ($itemi['effect' . $i . '_on'] > 0) ? " checked='checked'" : ""; + $switch2 = + ($itemi['effect' . $i . '_on'] > 0) ? "" : " checked='checked'"; + echo " + Effect {$i} +
    + On? + Yes + No +
    + Stat: + Direction: +
    + Amount: + +
    + "; + } + echo " + Combat Usage +
    + Weapon Power: +
    + Armor Defense: +
    + {$csrf} + +
    + "; +} + +function edit_item_sub() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_edititem2', 'staff_items.php?action=edititem'); + $itmname = + (isset($_POST['itmname']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['itmname'])) + ? $db->escape(strip_tags(stripslashes($_POST['itmname']))) + : ''; + $itmdesc = + (isset($_POST['itmdesc'])) + ? $db->escape(strip_tags(stripslashes($_POST['itmdesc']))) + : ''; + $weapon = + (isset($_POST['weapon']) && is_numeric($_POST['weapon'])) + ? abs(intval($_POST['weapon'])) : 0; + $armor = + (isset($_POST['armor']) && is_numeric($_POST['armor'])) + ? abs(intval($_POST['armor'])) : 0; + $_POST['itmtype'] = + (isset($_POST['itmtype']) && is_numeric($_POST['itmtype'])) + ? abs(intval($_POST['itmtype'])) : ''; + $_POST['itmbuyprice'] = + (isset($_POST['itmbuyprice']) && is_numeric($_POST['itmbuyprice'])) + ? abs(intval($_POST['itmbuyprice'])) : ''; + $_POST['itmsellprice'] = + (isset($_POST['itmsellprice']) + && is_numeric($_POST['itmsellprice'])) + ? abs(intval($_POST['itmsellprice'])) : ''; + $_POST['itmid'] = + (isset($_POST['itmid']) && is_numeric($_POST['itmid'])) + ? abs(intval($_POST['itmid'])) : ''; + if (empty($itmname) || empty($itmdesc) || empty($_POST['itmtype']) + || empty($_POST['itmbuyprice']) || empty($_POST['itmsellprice']) + || empty($_POST['itmid'])) + { + echo 'You missed one or more of the fields. Please go back and try again.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`itmid`) + FROM `items` + WHERE `itmid` = ' . $_POST['itmid']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid item.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $itmbuy = ($_POST['itmbuyable'] == 'on') ? 1 : 0; + $effects = array(); + for ($i = 1; $i <= 3; $i++) + { + $efxkey = "effect{$i}"; + $_POST[$efxkey . 'stat'] = + (isset($_POST[$efxkey . 'stat']) + && in_array($_POST[$efxkey . 'stat'], + array('energy', 'will', 'brave', 'hp', + 'strength', 'agility', 'guard', + 'labour', 'IQ', 'hospital', 'jail', + 'money', 'crystals', 'cdays', + 'bankmoney', 'cybermoney', 'crimexp'))) + ? $_POST[$efxkey . 'stat'] : 'energy'; + $_POST[$efxkey . 'dir'] = + (isset($_POST[$efxkey . 'dir']) + && in_array($_POST[$efxkey . 'dir'], + array('pos', 'neg'))) ? $_POST[$efxkey . 'dir'] + : 'pos'; + $_POST[$efxkey . 'type'] = + (isset($_POST[$efxkey . 'type']) + && in_array($_POST[$efxkey . 'type'], + array('figure', 'percent'))) + ? $_POST[$efxkey . 'type'] : 'figure'; + $_POST[$efxkey . 'amount'] = + (isset($_POST[$efxkey . 'amount']) + && is_numeric($_POST[$efxkey . 'amount'])) + ? abs(intval($_POST[$efxkey . 'amount'])) : 0; + $_POST[$efxkey . 'on'] = + (isset($_POST[$efxkey . 'on']) + && in_array($_POST[$efxkey . 'on'], array('1', '0'))) + ? $_POST[$efxkey . 'on'] : 0; + $effects[$i] = + $db->escape( + serialize( + array("stat" => $_POST[$efxkey . 'stat'], + "dir" => $_POST[$efxkey . 'dir'], + "inc_type" => $_POST[$efxkey . 'type'], + "inc_amount" => abs( + (int) $_POST[$efxkey + . 'amount'])))); + } + $db->query( + 'UPDATE `items` SET `itmtype` = ' . $_POST['itmtype'] + . ',`itmname` = "' . $itmname . '",`itmdesc` = "' + . $itmdesc . '",`itmbuyprice` = ' . $_POST['itmbuyprice'] + . ',`itmsellprice` = ' . $_POST['itmsellprice'] + . ',`itmbuyable` = ' . $itmbuy . ',`effect1_on` = "' + . $_POST['effect1on'] . '",`effect1` = "' . $effects[1] + . '",`effect2_on` = "' . $_POST['effect2on'] + . '",`effect2` = "' . $effects[2] . '",`effect3_on` = "' + . $_POST['effect3on'] . '",`effect3` = "' . $effects[3] + . '",`weapon` = ' . $weapon . ',`armor` = ' . $armor + . ' WHERE `itmid` = ' . $_POST['itmid']); + stafflog_add("Edited item {$_POST['itmname']}"); + echo 'The ' . $_POST['itmname'] + . ' Item was edited successfully.
    + > Go Home'; + die($h->endpage()); +} + +function newitemtype() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $_POST['name'] = + (isset($_POST['name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['name'])) + ? $db->escape(strip_tags(stripslashes($_POST['name']))) + : ''; + if (!empty($_POST['name'])) + { + staff_csrf_stdverify('staff_newitemtype', + 'staff_items.php?action=newitemtype'); + $db->query( + "INSERT INTO `itemtypes` + VALUES(NULL, '{$_POST['name']}')"); + stafflog_add('Added item type ' . $_POST['name']); + echo 'Item Type ' . $_POST['name'] + . ' added.
    + > Go Home'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_newitemtype'); + echo " +

    Add Item Type

    +
    +
    + Name: +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_jobs.php b/staff_jobs.php new file mode 100644 index 0000000..ad59196 --- /dev/null +++ b/staff_jobs.php @@ -0,0 +1,661 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'newjob': + newjob(); + break; +case 'jobedit': + jobedit(); + break; +case 'newjobrank': + newjobrank(); + break; +case 'jobrankedit': + jobrankedit(); + break; +case 'jobdele': + jobdele(); + break; +case 'jobrankdele': + jobrankdele(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function newjob() +{ + global $db, $ir, $userid, $h; + $price = + (isset($_POST['price']) && is_numeric($_POST['price'])) + ? abs(intval($_POST['price'])) : ''; + $will = + (isset($_POST['will']) && is_numeric($_POST['will'])) + ? abs(intval($_POST['will'])) : ''; + + $_POST['jNAME'] = + (isset($_POST['jNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['jNAME']))) + : ''; + $_POST['jDESC'] = + (isset($_POST['jDESC'])) + ? $db->escape(strip_tags(stripslashes($_POST['jDESC']))) + : ''; + $_POST['jOWNER'] = + (isset($_POST['jOWNER']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jOWNER'])) + ? $db->escape(strip_tags(stripslashes($_POST['jOWNER']))) + : ''; + $_POST['jrNAME'] = + (isset($_POST['jrNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jrNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['jrNAME']))) + : ''; + $_POST['jrPAY'] = + (isset($_POST['jrPAY']) && is_numeric($_POST['jrPAY'])) + ? abs(intval($_POST['jrPAY'])) : ''; + $_POST['jrSTRG'] = + (isset($_POST['jrSTRG']) && is_numeric($_POST['jrSTRG'])) + ? abs(intval($_POST['jrSTRG'])) : 0; + $_POST['jrLABOURG'] = + (isset($_POST['jrLABOURG']) && is_numeric($_POST['jrLABOURG'])) + ? abs(intval($_POST['jrLABOURG'])) : 0; + $_POST['jrIQG'] = + (isset($_POST['jrIQG']) && is_numeric($_POST['jrIQG'])) + ? abs(intval($_POST['jrIQG'])) : 0; + $_POST['jrSTRN'] = + (isset($_POST['jrSTRN']) && is_numeric($_POST['jrSTRN'])) + ? abs(intval($_POST['jrSTRN'])) : 0; + $_POST['jrLABOURN'] = + (isset($_POST['jrLABOURN']) && is_numeric($_POST['jrLABOURN'])) + ? abs(intval($_POST['jrLABOURN'])) : 0; + $_POST['jrIQN'] = + (isset($_POST['jrIQN']) && is_numeric($_POST['jrIQN'])) + ? abs(intval($_POST['jrIQN'])) : 0; + if (!empty($_POST['jNAME']) && !empty($_POST['jDESC']) + && !empty($_POST['jOWNER']) && !empty($_POST['jrNAME']) + && !empty($_POST['jrPAY']) && !empty($_POST['jrSTRN']) + && !empty($_POST['jrLABOURN']) && !empty($_POST['jrIQN'])) + { + staff_csrf_stdverify('staff_newjob', 'staff_jobs.php?action=newjob'); + $db->query( + "INSERT INTO `jobs` + VALUES(NULL, '{$_POST['jNAME']}', 0, + '{$_POST['jDESC']}', '{$_POST['jOWNER']}')"); + $i = $db->insert_id(); + $db->query( + "INSERT INTO `jobranks` + VALUES(NULL, '{$_POST['jrNAME']}', $i, + {$_POST['jrPAY']}, {$_POST['jrIQG']}, + {$_POST['jrLABOURG']}, {$_POST['jrSTRG']}, + {$_POST['jrIQN']}, {$_POST['jrLABOURN']}, + {$_POST['jrSTRN']})"); + $j = $db->insert_id(); + $db->query( + "UPDATE `jobs` + SET `jFIRST` = $j + WHERE `jID` = $i"); + echo 'Job created!
    + > Go Home'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_newjob'); + echo " +
    + Job Name: +
    + Job Description: +
    + Job Owner: +
    +
    + First Job Rank: +
    + Rank Name: +
    + Pays: +
    + Gains: + Str: + Lab: + IQ: +
    + Reqs: + Str: + Lab: + IQ: +
    + {$csrf} + +
    + "; + } +} + +function jobedit() +{ + global $db, $ir, $userid, $h; + $_POST['jNAME'] = + (isset($_POST['jNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['jNAME']))) + : ''; + $_POST['jDESC'] = + (isset($_POST['jDESC'])) + ? $db->escape(strip_tags(stripslashes($_POST['jDESC']))) + : ''; + $_POST['jOWNER'] = + (isset($_POST['jOWNER']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jOWNER'])) + ? $db->escape(strip_tags(stripslashes($_POST['jOWNER']))) + : ''; + $_POST['jFIRST'] = + (isset($_POST['jFIRST']) && is_numeric($_POST['jFIRST'])) + ? abs(intval($_POST['jFIRST'])) : ''; + $_POST['jID'] = + (isset($_POST['jID']) && is_numeric($_POST['jID'])) + ? abs(intval($_POST['jID'])) : ''; + if (!empty($_POST['jID']) && !empty($_POST['jFIRST']) + && !empty($_POST['jOWNER']) && !empty($_POST['jDESC']) + && !empty($_POST['jNAME'])) + { + staff_csrf_stdverify('staff_editjob2', 'staff_jobs.php?action=jobedit'); + $q = + $db->query( + "SELECT COUNT(`jID`) + FROM `jobs` + WHERE `jID` = {$_POST['jID']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid job.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $q = + $db->query( + "SELECT COUNT(`jrID`) + FROM `jobranks` + WHERE `jrID` = {$_POST['jFIRST']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid rank.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `jobs` + SET `jNAME` = '{$_POST['jNAME']}', + `jDESC` = '{$_POST['jDESC']}', + `jOWNER` = '{$_POST['jOWNER']}', + `jFIRST` = {$_POST['jFIRST']} + WHERE `jID` = {$_POST['jID']}"); + echo 'Job updated!
    + > Go Home'; + die($h->endpage()); + } + else if (!empty($_POST['jID'])) + { + staff_csrf_stdverify('staff_editjob1', 'staff_jobs.php?action=jobedit'); + $q = + $db->query( + "SELECT `jFIRST`, `jOWNER`, `jDESC`, `jNAME` + FROM `jobs` + WHERE `jID` = {$_POST['jID']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid job.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $db->free_result($q); + $csrf = request_csrf_html('staff_editjob2'); + $jobname = addslashes($r['jNAME']); + $jobdesc = addslashes($r['jDESC']); + $jobowner = addslashes($r['jOWNER']); + echo " +
    + + Job Name: +
    + Job Description: +
    + Job Owner: +
    + First Job Rank: " + . jobrank_dropdown(NULL, 'jFIRST', $r['jFIRST']) + . " +
    + {$csrf} + +
    + "; + } + else + { + $csrf = request_csrf_html('staff_editjob1'); + echo " +
    + Select a job to edit. +
    + " . job_dropdown(NULL, 'jID', -1) + . " +
    + {$csrf} + +
    + "; + } +} + +function newjobrank() +{ + global $db, $ir, $userid, $h; + $_POST['jrNAME'] = + (isset($_POST['jrNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jrNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['jrNAME']))) + : ''; + $_POST['jrJOB'] = + (isset($_POST['jrJOB']) && is_numeric($_POST['jrJOB'])) + ? abs(intval($_POST['jrJOB'])) : ''; + $_POST['jrPAY'] = + (isset($_POST['jrPAY']) && is_numeric($_POST['jrPAY'])) + ? abs(intval($_POST['jrPAY'])) : ''; + $_POST['jrSTRG'] = + (isset($_POST['jrSTRG']) && is_numeric($_POST['jrSTRG'])) + ? abs(intval($_POST['jrSTRG'])) : 0; + $_POST['jrLABOURG'] = + (isset($_POST['jrLABOURG']) && is_numeric($_POST['jrLABOURG'])) + ? abs(intval($_POST['jrLABOURG'])) : 0; + $_POST['jrIQG'] = + (isset($_POST['jrIQG']) && is_numeric($_POST['jrIQG'])) + ? abs(intval($_POST['jrIQG'])) : 0; + $_POST['jrSTRN'] = + (isset($_POST['jrSTRN']) && is_numeric($_POST['jrSTRN'])) + ? abs(intval($_POST['jrSTRN'])) : 0; + $_POST['jrLABOURN'] = + (isset($_POST['jrLABOURN']) && is_numeric($_POST['jrLABOURN'])) + ? abs(intval($_POST['jrLABOURN'])) : 0; + $_POST['jrIQN'] = + (isset($_POST['jrIQN']) && is_numeric($_POST['jrIQN'])) + ? abs(intval($_POST['jrIQN'])) : 0; + if (!empty($_POST['jrNAME']) && !empty($_POST['jrJOB']) + && !empty($_POST['jrPAY']) && !empty($_POST['jrSTRN']) + && !empty($_POST['jrLABOURN']) && !empty($_POST['jrIQN'])) + { + staff_csrf_stdverify('staff_newjobrank', + 'staff_jobs.php?action=newjobrank'); + $q = + $db->query( + "SELECT COUNT(`jID`) + FROM `jobs` + WHERE `jID` = {$_POST['jrJOB']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid job.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `jobranks` + VALUES(NULL, '{$_POST['jrNAME']}', {$_POST['jrJOB']}, + {$_POST['jrPAY']}, {$_POST['jrIQG']}, {$_POST['jrLABOURG']}, + {$_POST['jrSTRG']}, {$_POST['jrIQN']}, {$_POST['jrLABOURN']}, + {$_POST['jrSTRN']})"); + echo 'Job rank created!
    + > Go Back'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_newjobrank'); + echo " +
    + Rank Name: +
    + Pays: +
    + Job: " . job_dropdown(NULL, "jrJOB", -1) + . " +
    + Gains: + Str: + Lab: + IQ: +
    + Reqs: + Str: + Lab: + IQ: +
    + {$csrf} + +
    + "; + } +} + +function jobrankedit() +{ + global $db, $ir, $userid, $h; + $_POST['jrID'] = + (isset($_POST['jrID']) && is_numeric($_POST['jrID'])) + ? abs(intval($_POST['jrID'])) : ''; + $_POST['jrNAME'] = + (isset($_POST['jrNAME']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['jrNAME'])) + ? $db->escape(strip_tags(stripslashes($_POST['jrNAME']))) + : ''; + $_POST['jrJOB'] = + (isset($_POST['jrJOB']) && is_numeric($_POST['jrJOB'])) + ? abs(intval($_POST['jrJOB'])) : ''; + $_POST['jrPAY'] = + (isset($_POST['jrPAY']) && is_numeric($_POST['jrPAY'])) + ? abs(intval($_POST['jrPAY'])) : ''; + $_POST['jrSTRG'] = + (isset($_POST['jrSTRG']) && is_numeric($_POST['jrSTRG'])) + ? abs(intval($_POST['jrSTRG'])) : 0; + $_POST['jrLABOURG'] = + (isset($_POST['jrLABOURG']) && is_numeric($_POST['jrLABOURG'])) + ? abs(intval($_POST['jrLABOURG'])) : 0; + $_POST['jrIQG'] = + (isset($_POST['jrIQG']) && is_numeric($_POST['jrIQG'])) + ? abs(intval($_POST['jrIQG'])) : 0; + $_POST['jrSTRN'] = + (isset($_POST['jrSTRN']) && is_numeric($_POST['jrSTRN'])) + ? abs(intval($_POST['jrSTRN'])) : 0; + $_POST['jrLABOURN'] = + (isset($_POST['jrLABOURN']) && is_numeric($_POST['jrLABOURN'])) + ? abs(intval($_POST['jrLABOURN'])) : 0; + $_POST['jrIQN'] = + (isset($_POST['jrIQN']) && is_numeric($_POST['jrIQN'])) + ? abs(intval($_POST['jrIQN'])) : 0; + if (!empty($_POST['jrID']) && !empty($_POST['jrNAME']) + && !empty($_POST['jrJOB']) && !empty($_POST['jrPAY']) + && !empty($_POST['jrSTRN']) && !empty($_POST['jrLABOURN']) + && !empty($_POST['jrIQN'])) + { + staff_csrf_stdverify('staff_editjobrank2', + 'staff_jobs.php?action=jobrankedit'); + $q = + $db->query( + "SELECT COUNT(`jrID`) + FROM `jobranks` + WHERE `jrID` = {$_POST['jrID']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid rank.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $q = + $db->query( + "SELECT COUNT(`jID`) + FROM `jobs` + WHERE `jID` = {$_POST['jrJOB']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid job.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `jobranks` + SET `jrNAME` = '{$_POST['jrNAME']}', + `jrJOB` = {$_POST['jrJOB']}, `jrPAY` = {$_POST['jrPAY']}, + `jrIQG` = {$_POST['jrIQG']}, + `jrLABOURG` = {$_POST['jrLABOURG']}, + `jrSTRG` = {$_POST['jrSTRG']}, `jrIQN` = {$_POST['jrIQN']}, + `jrLABOURN` = {$_POST['jrLABOURN']}, + `jrSTRN` = {$_POST['jrSTRN']} + WHERE `jrID` = {$_POST['jrID']}"); + echo 'Job rank updated!
    + > Go Home'; + } + else if (!empty($_POST['jrID'])) + { + staff_csrf_stdverify('staff_editjobrank1', + 'staff_jobs.php?action=jobrankedit'); + $q = + $db->query( + "SELECT `jrIQN`, `jrLABOURN`, `jrSTRN`, `jrIQG`, + `jrLABOURG`, `jrSTRG`, `jrPAY`, `jrJOB`, `jrNAME` + FROM `jobranks` + WHERE `jrID` = {$_POST['jrID']}"); + if ($db->num_rows($q) == 0) + { + echo 'Invalid rank.
    + > Go Back'; + die($h->endpage()); + } + $r = $db->fetch_row($q); + $csrf = request_csrf_html('staff_editjobrank2'); + echo " +
    + + Job Rank Name:
    + Job: " . job_dropdown(NULL, 'jrJOB', $r['jrJOB']) + . " +
    + Pays:
    + Gains: + Str: + Lab: + IQ: +
    + Reqs: + Str: + Lab: + IQ: +
    + {$csrf} + +
    + "; + } + else + { + $csrf = request_csrf_html('staff_editjobrank1'); + echo " +
    + Select a job rank to edit. +
    + " . jobrank_dropdown(NULL, 'jrID', -1) + . " +
    + {$csrf} + +
    + "; + } +} + +function jobrankdele() +{ + global $db, $ir, $userid, $h; + $_POST['jrID'] = + (isset($_POST['jrID']) && is_numeric($_POST['jrID'])) + ? abs(intval($_POST['jrID'])) : ''; + if (!empty($_POST['jrID'])) + { + staff_csrf_stdverify('staff_deljobrank', + 'staff_jobs.php?action=jobrankdele'); + $q = + $db->query( + "SELECT `jrJOB` + FROM `jobranks` + WHERE `jrID` = {$_POST['jrID']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid rank.
    + > Go Back'; + die($h->endpage()); + } + $aff_job = $db->fetch_single($q); + $db->free_result($q); + $db->query( + "DELETE FROM `jobranks` + WHERE `jrID` = {$_POST['jrID']}"); + echo "Job rank successfully deleted!"; + $q = + $db->query( + "SELECT `jNAME` + FROM `jobs` + WHERE `jFIRST` = {$_POST['jrID']}"); + if ($db->num_rows($q) > 0) + { + $jname = $db->fetch_single($q); + echo "
    + Warning! The Job {$jname} now has no first rank! + Please go edit it and include a first rank.
    + Users who were in the rank you deleted will have to + reapply for their job."; + $db->query( + "UPDATE `users` + SET `job` = 0, `jobrank` = 0 + WHERE `jobrank` = {$_POST['jrID']}"); + } + else + { + $db->query( + "UPDATE `users` AS `u` + INNER JOIN `jobs` AS `j` + ON `u`.`job` = `j`.`jID` + SET `u`.`jobrank` = `j`.`jFIRST` + WHERE `u`.`job` = {$jr['jrJOB']} + AND `u`.`jobrank` = {$_POST['jrID']}"); + } + $db->free_result($q); + echo '
    > Go Home'; + } + else + { + $csrf = request_csrf_html('staff_deljobrank'); + echo " +
    + Select a job rank to delete.
    + " . jobrank_dropdown(NULL, 'jrID', -1) + . " +
    + {$csrf} + +
    + "; + } +} + +function jobdele() +{ + global $db, $ir, $userid, $h; + $_POST['jID'] = + (isset($_POST['jID']) && is_numeric($_POST['jID'])) + ? abs(intval($_POST['jID'])) : ''; + if (!empty($_POST['jID'])) + { + staff_csrf_stdverify('staff_deljob', 'staff_jobs.php?action=jobdele'); + $q = + $db->query( + "SELECT COUNT(`jID`) + FROM `jobs` + WHERE `jID` = {$_POST['jID']}"); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid job.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "DELETE FROM `jobs` + WHERE `jID` = {$_POST['jID']}"); + echo 'Job successfully deleted!
    '; + $db->query( + "DELETE FROM `jobranks` + WHERE `jrJOB` = {$_POST['jID']}"); + echo $db->affected_rows() . ' job ranks deleted.
    '; + $db->query( + "UPDATE `users` + SET `job` = 0, `jobrank` = 0 + WHERE `job` = {$_POST['jID']}"); + echo '> Go Home'; + } + else + { + $csrf = request_csrf_html('staff_deljob'); + echo " +
    + Select a job to delete.
    + " . job_dropdown(NULL, 'jID', -1) + . " +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_logs.php b/staff_logs.php new file mode 100644 index 0000000..3f52ef4 --- /dev/null +++ b/staff_logs.php @@ -0,0 +1,743 @@ + + > Go Back'; + die($h->endpage()); +} +//This contains log stuffs +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'atklogs': + view_attack_logs(); + break; +case 'itmlogs': + view_itm_logs(); + break; +case 'cashlogs': + view_cash_logs(); + break; +case 'cryslogs': + view_crys_logs(); + break; +case 'banklogs': + view_bank_logs(); + break; +case 'maillogs': + view_mail_logs(); + break; +case 'stafflogs': + view_staff_logs(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function view_attack_logs() +{ + global $db, $ir, $c, $h, $userid; + echo " +

    Attack Logs

    +
    + "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`attacker`) + FROM `attacklogs`"); + $attacks = $db->fetch_single($q); + $db->free_result($q); + if ($attacks == 0) + { + echo 'There have been no attacks yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " +
    + + + + + + + + + "; + $q = + $db->query( + "SELECT `stole`, `result`, `attacked`, `attacker`, `time`, + `u1`.`username` AS `un_attacker`, + `u2`.`username` AS `un_attacked` + FROM `attacklogs` AS `a` + INNER JOIN `users` AS `u1` + ON `a`.`attacker` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `a`.`attacked` = `u2`.`userid` + ORDER BY `a`.`time` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + "; + if ($r['result'] == "won") + { + echo " + + '; + } + else + { + echo " + + + "; + } + echo ''; + } + $db->free_result($q); + echo " +
    TimeWho AttackedWho Was AttackedWho WonWhat Happened
    " . date('F j, Y, g:i:s a', $r['time']) + . "{$r['un_attacker']} [{$r['attacker']}]{$r['un_attacked']} [{$r['attacked']}]{$r['un_attacker']} + "; + if ($r['stole'] == -1) + { + echo "{$r['un_attacker']} hospitalized {$r['un_attacked']}"; + } + else if ($r['stole'] == -2) + { + echo "{$r['un_attacker']} attacked {$r['un_attacked']} and left them"; + } + else + { + echo "{$r['un_attacker']} mugged " + . money_formatter($r['stole']) + . " from {$r['un_attacked']}"; + } + echo '{$r['un_attacked']}Nothing
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Looked at the attack logs (Page $mypage)"); +} + +function view_itm_logs() +{ + global $db, $ir, $c, $h, $userid; + echo "

    Item Xfer Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`ixFROM`) + FROM `itemxferlogs`"); + $attacks = $db->fetch_single($q); + $db->free_result($q); + if ($attacks == 0) + { + echo 'There have been no item transfers yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " +
    + + + + + + + + + + + "; + $q = + $db->query( + "SELECT `ixTO`, `ixFROM`, `ixQTY`, `ixTIME`, `ixTOIP`, + `ixFROMIP`, `u1`.`username` AS `sender`, + `u2`.`username` AS `sent`, `i`.`itmname` AS `item` + FROM `itemxferlogs` AS `ix` + INNER JOIN `users` AS `u1` + ON `ix`.`ixFROM` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `ix`.`ixTO` = `u2`.`userid` + INNER JOIN `items` AS `i` + ON `i`.`itmid` = `ix`.`ixITEM` + ORDER BY `ix`.`ixTIME` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + $same = + ($r['ixFROMIP'] == $r['ixTOIP']) + ? 'Yes' + : 'No'; + echo " + + + + + + + + + + "; + } + $db->free_result($q); + echo " +
    TimeWho SentWho ReceivedSender's IPReceiver's IPSame IP?Item
    " . date('F j Y, g:i:s a', $r['ixTIME']) + . "{$r['sender']} [{$r['ixFROM']}]{$r['sent']} [{$r['ixTO']}]{$r['ixFROMIP']}{$r['ixTOIP']}$same{$r['item']} x{$r['ixQTY']}
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Looked at the Item Xfer Logs (Page $mypage)"); +} + +function view_cash_logs() +{ + global $db, $ir, $c, $h, $userid; + echo "

    Cash Xfer Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`cxFROM`) + FROM `cashxferlogs`"); + $attacks = $db->fetch_single($q); + $db->free_result($q); + if ($attacks == 0) + { + echo 'There have been no cash transfers yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " +
    + + + + + + + + + + + "; + $q = + $db->query( + "SELECT `cxAMOUNT`, `cxTO`, `cxFROM`, `cxTIME`, `cxID`, + `cxTOIP`, `cxFROMIP`, `u1`.`username` AS `sender`, + `u2`.`username` AS `sent` + FROM `cashxferlogs` AS `cx` + INNER JOIN `users` AS `u1` + ON `cx`.`cxFROM` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `cx`.`cxTO` = `u2`.`userid` + ORDER BY `cx`.`cxTIME` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + $m = + ($r['cxFROMIP'] == $r['cxTOIP']) + ? 'MULTI' + : ''; + echo " + + + + + + + + + + "; + } + $db->free_result($q); + echo " +
    IDTimeUser FromUser ToMulti?Amount 
    {$r['cxID']}" . date("F j, Y, g:i:s a", $r['cxTIME']) + . " + {$r['sender']} + [{$r['cxFROM']}] (IP: {$r['cxFROMIP']}) + + {$r['sent']} + [{$r['cxTO']}] (IP: {$r['cxTOIP']}) + $m " . money_formatter($r['cxAMOUNT']) + . " + [Jail Sender] + [Jail Receiver] +
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Viewed the Cash Xfer Logs (Page $mypage)"); +} + +function view_bank_logs() +{ + global $db, $ir, $c, $h, $userid; + echo "

    Bank Xfer Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`cxFROM`) + FROM `bankxferlogs`"); + $attacks = $db->fetch_single($q); + $db->free_result($q); + if ($attacks == 0) + { + echo 'There have been no bank transfers yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " + + + + + + + + + + + + "; + $q = + $db->query( + "SELECT `cxAMOUNT`, `cxTO`, `cxFROM`, `cxTIME`, `cxID`, + `cxTOIP`, `cxFROMIP`, `cxBANK`, + `u1`.`username` AS `sender`, `u2`.`username` AS `sent` + FROM `bankxferlogs` AS `cx` + INNER JOIN `users` AS `u1` + ON `cx`.`cxFROM` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `cx`.`cxTO` = `u2`.`userid` + ORDER BY `cx`.`cxTIME` DESC + LIMIT $st, $app"); + $banks = array('bank' => 'City Bank', 'cyber' => 'Cyber Bank'); + while ($r = $db->fetch_row($q)) + { + $mb = $banks[$r['cxBANK']]; + $m = + ($r['cxFROMIP'] == $r['cxTOIP']) + ? 'MULTI' + : ''; + echo " + + + + + + + + + + + "; + } + $db->free_result($q); + echo " +
    IDTimeUser FromUser ToMulti?AmountBank Type 
    {$r['cxID']}" . date("F j, Y, g:i:s a", $r['cxTIME']) + . " + {$r['sender']} + [{$r['cxFROM']}] (IP: {$r['cxFROMIP']}) + + {$r['sent']} + [{$r['cxTO']}] (IP: {$r['cxTOIP']}) + $m " . money_formatter($r['cxAMOUNT']) + . "$mb + [Jail Sender] + [Jail Receiver] +
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Viewed the Bank Xfer Logs (Page $mypage)"); +} + +function view_crys_logs() +{ + global $db, $ir, $c, $h, $userid; + echo "

    Crystal Xfer Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = + $db->query( + "SELECT COUNT(`cxFROM`) + FROM `crystalxferlogs`"); + $attacks = $db->fetch_single($q); + $db->free_result($q); + if ($attacks == 0) + { + echo 'There have been no crystal transfers yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " + + + + + + + + + + + "; + $q = + $db->query( + "SELECT `cxAMOUNT`, `cxTO`, `cxFROM`, `cxTIME`, `cxID`, + `cxTOIP`, `cxFROMIP`, `u1`.`username` AS `sender`, + `u2`.`username` AS `sent` + FROM `crystalxferlogs` AS `cx` + INNER JOIN `users` AS `u1` + ON `cx`.`cxFROM` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `cx`.`cxTO` = `u2`.`userid` + ORDER BY `cx`.`cxTIME` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + $m = + ($r['cxFROMIP'] == $r['cxTOIP']) + ? 'MULTI' + : ''; + echo " + + + + + + + + + + "; + } + $db->free_result($q); + echo " +
    IDTimeUser FromUser ToMulti?Amount 
    {$r['cxID']}" . date("F j, Y, g:i:s a", $r['cxTIME']) + . " + {$r['sender']} + [{$r['cxFROM']}] (IP: {$r['cxFROMIP']}) + + {$r['sent']} + [{$r['cxTO']}] (IP: {$r['cxTOIP']}) + $m{$r['cxAMOUNT']} crystals + [Jail Sender] + [Jail Receiver] +
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Viewed the Crystal Xfer Logs (Page $mypage)"); +} + +function view_mail_logs() +{ + global $db, $ir, $c, $h, $userid; + echo "

    Mail Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`mail_from`) + FROM `mail`"); + $attacks = $db->fetch_single($q); + if ($attacks == 0) + { + echo 'There have been no mails sent yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " + + + + + + + + + + + "; + $q = + $db->query( + "SELECT `mail_text`, `mail_subject`, `mail_to`, + `mail_from`, `mail_time`, `mail_id`, + `u1`.`username` AS `sender`, `u2`.`username` AS `sent` + FROM `mail` AS `m` + INNER JOIN `users` AS `u1` + ON `m`.`mail_from` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `m`.`mail_to` = `u2`.`userid` + WHERE `m`.`mail_from` != 0 + ORDER BY `m`.`mail_time` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + + + + "; + } + $db->free_result($q); + echo " +
    IDTimeUser FromUser ToSubjMsg 
    {$r['mail_id']}" . date("F j, Y, g:i:s a", $r['mail_time']) + . "{$r['sender']} [{$r['mail_from']}]{$r['sent']} [{$r['mail_to']}]{$r['mail_subject']}" . strip_tags($r['mail_text']) + . " + [MailBan Sender] + [MailBan Receiver] +
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + + $mypage = floor($_GET['st'] / 100) + 1; + stafflog_add("Viewed the Mail Logs (Page $mypage)"); +} + +function view_staff_logs() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'Page cannot be accessed.'; + die($h->endpage()); + } + echo "

    Staff Logs

    "; + if (!isset($_GET['st'])) + { + $_GET['st'] = 0; + } + $st = abs(intval($_GET['st'])); + $app = 100; + $q = $db->query("SELECT COUNT(`user`) + FROM `stafflog`"); + $attacks = $db->fetch_single($q); + if ($attacks == 0) + { + echo 'There have been no staff actions yet.'; + return; + } + $pages = ceil($attacks / $app); + echo 'Pages: '; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } + echo " + + + + + + + + "; + $q = + $db->query( + "SELECT `ip`, `time`, `action`, `user`, `u`.`username` + FROM `stafflog` AS `s` + INNER JOIN `users` AS `u` + ON `s`.`user` = u.`userid` + ORDER BY `s`.`time` DESC + LIMIT $st, $app"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + "; + } + $db->free_result($q); + echo " +
    StaffActionTimeIP
    {$r['username']} [{$r['user']}]{$r['action']}" . date('F j Y g:i:s a', $r['time']) + . "{$r['ip']}
    +
    + Pages:  + "; + for ($i = 1; $i <= $pages; $i++) + { + $s = ($i - 1) * $app; + echo ($s == $st) ? '' . $i . ' ' + : '' + . $i . ' '; + echo ($i % 25 == 0) ? '
    ' : ''; + } +} +$h->endpage(); diff --git a/staff_polls.php b/staff_polls.php new file mode 100644 index 0000000..89fd1ba --- /dev/null +++ b/staff_polls.php @@ -0,0 +1,220 @@ +> Go Back'; + die($h->endpage()); +} +//This contains shop stuffs +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'spoll': + startpoll(); + break; +case 'startpoll': + startpollsub(); + break; +case 'endpoll': + endpoll(); + break; +default: + echo 'Error: This script requires an action.'; + break; +} + +function startpoll() +{ + global $ir, $c, $userid, $db; + $csrf = request_csrf_html('staff_startpoll'); + echo " + Fill out question and choices to start a poll. +
    +
    + Question: +
    + Choice 1: +
    + Choice 2: +
    + Choice 3: +
    + Choice 4: +
    + Choice 5: +
    + Choice 6: +
    + Choice 7: +
    + Choice 8: +
    + Choice 9: +
    + Choice 10: +
    + Results hidden till end: + Yes + No +
    + {$csrf} + +
    + "; +} + +function startpollsub() +{ + global $ir, $c, $userid, $db, $h; + echo 'Starting new poll...'; + staff_csrf_stdverify('staff_startpoll', 'staff_polls.php?action=spoll'); + $question = + (isset($_POST['question'])) + ? $db->escape(strip_tags(stripslashes($_POST['question']))) + : ''; + $choice1 = + (isset($_POST['choice1'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice1']))) + : ''; + $choice2 = + (isset($_POST['choice2'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice2']))) + : ''; + $choice3 = + (isset($_POST['choice3'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice3']))) + : ''; + $choice4 = + (isset($_POST['choice4'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice4']))) + : ''; + $choice5 = + (isset($_POST['choice5'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice5']))) + : ''; + $choice6 = + (isset($_POST['choice6'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice6']))) + : ''; + $choice7 = + (isset($_POST['choice7'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice7']))) + : ''; + $choice8 = + (isset($_POST['choice8'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice8']))) + : ''; + $choice9 = + (isset($_POST['choice9'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice9']))) + : ''; + $choice10 = + (isset($_POST['choice10'])) + ? $db->escape(strip_tags(stripslashes($_POST['choice10']))) + : ''; + if (empty($question) || empty($choice1) || empty($choice2)) + { + echo 'You must input a question and atleast two answers.
    + > Go Back'; + die($h->endpage()); + } + $poll = + $db->query( + "INSERT INTO `polls` + (`active`, `question`, `choice1`, `choice2`, `choice3`, + `choice4`, `choice5`, `choice6`, `choice7`, `choice8`, + `choice9`, `choice10`, `hidden`) + VALUES('1', '$question', '$choice1', '$choice2', + '$choice3', '$choice4', '$choice5', '$choice6', + '$choice7', '$choice8', '$choice9' ,'$choice10', + '{$_POST['hidden']}')"); + echo 'New Poll Started.
    + > Go Home'; + die($h->endpage()); +} + +function endpoll() +{ + global $ir, $c, $userid, $db, $h; + $_POST['poll'] = + (isset($_POST['poll']) && is_numeric($_POST['poll'])) + ? abs(intval($_POST['poll'])) : ''; + if (empty($_POST['poll'])) + { + $csrf = request_csrf_html('staff_endpoll'); + echo " + Choose a poll to close +
    +
    + "; + $q = + $db->query( + "SELECT `id`, `question` + FROM `polls` + WHERE `active` = '1'"); + while ($r = $db->fetch_row($q)) + { + echo ' + Poll ID ' . $r['id'] . ' - ' . $r['question'] + . ' +
    + '; + } + $db->free_result($q); + echo $csrf + . ' + +
    + '; + } + else + { + staff_csrf_stdverify('staff_endpoll', 'staff_polls.php?action=endpoll'); + $q = + $db->query( + 'SELECT COUNT(`id`) + FROM `polls` + WHERE `id` = ' . $_POST['poll']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid poll.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `polls` + SET `active` = '0' + WHERE `id` = {$_POST['poll']}"); + echo 'Poll closed.
    + > Go Home'; + die($h->endpage()); + } +} +$h->endpage(); diff --git a/staff_punit.php b/staff_punit.php new file mode 100644 index 0000000..a4081af --- /dev/null +++ b/staff_punit.php @@ -0,0 +1,745 @@ +> Go Home'; + die($h->endpage()); +} +//This contains punishment stuffs +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'fedform': + fed_user_form(); + break; +case 'fedsub': + fed_user_submit(); + break; +case 'fedeform': + fed_edit_form(); + break; +case 'fedesub': + fed_edit_submit(); + break; +case 'mailform': + mail_user_form(); + break; +case 'mailsub': + mail_user_submit(); + break; +case 'forumform': + forum_user_form(); + break; +case 'forumsub': + forum_user_submit(); + break; +case 'unfedform': + unfed_user_form(); + break; +case 'unfedsub': + unfed_user_submit(); + break; +case 'unmailform': + unmail_user_form(); + break; +case 'unmailsub': + unmail_user_submit(); + break; +case 'unforumform': + unforum_user_form(); + break; +case 'unforumsub': + unforum_user_submit(); + break; +case 'ipform': + ip_search_form(); + break; +case 'ipsub': + ip_search_submit(); + break; +case 'massjailip': + mass_jail(); + break; +default: + echo 'Error: This script requires an action.'; + break; +} + +function fed_user_form() +{ + global $c; + $_GET['XID'] = + (isset($_GET['XID']) && is_numeric($_GET['XID'])) + ? abs(intval($_GET['XID'])) : 0; + $csrf = request_csrf_html('staff_feduser'); + echo " +

    Jailing User

    + The user will be put in fed jail and will be unable to do anything in the game. +
    +
    + User: " . user_dropdown(NULL, 'user', $_GET['XID']) + . " +
    + Days: +
    + Reason: +
    + {$csrf} + +
    + "; +} + +function fed_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_feduser', 'staff_punit.php?action=fedform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['reason'] = + (isset($_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + if (empty($_POST['user']) || empty($_POST['reason']) + || empty($_POST['days'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $f_userlevel = $db->fetch_single($q); + $db->free_result($q); + if ($f_userlevel == 2) + { + echo 'You cannot fed admins, please destaff them first.
    + > Go Back'; + die($h->endpage()); + } + $re = + $db->query( + "UPDATE `users` + SET `fedjail` = 1 + WHERE `userid` = {$_POST['user']}"); + if ($db->affected_rows() > 0) + { + $db->query( + "INSERT INTO `fedjail` + VALUES(NULL, {$_POST['user']}, {$_POST['days']}, $userid, '" + . $_POST['reason'] . "')"); + } + $db->query( + "INSERT INTO `jaillogs` + VALUES(NULL, $userid, {$_POST['user']}, {$_POST['days']}, + '{$_POST['reason']}', " . time() . ")"); + stafflog_add( + 'Fedded ID ' . $_POST['user'] . ' for ' . $_POST['days'] + . ', reason: ' . $_POST['reason']); + echo 'User jailed.
    + > Go Home'; + die($h->endpage()); +} + +function fed_edit_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_fededit'); + echo " +

    Editing Fedjail Reason

    + You are editing a player's sentence in fed jail. +
    +
    + User: " . fed_user_dropdown(NULL, 'user') + . " +
    + Days: +
    + Reason: +
    + {$csrf} + +
    + "; +} + +function fed_edit_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_fededit', 'staff_punit.php?action=fedeform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['reason'] = + (isset($_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + if (empty($_POST['user']) || empty($_POST['reason']) + || empty($_POST['days'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user'] + . ' + AND `fedjail` > 0'); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $f_userlevel = $db->fetch_single($q); + $db->free_result($q); + if ($f_userlevel == 2) + { + echo 'You cannot fed admins please destaff them first.
    + > Go Back'; + die($h->endpage()); + } + $db->query( + "DELETE FROM `fedjail` + WHERE `fed_userid` = {$_POST['user']}"); + $db->query( + "INSERT INTO `fedjail` + VALUES(NULL, {$_POST['user']}, {$_POST['days']}, $userid,'" + . $_POST['reason'] . "')"); + $db->query( + "INSERT INTO `jaillogs` + VALUES(NULL, $userid, {$_POST['user']}, {$_POST['days']}, + '{$_POST['reason']}', " . time() . ")"); + stafflog_add('Edited user ID ' . $_POST['user'] . '\'s fedjail sentence'); + echo 'User\'s sentence edited.
    + > Go Home'; + die($h->endpage()); +} + +function mail_user_form() +{ + global $db, $ir, $c, $h, $userid; + $_GET['XID'] = + (isset($_GET['XID']) && is_numeric($_GET['XID'])) + ? abs(intval($_GET['XID'])) : 0; + $csrf = request_csrf_html('staff_mailbanuser'); + echo " +

    Mail Banning User

    + The user will be banned from the mail system. +
    +
    + User: " . user_dropdown(NULL, 'user', $_GET['XID']) + . " +
    + Days: +
    + Reason: +
    + {$csrf} + +
    + "; +} + +function mail_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_mailbanuser', + 'staff_punit.php?action=mailform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['reason'] = + (isset($_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + if (empty($_POST['user']) || empty($_POST['reason']) + || empty($_POST['days'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $f_userlevel = $db->fetch_single($q); + $db->free_result($q); + if ($f_userlevel == 2) + { + echo 'You cannot mail ban admins please destaff them first.
    + > Go Back'; + die($h->endpage()); + } + $re = + $db->query( + "UPDATE `users` + SET `mailban` = {$_POST['days']}, + `mb_reason` = '{$_POST['reason']}' + WHERE `userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were banned from mail for {$_POST['days']} day(s) for the following reason: {$_POST['reason']}", + $c); + stafflog_add( + "Mail banned User ID {$_POST['user']} for {$_POST['days']} days"); + echo 'User mail banned.
    + > Go Home'; + die($h->endpage()); +} + +function forum_user_form() +{ + global $db, $ir, $c, $h, $userid; + $_GET['XID'] = + (isset($_GET['XID']) && is_numeric($_GET['XID'])) + ? abs(intval($_GET['XID'])) : 0; + $csrf = request_csrf_html('staff_forumbanuser'); + echo " +

    Forum Banning User

    + The user will be banned from the forums. +
    +
    + User: " . user_dropdown(NULL, 'user', $_GET['XID']) + . " +
    + Days: +
    + Reason: +
    + {$csrf} + +
    + "; +} + +function forum_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_forumbanuser', + 'staff_punit.php?action=forumform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['reason'] = + (isset($_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + if (empty($_POST['user']) || empty($_POST['reason']) + || empty($_POST['days'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT `user_level` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $f_userlevel = $db->fetch_single($q); + $db->free_result($q); + if ($f_userlevel == 2) + { + echo 'You cannot forum ban admins please destaff them first.
    + > Go Back'; + die($h->endpage()); + } + $re = + $db->query( + "UPDATE `users` + SET `forumban` = {$_POST['days']}, + `fb_reason` = '{$_POST['reason']}' + WHERE `userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were banned from the forums for {$_POST['days']} day(s) for the following reason: {$_POST['reason']}", + $c); + stafflog_add( + 'Forum banned User ID ' . $_POST['user'] . ' for ' + . $_POST['days'] . ' days'); + echo 'User forum banned.
    + > Go Home'; + die($h->endpage()); +} + +function unfed_user_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_unfeduser'); + echo " +

    Unjailing User

    + The user will be taken out of fed jail. +
    +
    + User: " . fed_user_dropdown(NULL, 'user') + . " +
    + {$csrf} + +
    + "; +} + +function unfed_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_unfeduser', 'staff_punit.php?action=unfedform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + if (empty($_POST['user'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `users` + SET `fedjail` = 0 + WHERE `userid` = {$_POST['user']}"); + $db->query( + "DELETE FROM `fedjail` + WHERE `fed_userid` = {$_POST['user']}"); + $db->query( + "INSERT INTO `unjaillogs` + VALUES(NULL, $userid, {$_POST['user']}, " . time() . ")"); + stafflog_add("Unfedded user ID {$_POST['user']}"); + echo 'User unjailed.
    + > Go Home'; + die($h->endpage()); +} + +function unmail_user_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_unmailbanuser'); + echo " +

    Un-mailbanning User

    + The user will be taken out of mail ban. +
    +
    + User: " . mailb_user_dropdown(NULL, 'user') + . "
    + {$csrf} + +
    + "; +} + +function unmail_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_unmailbanuser', + 'staff_punit.php?action=unmailform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + if (empty($_POST['user'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `users` + SET `mailban` = 0 + WHERE `userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were unbanned from mail. You can now use it again.", $c); + stafflog_add('Un-mailbanned user ID ' . $_POST['user']); + echo 'User un-mailbanned.
    + > Go Home'; + die($h->endpage()); +} + +function unforum_user_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_unforumbanuser'); + echo " +

    Un-forumbanning User

    + The user will be taken out of forum ban. +
    +
    + User: " . forumb_user_dropdown(NULL, 'user') + . " +
    + {$csrf} + +
    + "; +} + +function unforum_user_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_unforumbanuser', + 'staff_punit.php?action=unforumform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + if (empty($_POST['user'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Invalid user.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "UPDATE `users` + SET `forumban` = 0 + WHERE `userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were unbanned from the forums. You can now use them again.", + $c); + stafflog_add("Un-forumbanned user ID {$_POST['user']}"); + echo 'User un-forumbanned.
    + > Go Home'; + die($h->endpage()); +} + +function ip_search_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_ipsearch'); + echo " +

    IP Search

    +
    + IP: +
    + {$csrf} + +
    + "; +} + +function ip_search_submit() +{ + global $db, $ir, $c, $h, $userid, $domain; + staff_csrf_stdverify('staff_ipsearch', 'staff_punit.php?action=ipform'); + $_POST['ip'] = + (filter_input(INPUT_POST, 'ip', FILTER_VALIDATE_IP)) ? $_POST['ip'] + : ''; + if (empty($_POST['ip'])) + { + echo 'Invalid ip.
    + > Go Back'; + die($h->endpage()); + } + $echoip = + htmlentities(stripslashes($_POST['ip']), ENT_QUOTES, 'ISO-8859-1'); + echo " + Searching for users with the IP: {$echoip} +
    + + + + + + + "; + $q = + $db->query( + "SELECT `userid`, `username`, `level`, `money` + FROM `users` + WHERE `lastip` = '" + . $db->escape(stripslashes($_POST['ip'])) . "'"); + $ids = array(); + while ($r = $db->fetch_row($q)) + { + $ids[] = $r['userid']; + echo " + + + + + + "; + } + $csrf = request_csrf_html('staff_massjail'); + echo " +
    UserLevelMoney
    + {$r['username']} + {$r['level']}{$r['money']}
    +
    + Mass Jail +
    +
    + + Days: +
    + Reason: +
    + {$csrf} + +
    + "; +} + +function mass_jail() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_massjail', 'staff_punit.php?action=ipform'); + if (!isset($_POST['ids'])) + { + $_POST['ids'] = ''; + } + $ids = explode(",", $_POST['ids']); + $ju = array(); + $_POST['reason'] = + (isset($_POST['reason'])) + ? $db->escape(strip_tags(stripslashes($_POST['reason']))) + : ''; + $_POST['days'] = + (isset($_POST['days']) && is_numeric($_POST['days'])) + ? abs(intval($_POST['days'])) : ''; + if ((count($ids) == 1 && empty($ids[0])) || empty($_POST['reason']) + || empty($_POST['days'])) + { + echo 'You need to fill in all the fields.
    + > Go Back'; + die($h->endpage()); + } + foreach ($ids as $id) + { + if (is_numeric($id) && abs((int) $id) > 0) + { + $safe_id = abs((int) $id); + $db->query( + "INSERT INTO `fedjail` + VALUES(NULL, {$safe_id}, {$_POST['days']}, $userid, + '{$_POST['reason']}')"); + $db->query( + "INSERT INTO `jaillogs` + VALUES(NULL, $userid, {$safe_id}, {$_POST['days']}, + '{$_POST['reason']}', " . time() . ")"); + echo 'User jailed : ' . $id . '
    '; + $ju[] = $id; + } + } + if (count($ju) > 0) + { + $juv = implode(',', $ju); + $re = + $db->query( + "UPDATE `users` + SET `fedjail` = 1 + WHERE `userid` IN($juv)"); + stafflog_add('Mass jailed IDs ' . $juv); + echo '> Go Home'; + die($h->endpage()); + } + else + { + echo 'No users jailed...
    '; + echo '> Go Home'; + die($h->endpage()); + } +} +$h->endpage(); diff --git a/staff_shops.php b/staff_shops.php new file mode 100644 index 0000000..7632b2d --- /dev/null +++ b/staff_shops.php @@ -0,0 +1,241 @@ +> Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'newshop': + new_shop_form(); + break; +case 'newshopsub': + new_shop_submit(); + break; +case 'newstock': + new_stock_form(); + break; +case 'newstocksub': + new_stock_submit(); + break; +case 'delshop': + delshop(); + break; +default: + echo "Error: This script requires an action."; + break; +} + +function new_shop_form() +{ + global $db, $ir, $c, $h; + $csrf = request_csrf_html('staff_newshop'); + echo " +

    Adding a New Shop

    +
    + Shop Name: +
    + Shop Desc: +
    + Shop Location: " . location_dropdown(NULL, "sl") + . " +
    + {$csrf} + +
    + "; +} + +function new_shop_submit() +{ + global $db, $ir, $c, $h; + staff_csrf_stdverify('staff_newshop', 'staff_shops.php?action=newshop'); + $_POST['sl'] = + (isset($_POST['sl']) && is_numeric($_POST['sl'])) + ? abs(intval($_POST['sl'])) : 0; + $_POST['sn'] = + (isset($_POST['sn']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['sn'])) + ? $db->escape(strip_tags(stripslashes($_POST['sn']))) : ''; + $_POST['sd'] = + (isset($_POST['sd'])) + ? $db->escape(strip_tags(stripslashes($_POST['sd']))) : ''; + if (empty($_POST['sn']) || empty($_POST['sd'])) + { + echo 'You missed a field, go back and try again.
    + > Go Back'; + } + else + { + $q = + $db->query( + 'SELECT COUNT(`cityid`) + FROM `cities` + WHERE `cityid` = ' . $_POST['sl']); + if ($db->fetch_single($q) == 0) + { + $db->free_result($q); + echo 'Location doesn\'t seem to exist.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->query( + "INSERT INTO `shops` + VALUES(NULL, {$_POST['sl']}, '{$_POST['sn']}', '{$_POST['sd']}')"); + stafflog_add('Added Shop ' . $_POST['sn']); + echo 'The ' . $_POST['sn'] + . ' Shop was successfully added to the game.
    + > Go Home'; + die($h->endpage()); + } +} + +function new_stock_form() +{ + global $db, $ir, $c, $h; + $csrf = request_csrf_html('staff_newstock'); + echo " +

    Adding an item to a shop

    +
    + Shop: " . shop_dropdown(NULL, "shop") . " +
    + Item: " . item_dropdown(NULL, "item") + . " +
    + {$csrf} + +
    + "; +} + +function new_stock_submit() +{ + global $db, $ir, $c, $h; + staff_csrf_stdverify('staff_newstock', 'staff_shops.php?action=newstock'); + $_POST['shop'] = + (isset($_POST['shop']) && is_numeric($_POST['shop'])) + ? abs(intval($_POST['shop'])) : ''; + $_POST['item'] = + (isset($_POST['item']) && is_numeric($_POST['item'])) + ? abs(intval($_POST['item'])) : ''; + if (empty($_POST['shop']) || empty($_POST['item'])) + { + echo 'Invalid shop/item.
    + > Go Back'; + die($h->endpage()); + } + $q = + $db->query( + 'SELECT COUNT(`shopID`) + FROM `shops` + WHERE `shopID` = ' . $_POST['shop']); + $q2 = + $db->query( + 'SELECT COUNT(`itmid`) + FROM `items` + WHERE `itmid` = ' . $_POST['item']); + if ($db->fetch_single($q) == 0 || $db->fetch_single($q2) == 0) + { + $db->free_result($q); + $db->free_result($q2); + echo 'Invalid shop/item.
    + > Go Back'; + die($h->endpage()); + } + $db->free_result($q); + $db->free_result($q2); + $db->query( + "INSERT INTO `shopitems` + VALUES(NULL, {$_POST['shop']}, {$_POST['item']})"); + stafflog_add( + 'Added Item ID ' . $_POST['item'] . ' to shop ID ' + . $_POST['shop']); + echo 'Item ID ' . $_POST['item'] . ' was successfully added to shop ID ' + . $_POST['shop'] + . '
    + > Go Home'; + die($h->endpage()); +} + +function delshop() +{ + global $db, $ir, $c, $h; + $_POST['shop'] = + (isset($_POST['shop']) && is_numeric($_POST['shop'])) + ? abs(intval($_POST['shop'])) : ''; + if (!empty($_POST['shop'])) + { + staff_csrf_stdverify('staff_delshop', 'staff_shops.php?action=delshop'); + $shpq = + $db->query( + "SELECT `shopNAME` + FROM `shops` + WHERE `shopID` = {$_POST['shop']}"); + if ($db->num_rows($shpq) == 0) + { + $db->free_result($shpq); + echo "Invalid shop.
    + > Go back"; + die($h->endpage()); + } + $sn = $db->fetch_single($shpq); + $db->free_result($shpq); + $db->query( + "DELETE FROM `shops` + WHERE `shopID` = {$_POST['shop']}"); + $db->query( + "DELETE FROM `shopitems` + WHERE `sitemSHOP` = {$_POST['shop']}"); + stafflog_add('Deleted Shop ' . $sn); + echo 'Shop ' . $sn + . ' Deleted.
    + > Go Home'; + die($h->endpage()); + } + else + { + $csrf = request_csrf_html('staff_delshop'); + echo " +

    Delete Shop

    +
    + Deleting a shop will remove it from the game permanently. Be sure. +
    + Shop: " . shop_dropdown(NULL, "shop") + . " +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_special.php b/staff_special.php new file mode 100644 index 0000000..5037fdc --- /dev/null +++ b/staff_special.php @@ -0,0 +1,533 @@ + + > Go Back'; + die($h->endpage()); +} +if (!isset($_GET['action'])) +{ + $_GET['action'] = ''; +} +switch ($_GET['action']) +{ +case 'editnews': + newspaper_form(); + break; +case 'subnews': + newspaper_submit(); + break; +case 'givedpform': + give_dp_form(); + break; +case 'givedpsub': + give_dp_submit(); + break; +case 'stafflist': + staff_list(); + break; +case 'userlevel': + userlevel(); + break; +case 'userlevelform': + userlevelform(); + break; +case 'massmailer': + massmailer(); + break; +default: + echo 'Error: This script requires an action.'; + break; +} + +function newspaper_form() +{ + global $db, $ir, $c, $h, $userid; + $q = $db->query("SELECT `content` FROM `papercontent`"); + $news = $db->fetch_row($q); + $csrf = request_csrf_html('staff_editnews'); + echo " +

    Editing Newspaper

    +
    + +
    + {$csrf} + +
    + "; +} + +function newspaper_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_editnews', 'staff_special.php?action=editnews'); + $news = $db->escape(strip_tags(stripslashes($_POST['newspaper']))); + $db->query("UPDATE `papercontent` + SET `content` = '$news'"); + echo 'Newspaper updated!'; + stafflog_add("Updated game newspaper"); +} + +function give_dp_form() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_givedp'); + echo " +

    Giving User DP

    + The user will receive the benefits of one 30-day donator pack. +
    +
    + User: " . user_dropdown(NULL, 'user') + . " +
    + Pack 1 (Standard) +
    + Pack 2 (Crystals) +
    + Pack 3 (IQ) +
    + Pack 4 (5.00) +
    + Pack 5 (10.00) +
    + {$csrf} + +
    + "; +} + +function give_dp_submit() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_givedp', 'staff_special.php?action=givedpform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : ''; + $_POST['type'] = + (isset($_POST['type']) + && in_array($_POST['type'], array(1, 2, 3, 4, 5))) + ? abs((int) $_POST['type']) : ''; + if (empty($_POST['user']) || empty($_POST['type'])) + { + echo 'Something went wrong.
    + > Go Back'; + die($h->endpage()); + } + if ($_POST['type'] == 1) + { + $don = + "`u`.`money` = `u`.`money` + 5000, + `u`.`crystals` = `u`.`crystals` + 50, + `us`.`IQ` = `us`.`IQ` + 50, + `u`.`donatordays` = `u`.`donatordays` + 30"; + $d = 30; + } + else if ($_POST['type'] == 2) + { + $don = + "`u`.`crystals` = `u`.`crystals` + 100, + `u`.`donatordays` = `u`.`donatordays` + 30"; + $d = 30; + } + else if ($_POST['type'] == 3) + { + $don = + "`us`.`IQ` = `us`.`IQ` + 120, + `u`.`donatordays` = `u`.`donatordays` + 30"; + $d = 30; + } + else if ($_POST['type'] == 4) + { + $don = + "`u`.`money` = `u`.`money` + 15000, + `u`.`crystals` = `u`.`crystals` + 75, + `us`.`IQ` = `us`.`IQ` + 80, + `u`.`donatordays` = `u`.`donatordays` + 55"; + $d = 55; + } + else if ($_POST['type'] == 5) + { + $don = + "`u`.`money` = `u`.`money` + 35000, + `u`.`crystals` = `u`.`crystals` + 160, + `us`.`IQ` = `us`.`IQ` + 180, + `u`.`donatordays` = `u`.`donatordays` + 115"; + $d = 115; + } + $db->query( + "UPDATE `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + SET {$don} + WHERE `u`.`userid` = {$_POST['user']}"); + event_add($_POST['user'], + "You were given one {$d}-day donator pack (Pack {$_POST['type']}) from the administration.", + $c); + stafflog_add( + "Gave ID {$_POST['user']} a {$d}-day donator pack (Pack {$_POST['type']})"); + echo 'User given a DP.
    + > Go Home'; + die($h->endpage()); +} + +function staff_userlevel_innerform($userid, $level, $desc, $csrf) +{ + $form = + " +
    + + + {$csrf} + +
    + "; + return $form; +} + +function staff_list() +{ + global $db, $ir, $c, $h, $userid; + echo " +

    Staff Management

    + Admins +
    + + + + + + + "; + $csrf = request_csrf_html('staff_userlevel'); + $staff = array(); + $q = + $db->query( + "SELECT `userid`, `laston`, `username`, `level`, `money`, + `user_level` + FROM `users` + WHERE `user_level` IN(2, 3, 5) + ORDER BY `userid` ASC"); + while ($r = $db->fetch_row($q)) + { + $staff[$r['userid']] = $r; + } + $db->free_result($q); + foreach ($staff as $r) + { + if ($r['user_level'] == 2) + { + $on = + (($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60) + ? 'Online' + : 'Offline'; + echo " + + + + + + "; + } + } + echo " +
    UserStatusLinks
    + {$r['username']} + [{$r['userid']}] + $on + " + . staff_userlevel_innerform($r['userid'], 3, 'Secretary', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 5, 'Assistant', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 1, 'Member', + $csrf) . " +
    + Secretaries +
    + + + + + + + "; + foreach ($staff as $r) + { + if ($r['user_level'] == 3) + { + $on = + (($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60) + ? 'Online' + : 'Offline'; + echo " + + + + + + "; + } + } + echo " +
    UserStatusLinks
    + {$r['username']} + [{$r['userid']}] + $on + " + . staff_userlevel_innerform($r['userid'], 2, 'Admin', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 5, 'Assistant', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 1, 'Member', + $csrf) . " +
    + Assistants +
    + + + + + + + "; + foreach ($staff as $r) + { + if ($r['user_level'] == 5) + { + $on = + (($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60) + ? 'Online' + : 'Offline'; + echo " + + + + + + "; + } + } + echo '
    UserStatusLinks
    + {$r['username']} + [{$r['userid']}] + $on + " + . staff_userlevel_innerform($r['userid'], 2, 'Admin', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 3, 'Secretary', + $csrf) . " + · " + . staff_userlevel_innerform($r['userid'], 1, 'Member', + $csrf) . " +
    '; +} + +function userlevel() +{ + global $db, $ir, $c, $h, $userid; + staff_csrf_stdverify('staff_userlevel', + 'staff_special.php?action=userlevelform'); + $_POST['level'] = + (isset($_POST['level']) + && in_array($_POST['level'], array(1, 2, 3, 4, 5))) + ? abs(intval($_POST['level'])) : 0; + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : 0; + if ($_POST['ID'] == 0 || $_POST['level'] == 0) + { + echo 'Invalid input.
    + > Go Home'; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['ID']); + if ($db->fetch_single($d) == 0) + { + $db->free_result($d); + echo 'Invalid user.
    + > Go Home'; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + "UPDATE `users` + SET `user_level` = {$_POST['level']} + WHERE `userid` = {$_POST['ID']}"); + stafflog_add('Adjusted user ID ' . $_POST['ID'] . '\'s staff status.'); + echo 'User\'s level adjusted.
    + > Go Home'; + die($h->endpage()); +} + +function userlevelform() +{ + global $db, $ir, $c, $h, $userid; + $csrf = request_csrf_html('staff_userlevel'); + echo " +

    User Level Adjust

    +
    + User: " . user_dropdown(NULL, 'ID') + . " +
    + User Level: +
    + Member +
    + Admin +
    + Secretary +
    + IRC Op +
    + Assistant +
    + {$csrf} + +
    + "; +} + +function massmailer() +{ + global $db, $ir, $c, $userid; + $_POST['text'] = + (isset($_POST['text'])) + ? $db->escape(strip_tags(stripslashes($_POST['text']))) + : ''; + $_POST['cat'] = + (isset($_POST['cat']) && in_array($_POST['cat'], array(1, 2, 3))) + ? $_POST['cat'] : ''; + $_POST['level'] = + (isset($_POST['level']) + && in_array($_POST['level'], array(1, 2, 3, 5))) + ? abs((int) $_POST['level']) : ''; + if (!empty($_POST['text']) + && (!empty($_POST['cat']) || empty($_POST['level']))) + { + if (!empty($_POST['cat']) && !empty($_POST['level'])) + { + echo 'Please select one of the sending options, not both.
    + > Try again'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_massmailer', + 'staff_special.php?action=massmailer'); + $subj = 'Mass mail from Administrator'; + if ($_POST['cat'] == 1) + { + $q = + $db->query( + "SELECT `userid` + FROM `users` + WHERE `user_level` != 0"); + } + else if ($_POST['cat'] == 2) + { + $q = + $db->query( + "SELECT `userid` + FROM `users` + WHERE `user_level` > 1"); + } + else if ($_POST['cat'] == 3) + { + $q = + $db->query( + "SELECT `userid` + FROM users + WHERE `user_level` = 2"); + } + else + { + $q = + $db->query( + "SELECT `userid` + FROM `users` + WHERE `user_level` = {$_POST['level']}"); + } + $uc = array(); + $send_time = time(); + while ($r = $db->fetch_row($q)) + { + $db->query( + "INSERT INTO `mail` + VALUES(NULL, 0, 0, {$r['userid']}, {$send_time}, + '$subj', '{$_POST['text']}')"); + $uc[] = $r['userid']; + } + + $us_im = implode(',', $uc); + $db->query( + 'UPDATE `users` + SET `new_mail` = `new_mail` + 1 + WHERE `userid` IN(' . $us_im . ')'); + echo ' + Sent ' . count($uc) + . ' Mails. +
    + > Go Home + '; + } + else + { + $csrf = request_csrf_html('staff_massmailer'); + echo " + Mass Mailer +
    +
    + Text:
    + +
    + Send to all members + Send to staff only + Send to admins only +
    + OR Send to user level: +
    + Member +
    + Admin +
    + Secretary +
    + Assistant +
    + {$csrf} + +
    + "; + } +} +$h->endpage(); diff --git a/staff_users.php b/staff_users.php new file mode 100644 index 0000000..ee9a69b --- /dev/null +++ b/staff_users.php @@ -0,0 +1,1282 @@ +> Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_newuser'); + echo " + Adding a new user. +
    +
    + Username: +
    + Login Name: +
    + Email: +
    + Password: +
    + Type: + NPC + Regular Member +
    + Level: +
    + Money: +
    + Crystals: +
    + Donator Days: +
    + Gender: + +
    +
    + Stats +
    + Strength: +
    + Agility: +
    + Guard: +
    + Labour: +
    + IQ: +
    +
    + {$csrf} + +
    + "; +} + +function new_user_submit() +{ + global $db, $ir, $c, $userid, $h; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_newuser', 'staff_users.php?action=newuser'); + $_POST['email'] = + (isset($_POST['email']) + && filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)) + ? $db->escape(stripslashes($_POST['email'])) : ''; + $ulevel = + (isset($_POST['user_level']) + && in_array($_POST['user_level'], array('1', '0'), true)) + ? $_POST['user_level'] : FALSE; + $level = + (isset($_POST['level']) && is_numeric($_POST['level'])) + ? abs(intval($_POST['level'])) : 1; + $money = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 100; + $crystals = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + $donator = + (isset($_POST['donatordays']) && is_numeric($_POST['donatordays'])) + ? abs(intval($_POST['donatordays'])) : 0; + $_POST['gender'] = + (isset($_POST['gender']) + && in_array($_POST['gender'], array('Male', 'Female'), + true)) ? $_POST['gender'] : 'Male'; + $strength = + (isset($_POST['strength']) && is_numeric($_POST['strength'])) + ? abs(intval($_POST['strength'])) : 10; + $agility = + (isset($_POST['agility']) && is_numeric($_POST['agility'])) + ? abs(intval($_POST['agility'])) : 10; + $guard = + (isset($_POST['guard']) && is_numeric($_POST['guard'])) + ? abs(intval($_POST['guard'])) : 10; + $labour = + (isset($_POST['labour']) && is_numeric($_POST['labour'])) + ? abs(intval($_POST['labour'])) : 10; + $iq = + (isset($_POST['iq']) && is_numeric($_POST['iq'])) + ? abs(intval($_POST['iq'])) : 10; + $_POST['username'] = + (isset($_POST['username']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['username']) + && ((strlen($_POST['username']) < 32) + && (strlen($_POST['username']) >= 3))) + ? $db->escape(strip_tags(stripslashes($_POST['username']))) + : ''; + $_POST['login_name'] = + (isset($_POST['login_name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['login_name']) + && ((strlen($_POST['login_name']) < 32) + && (strlen($_POST['login_name']) >= 3))) + ? $db->escape( + strip_tags(stripslashes($_POST['login_name']))) + : ''; + $_POST['userpass'] = + (isset($_POST['userpass']) + && (strlen(stripslashes($_POST['userpass'])) <= 32)) + ? stripslashes($_POST['userpass']) : ''; + if (empty($_POST['username']) || empty($_POST['login_name']) + || empty($_POST['userpass']) || is_bool($ulevel) + || empty($_POST['email']) || empty($level)) + { + echo ' + You missed one or more of the required fields. Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $ucnt = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `username` = "' . $_POST['username'] + . '" + OR `login_name` = "' . $_POST['login_name'] . '"'); + if ($db->fetch_single($ucnt) > 0) + { + $db->free_result($ucnt); + echo ' + Username/Login name already in use. +
    + > GoBack + '; + die($h->endpage()); + } + $db->free_result($ucnt); + $energy = 10 + $level * 2; + $brave = 3 + $level * 2; + $hp = 50 + $level * 50; + $salt = generate_pass_salt(); + $e_salt = $db->escape($salt); + $encpsw = encode_password($_POST['userpass'], $salt); + $e_encpsw = $db->escape($encpsw); + $db->query( + "INSERT INTO `users` + (`username`, `login_name`, `userpass`, `level`, `money`, + `crystals`, `donatordays`, `user_level`, `energy`, `maxenergy`, + `will`, `maxwill`, `brave`, `maxbrave`, `hp`, `maxhp`, `location`, + `gender`,`signedup`, `email`, `bankmoney`, `pass_salt`) + VALUES( '{$_POST['username']}', '{$_POST['login_name']}', + '{$e_encpsw}', $level, $money, $crystals, $donator, $ulevel, + $energy, $energy, 100, 100, $brave, $brave, $hp, $hp, 1, + '{$_POST['gender']}', " . time() + . ", '{$_POST['email']}', -1, '{$e_salt}')"); + $i = $db->insert_id(); + $db->query( + "INSERT INTO `userstats` + VALUES($i, $strength, $agility, $guard, $labour, $iq)"); + stafflog_add('Created user ' . $_POST['username'] . ' [' . $i . ']'); + echo ' + User (' . $_POST['username'] + . ') created.
    + > Go Back + '; + +} + +function edit_user_begin() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_edituser1'); + echo " +

    Editing User

    + You can edit any aspect of this user. +
    +
    + User: " . user_dropdown(NULL, 'user') + . " +
    + {$csrf} + +
    + OR enter a user ID to edit: +
    + User: +
    + {$csrf} + +
    + "; +} + +function edit_user_form() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_edituser1', 'staff_users.php?action=edituser'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : 0; + if (empty($_POST['user'])) + { + echo ' + Invalid user, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + "SELECT `hospreason`, `jail_reason`, `username`, + `login_name`, `duties`, `level`, `money`, `cybermoney`, + `crystals`, `mailban`, `mb_reason`, `forumban`, + `fb_reason`, `hospital`, `jail`, `maxwill`, `bankmoney`, + `strength`, `agility`, `guard`, `labour`, `IQ`, + `staffnotes` + FROM `users` AS `u` + INNER JOIN `userstats` AS `us` + ON `u`.`userid` = `us`.`userid` + WHERE `u`.`userid` = {$_POST['user']}"); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $itemi = $db->fetch_row($d); + $db->free_result($d); + $itemi['hospreason'] = + htmlentities($itemi['hospreason'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['jail_reason'] = + htmlentities($itemi['jail_reason'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['username'] = + htmlentities($itemi['username'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['login_name'] = + htmlentities($itemi['login_name'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['duties'] = + htmlentities($itemi['duties'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['staffnotes'] = + htmlentities($itemi['staffnotes'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['mb_reason'] = + htmlentities($itemi['mb_reason'], ENT_QUOTES, 'ISO-8859-1'); + $itemi['fb_reason'] = + htmlentities($itemi['fb_reason'], ENT_QUOTES, 'ISO-8859-1'); + $csrf = request_csrf_html('staff_edituser2'); + echo " +

    Editing User

    +
    + + Username: +
    + Login Name: +
    + Duties: +
    + Staff Notes: +
    + Level: +
    + Money: \$ +
    + Bank: \$ +
    + Cyber Bank: \$ +
    + Crystals: +
    + Mail Ban: +
    + Mail Ban Reason: +
    + Forum Ban: +
    + Forum Ban Reason: +
    + Hospital time: +
    + Hospital reason: +
    + Jail time: +
    + Jail reason: +
    + House: " . house2_dropdown(NULL, "maxwill", $itemi['maxwill']) + . " +
    +

    Stats

    + Strength: +
    + Agility: +
    + Guard: +
    + Labour: +
    + IQ: +
    + {$csrf} + +
    + "; +} + +function edit_user_sub() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_edituser2', 'staff_users.php?action=edituser'); + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : 0; + $_POST['username'] = + (isset($_POST['username']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['username']) + && ((strlen($_POST['username']) < 32) + && (strlen($_POST['username']) >= 3))) + ? $db->escape(strip_tags(stripslashes($_POST['username']))) + : ''; + $_POST['login_name'] = + (isset($_POST['login_name']) + && preg_match( + "/^[a-z0-9_]+([\\s]{1}[a-z0-9_]|[a-z0-9_])+$/i", + $_POST['login_name']) + && ((strlen($_POST['login_name']) < 32) + && (strlen($_POST['login_name']) >= 3))) + ? $db->escape( + strip_tags(stripslashes($_POST['login_name']))) + : ''; + $_POST['duties'] = + (isset($_POST['duties']) && (strlen($_POST['duties']) <= 500)) + ? $db->escape(strip_tags(stripslashes($_POST['duties']))) + : ''; + $_POST['staffnotes'] = + (isset($_POST['staffnotes']) + && (strlen($_POST['staffnotes']) <= 500)) + ? $db->escape( + strip_tags(stripslashes($_POST['staffnotes']))) + : ''; + $_POST['level'] = + (isset($_POST['level']) && is_numeric($_POST['level'])) + ? abs(intval($_POST['level'])) : 1; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 100; + $_POST['bankmoney'] = + (isset($_POST['bankmoney']) && is_numeric($_POST['bankmoney'])) + ? abs(intval($_POST['bankmoney'])) : 0; + $_POST['cybermoney'] = + (isset($_POST['cybermoney']) && is_numeric($_POST['cybermoney'])) + ? abs(intval($_POST['cybermoney'])) : 0; + $_POST['crystals'] = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + $_POST['mailban'] = + (isset($_POST['mailban']) && is_numeric($_POST['mailban'])) + ? abs(intval($_POST['mailban'])) : 0; + $_POST['mb_reason'] = + (isset($_POST['mb_reason']) + && (strlen($_POST['mb_reason']) <= 500)) + ? $db->escape( + strip_tags(stripslashes($_POST['mb_reason']))) : ''; + $_POST['forumban'] = + (isset($_POST['forumban']) && is_numeric($_POST['forumban'])) + ? abs(intval($_POST['forumban'])) : 0; + $_POST['fb_reason'] = + (isset($_POST['fb_reason']) + && (strlen($_POST['fb_reason']) <= 500)) + ? $db->escape( + strip_tags(stripslashes($_POST['fb_reason']))) : ''; + $_POST['hospital'] = + (isset($_POST['hospital']) && is_numeric($_POST['hospital'])) + ? abs(intval($_POST['hospital'])) : 0; + $_POST['hospreason'] = + (isset($_POST['hospreason']) + && (strlen($_POST['hospreason']) <= 500)) + ? $db->escape( + strip_tags(stripslashes($_POST['hospreason']))) + : ''; + $_POST['jail'] = + (isset($_POST['jail']) && is_numeric($_POST['jail'])) + ? abs(intval($_POST['jail'])) : 0; + $_POST['jail_reason'] = + (isset($_POST['jail_reason']) + && (strlen($_POST['jail_reason']) <= 500)) + ? $db->escape( + strip_tags(stripslashes($_POST['jail_reason']))) + : ''; + $maxwill = + (isset($_POST['maxwill']) && is_numeric($_POST['maxwill'])) + ? abs(intval($_POST['maxwill'])) : 1; + $_POST['strength'] = + (isset($_POST['strength']) && is_numeric($_POST['strength'])) + ? abs(intval($_POST['strength'])) : 10; + $_POST['agility'] = + (isset($_POST['agility']) && is_numeric($_POST['agility'])) + ? abs(intval($_POST['agility'])) : 10; + $_POST['guard'] = + (isset($_POST['guard']) && is_numeric($_POST['guard'])) + ? abs(intval($_POST['guard'])) : 10; + $_POST['labour'] = + (isset($_POST['labour']) && is_numeric($_POST['labour'])) + ? abs(intval($_POST['labour'])) : 10; + $_POST['IQ'] = + (isset($_POST['IQ']) && is_numeric($_POST['IQ'])) + ? abs(intval($_POST['IQ'])) : 10; + if (empty($_POST['username']) || empty($_POST['login_name']) + || empty($_POST['userid']) || empty($maxwill) + || empty($_POST['level'])) + { + echo ' + You missed one or more of the required fields, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $u_exists = + $db->query( + 'SELECT `will` + FROM `users` + WHERE `userid` = ' . $_POST['userid']); + if ($db->num_rows($u_exists) == 0) + { + $db->free_result($u_exists); + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $h_exists = + $db->query( + 'SELECT COUNT(`hID`) + FROM `houses` + WHERE `hWILL` = ' . $maxwill); + if ($db->fetch_single($h_exists) == 0) + { + $db->free_result($h_exists); + echo ' + House doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->free_result($h_exists); + $u = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `username` = '{$_POST['username']}' + AND `userid` != {$_POST['userid']}"); + if ($db->fetch_single($u) != 0) + { + $db->free_result($u); + echo ' + That username is in use, choose another. +
    + > Go Back + '; + die($h->endpage()); + } + $db->free_result($u); + $oldwill = $db->fetch_single($u_exists); + $db->free_result($u_exists); + $will = ($oldwill > $maxwill) ? $maxwill : $oldwill; + $energy = 10 + $_POST['level'] * 2; + $nerve = 3 + $_POST['level'] * 2; + $hp = 50 + $_POST['level'] * 50; + $db->query( + "UPDATE `users` + SET `username` = '{$_POST['username']}', + `level` = {$_POST['level']}, `money` = {$_POST['money']}, + `crystals` = {$_POST['crystals']}, `energy` = $energy, + `brave` = $nerve, `maxbrave` = $nerve, `maxenergy` = $energy, + `hp` = $hp, `maxhp` = $hp, `hospital` = {$_POST['hospital']}, + `jail` = {$_POST['jail']}, `duties` = '{$_POST['duties']}', + `staffnotes` = '{$_POST['staffnotes']}', + `mailban` = {$_POST['mailban']}, + `mb_reason` = '{$_POST['mb_reason']}', + `forumban` = {$_POST['forumban']}, + `fb_reason` = '{$_POST['fb_reason']}', + `hospreason` = '{$_POST['hospreason']}', + `jail_reason` = '{$_POST['jail_reason']}', + `login_name` = '{$_POST['login_name']}', + `will` = $will, `maxwill` = $maxwill + WHERE `userid` = {$_POST['userid']}"); + $db->query( + "UPDATE `userstats` + SET `strength` = {$_POST['strength']}, + `agility` = {$_POST['agility']}, `guard` = {$_POST['guard']}, + `labour` = {$_POST['labour']}, `IQ` = {$_POST['IQ']} + WHERE `userid` = {$_POST['userid']}"); + stafflog_add( + 'Edited user ' . $_POST['username'] . ' [' . $_POST['userid'] + . ']'); + echo ' + User edited. +
    + > Go Home + '; + die($h->endpage()); + +} + +function deluser() +{ + global $ir, $c, $h, $userid, $db; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + if (!isset($_GET['step'])) + { + $_GET['step'] = '0'; + } + switch ($_GET['step']) + { + default: + $csrf = request_csrf_html('staff_deluser1'); + echo ' +

    Deleting User

    + Here you can delete a user. +
    +
    + User: ' . user_dropdown(NULL, 'user') + . ' +
    + ' . $csrf + . ' + +
    + OR enter a user ID to Delete: +
    + User: +
    + ' . $csrf + . ' + +
    + '; + break; + case 2: + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : 0; + staff_csrf_stdverify('staff_deluser1', + 'staff_users.php?action=deluser'); + if (empty($_POST['user']) || $_POST['user'] == 1 + || $_POST['user'] == $ir['userid']) + { + echo ' + Invalid user, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + + $d = + $db->query( + 'SELECT `username` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($d) == 0) + { + $db->free_result($d); + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $username = + htmlentities($db->fetch_single($d), ENT_QUOTES, 'ISO-8859-1'); + $db->free_result($d); + $csrf = request_csrf_html('staff_deluser2'); + echo " +

    Confirm

    + Delete user {$username}? +
    + + {$csrf} + + +
    + "; + break; + case 3: + staff_csrf_stdverify('staff_deluser2', + 'staff_users.php?action=deluser'); + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : 0; + $_POST['yesorno'] = + (isset($_POST['yesorno']) + && in_array($_POST['yesorno'], array('Yes', 'No'))) + ? $_POST['yesorno'] : ''; + if ((empty($_POST['userid']) || empty($_POST['yesorno'])) + || $_POST['userid'] == 1 || $_POST['userid'] == $ir['userid']) + { + echo ' + Invalid user/command, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + if ($_POST['yesorno'] == 'No') + { + echo ' + User not deleted. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT `username` + FROM `users` + WHERE `userid` = ' . $_POST['userid']); + if ($db->num_rows($d) == 0) + { + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $username = + htmlentities($db->fetch_single($d), ENT_QUOTES, 'ISO-8859-1'); + $db->query( + 'DELETE FROM `users` + WHERE `userid` = ' . $_POST['userid']); + $db->query( + 'DELETE FROM `userstats` + WHERE `userid` = ' . $_POST['userid']); + $db->query( + 'DELETE FROM `inventory` + WHERE `inv_userid` = ' . $_POST['userid']); + $db->query( + 'DELETE FROM `fedjail` + WHERE `fed_userid` = ' . $_POST['userid']); + stafflog_add( + 'Deleted User ' . $username . ' [' . $_POST['userid'] . ']'); + echo 'User ' . $username + . ' Deleted. +
    + > Go Home + '; + die($h->endpage()); + break; + } +} + +function inv_user_begin() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_viewinv'); + echo " +

    Viewing User Inventory

    + You may browse this user's inventory. +
    +
    + User: " . user_dropdown(NULL, 'user') + . " +
    + {$csrf} + +
    + "; +} + +function inv_user_view() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_viewinv', 'staff_users.php?action=invbeg'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : 0; + if (empty($_POST['user'])) + { + echo ' + Invalid user, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT `username` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($d) == 0) + { + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $inv = + $db->query( + 'SELECT `inv_qty`, `inv_id`, `itmname`, `itmsellprice` + FROM `inventory` AS `iv` + INNER JOIN `items` AS `i` + ON `iv`.`inv_itemid` = `i`.`itmid` + WHERE `iv`.`inv_userid` = ' . $_POST['user']); + if ($db->num_rows($inv) == 0) + { + echo 'This person has no items!'; + } + else + { + echo ' + Their items are listed below.
    + + + + + + + + '; + $csrf = request_csrf_html('staff_deleinv'); + while ($i = $db->fetch_row($inv)) + { + echo ' + + + + + + + '; + } + echo '
    ItemSell ValueTotal Sell ValueLinks
    ' . $i['itmname'] . ' ' + . (($i['inv_qty'] > 1) ? ' x' . $i['inv_qty'] : '') + . '' . money_formatter($i['itmsellprice']) + . '' . money_formatter($i['itmsellprice'] * $i['inv_qty']) + . ' +
    + + ' . $csrf + . ' + +
    +
    '; + } + $db->free_result($inv); + $un = htmlentities($db->fetch_single($d), ENT_QUOTES, 'ISO-8859-1'); + stafflog_add('.Viewed user ' . $un . ' [' . $_POST['user'] . '] inventory'); +} + +function inv_delete() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_deleinv', 'staff_users.php?action=invbeg'); + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : 0; + if (empty($_POST['ID'])) + { + echo ' + Invalid item, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT COUNT(`inv_id`) + FROM `inventory` + WHERE `inv_id` = ' . $_POST['ID']); + if ($db->fetch_single($d) == 0) + { + $db->free_result($d); + echo ' + Item doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + 'DELETE FROM `inventory` + WHERE `inv_id` = ' . $_POST['ID']); + stafflog_add('Deleted inventory ID ' . $_POST['ID']); + echo ' + Item deleted from inventory. +
    + > Go Home + '; +} + +function credit_user_form() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_credituser'); + echo " +

    Crediting User

    + You can give a user money/crystals. +
    +
    + User: " . user_dropdown(NULL, 'user') + . " +
    + Money: +
    + Crystals: +
    + {$csrf} + +
    + "; +} + +function credit_user_submit() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_credituser', + 'staff_users.php?action=creditform'); + $_POST['user'] = + (isset($_POST['user']) && is_numeric($_POST['user'])) + ? abs(intval($_POST['user'])) : 0; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + $_POST['crystals'] = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + if ((empty($_POST['money']) && empty($_POST['crystals'])) + || empty($_POST['user'])) + { + echo ' + Something went horribly wrong, please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT `username` + FROM `users` + WHERE `userid` = ' . $_POST['user']); + if ($db->num_rows($d) == 0) + { + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `money` = `money` + {$_POST['money']}, + `crystals` = `crystals` + {$_POST['crystals']} + WHERE `userid` = {$_POST['user']}"); + $un = htmlentities($db->fetch_single($d), ENT_QUOTES, 'ISO-8859-1'); + stafflog_add( + 'Credited ' . $un . ' [' . $_POST['user'] . '] ' + . money_formatter($_POST['money']) . ' and/or ' + . number_format($_POST['crystals']) . ' crystals.'); + echo $un . ' [' . $_POST['user'] . '] was credited with ' + . money_formatter($_POST['money']) . ' and/or ' + . number_format($_POST['crystals']) + . ' crystals. +
    + > Go Back + '; +} + +function mcredit_user_form() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + $csrf = request_csrf_html('staff_masscredit'); + echo " +

    Mass Payment

    + You can give all users money/crystals. +
    +
    + Money: +
    + Crystals: +
    + {$csrf} + +
    + "; +} + +function mcredit_user_submit() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_masscredit', + 'staff_users.php?action=masscredit'); + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + $_POST['crystals'] = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + if (empty($_POST['money']) && empty($_POST['crystals'])) + { + echo ' + Something went horribly wrong, please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->query( + "UPDATE `users` + SET `money` = `money` + {$_POST['money']}, + `crystals` = `crystals` + {$_POST['crystals']}"); + stafflog_add( + 'Credited all users ' . money_formatter($_POST['money']) + . ' and/or ' . number_format($_POST['crystals']) + . ' crystals.'); + echo " + All Users credited. + Click here to add an announcement or + here to send a mass mail + explaining why. + "; + die($h->endpage()); +} + +function reports_view() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + echo " +

    Player Reports

    + + + + + + + + "; + $csrf = request_csrf_html('staff_clear_preport'); + $q = + $db->query( + "SELECT `prID`, `prTEXT`, `prREPORTED`, `prREPORTER`, + `u1`.`username` AS `reporter`, + `u2`.`username` AS `offender` + FROM `preports` AS `pr` + INNER JOIN `users` AS `u1` + ON `u1`.`userid` = `pr`.`prREPORTER` + INNER JOIN `users` AS `u2` + ON `u2`.`userid` = `pr`.`prREPORTED` + ORDER BY `pr`.`prID` DESC"); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + "; + } + $db->free_result($q); + echo '
    ReporterOffenderWhat they did 
    + {$r['reporter']} + [{$r['prREPORTER']}] + + {$r['offender']} + [{$r['prREPORTED']}] + " . htmlentities($r['prTEXT'], ENT_QUOTES, 'ISO-8859-1') + . " +
    + + {$csrf} + +
    +
    '; +} + +function forcelogout() +{ + global $db, $ir, $c, $h, $userid; + if ($ir['user_level'] != 2) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + $_POST['userid'] = + (isset($_POST['userid']) && is_numeric($_POST['userid'])) + ? abs(intval($_POST['userid'])) : 0; + if (!empty($_POST['userid'])) + { + staff_csrf_stdverify('staff_forcelogout', + 'staff_users.php?action=forcelogout'); + $d = + $db->query( + 'SELECT COUNT(`userid`) + FROM `users` + WHERE `userid` = ' . $_POST['userid']); + if ($db->fetch_single($d) == 0) + { + $db->free_result($d); + echo ' + User doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + 'UPDATE `users` + SET `force_logout` = 1 + WHERE `userid` = ' . $_POST['userid']); + stafflog_add('Forced User ID ' . $_POST['userid'] . ' to logout'); + echo ' + User ID ' . $_POST['userid'] + . ' successfully forced to logout. +
    + > Go Home + '; + } + else + { + $csrf = request_csrf_html('staff_forcelogout'); + echo " +

    Force User Logout

    +
    + The user will be automatically logged out next time they make a hit to the site. +
    + User: " . user_dropdown(NULL, 'userid') + . " +
    + {$csrf} + +
    + "; + } +} + +function report_clear() +{ + global $db, $ir, $c, $h, $userid; + if (!in_array($ir['user_level'], array(2, 3))) + { + echo 'You cannot access this area.
    + > Go Back'; + die($h->endpage()); + } + staff_csrf_stdverify('staff_clear_preport', + 'staff_users.php?action=reportsview'); + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : 0; + if (empty($_POST['ID'])) + { + echo ' + Invalid ID, please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $d = + $db->query( + 'SELECT COUNT(`prID`) + FROM `preports` + WHERE `prID` = ' . $_POST['ID']); + if ($db->fetch_single($d) == 0) + { + $db->free_result($d); + echo ' + Report doesn\'t seem to exist, Please go back and try again. +
    + > Go Back + '; + die($h->endpage()); + } + $db->free_result($d); + $db->query( + 'DELETE FROM `preports` + WHERE `prID` = ' . $_POST['ID']); + stafflog_add('Cleared player report ID ' . $_POST['ID']); + echo ' + Report deleted. +
    + > Go Back + '; + die($h->endpage()); +} +$h->endpage(); diff --git a/stafflist.php b/stafflist.php new file mode 100644 index 0000000..3c2f332 --- /dev/null +++ b/stafflist.php @@ -0,0 +1,137 @@ +query( + "SELECT `userid`, `laston`, `username`, `level`, `money`, + `user_level` + FROM `users` + WHERE `user_level` IN(2, 3, 5) + ORDER BY `userid` ASC"); +while ($r = $db->fetch_row($q)) +{ + $staff[$r['userid']] = $r; +} +$db->free_result($q); +echo ' +Admins +
    + + + + + + + + + '; + +foreach ($staff as $r) +{ + if ($r['user_level'] == 2) + { + $on = + ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) + ? 'Online' + : 'Offline'; + echo ' + + + + + + + + '; + } +} +echo '
    UserLevelMoneyLast SeenStatus
    ' + . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
    + +Secretaries +
    + + + + + + + + + '; +foreach ($staff as $r) +{ + if ($r['user_level'] == 3) + { + $on = + ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) + ? 'Online' + : 'Offline'; + echo ' + + + + + + + + '; + } +} +echo '
    UserLevelMoneyLast SeenStatus
    ' + . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
    + +Assistants +
    + + + + + + + + + '; +foreach ($staff as $r) +{ + if ($r['user_level'] == 5) + { + $on = + ($r['laston'] >= ($_SERVER['REQUEST_TIME'] - 900)) + ? 'Online' + : 'Offline'; + echo ' + + + + + + + + '; + } +} +echo '
    UserLevelMoneyLast SeenStatus
    ' + . $r['username'] . ' [' . $r['userid'] . ']' . $r['level'] . '' . money_formatter($r['money'], '$') . '' . date("F j, Y, g:i:s a", $r['laston']) . '' . $on . '
    '; +$h->endpage(); diff --git a/staffnotes.php b/staffnotes.php new file mode 100644 index 0000000..d48925b --- /dev/null +++ b/staffnotes.php @@ -0,0 +1,75 @@ +escape( + strip_tags(stripslashes($_POST['staffnotes']))) + : ''; + if (empty($_POST['ID']) || empty($_POST['staffnotes'])) + { + echo 'You must enter data for this to work. +
    > Go Home'; + die($h->endpage()); + } + $q = + $db->query( + "SELECT `staffnotes` + FROM `users` + WHERE `userid` = {$_POST['ID']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'That user does not exist. +
    > Go Home'; + die($h->endpage()); + } + $old = $db->escape($db->fetch_single($q)); + $db->free_result($q); + $db->query( + "UPDATE `users` + SET `staffnotes` = '{$_POST['staffnotes']}' + WHERE `userid` = '{$_POST['ID']}'"); + $db->query( + "INSERT INTO `staffnotelogs` + VALUES (NULL, $userid, {$_POST['ID']}, " . time() + . ", '$old', + '{$_POST['staffnotes']}')"); + echo ' + User notes updated! +
    + > Back To Profile + '; +} +else +{ + echo 'You cannot access this file. +
    > Go Home'; +} +$h->endpage(); diff --git a/stats.php b/stats.php new file mode 100644 index 0000000..634439b --- /dev/null +++ b/stats.php @@ -0,0 +1,105 @@ +query( + "SELECT COUNT(`userid`) AS `c_users`, + SUM(`money`) AS `s_money`, + SUM(`crystals`) AS `s_crystals`, + SUM(IF(`bankmoney` > -1, 1, 0)) AS `c_users_bank`, + SUM(IF(`bankmoney` > -1, `bankmoney`, 0)) AS `s_bank`, + SUM(IF(`gender` = 'Male', 1, 0)) AS `c_male`, + SUM(IF(`gender` = 'Female', 1, 0)) AS `c_female` + FROM `users`"); +$mem_info = $db->fetch_row($q); +$membs = $mem_info['c_users']; +$total = $mem_info['s_money']; +$avg = (int) ($total / ($membs > 1 ? $membs : 1)); +$totalc = $mem_info['s_crystals']; +$avgc = (int) ($totalc / ($membs > 1 ? $membs : 1)); +$banks = $mem_info['c_users_bank']; +$totalb = $mem_info['s_bank']; +$avgb = (int) ($totalb / ($banks > 0 ? $banks : 1)); +$male = $mem_info['c_male']; +$fem = $mem_info['c_female']; +$db->free_result($q); +$q = $db->query("SELECT SUM(`inv_qty`) + FROM `inventory`"); +$totali = $db->fetch_single($q); +$db->free_result($q); +$q = $db->query("SELECT COUNT(`mail_id`) + FROM `mail`"); +$mail = $db->fetch_single($q); +$db->free_result($q); +$q = $db->query("SELECT COUNT(`evID`) + FROM `events`"); +$events = $db->fetch_single($q); +$db->free_result($q); +echo "

    {$set['game_name']} Statistics

    +You step into the Statistics Department and login to the service. You see some stats that interest you.
    + + + + + + + + + + + + + + + + + +
    UsersMoney and Crystals
    + There are currently $membs {$set['game_name']} players, + $male males and $fem females. + + Amount of cash in circulation: " . money_formatter($total) + . ".
    + The average player has: " . money_formatter($avg) + . ".
    + Amount of cash in banks: " . money_formatter($totalb) + . ".
    + Amount of players with bank accounts: $banks
    + The average player has in their bank accnt: " + . money_formatter($avgb) + . ".
    + Amount of crystals in circulation: " + . money_formatter($totalc, "") + . ".
    + The average player has: " . money_formatter($avgc, "") + . " crystals. +
    Mails/EventsItems
    + " . money_formatter($mail, "") . " mails and " + . money_formatter($events, "") + . " events have been sent. + + There are currently " . money_formatter($totali, "") + . " items in circulation. +
    "; +$h->endpage(); diff --git a/tablehgrad.png b/tablehgrad.png new file mode 100644 index 0000000000000000000000000000000000000000..5db49b988286d2668695af92be1dd7a22e626651 GIT binary patch literal 232 zcmeAS@N?(olHy`uVBq!ia0vp^j6f{L!3-qLB-myEDVB6cUq=Rp^(V|(yIunMk|nMY zCBgY=CFO}lsSJ)O`AMk?p1FzXsX?iUDV2pMQ*D5XoC178T>t<7f9=|}fB*hnzj6KU zox2YoKK%IcC@Y{Z-4&$ z`PHjej~_oy3T#WAGf7R$j#Mh683h7FoZtxo^<-)ehMVkvS~eP`>6tsLWLiv>jtid$uRr<0l3kBm3I4TIg`9~V8h;sXnG>C;l4xnGs0k3=%ia*ok zD0lx-mj?hT0F>ZWhr)Z6CIZs~A@;yE@P1i$8N5+~d|m!<&L0B+^NrtkDQg!?2(6}_ zi-(K5or^22jE(@UzP+=xi?=(#%gw_h!p$SX%SX%0Cn6v$!ovpu*J1zw6Qp^Ko0pd- z=MUMCNC3z|{oNi~eh%92^rh5S0Rsi?51ujpDi?~wzvM!J{Z%ehl;1Q^{80a-jdlJ9 zJw@<-DcjW@If2{)@UCPrmr(;yk=p?NRSvLze2Isg2A%_WSXfxtSa{gjc!an(xP-R} z@bCz3lis>@`_?T|LcFW+$L&|<-(!^PxVYExuiwDOzd?kLk56F;LiqoO0P+Js zhy@S=IcO+!04gC08X*eu8z>|WvK>VdNQk!Obje^G(0}AkPz+Kotr%9Qd$Vua8Ix?huC?5!JP$#Vp$ChQz1rt(!=6j~^2`bOFX|H8N0tu? z>N`eP4)tujf|CjxI>+EgLJIn}-XY0FZ@R`;e-Z+ys35o3u6V-4Ko_`T;SSHuYaj=1 zbhprXpTrVfa_~`maEFh6u$+sg0d#7CWFYEX}a=1T(?oMwRkzNoG&o;nYk^;Xt zK62MF6PKp+(h8r>z!g_@SwLRO{| z)dkc&pOKg0zD&aDv4Nj@wp7^ctWTYpnin4mJu+=c(uqC_r^#sDiTmRCD_T%uk5gNWiJ_Bv9_G0Xd3uw_ANck2K!;|$u< z{mmyS#^}iD!0YU1P@d|-i}P>INT3Qq6eQ(UnJpElpz%4!%6e&~I_VbVnZKiz;{_w4 zs>)Q)&n$cU4Wi*)vwE3ni*}jYCh3H(-e%L*q;*5BRq6o;P5zS3y7)8? z2?Vxmt%;hx$mq=&lN^P3RgX-m<-V+pmq~R;0&2A*wv$L;aC-fMz((CE`H+Odr5F!t z^Dd30((zzwV3ntGM%=szkvwNPb|%`kRa%Z`E6UhU@bKen?#-KHK}wJ6TUx)mI4gXA zP?B7t(m-!~MM{%8E&g!QKnVk76r*u~QnrYY`)tY8!(5p%F{fLJv z2ixgp3VBw$@19Vnk_;XBNq=>z$sUsEtti?@0x3w~g)YllU0OvaiMeYxL@l?kE8Z09 zT@t2JIs>1pM*LeLfBYsV2cGOj5wS6#ifdtmfqA9~F*)Wg* zLGn3S;JP}ek!Mg7U{>IL;*0M!~N4E;v}P zLU4^7>Je*-V0ZJ^Slx0oJ9Y4GO!TWf4C*^1v0hIfInArt*{D8r znu3o;TRFMjzQ_uO2sBbhDNF`sLb5Ww0;5{tC^_1XD_a{8y9 z>ixCnZ7mKu5FT2e`ihSn zCg?xZi&p0R=$SN{s6S;&_a@j#&7#x9@o4eW%7rh+65Cdd#T;^mY?xXZJi;8VGmJDbuW!ecC~TbFI&3=d5eZ)O(6UoQrU);hj?5a-F}D zT_(-JbiG;>_mHgLhBkbka;Ci~S_7JS7ZDw#!uE(A&TR#Wl*nPb-uQ;_`&8%k$e`9q zGa1q`Bw%WHpdRVke^2j_)!hBbnc#;FHvf;)R_sU7E`?i7l1Yt62Ys{otCG|a*tV`i z+x%n9YZcV-i6f_?Mw}L;n?C+KTi1x2qVK(aB(@9EJ8-?TXB|kA}hQ!bt z$3;5nH-yLgKRiBHXx1gGi+kj7!L;o!7_BiBga|O0)Bk}4SVn8c{WN$E2&5w{#KcRuv`MJ|VPL&Ozg9yoTea<+tK&2DGdjvoA2S?VBz);|i`G(00 zh9E;2HWLg9Fpsu=30OU=%2{^(`mB|XS^3lp3FrpOttzqfCUU`}_b!;H-W8ok54V;h zfgYo#R3s4AC%MtIXVQF!(O`?h2 z7x;csHaIU@?~gwTeMEztL~aoV{_Fh4$H@%{ODm~eyFB{=00AY65r9U)s6Yvx5m76m zf0Z#_mEAD=;*D)uPW53^Ss>!f)!@NZJ&~)jcrd;JUY92<0Kj#H**kk^czU>cdVtx> zBPk#Qh3Pi%bmx~+%TpBXtPsO+B^P|SakmbP-V z)v$E10^9%9fxmkOJko=`WKBzJ?c!;9-(~(XdleL5&i@4_4gIfp(lBe?2hJYy^xDwN zk@z!6L#=856I|OJ>Tw0v^nu>j{u3R?3u5Kr0+Y4yu(*`qib+jdP50k}cA36J2Jcq` zstU3BMdsg{)de+%|J1CG74#Qe6J~Ya@K>{!qldP2mA>)o)DG$@zfSR}S0l@GRfhiy z`!be%{KuGIzk*%PXzD9WvcKoi_OJ5TS1}l&T+I|v$GHqRzlQ+0Y6b1^3aSWj+1P+3 zP%sAd5ip?q0m)5G`xC-@1vdiY-#7wS5RQLAuB18!^8nxq0LcFs(7s<5|HmTa|4G?Z zUtE#~mo|WMmAljgLEY>!y2^83rT|owU!|9PU&?Yh-e_0lSXYogRubxc5EZ=ss7rmB z`U@@c%PbnGsQl3zms#Lazq{0O!A-#fum>+FaJk(7nD&TazqNyYRR)4D_ZQ5ojFRkMXk*&KTs&R>2EuTG+1uJX z|FOF8JV`zOvXeBk)#iuo1%Y||2XwvP;J>5eTH4CEKwV&e>0H8J z^raR4EC8zj>MqWgeU0tm;tD?U+#!FRI5<#nBK;RAo~4TiIHCRv92Xp7yMIT&T6cFZ z8v^ja3srLGD*bD{5?-Z2lhGB{r5)$jg#NW!FYy6vQZTw)DmmZ<;-kz101bG7mJw3W z((#Wa8l@B&X!posyH0#y_j zz!FqTXaP;Y4orK1m-|)96~wsp|A9dZ$N)OPFU9Ywg`>UeON*(eYE)weoYcx@S!%DM2gdBjV%a>ICtyp!IQrI=hSbh|^sW7Xj0kU@kh^ zD-;h$ak{H_U9<*jnzS-5FbJ&xCpU)`w;(sIAP*-GAHR^05IZgSGLM^!o0p4+mxD)0 zgpXH*o16BJKnJ!4v$he@mX-gbEifle_lHp4-rk(ve4H*YTP~h^_wHTN;N|52F*w|P zojojkIGo+-e^Zc!xLd*OuPiXMmlQ$kf~SW#9mwgG2v#unKgs^BudF~r56prCX5q~N zp0_>hoo(H(`tEl{*Wd3a|8w;}i~m*$?7shu{(EG8Q@6JI6VDY?e6B>bw&H?7Ax;oy zk4sK?E<5|zC^)&Qsr`xmHz9tLb#nR>+ucLX3zYxAn;!0$`Usac#NEXcW(AS+0$Ze~ zqXm0PL<$OnSXlc?xw=B_A>eG$g?U2gX#bQ|r(SeKUvd~++pFJSZw3#?*q#G398p#A@r%)bbF+d)8bzlZJb1M&;Q-NnYk z+X4oWvIV>5_oDxo>Gv&`V7PwJX&~z+R9)2?Ldv{4}Uw1 zYuB!!U&BC0$H2w_FI+4P3@ltc92{I69K0L9oa_F${mT4%jDm@Yc^&UM>5Utt|0n)- z)@b=?D4>Jdzx?eyL4UhfAe)$fb+-eqp`)Qn! zWSQghY6VGjtv%X?7O|L~VdIdJJx`F6&#%)PesGt3Z)yM1=MLieBJr2s-T%bxPFT^v z&L=db_-*&Z_hXiON{05nVW}mJJ(FuEtRl)r4u0WjrSCpZt)Kq#&qG5;2Ym*wVWFWp zU0H}PT?D1jwLp$B+@8ep=2q_zeH>h%m%goS3ESmk;Fozy9H+zh%BtoQru&e!70+T(%HUS4h6U6$dc{pSh!b$@4B{x80Qe{~i78_)j@%m3!mXRXvfP(&QYb0yiRuW87cS>;#70xoXGs+3scO0_zA`LIw$_PSQVCwI!b=U^A3Sw2VQ;)ip z#;t9QJnL%Saa5Q9*W8L3(uR-W49l2;eVV)iG}^d*^6*)h;_}VMKjvBD+hn=FU?mbY zX{4!?JvMsEHyVIpct@((U5zoQq|ek&E6BEeMP`J8AU}txSt*}aJ94geulJgLdAhZP zqKaMp-O3{R;cGEi6%;ws(>$JDmiN7=QmiOnX|E8Q!ZnJeuEqB$y@TXiYd*~n5Et`; zei(MUB@_Q{i!h4zv-xaLGXgVgLt91cB`MMEX`w*^9yH^EBySx9ld?`bsUAY7b~ns| z{zsT;VtGQ`@_B`H@03RB1QvDA!}?vHbR@eJ25rwYTJOHj;`-r%1Uk;o%@xk@g<{tQ zIfr=DhFaXMM?*MxT69zwRk*&zCYV-cYd#-7m?U>?*9)O16@q^O{PYu{iE-f)cU1ZK z_x-|dF;}gRc~zgtccN>PP05Qj(B(S5>BbwejJ=m{T3JMCmH(J>TN??$cB%wqV^wHn zOpp3MEHBvgC($s3*Dt$y^AJDve|lX({REAfR;unT`u7%fIz{eDiQy8ufz1HehYk15 z$kfkKv|BG;(G8t2yS@G{Sc%ERjnh#3rWi$h*CLLB7uPqG?G4n_<5egxnM7u_W2uyq zm1ISCc!i@mRB)CTN7neWrKbR+JVqm~nrbu*dj{3f1YcZ7aF3&ZHk%!06!$Tj1oK1Y zKCV8>9l73t)hw|LEt@PaQ(iW^loup7ISla2UKcrs2%OT>X}C9S6)#50J<|43NVTC` zSLesNjz!iI%`8U*F$pX+WKOJ&p?vzeeZHMDGq56~ z>7n~doj1P0G^|g@9RlyAVj9Qtcn~dPOj?EGr03+KRbt%FDP$ziE9q9Tr4!9%OxYwb zDNZ`>fF>i-G%3}Uv7;zh#8=MV(q`@xaN0@|-?&*~*i(5@mCD#3ie*zpZ_=48IPmI0 z*xZlLiVO{?6bB(uDo-dCLl?Zod5^6aOLb6$hAZqowZh%)i@MbD10vt3yp+1VH7@AW zmOpaybKQw5V)?IL}Fog-h$x8J6)cM zjJCl|Yq4*^bx6P~C>L?6Ay7B2R#HsMyY=2S)>*7>xoAuR616h8?Dtx9#pe30uDh9o zKdYx5Zn3{)R3dWzu=P|B4WA+S=$q3$KmTmX*A&pOMR-zrJ5Eq~3$NNNnUgce%JYgq z)@^Ru4^OMCJYur=i-lu4-551zxJoO?M?bDbP*Y{qpLh#rt2W`xt@V>&5qV19j01KH z9RwEhB~zWpYa9wOe+Ev=kqF;DSYW7jjm;ypqiB zB!rL)7;hR~MLnZk3vo<5cK;@6LEi1Hy=exLOIa?;(y@cva zWYl*wlm|GV&owAVg7+)22T20C&=( z+Xi+q{q(0fhfLnMi5e)76fDl#v;?b!qocMc_RpYWN`>BZda-VYc9TUWj&mHv@?FWy z?%dta+x*|zRJ;$x5$)uOqBl!pIw89BUK(!yibohv7&i#ziA65}~p8Q-) zq$Mp#fUD0<4|Ep<=Wb6S^aR7C+4%r3@cu_ewLedo$imjzzXHgBRO_LCK4)SG)2}`|DB`hSZ`|e_#&o zWPb;f#NzYF@!s?V;(6t5S@NH4cKLF3yffSe3ANO1?2AP0&p(_vnqv1ENz#y0mcy|Z zRG5@7#D`icmtN#1 zb)}<*D%mNx1oT8sMe5)xCA_YJ_IGfbKx5d;6yM|A-&#m#clUUgA=neIxtvp6)nM+N zvyi{4HWtpbB{fX$TC?_Za(ym|{8hg{rAdPOWX4f{;Ct$H=gr!-426>(B#_46-L6JX z8wl)qqNY2goI;bnO_94%h3r&Qm`Vs2Noo8LJhAa8sx6KbQdlRaw3$-Mcc&Cw`Wacg zN3PxU9M7G|;rqa~?C&Ao&tC6AqHnBR*x)-?Fv`AvojqP>>k%a#O~!F6WyUR5>jf2A zAY)&jq3qGJ$#t_}0|LBQE#GiO##e6$)h_nhB1!OMqcrZn9>r)`DM_<&G1pL6UTO|p z>cDqgiEis=OZb)#qddk+9(^A4+P5(85m{m^%NOujgjN>mSFm2f-r78o`SHX$oiq5W z=AKQGQ*%?Xd5n>y!b{1qhxys90#g~u!d?CSgNqWxs+sioGzWY0zF$hi;}wa>Z`#?X z0~@;qm}){$zzEe|>qQUQTOAcH7DY~NM(Ib=EUIBCD3wNGDz*iN-_6YTA_>jcqnKJY z4sX*AL}l~`%_j>C^@@#?`dOW?iU{+pt@~{h;HDC$rZY7mvKrgQ^2TstHFdyJ!d<#nMh#G?AWL} z0js|0T}(wYq{{&UOQD=O_vumHJfJw9;2$JHD-rHu&|rG0m>@$xTo<;Q!W#bguH%4p zWXZ6y{m85-cd@1vT~lPabwiEv?RgwS`}QX?@eP7WGizUJS+pMfP*0I^ic*XJMxlOq zBd#8}mH0(>T+b|GNW(W;)0hM%Ik2lvoQt@9*$LC7cKIYuVib4#hT zmO6&F#l6)sUX8uh>qC8fch5SZcQDa7^%QLA-$>Qt+sNva^uky>R~#fM1;-a&5q;{> z8cUDlkpHOSOw4l>Js87jg0150Wckp?bN4fZaIm*4=1?b`hY}Jx=2dpxS(4r3l(k@D^r#78mAdAMd51nABL%p*@!X|8 zC6&%3g@{l0`nwhMIu<|1pWk6s_>;RjmZLp6T_4!MX$MV7BYbasUD6*LqQSq#m5Q3~ z-JeB?-z4!W6^~pN3(dRmB#j4HUoDAM<*Cn_D8_Vh2`UsSouv9vSz`t7%-|9fv z?ly<$>@7qIrH%y`K_{O%GjS-rv#M4-(&6@dV)X3AgfcztBws||dRUXr+l~$qI%R4k z(9go}QA~ZzF1R!hqunubf)g@vZ1LvqyzI2;nAA>Yzhi{z?q<3IgOkj`f@`F*;Ox`; zA1*M_R2%su+1Igc7FRybv)mW2rQsKTA+XrlSZc5@N~(-LG;70%$)bol zJp1}HdsCQnHH*KgXTi`0m8ggawQj9mk)2KT%b<1WgoyLR@Uj34{*9d~-u9#M@|ROh z@O7rPlHmwE8J%WUER46^O->SQDtBrR`;ALBVW@&|6)qeB{%!h~yq28zzN8pVHv113 z-k^jwO4(5B4XgD$dCa~6}EopygqhUNr_Aa z5ROel@_qp~W03&cTJ*Uw#_7tBHA(Z-(+)?Cg>+8BHdE@L_GA(gedOTYdfBb}e6+Gj zuO1K+Q)JXx6=FCx624JQtl)eZt%09=n;#P6TJuPTVT=SC9jcxsXsSR`Kiv^?@Y4SmLiLBqT~TQ{F^ zcuUhBNsrgKzDlXXjW7!ZO2Q5)dUs8KO{)m9-h}%>8TkW#nDExL=6Z`lHJ74kUbT06 zbi0r3rz1E$1~;L?)fuUl1p9$SG#v~B0cWdavM&xMQ5aWi-z3S4#(l-9z3CsP4ois^ zVyG6Y$G=iiO?1Qk7wBSeA2Z+JP=e;3EO4{6H>3~KC3+fd3idrF?{Rv8x%)|umbj6I zl2|V`sS*W%+mP{FV_lK*M&!cQF_j8`+!ww6)XSqhvpm)%Yw#9fjRfWX&4w zeT%B4xT)%A?BfVjinYGH>lt@VpA%#@_moaeoV%?IBFEeQ#P<7}IomPL|_PsAkG zXcPv6+zF3QQ}h#EtX&wsmv&ar&+^@xN$*j2^th+g%l55dPSEF~IBIi_(uB+LVj%@1B7)M2r`+Qf*v6!)pW0RRa5*oFBe@egJW8QJRfz zAErMUq_)(8Q1@ph6JE2uvmUQBZuvxl5*-QP6>Mam z%Y1GggxkAtrY^&#(?*WrpKlNnQ9=z0_}YD6_f8+#@H2(%^xWKXvnYsBtSfL(?BEM$ zlk@i&dw2-`@r0di?!A?R)I2}jo}lEr(VGm9vTRP%iFEz?QK;#BV#Va5-n?=c$rB32 zW{Ad~G3(}bZ&wl;dyCdwgs+?1$2G{E&sm;9ci#=xeN%Pb>$GSR2NzwGbkI24*9*PA zN5qy47M!k}W#&a_u0>8h#d%>g>P{7d8ib5DIK?5jBjbgFBRqqCRk7>`E%X{fY0ssS z2krAMB|du?1$;*WJNHU57_+&66_Vo3O~Odw(1#6X&Mw?1@w%f!O7jB;$9>$!bwhQq zUeSQt@|M|nc3Ve*)JlogJyB#)8g8&Z{xzI8IBkk7rZ9ln!xMdH8l?SDN>fh}I06IXZ}-kZkoXB&gg) ze@7ZdGAP=xcaT+;Ypn$S!}u{&YD1fk+OWgW{Z3v&fz~0x>K!D&EfDIl;d2lnkM8sg zn@YW7DkIt)>fzJZVtbt4qzraRG`soc>bVQ)$adEJYvyUemj-t}J!!bv?vq{P24j{J zc=KG8jZo9ya^Z_^wy^=Raw*hLhfXDog{9a2tl?sE#l%TAPEEO89@|ZRLzUBpGAZ=U zzCwzJ6YuPPZwy81JTGH^Dc3zxVY8d8*Qdke^>p#(TKa8#6{yu&x}x|kkEjx3Tw~NX zwZ)D5lTQyjo8ZC)^|Ha%2diN@%X?Kf!YE$ABps8fB?H=wn6D$0afhrAh7J{QTr*jJ19ro@`>ML?%E~s3oRu z!uzyA7^R4#*;O7pVRT41W-MFXfDX+tmgPlWXC;;-iAD1Lx06!&Uz)oa;4&|CL$Veu z`78BVbUg0Z1r0$X0V~yz(CHI@LyjLM%9&pSFuYP0^Z90p_$w#TM4U(~EZ)QCZ#5{i zH<(?&rmQ}Sc?A2&l!sxsyd^S=Sj&IsEZFdUsBac4+%S5Empo(UMgysvn<{3pV|J=! z@~ld@=yi$dgTm4gt!q>no4MH)8hcge_!i5PWEDgyLg7}+4i?u{Rh`znY^fXx=mF1m_ zek|qK>Vp|S=a3^`dN!M3rGjCHki4OwNrYs-V=8?*!5Dw9nl^4~-b;%S_R!O1w{ZG0 z{mANPMriVS=94Z*WU{-x7*^r(NFbeSRoHjo%?-<2YvF^LWm~Dd?O3i08BY`Y3%VcI zU+25&=gmw0SWm$YV>w_);U*+jXBbDS@LSCna;px9ozRG9bMMt@1r*cNoeC8{&?RiU zv+@>UxH0m*X$rrOy|s{xZ5$#dOTU;X>@>2Cq12h6R@mScVu~1CcYSN9#+>FMFGw^M zvh%@&J$N>8`K8TNZ$fid$4;HCU&%ytVdIn1cH7$6oRMSR28D_f7u9k0(Q-ZE?dh#g zf~#6aPlj4+ySS@ullaz8sj~7EqQ#^-w0h3xR-3K*W_5ic(8wq@?Nw(!SxSvq_TMFE zr`}NEX)RJaw~sG!iq^6m&|d4%2y%<%fzfArw&Z8M8VI1jK`8b#l{4E~&^bRURY)hD zl~yuuDsi zh)ZxPSo)pWTqn(pXjqI=d@NU`hT+e)beA$$MseUG%hXQoQH_Lff@7KOG9=1-h`s0_ zvDqkS3|s6Nu)@esDn$aH4v;`)t@*+&RzI5lPT{wwyBO|#w8J~Rh zhiT4I^gBgu=~Vc%)*AZRTakM=o=XPHgw1C?9Fg7J6Vg_nY(mYnNhfQ#?M|CCKb#}Z ziwXPT))jpBOzNg~ky{)-rwU8K+nWN$n`4d4H~pEpWp3?00LDu?J|%?O%qk99r|t1a z4)6fnyOnJ`p0^ev@VM{s0@ShaY5!vOh2RO2B!0OBR7LIjiJ;EOvcc|~O5T}eQJRsK z_u3W0o}4Dn86%b!t3n1%rZkH(XXlVZ`vJr~%CW7%&ee(;~Ig==gxN ziaS^f;{2N`nU{aCCOD&jJ?JV`ASYS>ha4Z8- zgdwRSFIf_Xu(-&iK};THAL6INC;ZN47TZP*LA^MB08$J==%2sd7fQhrZ1}pCRizd( zoS5+}&OW^h2?#G$l%k1cXuJjwn4!<&Z+!N>|LT(*oU5mIi%!DDle~KJru@NV^wW?< zb!_ae^|0{G{po4L3TJXMIVwScqaHV-AvVRqs(Kb}3WL0JxaNE~@qH=mb4^w`N23HjpxwK1(_RC%crpwS_c9ujdD7@P zTvxz`#(>AI=HYu)%Pp5ph#hB4=enH(OFFwzEKlu|comfe*nz|09JB|$Bc>v?DuKfj zH~qP>U2lurUA80*eoG27$-0iQ7XXuir{&}Q!&C`@h^ zd0-yf%!>KvJhIP5dBW&071&zGk@V|;+*F@Pj zhz$z1_A--V_YL}j1PWa=3ZFy?KmFKT8HrFIkUm`T)Hqd1=07F)0r}x7>Tyb)zS7H* zr8p*6#M`2v>D520r0JtY&7w2If1E#jP^UD-{{rw_)unmY3@YebG7{p4S~8P=FHodZU`ts+kIj4pv${|^}WTQT60{!kn2nj=?a5ZccC2S zLqoQ1g1xsZ6Nj;}l@)QDYnH?YrS01X0>%9FyeVYb5SOC2WiG0T!ts4Xs}V!4^MeWF z^miwqALBi?PZGXOnGgRIsc6lUJa0D!>LvE>54s_NNP=jK<(+*E>=jAfpt%+a_6(no z+e#i2UyI7WR~)?%z}4EW3wLRGM2rM1PfEAM6f{cT$2<2>i$NbT!_L)b)c8bhy-^bL z=s7R370fOD==>_@b)^dXv8BpON^d5&lY+{^*yTyfCvSU-39k`JZWmBGh=)=lfk_*Q z_@6$EG5guWh@e44+sMH{2o~Y?!!)^wiIX6eVf#-1w!^dP*;Vi0##2oX*J2w+rp43!ew!FFY2CNo*ssgIwz6q(kc}G+1h)g zeP2 z+5VLs)}9`euwE7y_4*KGQiVz9$ouYcdwm3j@BCp-l4!cGoMje?A-%<7dHyp*7oRKq z7BQ8&>aCBgF$?#<&uTWcmNdANQJvyd=_CI5LxZZ{U6)=djGQwYBm5b9S@+q>90D7)Sa zZ9m2^Smsu_=S|(Ad)sJgFf&SlQx4Tw;ra0x_IOme|dGN$9s8r~))f6{` z1AAM+2%+j5d?aZG;UPdXx@Ze1_1mUj!%&x}B17}QuR4+RhY-eAO1sV0?7a+{&tP3q zc)-(~$1UEE1d<-Ud!HDTKSNrXM;jHw%d>v%&2`=mCEa+KTd+<|EDlb?TF*zS0N!p~ zb|yP!w%e9Ca`+IvFU`Fk8`6yiPF&^ILCT_Mh80FeutlcGPNT%zMXb9kiMDNBIFM*A zyyHyti>w#8Oflk*jQk=hjHHwlol8i|{FKf=SM;qL3KGwoBNEZQRFq?F!`pYe+VKe7OR^uwHr zNRq4U31y)V1mT|=B1EZp-!NH2(%dk9M?7JT_UM@5!mcsM<#RnD{cacWCoVGW`oRlz zCyn63)YK54=A=BWHdcq#-p$WaYE2p7PHa(;AGaiX&_f$Q&nlexT)-=7#z?yvU0&zz zJ=fmZ7Y0wqS^{{h$(?!Ylu7K439<~x)zIw9JprlFC~*wk-o)+1A+J)zh+(jDI* zjA$-etL@I6L5WsVuKtGYv37-$9K`qRVC5%AnBb>o;?E4j@Yykg@-EuydOuc>(5Tyi zhnv%?L&+k<){5VFVx{G~K)2iTGm3P2CHpQjkZ8HH4xny24ycJtOX+ydz5Myn9TAN?GsY>1 zYLde8dOeH#3eNBEX}}kK1$%4vI^Tv6+!_#TT?J{{W5ws>*p$MEJn#*p1gZx3yI{teeg)>OQNkKEO>jOctx{ZLpo=ZZ3q0W$W$M+ zmS>`giaP5SrCU|k*)_caAGpuM2G_4QqaR2eE8oOLWgCF_V6MdHu+s3 zX8}CP8aI!h&Lr}J+Zfub_d$B19-XZySZ;Oh%76MeovaLb z(iM}_&3}BM_-QO;j$wmOIf8Mx?pT{w>CQX-O4(%d_&bc*zS3+F_IFZIXbE?!=H6R4 z*gd7Fv+lH%$~bA**A01I3{c8Y(+)49B_V)}F}nq{+JU3@(41$-ht(RDmmjY(TR8iY zi7uj3z-RG+?Ztpk?cx&nxIhl?Yc{QIXagzN5e&b#u$h7<_S-Xvgs$90|T(7S5MW!Yo!O3~|=Hpy>N01@zI2 zDdSzC^R2s9wlY)iqI(~b=B-U5VxmuC4udiVqr~JVeq@yEUB9Int4jxdLPl`_ipnvP zd!HI02oW^$HHWmdBE*?6&px%cawEP(BLV1{#%YM^qU+($Mo3JcdZ6jcAT8sv4kREG z`g9gCDM6+#O$gWO^{zOX+cz5j{FNrLIn_FuygDC}=zGom^#iS=>~ql5W@uqZCfvVw zeE|ssNgikasydmOFcXB2jY_<}0UF7Pd~OgT6iQoH;FL}7TsyM* z?<996wr$z8+IA*%)xFCs^uX}Gbj})vcjKT8(ElJ|qQR3|f zK~BTG^;8AXC<`4l`UiPrDhN87Xe0W_EPGXv)|6ht0^ik*WFoPg=9jthlAkFuJA!(a z%Mz@%Hs?=Yv7LhZc9_y9(vEMVJ41)n<()l`_+zjpKjgXI+?)SY+O}vOMpjE>TrLv% z%6hgZ(npRtJDw&v)=|IAKcMw{Y;5(m-!Kbdk`k6e>E5?BGq3aMN7Q?gcTb4>nMOjk z(;fgX97f-)vv^yk+XTr7rHX^ui5-{PBO~lB>lv$`1-{0vQ}^B(GBBxhxXAHm&>@g_9%{+BkGq4@a>*O znVHZ;@4ro35>`A_-w2pHdBL0#P(l}aApk*t%n+{Qpf6(LM=AVT-RDI8?jpmWcMJ#9 z+r6a6^ky=Nqd{w&Cd(c+HNCUz{yw)b>rUKN(riY>0G#TvFp*w8i^Q48uLddcCY>-v&xz6mE#)YQC8-o$%C7$iGAF4w)1& z=$l+73fMTwhQHMBQ(NI;B;6t>;_xm0Y)5$W$+xtZ9mJ)rIDD|h;?(F8@WW&{i#=Rj zr!E^o1%7thl4+#X(fxGFQzs|z_n1ELVA*F$XMRtW)Yy;!=Sej6$jE-N{-G5TxH-PK z^iCPdDc0`-k7#V}4AwYci4)C7nYW2uV(XMUc96bETAW*6%C57`(rleaP!rh@a*LMQ z$MV-=pyp(JTNI?0c|gmN*zvGg&JI(Ww@VeqIDYCOQGsdX@}j#VW%y;S$%)tLB>XlzGPlX9P<~;Niiy_~ONbta3m2sVIlB+E^JP zij-p*KNuUci0kW5^)Ia}oKE6-!#*kUib%ll+k)s2W*<5D_O4b;vW7HPJ%s=C-tK)8 z!(t-C@fFW!*+$z5w0>^X=h+U?hYH|2vx*(h53$>^L7x}mwgR%Kg_o%2wh`G!G~1bVB1tkUExb9bMn4IRX zB%{0bX@Ari3D3VIC_B!wz5Nqzn>s75V7SkG>@~FPm(=jO(>i^aHqk}Si1p5~&uJ}e zY1b7IV3JvJcPpHhz{3{t*{rH-0DkHmrrkU$ww8;vG{$8$?t$BRVAYB%uTS?rqjb6x z9unRDdG71i`Timsuaw^SwqC-U0j)P27zo|&A^~>ahJ#+AB-z7DCE z(Cb2L;KrU7o$lsBleR|AiN zHZN#4gTC6*(TU5k50oEX=ju!L9$xP)Yx8zw%y)ksYr~}UDn4F*W>hfZ2m;MtcZbA) zu3;}ej6u5CZSHJLc{S#pSV_NYN|h1Fw^%XT+|2zHP~4k3;juT;9e<#30luF1msF$F zTCCFY9SO8N@7!DJz@Pos0r&Q_EljBL(sSH zUo-~u&hTA`nx(4^*KL$(-s|ySYZM<}-xrWLH0cu#20zr}OU?C@*X(07p0$Bs7+kbM zf?sh{R-amKdA@zSlQ1?X^GM!PF*(NlnDXl`tDqST znOFe(vWc%%x0!jeZVS#=nol{8N*LBU0yD-G2uE(Qkhe?H96X!(ey~J@ejx`J%1)t4 zK{zXn(2vmV%_TSTeq>t6UsR;y>R6@0)9i*a|R7j?$4BjN)qxrXN24p?_ATaH?^z z?MAhN>*T$PHJ9{am1bxkbbQcmj+{QtUe5JpRuAg!Uo_v_k*VKr^KB>f2fr+;gam3V zg*BK8_a7jNoPU}~6z)XD2Y`4Li0W( z5dKUzEG(}l;^fuPn2P@+n+`m$@rV1Nhf%s>){&WI9nS*H>sqPZQ+Q)k84o{}F|jW9 zw6fJJL804RPDtQ=xbegMWAS#oAdDX6qI60>Wj9FCOGAi+`}uUdYO8VB9RhdKQr3F5 z2efA58g;yXU4Jp5C->z2a1)RRXjzBn=2?4P>#hzrg=FT zv4B^L1e^QG$tTzuBTWYFW2EwV7vKn*m~RSGG)wFik)$;*71a?>6&(0|i4VY;HqR+$ z$83+*B(p|aT%5z@n(#h8c0Qx1%Pa0#SPqTSIB4DNEPtJALHiE7825r&>Y`80+XA6L zjB3zzf|>S?YjZc5yUAaJN+K^DHBYisa#&qb*W340{*fMLDLI6+#kfwxx^vX$wZ&1b zAZmtc@UV~X&3jI%Jg&^kDIGTj&;ujiWf&^HkRQH({9)qZJRU}1xTDP;x15=(S0RHS zc8kmBEc0lkyzXKT6lSDK!))}l;gaZsp@?Mrthm4_q)L-?&ms+;YXDl z2uM)yH?5p!A9`FrJSI5dk)LTDQ*GN~U*gPjHveJqJt8@NII?JpJ$I|Mm)Rn{9BpVP z?c)X`U!1`OlYXu^OR}&u(~$qPb*ysf%Ptd@%y4T45^`TXej0f_%gx-h0hdC3FC%Mw zAzBBLskQui`|3{N3F|MRah)MA1-IgP9HVR&hrdfz;M3hrvXQck?aT{1Zd!RV24P6} zg0IVAR82u?V#w6s{z_UVuF5n@_U$l5uCu3-E=_0x75A_;kCCYKKD``oD_4!9c|hbm zmh3KRI)T{$XyfV=lw4b8Sa1EIltT?rmD-!v_a-^;S!L0$t(=d$6!u1FQB%H8RX8s? zH_B{BJgC7jyW`RAomMDbNG~?|l>n zQ4~d_VG;IHjgE7RrXwX)LX!;n;55p*u0*(g?%d>V{W8yk zQY#~>))Rw*7i6`IifYgEc8jvh<}G`h2&S<-e{f(R(-_4m{BH85e3EP&wVrRqJzK%d zA+D90^1Do-3=I1=bKQ>T3_&1!e$`oGO|wJTr0H0C)>wvmY*QSg6<||M5F*&~b;zY+ zTt^Ymp6CJhl38t6bYt&`^7aWSzo*8Za!Uo~3#|)q^DTqhrv&~G4){aZF7bRi_}%vb zMSW1sjH3Slum2S|`uWa^7%pC#g(oK_>g%F2+4s+PjC1npSGOGq52!0+iGTVzTT%?T%Glf$xUh`x9^Tg*t9+y9?}s(E^A|+? z@$$Vb!UxDKqo)EO&}J2n#pE>S;D_uo0)AnXv4aN!Imr!32%jvY0593EdH!E3v>z9v zB}0op6}?pGNP7KX*|GfnFWWGP82@92P5#R6zR=E;ni+hx0V20M3F29;I{c09Uq20= z-x_RAStzcQ-+$oYTIk=`-eNPx=H+0BwZ1M(KgKpvh`Gz!I_y^x9Q9YP(&vfTP6(9T21w z?9T7xwwE70`j$1|D)fm+f7meuRB}0k*&j)8pQD%(xQk`^7jd#ZW6D z$qv!88E%zphs0fr62PHp$l5tlLlD+!B^|2aQOJXOYXm{Rg!WkB*q^GwY&Jvl%e>Gnd*Iq*BlHQir=o^H@qR|dvx zJiAwr?u*uTWu0g4&hfsk6fB_MQINSg8=@(PY_bu&>XZS-qZk|6SID!t3WFfuHv1HIfPohhF4Y zl7xEUB$}lwk~ePoJQWElyNS9+%;wAzLigvV_Ph0GE;iSGE9vFd*reW;e7@V63Ouuo zt6V#a6{7o+i5T~|UfUgOxf^yjIiMtQh>6_VS>^kEKF$;5<|XK|9f>)4EA(L0N%!&< zP2XnMRw_rWq91k6`&21a5_!dr0HNCKl7n*5F{%U~-Fgx#(mQ|RP9)srgkuB%aLT`U zjS!mHSf^?6DNd^vl>L{$f)_3Eh$z6**J;=Oy9~q;Z)FZy8X@*!jKgElV;eD^RsX;t#lN)+l%kF+v6%Vp~nsflMvN`8BX$_EQ3h{ zqLm-l@y0A1_GQVt|7?p zo4D25yfms-T0Mh}9MVYSiydawR!Ee75e)W$KON&Gu(uK*jHk0<6p}Z$XyjPGjFru? ze?c`tfhq)!y>BZe4qk2EIeG0!K5?+RDj?tv_7*+s>8?Q?1`Ezl`D z7Mus-_8Gn|qDD)Bz0!J8|ZcD593zBcA2Gy1{3-WAKNbDJ{^ zL2hqmDLG5Us4P|LTAj>6>qEpG2!x`oYly!1ZW zsr9adb8Er(;@9=J&mT66#@f9VTjS%dS&_r`drx7+ZgNq981$Jed?-`Rgl|$XppNN+jtEb0o0XULE|CPs0li_e zXo$V$$4b4trXREgSr&SJDwdJw@5{*cr_h6|d; z8K~P{LH$`WkE+36JQFc>*575E4p$(JZxlL#is=l<-8AY0XP()0muQZaUoT`)Wjtsa zXcnQ&y?-|c|qWcee+R#54XkK+rad_sgP+NE6q6y#O*)z^vtXgI3HM(kUN9+P{ z1a)rk_s6MChyGM>ozOBD&YL}KZ5n?8+W;Y4>(3~+umR5ka3?AtyqPA$1F|H{yipt~ zZbs3QZn^TqOaUJsmMZAdIv>d=hbvwApLsxpLz)Z6(2hCU0$4wia~$O&cG@Ph;rxUf zEhihIia_b}^DYK|28tP*n=Xc)J&fN+Z#);+fXZMsbuc zUU#$L_M*Oy^k{WS$4}62bK4s~dq?GN6GYtZc(boI+B0^xOj-#xO>KgF_4iaC3IwmT zOMq)~=Iz%vFX(Hlnwwc9SiiAAA4$q689$TD9Iu5#+`Rl|1l^2_^nxXC*JsN$PYTHl zx!6vHLS}3TlyAjMhxSLS40LLb2h1h?Z@X!wrOaXV4yD6hGX9xm2j{n*4wca(59y&& zx;n`2Y@X!fgq$;tM{Q1S3!>!@18clV?u0i`$W~L;TSgt?0zu%}v7B7q(tejJlF%8k zOrFR0OMGn{8pHWPKe(&Zu%!TaKprd#gfn2lH_;MUxO6nH1v}}gGfE1$lY<+8em>^s z29C#=wSa$v<|NC!xCAAZ2ec2CzMniR{qeof@HWY`RY&ta$!5Tlu^!fnwJyXO^iRrR zxBX8{GcB$FTNEF4oByBl{;C)%!x*CnsoYLs1boKXnte{%k%T3O{LqumGF}Or*FGrudx=W``JECc{EX2 zuPPih4{0Z$uw))@gz|d5o`p37{J9@;%vE=*pb$y)7w-YC7(g6rD)vI^4Vy2?=mKNA z_N$t&E|KxAx)=V&cEluF<5AVH5$Njl&dVtDgTHuX4rRp8$Ef>P%c@N$B;)$p4?<9~ z33voOMjlDOUv(qLZnNnv43ZyZs;tE-@mD=VeJ;_wGO-H$s6goNSnq3;N%6I@07{+9QVzh4MK{L1_l2^! zCq;EU!HQWv5o2G?cBD$3c5NfXmsYg}Xlu%FiHW$TR8tY9a3c+qn9}C3$D%!t^-V6L zaB!FF+(9$J71ISp!O;qB13h~PpY>YSs(&dobLJ1BwW=>y)i#~0PmA# z_&7w`)6&m3TuPR`w%_pTXid{8vX*XOul@wFw;t|aqNo@O z1-JdhlL`y?SQ;K;npJIkW+@DWs4ZI-b&R-hOXnlLR*h7AYOi^F6l#=%Ut?vw?qGnB zW}4>mZdxYicFVPWnQ+Cv?EfL$RT!dL`~AFUYviTkV(*Xs_e^a)lgS2D3US>1raDD| z+n^e#eYaji1mYqjw5;H4R9${BVeFflwKrY^WRy#M^KIezo$DOFx?=M1XX*>j=E2RG zX8C+ww+g@BuRgbly!p!1gM?JT=B`fWIy(@nmp+mvz`wJ|($_1R2{iih&hg`DThLvK zxRe*5zz}P3pKZQmxupy8vJAUF(>UxudL);pq3BNl46waDU5=nM8yzD_6s*vjOb_}* zg1HbI1>Nk6fD+YrIzh`cbWVQH%Nt;TGixp@Z)}rn5^RgiX!3@=<`gwT+?|uJiDTpM z6XeQsi~JhKmG_z?%-$fjG-gt>{cS1Ip9Fd_bJm~y1gwbv#Y;Otur^Djaf)rRAt!KY zu2fz&7yMTkW^HDB7Smsbme5Fjr*fw)F(mQ0gOC0hE350!?4Xli(uZ9JoDX`2%?gE~ ztOw{TOo+eD7POU*Adu8x4NkZyX!e#8p86w?EW?$5x)WQ!a|f zQL4bXa$I-tc8(a>zpwLDrtPQ7{sj#X%?s_>IzW*7g#8(S_x z0CHm39PsF@EwD(Qw@X7f1G%~IvTm09H)Ezh9|sOl{+#5UG`qz+qfGIdW%D~fyLqH% zGDMK#3)a}QrmM7uL6C2`G3BU<^>nEBX2Alrh24j|$vvRJF>*4+g|?{S9L2I71Zip@ zoOd0`^=r=Z;={*GV$txa5x?w!QX+OTr28SxQ;O*?9$6e=mY-7*|H`;>5eitx=Ogr; zUZh#zSz?6tm;K|5@(<>5uYjyYwo{^TjOS4%Km<-b|O2q4%IcI;8VR4u9*~Ly=`kX4%$%i4Y|o z9pSaE8C1Uy?6AA7?mc#2oV6LZd@|lcxz%fz*uNd`EY|~+wjeLng>MG^! z;<9L`ZVd-@2UpWha=B|ov7_nkV0^!1y0Xf|-B$FN?nDer42=vj>Sr@Mcl8C~4DnAX z7{1${>ru6FcQtGX(+)WtV(5FF6QbBcdylXYtu!Rw`Hi+QipZQb({8)E*u9!WOVPE# z;Un#dTI=_UdALKV)~5iZ*(Lkv_OY$ZTJUnHDo z71sh4H)|ZU`{!jkoz-ch zyk|boAJ|C&BJ*ckE)@cCs*D!TX5q7W6<;tE zNs-FUF;hwrK>DTexPAyx<)h_u-%fPCFRpc>);sHL!&Nl4aOvlu!M`~uYDIQ%IS-mm zJ6gI!7A`PwmL#hn#M0F=>Zt1fr&WYS(l|Dfga}Jd{)lI1Z2PS9w7^rxx$iEUx>MH^ zSD3_8$8VyS?#`Q0iwHoLvB1Ju$w9v#L(}qF7Bc-Vcz+`RT#-%RJI;473XBxR85YUa z3C;ASy?4rE`gb^R{`FB&2kQRs&+q(~SJ*mQY%b-$YKfwUp5r!~c~l>dS(1%id)err z*WgXFKA9nEHK620m{ke9=#6Gg5UYs7;eN>r^8A-oDZMxGR7txj*p&Pm`Ul{gQKcC| zFG9_)G4ONuaPU?S!$qD%*t^}Fvb8PyEv$x92apQNFJ;E#cJNvd$Gd~p7PcZq{f9Q_ zX3M>T3}lMVII@Ga|Kbr1088ooELBIlCYXdpq^(g0`}n%zI-0b}aG!c;G;g2nR-dGq zKFuWxxJ3VRqLhzv;z3z?FJ+>NMh)gmMH9?0cEYbPGV1Q+U%aC_vEHSn%H{-Dd%Ys? z&ZBEV5o!OfB$6eArakIfYGou06Pzv8wn;LM|X zXHRKA?jbS5~bq;Y33A8aBTKbyY`*FEXa0v@_FiagQMuOwZ?dRmI_DM%e{uxrY5JYF< z*c0vlntQUazi?#js}9@=PQNmWOC}=+mwF$!nLr=;ZP5^Td>1y#PSrfeg(idq?O(ib z01DTI{w@+lBiChf({7jWawSZa_`d*^&Ewp(Z4(E}#`*3Ge-c50F5-G;3bvj&N<@ds z?Sd~=Xp5M@=Rekgw%bmFA6l!?UPJjK#y-;|5zjn%m=^BGh2jn)`}|{Jihqt22*v)^ z_6~O@5udat1fkR?j#AuXg7mX=|Kd?2>RP;roTKTGfAM^_x9C&nkxRyV#*rAi7TgJ1 z<)==s0;?@f2kUDf?S8MZHY)(MFK)+H{(dZ@IY@;k9ueIinw8|5$Uw(H2cq;FJEXIUs7mRe(nMdVGSv) zJUl4kn0)1K^w0>Henp*{UusUm_|cGUT7EGfcytX{D(@?+piw7XJg*U#^)CPQL5NGi<&1iM zDyAa}SLK3^TS2y6)9g}7kHC}NHf3J2d+2r<9ZL?1&LZ}IV}YRhbN!gsC~5LACu|j80d1w zDo>ejT{`Od465pF4ja5za5iQDnSJ2rtr#45->3ZPyKj`Sh@}LzUBa3=$D6k*`-As2 zt|E>mzYcR|%*a&Z?fl$4@NzXY{mw)tr&Y99%NAF|{4K4OImpVpzMm((%z53*dWOD0 z@I{Gmzd(ugiJXqh=h{#GeiqSwwFL5ahdLWWe)M)c)th;e$;>IfqQ`c0$-@JkO+Ux;E@r&&V@NS*c*z(S3*KG!$xr-f)gg!O=CNbejv19tZu< zIN!+E`A#4x=@=Um3^{5r%j>iAWC=QB1Qfzs{iSndm^z3=v{GnO zHBne@r`nvpKt~oiNiHm6=~!5{CyUf zLrB)9Dg6AJ#iX($CaDc=Z}yeSCD|gN=)q9=Rl?0i%asG0KcjqQtCk}HxmOa~a!`}jeLV^Pdr4tYlNH5X>WE+F(> zMT$TCxx>`INutE6XRLS=Q_X(I>eD8QBJ-YM__5YBn1^6B-Hq$IrE54t??CfD7S4$| zDVjjn0EhU`{J}$i@g!n@;&_^Kxb);m{~a^!%c+OuFXJ12x_x}u^8NZO?^onukK*v9 zn^ncmpFh)9IJcGTpna5iJLmDQq~jbA@w|c*$n7%>hSdVM_s4Y^s;9ifxsWd~hCt(= z+{{ETu03PqCRuc-acmds4HGN{17`zVbQ>~@-)WBt&Zb|KQKbWjq zb!}%P&t{pr-C+!N0o!E2+SK<`6Z;MGH+4HUC&h!5iGUg|W#=sfA?TRDc)uAv|Khnk zf}o{X`~tPHP4E@m(U{B|pqn{%^rwFCo3F=Kj^OQ24)-JLy2jZ1jHACHZ}Y02RlO~n z<>~i(CSX8;Yhhsa!$C7~6}f;$x>CWcFeM!nn-X@J&lI{`P6ru*3!e;@yy;!a?0(XE~^3BB11g{EE ziu2L367b$njEfv{4?HCHowic~WWB3n=+u^UVy>RAUf0NZiP{_(jyWl@>m4fNZ_$dDRtdFl~A_!(dE7C6naD zQtClycg7OrRx=)R(i9{h9LW&ZzlEiR^|DIP%ko*>DGpUYcO$ozggWFu{QfNp=|pte zcbl~67$RUy@In=DTK?$buWYTHFk697GIfw%DAl{|KAAyLVmJl5T9z=`=}CcmC(NNz zK0w79rU%oWc{6Iv3f$(5+gm$J6YxEnaDL2EFkrEQz|~?&zLeo4F1>9K##QyGN-U{# z%J*gA)--J%kwGVm9-UI($m_bkk={sYT0qb-g*ENEvmmxXx*W%#{U>ne^C3meq1#ZE z-u(~e#$s12;V5H3h8z~;KmpMrm^#m3)Cz1(1af^r=B0U79VRmqGr6m64u;Rb<8~mDEK>dZFm#^dV!|AUAm)Iucbz16I59Lg&K#fE>>)OeZWw;Ksw?0cC-E z7w`-h*#hou#=C2WzMa{cX&$+9UrN8u0(mg`7LJw>U5nY%@&XG%Ej3mn<{EPDVTdwQz z%-;gSp#%fUvREVwko4>ZXoZ5T4;4cDGcb$bd+Ylhx{VqZ<{|}-d1mQ@*YlQ)a2URf z%AZpl#Ltjz2;Yy`ZZpeWXyo6_`>_qn!P-yP*06kS$aP3;Pd<apvyp*OIGT(f&&mh}ck;+zJpA~@tP?;C zYfg7YMgYmEw&SX$$ZB-QG|%&&GsiY~?W#zlXDWC@&qLBYnyUA20y>U=!>QZ+uh_OD zagPJUN@3vMkXM0rvll$+O%_atyzr1R%37@tW`&k)PUc+n<+k`|5%^-Dp z>DMZfliOYFCuQx410U~Oe7vVcf`?n49ds$UFx*;nq;hPry#c{5aj$52)e?EUmU<#& z!ajuf zG3@Qmi~appis4RPe)%n6XSDYXki{v)^J(lZj*X2-&u}RlI_S0XdoEB>UebQSEOe>o zx^|;kwN-v`SJGl`6Bp>-?QX`)ccmzzjLvtA%-H_pC8h_zdX>T zi?@xBBF+uE7%7Qi@>+*;{tjc0_@g^DvO*mUI{hT(s?ob&M?R|ZMqqK#W-Q~*rn+Q% zt!4mE&HGV2T9>&+ez9R_<6ZVl9+Zib}LKHwo9Fbr7*0_!(kN+}m z8C={apE#Gx!C2Xf=F0F?eHI6wjT^v`&KIvgK9&XaibSC;Mkn`cUYu&KmX}LW>MMV_ ze#GJM@&=0J8Y4=-)+hqyDvY_#U9 zw^=q0%>KH+Jfpeeb7gW14ilwQbBH*zqa_7EO)=oRi3lKz|RuaCehEN0c=JJ4jwFH(W@G48O;e#H_As6V*t}Ws{Wg z3lV&dR4R^2{VoX=$r8$yl;^5rc4TN_B;r;uDSf+kYX$-(7^&mWt$WXG!z&f zo64i!3^K=)r#;O8CY4~siAEYXqubP5N^$y&?c%r*>Kq-KZ)|%)qGdAVLg=C$lShxa z*NnT8bPmQR*Rxb(hWkH$CW-#HlS^vPK0;VL65Iy1*BPQAMhVYPKjhE+z(JI5weCJO z_NoAl%ipV%6S0c5Z$s|tjd6!49QY?Ki4vb_1xDsc!i3{@LTG`DA@W)`w+6vWm+n?6 zMh~(1w*o13M_qzvif=3+x`V+{vnUbhgvGfH?!MD}9ex<^&0_)ZJM*NSi-^r(7n)h1 zZdVM*2_ENFp@^a37qHpt*L+bj<8K^`3LvO+^0h0UC_Lb{fz^jT;=Kyc_1}?OP!=7A zPVWo7?NHL(*v2B;>~6vEilZNOdI99NxZI;xRfeD& zYn`NZk(+zu{2b1@@(k<6&uLB4?aSWGjz!wb?AMP7UgmV?!%+-4e$Ld6ve5>~tJ!wP zJe^4Ol#LmlwL?Gc{HB;;a<&Ek&$NqRyAq#q`v6I`2s7HOg6vRZUTX3}iD)j^0gL4D zPr&Kuzg#k7O5fTUYrO&<<$_}}#lBs390CwRP63j`x66l(CpQjaUzju$1lEQ()$=Mf z9l=|6z2U3D;CaYRiDZlulOalc1j{$_7f&nM!RXj=35e^C2D4ItX2YDh3CiASqVngn zq$ImI65Z=;-b=~Q93kN3>c2P_T5RVG$`7ceb2S`#7-sASl|+g|EzssP?Nf-IPd#OJ zzv18Qh06pZOC<&yCijDNVa&a#uyK^rwR3=|#w_8-X18qd z@1r$u*iE*;3-a3o-s!=*cIBj%QA%$^jenVFkBzcu6kkWrpNx&unX?h*%s2{cOU5{- z3n!6(O-8PoOhsr`6;C$h=zTEx@Tvl~v<1z)NQ4%cu~ao6H)-XmbsB$S>zNdbHd&e_ z9@=Z?imx)c{0{CQQ++a10=oO)=InX%76UtPn+>gH8XeO0q>|cEIVI*#e~w*4wXi#V zfgzcyD@3m2{1p+;bee`RwR?QsywF<^iG0@UsYu#)wa$J#lC!1Hm9at#cH`5U)DJ}6 z7DS}CS_sgZMNHE#azz9^7AZ4~vaRa^zxPlS`SnLgJE^rCGOU%aJxZgRy8HVHVH#VI z_4Zb7!Q<`d(`~n*(~s}k{K!t?>+l|Qyj0%wV|}Ek=UVFj;N^y6ybABMke?C7*2}P& zb%r8t0?%SJ(!_{j%8N}&z+yHNEx2jARKGJ6wGe2YR0&6zQ7-rMUTis6Gk@rJ4D`ns zRg6G>RZML;W`|AfJ_RB6L?D8RGZ5|QtW`}+_ z?@~Mu2<)r`XVgsyHQ$UJoQOhpt~^|D8y{<2S~>q;TDeepHNLx(^3jG_o|G(!=IhIy z^d9K!M*IBMhvfr6j6VZTKD-34)MZOixH}6j8`Z(*se~qoZHJm*yrFLU2O$q!OCL21qu!>p zdK&57ZV7n5$I^C8(Ax3rz5`*|KYUkW%s?mn8T&TU>x)v*q{sDCG|k zu!e~PksHarnM>T5N(ik#6AuE1lkf7NO1_VamM>a{TF+?|RgVQ`dwV%cc$m(84|IZR za$bxv88^j@7&)|dw3?G=B|rSeWB#O>zS#GwZPp*#%i5p7nbOP6_TuHUZ@#5Jc0&Zi zik!)_!tY`5)JZW?vbODfx|mAxzj*PDV8~MR>FEyrOI!;it;NxoA1q;|bkEVj8|c2v zF=uzqrp$*=r;A$(u5{`Jr|_|rJHQctrcOQ?z`@8ZrVTjVPcT?W< zl<)P#{j1^ViW(b9b?26uEAvRUR&s?G&sK9oQ&}NpY$V#4@-1v&x9ho7Yx%UBz1-Qw zfO$mwMjTW+0|6N85`E_OA{FyqCC`LOOCn}C{!gvL&he3$UmhD3SR%sWOpSn4jOkWVmVuM`GlH{mHQ87k)ulr0lqZ5< z=M`-Bm~==mgk0e9Cwd(T>LG!19wxlk;0?n|0UClloeZ+}X1h^54>c}ALiHSv77x#! z&*G*H4TBeE0-7jE&v6tMGPkJ^@4lzz{W|9LD8U6Cx&Bofh8D2C5h-f-gIm&WblQbc zi8%4vJr`Y8EUGTKY~I(zsA<0N<+AwXId0I9y?j?;PEl_bJ}ZVFc*Y-_#q`8-%C1}; z4Xx=(U$vQMm=gRp<>KNOpHruv{3|UPwlkLL&>Xc)OaM55N8bJ_69q%RLsgleP5H){ zZ=jBOFpo3&sS^j8a}`){weed4sl;jY{GVhmkI0R`c!qpuhu#CspoCzHDN7+yh=I|z z6?cA_)3tnq5@(B|xz3xn1FO{&Ed6OD$GDC%O{Kf`wn{U5Hy)C9ba@v$WB3{&ubOE} zSO{pYcLxg0gw?URfD$v__asX&%%S9p39-@9-`{Dp<#OYT1d02rl>)c>DpMv z67U*7-i<$V5pEfw+dj7?6;rv$v% z(0TG~$PF-zZ)chLVLz_A0z32GN(GLt>-Nqpx#6nckL1JTr_0h^ly?Glv$V*X8npNx z3d<^3M5ci2(j4VW1ej(g-y_~;euzdr?*3A>_jTFnI&s>=jrDp|K!mqCL|B7!FhEgS z9I5YdA>fj%+s~Jdr<}l3b?pwTZ+`cAz%-Vu)nc6HQT{I)Gc`ce@bof&iaEBU=VH0{ zb-w%A6WX>7APTto3P&WW4=g|Rj!UAhEkch}8B3*?fSrooCcc-QkM{E#jcrJr84jGhO>v^GsPf-b)p-! zu_4&t4OLigieOvuhV#W_oTC)M{4fRIQn^;2PR%(2rOEL0^tw7i_Z2kY&9K=^cK;zi zz+*|5HKuaLASQJtBG0Ge?#JBRG4-u{1zHzhaOa2=oE>KEsVP-;j71oUY-~Kp22UD@ zOU=T$Rlifn&NVScG%dB8w(aoJ#+g6iB+a-1z)yJ}+l;zx?ey1LWurI=*cJ{^#Laeq!gXZ&c51Zm&RXyiro ztY^ZcI?hstM|QG$YITK?_lfAwU>xw65+mPW^4tNRL&7uVQuzn3vNN3fxvL?H z1i1`C(H$OSnGH_+77|wWJ-@g8kUa&`SBGo&ENn$9FIH}jm1U4UnQ&X|sv_!p<0?HZ zhuQwQqO&C7vS9cQ5u}rLdVAA@8;{tY#^czje7f^t=++U}dOXa1^hWYWamZXddeQe@ z`X7opV`j34M)n_72$~sc#`-?xH(!E>Mm=`kD&2Hy6XKNCD;2oF&+MB*-}Gr&PQ+eH z_CiYM*5AxjtJ*5S>!laxIEbWW?UYL1%Wf}Hd;SD zfn#GPFXYZA3SG@DZSEROmw-ZPZAgC!XtOVTC-k75I}~bfkg-WzdV0Er&G@|UdEiO+ zBak54_hQA~WV?KO=R>KTBSY^)f9%pwKWlpc_1v)b1yEQ&%54&-Qhl!hkLYAAbpTC+bll&&IGeP#$>#Bk>}lIYg!y3F<)P3EoM2d7Ht`hO7@ z8@%1O9UhR)`DgeNWcgLeGGA}{m@JCvUdpB!B!Cj5wisVJO*Oo8;A>X2WKJ8x>T`l3 zA2CCfr8eF2fMyszA%;&)n_8!oW53IB>JbQL&NW=wk9s_uduTq1o(O3@7pR2mZdc*lONH$d| zj5ApF_CJ!5NI@I}*QRbeW)c1Ka$tV0amwiQ%^;ZRA|~#Qoi=s!?eQZM*XhJJk&{AEC zx68ud+l&YO!A5LHva>hslcytDK|5~R87f`VOu1aU-yCB=>~=CX&{x08ZEgS~3AAu> z#~qp+hiDdIcK(*u47nMA-nW_RlSjRrc9zM8fy1A{?rd-{Vx;-Dh)cU2zuz%}k6w-Z zK=xH%0?;XX)N&{p4bygD_! zt2|pUSKAEYD0-TbEXO>?3V*JMM?y-nd^WlQcA7BIq!jL<>@;sVg+5SD-Q`6vNve9$Pp%)}?M5vnkhkiPjrz@44I=5bP<(8(D_m-*OOF*dz zCM!N{_<+a99O>Ghrw1SP9nyP+u1 zL3*!3JN|Se(E1FzDj^hdI3BlV`^>}#;xiv#A8V+Zb!C|h8<0Yo{345F*IpI7kCT3|zoH%pKQ+zsd`B~t$Ha}BQbR-}KdBY*v$)`l znWTw5`PJu2Qzge3+s9|~mI@EP6TOl3KauQXxKdf;d?GJQ#I+I&jpxv$<+hhBxF=8U ztd%Ho+FxrVqPX;f*=YzjLI+=d`(fJ3Fg`5esxkcGLowOpsUpmU-HPK)LfecTNVTz*V+u^~*!VoJ{Pl{OLmk?r_#8Mt zB~A8BHaja5QqT@BvSu{L#)|OE@2D%as?{;yi})?Z!qPh%TvyxOlCPhYJhcDyKhVnnU9no4|HWlnAo(i>tx#zzkTzD zZtuR+Y0LV$IQrRF2m1aG65|xOaTnLzQ$TK~=R=-!`)TRn@?lT zDfd$w&!uJr1;-QPMOG7v3Z_869z@O;iu={sEnEVF&qG+0;@cBe67Fu=lV~ILJe@Px zX~e5uCs(T9!P7%@7;-;YPFh@0G|ge|0-U?&U-KMX&}X2Kw1FYGQ6_cE*l%MZvD^}Y zI8^D>KM*W&1+K&9pJ6=y{`|jmw%9Voe39**N`8OH(JlB!nU;R%}|v z(-S{Txx^aUEf)I-@V{&RkwIYOmu3>Q2Lww(7?zDr!Sz>m%5@c?iGo%ynXnTi|NmMY zTFVcHT%^E|OF!}Wx5l$47yD?Ea)wHafwIL@e=!&ocwW^fF&nvE+IF9yya`wG%)Fw4 z&Fo^+B;~r)|Kc%Th>3*AQr>hwi~Mgzv~pc)p>NE?w1fWLlpKuE+-{}+10D|VstN6Q z0iN&MoWKlW(&2$k;H2wL>*$Kt5GP)Ls(=4eu}OCf+fHxVjIXEwoTUKpMXqt_&Q#sg z6D?q3>!`Db4eQF;sW+G(yszE&PZDW_L4WbMlE6Q#{&&?d%CAmyFhusT4pvB-;s3sB z01spbziLiu-B-ZB4bJS%_)i{vNvoBxWWVA$GX)w1Iwe5>@B?_>;FRN0DGV5D2)jMP zy%2jJZ)Na5*$?%n=j4^Qf!S9A*W@LoIa|al{^H?QVLQq7jJ>OFr@7%J37AglBXF7< zvk2_P-RPaeB9zC@8|~}Zmp`Rk^pzM~s?8pT!6i*9%y79JFW^xUIV^pN?cF?eoQFnV zJ(lXJ43_BMls4ilI@v?)ke~+>+Vjh~!ntbKME@;+D9<@7HeG`UsZsbFH%RdHezyv8 zHuYe?TtUX=#$x)xs1n=6EoV|nJ!%5_7ti*b?z!ntu9sO;LEGewY~~z;o@K`*;a3P2 zclM|9cAnU{oLhhc4htX(5x}O%Venfk%88U~cg*uv6y+F37|!!kv(HyDXys}6F<_&3 zmryMv*YUCnL3L8!K-2Ax-@maH;kE>)`PW7Q6NN+Urgp6tsl~|rWVagP_upbb64ag5 zfZl@2IGY4T11oWCbxMY2I`78E3(!HbJ}~{fMN^%}>d{sg*ud3uXJZG)k}F9m8CpOi z{D4P^6FYQbl|W_rJBOFBQe$6R90B*=D+muF!LfRa(|fnwUN~Fms9vtXO0BmOGfp*c znRCkDhZaggZeGzqM)G;oIu4vhezl$t#=~$HX1m~Hoc9;+QY~dzS_i3^#9HSULKgSo zG>%}ULvNZE%BoNKPjayhEOz~gXJDo1+|Vp!@Yk0VNha!)uOB@5UiWd~1Z!YJLIx=H z0?ejl1&L}fSrNg{u(^*2Dt5v?06#%eJk`R&= z1d9aNYekrB+iC^K$Ymw6H9H44(pqKiP=QNQ>P26@-rT{g@|;JTH`b!xqcnuyt;jvK z6g%7PlD6UJBN{M}-@&@(hSoLirU35AM50H9xc~}J`kNo@t%T0?{vO?`%s@HdG$a3( z#15mvr^$)67=Ph@!OSL$XbSDBP#86BM}n?Mu8kz-t;D&Evp-^-MSQsb9gNepPFlo$Wp%YxT0l4!5TB{$88iRPz_MClT2^pL;{g@|-pCzFW=j158hUE=WpK%_p?7flDRs$<=37` z!uw%j%mTd+CO^@6?F`QkZ({(p1pM&PTuO@qz6YLOyzE8bXP32 zkQ$ASj2+#|zeTDyOn)ng6s)#?Vn}9n9EBVVt$;wAN?;AmU0x}ZL36b>ou4jjCSMt4 zTQN_}Xb%4~`N)(;)SdmblJ~$29801Nv6QOABs|Ec~!hQk4g#ih#L&*1Kd zpJ%q--jwyL-Y)tGWFr6jymx3JpcH31DIpS?$j?=sQ_fFS55g6m6LJh5>zUyuU2! z65-4?&2)&pyg+(X>2%Z;D*B%-?ru(PL-bm9k)g*!rKQzUzYv@s_y3at^Z}>>REmku z{foDC%^!p@Qj5??%)d6+gO3rhZgVZ}{|hJ96ZAI!bV2pkgOj&F29HS40(=Nb|6kCh#kd-)^h+#G+EXf3NU;uFY!CtLW&cF}LZ`gg1 z4BZC>*s+lxspzmt4cJjLAR6c}t2H|S-WMNUO+}a48xy=ddhAGaHfB(DKevl}xzYER zgtBLL?5nORK`H&{BqcH6h`yb(p=}8b@0Sb~5$_C8m{@lM_WyPF<^NE3;orJTq#_cs zP0GHe?8c0xkZmm42MLvZ%NiyTl6~J*mI*N>dokIUv5&Z|!&t&3%n-(yo{#SOKF{}G zcz*qy*E#1p*Y-Z2>s;qtX@LvSbp&WJ{2Q4XH|0qDV)pi3AljcNaW>cOa^M#!sduA! zH>II%q=Dew`w#Fi@xd79cE+nIlP+q-z&Ut;3emtoPv+vZuGG8t45BbZ$O{?#Wn%}S z^l$Zb@{Dwh-^4Df$rSfhCaecMV?E)&kx_5o-C?YznBNmtpa7p^WUjs{Jaql7tL=Vm z&t4Hk=GC=nwgi`v$rq^$mrj;_=@?83PRN(h(PChHW$)3M#*#|UHCFca=a&_rAkW&* zg;_2xWH%9NT-_m}nQ2#xWg>mO8|V(M=i zWdyrLp4>$g=W!$yeUq?XcIMS+>5Fi(ou$+3kIJD@`kvGOQBLQdi2=^Y)a{H1DAGi* z`6~<~$An-}3Vg$uWO%(t!0Z*YCXC|1#@?jwSEehz5>@_WKXCbtOabf7*%*zBW1AXL zDc78hnt~j~tRfZ{QhXGIMPO1z)#sbIEj7XLui{lK55#cO|J+cG?4vglH0+*N=4Mos zgR<-6>FrpuNzy zH6|-&D}?x%IgiObbEETG4CbIEilwMuQ0nagtyyUoftpf6ZA_IMo(Mns3ELswJH@10 zEbDnC74~)(F?tt0Ax1TsKvV$60TUdg51_@BfFppHrsVB*(xrCWDJ4K$%&eDMpciOA z!>NQy(xL?Z*X_iH1cF=#45%Hc{4CcMq6XSt^aG5~7|1=2{A6wm#rz&pgIoC-4jZNh zykN_PBI{(5m!Rpjxb;aWwim*x9D&w9prcxNpw~q02#LhHPe;~5P3Z+!lmBxP)!^_ zO9Nwt_3ySEXu9;?snGi6Z>gmQ8u~2+bx5rgJhFCbgnB%zTz3thWVp;nN(s^J11Z%2 zZK%&0>R~ga_a+os30ej+1Cgn@(c=8#F;xweB4TilG0zRE`ssO_KGvDK}Atelcpm2L#s}y%* zKh(o2E^ERyD6kQM?JXv}Ham48aS0)WvXP_&0(*DeRL%iUa+Tc<(Up3)dxi~_8j@iB z0*eAv9}dl#K$I^Zr`IAx9ezB!D#dpoYG$f0N6D07ZOSa`$$wCTNC(!Ww>V`e`1H&K zr5q}Fo2d*^7$Ub3An1S)b-nXC6JVV3Nd-;$D=f;J{0EHx`W%5m%)1FbD|&vxi@*7* zwDvQDZbXm@)m}`V^L&ykqD-8Le=h=ySX*wnIM67^{=&w7&MoJE1~`^KXh@mihPcV#oiWOmdoE49Z8VJP6v8p{KQaxSr7U1Ktyb zf@|#^FRL@t+2M4#i1J#2x@{eME&?;w2<`tvV5)RwS1@h7{gN#39IpxWeo5;={(oX~ zl+8MP#^yvp$0hG_4FN!N)z50-x7N#RftgezQ%F5$>&H9@z`fdIgnCEtYo{C=qtDfQ z!L+BxLY_ev|3D>R<6c0(B=rcK9nLskJk|YwF;6tp#Wnii7*hHjqP;B1u03|d_P?Gq znplVa4PQcS(Ozx_6A8#bP`PW4;V(f050};z=#B%)_^tGmAwyt z&4zF$%1zl?T7uZN2gSiA} zGvc=zJ1cr8gd-@c2x2=BiTI7mh~on~Q^1XAZ-3aMT`f@e$Y2ME&nolLF#Xe_XAt7> z3Vx3WWE3QxJ?0|Qir;_Ambl`*M~iV^(!4}|{tdu@Xp+)@`WaE)J#)#dy$4B6-z(fn zmxTV0rqNj@Hi&kX1hK)$=5rH(u-Xse{}YzIM40rjWUdww>}of%hX#5v{grUawJDB7 zRpdkV3^zXx&l(I@%;r7*4&oq@#!`nTcQV1u;cf2~A06Nlcf$mv`t&J=*@6RKBWIdj zeIBwoPHy;g0hc**r+uDtF_MLTrG~Ep=a8$(wl4n6nFxU*3VU_3lBQm&hxf!_QyjC!#l@aD9$V-9!(LUBvRR2 zTK{~UF|*6WE&SKh`Rmd(Lq={Bm|%B|7qiwx=wV!u_!n=7iz04)e)O~7Z&!GOu~{mu zRJ%{ouLA0Yu7JT(;w0XbZ73|d>S4z;4@5^hWhCyYlu3%upnhtuu57%Ta?fqLIy%N6 z2_D95-|IX36t^%IFP4ce3E8?4$NIYcq-Rf(aaSI2F5Q{cA?P(`$ZNvl0^0c51Yd$0 zfg2>Mao?SdZ}=~3DLIv_akEs(m;QS$$H%EUONQVMqTk!LPp)uTsqhrd%4!<^`9+;2 z{?@e4Oy=9eTl-7xZsHPHA#2y?{xYgAVHQ2sA}@nWvny6Pchj!he2CgMy%rTZ`RJ2T zwCCorG(X0^SOe!h$!jIEkr@m0TN>}sW<GiTiGy7}_AwE}E6Y%A{gloXBPZbAvZS zcz4d1kl0T&opbN$ed#!g*Dj8&eRZ|yY&4CU#-x0a!d$GrfkdNiy2}IX>m@xQmftq(D_d& zEVQVh*14}n24yu-0_{6gM649GcHpU6LN6D_H-C-(-iC)bj^|f<+=m(V`AE!k<_b>4Nl)Zj#1 z`i+jOmH2aWlj*T+BZ|gB$hN$+aG-2tjNieMrDownf)eV4-e8;tav(F(T47jb^}b`d z+gO=OwI<)Ni|@s+>p8qHkV6dOk9aj-8NnEyJUH!aytdf=eq|6(98Y$>uRl-IY%!oJ zQmeYTkn=IE&o&d8kixM|-6By1ev-{%Wv2aa&sx0m6+W~%1G#+pvNxN>V%+@~bf{9@ zRM=?ISc>kWj(WyoPi+A^yfje0?q3&eR>QptWN>#J_?pA}dt&5jqo@Is-j@D|K2E2i zb!M6Ja}P@Vd05S*{j9YfI!xv+v-dvC_j`mjOm2voch8WXD1lIv^c5CJFlPc1T%4#) zb*1?#i7#-ta58)oc#4brp3;bjuR{Qe_FZK8NsZJ6M%(L-Y=RYMQ!cAsvrnXV^y(4V zOO5h*(jXTchRrNStfvH0b9;p8CB!8=5thWvW;8qqGrC+?fGP28T&+(Y`%6L(g zx<%{CqK+}kd(+L`n{Tzx<^H_XrBKAH=cJhGSia`ZEQ2vUr^e-QMdaO*cvPSSZQIjw zVVbRtH2UwUNmC9*t7hy0+MOr%pPl;QqFrU00q5(*Y9y%TA4K$xSFb@Ly+h1a=`Pl{ z>kyGH6Ziq!LKTCdZ58OFM?=pw^62oM7fGj+FI8*L&{%yHn^+s52!D=qy5bzA-BSEn zVGpCAQE>k3t=r3AgHAp5BgCJkvrsL*huxT0zYLM=%G!!5*pC^MQRtx(a?`!HcWJGogpv(*q&YZFFT0%}yM9fC-nmvjGFSUMa(ly6) zwq}Uc=*ZEK*2ViiofQoeMVC*7?*)5rZ~HWJ-W|{!ICap!j%n~#TyQ#n_`ehKIf37| z4}9R?!Q=S3iPYeyK3n}&7gpMQR#R;_zQ%5|_9Ssr?iJ@mzi#}eKuDzL^1PS!KAk2uFT`gI*&uy?I>f`+iIH>BtP$Yjqk=t83dN-p5>f!S3wY6AmkITId)_ zagOt+SLOFy&>P^;i1lT~>SGh%ilP}E@f{1_hN@j93ptbSx{ob?x9`30vCrmCG#GU-W=mecf}exV*Mw+@ z?h@+2d|hcnciYBCPw&4~Wc+t4nk|UG<;R5)?9;V9hc@PfyFn#5)41y{M$sW$S@ zwy48%7v<{8`9cZG#r?HEk1lRA>{hXX7etafV-nm*>!%t|GY9Zb)LPPY>L(7}R7G-d&YJ5JxBMp6d{l9j zJ~#6D`+Jj}ZB-i^)1=>A!r^5=H{spA<#F&lC2+Rfxq|ajm>lDGIT8GO+5yi5jcGM! zvOxQ${TiA4)Ix1vzKGL2L|#RppwJEA>J)T8@h1Z*C{aBHV!Sp&!5=|E~MFeV!4X+xdC5hGRR|_gG9tnCEyyUAEiUD@bCe6d(3hx_R zpRGL{0&T*mh2qx-(iqLUB~$gUiiUtjQcjb4wkpwO_uKI7vI!P@GCXQ~@H)=sb=#DY z%#ZZkhG6f^ZLMv}8PodYDi6t{t8r(PZ~mjQmZ@ugL87bsb+3rmD3kRtZ4sG2$@I}m z+UpW}jIaV;&TYZx?VKjp%_B`Q+ z0lr{*^O>ohqx*Wny{CzS(*x3w@(-p$CGB3)oo1J`vM);=$emL)}pa?-DKf4RZ=Z+>=MkX7q?c0z69iL1voD8b>ba89ckN z$UEkuE3&}PCtUI3qt58B5er;Yg__Go<~8iX>5E&j6W-HYxA13Wi31xwPTHOPb7^ix z!k0e9O5T`U2U$ZGaOUA;T*KYMPu{-P1FWj~aJK=%@V zVSi(?v8d-_YQ*JhZ%`);8VeZ>WE$UGS)^j>>=JTH8_Sx*3iGe0(V}U!&T&0JXe@t$$8J*Fa$333Xcj=_@Ju()#fZ z7pTnZQl;|atuOAweH-fqT02lp%x-X43La94X{RJmOTq?SWa~SmR;fZkld|oSpiOk| zFPd&>X@M&a4pf;atR$kKJ58ZY*!jw^ysp-EygSvQuxcABLD)R{M*2nbntG($2mF#l zH5t5)K=pgL0oyU0K=}fmn#SwRyaJ^Jr4mt(L-fBDQyNH#wh=-hPKo_1?mLdp?Ne zFJ#+6i8HpUwKVq3&t}bAg*DbXNBG-DVhwg(ca|ca7o<*mJRu&+w9OkN6WY*BR_=P| zX{F!q9+@sov}o%4XwHN>5V&?WbVds%nR{PK4!6`=G&7LLSQl+=ZZgUG`O3_gDFl7g zWy0Dvg{7lPRyoaDj$HRwJ_*qVE6=^8OY8u9z?rU)>i4R>QAL<$F<6njg(A4M>ZYC! zcKxm_N@;oHBi>OCXH3rVqLRY=dbsM@%$;pt8$8S$Nj?8wClPA6g|gXdJ&n z6K<^~u(|GIVCT>x%$hw(F0|mycdi9rXXgybhGdhqa)O~Q(a}Sq`F`HrDyhfYS<|Cm zG$SwuhGpr6=3Jp}>k>n1_6|R}1kqO#?1YT2fP22ttq98iR3hkS*>t4}u?MT*HTNB4 zvU_Ahp5V9XVkpiyB*@6DC8am+2O6J6o5fE^KlB*7B*5akyt$cWTn~|n4Ewb6v)@^s zwk^*`z3lD~!=@g}@kg_Y=%M3cTgQ}>)9RQvA-ln~=w$}EG=mzgLK2i&fW@YM(h0U> z8p)PkA`pFNjbY~4pPMQ6oHbWR(IEI!Pl!&gxksa*qyd~NegekdH=PNZd)ym+Q7FZm zRz-G)0Gn!?A1YX_MV5a?WU{69!c9_$hYFm-oP{8}Jv)aw_G?TM!%4*5usrLMUM^pP zw=KwFnk~ls?iunBpe@#;4ULc-Genj5(Kjpimlg}Fk#?12^d*t$limx(t#DR&0F>WKpT;^>(p65j_RmWRtCKk*0R8N}E4*%@5ln7q+%i zf6obksr3WgRqtPH_SanOLB;un%mcOHd zkvrM9aPt?<=S?f@_7?>UK>W+-{dR=L(b7>B;$gZ9$sDzXc$xe8yWN0y7-1DC&(R0G zD!_IW6skn_v)V>+`Xg072R~p9;pLeHj>eSn?ilP5?5Eok5@@~9#>Hn@ZQU5{iiTsp z6BdAq@9m53L;L8e);Bv1ckDiHQbT}5JpVzkknbt(OTaE2Rr5|nj)K| zG}g`2q1?LRZ;6^STRSkM)fj0pJW`=dWf)Sw`!)<^XIAtaVhLZbw->`-8UUh(r1wV} Yxaj5}lOJn2=-F*$yR8JKh+mWc2ePzuxc~qF literal 0 HcmV?d00001 diff --git a/unequip.php b/unequip.php new file mode 100644 index 0000000..211906d --- /dev/null +++ b/unequip.php @@ -0,0 +1,48 @@ +endpage()); +} +if ($ir[$_GET['type']] == 0) +{ + echo 'You do not have anything equipped in this slot.'; + die($h->endpage()); +} +item_add($userid, $ir[$_GET['type']], 1); +$db->query( + "UPDATE `users` + SET `{$_GET['type']}` = 0 + WHERE `userid` = {$ir['userid']}"); +$names = + array('equip_primary' => 'Primary Weapon', + 'equip_secondary' => 'Secondary Weapon', + 'equip_armor' => 'Armor'); +echo 'The item in your ' . $names[$_GET['type']] + . ' slot was successfully unequiped.'; +$h->endpage(); diff --git a/userlist.php b/userlist.php new file mode 100644 index 0000000..4dd73cf --- /dev/null +++ b/userlist.php @@ -0,0 +1,114 @@ +Userlist"; +$cnt = $db->query("SELECT COUNT(`userid`) + FROM `users`"); +$membs = $db->fetch_single($cnt); +$db->free_result($cnt); +$pages = (int) ($membs / 100) + 1; +if ($membs % 100 == 0) +{ + $pages--; +} +echo "Pages: "; +for ($i = 1; $i <= $pages; $i++) +{ + $stl = ($i - 1) * 100; + echo "$i "; +} +echo "
    +Order By: + User ID | + Username | + Level | + Money +
    +Ascending | +Descending +

    "; +$q = + $db->query( + "SELECT `donatordays`, `username`, `userid`, `money`, `level`, + `gender`, `gangPREF`, `laston` + FROM `users` AS `u` + LEFT JOIN `gangs` AS `g` + ON `u`.`gang` = `g`.`gangID` + ORDER BY `$by` $ord + LIMIT $st, 100"); +$no1 = $st + 1; +$no2 = min($st + 100, $membs); +echo " +Showing users $no1 to $no2 by order of $by $ord. + + + + + + + + + + "; +while ($r = $db->fetch_row($q)) +{ + $r['username'] = + ($r['donatordays']) + ? '' + . $r['username'] + . 'Donator: ' + . $r['donatordays'] + . ' Days Left' + : $r['username']; + echo ' + + + + + + + + + '; +} +$db->free_result($q); +echo '
    IDNameMoneyLevelGenderOnline
    ' . $r['userid'] . '' + . $r['gangPREF'] . ' ' . $r['username'] . '' . money_formatter($r['money']) . '' . $r['level'] . '' . $r['gender'] . '' + . (($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15 * 60) + ? 'Online' + : 'Offline') + . ' +
    '; +$h->endpage(); diff --git a/usersonline.php b/usersonline.php new file mode 100644 index 0000000..f95c4ad --- /dev/null +++ b/usersonline.php @@ -0,0 +1,44 @@ +Users Online'; +$cn = 0; +$expiry_time = time() - 900; +$q = + $db->query( + 'SELECT `userid`, `username`, `laston` + FROM `users` + WHERE `laston` > ' . $expiry_time + . ' + ORDER BY `laston` DESC'); +while ($r = $db->fetch_row($q)) +{ + $cn++; + echo $cn . '. ' + . $r['username'] . ' (' . DateTime_Parse($r['laston']) + . ') +
    + '; +} +$db->free_result($q); +$h->endpage(); diff --git a/viewuser.php b/viewuser.php new file mode 100644 index 0000000..a091c2d --- /dev/null +++ b/viewuser.php @@ -0,0 +1,304 @@ +query( + "SELECT `userid`, `user_level`, `laston`, `last_login`, + `signedup`, `duties`, `donatordays`, `username`, `gender`, + `daysold`, `money`, `crystals`, `level`, `friend_count`, + `enemy_count`, `display_pic`, `hp`, `maxhp`, `gang`, + `fedjail`, `hospital`, `hospreason`, `jail`, `jail_reason`, + `bankmoney`, `cybermoney`, `lastip`, `lastip`, + `lastip_login`, `lastip_signup`, `staffnotes`, `cityname`, + `hNAME`, `gangNAME`, `fed_days`, `fed_reason` + FROM `users` `u` + INNER JOIN `cities` AS `c` + ON `u`.`location` = `c`.`cityid` + INNER JOIN `houses` AS `h` + ON `u`.`maxwill` = h.`hWILL` + LEFT JOIN `gangs` AS `g` + ON `g`.`gangID` = `u`.`gang` + LEFT JOIN `fedjail` AS `f` + ON `f`.`fed_userid` = `u`.`userid` + WHERE `u`.`userid` = {$_GET['u']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo 'Sorry, we could not find a user with that ID, check your source.'; + } + else + { + $r = $db->fetch_row($q); + $db->free_result($q); + $checkulevel = + array(0 => 'NPC', 1 => 'Member', 2 => 'Owner', + 3 => 'Secretary', 5 => 'Assistant'); + $userl = $checkulevel[$r['user_level']]; + $lon = + ($r['laston'] > 0) ? date('F j, Y g:i:s a', $r['laston']) + : "Never"; + $ula = ($r['laston'] == 0) ? 'Never' : DateTime_Parse($r['laston']); + $ull = + ($r['last_login'] == 0) ? 'Never' + : DateTime_Parse($r['last_login']); + $sup = date('F j, Y g:i:s a', $r['signedup']); + $u_duties = + ($r['user_level'] > 1) ? 'Duties: ' . $r['duties'] . '
    ' + : ''; + $user_name = + ($r['donatordays']) + ? '' + . $r['username'] . ' [' . $r['userid'] + . '] Donator: ' + . $r['donatordays'] + . ' Days Left' + : $r['username'] . ' [' . $r['userid'] . ']'; + $on = + ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15 * 60) + ? 'Online' + : 'Offline'; + $ref_q = + $db->query( + "SELECT COUNT(`refID`) + FROM `referals` + WHERE `refREFER` = {$r['userid']}"); + $ref = $db->fetch_single($ref_q); + $db->free_result($ref_q); + echo " +

    Profile for {$r['username']}

    + + + + + + + + + + + + + + + + + + + +
    General InfoFinancial InfoDisplay Pic
    + Name: $user_name
    + User Level: $userl
    + $u_duties + Gender: {$r['gender']}
    + Signed Up: $sup
    + Last Active: $lon
    + Last Action: $ula
    + Last Login: $ull
    + Online: $on
    + Days Old: {$r['daysold']}
    + Location: {$r['cityname']}    		 + Money: " . money_formatter($r['money']) + . "
    + Crystals: {$r['crystals']}
    + Property: {$r['hNAME']}
    + Referals: {$ref}
    + Friends: {$r['friend_count']}
    + Enemies: {$r['enemy_count']} +     		+ "; + echo ($r['display_pic']) + ? 'User Display Pic' + : 'No Image'; + $sh = ($ir['user_level'] > 1) ? "Staff Info" : " "; + echo " +
    Physical InfoLinks$sh
    + Level: {$r['level']}
    + Health: {$r['hp']}/{$r['maxhp']}
    + "; + echo ($r['gang']) + ? 'Gang: ' . $r['gangNAME'] . '' : ''; + + if ($r['fedjail']) + { + echo " +
    + + In federal jail for {$r['fed_days']} day(s). +
    + {$r['fed_reason']} +     + "; + } + if ($r['hospital']) + { + echo " +
    + + In hospital for {$r['hospital']} minutes. +
    + {$r['hospreason']} +     + "; + } + if ($r['jail']) + { + echo " +
    + + In jail for {$r['jail']} minutes. +
    + {$r['jail_reason']} +     + "; + } + + echo " +     		+ [Send Mail] +

    + [Send Cash] +

    + "; + if ($set['sendcrys_on']) + { + echo " + [Send Crystals] +

    + "; + } + if ($set['sendbank_on']) + { + if ($ir['bankmoney'] >= 0 && $r['bankmoney'] >= 0) + { + echo " + [Bank Xfer] +

    + "; + } + if ($ir['cybermoney'] >= 0 && $r['cybermoney'] >= 0) + { + echo " + [CyberBank Xfer] +

    + "; + } + } + echo " + [Attack] +

    + [Add Contact] + "; + if (in_array($ir['user_level'], array(2, 3, 5))) + { + echo " +

    + [Jail] +

    + [MailBan] + "; + } + if ($ir['donatordays'] > 0) + { + echo " +

    + [Add Friends] +

    + [Add Enemies] +
    + "; + } + echo " +     		+ "; + if (in_array($ir['user_level'], array(2, 3, 5))) + { + $r['lastiph'] = @gethostbyaddr($r['lastip']); + $r['lastiph'] = checkblank($r['lastiph']); + $r['lastip_loginh'] = @gethostbyaddr($r['lastip_login']); + $r['lastip_loginh'] = checkblank($r['lastip_loginh']); + $r['lastip_signuph'] = @gethostbyaddr($r['lastip_signup']); + $r['lastip_signuph'] = checkblank($r['lastip_signuph']); + echo " +

    Internet Info

    + + + + + + + + + + + + + + + + + + + + + +
    IPHostname
    Last Hit$r[lastip]$r[lastiph]
    Last Login$r[lastip_login]$r[lastip_loginh]
    Signup$r[lastip_signup]$r[lastip_signuph]
    + +
    + Staff Notes: +
    + +
    + + +
    + "; + } + echo ' +
    + '; + } +} + +function checkblank($in) +{ + if (!$in) + { + return "N/A"; + } + return $in; +} +$h->endpage(); diff --git a/willpdone.php b/willpdone.php new file mode 100644 index 0000000..be030d8 --- /dev/null +++ b/willpdone.php @@ -0,0 +1,49 @@ +endpage()); + } + echo 'Thank you for your payment to ' . $set['game_name'] + . '. Your transaction has been completed, and a receipt for + your purchase has been emailed to you. You may log into your + account at www.paypal.com + to view details of this transaction. + Your Will Potion should be credited within a few minutes, + if not, contact an admin for assistance.'; +} +$h->endpage(); diff --git a/willpotion.php b/willpotion.php new file mode 100644 index 0000000..e2972f6 --- /dev/null +++ b/willpotion.php @@ -0,0 +1,70 @@ +Will Potions + +Buy will potions today! They restore 100% will.
    +Buy One: (\$1)
    +
    + + + + + + + + + + + + +
    +Buy Five: (\$4.50)
    +
    + + + + + + + + + + + + +
    +EOF; +$h->endpage(); diff --git a/yellowbar.png b/yellowbar.png new file mode 100644 index 0000000000000000000000000000000000000000..529979edfe381a8a0383f75cda866f074f68db94 GIT binary patch literal 201 zcmeAS@N?(olHy`uVBq!ia0vp^j6lrK!3-pY4u+lvQY`6?zK#qG>ra@ocD)4hB}-f* zN`mv#O3D+9QW+dm@{>{(JaZG%Q-e|yQz{EjrrH1%=?3_OxE?KGJzmUkxRBvwCC{Uo zYTs8fyq?8yp_<{#IError
    + Your action has been blocked for your security.
    + Please make gang actions quickly after you open the form + - do not leave it open in tabs.
    + > Try Again'; + $h->endpage(); + exit; +} + +function csrf_stdverify($formid, $goBackTo) +{ + if (!isset($_POST['verf']) + || !verify_csrf_code($formid, stripslashes($_POST['verf']))) + { + csrf_error($goBackTo); + } +} + +if (!$ir['gang']) +{ + echo "You're not in a gang."; +} +else +{ + $gq = + $db->query( + "SELECT `g`.*, `oc`.* + FROM `gangs` AS `g` + LEFT JOIN `orgcrimes` AS `oc` + ON `g`.`gangCRIME` = `oc`.`ocID` + WHERE `g`.`gangID` = {$ir['gang']}"); + if ($db->num_rows($gq) == 0) + { + echo "Error: Your gang has been deleted.
    + > Home"; + die($h->endpage()); + } + $gangdata = $db->fetch_row($gq); + $db->free_result($gq); + echo " +

    Your Gang - {$gangdata['gangNAME']}

    + "; + $wq = + $db->query( + "SELECT COUNT(`warID`) + FROM `gangwars` + WHERE `warDECLARER` = {$ir['gang']} + OR `warDECLARED` = {$ir['gang']}"); + if ($db->fetch_single($wq) > 0) + { + echo " +

    + + Your gang is currently in " + . $db->fetch_single($wq) + . " war(s). + +

    + "; + } + $db->free_result($wq); + if (!isset($_GET['action'])) + { + $_GET['action'] = ''; + } + switch ($_GET['action']) + { + case "idx": + gang_index(); + break; + case "summary": + gang_summary(); + break; + case "members": + gang_memberlist(); + break; + case "kick": + gang_staff_kick(); + break; + case "forums": + gang_forums(); + break; + case "donate": + gang_donate(); + break; + case "donate2": + gang_donate2(); + break; + case "warview": + gang_warview(); + break; + case "staff": + gang_staff(); + break; + case "leave": + gang_leave(); + break; + case "atklogs": + gang_atklogs(); + break; + case "crimes": + gang_crimes(); + break; + default: + gang_index(); + break; + } +} + +function gang_index() +{ + global $db, $ir, $c, $userid, $gangdata; + echo " + + + + + + + + + + + + + + + + + +
    SummaryDonate
    MembersCrimes
    ForumsLeave
    Attack Logs + "; + if ($gangdata['gangPRESIDENT'] == $userid + || $gangdata['gangVICEPRES'] == $userid) + { + echo "Staff Room"; + } + else + { + echo " "; + } + echo " +
    +
    + + + + + + + +
    Gang Announcement
    {$gangdata['gangAMENT']}
    +
    + Last 10 Gang Events +
    + "; + $q = + $db->query( + "SELECT `gevTIME`, `gevTEXT` + FROM `gangevents` + WHERE `gevGANG` = {$ir['gang']} + ORDER BY `gevTIME` DESC + LIMIT 10"); + echo " + + + + + + "; + while ($r = $db->fetch_row($q)) + { + echo " + + + + + "; + } + $db->free_result($q); + echo "
    TimeEvent
    " . date('F j Y, g:i:s a', $r['gevTIME']) + . "{$r['gevTEXT']}
    "; +} + +function gang_summary() +{ + global $db, $ir, $c, $userid, $gangdata; + echo " + General +
    + "; + $pq = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$gangdata['gangPRESIDENT']}"); + if ($db->num_rows($pq) > 0) + { + $ldrnm = $db->fetch_single($pq); + echo "President: + + {$ldrnm} +
    "; + } + else + { + echo "President: None
    "; + } + $db->free_result($pq); + $vpq = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = {$gangdata['gangVICEPRES']}"); + if ($db->num_rows($vpq) > 0) + { + $vldrnm = $db->fetch_single($vpq); + echo "Vice-President: + + {$vldrnm} +
    "; + } + else + { + echo "Vice-President: None
    "; + } + $db->free_result($vpq); + $cnt = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + echo " + Members: " . $db->fetch_single($cnt) + . " +
    + Capacity: {$gangdata['gangCAPACITY']} +
    + Respect Level: {$gangdata['gangRESPECT']} +
    + Financial: +
    + Money in vault: " . money_formatter($gangdata['gangMONEY']) + . " +
    + Crystals in vault: {$gangdata['gangCRYSTALS']} + "; +} + +function gang_memberlist() +{ + global $db, $ir, $c, $userid, $gangdata; + echo " + + + + + + + + "; + $q = + $db->query( + "SELECT `userid`, `username`, `daysingang`, `level` + FROM `users` + WHERE `gang` = {$gangdata['gangID']} + ORDER BY `daysingang` DESC, `level` DESC"); + $csrf = request_csrf_html('yourgang_kickuser'); + while ($r = $db->fetch_row($q)) + { + echo " + + + + + + + "; + } + $db->free_result($q); + echo " +
    UserLevelDays In Gang 
    {$r['username']}{$r['level']}{$r['daysingang']} + "; + if ($gangdata['gangPRESIDENT'] == $userid + || $gangdata['gangVICEPRES'] == $userid) + { + echo " +
    + + {$csrf} + +
    "; + } + else + { + echo " "; + } + echo " +
    +
    + > Go Back + "; +} + +function gang_staff_kick() +{ + global $db, $ir, $c, $userid, $gangdata; + if ($gangdata['gangPRESIDENT'] == $userid + || $gangdata['gangVICEPRES'] == $userid) + { + csrf_stdverify('yourgang_kickuser', 'members'); + $_POST['ID'] = + (isset($_POST['ID']) && is_numeric($_POST['ID'])) + ? abs(intval($_POST['ID'])) : 0; + $who = $_POST['ID']; + if ($who == $gangdata['gangPRESIDENT']) + { + echo "The gang president cannot be kicked."; + } + else if ($who == $userid) + { + echo "You cannot kick yourself. If you wish to leave, + transfer your powers to someone else and then leave like normal."; + } + else + { + $q = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = $who + AND `gang` = {$gangdata['gangID']}"); + if ($db->num_rows($q) > 0) + { + $kdata = $db->fetch_row($q); + $db->query( + "UPDATE `users` + SET `gang` = 0, `daysingang` = 0 + WHERE `userid` = $who"); + $d_username = + htmlentities($kdata['username'], ENT_QUOTES, + 'ISO-8859-1'); + $d_oname = + htmlentities($ir['username'], ENT_QUOTES, 'ISO-8859-1'); + echo "{$d_username} was kicked from the Gang."; + $their_event = + "You were kicked out of {$gangdata['gangNAME']} by " + . "" + . $d_oname . ""; + event_add($who, $their_event, $c); + $gang_event = + $db->escape( + "" + . $d_username + . " was kicked out of the gang by " + . "" + . $d_oname . ""); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, " . time() + . ", '{$gang_event}');"); + } + else + { + echo "Trying to kick non-existant user"; + } + $db->free_result($q); + } + } + else + { + echo "You do not have permission to perform this action."; + } +} + +function gang_forums() +{ + global $db, $ir, $c, $userid, $gangdata, $domain; + $q = + $db->query( + "SELECT `ff_id`, `ff_name` + FROM `forum_forums` + WHERE `ff_auth` = 'gang' + AND `ff_owner` = {$ir['gang']}"); + if ($db->num_rows($q) == 0) + { + $gangdata['gangNAME'] = $db->escape($gangdata['gangNAME']); + $db->query( + "INSERT INTO `forum_forums` + VALUES(NULL, '{$gangdata['gangNAME']}', '', 0, 0, 0, 0, 'N/A', + 0, 'N/A', 'gang', {$ir['gang']})"); + $r = array(); + $r['ff_id'] = $db->insert_id(); + } + else + { + $r = $db->fetch_row($q); + if ($r['ff_name'] != $gangdata['gangNAME']) + { + $gangdata['gangNAME'] = $db->escape($gangdata['gangNAME']); + $db->query( + "UPDATE `forum_forums` + SET `ff_name` = '{$gangdata['gangNAME']}' + WHERE `ff_id` = {$r['ff_id']}"); + } + } + $db->free_result($q); + ob_get_clean(); + $forum_url = "http://{$domain}/forums.php?viewforum={$r['ff_id']}"; + header("Location: {$forum_url}"); + exit; +} + +function gang_donate() +{ + global $db, $ir, $c, $userid, $gangdata; + $csrf = request_csrf_html('yourgang_donate'); + echo " + Enter the amounts you wish to donate. +
    + You have " . money_formatter($ir['money']) + . " money and {$ir['crystals']} crystals. +
    +
    + + + + + + + + +
    + Money:
    + +     		+ Crystals:
    + +
    + {$csrf} + +
    +
    + "; +} + +function gang_donate2() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + csrf_stdverify('yourgang_donate', 'donate'); + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + $_POST['crystals'] = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + if (empty($_POST['money']) && empty($_POST['crystals'])) + { + echo 'Invalid amount, please go back and try again.
    + > Back'; + die($h->endpage()); + } + if ($_POST['money'] > $ir['money']) + { + echo 'You can\'t donate more money than you have, + please go back and try again.
    + > Back'; + } + else if ($_POST['crystals'] > $ir['crystals']) + { + echo 'You can\'t donate more crystals than you have, + please go back and try again.
    + > Back'; + } + else + { + $db->query( + "UPDATE `users` + SET `money` = `money` - {$_POST['money']}, + `crystals` = `crystals` - {$_POST['crystals']} + WHERE `userid` = $userid"); + $db->query( + "UPDATE `gangs` + SET `gangMONEY` = `gangMONEY` + {$_POST['money']}, + `gangCRYSTALS` = `gangCRYSTALS` + {$_POST['crystals']} + WHERE `gangID` = {$gangdata['gangID']}"); + $my_name = htmlentities($ir['username'], ENT_QUOTES, 'ISO-8859-1'); + $gang_event = + $db->escape( + "" . $my_name + . '' . ' donated ' + . money_formatter($_POST['money']) + . ' and/or ' + . number_format($_POST['crystals']) + . ' crystals to the Gang.'); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, " . time() + . ", '{$gang_event}')"); + echo "You donated " . money_formatter($_POST['money']) + . " and/or {$_POST['crystals']} crystals to the Gang.
    + > Go Home"; + } +} + +function gang_leave() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + if ($gangdata['gangPRESIDENT'] == $userid + || $gangdata['gangVICEPRES'] == $userid) + { + echo "You cannot leave while you are still president + or vice-president of your gang.
    + > Back"; + $h->endpage(); + exit; + } + if (isset($_POST['submit']) && $_POST['submit'] == 'Yes, leave!') + { + csrf_stdverify('yourgang_leave', 'leave'); + $db->query( + "UPDATE `users` + SET `gang` = 0, `daysingang` = 0 + WHERE `userid` = {$userid}"); + $gang_event = + $db->escape( + "" + . htmlentities($ir['username'], ENT_QUOTES, + 'ISO-8859-1') . ' left the Gang.'); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$ir['gang']}, " . time() + . ", '{$gang_event}')"); + } + else if (isset($_POST['submit']) && $_POST['submit'] == 'No, stay!') + { + echo "You stayed in your gang.
    + > Go back"; + } + else + { + $csrf = request_csrf_html('yourgang_leave'); + echo "Are you sure you wish to leave your gang? +
    + {$csrf} + +
    +
    + +
    "; + } +} + +function gang_warview() +{ + global $db, $ir, $c, $userid, $gangdata; + $wq = + $db->query( + "SELECT * + FROM `gangwars` + WHERE `warDECLARER` = {$ir['gang']} + OR `warDECLARED` = {$ir['gang']}"); + echo "These are the wars your gang is in.
    + + + + + + "; + while ($r = $db->fetch_row($wq)) + { + if ($gangdata['gangID'] == $r['warDECLARER']) + { + $w = 'You'; + $f = 'warDECLARED'; + } + else + { + $w = 'Them'; + $f = 'warDECLARER'; + } + $d = date('F j, Y, g:i:s a', $r['warTIME']); + $ggq = + $db->query( + "SELECT `gangID`, gangNAME` + FROM `gangs` + WHERE `gangID` = " . $r[$f]); + $them = $db->fetch_row($ggq); + echo " + + + + "; + } + echo "
    Time StartedVersusWho Declared
    $d + + {$them['gangNAME']} + + $w
    "; +} + +function gang_atklogs() +{ + global $db, $ir, $c, $userid, $gangdata; + $atks = + $db->query( + "SELECT `a`.*, `u1`.`username` AS `attackern`, + `u1`.`gang` AS `attacker_gang`, + `u2`.`username` AS `attackedn`, + `u2`.`gang` AS `attacked_gang` + FROM `attacklogs` AS `a` + INNER JOIN `users` AS `u1` + ON `a`.`attacker` = `u1`.`userid` + INNER JOIN `users` AS `u2` + ON `a`.`attacked` = `u2`.`userid` + WHERE (`u1`.`gang` = {$ir['gang']} + OR `u2`.`gang` = {$ir['gang']}) + AND `result` = 'won' + ORDER BY `time` DESC + LIMIT 50"); + echo "Attack Logs - The last 50 attacks involving someone in your gang
    + + + + + "; + while ($r = $db->fetch_row($atks)) + { + if ($r['attacker_gang'] == $ir['gang']) + { + $color = "green"; + } + else + { + $color = "red"; + } + $d = date('F j, Y, g:i:s a', $r['time']); + echo " + + + "; + } + $db->free_result($atks); + echo "
    TimeAttack
    $d + {$r['attackern']} + attacked + {$r['attackedn']} +
    "; +} + +function gang_crimes() +{ + global $gangdata; + if ($gangdata['gangCRIME'] > 0) + { + echo "This is the crime your gang is planning at the moment.
    + Crime: {$gangdata['ocNAME']}
    + Hours Left: {$gangdata['gangCHOURS']}"; + } + else + { + echo "Your gang is not currently planning a crime."; + } +} + +function gang_staff() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + if ($gangdata['gangPRESIDENT'] == $userid + || $gangdata['gangVICEPRES'] == $userid) + { + if (!isset($_GET['act2'])) + { + $_GET['act2'] = 'idx'; + } + switch ($_GET['act2']) + { + case "idx": + gang_staff_idx(); + break; + case "apps": + gang_staff_apps(); + break; + case "vault": + gang_staff_vault(); + break; + case "vicepres": + gang_staff_vicepres(); + break; + case "pres": + gang_staff_pres(); + break; + case "upgrade": + gang_staff_upgrades(); + break; + case "declare": + gang_staff_wardeclare(); + break; + case "surrender": + gang_staff_surrender(); + break; + case "viewsurrenders": + gang_staff_viewsurrenders(); + break; + case "crimes": + gang_staff_orgcrimes(); + break; + case "massmailer": + gang_staff_massmailer(); + break; + case "desc": + gang_staff_desc(); + break; + case "ament": + gang_staff_ament(); + break; + case "name": + gang_staff_name(); + break; + case "tag": + gang_staff_tag(); + break; + case "masspayment": + gang_staff_masspayment(); + break; + default: + gang_staff_idx(); + break; + } + } + else + { + echo 'Are you lost?
    + > Go back'; + die($h->endpage()); + } +} + +function gang_staff_idx() +{ + global $db, $ir, $c, $userid, $gangdata; + echo " + General +
    + Vault Management +
    + Application Management +
    + Change Vice-President +
    + Upgrade Gang +
    + Organised Crimes +
    + Mass Payment +
    + Change Gang Announcement +
    + "; + if ($gangdata['gangPRESIDENT'] == $userid) + { + echo " +
    + Change President +
    + Declare War +
    + Surrender +
    + View or Accept Surrenders +
    + Mass Mail Gang +
    + Change Gang Name +
    + Change Gang Desc. +
    + Change Gang Tag + "; + } +} + +function gang_staff_apps() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + $_POST['app'] = + (isset($_POST['app']) && is_numeric($_POST['app'])) + ? abs(intval($_POST['app'])) : ''; + $what = + (isset($_POST['what']) + && in_array($_POST['what'], array('accept', 'decline'), + true)) ? $_POST['what'] : ''; + if (!empty($_POST['app']) && !empty($what)) + { + csrf_stdverify('yourgang_staff_apps', 'staff&act2=apps'); + $aq = + $db->query( + "SELECT `appUSER`, `username` + FROM `applications` AS `a` + INNER JOIN `users` AS `u` + ON `a`.`appUSER` = `u`.`userid` + WHERE `a`.`appID` = {$_POST['app']} + AND `a`.`appGANG` = {$gangdata['gangID']}"); + if ($db->num_rows($aq) > 0) + { + $appdata = $db->fetch_row($aq); + if ($what == 'decline') + { + $db->query( + "DELETE FROM `applications` + WHERE `appID` = {$_POST['app']}"); + event_add($appdata['appUSER'], + "Your application to join the {$gangdata['gangNAME']} gang was declined", + $c); + $gang_event = + $db->escape( + "" + . $ir['username'] + . ' has declined ' + . "" + . $appdata['username'] + . '\'s application to join the Gang.'); + $db->query( + "INSERT INTO `gangevents` + VALUES (NULL, {$gangdata['gangID']}, " . time() + . ", '{$gang_event}')"); + echo " + You have declined the application by {$appdata['username']}. +
    + > Back + "; + } + else + { + $cnt = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + if ($gangdata['gangCAPACITY'] <= $db->fetch_single($cnt)) + { + $db->free_result($cnt); + echo "Your gang is full, you must upgrade it to hold more before you can accept another user!"; + $h->endpage(); + exit; + } + else if ($appdata['gang'] != 0) + { + $db->free_result($cnt); + echo "That person is already in a gang."; + $h->endpage(); + exit; + } + $db->free_result($cnt); + $db->query( + "DELETE FROM `applications` + WHERE `appID` = {$_POST['app']}"); + event_add($appdata['appUSER'], + "Your application to join the {$gangdata['gangNAME']} gang was accepted, Congrats!", + $c); + $gang_event = + $db->escape( + "" + . $ir['username'] + . ' has accepted ' + . "" + . $appdata['username'] + . '\'s application to join the Gang.'); + $db->query( + "INSERT INTO `gangevents` + VALUES (NULL, {$gangdata['gangID']}, " . time() + . ", '{$gang_event}')"); + $db->query( + "UPDATE `users` + SET `gang` = {$gangdata['gangID']}, + `daysingang` = 0 + WHERE `userid` = {$appdata['appUSER']}"); + echo " + You have accepted the application by {$appdata['username']}. +
    + > Back + "; + } + } + else + { + echo "Invalid application.
    + > Back"; + } + $db->free_result($aq); + } + else + { + echo " + Applications +
    + + + + + + + + + "; + $q = + $db->query( + "SELECT `appTEXT`, `userid`, `username`, `level`, + `money`, `appID` + FROM `applications` AS `a` + INNER JOIN `users` AS `u` + ON `a`.`appUSER` = `u`.`userid` + WHERE `a`.`appGANG` = {$gangdata['gangID']}"); + $csrf = request_csrf_html('yourgang_staff_apps'); + while ($r = $db->fetch_row($q)) + { + $r['appTEXT'] = + htmlentities($r['appTEXT'], ENT_QUOTES, 'ISO-8859-1', + false); + echo " + + + + + + + + "; + } + echo "
    UserLevelMoneyReason 
    + {$r['username']} + [{$r['userid']}] + {$r['level']}" . money_formatter($r['money']) + . "{$r['appTEXT']} +
    + + + {$csrf} + +
    +
    + + + {$csrf} + +
    +
    "; + } +} + +function gang_staff_vault() +{ + global $db, $ir, $c, $userid, $gangdata; + $_POST['who'] = + (isset($_POST['who']) && is_numeric($_POST['who'])) + ? abs(intval($_POST['who'])) : ''; + if (!empty($_POST['who'])) + { + csrf_stdverify('yourgang_staff_vault', 'staff&act2=vault'); + $_POST['crystals'] = + (isset($_POST['crystals']) && is_numeric($_POST['crystals'])) + ? abs(intval($_POST['crystals'])) : 0; + $_POST['money'] = + (isset($_POST['money']) && is_numeric($_POST['money'])) + ? abs(intval($_POST['money'])) : 0; + if ($_POST['crystals'] > $gangdata['gangCRYSTALS']) + { + echo "The vault does not have that many crystals!"; + } + else if ($_POST['money'] > $gangdata['gangMONEY']) + { + echo "The vault does not have that much money!"; + } + else if ($_POST['money'] == 0 && $_POST['crystals'] == 0) + { + echo "You cannot give nothing away."; + } + else + { + $who = $_POST['who']; + $md = + $db->query( + "SELECT `username` + FROM `users` + WHERE `userid` = $who + AND `gang` = {$gangdata['gangID']}"); + if ($db->num_rows($md) == 0) + { + $db->free_result($md); + echo "That user doesn't exist or isn't in this gang.
    + > Back"; + $h->endpage(); + exit; + } + $dname = + htmlentities($db->fetch_single($md), ENT_QUOTES, + 'ISO-8859-1'); + $db->free_result($md); + $money = $_POST['money']; + $crys = $_POST['crystals']; + $db->query( + "UPDATE `users` + SET `money` = `money` + $money, + `crystals` = `crystals` + $crys + WHERE `userid` = $who"); + $db->query( + "UPDATE `gangs` + SET `gangMONEY` = `gangMONEY` - $money, + `gangCRYSTALS` = `gangCRYSTALS` - $crys + WHERE `gangID` = {$gangdata['gangID']}"); + event_add($who, + "You were given " . money_formatter($money) + . " and/or $crys crystals from your Gang.", $c); + $gang_event = + $db->escape( + "" . $dname + . ' was given ' + . money_formatter($money) . ' and/or ' + . number_format($crys) + . ' crystals from the Gang.'); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, " . time() + . ",'{$gang_event}')"); + echo "{$dname} was given " + . money_formatter($money) . ' and/or ' + . number_format($crys) . ' crystals from the Gang.'; + } + } + else + { + $csrf = request_csrf_html('yourgang_staff_vault'); + echo "The vault has " . money_formatter($gangdata['gangMONEY']) + . " and {$gangdata['gangCRYSTALS']} crystals.
    +
    + Give + \$ and + crystals +
    + To:
    + {$csrf} +
    "; + } +} + +function gang_staff_vicepres() +{ + global $db, $ir, $c, $userid, $gangdata; + if (isset($_POST['subm'])) + { + csrf_stdverify('gang_staff_vicepres', 'staff&act2=vicepres'); + $_POST['vp'] = + (isset($_POST['vp']) && is_numeric($_POST['vp'])) + ? abs(intval($_POST['vp'])) : 0; + $q = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `userid` = {$_POST['vp']} + AND `gang` = {$gangdata['gangID']}"); + if ($db->num_rows($q) < 1) + { + $db->free_result($q); + echo "Invalid user or user not in your gang.
    + > Back"; + $h->endpage(); + exit; + } + $memb = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "UPDATE `gangs` + SET `gangVICEPRES` = {$_POST['vp']} + WHERE `gangID` = {$gangdata['gangID']}"); + event_add($memb['userid'], + "You were transferred vice-presidency of {$gangdata['gangNAME']}.", + $c); + $m_name = htmlentities($memb['username'], ENT_QUOTES, 'ISO-8859-1'); + echo "Vice-Presidency was transferred to {$m_name}"; + } + else + { + $csrf = request_csrf_html('gang_staff_vicepres'); + $vp = $gangdata['gangVICEPRES']; + echo " +
    + Enter the ID of the new vice-president.
    + + {$csrf} + ID:
    + +
    "; + } +} + +function gang_staff_wardeclare() +{ + global $db, $ir, $c, $userid, $gangdata; + if (isset($_POST['subm'])) + { + csrf_stdverify('yourgang_staff_declare', 'staff&act2=declare'); + $_POST['gang'] = + (isset($_POST['gang']) && is_numeric($_POST['gang'])) + ? abs(intval($_POST['gang'])) : 0; + if ($_POST['gang'] == $gangdata['gangID']) + { + echo "You can't declare war on your own gang.
    + > Go back"; + $h->endpage(); + exit; + } + // Check for existence + $data_q = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = {$_POST['gang']}"); + if ($db->num_rows($data_q) == 0) + { + $db->free_result($data_q); + echo "Invalid gang to declare on.
    + > Go back"; + $h->endpage(); + exit; + } + $them = $db->fetch_single($data_q); + $db->free_result($data_q); + $db->query( + "INSERT INTO `gangwars` + VALUES(NULL, {$gangdata['gangID']}, {$_POST['gang']}, " + . time() . ")"); + $event = + $db->escape( + "" + . $gangdata['gangNAME'] + . ' declared war on ' + . "" + . $them . ''); + $ev_time = time(); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, {$ev_time}, '$event'), + (NULL, {$_POST['gang']}, {$ev_time}, '$event')"); + echo "You have declared war!"; + } + else + { + $csrf = request_csrf_html('yourgang_staff_declare'); + echo " +
    + Choose who to declare war on.
    + + Gang:
    + {$csrf} + +
    "; + } +} + +function gang_staff_surrender() +{ + global $db, $ir, $c, $userid, $gangdata; + if (!isset($_POST['subm'])) + { + $wq = + $db->query( + "SELECT * + FROM `gangwars` + WHERE `warDECLARER` = {$gangdata['gangID']} + OR `warDECLARED` = {$gangdata['gangID']}"); + if ($db->num_rows($wq) > 0) + { + $csrf = request_csrf_html('yourgang_staff_surrender'); + echo " +
    + Choose who to surrender to.
    + + Gang:
    + Message:
    + {$csrf} + +
    "; + } + else + { + echo "You aren't in any wars!"; + } + $db->free_result($wq); + } + else + { + csrf_stdverify('yourgang_staff_surrender', 'staff&act2=surrender'); + $_POST['war'] = + (isset($_POST['war']) && is_numeric($_POST['war'])) + ? abs(intval($_POST['war'])) : 0; + $e_msg = + $db->escape( + htmlentities(stripslashes($_POST['msg']), ENT_QUOTES, + 'ISO-8859-1')); + $wq = + $db->query( + "SELECT * + FROM gangwars + WHERE `warID` = {$_POST['war']}"); + if ($db->num_rows($wq) == 0) + { + $db->free_result($wq); + echo "Invalid war.
    + > Back"; + $h->endpage(); + exit; + } + $r = $db->fetch_row($wq); + $db->free_result($wq); + if ($gangdata['gangID'] == $r['warDECLARER']) + { + $w = "You"; + $f = "warDECLARED"; + } + else if ($gangdata['gangID'] == $r['warDECLARED']) + { + $w = "Them"; + $f = "warDECLARER"; + } + else + { + echo "Invalid war.
    + > Back"; + $h->endpage(); + exit; + } + $db->query( + "INSERT INTO `surrenders` + VALUES(NULL, {$_POST['war']}, {$gangdata['gangID']}, {$r[$f]}, + '{$e_msg}')"); + $ggq = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = {$r[$f]}"); + $them = $db->fetch_single($ggq); + $db->free_result($ggq); + $event = + $db->escape( + "" + . $gangdata['gangNAME'] + . ' have asked to surrender the war against ' + . "" + . $them . ''); + $e_time = time(); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, {$e_time}, '$event'), + (NULL, {$r[$f]}, {$e_time}, '$event')"); + echo "You have asked to surrender."; + } +} + +function gang_staff_viewsurrenders() +{ + global $db, $ir, $c, $userid, $gangdata; + if (!isset($_POST['subm'])) + { + $wq = + $db->query( + "SELECT `surID`, `surMSG`, `w`.* + FROM `surrenders` AS `s` + INNER JOIN `gangwars` AS `w` + ON `s`.`surWAR` = `w`.`warID` + WHERE `surTO` = {$gangdata['gangID']}"); + if ($db->num_rows($wq) > 0) + { + $csrf = request_csrf_html('yourgang_staff_acceptsurrender'); + echo " +
    + Choose who to accept the surrender from.
    + + Gang:
    + {$csrf} + +
    "; + } + else + { + echo "There are no active surrenders for you to deal with."; + } + $db->free_result($wq); + } + else + { + csrf_stdverify('yourgang_staff_acceptsurrender', + 'staff&act2=viewsurrenders'); + $_POST['sur'] = + (isset($_POST['sur']) && is_numeric($_POST['sur'])) + ? abs(intval($_POST['sur'])) : 0; + $q = + $db->query( + "SELECT `w`.* + FROM `surrenders` AS `s` + INNER JOIN `gangwars` AS `w` + ON `s`.`surWAR` = `w`.`warID` + WHERE `surID` = {$_POST['sur']} + AND `surTO` = {$gangdata['gangID']}"); + if ($db->num_rows($q) == 0) + { + $db->free_result($q); + echo "Invalid surrender.
    + > Back"; + $h->endpage(); + exit; + } + $surr = $db->fetch_row($q); + $db->free_result($q); + $warID = $surr['warID']; + if ($gangdata['gangID'] == $r['warDECLARER']) + { + $f = "warDECLARED"; + } + else + { + $f = "warDECLARER"; + } + // Fix: delete all surrenders for the same war at same time + $db->query( + "DELETE FROM `surrenders` + WHERE `surWAR` = {$warID}"); + $db->query( + "DELETE FROM `gangwars` + WHERE `warID` = {$warID}"); + $ggq = + $db->query( + "SELECT `gangNAME` + FROM `gangs` + WHERE `gangID` = {$r[$f]}"); + $them = $db->fetch_single($ggq); + $db->free_result($ggq); + $event = + $db->escape( + "" + . $gangdata['gangNAME'] + . ' have accepted the surrender from ' + . "" + . $them . ', the war is over!'); + $ev_time = time(); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, {$ev_time}, '$event'), + (NULL, {$r[$f]}, {$ev_time}, '$event')"); + echo "You have accepted the surrender from {$them}, the war is over."; + } +} + +function gang_staff_orgcrimes() +{ + global $db, $ir, $c, $userid, $gangdata; + $_POST['crime'] = + (isset($_POST['crime']) && is_numeric($_POST['crime'])) + ? abs(intval($_POST['crime'])) : 0; + if ($_POST['crime']) + { + csrf_stdverify('yourgang_staff_orgcrimes', 'staff&act2=crimes'); + if ($gangdata['gangCRIME'] != 0) + { + echo "Your gang is already doing a crime!"; + } + else + { + // Check Existence + $crime_eq = + $db->query( + "SELECT COUNT(`ocID`) + FROM `orgcrimes` + WHERE `ocID` = {$_POST['crime']}"); + if ($db->fetch_single($crime_eq) == 0) + { + $db->free_result($crime_eq); + echo "Invalid crime.
    + > Back"; + $h->endpage(); + exit; + } + $db->free_result($crime_eq); + $db->query( + "UPDATE `gangs` + SET `gangCRIME` = {$_POST['crime']}, `gangCHOURS` = 24 + WHERE `gangID` = {$gangdata['gangID']}"); + echo "You have started to plan this crime. It will take 24 hours."; + } + } + else + { + $cnt = + $db->query( + "SELECT COUNT(`userid`) + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + $membs = $db->fetch_single($cnt); + $db->free_result($cnt); + $q = + $db->query( + "SELECT `ocID`, `ocNAME`, `ocUSERS` + FROM `orgcrimes` + WHERE `ocUSERS` <= $membs"); + if ($db->num_rows($q) > 0) + { + $csrf = request_csrf_html('yourgang_staff_orgcrimes'); + echo "

    Organised Crimes

    +
    + Choose a crime that your gang should commit.
    + +
    + {$csrf} + +
    "; + } + else + { + echo "

    Organised Crimes

    + There are no crimes that your gang can do."; + } + $db->free_result($q); + } +} + +function gang_staff_pres() +{ + global $db, $ir, $c, $userid, $gangdata; + if ($gangdata['gangPRESIDENT'] == $userid) + { + if (isset($_POST['subm'])) + { + csrf_stdverify('yourgang_staff_president', 'staff&act2=pres'); + $_POST['pres'] = + (isset($_POST['pres']) && is_numeric($_POST['pres'])) + ? abs(intval($_POST['pres'])) : 0; + $q = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `userid` = {$_POST['pres']} + AND `gang` = {$gangdata['gangID']}"); + if ($db->num_rows($q) < 1) + { + $db->free_result($q); + echo "Invalid user or user not in your gang.
    + > Back"; + $h->endpage(); + exit; + } + $memb = $db->fetch_row($q); + $db->free_result($q); + $db->query( + "UPDATE `gangs` + SET `gangPRESIDENT` = {$_POST['pres']} + WHERE `gangID` = {$gangdata['gangID']}"); + event_add($memb['userid'], + "You were transferred presidency of {$gangdata['gangNAME']}.", + $c); + echo "Presidency was transferred to {$memb['username']}
    + > Gang home"; + } + else + { + $currp = $gangdata['gangPRESIDENT']; + $csrf = request_csrf_html('yourgang_staff_president'); + echo " +
    + Enter the ID of the new president.
    + + ID:
    + {$csrf} + +
    "; + } + } + else + { + echo "This action is only available to the president of the gang."; + } +} + +function gang_staff_upgrades() +{ + global $db, $ir, $c, $userid, $gangdata; + if (isset($_POST['membs'])) + { + csrf_stdverify('yourgang_staff_capacity', 'staff&act2=upgrade'); + $_POST['membs'] = + (isset($_POST['membs']) && is_numeric($_POST['membs'])) + ? abs(intval($_POST['membs'])) : 0; + if ($_POST['membs'] == 0) + { + echo "There's no point upgrading 0 capacity."; + } + else if ($_POST['membs'] * 100000 > $gangdata['gangMONEY']) + { + echo "Your gang does not have enough money to upgrade that much capacity."; + } + else + { + $cost = $_POST['membs'] * 100000; + $db->query( + "UPDATE `gangs` + SET `gangCAPACITY` = `gangCAPACITY` + {$_POST['membs']}, + `gangMONEY` = `gangMONEY` - $cost + WHERE `gangID` = {$gangdata['gangID']}"); + echo "You paid " . money_formatter($cost) + . " to add {$_POST['membs']} capacity to your gang."; + } + } + else + { + $csrf = request_csrf_html('yourgang_staff_capacity'); + echo "

    Capacity

    + Current Capacity: {$gangdata['gangCAPACITY']}
    +
    + Enter the amount of extra capacity you need. + Each extra member slot costs " . money_formatter(100000) + . ".
    +
    + {$csrf} + +
    "; + } +} + +function gang_staff_massmailer() +{ + global $db, $ir, $c, $userid, $gangdata; + $_POST['text'] = + (isset($_POST['text']) && strlen($_POST['text']) < 500) + ? $db->escape( + htmlentities(stripslashes($_POST['text']), + ENT_QUOTES, 'ISO-8859-1')) : ''; + if (!empty($_POST['text'])) + { + csrf_stdverify('yourgang_staff_massmailer', + 'staff&act2=massmailer'); + $subj = 'This is a mass mail from your gang'; + $mass_time = time(); + $q = + $db->query( + "SELECT `username`, `userid` + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + while ($r = $db->fetch_row($q)) + { + $db->query( + "INSERT INTO `mail` + VALUES(NULL, 0, {$ir['userid']}, {$r['userid']}, + {$mass_time}, '$subj', '{$_POST['text']}')"); + echo "Mass mail sent to {$r['username']}.
    "; + } + $db->free_result($q); + echo " + Mass mail sending complete! +
    + > Go Back + "; + } + else + { + $csrf = request_csrf_html('yourgang_staff_massmailer'); + echo " +

    Mass Mailer

    +
    + Text:
    + +
    + {$csrf} + +
    + "; + } +} + +function gang_staff_masspayment() +{ + global $db, $ir, $c, $userid, $gangdata; + $_POST['amt'] = + (isset($_POST['amt']) && is_numeric($_POST['amt'])) + ? abs(intval($_POST['amt'])) : 0; + if ($_POST['amt']) + { + csrf_stdverify('yourgang_staff_masspayment', + 'staff&act2=masspayment'); + $q = + $db->query( + "SELECT `userid`, `username` + FROM `users` + WHERE `gang` = {$gangdata['gangID']}"); + while ($r = $db->fetch_row($q)) + { + if ($gangdata['gangMONEY'] >= $_POST['amt']) + { + event_add($r['userid'], + "You were given " . money_formatter($_POST['amt']) + . " from your gang.", $c); + $db->query( + "UPDATE `users` + SET `money` = `money` + {$_POST['amt']} + WHERE `userid` = {$r['userid']}", $c); + $gangdata['gangMONEY'] -= $_POST['amt']; + echo "Money sent to {$r['username']}.
    "; + } + else + { + echo "Not enough in the vault to pay {$r['username']}!
    "; + } + } + $db->query( + "UPDATE `gangs` + SET `gangMONEY` = {$gangdata['gangMONEY']} + WHERE `gangID` = {$gangdata['gangID']}"); + $credit_evt = + $db->escape( + "A mass payment of " . money_formatter($_POST['amt']) + . " was sent to the members of the Gang."); + $db->query( + "INSERT INTO `gangevents` + VALUES(NULL, {$gangdata['gangID']}, " . time() + . ", '{$credit_evt}')"); + echo "Mass payment sending complete!
    + > Back"; + } + else + { + $csrf = request_csrf_html('yourgang_staff_masspayment'); + echo "

    Mass Payment

    +
    + Amount:
    + {$csrf} + +
    "; + } +} + +function gang_staff_desc() +{ + global $db, $ir, $c, $userid, $gangdata; + if ($gangdata['gangPRESIDENT'] == $userid) + { + if (isset($_POST['subm']) && isset($_POST['desc'])) + { + csrf_stdverify('yourgang_staff_desc', 'staff&act2=desc'); + $desc = + $db->escape( + nl2br( + htmlentities( + stripslashes($_POST['desc']), + ENT_QUOTES, 'ISO-8859-1'))); + $db->query( + "UPDATE `gangs` + SET `gangDESC` = '{$desc}' + WHERE `gangID` = {$gangdata['gangID']}"); + echo "Gang description changed!
    + > Back"; + } + else + { + $desc_for_area = strip_tags($gangdata['gangDESC']); + $csrf = request_csrf_html('yourgang_staff_desc'); + echo "Current Description:
    + {$gangdata['gangDESC']} +
    + Enter the new description.
    + + Desc:
    +
    + {$csrf} + +
    "; + } + } + else + { + echo "This action is only available to the president of the gang."; + } +} + +function gang_staff_ament() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + if ($gangdata['gangPRESIDENT'] == $userid) + { + if (isset($_POST['subm']) && isset($_POST['ament'])) + { + csrf_stdverify('yourgang_staff_ament', 'staff&act2=ament'); + $ament = + $db->escape( + nl2br( + htmlentities( + stripslashes($_POST['ament']), + ENT_QUOTES, 'ISO-8859-1'))); + $db->query( + "UPDATE `gangs` + SET `gangAMENT` = '{$ament}' + WHERE `gangID` = {$gangdata['gangID']}"); + echo "Gang announcement changed!
    + > Back"; + } + else + { + $am_for_area = strip_tags($gangdata['gangAMENT']); + $csrf = request_csrf_html('yourgang_staff_ament'); + echo "Current Announcement:
    + {$gangdata['gangAMENT']} +
    + Enter the new announcement.
    + + Announcement:
    +
    + {$csrf} + +
    "; + } + } + else + { + echo "This action is only available to the president of the gang."; + } +} + +function gang_staff_name() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + if ($gangdata['gangPRESIDENT'] == $userid) + { + if (isset($_POST['subm']) && isset($_POST['name'])) + { + csrf_stdverify('yourgang_staff_name', 'staff&act2=name'); + $name = + $db->escape( + htmlentities(stripslashes($_POST['name']), + ENT_QUOTES, 'ISO-8859-1')); + $db->query( + "UPDATE `gangs` + SET `gangNAME` = '{$name}' + WHERE `gangID` = {$gangdata['gangID']}"); + echo "Gang name changed!
    + > Back"; + } + else + { + $csrf = request_csrf_html('yourgang_staff_name'); + $gname = $gangdata['gangNAME']; + echo " +
    + Enter the new gang name.
    + + Name:
    + {$csrf} + +
    "; + } + } + else + { + echo "This action is only available to the president of the gang."; + } +} + +function gang_staff_tag() +{ + global $db, $ir, $c, $userid, $gangdata, $h; + if ($gangdata['gangPRESIDENT'] == $userid) + { + if (isset($_POST['subm']) && isset($_POST['tag'])) + { + csrf_stdverify('yourgang_staff_tag', 'staff&act2=tag'); + $tag = + $db->escape( + htmlentities(stripslashes($_POST['tag']), + ENT_QUOTES, 'ISO-8859-1')); + $db->query( + "UPDATE `gangs` + SET `gangPREF` = '{$tag}' + WHERE `gangID` = {$gangdata['gangID']}"); + echo "Gang tag changed!
    + > Back"; + } + else + { + $csrf = request_csrf_html('yourgang_staff_tag'); + $gtag = $gangdata['gangPREF']; + echo " +
    + Enter the new gang tag.
    + + Tag:
    + {$csrf} + +
    "; + } + } + else + { + echo "This action is only available to the president of the gang."; + } +} + +$h->endpage();