islehorse
/
HorseIsleWeb
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add files via upload

This commit is contained in:
Bluzume 2021-10-28 17:20:53 +13:00 committed by GitHub
parent c632c19c34
commit fb0a78cf76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 1808 additions and 1799 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
game-site/404.php
View File

@ -1,7 +1,7 @@
<?php header("HTTP/1.1 404 Not Found"); ?><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo(htmlspecialchars($_SERVER['REQUEST_URI'])); ?> was not found on this server.</p>
<?php header("HTTP/1.1 404 Not Found"); ?><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo(htmlspecialchars($_SERVER['REQUEST_URI'])); ?> was not found on this server.</p>
</body></html>

854
game-site/account.php
View File

@ -1,427 +1,427 @@
<?php
session_start();
include("web/common.php");
include("web/crosserver.php");
include("config.php");
if(isset($_POST["USER"], $_POST["PASS"]))
{
$username = $_POST["USER"];
$password = $_POST["PASS"];
if(!user_exists($username))
goto auth_failed;
$id = get_userid($username);
if(check_password($id, $password))
{
$_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = $username;
$_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id);
}
else
{
auth_failed:
include("web/header.php");
echo('<TABLE CELLPADDING=10 WIDTH=100%><TR><TD><HR><B>Username or Password is not valid. Please try again. <BR>Note: Upon too many attempts the account will be temporarily blocked from your IP.</B><BR><BR>If you have not logged on yet, make sure you have clicked the activation link in the email that was sent to you.<BR><BR>click <A HREF=/web/forgotpass.php>HERE</A> to Have your password emailed to you.<HR></TD></TR></TABLE>');
include('web/footer.php');
exit();
}
}
if(!is_logged_in() && isset($_GET["SLID"], $_GET["C"]))
{
$id = (int)$_GET['SLID'];
$code = $_GET['C'];
$hmac = GenHmacMessage((string)$id, "CrossSiteLogin");
$hmacSent = bin2hex(base64_url_decode($code));
if(hash_equals($hmacSent,$hmac))
{
$_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = get_username($id);
$_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id);
}
else
{
$_SESSION['LOGGED_IN'] = "NO";
$login_error = "Error in Automatic Login Authentication!";
}
}
if(!is_logged_in())
{
include("web/header.php");
echo("
<B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE>");
$_SESSION['LOGGED_IN'] = "NO";
include("web/footer.php");
exit();
}
// Get account data
$newUser = !getUserExistInExt($dbname, $_SESSION['PLAYER_ID']);
if(!$newUser){
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
$bankMoney = getUserBankMoney($dbname, $_SESSION['PLAYER_ID']);
$loginDate = getUserLoginDate($dbname, $_SESSION['PLAYER_ID']);
$questPoints = getUserQuestPoints($dbname, $_SESSION['PLAYER_ID']);
$totalLogins = getUserTotalLogins($dbname, $_SESSION['PLAYER_ID']);
$subbed = getUserSubbed($dbname, $_SESSION['PLAYER_ID']);
$subTime = getUserSubTimeRemaining($dbname, $_SESSION['PLAYER_ID']);
$playtime = getUserPlaytime($dbname, $_SESSION['PLAYER_ID']);
}
else
{
$money = 0;
$bankMoney = 0;
$loginDate = time();
$questPoints = 0;
$totalLogins = 0;
$subbed = false;
$subTime = 0;
$playtime = 0;
}
if($all_users_subbed)
$subbed = true;
$hasIntl = function_exists('numfmt_create');
if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
include("web/header.php");
?>
<script language="javascript1.3">
<!--
function ajax(url,target) {
// native XMLHttpRequest object
//document.getElementById(target).innerHTML = 'sending...';
if (window.XMLHttpRequest) {
req = new XMLHttpRequest();
req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true);
req.send(null);
// IE/Windows ActiveX version
} else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) {
req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true);
req.send();
}
}
}
function ajaxDone(target) {
// only if req is "loaded"
if (req.readyState == 4) {
// only if "OK"
if (req.status == 200) {
results = req.responseText;
document.getElementById(target).innerHTML = results;
} else {
document.getElementById(target).innerHTML="ajax error:\n" +
req.statusText;
}
}
}
function loadplayers() {
<?php echo("ajax('web/playersonline.php?id=".htmlspecialchars($_SESSION['PLAYER_ID'], ENT_QUOTES)."','PLAYERS');"); ?>
window.setTimeout("loadplayers()", 30000); //reload player list every millisecs
}
window.setTimeout("loadplayers()", 10); ///load player list first time quick
window.setTimeout("loadplayers()", 3000); ///load player list first time quick
-->
</script>
<script>
<!--
function wopen(url, name, w, h)
{
// Fudge factors for window decoration space.
// In my tests these work well on all platforms & browsers.
w+=20;//w += 32;
h+=60;//h += 96;
var win = window.open(url,
name,
'width=' + w + ', height=' + h + ', ' +
'location=no, menubar=no, ' +
'status=no, toolbar=no, scrollbars=no, resizable=no');
win.resizeTo(w, h);
win.focus();
}
// -->
</script>
<TABLE WIDTH=100% CELLPADDING=5><TR><TD VALIGN=TOP><TABLE BORDER=0 CELLPADDING=5><TR><TD VALIGN=top><CENTER>When Ready, <a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 790, 522); return false;">Enter the World<BR><BR><IMG BORDER=0 SRC=/web/screenshots/enterhorseisle.png></A><BR><BR>(<a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 846, 542); return false;">bigger borders version</A>)<BR>(<A HREF=horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>>same window version</A>)</TD><TD VALIGN=top>Welcome back <B><?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?></B>, Here is your account info and Horse Isle server status: (<A HREF=?>refresh</A>)<BR><BR><?php
$moneyStr = "";
if($hasIntl)
$moneyStr .= numfmt_format($fmt, $money);
else
$moneyStr .= $money;
$bankmoneyStr = "";
if($hasIntl)
$bankmoneyStr .= numfmt_format($fmt, $bankMoney);
else
$bankmoneyStr .= $bankMoney;
$totalLoginsStr = "";
if($hasIntl)
$totalLoginsStr .= numfmt_format($fmt, $totalLogins);
else
$totalLoginsStr .= $bankMoney;
$lastOn = 0.00;
$current_time = time();
$difference = $current_time - $loginDate;
$lastOn = $difference/3600;
if($newUser){
echo('<BR>You have a new account and have not yet logged in!<BR>');
}
else{
echo('It has been: '.number_format((float)$lastOn, 2, '.', '').' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>');
}
echo('You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>');
if(!$subbed)
{
echo('You have <B>'.(string)$playtime.'</B> minutes of playtime available. As a non-subscriber you get 1 additional minute every 8 minutes. <I>(subject to change based on load)</I> (<A HREF=/web/whylimited.php>why limited?</A>) <BR>');
}
?></TD></TR></TABLE><BR><HR>
<CENTER><TABLE WIDTH=500><TR><TD class=forumlist>
<FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><?php
if($subbed)
{
echo('<FONT COLOR=GREEN>ACTIVE</FONT>');
$current_time = time();
$difference = $subTime - $current_time;
$daysRemain = floor($difference/86400);
$daysStr = (string)$daysRemain;
if($all_users_subbed)
$daysStr = "";
echo('</FONT><BR>('.$daysStr.' days remain in your subscription)</FONT> ');
}
else
{
echo("NOT SUBSCRIBED</FONT><BR>(You have not yet subscribed)</FONT> ");
}
?>(<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>)
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD><B>BUY 1 Month Membership <FONT COLOR=GREEN>$5.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 31 days membership time to the account that you are currently logged in with.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="One Month Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="5.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR>
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<TD><B>BUY Full Year Membership <FONT COLOR=GREEN>$40.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 366 days membership time to the account you are logged in with. saves $20.00 off monthly subscription) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Full Year Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="40.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
<!--
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<TD><B>BUY 100k Horse Isle Currency <FONT COLOR=GREEN>$1.00</FONT>usd</B> <I><FONT SIZE=-1>(each one you buy gives your account $10,000 Horse Isle currency for use in the game.) Non-refundable.</FONT></I></TD><TD>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on pinto.horseisle.com">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://pinto.horseisle.com/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://pinto.horseisle.com/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD><TR>-->
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<form action="<?php echo($pp_uri); ?>" method="post">
<TD><B>BUY $100,000 Horse Isle Currency per <FONT COLOR=GREEN>$1.00</FONT>usd</B><BR>
Select: <SELECT NAME=quantity>
<!-<OPTION VALUE=1>$10,000 Horse Isle for $1.00 USD->
<OPTION VALUE=2>$200,000 Horse Isle for $2.00 USD
<OPTION VALUE=3>$300,000 Horse Isle for $3.00 USD
<OPTION VALUE=4>$400,000 Horse Isle for $4.00 USD
<OPTION VALUE=5>$550,000 Horse Isle for $5.00 USD (10% bonus)
<OPTION SELECTED VALUE=10>$1,100,000 Horse Isle for $10.00 USD (10% bonus)
<OPTION VALUE=20>$2,300,000 Horse Isle for $20.00 USD (15% bonus)
<OPTION VALUE=50>$5,750,000 Horse Isle for $50.00 USD (15% bonus)
<OPTION VALUE=100>$12,000,000 Horse Isle for $100.00 USD (20% bonus)
<OPTION VALUE=250>$31,250,000 Horse Isle for $250.00 USD (25% bonus)
</SELECT><BR>
<I><FONT SIZE=-1>(Gives your account Horse Isle currency for use in the game. You can earn Horse Isle money by playing the game. This is not required.) Non-refundable.</FONT></I></TD><TD>
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD>
<B>BUY Pawneer Order <FONT COLOR=GREEN>$8.00</FONT>usd</B> <I><FONT SIZE=-1>(allows you to order a custom breed/color/gender horse on server from Pawneer. This is not required, you can trade other players to get the breed you desire also.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="8.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD>
<B>BUY 5 Pawneer Orders <FONT COLOR=GREEN>$30.00</FONT>usd</B> <I><FONT SIZE=-1>(save $10.00 - allows you to order 5 custom horses from Pawneer) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Five Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="30.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR>
<TR><TD BGCOLOR=WHITE><CENTER>If you happen to have any:<B> <A HREF=/web/spendhorsebucks.php>Redeem Horse Bucks</A></TD></TR>
<TR><TD class=forumlist>
<BR>Alternative Payment Methods: <A HREF=/web/checks.php>Check/Cash via postal mail</A>
<BR><BR>Gift Payments: <A HREF=<?php echo($master_site); ?>/web/giftmembership.php>Pay for a different player</A>
<BR><BR></TD></TR>
</TD></TR></TABLE></CENTER>
<HR>
</TD><TD VALIGN=top><DIV ID="PLAYERS"><BR></DIV></TD></TR></TABLE><?php include("web/footer.php"); ?>
<?php
session_start();
include("web/common.php");
include("web/crosserver.php");
include("config.php");
if(isset($_POST["USER"], $_POST["PASS"]))
{
$username = $_POST["USER"];
$password = $_POST["PASS"];
if(!user_exists($username))
goto auth_failed;
$id = get_userid($username);
if(check_password($id, $password))
{
$_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = $username;
$_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id);
}
else
{
auth_failed:
include("web/header.php");
echo('<TABLE CELLPADDING=10 WIDTH=100%><TR><TD><HR><B>Username or Password is not valid. Please try again. <BR>Note: Upon too many attempts the account will be temporarily blocked from your IP.</B><BR><BR>If you have not logged on yet, make sure you have clicked the activation link in the email that was sent to you.<BR><BR>click <A HREF=/web/forgotpass.php>HERE</A> to Have your password emailed to you.<HR></TD></TR></TABLE>');
include('web/footer.php');
exit();
}
}
if(!is_logged_in() && isset($_GET["SLID"], $_GET["C"]))
{
$id = (int)$_GET['SLID'];
$code = $_GET['C'];
$hmac = GenHmacMessage((string)$id, "CrossSiteLogin");
$hmacSent = bin2hex(base64_url_decode($code));
if(hash_equals($hmacSent,$hmac) && userid_exists($dbname, $id))
{
$_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = get_username($id);
$_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id);
}
else
{
$_SESSION['LOGGED_IN'] = "NO";
$login_error = "Error in Automatic Login Authentication!";
}
}
if(!is_logged_in())
{
include("web/header.php");
echo("
<B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE>");
$_SESSION['LOGGED_IN'] = "NO";
include("web/footer.php");
exit();
}
// Get account data
$newUser = !getUserExistInExt($dbname, $_SESSION['PLAYER_ID']);
if(!$newUser){
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
$bankMoney = getUserBankMoney($dbname, $_SESSION['PLAYER_ID']);
$loginDate = getUserLoginDate($dbname, $_SESSION['PLAYER_ID']);
$questPoints = getUserQuestPoints($dbname, $_SESSION['PLAYER_ID']);
$totalLogins = getUserTotalLogins($dbname, $_SESSION['PLAYER_ID']);
$subbed = getUserSubbed($dbname, $_SESSION['PLAYER_ID']);
$subTime = getUserSubTimeRemaining($dbname, $_SESSION['PLAYER_ID']);
$playtime = getUserPlaytime($dbname, $_SESSION['PLAYER_ID']);
}
else
{
$money = 0;
$bankMoney = 0;
$loginDate = time();
$questPoints = 0;
$totalLogins = 0;
$subbed = false;
$subTime = 0;
$playtime = 0;
}
if($all_users_subbed)
$subbed = true;
$hasIntl = function_exists('numfmt_create');
if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
include("web/header.php");
?>
<script language="javascript1.3">
<!--
function ajax(url,target) {
// native XMLHttpRequest object
//document.getElementById(target).innerHTML = 'sending...';
if (window.XMLHttpRequest) {
req = new XMLHttpRequest();
req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true);
req.send(null);
// IE/Windows ActiveX version
} else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) {
req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true);
req.send();
}
}
}
function ajaxDone(target) {
// only if req is "loaded"
if (req.readyState == 4) {
// only if "OK"
if (req.status == 200) {
results = req.responseText;
document.getElementById(target).innerHTML = results;
} else {
document.getElementById(target).innerHTML="ajax error:\n" +
req.statusText;
}
}
}
function loadplayers() {
<?php echo("ajax('web/playersonline.php?id=".htmlspecialchars($_SESSION['PLAYER_ID'], ENT_QUOTES)."','PLAYERS');"); ?>
window.setTimeout("loadplayers()", 30000); //reload player list every millisecs
}
window.setTimeout("loadplayers()", 10); ///load player list first time quick
window.setTimeout("loadplayers()", 3000); ///load player list first time quick
-->
</script>
<script>
<!--
function wopen(url, name, w, h)
{
// Fudge factors for window decoration space.
// In my tests these work well on all platforms & browsers.
w+=20;//w += 32;
h+=60;//h += 96;
var win = window.open(url,
name,
'width=' + w + ', height=' + h + ', ' +
'location=no, menubar=no, ' +
'status=no, toolbar=no, scrollbars=no, resizable=no');
win.resizeTo(w, h);
win.focus();
}
// -->
</script>
<TABLE WIDTH=100% CELLPADDING=5><TR><TD VALIGN=TOP><TABLE BORDER=0 CELLPADDING=5><TR><TD VALIGN=top><CENTER>When Ready, <a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 790, 522); return false;">Enter the World<BR><BR><IMG BORDER=0 SRC=/web/screenshots/enterhorseisle.png></A><BR><BR>(<a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 846, 542); return false;">bigger borders version</A>)<BR>(<A HREF=horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>>same window version</A>)</TD><TD VALIGN=top>Welcome back <B><?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?></B>, Here is your account info and Horse Isle server status: (<A HREF=?>refresh</A>)<BR><BR><?php
$moneyStr = "";
if($hasIntl)
$moneyStr .= numfmt_format($fmt, $money);
else
$moneyStr .= $money;
$bankmoneyStr = "";
if($hasIntl)
$bankmoneyStr .= numfmt_format($fmt, $bankMoney);
else
$bankmoneyStr .= $bankMoney;
$totalLoginsStr = "";
if($hasIntl)
$totalLoginsStr .= numfmt_format($fmt, $totalLogins);
else
$totalLoginsStr .= $bankMoney;
$lastOn = 0.00;
$current_time = time();
$difference = $current_time - $loginDate;
$lastOn = $difference/3600;
if($newUser){
echo('<BR>You have a new account and have not yet logged in!<BR>');
}
else{
echo('It has been: '.number_format((float)$lastOn, 2, '.', '').' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>');
}
echo('You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>');
if(!$subbed)
{
echo('You have <B>'.(string)$playtime.'</B> minutes of playtime available. As a non-subscriber you get 1 additional minute every 8 minutes. <I>(subject to change based on load)</I> (<A HREF=/web/whylimited.php>why limited?</A>) <BR>');
}
?></TD></TR></TABLE><BR><HR>
<CENTER><TABLE WIDTH=500><TR><TD class=forumlist>
<FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><?php
if($subbed)
{
echo('<FONT COLOR=GREEN>ACTIVE</FONT>');
$current_time = time();
$difference = $subTime - $current_time;
$daysRemain = floor($difference/86400);
$daysStr = (string)$daysRemain;
if($all_users_subbed)
$daysStr = "";
echo('</FONT><BR>('.$daysStr.' days remain in your subscription)</FONT> ');
}
else
{
echo("NOT SUBSCRIBED</FONT><BR>(You have not yet subscribed)</FONT> ");
}
?>(<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>)
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD><B>BUY 1 Month Membership <FONT COLOR=GREEN>$5.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 31 days membership time to the account that you are currently logged in with.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="One Month Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="5.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR>
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<TD><B>BUY Full Year Membership <FONT COLOR=GREEN>$40.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 366 days membership time to the account you are logged in with. saves $20.00 off monthly subscription) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Full Year Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="40.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
<!--
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<TD><B>BUY 100k Horse Isle Currency <FONT COLOR=GREEN>$1.00</FONT>usd</B> <I><FONT SIZE=-1>(each one you buy gives your account $10,000 Horse Isle currency for use in the game.) Non-refundable.</FONT></I></TD><TD>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on pinto.horseisle.com">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://pinto.horseisle.com/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://pinto.horseisle.com/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD><TR>-->
<TR><TD class=forumlist>
<TABLE WIDTH=100%><TR>
<form action="<?php echo($pp_uri); ?>" method="post">
<TD><B>BUY $100,000 Horse Isle Currency per <FONT COLOR=GREEN>$1.00</FONT>usd</B><BR>
Select: <SELECT NAME=quantity>
<!-<OPTION VALUE=1>$10,000 Horse Isle for $1.00 USD->
<OPTION VALUE=2>$200,000 Horse Isle for $2.00 USD
<OPTION VALUE=3>$300,000 Horse Isle for $3.00 USD
<OPTION VALUE=4>$400,000 Horse Isle for $4.00 USD
<OPTION VALUE=5>$550,000 Horse Isle for $5.00 USD (10% bonus)
<OPTION SELECTED VALUE=10>$1,100,000 Horse Isle for $10.00 USD (10% bonus)
<OPTION VALUE=20>$2,300,000 Horse Isle for $20.00 USD (15% bonus)
<OPTION VALUE=50>$5,750,000 Horse Isle for $50.00 USD (15% bonus)
<OPTION VALUE=100>$12,000,000 Horse Isle for $100.00 USD (20% bonus)
<OPTION VALUE=250>$31,250,000 Horse Isle for $250.00 USD (25% bonus)
</SELECT><BR>
<I><FONT SIZE=-1>(Gives your account Horse Isle currency for use in the game. You can earn Horse Isle money by playing the game. This is not required.) Non-refundable.</FONT></I></TD><TD>
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD>
<B>BUY Pawneer Order <FONT COLOR=GREEN>$8.00</FONT>usd</B> <I><FONT SIZE=-1>(allows you to order a custom breed/color/gender horse on server from Pawneer. This is not required, you can trade other players to get the breed you desire also.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="8.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%>
<TR><TD>
<B>BUY 5 Pawneer Orders <FONT COLOR=GREEN>$30.00</FONT>usd</B> <I><FONT SIZE=-1>(save $10.00 - allows you to order 5 custom horses from Pawneer) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Five Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="30.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</TD></TR></TABLE>
</TD></TR>
<TR><TD BGCOLOR=WHITE><CENTER>If you happen to have any:<B> <A HREF=/web/spendhorsebucks.php>Redeem Horse Bucks</A></TD></TR>
<TR><TD class=forumlist>
<BR>Alternative Payment Methods: <A HREF=/web/checks.php>Check/Cash via postal mail</A>
<BR><BR>Gift Payments: <A HREF=<?php echo($master_site); ?>/web/giftmembership.php>Pay for a different player</A>
<BR><BR></TD></TR>
</TD></TR></TABLE></CENTER>
<HR>
</TD><TD VALIGN=top><DIV ID="PLAYERS"><BR></DIV></TD></TR></TABLE><?php include("web/footer.php"); ?>

420
game-site/horseisle.php
View File

@ -1,210 +1,210 @@
<?php
include("config.php");
?>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>HORSEISLE - Secret Land of Horses</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<script language="javascript"><!--
// Intercept Browser X and give user choice (on firefox)
//window.onbeforeunload= function (evt) { return false; }
var ConfirmClose = true;
window.onbeforeunload = confirmExit;
function confirmExit()
{
if (ConfirmClose)
return "[ Please use QUIT GAME button to exit Horse Isle ]";
}
function allowExit()
{
ConfirmClose = false;
}
/// Every half second, put focus on Flash window.
//function getfocus(){
// horseisle.focus();
// mytimer = setTimeout('getfocus()', 500);
//}
//-->
</script>
<script language="JavaScript" type="text/javascript">
<!--
// -----------------------------------------------------------------------------
// Globals
// Major version of Flash required
var requiredMajorVersion = 8;
// Minor version of Flash required
var requiredMinorVersion = 0;
// Revision of Flash required
var requiredRevision = 0;
// the version of javascript supported
var jsVersion = 1.0;
// -----------------------------------------------------------------------------
// -->
</script>
<script language="VBScript" type="text/vbscript">
<!-- // Visual basic helper required to detect Flash Player ActiveX control version information
Function VBGetSwfVer(i)
on error resume next
Dim swControl, swVersion
swVersion = 0
set swControl = CreateObject("ShockwaveFlash.ShockwaveFlash." + CStr(i))
if (IsObject(swControl)) then
swVersion = swControl.GetVariable("$version")
end if
VBGetSwfVer = swVersion
End Function
// -->
</script>
<script language="JavaScript1.1" type="text/javascript">
<!-- // Detect Client Browser type
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
jsVersion = 1.1;
// JavaScript helper required to detect Flash Player PlugIn version information
function JSGetSwfVer(i){
// NS/Opera version >= 3 check for Flash plugin in plugin array
if (navigator.plugins != null && navigator.plugins.length > 0) {
if (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]) {
var swVer2 = navigator.plugins["Shockwave Flash 2.0"] ? " 2.0" : "";
var flashDescription = navigator.plugins["Shockwave Flash" + swVer2].description;
descArray = flashDescription.split(" ");
tempArrayMajor = descArray[2].split(".");
versionMajor = tempArrayMajor[0];
versionMinor = tempArrayMajor[1];
if ( descArray[3] != "" ) {
tempArrayMinor = descArray[3].split("r");
} else {
tempArrayMinor = descArray[4].split("r");
}
versionRevision = tempArrayMinor[1] > 0 ? tempArrayMinor[1] : 0;
flashVer = versionMajor + "." + versionMinor + "." + versionRevision;
} else {
flashVer = -1;
}
}
// MSN/WebTV 2.6 supports Flash 4
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.6") != -1) flashVer = 4;
// WebTV 2.5 supports Flash 3
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.5") != -1) flashVer = 3;
// older WebTV supports Flash 2
else if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1) flashVer = 2;
// Can't detect in all other cases
else {
flashVer = -1;
}
return flashVer;
}
// If called with no parameters this function returns a floating point value
// which should be the version of the Flash Player or 0.0
// ex: Flash Player 7r14 returns 7.14
// If called with reqMajorVer, reqMinorVer, reqRevision returns true if that version or greater is available
function DetectFlashVer(reqMajorVer, reqMinorVer, reqRevision)
{
reqVer = parseFloat(reqMajorVer + "." + reqRevision);
// loop backwards through the versions until we find the newest version
for (i=25;i>0;i--) {
if (isIE && isWin && !isOpera) {
versionStr = VBGetSwfVer(i);
} else {
versionStr = JSGetSwfVer(i);
}
if (versionStr == -1 ) {
return false;
} else if (versionStr != 0) {
if(isIE && isWin && !isOpera) {
tempArray = versionStr.split(" ");
tempString = tempArray[1];
versionArray = tempString .split(",");
} else {
versionArray = versionStr.split(".");
}
versionMajor = versionArray[0];
versionMinor = versionArray[1];
versionRevision = versionArray[2];
versionString = versionMajor + "." + versionRevision; // 7.0r24 == 7.24
versionNum = parseFloat(versionString);
// is the major.revision >= requested major.revision AND the minor version >= requested minor
if ( (versionMajor > reqMajorVer) && (versionNum >= reqVer) ) {
return true;
} else {
return ((versionNum >= reqVer && versionMinor >= reqMinorVer) ? true : false );
}
}
}
return (reqVer ? false : 0.0);
}
// -->
</script>
</head>
<body bgcolor="#A797A7" MARGINWIDTH=0 MARGINHEIGHT=0 LEFTMARGIN=0 TOPMARGIN=0 onLoad="">
<!--url's used in the movie-->
<!--text used in the movie-->
<CENTER>
<!--
<p align="center"></p>
<p align="left"></p>
<p align="left"><font face="Arial" size="9" color="#000000" letterSpacing="0.000000" kerning="1"><b>FPS</b></font></p>
<p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>CONNECTION TO SERVER LOST:</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b> Either your Internet connection is down, or the <sbr />server is restarting or possibly down. &nbsp;</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>Please try again shortly.</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000066" letterSpacing="0.000000" kerning="1"><a href="http://hi1.horseisle.com/" target = "_self"><b>HI1.HORSEISLE.COM</b></a></font></p>
-->
<script language="JavaScript" type="text/javascript">
<!--
<?php
$user = "";
if(isset($_GET['USER'])) { $user = $_GET['USER']; };
echo("var hasRightVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);
if(hasRightVersion) { // if we've detected an acceptable version
var oeTags = '<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"'
+ 'width=\"790\" height=\"500\" id=\"horseisle\" name=\"horseisle\"'
+ 'codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">'
+ '<param name=\"movie\" value=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" /><param name=\"loop\" value=\"false\" /><param name=\"menu\" value=\"false\" /><param name=\"quality\" value=\"high\" /><param name=\"scale\" value=\"noscale\" /><param name=\"salign\" value=\"t\" /><param name=\"bgcolor\" value=\"#ffffff\" />'
+ '<embed src=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" loop=\"false\" menu=\"false\" quality=\"high\" scale=\"noscale\" salign=\"t\" bgcolor=\"#ffffff\" '
+ 'width=\"790\" height=\"500\" name=\"horseisle\" align=\"top\"'
+ 'play=\"true\"'
+ 'loop=\"false\"'
+ 'quality=\"high\"'
+ 'allowScriptAccess=\"sameDomain\"'
+ 'type=\"application/x-shockwave-flash\"'
+ 'pluginspage=\"http://www.macromedia.com/go/getflashplayer\">'
+ '<\/embed>'
+ '<\/object>';");
?>
document.write(oeTags); // embed the flash movie
} else { // flash is too old or we can't detect the plugin
var alternateContent = 'Alternate HTML content should be placed here.'
+ 'This content requires the Macromedia Flash Player.'
+ '<a href=http://www.macromedia.com/go/getflash/>Get Flash</a>';
document.write(alternateContent); // insert non-flash content
}
// -->
</script>
<noscript><CENTER>
It appears you do not have the required Flash Player Software.<BR>
<B>Horse Isle requires the Adobe Flash Player 9+.</B><BR>
It is a free and easy download - <a href="http://www.macromedia.com/go/getflash/">Get Flash</a><BR>
</noscript>
</body>
</html>
<?php
include("config.php");
?>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>HORSEISLE - Secret Land of Horses</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<script language="javascript"><!--
// Intercept Browser X and give user choice (on firefox)
//window.onbeforeunload= function (evt) { return false; }
var ConfirmClose = true;
window.onbeforeunload = confirmExit;
function confirmExit()
{
if (ConfirmClose)
return "[ Please use QUIT GAME button to exit Horse Isle ]";
}
function allowExit()
{
ConfirmClose = false;
}
/// Every half second, put focus on Flash window.
//function getfocus(){
// horseisle.focus();
// mytimer = setTimeout('getfocus()', 500);
//}
//-->
</script>
<script language="JavaScript" type="text/javascript">
<!--
// -----------------------------------------------------------------------------
// Globals
// Major version of Flash required
var requiredMajorVersion = 8;
// Minor version of Flash required
var requiredMinorVersion = 0;
// Revision of Flash required
var requiredRevision = 0;
// the version of javascript supported
var jsVersion = 1.0;
// -----------------------------------------------------------------------------
// -->
</script>
<script language="VBScript" type="text/vbscript">
<!-- // Visual basic helper required to detect Flash Player ActiveX control version information
Function VBGetSwfVer(i)
on error resume next
Dim swControl, swVersion
swVersion = 0
set swControl = CreateObject("ShockwaveFlash.ShockwaveFlash." + CStr(i))
if (IsObject(swControl)) then
swVersion = swControl.GetVariable("$version")
end if
VBGetSwfVer = swVersion
End Function
// -->
</script>
<script language="JavaScript1.1" type="text/javascript">
<!-- // Detect Client Browser type
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
jsVersion = 1.1;
// JavaScript helper required to detect Flash Player PlugIn version information
function JSGetSwfVer(i){
// NS/Opera version >= 3 check for Flash plugin in plugin array
if (navigator.plugins != null && navigator.plugins.length > 0) {
if (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]) {
var swVer2 = navigator.plugins["Shockwave Flash 2.0"] ? " 2.0" : "";
var flashDescription = navigator.plugins["Shockwave Flash" + swVer2].description;
descArray = flashDescription.split(" ");
tempArrayMajor = descArray[2].split(".");
versionMajor = tempArrayMajor[0];
versionMinor = tempArrayMajor[1];
if ( descArray[3] != "" ) {
tempArrayMinor = descArray[3].split("r");
} else {
tempArrayMinor = descArray[4].split("r");
}
versionRevision = tempArrayMinor[1] > 0 ? tempArrayMinor[1] : 0;
flashVer = versionMajor + "." + versionMinor + "." + versionRevision;
} else {
flashVer = -1;
}
}
// MSN/WebTV 2.6 supports Flash 4
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.6") != -1) flashVer = 4;
// WebTV 2.5 supports Flash 3
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.5") != -1) flashVer = 3;
// older WebTV supports Flash 2
else if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1) flashVer = 2;
// Can't detect in all other cases
else {
flashVer = -1;
}
return flashVer;
}
// If called with no parameters this function returns a floating point value
// which should be the version of the Flash Player or 0.0
// ex: Flash Player 7r14 returns 7.14
// If called with reqMajorVer, reqMinorVer, reqRevision returns true if that version or greater is available
function DetectFlashVer(reqMajorVer, reqMinorVer, reqRevision)
{
reqVer = parseFloat(reqMajorVer + "." + reqRevision);
// loop backwards through the versions until we find the newest version
for (i=25;i>0;i--) {
if (isIE && isWin && !isOpera) {
versionStr = VBGetSwfVer(i);
} else {
versionStr = JSGetSwfVer(i);
}
if (versionStr == -1 ) {
return false;
} else if (versionStr != 0) {
if(isIE && isWin && !isOpera) {
tempArray = versionStr.split(" ");
tempString = tempArray[1];
versionArray = tempString .split(",");
} else {
versionArray = versionStr.split(".");
}
versionMajor = versionArray[0];
versionMinor = versionArray[1];
versionRevision = versionArray[2];
versionString = versionMajor + "." + versionRevision; // 7.0r24 == 7.24
versionNum = parseFloat(versionString);
// is the major.revision >= requested major.revision AND the minor version >= requested minor
if ( (versionMajor > reqMajorVer) && (versionNum >= reqVer) ) {
return true;
} else {
return ((versionNum >= reqVer && versionMinor >= reqMinorVer) ? true : false );
}
}
}
return (reqVer ? false : 0.0);
}
// -->
</script>
</head>
<body bgcolor="#A797A7" MARGINWIDTH=0 MARGINHEIGHT=0 LEFTMARGIN=0 TOPMARGIN=0 onLoad="">
<!--url's used in the movie-->
<!--text used in the movie-->
<CENTER>
<!--
<p align="center"></p>
<p align="left"></p>
<p align="left"><font face="Arial" size="9" color="#000000" letterSpacing="0.000000" kerning="1"><b>FPS</b></font></p>
<p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>CONNECTION TO SERVER LOST:</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b> Either your Internet connection is down, or the <sbr />server is restarting or possibly down. &nbsp;</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>Please try again shortly.</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000066" letterSpacing="0.000000" kerning="1"><a href="http://hi1.horseisle.com/" target = "_self"><b>HI1.HORSEISLE.COM</b></a></font></p>
-->
<script language="JavaScript" type="text/javascript">
<!--
<?php
$user = "";
if(isset($_GET['USER'])) { $user = $_GET['USER']; };
echo("var hasRightVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);
if(hasRightVersion) { // if we've detected an acceptable version
var oeTags = '<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"'
+ 'width=\"790\" height=\"500\" id=\"horseisle\" name=\"horseisle\"'
+ 'codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">'
+ '<param name=\"movie\" value=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" /><param name=\"loop\" value=\"false\" /><param name=\"menu\" value=\"false\" /><param name=\"quality\" value=\"high\" /><param name=\"scale\" value=\"noscale\" /><param name=\"salign\" value=\"t\" /><param name=\"bgcolor\" value=\"#ffffff\" />'
+ '<embed src=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" loop=\"false\" menu=\"false\" quality=\"high\" scale=\"noscale\" salign=\"t\" bgcolor=\"#ffffff\" '
+ 'width=\"790\" height=\"500\" name=\"horseisle\" align=\"top\"'
+ 'play=\"true\"'
+ 'loop=\"false\"'
+ 'quality=\"high\"'
+ 'allowScriptAccess=\"sameDomain\"'
+ 'type=\"application/x-shockwave-flash\"'
+ 'pluginspage=\"http://www.macromedia.com/go/getflashplayer\">'
+ '<\/embed>'
+ '<\/object>';");
?>
document.write(oeTags); // embed the flash movie
} else { // flash is too old or we can't detect the plugin
var alternateContent = 'Alternate HTML content should be placed here.'
+ 'This content requires the Macromedia Flash Player.'
+ '<a href=http://www.macromedia.com/go/getflash/>Get Flash</a>';
document.write(alternateContent); // insert non-flash content
}
// -->
</script>
<noscript><CENTER>
It appears you do not have the required Flash Player Software.<BR>
<B>Horse Isle requires the Adobe Flash Player 9+.</B><BR>
It is a free and easy download - <a href="http://www.macromedia.com/go/getflash/">Get Flash</a><BR>
</noscript>
</body>
</html>

52
game-site/index.php
View File

@ -1,27 +1,27 @@
<?php
session_start();
include("config.php");
// Handle logout
if(isset($_GET["LOGOUT"]))
{
if($_GET["LOGOUT"] == 1)
{
session_destroy();
}
}
include("web/header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR>
If you have an account on this server (<?php echo(strtoupper($_SERVER['HTTP_HOST']))?>) please login in at upper right.<BR>
Otherwise click for <A href=http:<?php echo($master_site); ?>>Main Horse Isle 1 Site</A>.
<BR><BR>
<?php
session_start();
include("config.php");
// Handle logout
if(isset($_GET["LOGOUT"]))
{
if($_GET["LOGOUT"] == 1)
{
session_destroy();
}
}
include("web/header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR>
If you have an account on this server (<?php echo(strtoupper($_SERVER['HTTP_HOST']))?>) please login in at upper right.<BR>
Otherwise click for <A href=http:<?php echo($master_site); ?>>Main Horse Isle 1 Site</A>.
<BR><BR>
<?php include("web/footer.php"); ?>

2
game-site/robots.txt
View File

@ -1 +1 @@
#empty file to avoid errors in error log
#empty file to avoid errors in error log

92
game-site/web/checks.php
View File

@ -1,47 +1,47 @@
<?php
session_start();
include("config.php");
include("crosserver.php");
include("header.php");
?>
<TABLE WIDTH=100% CELLPADDING=10><TR><TD>
<FONT COLOR=880000 SIZE=+1><B>Alternative Payment Methods</B></FONT><BR>
If you cannot use PayPal(recommended) you may send a payment via snail mail to our U.S. Post Office Box.<BR>
Currency MUST be in U.S. Dollars. [ USA Check / Money Order / USD Cash Accepted ]<BR>
(One exception, Canadian personal checks made out for slightly more than the current exchange rate in canadian funds can be accepted. No other countries personal checks can be accepted.)<BR>
Checks <B>must be written out to 'Horse Isle'</B>.<BR>
If your check "bounces" we will block the account until our fees have been reimbursed by you.<BR>
Cash is not recommended, but if you need to send it, be sure to wrap it in another piece of paper so that it cannot be seen through the envelope!<BR>
<B>(Do not send Cash without Parental Permission!)</B><BR>
<BR>
<B>Horse Isle Postal Mailing Address:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0>
Horse Isle<BR>
PO Box 3619<BR>
Duluth, MN 55803-2633<BR>
USA<BR>
</UL></FONT>
<B>Identify Your Payment:</B><BR>
Be sure to include a CLEAR note of what account this is for. Include your email address in case there are problems identifying the account.<BR>
<UL><FONT COLOR=440044 SIZE=+0>
Your USERNAME = <?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?><B></B><BR>
Your ACCOUNT ID = <?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?><B></B><BR>
Your SERVER = <B><?php echo($server_id); ?></B> (make sure this is the one you play on)<BR>
</UL></FONT>
<B>Finally, let us know what it is for:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0>
One Month Horse Isle Membership - $5 (or 2 for $10, etc.)<BR>
One Year Horse Isle Membership - $40 (or 2 for $80, etc.)<BR>
Horse Isle Game Money - $10,000 per $1 ($15 = $150,000 Horse Isle Money)<BR>
Pawneer Order - $8 (or 2 for $16, etc.)<BR>
Pawneer Order Pack(5) - $30 (or 2 for $60, etc.)<BR>
</UL></FONT>
Payments will be credited when received. Mail is handled at least twice per week, so between mail transit and pickup times, expect up to a week for the account to be credited. Payments lost in the mail are not our responsibility. Checks which cannot be identified to an account will not be cashed.<BR>
Remember PayPal Payments are instant and more secure! <BR>
Thanks!<BR>
<CENTER>[ <A HREF=/account.php>Return to Account Page</A> ]
</TD></TR></TABLE>
<?php
include("footer.php");
<?php
session_start();
include("config.php");
include("crosserver.php");
include("header.php");
?>
<TABLE WIDTH=100% CELLPADDING=10><TR><TD>
<FONT COLOR=880000 SIZE=+1><B>Alternative Payment Methods</B></FONT><BR>
If you cannot use PayPal(recommended) you may send a payment via snail mail to our U.S. Post Office Box.<BR>
Currency MUST be in U.S. Dollars. [ USA Check / Money Order / USD Cash Accepted ]<BR>
(One exception, Canadian personal checks made out for slightly more than the current exchange rate in canadian funds can be accepted. No other countries personal checks can be accepted.)<BR>
Checks <B>must be written out to 'Horse Isle'</B>.<BR>
If your check "bounces" we will block the account until our fees have been reimbursed by you.<BR>
Cash is not recommended, but if you need to send it, be sure to wrap it in another piece of paper so that it cannot be seen through the envelope!<BR>
<B>(Do not send Cash without Parental Permission!)</B><BR>
<BR>
<B>Horse Isle Postal Mailing Address:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0>
Horse Isle<BR>
PO Box 3619<BR>
Duluth, MN 55803-2633<BR>
USA<BR>
</UL></FONT>
<B>Identify Your Payment:</B><BR>
Be sure to include a CLEAR note of what account this is for. Include your email address in case there are problems identifying the account.<BR>
<UL><FONT COLOR=440044 SIZE=+0>
Your USERNAME = <?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?><B></B><BR>
Your ACCOUNT ID = <?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?><B></B><BR>
Your SERVER = <B><?php echo($server_id); ?></B> (make sure this is the one you play on)<BR>
</UL></FONT>
<B>Finally, let us know what it is for:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0>
One Month Horse Isle Membership - $5 (or 2 for $10, etc.)<BR>
One Year Horse Isle Membership - $40 (or 2 for $80, etc.)<BR>
Horse Isle Game Money - $10,000 per $1 ($15 = $150,000 Horse Isle Money)<BR>
Pawneer Order - $8 (or 2 for $16, etc.)<BR>
Pawneer Order Pack(5) - $30 (or 2 for $60, etc.)<BR>
</UL></FONT>
Payments will be credited when received. Mail is handled at least twice per week, so between mail transit and pickup times, expect up to a week for the account to be credited. Payments lost in the mail are not our responsibility. Checks which cannot be identified to an account will not be cashed.<BR>
Remember PayPal Payments are instant and more secure! <BR>
Thanks!<BR>
<CENTER>[ <A HREF=/account.php>Return to Account Page</A> ]
</TD></TR></TABLE>
<?php
include("footer.php");
?>

338
game-site/web/common.php
View File

@ -1,170 +1,170 @@
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
function base64_url_encode($input) {
return strtr(base64_encode($input), '+/=', '._-');
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '._-', '+/='));
}
function is_logged_in()
{
if(session_status() !== PHP_SESSION_ACTIVE)
return false;
if(isset($_SESSION["LOGGED_IN"]))
if($_SESSION["LOGGED_IN"] === "YES")
return true;
return false;
}
function user_exists(string $username)
{
include('config.php');
$usernameUppercase = strtoupper($username);
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function get_username(string $id)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Username FROM Users WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
$usetname = $result->fetch_row()[0];
return $usetname;
}
function get_userid(string $username)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$usernameUppercase = strtoupper($username);
$stmt = $connect->prepare("SELECT Id FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase);
$stmt->execute();
$result = $stmt->get_result();
$id = intval($result->fetch_row()[0]);
return $id;
}
function get_sex(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Gender FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_admin(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Admin FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_mod(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Moderator FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_password_hash(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_salt(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function check_password(int $userId, string $password)
{
$passhash = get_password_hash($userId);
$passsalt = hex2bin(get_salt($userId));
$acturalhash = hash_salt($password, $passsalt);
if($acturalhash === $passhash)
return true;
else
return false;
}
function populate_db()
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
}
function startsWith( $haystack, $needle ) {
$length = strlen( $needle );
return substr( $haystack, 0, $length ) === $needle;
}
function endsWith( $haystack, $needle ) {
$length = strlen( $needle );
if( !$length ) {
return true;
}
return substr( $haystack, -$length ) === $needle;
}
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
function base64_url_encode($input) {
return strtr(base64_encode($input), '+/=', '._-');
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '._-', '+/='));
}
function is_logged_in()
{
if(session_status() !== PHP_SESSION_ACTIVE)
return false;
if(isset($_SESSION["LOGGED_IN"]))
if($_SESSION["LOGGED_IN"] === "YES")
return true;
return false;
}
function user_exists(string $username)
{
include('config.php');
$usernameUppercase = strtoupper($username);
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function get_username(string $id)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Username FROM Users WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
$usetname = $result->fetch_row()[0];
return $usetname;
}
function get_userid(string $username)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$usernameUppercase = strtoupper($username);
$stmt = $connect->prepare("SELECT Id FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase);
$stmt->execute();
$result = $stmt->get_result();
$id = intval($result->fetch_row()[0]);
return $id;
}
function get_sex(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Gender FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_admin(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Admin FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_mod(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Moderator FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_password_hash(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function get_salt(int $userid)
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function check_password(int $userId, string $password)
{
$passhash = get_password_hash($userId);
$passsalt = hex2bin(get_salt($userId));
$acturalhash = hash_salt($password, $passsalt);
if($acturalhash === $passhash)
return true;
else
return false;
}
function populate_db()
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
}
function startsWith( $haystack, $needle ) {
$length = strlen( $needle );
return substr( $haystack, 0, $length ) === $needle;
}
function endsWith( $haystack, $needle ) {
$length = strlen( $needle );
if( !$length ) {
return true;
}
return substr( $haystack, -$length ) === $needle;
}
?>

4
game-site/web/config.php
View File

@ -1,3 +1,3 @@
<?php
include("../config.php");
<?php
include("../config.php");
?>

723
game-site/web/crosserver.php
View File

@ -1,357 +1,366 @@
<?php
function GenHmacMessage(string $data, string $channel)
{
include('config.php');
if($hmac_secret === "!!NOTSET!!"){
echo("<script>alert('Please set HMAC_SECRET !')</script>");
echo("<h1>Set \$hmac_secret in config.php!</h1>");
exit();
}
$hmac = hash_hmac('sha256', $data, $hmac_secret.$channel.$_SERVER['REMOTE_ADDR'].date('mdy'));
return $hmac;
}
function getPlayerList($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT * FROM OnlineUsers");
$users_on = [];
while ($row = $onlineUsers->fetch_row()) {
$arr = [ ['id' => $row[0], 'admin' => ($row[1] == 'YES'), 'mod' => ($row[2] == 'YES'), 'subbed' => ($row[3] == 'YES'), 'new' => ($row[4] == 'YES')] ];
$users_on = array_merge($users_on, $arr);
}
return $users_on;
}
function checkUserBuddy($database, $yourId, $friendsId)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM BuddyList WHERE (Id=? AND IdFriend=?) OR (Id=? AND IdFriend=?)");
$stmt->bind_param("iiii", $yourId, $friendsId, $friendsId, $yourId);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function getNoPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers");
return $onlineUsers->fetch_row()[0];
}
function getNoSubbedPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineSubscribers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Subscribed = 'YES'");
return $onlineSubscribers->fetch_row()[0];
}
function getUserMoney($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Money FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function setUserMoney($database, $id, $money)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?");
$stmt->bind_param("ii", $money, $id);
$stmt->execute();
}
function setUserSubbed($database, $id, $subbed)
{
$subedV = "";
if($subbed)
$subedV = "YES";
else
$subbedV = "NO";
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?");
$stmt->bind_param("si", $subedV, $id);
$stmt->execute();
}
function setUserSubbedUntil($database, $id, $subbedUntil)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?");
$stmt->bind_param("ii", $subbedUntil, $id);
$stmt->execute();
}
function getUserBankMoney($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT BankBalance FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserLoginDate($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT LastLogin FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserQuestPoints($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT QuestPoints FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserExistInExt($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(*) FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]) >= 1;
}
function getUserTotalLogins($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT TotalLogins FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserPlaytime($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT FreeMinutes FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserSubTimeRemaining($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT SubscribedUntil FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)");
$stmt->bind_param("iii", $playerId, $itemId, $itemCount);
$stmt->execute();
$result = $stmt->get_result();
}
function getUserSubbed($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Subscriber FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0] == "YES";
}
function isUserOnline($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function getNoModPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineModerators = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Moderator = 'YES' OR Admin='YES'");
return $onlineModerators->fetch_row()[0];
}
function getServerById(string $id)
{
include('servers.php');
for($i = 0; $i < count($server_list); $i++)
{
if($server_list[$i]['id'] == $id)
return $server_list[$i];
}
return null;
}
function userid_exists(string $database, string $userid)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function createAccountOnServer(string $database)
{
include('config.php');
$dbname = $database;
$id = intval($_SESSION['PLAYER_ID']);
$username = $_SESSION['USERNAME'];
$sex = $_SESSION['SEX'];
$admin = $_SESSION['ADMIN'];
$mod = $_SESSION['MOD'];
$passhash = $_SESSION['PASSWORD_HASH'];
$salt = $_SESSION['SALT'];
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("issssss", $id, $username, $passhash, $salt, $sex, $admin, $mod);
$stmt->execute();
}
# Global Functions
function getNoPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
function userExistAny($playerId)
{
include('servers.php');
for($i = 0; $i < count($server_list); $i++)
{
if(userid_exists($server_list[$i]['database'], $playerId)){
return true;
}
}
return false;
}
function getNoSubbedPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoSubbedPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
function getNoModPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoModPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
?>
<?php
function GenHmacMessage(string $data, string $channel)
{
include('config.php');
if($hmac_secret === "!!NOTSET!!"){
echo("<script>alert('Please set HMAC_SECRET !')</script>");
echo("<h1>Set \$hmac_secret in config.php!</h1>");
exit();
}
$secret = $hmac_secret.$channel.$_SERVER['REMOTE_ADDR'].date('mdy');
$hmac = hash_hmac('sha256', $data, $secret);
return $hmac;
}
function getPlayerList($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT * FROM OnlineUsers");
$users_on = [];
while ($row = $onlineUsers->fetch_row()) {
$arr = [ ['id' => $row[0], 'admin' => ($row[1] == 'YES'), 'mod' => ($row[2] == 'YES'), 'subbed' => ($row[3] == 'YES'), 'new' => ($row[4] == 'YES')] ];
$users_on = array_merge($users_on, $arr);
}
return $users_on;
}
function checkUserBuddy($database, $yourId, $friendsId)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM BuddyList WHERE (Id=? AND IdFriend=?) OR (Id=? AND IdFriend=?)");
$stmt->bind_param("iiii", $yourId, $friendsId, $friendsId, $yourId);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0];
}
function getNoPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers");
return $onlineUsers->fetch_row()[0];
}
function getNoSubbedPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineSubscribers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Subscribed = 'YES'");
return $onlineSubscribers->fetch_row()[0];
}
function getUserMoney($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Money FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function setUserMoney($database, $id, $money)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?");
$stmt->bind_param("ii", $money, $id);
$stmt->execute();
}
function setUserSubbed($database, $id, $subbed)
{
$subedV = "";
if($subbed)
$subedV = "YES";
else
$subbedV = "NO";
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?");
$stmt->bind_param("si", $subedV, $id);
$stmt->execute();
}
function setUserSubbedUntil($database, $id, $subbedUntil)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?");
$stmt->bind_param("ii", $subbedUntil, $id);
$stmt->execute();
}
function getUserBankMoney($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT BankBalance FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserLoginDate($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT LastLogin FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserQuestPoints($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT QuestPoints FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserExistInExt($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(*) FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]) >= 1;
}
function getUserTotalLogins($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT TotalLogins FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserPlaytime($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT FreeMinutes FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function getUserSubTimeRemaining($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT SubscribedUntil FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
}
function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)");
$stmt->bind_param("iii", $playerId, $itemId, $itemCount);
$stmt->execute();
$result = $stmt->get_result();
mysqli_close($connect);
}
function getUserSubbed($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Subscriber FROM UserExt WHERE Id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
$subbed = $result->fetch_row()[0] == "YES";
mysqli_close($connect);
return $subbed;
}
function isUserOnline($database, $id)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
mysqli_close($connect);
return $count>0;
}
function getNoModPlayersOnlineInServer($database)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineModerators = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Moderator = 'YES' OR Admin='YES'");
$num = $onlineModerators->fetch_row()[0];
mysqli_close($connect);
return $num;
}
function getServerById(string $id)
{
include('servers.php');
for($i = 0; $i < count($server_list); $i++)
{
if($server_list[$i]['id'] == $id)
return $server_list[$i];
}
return null;
}
function userid_exists(string $database, string $userid)
{
include('config.php');
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
mysqli_close($connect);
return $count>0;
}
function createAccountOnServer(string $database)
{
include('config.php');
$dbname = $database;
$id = intval($_SESSION['PLAYER_ID']);
$username = $_SESSION['USERNAME'];
$sex = $_SESSION['SEX'];
$admin = ($_SESSION['ADMIN'] ? "YES" : "NO");
$mod = ($_SESSION['MOD'] ? "YES" : "NO");
$passhash = $_SESSION['PASSWORD_HASH'];
$salt = $_SESSION['SALT'];
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("issssss", $id, $username, $passhash, $salt, $sex, $admin, $mod);
$stmt->execute();
mysqli_close($connect);
}
# Global Functions
function getNoPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
function userExistAny($playerId)
{
include('servers.php');
for($i = 0; $i < count($server_list); $i++)
{
if(userid_exists($server_list[$i]['database'], $playerId)){
return true;
}
}
return false;
}
function getNoSubbedPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoSubbedPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
function getNoModPlayersOnlineGlobal()
{
include('servers.php');
$playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoModPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
?>

54
game-site/web/footer.php
View File

@ -1,27 +1,27 @@
<?php
if(!isset($master_site))
include("config.php");
?>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http:<?php echo($master_site); ?>/web/rules.php>Rules</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http:<?php echo($master_site); ?>/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/contactus.php>Contact Us</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; <?php echo(date("Y")); ?> Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<?php
if(!isset($master_site))
include("config.php");
?>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http:<?php echo($master_site); ?>/web/rules.php>Rules</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http:<?php echo($master_site); ?>/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/contactus.php>Contact Us</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; <?php echo(date("Y")); ?> Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

258
game-site/web/header.php
View File

@ -1,130 +1,130 @@
<?php
if(!isset($master_site))
include('config.php');
if(session_status() !== PHP_SESSION_ACTIVE)
session_start();
if(!function_exists('is_logged_in'))
include('common.php');
$host = $_SERVER['HTTP_HOST'];
?>
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="<?php echo("//".$host); ?>/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "<?php echo("//".$host); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "<?php echo($master_site); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<?php if(isset($login_error)){echo($login_error);} ?>
<?php
if(is_logged_in())
{
$username = $_SESSION['USERNAME'];
echo('<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>'.strtoupper($_SERVER['HTTP_HOST']).'</A><BR>Logged in as: '.htmlspecialchars($username).'<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF='.$master_site.'/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF='.$master_site.'/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF='.$master_site.'/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF='.$master_site.'/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF='.$master_site.'/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>');
}
else
{
echo('<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF='.$master_site.'/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>');
}
?>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<?php
if(!isset($master_site))
include('config.php');
if(session_status() !== PHP_SESSION_ACTIVE)
session_start();
if(!function_exists('is_logged_in'))
include('common.php');
$host = $_SERVER['HTTP_HOST'];
?>
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="<?php echo("//".$host); ?>/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "<?php echo("//".$host); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "<?php echo($master_site); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<?php if(isset($login_error)){echo($login_error);} ?>
<?php
if(is_logged_in())
{
$username = $_SESSION['USERNAME'];
echo('<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>'.strtoupper($_SERVER['HTTP_HOST']).'</A><BR>Logged in as: '.htmlspecialchars($username).'<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF='.$master_site.'/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF='.$master_site.'/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF='.$master_site.'/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF='.$master_site.'/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF='.$master_site.'/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>');
}
else
{
echo('<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF='.$master_site.'/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>');
}
?>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>

40
game-site/web/paypalpayment.php
View File

@ -1,21 +1,21 @@
<?php
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD></CENTER>
<FONT FACE=arial>
<B>Thank you for your Horse Isle PayPal Payment!</B><BR>
<BR>
Your transaction has been completed, and a receipt for your purchase has been emailed to you from PayPal.<BR>
You may log into your account at <A HREF="http://www.paypal.com/us">http://www.paypal.com/us</A> to view details of this transaction.<BR>
<BR>
If you bought a membership or game money, it will be credited to your account usually within one minute.
Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited subscription time or game money. (click refresh on the page if it has not yet showed)<BR>
(<FONT COLOR=RED>NOTE: If you paid via paypal e-check it takes paypal 3-4 days to clear the check and notify us.</FONT>)<BR>
<BR>
<B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to
block chat, or limit time online for this account if you want to.<BR>
</TD></TR></TABLE>
<?php
include("footer.php");
<?php
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD></CENTER>
<FONT FACE=arial>
<B>Thank you for your Horse Isle PayPal Payment!</B><BR>
<BR>
Your transaction has been completed, and a receipt for your purchase has been emailed to you from PayPal.<BR>
You may log into your account at <A HREF="http://www.paypal.com/us">http://www.paypal.com/us</A> to view details of this transaction.<BR>
<BR>
If you bought a membership or game money, it will be credited to your account usually within one minute.
Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited subscription time or game money. (click refresh on the page if it has not yet showed)<BR>
(<FONT COLOR=RED>NOTE: If you paid via paypal e-check it takes paypal 3-4 days to clear the check and notify us.</FONT>)<BR>
<BR>
<B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to
block chat, or limit time online for this account if you want to.<BR>
</TD></TR></TABLE>
<?php
include("footer.php");
?>

62
game-site/web/playersonline.php
View File

@ -1,32 +1,32 @@
<?php
include("config.php");
include("crosserver.php");
include("common.php");
$id = -1;
if(isset($_GET['id'])){
$id = intval($_GET['id']);
}
$on = getPlayerList($dbname);
$numbOn = count($on);
$budsOn = 0;
?>
<B><?php echo($numbOn)?> players<BR>online now:</B><?php
for($i = 0; $i < $numbOn; $i++){
$name = get_username($on[$i]['id']);
$admin = $on[$i]['admin'];
$mod = $on[$i]['mod'];
$subbed = $on[$i]['subbed'];
$new = $on[$i]['new'];
$bud = checkUserBuddy($dbname, $id ,$on[$i]['id']);
echo("<BR>");
if($bud) { echo('<B><FONT COLOR=BLUE>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); $budsOn++; }
else if($admin) { echo('<B><FONT COLOR=RED>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else if($mod) { echo('<B><FONT COLOR=GREEN>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else { echo(htmlspecialchars($name)); }
if($new) { echo(' <FONT SIZE=-2 COLOR=660000>[new]</FONT>'); };
}
<?php
include("config.php");
include("crosserver.php");
include("common.php");
$id = -1;
if(isset($_GET['id'])){
$id = intval($_GET['id']);
}
$on = getPlayerList($dbname);
$numbOn = count($on);
$budsOn = 0;
?>
<B><?php echo($numbOn)?> players<BR>online now:</B><?php
for($i = 0; $i < $numbOn; $i++){
$name = get_username($on[$i]['id']);
$admin = $on[$i]['admin'];
$mod = $on[$i]['mod'];
$subbed = $on[$i]['subbed'];
$new = $on[$i]['new'];
$bud = checkUserBuddy($dbname, $id ,$on[$i]['id']);
echo("<BR>");
if($bud) { echo('<B><FONT COLOR=BLUE>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); $budsOn++; }
else if($admin) { echo('<B><FONT COLOR=RED>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else if($mod) { echo('<B><FONT COLOR=GREEN>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else { echo(htmlspecialchars($name)); }
if($new) { echo(' <FONT SIZE=-2 COLOR=660000>[new]</FONT>'); };
}
?><BR><I><FONT COLOR=BLUE>(<?php echo($budsOn); ?> buddies)</FONT></I><BR><FONT COLOR=222222 SIZE=-1><I>This list refreshes every 30 seconds.</I></FONT>

486
game-site/web/ppemu.php
View File

@ -1,244 +1,244 @@
<?php
session_start();
include("../config.php");
include("crosserver.php");
include("common.php");
if(!is_logged_in()){
include("header.php");
echo("Login First.");
include("footer.php");
exit();
}
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
if(isset($_GET["go"], $_GET["qnt"], $_GET["itm"], $_GET['to'], $_GET["ret"], $_GET['sign']))
{
$targetUser = $_GET['to'];
$subbed = getUserSubbed($dbname, $targetUser);
$subbedUntil = getUserSubTimeRemaining($dbname, $targetUser);
$moneyTarget = getUserMoney($dbname, $targetUser);
if(!$subbed)
$subbedUntil = time();
if($_GET["go"] == 1)
{
$msg = $_GET['itm'].$_GET["qnt"].$_GET["to"].$_GET["ret"].$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
$expectedSignature = GenHmacMessage($msg, "PPEMU");
$gotHmacSignature = $_GET['sign'];
if(!hash_equals($gotHmacSignature,$expectedSignature)){
include("header.php");
echo("Invalid Signature. Are you trying to scam people?");
include("footer.php");
exit();
}
$itm = $_GET["itm"];
if(strpos($itm, "One Month Horse Isle Membership") === 0){
$amount = 5; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname,$targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 2678400);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Full Year Horse Isle Membership") === 0){
$amount = 40; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname, $targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 31622400);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "100k Horse Isle Money") === 0){ // Why thou?
$amount = 1; // NO CHEATING!
$quantity = intval($_GET["qnt"]);
$cost = ($amount*$EXHANGE_RATE)*$quantity;
if($money >= $cost)
{
$amountGained = (100000 * $quantity);
if($quantity == 5)
$amountGained = 550000;
if($quantity == 10)
$amountGained = 1100000;
if($quantity == 10)
$amountGained = 1100000;
if($quantity == 20)
$amountGained = 2300000;
if($quantity == 50)
$amountGained = 5750000;
if($quantity == 100)
$amountGained = 12000000;
if($quantity == 250)
$amountGained = 31250000;
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
$money-=$cost;
setUserMoney($dbname, $targetUser, $moneyTarget+=$amountGained);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Pawneer Order") === 0){
$amount = 8; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 1);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Five Pawneer Order") === 0){
$amount = 30; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 5);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
exit();
}
}
$quantity = 1;
if(!isset($_POST['item_name'], $_POST['amount'], $_POST['item_number'], $_POST['custom'], $_POST['return']))
{
include("header.php");
echo("Some data was invalid");
include("footer.php");
exit();
}
if(isset($_POST['quantity']))
$quantity = intval($_POST['quantity']);
$hasIntl = function_exists('numfmt_create');
if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
$toUser = $_POST['custom'];
$toUsername = "";
if(!getUserExistInExt($dbname, $toUser))
{
include("header.php");
echo("Cannot buy for a user who does not exist on this server.");
include("footer.php");
exit();
}
else{
$toUsername = get_username($toUser);
}
include("header.php");
?>
<h1>HISP - PayPal Emulator</h1>
<b>Purchase Information:</b>
<table>
<tr>
<th>Item</th>
<th>Quantity</th>
<th>Item number</th>
<th>Price (USD)</th>
<th>Price (HorseIsle)</th>
</tr>
<tr>
<td><?php echo(htmlspecialchars($_POST['item_name'])) ?></td>
<td><?php echo(htmlspecialchars((string)$quantity)); ?></td>
<td><?php echo(htmlspecialchars($_POST['item_number'])) ?></td>
<td><?php
if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars($_POST['amount']*$quantity)));
else
$cost = $_POST['amount']*$quantity;
echo('$'.$cost);
?></td>
<td><?php
if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars((($_POST['amount']) * $EXHANGE_RATE)*$quantity)));
else
$cost = (($_POST['amount']) * $EXHANGE_RATE)*$quantity;
echo('$'.$cost);
?></td>
</tr>
</table>
<h3><b>NOTE: $1USD = $<?php echo($EXHANGE_RATE)?> HorseIsle Money! (you have $<?php echo($money) ?>)</b></h3><br><b>This purchase is for User: <?php echo(htmlspecialchars($toUser)." (".$toUsername.")"); ?></b></br>Do you want to purchase?</br><br><a href="?go=1&itm=<?php echo(urlencode(htmlspecialchars($_POST['item_name']))); ?>&qnt=<?php echo(urlencode(htmlspecialchars($quantity)));?>&to=<?php echo(urlencode(htmlspecialchars($_POST['custom']))); ?>&ret=<?php echo(urlencode(htmlspecialchars($_POST['return']))); ?>&sign=<?php
$msg = htmlspecialchars($_POST['item_name']).htmlspecialchars($quantity).htmlspecialchars($_POST['custom']).htmlspecialchars($_POST['return']).$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
echo(urlencode(GenHmacMessage($msg, "PPEMU")));
?>">Yes</a> | <a href="/account.php">No</a>
<?php
include("footer.php");
<?php
session_start();
include("../config.php");
include("crosserver.php");
include("common.php");
if(!is_logged_in()){
include("header.php");
echo("Login First.");
include("footer.php");
exit();
}
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
if(isset($_GET["go"], $_GET["qnt"], $_GET["itm"], $_GET['to'], $_GET["ret"], $_GET['sign']))
{
$targetUser = $_GET['to'];
$subbed = getUserSubbed($dbname, $targetUser);
$subbedUntil = getUserSubTimeRemaining($dbname, $targetUser);
$moneyTarget = getUserMoney($dbname, $targetUser);
if(!$subbed)
$subbedUntil = time();
if($_GET["go"] == 1)
{
$msg = $_GET['itm'].$_GET["qnt"].$_GET["to"].$_GET["ret"].$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
$expectedSignature = GenHmacMessage($msg, "PPEMU");
$gotHmacSignature = $_GET['sign'];
if(!hash_equals($gotHmacSignature,$expectedSignature)){
include("header.php");
echo("Invalid Signature. Are you trying to scam people?");
include("footer.php");
exit();
}
$itm = $_GET["itm"];
if(strpos($itm, "One Month Horse Isle Membership") === 0){
$amount = 5; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname,$targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 2678400);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Full Year Horse Isle Membership") === 0){
$amount = 40; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname, $targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 31622400);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "100k Horse Isle Money") === 0){ // Why thou?
$amount = 1; // NO CHEATING!
$quantity = intval($_GET["qnt"]);
$cost = ($amount*$EXHANGE_RATE)*$quantity;
if($money >= $cost)
{
$amountGained = (100000 * $quantity);
if($quantity == 5)
$amountGained = 550000;
if($quantity == 10)
$amountGained = 1100000;
if($quantity == 10)
$amountGained = 1100000;
if($quantity == 20)
$amountGained = 2300000;
if($quantity == 50)
$amountGained = 5750000;
if($quantity == 100)
$amountGained = 12000000;
if($quantity == 250)
$amountGained = 31250000;
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
$money-=$cost;
setUserMoney($dbname, $targetUser, $moneyTarget+=$amountGained);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Pawneer Order") === 0){
$amount = 8; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 1);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
else if(strpos($itm, "Five Pawneer Order") === 0){
$amount = 30; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE;
if($money >= $cost)
{
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 5);
header("Location: ".$_GET["ret"]);
}
else
{
include("header.php");
echo("Not enough money.");
include("footer.php");
exit();
}
}
exit();
}
}
$quantity = 1;
if(!isset($_POST['item_name'], $_POST['amount'], $_POST['item_number'], $_POST['custom'], $_POST['return']))
{
include("header.php");
echo("Some data was invalid");
include("footer.php");
exit();
}
if(isset($_POST['quantity']))
$quantity = intval($_POST['quantity']);
$hasIntl = function_exists('numfmt_create');
if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
$toUser = $_POST['custom'];
$toUsername = "";
if(!getUserExistInExt($dbname, $toUser))
{
include("header.php");
echo("Cannot buy for a user who does not exist on this server.");
include("footer.php");
exit();
}
else{
$toUsername = get_username($toUser);
}
include("header.php");
?>
<h1>HISP - PayPal Emulator</h1>
<b>Purchase Information:</b>
<table>
<tr>
<th>Item</th>
<th>Quantity</th>
<th>Item number</th>
<th>Price (USD)</th>
<th>Price (HorseIsle)</th>
</tr>
<tr>
<td><?php echo(htmlspecialchars($_POST['item_name'])) ?></td>
<td><?php echo(htmlspecialchars((string)$quantity)); ?></td>
<td><?php echo(htmlspecialchars($_POST['item_number'])) ?></td>
<td><?php
if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars($_POST['amount']*$quantity)));
else
$cost = $_POST['amount']*$quantity;
echo('$'.$cost);
?></td>
<td><?php
if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars((($_POST['amount']) * $EXHANGE_RATE)*$quantity)));
else
$cost = (($_POST['amount']) * $EXHANGE_RATE)*$quantity;
echo('$'.$cost);
?></td>
</tr>
</table>
<h3><b>NOTE: $1USD = $<?php echo($EXHANGE_RATE)?> HorseIsle Money! (you have $<?php echo($money) ?>)</b></h3><br><b>This purchase is for User: <?php echo(htmlspecialchars($toUser)." (".$toUsername.")"); ?></b></br>Do you want to purchase?</br><br><a href="?go=1&itm=<?php echo(urlencode(htmlspecialchars($_POST['item_name']))); ?>&qnt=<?php echo(urlencode(htmlspecialchars($quantity)));?>&to=<?php echo(urlencode(htmlspecialchars($_POST['custom']))); ?>&ret=<?php echo(urlencode(htmlspecialchars($_POST['return']))); ?>&sign=<?php
$msg = htmlspecialchars($_POST['item_name']).htmlspecialchars($quantity).htmlspecialchars($_POST['custom']).htmlspecialchars($_POST['return']).$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
echo(urlencode(GenHmacMessage($msg, "PPEMU")));
?>">Yes</a> | <a href="/account.php">No</a>
<?php
include("footer.php");
?>

148
game-site/web/reasonstosubscribe.php
View File

@ -1,75 +1,75 @@
<?php
session_start();
include("config.php");
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD>
<div style="TEXT-ALIGN:center">
<font size="4"><span style="COLOR:#990000; FONT-WEIGHT:bold"> Subscription Benefits</span></font><br/>
</div>
<br/>
<font size="2" style="FONT-WEIGHT:bold"><span style="FONT-WEIGHT:bold; COLOR:#990000"> #1:</span>
Support:</font><br/>
Support continued Horse Isle development employing many talented artists.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#2:</span><span style="FONT-WEIGHT:bold"> Access:</span><br/>
Unlimited play time.&nbsp; Also, priority access to the server if it is nearing
capacity.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#3:</span><span style="FONT-WEIGHT:bold"> Ranch ownership:</span><br/>
Once you can afford a ranch, it grants many optional benefits:<br/>
<ul>
<li>
&nbsp; Carry more items with sheds (up to 80 total)
</li>
<li>
&nbsp; Own more horses several for each barn on your ranch
</li>
<li>
&nbsp; Being able to sell horses while offline
</li>
<li>
&nbsp; Easier feeding/watering/training of horses with silo,well,training
pen
</li>
<li>
&nbsp; Free wagon transport with a wagon&nbsp;
</li>
<li>
&nbsp; Earn money while on/offline with windmills
</li>
</ul>
<br style="FONT-WEIGHT:bold; COLOR:#990000"/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#4:</span><span style="FONT-WEIGHT:bold"> Game Identification:</span><br/>
A Horse Isle Subscriber is identified in-game with a Star next to the player's name
in the player lists. A fancier star identifies longer term subscribers.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#5:</span><span style="FONT-WEIGHT:bold"> Train Horses Twice as often:</span><br/>
A Horse Isle Subscriber can train horses again in 1/2 the time.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#6:</span><span style="FONT-WEIGHT:bold">
Parental Controls:</span><br/>
The ability to set the number of hours a child can play per day, or even
disabling the ability to send and receive chat.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#7:</span><span style="FONT-WEIGHT:bold">
Double Global Chats:</span><br/>
Subscribers earn one global chat per minute rather than every other minute.<br/>
<BR>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#8:</span><span style="FONT-WEIGHT:bold">
Art Room Access:</span><br/>
Subscribers are allowed to draw in the group art rooms.<br/>
<BR>
<CENTER>[ <A HREF=/account.php>Return to Account Information</A> ]
</TD></TR></TABLE>
<?php
include("footer.php");
<?php
session_start();
include("config.php");
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD>
<div style="TEXT-ALIGN:center">
<font size="4"><span style="COLOR:#990000; FONT-WEIGHT:bold"> Subscription Benefits</span></font><br/>
</div>
<br/>
<font size="2" style="FONT-WEIGHT:bold"><span style="FONT-WEIGHT:bold; COLOR:#990000"> #1:</span>
Support:</font><br/>
Support continued Horse Isle development employing many talented artists.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#2:</span><span style="FONT-WEIGHT:bold"> Access:</span><br/>
Unlimited play time.&nbsp; Also, priority access to the server if it is nearing
capacity.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#3:</span><span style="FONT-WEIGHT:bold"> Ranch ownership:</span><br/>
Once you can afford a ranch, it grants many optional benefits:<br/>
<ul>
<li>
&nbsp; Carry more items with sheds (up to 80 total)
</li>
<li>
&nbsp; Own more horses several for each barn on your ranch
</li>
<li>
&nbsp; Being able to sell horses while offline
</li>
<li>
&nbsp; Easier feeding/watering/training of horses with silo,well,training
pen
</li>
<li>
&nbsp; Free wagon transport with a wagon&nbsp;
</li>
<li>
&nbsp; Earn money while on/offline with windmills
</li>
</ul>
<br style="FONT-WEIGHT:bold; COLOR:#990000"/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#4:</span><span style="FONT-WEIGHT:bold"> Game Identification:</span><br/>
A Horse Isle Subscriber is identified in-game with a Star next to the player's name
in the player lists. A fancier star identifies longer term subscribers.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">
#5:</span><span style="FONT-WEIGHT:bold"> Train Horses Twice as often:</span><br/>
A Horse Isle Subscriber can train horses again in 1/2 the time.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#6:</span><span style="FONT-WEIGHT:bold">
Parental Controls:</span><br/>
The ability to set the number of hours a child can play per day, or even
disabling the ability to send and receive chat.<br/>
<br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#7:</span><span style="FONT-WEIGHT:bold">
Double Global Chats:</span><br/>
Subscribers earn one global chat per minute rather than every other minute.<br/>
<BR>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#8:</span><span style="FONT-WEIGHT:bold">
Art Room Access:</span><br/>
Subscribers are allowed to draw in the group art rooms.<br/>
<BR>
<CENTER>[ <A HREF=/account.php>Return to Account Information</A> ]
</TD></TR></TABLE>
<?php
include("footer.php");
?>

22
game-site/web/spendhorsebucks.php
View File

@ -1,12 +1,12 @@
<?php
session_start();
include("config.php");
include("header.php");
if(!is_logged_in()){
echo('Account information not found. please login again.');
exit();
}
?>
<B><FONT SIZE=+1>Horse Isle Horse Bucks Redemption</FONT></B><BR>You Currently have 0 Horse Bucks from Referrals/Prizes.<BR>You do not have at least 5 Horse Bucks to make an exchange.<BR><A HREF=/account.php>ACCOUNT PAGE</A><?php
include("footer.php");
<?php
session_start();
include("config.php");
include("header.php");
if(!is_logged_in()){
echo('Account information not found. please login again.');
exit();
}
?>
<B><FONT SIZE=+1>Horse Isle Horse Bucks Redemption</FONT></B><BR>You Currently have 0 Horse Bucks from Referrals/Prizes.<BR>You do not have at least 5 Horse Bucks to make an exchange.<BR><A HREF=/account.php>ACCOUNT PAGE</A><?php
include("footer.php");
?>

40
game-site/web/whylimited.php
View File

@ -1,21 +1,21 @@
<?php
session_start();
include("config.php");
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD>
<font size="4" style="COLOR:#990000"><span style="FONT-WEIGHT:bold">Why is play time limited?</span></font><br/>
<br/>
The servers have to work very hard for each player logged in. We have high-end dedicated servers,
but they can only run 150-200 players online at once. Dedicated servers are expensive.
For these reasons, free players have a limited amount of playtime per day, and are even
denied access when the server is nearing capacity. Subscribers have unlimited access, as they are sharing the costs of running the server.
<BR>
<BR><CENTER> <B><A HREF=/account.php>RETURN TO ACCOUNT</A>
</TD></TR></TABLE>
<?php
include("footer.php");
<?php
session_start();
include("config.php");
include("header.php");
?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD>
<font size="4" style="COLOR:#990000"><span style="FONT-WEIGHT:bold">Why is play time limited?</span></font><br/>
<br/>
The servers have to work very hard for each player logged in. We have high-end dedicated servers,
but they can only run 150-200 players online at once. Dedicated servers are expensive.
For these reasons, free players have a limited amount of playtime per day, and are even
denied access when the server is nearing capacity. Subscribers have unlimited access, as they are sharing the costs of running the server.
<BR>
<BR><CENTER> <B><A HREF=/account.php>RETURN TO ACCOUNT</A>
</TD></TR></TABLE>
<?php
include("footer.php");
?>