<?php
function jump($location){
header('Location: '.$location.'');
}
function generate_id( $l ){
$alphanum = "0123456789sabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$new_id = substr( str_shuffle( md5( $alphanum ) ), 0, $l );
return $new_id;
}
function login(){
if (isset($_POST["account_login"])){
$accountid = secure($_POST['login']);
$passwordid = secure($_POST['pass']);
if (($accountid == NULL) || ($passwordid == NULL)) {}
$login_check = mssql_query("SELECT * FROM dbo.MEMB_INFO WHERE memb___id ='$accountid' AND memb__pwd ='$passwordid'");
$login_result = mssql_num_rows($login_check);
if ($login_result == 0) { jump('index.php?page=LogInFailed'); }
if ($login_result > 0) {
secure($_SESSION['user'] = $accountid);
secure($_SESSION['pass'] = $passwordid);
jump('index.php?page=user&option=CharactersInformation');
}
}
if (isset($_POST["logoutaccount"])){
unset($_SESSION['user']);
unset($_SESSION['pass']);
jump('index.php');
}
}
function logincheck(){
if (isset($_SESSION['pass'])){$pass = stripslashes(secure($_SESSION['pass']));}
if (isset($_SESSION['user'])){
$login = secure($_SESSION['user']);{
$pass = secure($pass);
$login_check = mssql_query("SELECT * FROM dbo.MEMB_INFO WHERE memb___id = '$login' AND memb__pwd = '$pass'");
$login_result = mssql_num_rows($login_check);
if ($login_result == 0){
unset($_SESSION['user']);
unset($_SESSION['pass']);
jump('index.php');
}
}
}
}
function check_user(){
if($_GET['unl_1992_y0ca7a'] == "user" AND (!isset($_SESSION["user"])) || (!isset($_SESSION["pass"]))){
jump('index.php?page=MyAccount');
}
if($_GET['unl_1992_y0ca7a'] == "myaccount" AND (isset($_SESSION["user"])) || (isset($_SESSION["pass"]))){
jump('UserOption=CharactersInformation');
}
}
function ex_time()
{
global $timecred;
$character = secure($_POST['character']);
$account = secure($_SESSION['user']);
check_inject();
$query = mssql_query("Select totaltime from Character where name='$character'");
$row = mssql_fetch_row($query);
$newtime = floor($row[0] / 60);
$cred= $newtime * $timecred;
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$queryonline = mssql_query("Select * from MEMB_STAT where memb___id='$account' and connectstat='1'");
$onlinecheck = mssql_num_rows($queryonline);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$password'");
$passwordcheck = mssql_num_rows($querypassword);
$querychar = mssql_query("Select * from Character where Name='$character'");
$charcheck = mssql_num_rows($querychar);
if(empty($character)) { echo"<tr><td align='center' class='modules'><b>Error:</b> Please select Character !</td></tr>"; $error=1; }
elseif($charcheck <= 0) { echo"<font color='red'>Your Character does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
else
{
if($newtime < 1) { echo"<center><font color='red'>You dont have enough time to exchange!</font></center><br>"; $error=1;}
if($row[0] < 60) { echo"<center><font color='red'>Minimal Time for exchange is 1 hour ! <br> Your time is : $row[0] minutes.</font></center><br>"; $error=1;}
if($error != 1)
{
echo"<td align='center' class='modules'><span class='online'>You received $cred credits for $character time.</span></td></tr><br>";
$a = mssql_query("Update Character Set totaltime='0' where name='$character'");
$b = mssql_query("Update MEMB_CREDITS set credits = credits+$cred WHERE memb___id='$account'");
}}}
function fix($value)
{
if($value < 0) { $value = 32768*2+$value; }
return $value;
}
function register()
{
global $md5;
global $servername;
$account = secure($_POST['account']);
$password = secure($_POST['password']);
$repassword = secure($_POST['repassword']);
$email = secure($_POST['email']);
$question = secure($_POST['squestion']);
$awnser = secure($_POST['sanswer']);
$code = secure($_POST['turing']);
$accounts = strlen($account);
$passwords = strlen($password);
$repasswords = strlen($repassword);
$questions = strlen($question);
$awnsers = strlen($awnser);
check_inject();
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$querymail = mssql_query("Select * from MEMB_INFO where mail_addr='$email'");
$mailcheck = mssql_num_rows($querymail);
$date = date('Y-m-d H:i:s');
if(empty($account) or empty($password) or empty($repassword) or empty($email) or empty($question) or empty($awnser) or empty($code)) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>You cannot leave any fields blank!</font></div>"; $error=1; }
if($_SESSION['image_random_value'] != md5($code)){ echo"<center><div class='msg error'><font color='white'><b>Error:</b>Numbers from image do not match!</font></div>"; $error=1; }
if($accounts < 4) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Account must be at least 4 symbols</font></div>"; $error=1; }
if($passwords < 4 or $repasswords < 4) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Password must be at least 4 symbols</font></div>"; $error=1; }
if($questions < 4) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Secret Question must be at least 4 symbols</font></div>"; $error=1; }
if($awnsers < 4) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Secret Answer must be at least 4 symbols</font></div>"; $error=1; }
if($password != $repassword) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Passwords didn't match!</font></div>"; $error=1; }
if($accountcheck != 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Account is already in use!</font></div>"; $error=1; }
if($mail != 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Email is already in use!</font></div>"; $error=1; }
if($error != 1) {
echo"<div class='msg success'><center><font color='green'>Account $account has been succsesfuly created on $date!</font><br></div>";
if($md5 == 0) {
$a = mssql_query("INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code,fpas_ques,fpas_answ) VALUES ('$account','$password','$servername','1','$email','$date','$date','$date','$date','1','0','0','$question','$awnser')");
$b = mssql_query("INSERT INTO VI_CURR_INFO (ends_days,chek_code,used_time,memb___id,memb_name,memb_guid,sno__numb,Bill_Section,Bill_value,Bill_Hour,Surplus_Point,Surplus_Minute,Increase_Days ) VALUES ('2010','1',1234,'$account','$account',1,'7','6','3','6','6','$date','0' )");
}
else
{
$a = mssql_query("INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code,fpas_ques,fpas_answ) VALUES ('$account',md5($password),'$servername','1','$email','$date','$date','$date','$date','1','0','0','$question','$awnser')");
$b = mssql_query("INSERT INTO VI_CURR_INFO (ends_days,chek_code,used_time,memb___id,memb_name,memb_guid,sno__numb,Bill_Section,Bill_value,Bill_Hour,Surplus_Point,Surplus_Minute,Increase_Days ) VALUES ('2010','1',1234,'$account','$account',1,'7','6','3','6','6','$date','0' )");
}
}
}
function change_password()
{
$account = secure($_POST['login']);
$oldpassword = secure($_POST['oldpwd']);
$newpassword = secure($_POST['newpwd']);
$renewpassword = secure($_POST['renewpwd']);
$newpasswords = strlen($newpassword);
$renewpasswords = strlen($renewpassword);
check_inject();
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$oldpassword'");
$passwordcheck = mssql_num_rows($querypassword);
if(empty($account) or empty($oldpassword) or empty($newpassword) or empty($renewpassword)) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>You cannot leave any fields blank!</font></div><br>"; $error=1; }
elseif($newpasswords < 4 or $renewpasswords < 4) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Password must be at least 4 symbols</font></div><br>"; $error=1; }
elseif($newpassword != $renewpassword) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Passwords didn't match!</font></div><br>"; $error=1; }
if($accountcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Login does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
elseif($passwordcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Old Password does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
if($error != 1) {
echo"<font color='green'>Your account's password has been changed succesfully. You can now play in our server. Your new password is:</font> $newpassword<br>";
$a = mssql_query("UPDATE MEMB_INFO set memb__pwd='$newpassword' where memb___id='$account'");
}
}
function warp_character()
{
$character = secure($_POST['character']);
$account = secure($_POST['login']);
$password = secure($_POST['password']);
check_inject();
$queryonline = mssql_query("Select * from MEMB_STAT where memb___id='$account' and connectstat='1'");
$onlinecheck = mssql_num_rows($queryonline);
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$password'");
$passwordcheck = mssql_num_rows($querypassword);
$querychar = mssql_query("Select * from Character where Name='$character'");
$charcheck = mssql_num_rows($querychar);
if(empty($character) or empty($account) or empty($password)) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>You cannot leave any fields blank!</font></div><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Login does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
elseif($passwordcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Password does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
elseif($charcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Character does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
elseif($onlinecheck >= 1) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Account $account is online!Please LogOff First!</font></div><br>"; $error=1;}
if($error != 1) {
echo"<font color='green'>Character $character has been succesfully warped.</font><br>";
$a = mssql_query("UPDATE Character set MapNumber='0',MapPosX='130',MapPosY='130' where Name='$character'");
}
}
function lost_password()
{
$account = secure($_POST['login']);
$email = secure($_POST['email']);
$question = secure($_POST['question']);
$answer = secure($_POST['answer']);
check_inject();
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$querymail = mssql_query("Select * from MEMB_INFO where mail_addr='$email'");
$mailcheck = mssql_num_rows($querymail);
$queryquestion = mssql_query("Select * from MEMB_INFO where fpas_ques='$question'");
$questioncheck = mssql_num_rows($queryquestion);
$queryanswer = mssql_query("Select * from MEMB_INFO where fpas_answ='$answer'");
$answercheck = mssql_num_rows($queryanswer);
if(empty($account) or empty($email) or empty($question) or empty($answer)) { echo"<font color='red'>You cannot leave any fields blank!</font><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<font color='red'>Your Login does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
else
{
if($mailcheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your E-Mail Address does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
if($questioncheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Secret Question does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
if($answercheck <= 0) { echo"<center><div class='msg error'><font color='white'><b>Error:</b>Your Secret Answer does not exist in our database. Please go back and try again!</font></div><br>"; $error=1; }
if($error != 1) {
$passwordquery = mssql_query("Select memb__pwd from MEMB_INFO where memb___id='$account'");
$password = mssql_fetch_row($passwordquery);
echo"<font color='green'>Your password has been succesfully generated.Your password is:</font> $password[0] <font color='green'>Change it as fast as you can!</font><br>";
}
}
}
function clear_pk()
{
global $pkmoney;
$character = secure($_POST['character']);
$account = secure($_POST['login']);
$password = secure($_POST['password']);
check_inject();
$query = mssql_query("Select money,PkTime from Character where Name='$character'");
$row = mssql_fetch_row($query);
$moneypk = $pkmoney * $row[1];
$newmoney = $row[0]-$moneypk;
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$queryonline = mssql_query("Select * from MEMB_STAT where memb___id='$account' and connectstat='1'");
$onlinecheck = mssql_num_rows($queryonline);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$password'");
$passwordcheck = mssql_num_rows($querypassword);
$querychar = mssql_query("Select * from Character where Name='$character'");
$charcheck = mssql_num_rows($querychar);
if(empty($character) or empty($account) or empty($password)) { echo"<font color='red'>You cannot leave any fields blank!</font><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<font color='red'>Your Login does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($passwordcheck <= 0) { echo"<font color='red'>Your Password does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($charcheck <= 0) { echo"<font color='red'>Your Character does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
else
{
if($newmoney < 0) { echo"<font color='red'>Character $character dones not have enough money to PkClear!</font><br>"; $error=1;}
if($row[1] == 0) { echo"<font color='red'>Character $character have not got any kills to clear!</font><br>"; $error=1;}
if($onlinecheck >= 1) { echo"<font color='red'>Account $account is online!Please LogOff First!</font><br>"; $error=1;}
if($error != 1)
{
echo"<font color='green'>Character $character has been succesfully Cleared.</font><br>";
$a = mssql_query("Update Character Set Money='$newmoney',PkLevel='3',PkTime='0' where name='$character'");
}
}
}
function reset_character()
{
global $resetmoney;
global $resettype;
global $resetpoints;
global $resetclearinv;
global $resetclearskill;
global $maxresets;
global $resetlevel;
$character = secure($_POST['character']);
$account = secure($_POST['login']);
$password = secure($_POST['password']);
check_inject();
$query = mssql_query("Select clevel,resets,money,leveluppoint from Character where Name='$character'");
$row = mssql_fetch_row($query);
$newmoney = $row[2]-$resetmoney;
$newresets = $row[1] + 1;
if($row[1] >= 1) { $newpoints = $row[1] * $resetpoints; }
$newleveluppoints = $row[3] + $resetpoints;
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$queryonline = mssql_query("Select * from MEMB_STAT where memb___id='$account' and connectstat='1'");
$onlinecheck = mssql_num_rows($queryonline);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$password'");
$passwordcheck = mssql_num_rows($querypassword);
$querychar = mssql_query("Select * from Character where Name='$character'");
$charcheck = mssql_num_rows($querychar);
if(empty($character) or empty($account) or empty($password)) { echo"<font color='red'>You cannot leave any fields blank!</font><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<font color='red'>Your Login does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($passwordcheck <= 0) { echo"<font color='red'>Your Password does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($charcheck <= 0) { echo"<font color='red'>Your Character does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
else
{
if($newmoney < 0) { echo"<font color='red'>Character $character dones not have enough money to reset!</font><br>"; $error=1;}
if($row[0] < $resetlevel) { echo"<font color='red'>Character $character must be $resetlevel in order to reset!</font><br>"; $error=1;}
if($newresets > $maxresets) { echo"<font color='red'>Character $character is maximum resets!</font><br>"; $error=1;}
if($onlinecheck >= 1) { echo"<font color='red'>Account $account is online!Please LogOff First!</font><br>"; $error=1;}
if($error != 1)
{
echo"<font color='green'>Character $character has been succesfully restarted.</font><br>";
if($resettype == keep)
{
$a = mssql_query("Update Character Set Money='$newmoney',clevel='1',Experience='0',Resets='$newresets' where name='$character'");
}
elseif($resettype == bonus)
{
$a = mssql_query("Update Character Set Money='$newmoney',clevel='1',Experience='0',Resets='$newresets',LevelUpPoint='$newpoints' where name='$character'");
}
elseif($resettype == reset)
{
$a = mssql_query("Update Character Set Strength='25',Dexterity='25',Vitality='25',Energy='25',LeaderShip='25',Money='$newmoney',clevel='1',Experience='0',Resets='$newresets',LevelUpPoint='$newpoints' where name='$character'");
}
if($resetclearinv == yes) { $b = mssql_query("UPDATE Character set Inventory=CONVERT(varbinary(1080), null) WHERE Name='$character'"); }
if($resetclearskill == yes) { $c = mssql_query("Update Character set magiclist= CONVERT(varbinary(60), null) WHERE Name='$character'"); }
}
}
}
function vote()
{
global $votecredits;
global $votelink;
global $votehours;
$account = secure($_POST['login']);
check_inject();
$time = 60 * 60 * $votehours;
$timenow = time();
$time2 = $timenow - $time;
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$queryvote = mssql_query("Select * from votereward where time>'$time2' and memb___id='$account'");
$votecheck = mssql_num_rows($queryvote);
if(empty($account)) { echo"<font color='red'>You cannot leave any fields blank!</font><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<font color='red'>Your Login does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($votecheck >= 1) { echo"<font color='red'>You can vote once on every $votehours hours!</font><br>"; $error=1; }
if($error != 1) {
$a = mssql_query("INSERT INTO votereward (memb___id, time ) VALUES('$account','$timenow')");
$b = mssql_query("Update MEMB_CREDITS set credits = credits+$votecredits WHERE memb___id='$account'");
echo"<font color='green'>You have succsesfully voted!</font>";
echo"<meta http-equiv=\"refresh\" content=\"0;url=$votelink\" />";
}
}
function level_reset() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$login = secure($_SESSION['user']);
$char = secure($_POST['chars']);
$character = secure($_POST['character']);
$account = secure($_POST['login']);
$password = secure($_POST['password']);
global $resetmoney;
global $resettype;
global $resetpoints;
global $resetclearinv;
global $resetclearskill;
global $resetlimit;
global $resetlevel;
global $resetmoneytype;
$username_check = mssql_query("SELECT memb___id FROM MEMB_INFO WHERE memb___id='$account'");
$username_checked = mssql_num_rows($username_check);
$name_check = mssql_query("SELECT Name FROM Character WHERE Name='$character' and AccountID ='$account'");
$name_checked = mssql_num_rows($name_check);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$account'");
$online_checked = mssql_fetch_array($online_check);
$result = mssql_query("SELECT * FROM Character WHERE Name='$char'");
$row = mssql_fetch_array($result);
$inv = substr(bin2hex($row['Inventory']),0,240);
$newinv = str_pad('',240,'f');
if($resetmoneytype == 0) { $resetmoney = $resetmoney * ($row['Resets']+1); }
elseif($resetmoneytype == 1) { $resetmoney = $resetmoney; }
$money = $row['Money'] - $resetmoney;
$resetup = $row['Resets'] + (1);
if (empty($char)) { echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Please Select Character!</td></tr></table><br />"; $error=1; }
elseif ($online_checked['ConnectStat'] != 0){ echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
elseif ($money < 0) { echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#5b9f91'>$char </font> need <font color='#5b9f91'>$resetmoney</font> zen to reset!</td></tr></table><br />"; $error=1; }
elseif ($row['cLevel'] < $resetlevel){ echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#5b9f91'>$char</font> need level <font color='#5b9f91'>$resetlevel</font> to reset!</td></tr></table><br />"; $error=1; }
elseif ($row['Resets'] >= $resetlimit) { echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>You have reach maximum resets! Cannot reset this hero!</td></tr></table><br />"; $error=1; }
elseif($resetclearinv == 1){
if($inv != $newinv) { echo "<table class='tmem' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Your inventory is not empty! Please remove all items!</td></tr></table><br />"; $error=1; }
}
if ($error !=1) {
if($resettype == 0){
$update = "UPDATE Character SET [cLevel]='1',[Experience]='0',[Money]='$money',[Resets]='$resetup' WHERE Name='$char'"; }
elseif($resettype == resetstats){
$update = "Update Character Set [Strength]='25',[Dexterity]='25',[Vitality]='25',[Energy]='25',[Money]='$money',[clevel]='1',[Experience]='0',[Resets]='$resetup',[LevelUpPoint]='$resetpoints' where name='$char'"; }
elseif($resettype == 1){
$bonus = $resetpoints * ($row['Resets']+(1));
$update = "UPDATE Character SET [Strength]='25',[Dexterity]='25',[Vitality]='25',[Energy]='25',[cLevel]='1',[Experience]='0',[LevelUpPoint]='$bonus',[Money]='$money',[Resets]='$resetup' WHERE Name='$char'"; }
elseif($resettype == 2){
$bonus = $resetpoints * ($row['Resets']+(1));
$update = "UPDATE Character SET [cLevel]='1',[Experience]='0',[LevelUpPoint]='$bonus',[Money]='$money',[Resets]='$resetup' WHERE Name='$char'"; }
$result_res = mssql_query($update);
if($resetclearinv == 1) { $clean_inv = "UPDATE Character set [Inventory]=CONVERT(varbinary(1080), null) WHERE Name='$char'"; }
if($resetclearskill == 1) { $clean_skill = "UPDATE Character set [Inventory]=CONVERT(varbinary(1080), null) WHERE Name='$char'"; }
$result_inv = mssql_query($clean_inv);
$result_skill = mssql_query($clean_skill);
echo "<table class='ranktable' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#5b9f91'>$char</font> successfully reseted!</td></tr></table><br />";
}
}
}
function select_char()
{
$username = secure($_SESSION['user']);
$character = secure($_POST['character']);
include("inc/invinfo.php");
include("inc/charcont.php");
$querychar = mssql_query("Select * from Character where Name='$character'");
$charcheck = mssql_num_rows($querychar);
if(empty($character)) { echo"<tr><td align='center' class='modules'><b>Error:</b> Please select Character !</td></tr>"; $error=1; }
elseif($charcheck <= 0) { echo"<font color='red'>Your Character does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
if($error != 1)
{
echo equipt("'$character'");
echo"<center>";
echo xweb_get_warehouse_contents($character);
echo"</center>";
}}
function stats() {
$char = secure($_POST['chars']);
$add = mssql_query("SELECT LevelUpPoint,Strength,Dexterity,Vitality,Energy,Leadership FROM character WHERE Name='$char'");
$stats = mssql_fetch_array($add);
$select_class = mssql_query("SELECT Class FROM Character WHERE Name='$char'");
$class = mssql_fetch_array($select_class);
if($class['0'] !== 64) { $darklord = "No"; }
if($class['0'] !== 65) { $darklord = "No"; }
else{ $darklord = "Yes"; }
?>
<script type="text/javascript">
<?
echo 'var str = '.$stats[Strength].';';
echo 'var vit = '.$stats[Vitality].';';
echo 'var agi = '.$stats[Dexterity].';';
echo 'var ene = '.$stats[Energy].';';
echo 'var cmd = '.$stats[Leadership].';';
echo 'var lup = '.$stats[LevelUpPoint].';';
echo 'var max = 32767;';
?>
function strch() {
temp = document.getElementById('newstr').value;
temp = temp*-1;
oval = str-temp;
oval = escape(oval);
if (oval>max) {
oval="<font color=darkred>Beyond!</font>";
}
document.getElementById('str').innerHTML = " [" + oval + "]";
}
function agich() {
temp = document.getElementById('newagi').value;
temp = temp*-1;
oval = agi-temp;
oval = escape(oval);
if (oval>max) {
oval="<font color=darkred>Beyond!</font>";
}
document.getElementById('agi').innerHTML = " [" + oval + "]";
}
function vitch() {
temp = document.getElementById('newvit').value;
temp = temp*-1;
oval = vit-temp;
oval = escape(oval);
if (oval>max) {
oval="<font color=darkred>Beyond!</font>";
}
document.getElementById('vit').innerHTML = " [" + oval + "]";
}
function enech() {
temp = document.getElementById('newene').value;
temp = temp*-1;
oval = ene-temp;
oval = escape(oval);
if (oval>max) {
oval="<font color=darkred>Beyond!</font>";
}
document.getElementById('ene').innerHTML = " [" + oval + "]";
}
function cmdch() {
temp = document.getElementById('newcmd').value;
temp = temp*-1;
oval = cmd-temp;
oval = escape(oval);
if (oval>max) {
oval="<font color=darkred>Beyond!</font>";
}
document.getElementById('cmd').innerHTML = " [" + oval + "]";
}
function lvlupchange() {
newpoints = lup;
newpoints = newpoints - document.getElementById('newstr').value
newpoints = newpoints - document.getElementById('newagi').value;
newpoints = newpoints - document.getElementById('newvit').value;
newpoints = newpoints - document.getElementById('newene').value;
newpoints = newpoints - document.getElementById('newcmd').value;
nepoints = escape(newpoints);
if(newpoints>0) {
output='<font color=#000000><b>'+newpoints+' remaining</b></font>';
}
if(newpoints==0) {
output='<font color=#343434>0</font>';
}
if(newpoints<0) {
output='<font color=darkred>'+newpoints+'</font>';
document.getElementById('stats').disabled=true;
} else {
document.getElementById('stats').disabled=false;
}
document.getElementById('lvlup').innerHTML = "[" + output + "]";
}
</script>
<?
if($darklord == Yes){
echo "<form method='post' action=''>
<table class='ranktable' width='350' border='0' cellspacing='0' cellpadding='0' align='center'>
<thead>
<tr>
<td colspan='2'>::<font color='#5b9f91'> $char </font>Add Stats Menu ::</td></tr>
<td>Level Up Points<font color='#5b9f91'> $stats[LevelUpPoint] </font><td><span id='lvlup' name='lvlup'></span>
<input type='hidden' name='character' id='character' value='$char' maxlength='10' readonly></td>
</td>
</tr>
</thead>
<tbody>
</tbody>
<tr class='even'><td>Strength $stats[Strength]</td>
<td width='100' align='right'><span id='str'></span>
<input onBlur='strch();lvlupchange();' class='input' name='newstr' type='text' id='newstr' size='10' maxlength='6'></td></tr>
<tr><td>Agility $stats[Dexterity]</td><td align='right'><span id='agi'></span>
<input onBlur='agich();lvlupchange();' class='input' name='newagi' type='text' id='newagi' size='10' maxlength='6'></td></tr>
<tr class='even'><td>Vitality $stats[Vitality]</td><td align='right'><span id='vit'></span>
<input onBlur='vitch();lvlupchange();' class='input' name='newvit' type='text' id='newvit' size='10' maxlength='6'></td></tr>
<tr><td>Energy $stats[Energy]</td><td align='right'><span id='ene'></span>
<input onBlur='enech();lvlupchange();' class='input' name='newene' type='text' id='newene' size='10' maxlength='6'></td></tr>
<tr><td>Command $stats[Leadership]</td><td align='right'><span id='ene'></span>
<input onBlur='cmdch();lvlupchange();' class='input' name='newcmd' type='text' id='newcmd' size='10' maxlength='6'></td></tr>
<tr><td colspan='2'> </td></tr>
<tr class='even'><td colspan='2' align='center'><input class='button' type='submit' name='addstats_dl' id='addstats_dl' value='Add Stats'> <input class='button' type='reset' name='reset' id='reset' value='Reset'></td></tr>
</table></form><br />";
}
elseif($darklord == No){
echo "<form method='post' action=''>
<table class='ranktable' width='350' border='2' bordercolor='black' cellspacing='1' cellpadding='2' align='center'>
<thead>
<tr>
<td colspan='2'>:: <font color='#5b9f91'>$char</font> Add Stats Menu ::</td></tr>
<td>Level Up Points<font color='#5b9f91'> $stats[LevelUpPoint] </font><td><span id='lvlup' name='lvlup'></span>
<input type='hidden' name='character' id='character' value='$char' maxlength='10' readonly></td>
</td>
</tr>
</thead>
<tbody>
</tbody>
<tr class='even'><td>Strength:<font color='#ff6600'> $stats[Strength]</td>
<td width='100' align='right'><span id='str'></span>
<input onBlur='strch();lvlupchange();' class='input' name='newstr' type='text' id='newstr' size='10' maxlength='6'></td></tr>
<tr><td>Agility<font color='#ff6600'> $stats[Dexterity]</td><td align='right'><span id='agi'></span>
<input onBlur='agich();lvlupchange();' class='input' name='newagi' type='text' id='newagi' size='10' maxlength='6'></td></tr>
<tr class='even'><td>Vitality<font color='#ff6600'> $stats[Vitality]</td><td align='right'><span id='vit'></span>
<input onBlur='vitch();lvlupchange();' class='input' name='newvit' type='text' id='newvit' size='10' maxlength='6'></td></tr>
<tr><td>Energy<font color='#ff6600'> $stats[Energy]</td><td align='right'><span id='ene'></span>
<input onBlur='enech();lvlupchange();' class='input' name='newene' type='text' id='newene' size='10' maxlength='6'></td></tr>
<tr class='even'><td colspan='2'> </td></tr>
<tr><td colspan='2' align='center'><input class='button' type='submit' name='addstats' id='addstats' value='Add Stats'> <input class='button' type='reset' name='reset' id='reset' value='Reset'></td></tr>
</table></form><br />";
}
}
function add_stats() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$name = secure($_POST['character']);
$login = secure($_SESSION['user']);
$strength = secure($_POST['newstr']);
$dexterity = secure($_POST['newagi']);
$vitality = secure($_POST['newvit']);
$energy = secure($_POST['newene']);
$username_check = mssql_query("SELECT memb___id FROM MEMB_INFO WHERE memb___id='$login'");
$username_checked = mssql_num_rows($username_check);
$name_check = mssql_query("SELECT Name FROM Character WHERE Name='$name' and AccountID='$login'");
$name_checked = mssql_num_rows($name_check);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$login'");
$online_checked = mssql_fetch_array($online_check);
$query = mssql_query("SELECT * FROM Character WHERE Name='$name'");
$row = mssql_fetch_array($query);
$queryes = mssql_query("SELECT LevelUpPoint FROM Character WHERE Name='$name'");
$points = mssql_fetch_array($queryes);
$new_vit = $row['Vitality'] + $vitality;
$new_str = $row['Strength'] + $strength;
$new_eng = $row['Energy'] + $energy;
$new_agi = $row['Dexterity'] + $dexterity;
$row['LevelUpPoint'] = $row['LevelUpPoint'] - $vitality - $strength - $energy - $dexterity;
if (empty($login) || empty($name)) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Some field are empty</td></tr></table><br />"; $error=1; }
elseif ($username_check <= 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account <font color='#ff6600'>$login</font> doesnt exist!</td></tr></table><br />"; $error=1; }
elseif ($online_checked['ConnectStat'] != 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
elseif ($name_check <= 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Character <font color='#ff6600'>$name</font> does not exist!</td></tr></table><br />"; $error=1; }
elseif ($vitality<0 OR $strength<0 OR $energy<0 OR $dexterity<0) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>You can`t put a - point(s)!</td></tr></table><br />"; $error=1; }
elseif ($new_vit>32767 OR $new_str>32767 OR $new_eng>32767 OR $new_agi>32767){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Maximum stats is 32767 you can't add more!</td></tr></table><br />"; $error=1; }
elseif ($row['LevelUpPoint'] < 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#ff6600'>$name</font> dont have enough points (currently: <font color='#ff6600'>$points[LevelUpPoint]</font>)!</td></tr></table><br />"; }
elseif($error !=1) {
$msquery = "UPDATE Character SET [Strength]='$new_str',[Dexterity]='$new_agi',[Vitality]='$new_vit',[Energy]='$new_eng',[LevelUpPoint]='$row[LevelUpPoint]' WHERE Name='$name'";
$msresults= mssql_query($msquery);
echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Stats successfully added!<br>Points left to add: <font color='#ff6600'>$row[LevelUpPoint]</font></td></tr></table><br />"; }
}
}
function add_stats_dl() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$name = secure($_POST['character']);
$login = secure($_SESSION['user']);
$strength = secure($_POST['newstr']);
$dexterity = secure($_POST['newagi']);
$vitality = secure($_POST['newvit']);
$energy = secure($_POST['newene']);
$Command = secure($_POST['newcom']);
$username_check = mssql_query("SELECT memb___id FROM MEMB_INFO WHERE memb___id='$login'");
$username_checked = mssql_num_rows($username_check);
$name_check = mssql_query("SELECT Name FROM Character WHERE Name='$name' and AccountID='$login'");
$name_checked = mssql_num_rows($name_check);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$login'");
$online_checked = mssql_fetch_array($online_check);
$query = mssql_query("SELECT * FROM Character WHERE Name='$name'");
$row = mssql_fetch_array($query);
$queryes = mssql_query("SELECT LevelUpPoint FROM Character WHERE Name='$name'");
$points = mssql_fetch_array($queryes);
$new_vit = $row['Vitality'] + $vitality;
$new_str = $row['Strength'] + $strength;
$new_eng = $row['Energy'] + $energy;
$new_agi = $row['Dexterity'] + $dexterity;
$new_cmd = $row['Leadership'] + $Command;
$row['LevelUpPoint'] = $row['LevelUpPoint'] - $vitality - $strength - $energy - $dexterity - $Command;
if (empty($login) || empty($name)) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Some field are empty</td></tr></table><br />"; $error=1; }
elseif ($username_check <= 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account <font color='#75484F'>$login</font> doesnt exist!</td></tr></table><br />"; $error=1; }
elseif ($online_checked['ConnectStat'] != 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
elseif ($name_check <= 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Character <font color='#75484F'>$name</font> does not exist!</td></tr></table><br />"; $error=1; }
elseif ($vitality<0 OR $strength<0 OR $energy<0 OR $dexterity<0) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>You can`t put a - point(s)!</td></tr></table><br />"; $error=1; }
elseif ($new_vit>65535 OR $new_str>65535 OR $new_eng>65535 OR $new_agi>65535 OR $new_cmd>65535){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Maximum stats is 65535 you can't add more!</td></tr></table><br />"; $error=1; }
elseif ($row['LevelUpPoint'] < 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#75484F'>$name</font> dont have enough points (currently: <font color='#75484F'>$points[LevelUpPoint]</font>)!</td></tr></table><br />"; }
elseif($error !=1) {
$msquery = "UPDATE Character SET [Strength]='$new_str',[Dexterity]='$new_agi',[Vitality]='$new_vit',[Energy]='$new_eng',[Leadership]='$new_cmd',[LevelUpPoint]='$row[LevelUpPoint]' WHERE Name='$name'";
$msresults= mssql_query($msquery);
echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Stats successfully added!<br>Points left to add: <font color='#75484F'>$row[LevelUpPoint]</font></td></tr></table><br />"; }
}
}
function vault_clear() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$login = secure($_SESSION['user']);
$account = secure($_POST['account']);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$account'");
$online_checked = mssql_fetch_array($online_check);
if (empty($account)) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Please Select Your Account!</td></tr></table><br />"; $error=1; }
if ($online_checked['ConnectStat'] != 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
if($error !=1) {
$clear_vault = "UPDATE warehouse SET [items]=CONVERT(varbinary(2400), null) WHERE AccountID='$account'";
$vault_results= mssql_query($clear_vault);
echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Vault to <font color='#75484F'>$account</font> has been successfully cleared!</td></tr></table><br />";
}
}
}
function inventory_clear() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$login = secure($_SESSION['user']);
$char = secure($_POST['chars']);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$login'");
$online_checked = mssql_fetch_array($online_check);
if (empty($char)) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Please Select Character!</td></tr></table><br />"; $error=1; }
if ($online_checked['ConnectStat'] != 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
if($error !=1) {
$clear_inventory = "UPDATE Character SET [inventory]=CONVERT(varbinary(1560), null) WHERE Name='$char'";
$inventory_results= mssql_query($clear_inventory);
echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Inventory to <font color='#75484F'>$char</font> has been successfully cleared!</td></tr></table><br />";
}
}
}
function pk_clear() {
if ((isset($_SESSION['pass'])) && (isset($_SESSION['user']))); {
$login = secure($_SESSION['user']);
$char = secure($_POST['chars']);
global $row;
global $pkmoney;
$query = mssql_query("SELECT * FROM character WHERE name ='$char'");
$row = mssql_fetch_array($query);
$online_check = mssql_query("SELECT * FROM MEMB_STAT WHERE memb___id='$login'");
$online_checked = mssql_fetch_array($online_check);
if ($row['pktype'] == 0) { $recmoney = $row['pkmoney']; }
elseif ($row['pktype'] == 1) { $recmoney = $row['PkCount'] * $row['pkmoney']; }
$money = $row['Money'] - $recmoney;
if (empty($char)) { echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Please Select Character!</td></tr></table><br />"; $error=1; }
elseif ($online_checked['ConnectStat'] != 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'>Account is online, must be logged off!</td></tr></table><br />"; $error=1; }
elseif ($money < 0){ echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#75484F'>$char</font> need <font color='#75484F'>$recmoney</font> zen to be cleared!</td></tr></table><br />"; $error=1; }
if($error !=1) {
$clear_pk = "UPDATE Character SET [PkLevel]='3',[PkTime]='0',[Money]='$money' WHERE Name='$char'";
$pk_results= mssql_query($clear_pk);
echo "<table class='sort-table' width='350' border='0' cellpadding='0' cellspacing='0' align='center'><tr><td class='left'><font color='#75484F'>$char</font> has been successfully cleared!</td></tr></table><br />";
}
}
}
function grand_reset()
{
$account = secure($_POST['login']);
$password = secure($_POST['password']);
check_inject();
$queryaccount = mssql_query("Select * from MEMB_INFO where memb___id='$account'");
$accountcheck = mssql_num_rows($queryaccount);
$queryonline = mssql_query("Select * from MEMB_STAT where memb___id='$account' and connectstat='1'");
$onlinecheck = mssql_num_rows($queryonline);
$querypassword = mssql_query("Select * from MEMB_INFO where memb___id='$account' and memb__pwd='$password'");
$passwordcheck = mssql_num_rows($querypassword);
if(empty($account) or empty($password)) { echo"<font color='red'>You cannot leave any fields blank!</font><br>"; $error=1; }
elseif($accountcheck <= 0) { echo"<font color='red'>Your Login does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($passwordcheck <= 0) { echo"<font color='red'>Your Password does not exist in our database. Please go back and try again!</font><br>"; $error=1; }
elseif($onlinecheck >= 1) { echo"<font color='red'>Account $account is online!Please LogOff First!</font><br>"; $error=1;}
if($error != 1) {
$_SESSION['user'] = $account;
dogrand_reset();
}
}
?>