islehorse
/
HorseIsleWeb
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add files via upload

This commit is contained in:
Bluzume 2021-10-28 17:20:53 +13:00 committed by GitHub
parent c632c19c34
commit fb0a78cf76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 1808 additions and 1799 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
game-site/404.php
View File

@ -1,7 +1,7 @@
<?php header("HTTP/1.1 404 Not Found"); ?><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <?php header("HTTP/1.1 404 Not Found"); ?><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head> <html><head>
<title>404 Not Found</title> <title>404 Not Found</title>
</head><body> </head><body>
<h1>Not Found</h1> <h1>Not Found</h1>
<p>The requested URL <?php echo(htmlspecialchars($_SERVER['REQUEST_URI'])); ?> was not found on this server.</p> <p>The requested URL <?php echo(htmlspecialchars($_SERVER['REQUEST_URI'])); ?> was not found on this server.</p>
</body></html> </body></html>

854
game-site/account.php
View File

@ -1,427 +1,427 @@
<?php <?php
session_start(); session_start();
include("web/common.php"); include("web/common.php");
include("web/crosserver.php"); include("web/crosserver.php");
include("config.php"); include("config.php");
if(isset($_POST["USER"], $_POST["PASS"])) if(isset($_POST["USER"], $_POST["PASS"]))
{ {
$username = $_POST["USER"]; $username = $_POST["USER"];
$password = $_POST["PASS"]; $password = $_POST["PASS"];
if(!user_exists($username)) if(!user_exists($username))
goto auth_failed; goto auth_failed;
$id = get_userid($username); $id = get_userid($username);
if(check_password($id, $password)) if(check_password($id, $password))
{ {
$_SESSION['LOGGED_IN'] = "YES"; $_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id; $_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = $username; $_SESSION['USERNAME'] = $username;
$_SESSION['SEX'] = get_sex($id); $_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id); $_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id); $_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id); $_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id); $_SESSION['SALT'] = get_salt($id);
} }
else else
{ {
auth_failed: auth_failed:
include("web/header.php"); include("web/header.php");
echo('<TABLE CELLPADDING=10 WIDTH=100%><TR><TD><HR><B>Username or Password is not valid. Please try again. <BR>Note: Upon too many attempts the account will be temporarily blocked from your IP.</B><BR><BR>If you have not logged on yet, make sure you have clicked the activation link in the email that was sent to you.<BR><BR>click <A HREF=/web/forgotpass.php>HERE</A> to Have your password emailed to you.<HR></TD></TR></TABLE>'); echo('<TABLE CELLPADDING=10 WIDTH=100%><TR><TD><HR><B>Username or Password is not valid. Please try again. <BR>Note: Upon too many attempts the account will be temporarily blocked from your IP.</B><BR><BR>If you have not logged on yet, make sure you have clicked the activation link in the email that was sent to you.<BR><BR>click <A HREF=/web/forgotpass.php>HERE</A> to Have your password emailed to you.<HR></TD></TR></TABLE>');
include('web/footer.php'); include('web/footer.php');
exit(); exit();
} }
} }
if(!is_logged_in() && isset($_GET["SLID"], $_GET["C"])) if(!is_logged_in() && isset($_GET["SLID"], $_GET["C"]))
{ {
$id = (int)$_GET['SLID']; $id = (int)$_GET['SLID'];
$code = $_GET['C']; $code = $_GET['C'];
$hmac = GenHmacMessage((string)$id, "CrossSiteLogin"); $hmac = GenHmacMessage((string)$id, "CrossSiteLogin");
$hmacSent = bin2hex(base64_url_decode($code)); $hmacSent = bin2hex(base64_url_decode($code));
if(hash_equals($hmacSent,$hmac)) if(hash_equals($hmacSent,$hmac) && userid_exists($dbname, $id))
{ {
$_SESSION['LOGGED_IN'] = "YES"; $_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id; $_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = get_username($id); $_SESSION['USERNAME'] = get_username($id);
$_SESSION['SEX'] = get_sex($id); $_SESSION['SEX'] = get_sex($id);
$_SESSION['ADMIN'] = get_admin($id); $_SESSION['ADMIN'] = get_admin($id);
$_SESSION['MOD'] = get_mod($id); $_SESSION['MOD'] = get_mod($id);
$_SESSION['PASSWORD_HASH'] = get_password_hash($id); $_SESSION['PASSWORD_HASH'] = get_password_hash($id);
$_SESSION['SALT'] = get_salt($id); $_SESSION['SALT'] = get_salt($id);
} }
else else
{ {
$_SESSION['LOGGED_IN'] = "NO"; $_SESSION['LOGGED_IN'] = "NO";
$login_error = "Error in Automatic Login Authentication!"; $login_error = "Error in Automatic Login Authentication!";
} }
} }
if(!is_logged_in()) if(!is_logged_in())
{ {
include("web/header.php"); include("web/header.php");
echo(" echo("
<B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE>"); <B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE>");
$_SESSION['LOGGED_IN'] = "NO"; $_SESSION['LOGGED_IN'] = "NO";
include("web/footer.php"); include("web/footer.php");
exit(); exit();
} }
// Get account data // Get account data
$newUser = !getUserExistInExt($dbname, $_SESSION['PLAYER_ID']); $newUser = !getUserExistInExt($dbname, $_SESSION['PLAYER_ID']);
if(!$newUser){ if(!$newUser){
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']); $money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
$bankMoney = getUserBankMoney($dbname, $_SESSION['PLAYER_ID']); $bankMoney = getUserBankMoney($dbname, $_SESSION['PLAYER_ID']);
$loginDate = getUserLoginDate($dbname, $_SESSION['PLAYER_ID']); $loginDate = getUserLoginDate($dbname, $_SESSION['PLAYER_ID']);
$questPoints = getUserQuestPoints($dbname, $_SESSION['PLAYER_ID']); $questPoints = getUserQuestPoints($dbname, $_SESSION['PLAYER_ID']);
$totalLogins = getUserTotalLogins($dbname, $_SESSION['PLAYER_ID']); $totalLogins = getUserTotalLogins($dbname, $_SESSION['PLAYER_ID']);
$subbed = getUserSubbed($dbname, $_SESSION['PLAYER_ID']); $subbed = getUserSubbed($dbname, $_SESSION['PLAYER_ID']);
$subTime = getUserSubTimeRemaining($dbname, $_SESSION['PLAYER_ID']); $subTime = getUserSubTimeRemaining($dbname, $_SESSION['PLAYER_ID']);
$playtime = getUserPlaytime($dbname, $_SESSION['PLAYER_ID']); $playtime = getUserPlaytime($dbname, $_SESSION['PLAYER_ID']);
} }
else else
{ {
$money = 0; $money = 0;
$bankMoney = 0; $bankMoney = 0;
$loginDate = time(); $loginDate = time();
$questPoints = 0; $questPoints = 0;
$totalLogins = 0; $totalLogins = 0;
$subbed = false; $subbed = false;
$subTime = 0; $subTime = 0;
$playtime = 0; $playtime = 0;
} }
if($all_users_subbed) if($all_users_subbed)
$subbed = true; $subbed = true;
$hasIntl = function_exists('numfmt_create'); $hasIntl = function_exists('numfmt_create');
if($hasIntl) if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL ); $fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
include("web/header.php"); include("web/header.php");
?> ?>
<script language="javascript1.3"> <script language="javascript1.3">
<!-- <!--
function ajax(url,target) { function ajax(url,target) {
// native XMLHttpRequest object // native XMLHttpRequest object
//document.getElementById(target).innerHTML = 'sending...'; //document.getElementById(target).innerHTML = 'sending...';
if (window.XMLHttpRequest) { if (window.XMLHttpRequest) {
req = new XMLHttpRequest(); req = new XMLHttpRequest();
req.onreadystatechange = function() {ajaxDone(target);}; req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true); req.open("GET", url, true);
req.send(null); req.send(null);
// IE/Windows ActiveX version // IE/Windows ActiveX version
} else if (window.ActiveXObject) { } else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP"); req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) { if (req) {
req.onreadystatechange = function() {ajaxDone(target);}; req.onreadystatechange = function() {ajaxDone(target);};
req.open("GET", url, true); req.open("GET", url, true);
req.send(); req.send();
} }
} }
} }
function ajaxDone(target) { function ajaxDone(target) {
// only if req is "loaded" // only if req is "loaded"
if (req.readyState == 4) { if (req.readyState == 4) {
// only if "OK" // only if "OK"
if (req.status == 200) { if (req.status == 200) {
results = req.responseText; results = req.responseText;
document.getElementById(target).innerHTML = results; document.getElementById(target).innerHTML = results;
} else { } else {
document.getElementById(target).innerHTML="ajax error:\n" + document.getElementById(target).innerHTML="ajax error:\n" +
req.statusText; req.statusText;
} }
} }
} }
function loadplayers() { function loadplayers() {
<?php echo("ajax('web/playersonline.php?id=".htmlspecialchars($_SESSION['PLAYER_ID'], ENT_QUOTES)."','PLAYERS');"); ?> <?php echo("ajax('web/playersonline.php?id=".htmlspecialchars($_SESSION['PLAYER_ID'], ENT_QUOTES)."','PLAYERS');"); ?>
window.setTimeout("loadplayers()", 30000); //reload player list every millisecs window.setTimeout("loadplayers()", 30000); //reload player list every millisecs
} }
window.setTimeout("loadplayers()", 10); ///load player list first time quick window.setTimeout("loadplayers()", 10); ///load player list first time quick
window.setTimeout("loadplayers()", 3000); ///load player list first time quick window.setTimeout("loadplayers()", 3000); ///load player list first time quick
--> -->
</script> </script>
<script> <script>
<!-- <!--
function wopen(url, name, w, h) function wopen(url, name, w, h)
{ {
// Fudge factors for window decoration space. // Fudge factors for window decoration space.
// In my tests these work well on all platforms & browsers. // In my tests these work well on all platforms & browsers.
w+=20;//w += 32; w+=20;//w += 32;
h+=60;//h += 96; h+=60;//h += 96;
var win = window.open(url, var win = window.open(url,
name, name,
'width=' + w + ', height=' + h + ', ' + 'width=' + w + ', height=' + h + ', ' +
'location=no, menubar=no, ' + 'location=no, menubar=no, ' +
'status=no, toolbar=no, scrollbars=no, resizable=no'); 'status=no, toolbar=no, scrollbars=no, resizable=no');
win.resizeTo(w, h); win.resizeTo(w, h);
win.focus(); win.focus();
} }
// --> // -->
</script> </script>
<TABLE WIDTH=100% CELLPADDING=5><TR><TD VALIGN=TOP><TABLE BORDER=0 CELLPADDING=5><TR><TD VALIGN=top><CENTER>When Ready, <a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 790, 522); return false;">Enter the World<BR><BR><IMG BORDER=0 SRC=/web/screenshots/enterhorseisle.png></A><BR><BR>(<a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 846, 542); return false;">bigger borders version</A>)<BR>(<A HREF=horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>>same window version</A>)</TD><TD VALIGN=top>Welcome back <B><?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?></B>, Here is your account info and Horse Isle server status: (<A HREF=?>refresh</A>)<BR><BR><?php <TABLE WIDTH=100% CELLPADDING=5><TR><TD VALIGN=TOP><TABLE BORDER=0 CELLPADDING=5><TR><TD VALIGN=top><CENTER>When Ready, <a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 790, 522); return false;">Enter the World<BR><BR><IMG BORDER=0 SRC=/web/screenshots/enterhorseisle.png></A><BR><BR>(<a href='/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>' target=popup onClick="wopen('/horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>', 'popup', 846, 542); return false;">bigger borders version</A>)<BR>(<A HREF=horseisle.php?USER=<?php echo(htmlspecialchars($_SESSION['USERNAME'],ENT_QUOTES)); ?>>same window version</A>)</TD><TD VALIGN=top>Welcome back <B><?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?></B>, Here is your account info and Horse Isle server status: (<A HREF=?>refresh</A>)<BR><BR><?php
$moneyStr = ""; $moneyStr = "";
if($hasIntl) if($hasIntl)
$moneyStr .= numfmt_format($fmt, $money); $moneyStr .= numfmt_format($fmt, $money);
else else
$moneyStr .= $money; $moneyStr .= $money;
$bankmoneyStr = ""; $bankmoneyStr = "";
if($hasIntl) if($hasIntl)
$bankmoneyStr .= numfmt_format($fmt, $bankMoney); $bankmoneyStr .= numfmt_format($fmt, $bankMoney);
else else
$bankmoneyStr .= $bankMoney; $bankmoneyStr .= $bankMoney;
$totalLoginsStr = ""; $totalLoginsStr = "";
if($hasIntl) if($hasIntl)
$totalLoginsStr .= numfmt_format($fmt, $totalLogins); $totalLoginsStr .= numfmt_format($fmt, $totalLogins);
else else
$totalLoginsStr .= $bankMoney; $totalLoginsStr .= $bankMoney;
$lastOn = 0.00; $lastOn = 0.00;
$current_time = time(); $current_time = time();
$difference = $current_time - $loginDate; $difference = $current_time - $loginDate;
$lastOn = $difference/3600; $lastOn = $difference/3600;
if($newUser){ if($newUser){
echo('<BR>You have a new account and have not yet logged in!<BR>'); echo('<BR>You have a new account and have not yet logged in!<BR>');
} }
else{ else{
echo('It has been: '.number_format((float)$lastOn, 2, '.', '').' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>'); echo('It has been: '.number_format((float)$lastOn, 2, '.', '').' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>');
} }
echo('You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>'); echo('You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>');
if(!$subbed) if(!$subbed)
{ {
echo('You have <B>'.(string)$playtime.'</B> minutes of playtime available. As a non-subscriber you get 1 additional minute every 8 minutes. <I>(subject to change based on load)</I> (<A HREF=/web/whylimited.php>why limited?</A>) <BR>'); echo('You have <B>'.(string)$playtime.'</B> minutes of playtime available. As a non-subscriber you get 1 additional minute every 8 minutes. <I>(subject to change based on load)</I> (<A HREF=/web/whylimited.php>why limited?</A>) <BR>');
} }
?></TD></TR></TABLE><BR><HR> ?></TD></TR></TABLE><BR><HR>
<CENTER><TABLE WIDTH=500><TR><TD class=forumlist> <CENTER><TABLE WIDTH=500><TR><TD class=forumlist>
<FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><?php <FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><?php
if($subbed) if($subbed)
{ {
echo('<FONT COLOR=GREEN>ACTIVE</FONT>'); echo('<FONT COLOR=GREEN>ACTIVE</FONT>');
$current_time = time(); $current_time = time();
$difference = $subTime - $current_time; $difference = $subTime - $current_time;
$daysRemain = floor($difference/86400); $daysRemain = floor($difference/86400);
$daysStr = (string)$daysRemain; $daysStr = (string)$daysRemain;
if($all_users_subbed) if($all_users_subbed)
$daysStr = ""; $daysStr = "";
echo('</FONT><BR>('.$daysStr.' days remain in your subscription)</FONT> '); echo('</FONT><BR>('.$daysStr.' days remain in your subscription)</FONT> ');
} }
else else
{ {
echo("NOT SUBSCRIBED</FONT><BR>(You have not yet subscribed)</FONT> "); echo("NOT SUBSCRIBED</FONT><BR>(You have not yet subscribed)</FONT> ");
} }
?>(<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>) ?>(<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>)
</TD></TR><TR><TD class=forumlist> </TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%> <TABLE WIDTH=100%>
<TR><TD><B>BUY 1 Month Membership <FONT COLOR=GREEN>$5.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 31 days membership time to the account that you are currently logged in with.) Non-refundable.</FONT></I></TD><TD> <TR><TD><B>BUY 1 Month Membership <FONT COLOR=GREEN>$5.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 31 days membership time to the account that you are currently logged in with.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post"> <form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1"> <input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="One Month Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>"> <input type="hidden" name="item_name" value="One Month Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="5.00"> <input type="hidden" name="amount" value="5.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php"> <input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
</TD></TR> </TD></TR>
<TR><TD class=forumlist> <TR><TD class=forumlist>
<TABLE WIDTH=100%><TR> <TABLE WIDTH=100%><TR>
<TD><B>BUY Full Year Membership <FONT COLOR=GREEN>$40.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 366 days membership time to the account you are logged in with. saves $20.00 off monthly subscription) Non-refundable.</FONT></I></TD><TD> <TD><B>BUY Full Year Membership <FONT COLOR=GREEN>$40.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 366 days membership time to the account you are logged in with. saves $20.00 off monthly subscription) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post"> <form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1"> <input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Full Year Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>"> <input type="hidden" name="item_name" value="Full Year Horse Isle Membership-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="40.00"> <input type="hidden" name="amount" value="40.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php"> <input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
<!-- <!--
<TR><TD class=forumlist> <TR><TD class=forumlist>
<TABLE WIDTH=100%><TR> <TABLE WIDTH=100%><TR>
<TD><B>BUY 100k Horse Isle Currency <FONT COLOR=GREEN>$1.00</FONT>usd</B> <I><FONT SIZE=-1>(each one you buy gives your account $10,000 Horse Isle currency for use in the game.) Non-refundable.</FONT></I></TD><TD> <TD><B>BUY 100k Horse Isle Currency <FONT COLOR=GREEN>$1.00</FONT>usd</B> <I><FONT SIZE=-1>(each one you buy gives your account $10,000 Horse Isle currency for use in the game.) Non-refundable.</FONT></I></TD><TD>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"> <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1"> <input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on pinto.horseisle.com"> <input type="hidden" name="item_name" value="100k Horse Isle Money-on pinto.horseisle.com">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00"> <input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://pinto.horseisle.com/web/paypalpayment.php"> <input type="hidden" name="return" value="http://pinto.horseisle.com/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://pinto.horseisle.com/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://pinto.horseisle.com/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
</TD><TR>--> </TD><TR>-->
<TR><TD class=forumlist> <TR><TD class=forumlist>
<TABLE WIDTH=100%><TR> <TABLE WIDTH=100%><TR>
<form action="<?php echo($pp_uri); ?>" method="post"> <form action="<?php echo($pp_uri); ?>" method="post">
<TD><B>BUY $100,000 Horse Isle Currency per <FONT COLOR=GREEN>$1.00</FONT>usd</B><BR> <TD><B>BUY $100,000 Horse Isle Currency per <FONT COLOR=GREEN>$1.00</FONT>usd</B><BR>
Select: <SELECT NAME=quantity> Select: <SELECT NAME=quantity>
<!-<OPTION VALUE=1>$10,000 Horse Isle for $1.00 USD-> <!-<OPTION VALUE=1>$10,000 Horse Isle for $1.00 USD->
<OPTION VALUE=2>$200,000 Horse Isle for $2.00 USD <OPTION VALUE=2>$200,000 Horse Isle for $2.00 USD
<OPTION VALUE=3>$300,000 Horse Isle for $3.00 USD <OPTION VALUE=3>$300,000 Horse Isle for $3.00 USD
<OPTION VALUE=4>$400,000 Horse Isle for $4.00 USD <OPTION VALUE=4>$400,000 Horse Isle for $4.00 USD
<OPTION VALUE=5>$550,000 Horse Isle for $5.00 USD (10% bonus) <OPTION VALUE=5>$550,000 Horse Isle for $5.00 USD (10% bonus)
<OPTION SELECTED VALUE=10>$1,100,000 Horse Isle for $10.00 USD (10% bonus) <OPTION SELECTED VALUE=10>$1,100,000 Horse Isle for $10.00 USD (10% bonus)
<OPTION VALUE=20>$2,300,000 Horse Isle for $20.00 USD (15% bonus) <OPTION VALUE=20>$2,300,000 Horse Isle for $20.00 USD (15% bonus)
<OPTION VALUE=50>$5,750,000 Horse Isle for $50.00 USD (15% bonus) <OPTION VALUE=50>$5,750,000 Horse Isle for $50.00 USD (15% bonus)
<OPTION VALUE=100>$12,000,000 Horse Isle for $100.00 USD (20% bonus) <OPTION VALUE=100>$12,000,000 Horse Isle for $100.00 USD (20% bonus)
<OPTION VALUE=250>$31,250,000 Horse Isle for $250.00 USD (25% bonus) <OPTION VALUE=250>$31,250,000 Horse Isle for $250.00 USD (25% bonus)
</SELECT><BR> </SELECT><BR>
<I><FONT SIZE=-1>(Gives your account Horse Isle currency for use in the game. You can earn Horse Isle money by playing the game. This is not required.) Non-refundable.</FONT></I></TD><TD> <I><FONT SIZE=-1>(Gives your account Horse Isle currency for use in the game. You can earn Horse Isle money by playing the game. This is not required.) Non-refundable.</FONT></I></TD><TD>
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="item_name" value="100k Horse Isle Money-on <?php echo($_SERVER["HTTP_HOST"]); ?>"> <input type="hidden" name="item_name" value="100k Horse Isle Money-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="1.00"> <input type="hidden" name="amount" value="1.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php"> <input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist> </TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%> <TABLE WIDTH=100%>
<TR><TD> <TR><TD>
<B>BUY Pawneer Order <FONT COLOR=GREEN>$8.00</FONT>usd</B> <I><FONT SIZE=-1>(allows you to order a custom breed/color/gender horse on server from Pawneer. This is not required, you can trade other players to get the breed you desire also.) Non-refundable.</FONT></I></TD><TD> <B>BUY Pawneer Order <FONT COLOR=GREEN>$8.00</FONT>usd</B> <I><FONT SIZE=-1>(allows you to order a custom breed/color/gender horse on server from Pawneer. This is not required, you can trade other players to get the breed you desire also.) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post"> <form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1"> <input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>"> <input type="hidden" name="item_name" value="Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="8.00"> <input type="hidden" name="amount" value="8.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php"> <input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
</TD></TR><TR><TD class=forumlist> </TD></TR><TR><TD class=forumlist>
<TABLE WIDTH=100%> <TABLE WIDTH=100%>
<TR><TD> <TR><TD>
<B>BUY 5 Pawneer Orders <FONT COLOR=GREEN>$30.00</FONT>usd</B> <I><FONT SIZE=-1>(save $10.00 - allows you to order 5 custom horses from Pawneer) Non-refundable.</FONT></I></TD><TD> <B>BUY 5 Pawneer Orders <FONT COLOR=GREEN>$30.00</FONT>usd</B> <I><FONT SIZE=-1>(save $10.00 - allows you to order 5 custom horses from Pawneer) Non-refundable.</FONT></I></TD><TD>
<form action="<?php echo($pp_uri); ?>" method="post"> <form action="<?php echo($pp_uri); ?>" method="post">
<input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="paypal@horseisle.com"> <input type="hidden" name="business" value="paypal@horseisle.com">
<input type="hidden" name="undefined_quantity" value="1"> <input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Five Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>"> <input type="hidden" name="item_name" value="Five Pawneer Order-on <?php echo($_SERVER["HTTP_HOST"]); ?>">
<input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="item_number" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>"> <input type="hidden" name="custom" value="<?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?>">
<input type="hidden" name="amount" value="30.00"> <input type="hidden" name="amount" value="30.00">
<input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php"> <input type="hidden" name="return" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalpayment.php">
<input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php"> <input type="hidden" name="notify_url" value="http://<?php echo($_SERVER["HTTP_HOST"]); ?>/web/paypalgateway.php">
<input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US"> <input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form> </form>
</TD></TR></TABLE> </TD></TR></TABLE>
</TD></TR> </TD></TR>
<TR><TD BGCOLOR=WHITE><CENTER>If you happen to have any:<B> <A HREF=/web/spendhorsebucks.php>Redeem Horse Bucks</A></TD></TR> <TR><TD BGCOLOR=WHITE><CENTER>If you happen to have any:<B> <A HREF=/web/spendhorsebucks.php>Redeem Horse Bucks</A></TD></TR>
<TR><TD class=forumlist> <TR><TD class=forumlist>
<BR>Alternative Payment Methods: <A HREF=/web/checks.php>Check/Cash via postal mail</A> <BR>Alternative Payment Methods: <A HREF=/web/checks.php>Check/Cash via postal mail</A>
<BR><BR>Gift Payments: <A HREF=<?php echo($master_site); ?>/web/giftmembership.php>Pay for a different player</A> <BR><BR>Gift Payments: <A HREF=<?php echo($master_site); ?>/web/giftmembership.php>Pay for a different player</A>
<BR><BR></TD></TR> <BR><BR></TD></TR>
</TD></TR></TABLE></CENTER> </TD></TR></TABLE></CENTER>
<HR> <HR>
</TD><TD VALIGN=top><DIV ID="PLAYERS"><BR></DIV></TD></TR></TABLE><?php include("web/footer.php"); ?> </TD><TD VALIGN=top><DIV ID="PLAYERS"><BR></DIV></TD></TR></TABLE><?php include("web/footer.php"); ?>

420
game-site/horseisle.php
View File

@ -1,210 +1,210 @@
<?php <?php
include("config.php"); include("config.php");
?> ?>
<html lang="en"> <html lang="en">
<head> <head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>HORSEISLE - Secret Land of Horses</title> <title>HORSEISLE - Secret Land of Horses</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon"> <link rel="icon" href="/favicon.ico" type="image/x-icon">
<!-- Google Analytics --> <!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script> </script>
<script type="text/javascript"> <script type="text/javascript">
_uacct = "UA-1805076-1"; _uacct = "UA-1805076-1";
urchinTracker(); urchinTracker();
</script> </script>
<script language="javascript"><!-- <script language="javascript"><!--
// Intercept Browser X and give user choice (on firefox) // Intercept Browser X and give user choice (on firefox)
//window.onbeforeunload= function (evt) { return false; } //window.onbeforeunload= function (evt) { return false; }
var ConfirmClose = true; var ConfirmClose = true;
window.onbeforeunload = confirmExit; window.onbeforeunload = confirmExit;
function confirmExit() function confirmExit()
{ {
if (ConfirmClose) if (ConfirmClose)
return "[ Please use QUIT GAME button to exit Horse Isle ]"; return "[ Please use QUIT GAME button to exit Horse Isle ]";
} }
function allowExit() function allowExit()
{ {
ConfirmClose = false; ConfirmClose = false;
} }
/// Every half second, put focus on Flash window. /// Every half second, put focus on Flash window.
//function getfocus(){ //function getfocus(){
// horseisle.focus(); // horseisle.focus();
// mytimer = setTimeout('getfocus()', 500); // mytimer = setTimeout('getfocus()', 500);
//} //}
//--> //-->
</script> </script>
<script language="JavaScript" type="text/javascript"> <script language="JavaScript" type="text/javascript">
<!-- <!--
// ----------------------------------------------------------------------------- // -----------------------------------------------------------------------------
// Globals // Globals
// Major version of Flash required // Major version of Flash required
var requiredMajorVersion = 8; var requiredMajorVersion = 8;
// Minor version of Flash required // Minor version of Flash required
var requiredMinorVersion = 0; var requiredMinorVersion = 0;
// Revision of Flash required // Revision of Flash required
var requiredRevision = 0; var requiredRevision = 0;
// the version of javascript supported // the version of javascript supported
var jsVersion = 1.0; var jsVersion = 1.0;
// ----------------------------------------------------------------------------- // -----------------------------------------------------------------------------
// --> // -->
</script> </script>
<script language="VBScript" type="text/vbscript"> <script language="VBScript" type="text/vbscript">
<!-- // Visual basic helper required to detect Flash Player ActiveX control version information <!-- // Visual basic helper required to detect Flash Player ActiveX control version information
Function VBGetSwfVer(i) Function VBGetSwfVer(i)
on error resume next on error resume next
Dim swControl, swVersion Dim swControl, swVersion
swVersion = 0 swVersion = 0
set swControl = CreateObject("ShockwaveFlash.ShockwaveFlash." + CStr(i)) set swControl = CreateObject("ShockwaveFlash.ShockwaveFlash." + CStr(i))
if (IsObject(swControl)) then if (IsObject(swControl)) then
swVersion = swControl.GetVariable("$version") swVersion = swControl.GetVariable("$version")
end if end if
VBGetSwfVer = swVersion VBGetSwfVer = swVersion
End Function End Function
// --> // -->
</script> </script>
<script language="JavaScript1.1" type="text/javascript"> <script language="JavaScript1.1" type="text/javascript">
<!-- // Detect Client Browser type <!-- // Detect Client Browser type
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
jsVersion = 1.1; jsVersion = 1.1;
// JavaScript helper required to detect Flash Player PlugIn version information // JavaScript helper required to detect Flash Player PlugIn version information
function JSGetSwfVer(i){ function JSGetSwfVer(i){
// NS/Opera version >= 3 check for Flash plugin in plugin array // NS/Opera version >= 3 check for Flash plugin in plugin array
if (navigator.plugins != null && navigator.plugins.length > 0) { if (navigator.plugins != null && navigator.plugins.length > 0) {
if (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]) { if (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]) {
var swVer2 = navigator.plugins["Shockwave Flash 2.0"] ? " 2.0" : ""; var swVer2 = navigator.plugins["Shockwave Flash 2.0"] ? " 2.0" : "";
var flashDescription = navigator.plugins["Shockwave Flash" + swVer2].description; var flashDescription = navigator.plugins["Shockwave Flash" + swVer2].description;
descArray = flashDescription.split(" "); descArray = flashDescription.split(" ");
tempArrayMajor = descArray[2].split("."); tempArrayMajor = descArray[2].split(".");
versionMajor = tempArrayMajor[0]; versionMajor = tempArrayMajor[0];
versionMinor = tempArrayMajor[1]; versionMinor = tempArrayMajor[1];
if ( descArray[3] != "" ) { if ( descArray[3] != "" ) {
tempArrayMinor = descArray[3].split("r"); tempArrayMinor = descArray[3].split("r");
} else { } else {
tempArrayMinor = descArray[4].split("r"); tempArrayMinor = descArray[4].split("r");
} }
versionRevision = tempArrayMinor[1] > 0 ? tempArrayMinor[1] : 0; versionRevision = tempArrayMinor[1] > 0 ? tempArrayMinor[1] : 0;
flashVer = versionMajor + "." + versionMinor + "." + versionRevision; flashVer = versionMajor + "." + versionMinor + "." + versionRevision;
} else { } else {
flashVer = -1; flashVer = -1;
} }
} }
// MSN/WebTV 2.6 supports Flash 4 // MSN/WebTV 2.6 supports Flash 4
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.6") != -1) flashVer = 4; else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.6") != -1) flashVer = 4;
// WebTV 2.5 supports Flash 3 // WebTV 2.5 supports Flash 3
else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.5") != -1) flashVer = 3; else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.5") != -1) flashVer = 3;
// older WebTV supports Flash 2 // older WebTV supports Flash 2
else if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1) flashVer = 2; else if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1) flashVer = 2;
// Can't detect in all other cases // Can't detect in all other cases
else { else {
flashVer = -1; flashVer = -1;
} }
return flashVer; return flashVer;
} }
// If called with no parameters this function returns a floating point value // If called with no parameters this function returns a floating point value
// which should be the version of the Flash Player or 0.0 // which should be the version of the Flash Player or 0.0
// ex: Flash Player 7r14 returns 7.14 // ex: Flash Player 7r14 returns 7.14
// If called with reqMajorVer, reqMinorVer, reqRevision returns true if that version or greater is available // If called with reqMajorVer, reqMinorVer, reqRevision returns true if that version or greater is available
function DetectFlashVer(reqMajorVer, reqMinorVer, reqRevision) function DetectFlashVer(reqMajorVer, reqMinorVer, reqRevision)
{ {
reqVer = parseFloat(reqMajorVer + "." + reqRevision); reqVer = parseFloat(reqMajorVer + "." + reqRevision);
// loop backwards through the versions until we find the newest version // loop backwards through the versions until we find the newest version
for (i=25;i>0;i--) { for (i=25;i>0;i--) {
if (isIE && isWin && !isOpera) { if (isIE && isWin && !isOpera) {
versionStr = VBGetSwfVer(i); versionStr = VBGetSwfVer(i);
} else { } else {
versionStr = JSGetSwfVer(i); versionStr = JSGetSwfVer(i);
} }
if (versionStr == -1 ) { if (versionStr == -1 ) {
return false; return false;
} else if (versionStr != 0) { } else if (versionStr != 0) {
if(isIE && isWin && !isOpera) { if(isIE && isWin && !isOpera) {
tempArray = versionStr.split(" "); tempArray = versionStr.split(" ");
tempString = tempArray[1]; tempString = tempArray[1];
versionArray = tempString .split(","); versionArray = tempString .split(",");
} else { } else {
versionArray = versionStr.split("."); versionArray = versionStr.split(".");
} }
versionMajor = versionArray[0]; versionMajor = versionArray[0];
versionMinor = versionArray[1]; versionMinor = versionArray[1];
versionRevision = versionArray[2]; versionRevision = versionArray[2];
versionString = versionMajor + "." + versionRevision; // 7.0r24 == 7.24 versionString = versionMajor + "." + versionRevision; // 7.0r24 == 7.24
versionNum = parseFloat(versionString); versionNum = parseFloat(versionString);
// is the major.revision >= requested major.revision AND the minor version >= requested minor // is the major.revision >= requested major.revision AND the minor version >= requested minor
if ( (versionMajor > reqMajorVer) && (versionNum >= reqVer) ) { if ( (versionMajor > reqMajorVer) && (versionNum >= reqVer) ) {
return true; return true;
} else { } else {
return ((versionNum >= reqVer && versionMinor >= reqMinorVer) ? true : false ); return ((versionNum >= reqVer && versionMinor >= reqMinorVer) ? true : false );
} }
} }
} }
return (reqVer ? false : 0.0); return (reqVer ? false : 0.0);
} }
// --> // -->
</script> </script>
</head> </head>
<body bgcolor="#A797A7" MARGINWIDTH=0 MARGINHEIGHT=0 LEFTMARGIN=0 TOPMARGIN=0 onLoad=""> <body bgcolor="#A797A7" MARGINWIDTH=0 MARGINHEIGHT=0 LEFTMARGIN=0 TOPMARGIN=0 onLoad="">
<!--url's used in the movie--> <!--url's used in the movie-->
<!--text used in the movie--> <!--text used in the movie-->
<CENTER> <CENTER>
<!-- <!--
<p align="center"></p> <p align="center"></p>
<p align="left"></p> <p align="left"></p>
<p align="left"><font face="Arial" size="9" color="#000000" letterSpacing="0.000000" kerning="1"><b>FPS</b></font></p> <p align="left"><font face="Arial" size="9" color="#000000" letterSpacing="0.000000" kerning="1"><b>FPS</b></font></p>
<p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>CONNECTION TO SERVER LOST:</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b> Either your Internet connection is down, or the <sbr />server is restarting or possibly down. &nbsp;</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>Please try again shortly.</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000066" letterSpacing="0.000000" kerning="1"><a href="http://hi1.horseisle.com/" target = "_self"><b>HI1.HORSEISLE.COM</b></a></font></p> <p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>CONNECTION TO SERVER LOST:</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b> Either your Internet connection is down, or the <sbr />server is restarting or possibly down. &nbsp;</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000000" letterSpacing="0.000000" kerning="1"><b>Please try again shortly.</b></font></p><p align="center"></p><p align="center"><font face="Times New Roman" size="18" color="#000066" letterSpacing="0.000000" kerning="1"><a href="http://hi1.horseisle.com/" target = "_self"><b>HI1.HORSEISLE.COM</b></a></font></p>
--> -->
<script language="JavaScript" type="text/javascript"> <script language="JavaScript" type="text/javascript">
<!-- <!--
<?php <?php
$user = ""; $user = "";
if(isset($_GET['USER'])) { $user = $_GET['USER']; }; if(isset($_GET['USER'])) { $user = $_GET['USER']; };
echo("var hasRightVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision); echo("var hasRightVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);
if(hasRightVersion) { // if we've detected an acceptable version if(hasRightVersion) { // if we've detected an acceptable version
var oeTags = '<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"' var oeTags = '<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"'
+ 'width=\"790\" height=\"500\" id=\"horseisle\" name=\"horseisle\"' + 'width=\"790\" height=\"500\" id=\"horseisle\" name=\"horseisle\"'
+ 'codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">' + 'codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">'
+ '<param name=\"movie\" value=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" /><param name=\"loop\" value=\"false\" /><param name=\"menu\" value=\"false\" /><param name=\"quality\" value=\"high\" /><param name=\"scale\" value=\"noscale\" /><param name=\"salign\" value=\"t\" /><param name=\"bgcolor\" value=\"#ffffff\" />' + '<param name=\"movie\" value=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" /><param name=\"loop\" value=\"false\" /><param name=\"menu\" value=\"false\" /><param name=\"quality\" value=\"high\" /><param name=\"scale\" value=\"noscale\" /><param name=\"salign\" value=\"t\" /><param name=\"bgcolor\" value=\"#ffffff\" />'
+ '<embed src=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" loop=\"false\" menu=\"false\" quality=\"high\" scale=\"noscale\" salign=\"t\" bgcolor=\"#ffffff\" ' + '<embed src=\"horseisle.swf?SERVER=".$server_ip."&PORT=".$server_port."&USER=".htmlspecialchars($user, ENT_QUOTES)."&2158322\" loop=\"false\" menu=\"false\" quality=\"high\" scale=\"noscale\" salign=\"t\" bgcolor=\"#ffffff\" '
+ 'width=\"790\" height=\"500\" name=\"horseisle\" align=\"top\"' + 'width=\"790\" height=\"500\" name=\"horseisle\" align=\"top\"'
+ 'play=\"true\"' + 'play=\"true\"'
+ 'loop=\"false\"' + 'loop=\"false\"'
+ 'quality=\"high\"' + 'quality=\"high\"'
+ 'allowScriptAccess=\"sameDomain\"' + 'allowScriptAccess=\"sameDomain\"'
+ 'type=\"application/x-shockwave-flash\"' + 'type=\"application/x-shockwave-flash\"'
+ 'pluginspage=\"http://www.macromedia.com/go/getflashplayer\">' + 'pluginspage=\"http://www.macromedia.com/go/getflashplayer\">'
+ '<\/embed>' + '<\/embed>'
+ '<\/object>';"); + '<\/object>';");
?> ?>
document.write(oeTags); // embed the flash movie document.write(oeTags); // embed the flash movie
} else { // flash is too old or we can't detect the plugin } else { // flash is too old or we can't detect the plugin
var alternateContent = 'Alternate HTML content should be placed here.' var alternateContent = 'Alternate HTML content should be placed here.'
+ 'This content requires the Macromedia Flash Player.' + 'This content requires the Macromedia Flash Player.'
+ '<a href=http://www.macromedia.com/go/getflash/>Get Flash</a>'; + '<a href=http://www.macromedia.com/go/getflash/>Get Flash</a>';
document.write(alternateContent); // insert non-flash content document.write(alternateContent); // insert non-flash content
} }
// --> // -->
</script> </script>
<noscript><CENTER> <noscript><CENTER>
It appears you do not have the required Flash Player Software.<BR> It appears you do not have the required Flash Player Software.<BR>
<B>Horse Isle requires the Adobe Flash Player 9+.</B><BR> <B>Horse Isle requires the Adobe Flash Player 9+.</B><BR>
It is a free and easy download - <a href="http://www.macromedia.com/go/getflash/">Get Flash</a><BR> It is a free and easy download - <a href="http://www.macromedia.com/go/getflash/">Get Flash</a><BR>
</noscript> </noscript>
</body> </body>
</html> </html>

52
game-site/index.php
View File

@ -1,27 +1,27 @@
<?php <?php
session_start(); session_start();
include("config.php"); include("config.php");
// Handle logout // Handle logout
if(isset($_GET["LOGOUT"])) if(isset($_GET["LOGOUT"]))
{ {
if($_GET["LOGOUT"] == 1) if($_GET["LOGOUT"] == 1)
{ {
session_destroy(); session_destroy();
} }
} }
include("web/header.php"); include("web/header.php");
?> ?>
<CENTER> <CENTER>
<FONT FACE=Verdana,arial SIZE=-1> <FONT FACE=Verdana,arial SIZE=-1>
<BR> <BR>
If you have an account on this server (<?php echo(strtoupper($_SERVER['HTTP_HOST']))?>) please login in at upper right.<BR> If you have an account on this server (<?php echo(strtoupper($_SERVER['HTTP_HOST']))?>) please login in at upper right.<BR>
Otherwise click for <A href=http:<?php echo($master_site); ?>>Main Horse Isle 1 Site</A>. Otherwise click for <A href=http:<?php echo($master_site); ?>>Main Horse Isle 1 Site</A>.
<BR><BR> <BR><BR>
<?php include("web/footer.php"); ?> <?php include("web/footer.php"); ?>

2
game-site/robots.txt
View File

@ -1 +1 @@
#empty file to avoid errors in error log #empty file to avoid errors in error log

92
game-site/web/checks.php
View File

@ -1,47 +1,47 @@
<?php <?php
session_start(); session_start();
include("config.php"); include("config.php");
include("crosserver.php"); include("crosserver.php");
include("header.php"); include("header.php");
?> ?>
<TABLE WIDTH=100% CELLPADDING=10><TR><TD> <TABLE WIDTH=100% CELLPADDING=10><TR><TD>
<FONT COLOR=880000 SIZE=+1><B>Alternative Payment Methods</B></FONT><BR> <FONT COLOR=880000 SIZE=+1><B>Alternative Payment Methods</B></FONT><BR>
If you cannot use PayPal(recommended) you may send a payment via snail mail to our U.S. Post Office Box.<BR> If you cannot use PayPal(recommended) you may send a payment via snail mail to our U.S. Post Office Box.<BR>
Currency MUST be in U.S. Dollars. [ USA Check / Money Order / USD Cash Accepted ]<BR> Currency MUST be in U.S. Dollars. [ USA Check / Money Order / USD Cash Accepted ]<BR>
(One exception, Canadian personal checks made out for slightly more than the current exchange rate in canadian funds can be accepted. No other countries personal checks can be accepted.)<BR> (One exception, Canadian personal checks made out for slightly more than the current exchange rate in canadian funds can be accepted. No other countries personal checks can be accepted.)<BR>
Checks <B>must be written out to 'Horse Isle'</B>.<BR> Checks <B>must be written out to 'Horse Isle'</B>.<BR>
If your check "bounces" we will block the account until our fees have been reimbursed by you.<BR> If your check "bounces" we will block the account until our fees have been reimbursed by you.<BR>
Cash is not recommended, but if you need to send it, be sure to wrap it in another piece of paper so that it cannot be seen through the envelope!<BR> Cash is not recommended, but if you need to send it, be sure to wrap it in another piece of paper so that it cannot be seen through the envelope!<BR>
<B>(Do not send Cash without Parental Permission!)</B><BR> <B>(Do not send Cash without Parental Permission!)</B><BR>
<BR> <BR>
<B>Horse Isle Postal Mailing Address:</B><BR> <B>Horse Isle Postal Mailing Address:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0> <UL><FONT COLOR=440044 SIZE=+0>
Horse Isle<BR> Horse Isle<BR>
PO Box 3619<BR> PO Box 3619<BR>
Duluth, MN 55803-2633<BR> Duluth, MN 55803-2633<BR>
USA<BR> USA<BR>
</UL></FONT> </UL></FONT>
<B>Identify Your Payment:</B><BR> <B>Identify Your Payment:</B><BR>
Be sure to include a CLEAR note of what account this is for. Include your email address in case there are problems identifying the account.<BR> Be sure to include a CLEAR note of what account this is for. Include your email address in case there are problems identifying the account.<BR>
<UL><FONT COLOR=440044 SIZE=+0> <UL><FONT COLOR=440044 SIZE=+0>
Your USERNAME = <?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?><B></B><BR> Your USERNAME = <?php echo(htmlspecialchars($_SESSION['USERNAME'])); ?><B></B><BR>
Your ACCOUNT ID = <?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?><B></B><BR> Your ACCOUNT ID = <?php echo(htmlspecialchars($_SESSION['PLAYER_ID'])); ?><B></B><BR>
Your SERVER = <B><?php echo($server_id); ?></B> (make sure this is the one you play on)<BR> Your SERVER = <B><?php echo($server_id); ?></B> (make sure this is the one you play on)<BR>
</UL></FONT> </UL></FONT>
<B>Finally, let us know what it is for:</B><BR> <B>Finally, let us know what it is for:</B><BR>
<UL><FONT COLOR=440044 SIZE=+0> <UL><FONT COLOR=440044 SIZE=+0>
One Month Horse Isle Membership - $5 (or 2 for $10, etc.)<BR> One Month Horse Isle Membership - $5 (or 2 for $10, etc.)<BR>
One Year Horse Isle Membership - $40 (or 2 for $80, etc.)<BR> One Year Horse Isle Membership - $40 (or 2 for $80, etc.)<BR>
Horse Isle Game Money - $10,000 per $1 ($15 = $150,000 Horse Isle Money)<BR> Horse Isle Game Money - $10,000 per $1 ($15 = $150,000 Horse Isle Money)<BR>
Pawneer Order - $8 (or 2 for $16, etc.)<BR> Pawneer Order - $8 (or 2 for $16, etc.)<BR>
Pawneer Order Pack(5) - $30 (or 2 for $60, etc.)<BR> Pawneer Order Pack(5) - $30 (or 2 for $60, etc.)<BR>
</UL></FONT> </UL></FONT>
Payments will be credited when received. Mail is handled at least twice per week, so between mail transit and pickup times, expect up to a week for the account to be credited. Payments lost in the mail are not our responsibility. Checks which cannot be identified to an account will not be cashed.<BR> Payments will be credited when received. Mail is handled at least twice per week, so between mail transit and pickup times, expect up to a week for the account to be credited. Payments lost in the mail are not our responsibility. Checks which cannot be identified to an account will not be cashed.<BR>
Remember PayPal Payments are instant and more secure! <BR> Remember PayPal Payments are instant and more secure! <BR>
Thanks!<BR> Thanks!<BR>
<CENTER>[ <A HREF=/account.php>Return to Account Page</A> ] <CENTER>[ <A HREF=/account.php>Return to Account Page</A> ]
</TD></TR></TABLE> </TD></TR></TABLE>
<?php <?php
include("footer.php"); include("footer.php");
?> ?>

338
game-site/web/common.php
View File

@ -1,170 +1,170 @@
<?php <?php
function hash_salt(string $input, string $salt) function hash_salt(string $input, string $salt)
{ {
$output = hash('sha512',$input,true); $output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2; $len=strlen(bin2hex($output))/2;
$xor_hash = ""; $xor_hash = "";
for($i = 0; $i < $len; $i++) for($i = 0; $i < $len; $i++)
{ {
$xor_hash .= $output[$i] ^ $salt[$i]; $xor_hash .= $output[$i] ^ $salt[$i];
} }
return hash('sha512',$xor_hash,false); return hash('sha512',$xor_hash,false);
} }
function base64_url_encode($input) { function base64_url_encode($input) {
return strtr(base64_encode($input), '+/=', '._-'); return strtr(base64_encode($input), '+/=', '._-');
} }
function base64_url_decode($input) { function base64_url_decode($input) {
return base64_decode(strtr($input, '._-', '+/=')); return base64_decode(strtr($input, '._-', '+/='));
} }
function is_logged_in() function is_logged_in()
{ {
if(session_status() !== PHP_SESSION_ACTIVE) if(session_status() !== PHP_SESSION_ACTIVE)
return false; return false;
if(isset($_SESSION["LOGGED_IN"])) if(isset($_SESSION["LOGGED_IN"]))
if($_SESSION["LOGGED_IN"] === "YES") if($_SESSION["LOGGED_IN"] === "YES")
return true; return true;
return false; return false;
} }
function user_exists(string $username) function user_exists(string $username)
{ {
include('config.php'); include('config.php');
$usernameUppercase = strtoupper($username); $usernameUppercase = strtoupper($username);
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE UPPER(Username)=?"); $stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase); $stmt->bind_param("s", $usernameUppercase);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
$count = intval($result->fetch_row()[0]); $count = intval($result->fetch_row()[0]);
return $count>0; return $count>0;
} }
function get_username(string $id) function get_username(string $id)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Username FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT Username FROM Users WHERE Id=?");
$stmt->bind_param("i", $id); $stmt->bind_param("i", $id);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
$usetname = $result->fetch_row()[0]; $usetname = $result->fetch_row()[0];
return $usetname; return $usetname;
} }
function get_userid(string $username) function get_userid(string $username)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$usernameUppercase = strtoupper($username); $usernameUppercase = strtoupper($username);
$stmt = $connect->prepare("SELECT Id FROM Users WHERE UPPER(Username)=?"); $stmt = $connect->prepare("SELECT Id FROM Users WHERE UPPER(Username)=?");
$stmt->bind_param("s", $usernameUppercase); $stmt->bind_param("s", $usernameUppercase);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
$id = intval($result->fetch_row()[0]); $id = intval($result->fetch_row()[0]);
return $id; return $id;
} }
function get_sex(int $userid) function get_sex(int $userid)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Gender FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT Gender FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); $stmt->bind_param("i", $userid);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
return $result->fetch_row()[0]; return $result->fetch_row()[0];
} }
function get_admin(int $userid) function get_admin(int $userid)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Admin FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT Admin FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); $stmt->bind_param("i", $userid);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
return $result->fetch_row()[0]; return $result->fetch_row()[0];
} }
function get_mod(int $userid) function get_mod(int $userid)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Moderator FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT Moderator FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); $stmt->bind_param("i", $userid);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
return $result->fetch_row()[0]; return $result->fetch_row()[0];
} }
function get_password_hash(int $userid) function get_password_hash(int $userid)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); $stmt->bind_param("i", $userid);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
return $result->fetch_row()[0]; return $result->fetch_row()[0];
} }
function get_salt(int $userid) function get_salt(int $userid)
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?"); $stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); $stmt->bind_param("i", $userid);
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
return $result->fetch_row()[0]; return $result->fetch_row()[0];
} }
function check_password(int $userId, string $password) function check_password(int $userId, string $password)
{ {
$passhash = get_password_hash($userId); $passhash = get_password_hash($userId);
$passsalt = hex2bin(get_salt($userId)); $passsalt = hex2bin(get_salt($userId));
$acturalhash = hash_salt($password, $passsalt); $acturalhash = hash_salt($password, $passsalt);
if($acturalhash === $passhash) if($acturalhash === $passhash)
return true; return true;
else else
return false; return false;
} }
function populate_db() function populate_db()
{ {
include('config.php'); include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))"); mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
} }
function startsWith( $haystack, $needle ) { function startsWith( $haystack, $needle ) {
$length = strlen( $needle ); $length = strlen( $needle );
return substr( $haystack, 0, $length ) === $needle; return substr( $haystack, 0, $length ) === $needle;
} }
function endsWith( $haystack, $needle ) { function endsWith( $haystack, $needle ) {
$length = strlen( $needle ); $length = strlen( $needle );
if( !$length ) { if( !$length ) {
return true; return true;
} }
return substr( $haystack, -$length ) === $needle; return substr( $haystack, -$length ) === $needle;
} }
?> ?>

4
game-site/web/config.php
View File

@ -1,3 +1,3 @@
<?php <?php
include("../config.php"); include("../config.php");
?> ?>

723
game-site/web/crosserver.php
View File

@ -1,357 +1,366 @@
<?php <?php
function GenHmacMessage(string $data, string $channel) function GenHmacMessage(string $data, string $channel)
{ {
include('config.php'); include('config.php');
if($hmac_secret === "!!NOTSET!!"){ if($hmac_secret === "!!NOTSET!!"){
echo("<script>alert('Please set HMAC_SECRET !')</script>"); echo("<script>alert('Please set HMAC_SECRET !')</script>");
echo("<h1>Set \$hmac_secret in config.php!</h1>"); echo("<h1>Set \$hmac_secret in config.php!</h1>");
exit(); exit();
} }
$hmac = hash_hmac('sha256', $data, $hmac_secret.$channel.$_SERVER['REMOTE_ADDR'].date('mdy')); $secret = $hmac_secret.$channel.$_SERVER['REMOTE_ADDR'].date('mdy');
return $hmac; $hmac = hash_hmac('sha256', $data, $secret);
} return $hmac;
}
function getPlayerList($database)
{ function getPlayerList($database)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$onlineUsers = mysqli_query($connect, "SELECT * FROM OnlineUsers"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT * FROM OnlineUsers");
$users_on = [];
$users_on = [];
while ($row = $onlineUsers->fetch_row()) {
$arr = [ ['id' => $row[0], 'admin' => ($row[1] == 'YES'), 'mod' => ($row[2] == 'YES'), 'subbed' => ($row[3] == 'YES'), 'new' => ($row[4] == 'YES')] ]; while ($row = $onlineUsers->fetch_row()) {
$users_on = array_merge($users_on, $arr); $arr = [ ['id' => $row[0], 'admin' => ($row[1] == 'YES'), 'mod' => ($row[2] == 'YES'), 'subbed' => ($row[3] == 'YES'), 'new' => ($row[4] == 'YES')] ];
} $users_on = array_merge($users_on, $arr);
}
return $users_on;
} return $users_on;
}
function checkUserBuddy($database, $yourId, $friendsId)
{ function checkUserBuddy($database, $yourId, $friendsId)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT COUNT(1) FROM BuddyList WHERE (Id=? AND IdFriend=?) OR (Id=? AND IdFriend=?)"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("iiii", $yourId, $friendsId, $friendsId, $yourId); $stmt = $connect->prepare("SELECT COUNT(1) FROM BuddyList WHERE (Id=? AND IdFriend=?) OR (Id=? AND IdFriend=?)");
$stmt->execute(); $stmt->bind_param("iiii", $yourId, $friendsId, $friendsId, $yourId);
$result = $stmt->get_result(); $stmt->execute();
return $result->fetch_row()[0]; $result = $stmt->get_result();
} return $result->fetch_row()[0];
}
function getNoPlayersOnlineInServer($database)
{ function getNoPlayersOnlineInServer($database)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
return $onlineUsers->fetch_row()[0]; $onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers");
} return $onlineUsers->fetch_row()[0];
}
function getNoSubbedPlayersOnlineInServer($database)
{ function getNoSubbedPlayersOnlineInServer($database)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$onlineSubscribers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Subscribed = 'YES'"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
return $onlineSubscribers->fetch_row()[0]; $onlineSubscribers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Subscribed = 'YES'");
} return $onlineSubscribers->fetch_row()[0];
}
function getUserMoney($database, $id)
{ function getUserMoney($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT Money FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT Money FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function setUserMoney($database, $id, $money)
{ function setUserMoney($database, $id, $money)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("ii", $money, $id); $stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?");
$stmt->execute(); $stmt->bind_param("ii", $money, $id);
} $stmt->execute();
}
function setUserSubbed($database, $id, $subbed)
{ function setUserSubbed($database, $id, $subbed)
$subedV = ""; {
if($subbed) $subedV = "";
$subedV = "YES"; if($subbed)
else $subedV = "YES";
$subbedV = "NO"; else
$subbedV = "NO";
include('config.php');
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("si", $subedV, $id); $stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?");
$stmt->execute(); $stmt->bind_param("si", $subedV, $id);
} $stmt->execute();
}
function setUserSubbedUntil($database, $id, $subbedUntil)
{ function setUserSubbedUntil($database, $id, $subbedUntil)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("ii", $subbedUntil, $id); $stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?");
$stmt->execute(); $stmt->bind_param("ii", $subbedUntil, $id);
} $stmt->execute();
}
function getUserBankMoney($database, $id)
{ function getUserBankMoney($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT BankBalance FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT BankBalance FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function getUserLoginDate($database, $id)
{ function getUserLoginDate($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT LastLogin FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT LastLogin FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function getUserQuestPoints($database, $id)
{ function getUserQuestPoints($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT QuestPoints FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT QuestPoints FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function getUserExistInExt($database, $id)
{ function getUserExistInExt($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT COUNT(*) FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT COUNT(*) FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]) >= 1;
return intval($result->fetch_row()[0]) >= 1;
}
}
function getUserTotalLogins($database, $id)
{ function getUserTotalLogins($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT TotalLogins FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT TotalLogins FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function getUserPlaytime($database, $id)
{ function getUserPlaytime($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT FreeMinutes FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT FreeMinutes FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function getUserSubTimeRemaining($database, $id)
{ function getUserSubTimeRemaining($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT SubscribedUntil FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT SubscribedUntil FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return intval($result->fetch_row()[0]);
return intval($result->fetch_row()[0]);
}
}
function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
{ function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("iii", $playerId, $itemId, $itemCount); $stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)");
$stmt->execute(); $stmt->bind_param("iii", $playerId, $itemId, $itemCount);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
} mysqli_close($connect);
}
function getUserSubbed($database, $id)
{ function getUserSubbed($database, $id)
include('config.php'); {
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $dbname = $database;
$stmt = $connect->prepare("SELECT Subscriber FROM UserExt WHERE Id=?"); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->bind_param("i", $id); $stmt = $connect->prepare("SELECT Subscriber FROM UserExt WHERE Id=?");
$stmt->execute(); $stmt->bind_param("i", $id);
$result = $stmt->get_result(); $stmt->execute();
$result = $stmt->get_result();
return $result->fetch_row()[0] == "YES"; $subbed = $result->fetch_row()[0] == "YES";
mysqli_close($connect);
}
return $subbed;
function isUserOnline($database, $id) }
{
include('config.php'); function isUserOnline($database, $id)
{
$dbname = $database; include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?"); $dbname = $database;
$stmt->bind_param("i", $userid); $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt->execute(); $stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?");
$result = $stmt->get_result(); $stmt->bind_param("i", $userid);
$count = intval($result->fetch_row()[0]); $stmt->execute();
return $count>0; $result = $stmt->get_result();
} $count = intval($result->fetch_row()[0]);
mysqli_close($connect);
function getNoModPlayersOnlineInServer($database)
{ return $count>0;
include('config.php'); }
$dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); function getNoModPlayersOnlineInServer($database)
$onlineModerators = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Moderator = 'YES' OR Admin='YES'"); {
return $onlineModerators->fetch_row()[0]; include('config.php');
} $dbname = $database;
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
function getServerById(string $id) $onlineModerators = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Moderator = 'YES' OR Admin='YES'");
{ $num = $onlineModerators->fetch_row()[0];
include('servers.php'); mysqli_close($connect);
for($i = 0; $i < count($server_list); $i++) return $num;
{ }
if($server_list[$i]['id'] == $id)
return $server_list[$i]; function getServerById(string $id)
} {
return null; include('servers.php');
} for($i = 0; $i < count($server_list); $i++)
{
if($server_list[$i]['id'] == $id)
function userid_exists(string $database, string $userid) return $server_list[$i];
{ }
include('config.php'); return null;
$dbname = $database; }
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid); function userid_exists(string $database, string $userid)
$stmt->execute(); {
$result = $stmt->get_result(); include('config.php');
$count = intval($result->fetch_row()[0]); $dbname = $database;
return $count>0; $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
} $stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Id=?");
$stmt->bind_param("i", $userid);
function createAccountOnServer(string $database) $stmt->execute();
{ $result = $stmt->get_result();
include('config.php'); $count = intval($result->fetch_row()[0]);
$dbname = $database; mysqli_close($connect);
$id = intval($_SESSION['PLAYER_ID']); return $count>0;
$username = $_SESSION['USERNAME']; }
$sex = $_SESSION['SEX'];
$admin = $_SESSION['ADMIN']; function createAccountOnServer(string $database)
$mod = $_SESSION['MOD']; {
$passhash = $_SESSION['PASSWORD_HASH']; include('config.php');
$salt = $_SESSION['SALT']; $dbname = $database;
$id = intval($_SESSION['PLAYER_ID']);
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); $username = $_SESSION['USERNAME'];
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)"); $sex = $_SESSION['SEX'];
$stmt->bind_param("issssss", $id, $username, $passhash, $salt, $sex, $admin, $mod); $admin = ($_SESSION['ADMIN'] ? "YES" : "NO");
$stmt->execute(); $mod = ($_SESSION['MOD'] ? "YES" : "NO");
} $passhash = $_SESSION['PASSWORD_HASH'];
$salt = $_SESSION['SALT'];
# Global Functions
function getNoPlayersOnlineGlobal()
{ $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
include('servers.php'); $stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$playersOn = 0; $stmt->bind_param("issssss", $id, $username, $passhash, $salt, $sex, $admin, $mod);
for($i = 0; $i < count($server_list); $i++) $stmt->execute();
{ mysqli_close($connect);
$playersOn += getNoPlayersOnlineInServer($server_list[$i]['database']); }
}
return $playersOn; # Global Functions
} function getNoPlayersOnlineGlobal()
{
function userExistAny($playerId) include('servers.php');
{ $playersOn = 0;
include('servers.php'); for($i = 0; $i < count($server_list); $i++)
for($i = 0; $i < count($server_list); $i++) {
{ $playersOn += getNoPlayersOnlineInServer($server_list[$i]['database']);
if(userid_exists($server_list[$i]['database'], $playerId)){ }
return true; return $playersOn;
} }
}
return false; function userExistAny($playerId)
} {
include('servers.php');
for($i = 0; $i < count($server_list); $i++)
function getNoSubbedPlayersOnlineGlobal() {
{ if(userid_exists($server_list[$i]['database'], $playerId)){
include('servers.php'); return true;
$playersOn = 0; }
for($i = 0; $i < count($server_list); $i++) }
{ return false;
$playersOn += getNoSubbedPlayersOnlineInServer($server_list[$i]['database']); }
}
return $playersOn;
} function getNoSubbedPlayersOnlineGlobal()
{
function getNoModPlayersOnlineGlobal() include('servers.php');
{ $playersOn = 0;
include('servers.php'); for($i = 0; $i < count($server_list); $i++)
$playersOn = 0; {
for($i = 0; $i < count($server_list); $i++) $playersOn += getNoSubbedPlayersOnlineInServer($server_list[$i]['database']);
{ }
$playersOn += getNoModPlayersOnlineInServer($server_list[$i]['database']); return $playersOn;
} }
return $playersOn;
} function getNoModPlayersOnlineGlobal()
{
include('servers.php');
?> $playersOn = 0;
for($i = 0; $i < count($server_list); $i++)
{
$playersOn += getNoModPlayersOnlineInServer($server_list[$i]['database']);
}
return $playersOn;
}
?>

54
game-site/web/footer.php
View File

@ -1,27 +1,27 @@
<?php <?php
if(!isset($master_site)) if(!isset($master_site))
include("config.php"); include("config.php");
?> ?>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%> <TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR> <TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD> <TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD> <TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD> <TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE> </TR></TABLE>
<CENTER><B> <CENTER><B>
[ <A HREF=http:<?php echo($master_site); ?>/web/rules.php>Rules</A> ] [ <A HREF=http:<?php echo($master_site); ?>/web/rules.php>Rules</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/termsandconditions.php>Terms and Conditions</A> ] [ <A HREF=http:<?php echo($master_site); ?>/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/privacypolicy.php>Privacy Policy</A> ]</B><BR> [ <A HREF=http:<?php echo($master_site); ?>/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http:<?php echo($master_site); ?>/web/expectedbehavior.php>Expected Behavior</A> ] [ <A HREF=http:<?php echo($master_site); ?>/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/contactus.php>Contact Us</A> ] [ <A HREF=http:<?php echo($master_site); ?>/web/contactus.php>Contact Us</A> ]
[ <A HREF=http:<?php echo($master_site); ?>/web/credits.php>Credits</A> ]<BR> [ <A HREF=http:<?php echo($master_site); ?>/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; <?php echo(date("Y")); ?> Horse Isle</FONT> <FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; <?php echo(date("Y")); ?> Horse Isle</FONT>
<!-- Google Analytics --> <!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script> </script>
<script type="text/javascript"> <script type="text/javascript">
_uacct = "UA-1805076-1"; _uacct = "UA-1805076-1";
urchinTracker(); urchinTracker();
</script> </script>

258
game-site/web/header.php
View File

@ -1,130 +1,130 @@
<?php <?php
if(!isset($master_site)) if(!isset($master_site))
include('config.php'); include('config.php');
if(session_status() !== PHP_SESSION_ACTIVE) if(session_status() !== PHP_SESSION_ACTIVE)
session_start(); session_start();
if(!function_exists('is_logged_in')) if(!function_exists('is_logged_in'))
include('common.php'); include('common.php');
$host = $_SERVER['HTTP_HOST']; $host = $_SERVER['HTTP_HOST'];
?> ?>
<HEAD> <HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE> <TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual"> <META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game."> <META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon"> <link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="<?php echo("//".$host); ?>/labels.rdf" type="application/rdf+xml" title="ICRA labels" /> <link rel="meta" href="<?php echo("//".$host); ?>/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "<?php echo("//".$host); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "<?php echo($master_site); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' /> <meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "<?php echo("//".$host); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "<?php echo($master_site); ?>" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css"> <style type="text/css">
hr { hr {
height: 1; height: 1;
color: #000000; color: #000000;
background-color: #000000; background-color: #000000;
border: 0; border: 0;
} }
a { a {
font: bold 14px arial; font: bold 14px arial;
color: #6E3278; color: #6E3278;
} }
TH { TH {
background-color: #EDE5B4; background-color: #EDE5B4;
padding: 1px 6px; padding: 1px 6px;
border: 2px dotted #6E3278; border: 2px dotted #6E3278;
font: small-caps 900 14px arial; font: small-caps 900 14px arial;
color: #000000; color: #000000;
} }
TR.a0 { TR.a0 {
background-color: #EDE5B4; background-color: #EDE5B4;
} }
TR.a1 { TR.a1 {
background-color: #D4CCA1; background-color: #D4CCA1;
} }
TD { TD {
font: 14px arial; font: 14px arial;
color: #000000; color: #000000;
} }
TD.forum { TD.forum {
font: 12px arial; font: 12px arial;
color: #000000; color: #000000;
} }
TD.forumlist { TD.forumlist {
padding: 1px 6px; padding: 1px 6px;
border: 2px dotted #6E3278; border: 2px dotted #6E3278;
background-color: #EDE5B4; background-color: #EDE5B4;
text-align: center; text-align: center;
font: bold 14px arial; font: bold 14px arial;
color: #000000; color: #000000;
} }
TD.forumpost { TD.forumpost {
padding: 5px 10px; padding: 5px 10px;
border: 2px dotted #6E3278; border: 2px dotted #6E3278;
background-color: #EDE5B4; background-color: #EDE5B4;
text-align: left; text-align: left;
} }
TD.newslist { TD.newslist {
padding: 4px 4px; padding: 4px 4px;
border: 2px dotted #6E3278; border: 2px dotted #6E3278;
background-color: #FFDDEE; background-color: #FFDDEE;
text-align: left; text-align: left;
font: 14px arial; font: 14px arial;
color: #000000; color: #000000;
} }
FORUMSUBJECT { FORUMSUBJECT {
font: bold 14px arial; font: bold 14px arial;
color: #004400; color: #004400;
} }
FORUMUSER { FORUMUSER {
font: 12px arial; font: 12px arial;
color: #000044; color: #000044;
} }
FORUMDATE { FORUMDATE {
font: 12px arial; font: 12px arial;
color: #444444; color: #444444;
} }
FORUMTEXT { FORUMTEXT {
font: 14px arial; font: 14px arial;
color: #440000; color: #440000;
} }
</style> </style>
</HEAD> </HEAD>
<BODY BGCOLOR=E0D8AA> <BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%> <TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%> <TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD> <TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD> <TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD> <TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR> </TR>
<TR> <TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right> <TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B> <B>
<?php if(isset($login_error)){echo($login_error);} ?> <?php if(isset($login_error)){echo($login_error);} ?>
<?php <?php
if(is_logged_in()) if(is_logged_in())
{ {
$username = $_SESSION['USERNAME']; $username = $_SESSION['USERNAME'];
echo('<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>'.strtoupper($_SERVER['HTTP_HOST']).'</A><BR>Logged in as: '.htmlspecialchars($username).'<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF='.$master_site.'/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF='.$master_site.'/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF='.$master_site.'/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF='.$master_site.'/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF='.$master_site.'/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>'); echo('<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>'.strtoupper($_SERVER['HTTP_HOST']).'</A><BR>Logged in as: '.htmlspecialchars($username).'<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF='.$master_site.'/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF='.$master_site.'/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF='.$master_site.'/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF='.$master_site.'/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF='.$master_site.'/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>');
} }
else else
{ {
echo('<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php> echo('<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR> <TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR> <TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF='.$master_site.'/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>'); <TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF='.$master_site.'/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>');
} }
?> ?>
</TD> </TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR> <TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR> <TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD> <TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR> <TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE> </TABLE>
<CENTER> <CENTER>

40
game-site/web/paypalpayment.php
View File

@ -1,21 +1,21 @@
<?php <?php
include("header.php"); include("header.php");
?> ?>
<BR> <BR>
<CENTER><TABLE CELLPADDING=5><TR><TD></CENTER> <CENTER><TABLE CELLPADDING=5><TR><TD></CENTER>
<FONT FACE=arial> <FONT FACE=arial>
<B>Thank you for your Horse Isle PayPal Payment!</B><BR> <B>Thank you for your Horse Isle PayPal Payment!</B><BR>
<BR> <BR>
Your transaction has been completed, and a receipt for your purchase has been emailed to you from PayPal.<BR> Your transaction has been completed, and a receipt for your purchase has been emailed to you from PayPal.<BR>
You may log into your account at <A HREF="http://www.paypal.com/us">http://www.paypal.com/us</A> to view details of this transaction.<BR> You may log into your account at <A HREF="http://www.paypal.com/us">http://www.paypal.com/us</A> to view details of this transaction.<BR>
<BR> <BR>
If you bought a membership or game money, it will be credited to your account usually within one minute. If you bought a membership or game money, it will be credited to your account usually within one minute.
Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited subscription time or game money. (click refresh on the page if it has not yet showed)<BR> Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited subscription time or game money. (click refresh on the page if it has not yet showed)<BR>
(<FONT COLOR=RED>NOTE: If you paid via paypal e-check it takes paypal 3-4 days to clear the check and notify us.</FONT>)<BR> (<FONT COLOR=RED>NOTE: If you paid via paypal e-check it takes paypal 3-4 days to clear the check and notify us.</FONT>)<BR>
<BR> <BR>
<B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to <B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to
block chat, or limit time online for this account if you want to.<BR> block chat, or limit time online for this account if you want to.<BR>
</TD></TR></TABLE> </TD></TR></TABLE>
<?php <?php
include("footer.php"); include("footer.php");
?> ?>

62
game-site/web/playersonline.php
View File

@ -1,32 +1,32 @@
<?php <?php
include("config.php"); include("config.php");
include("crosserver.php"); include("crosserver.php");
include("common.php"); include("common.php");
$id = -1; $id = -1;
if(isset($_GET['id'])){ if(isset($_GET['id'])){
$id = intval($_GET['id']); $id = intval($_GET['id']);
} }
$on = getPlayerList($dbname); $on = getPlayerList($dbname);
$numbOn = count($on); $numbOn = count($on);
$budsOn = 0; $budsOn = 0;
?> ?>
<B><?php echo($numbOn)?> players<BR>online now:</B><?php <B><?php echo($numbOn)?> players<BR>online now:</B><?php
for($i = 0; $i < $numbOn; $i++){ for($i = 0; $i < $numbOn; $i++){
$name = get_username($on[$i]['id']); $name = get_username($on[$i]['id']);
$admin = $on[$i]['admin']; $admin = $on[$i]['admin'];
$mod = $on[$i]['mod']; $mod = $on[$i]['mod'];
$subbed = $on[$i]['subbed']; $subbed = $on[$i]['subbed'];
$new = $on[$i]['new']; $new = $on[$i]['new'];
$bud = checkUserBuddy($dbname, $id ,$on[$i]['id']); $bud = checkUserBuddy($dbname, $id ,$on[$i]['id']);
echo("<BR>"); echo("<BR>");
if($bud) { echo('<B><FONT COLOR=BLUE>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); $budsOn++; } if($bud) { echo('<B><FONT COLOR=BLUE>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); $budsOn++; }
else if($admin) { echo('<B><FONT COLOR=RED>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); } else if($admin) { echo('<B><FONT COLOR=RED>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else if($mod) { echo('<B><FONT COLOR=GREEN>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); } else if($mod) { echo('<B><FONT COLOR=GREEN>'); echo(htmlspecialchars($name)); echo('</FONT></B>'); }
else { echo(htmlspecialchars($name)); } else { echo(htmlspecialchars($name)); }
if($new) { echo(' <FONT SIZE=-2 COLOR=660000>[new]</FONT>'); }; if($new) { echo(' <FONT SIZE=-2 COLOR=660000>[new]</FONT>'); };
} }
?><BR><I><FONT COLOR=BLUE>(<?php echo($budsOn); ?> buddies)</FONT></I><BR><FONT COLOR=222222 SIZE=-1><I>This list refreshes every 30 seconds.</I></FONT> ?><BR><I><FONT COLOR=BLUE>(<?php echo($budsOn); ?> buddies)</FONT></I><BR><FONT COLOR=222222 SIZE=-1><I>This list refreshes every 30 seconds.</I></FONT>

486
game-site/web/ppemu.php
View File

@ -1,244 +1,244 @@
<?php <?php
session_start(); session_start();
include("../config.php"); include("../config.php");
include("crosserver.php"); include("crosserver.php");
include("common.php"); include("common.php");
if(!is_logged_in()){ if(!is_logged_in()){
include("header.php"); include("header.php");
echo("Login First."); echo("Login First.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']); $money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
if(isset($_GET["go"], $_GET["qnt"], $_GET["itm"], $_GET['to'], $_GET["ret"], $_GET['sign'])) if(isset($_GET["go"], $_GET["qnt"], $_GET["itm"], $_GET['to'], $_GET["ret"], $_GET['sign']))
{ {
$targetUser = $_GET['to']; $targetUser = $_GET['to'];
$subbed = getUserSubbed($dbname, $targetUser); $subbed = getUserSubbed($dbname, $targetUser);
$subbedUntil = getUserSubTimeRemaining($dbname, $targetUser); $subbedUntil = getUserSubTimeRemaining($dbname, $targetUser);
$moneyTarget = getUserMoney($dbname, $targetUser); $moneyTarget = getUserMoney($dbname, $targetUser);
if(!$subbed) if(!$subbed)
$subbedUntil = time(); $subbedUntil = time();
if($_GET["go"] == 1) if($_GET["go"] == 1)
{ {
$msg = $_GET['itm'].$_GET["qnt"].$_GET["to"].$_GET["ret"].$_SESSION['USERNAME'].$_SESSION['PLAYER_ID']; $msg = $_GET['itm'].$_GET["qnt"].$_GET["to"].$_GET["ret"].$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
$expectedSignature = GenHmacMessage($msg, "PPEMU"); $expectedSignature = GenHmacMessage($msg, "PPEMU");
$gotHmacSignature = $_GET['sign']; $gotHmacSignature = $_GET['sign'];
if(!hash_equals($gotHmacSignature,$expectedSignature)){ if(!hash_equals($gotHmacSignature,$expectedSignature)){
include("header.php"); include("header.php");
echo("Invalid Signature. Are you trying to scam people?"); echo("Invalid Signature. Are you trying to scam people?");
include("footer.php"); include("footer.php");
exit(); exit();
} }
$itm = $_GET["itm"]; $itm = $_GET["itm"];
if(strpos($itm, "One Month Horse Isle Membership") === 0){ if(strpos($itm, "One Month Horse Isle Membership") === 0){
$amount = 5; // NO CHEATING! $amount = 5; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE; $cost = $amount*$EXHANGE_RATE;
if($money >= $cost) if($money >= $cost)
{ {
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost); setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname,$targetUser, true); setUserSubbed($dbname,$targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 2678400); setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 2678400);
header("Location: ".$_GET["ret"]); header("Location: ".$_GET["ret"]);
} }
else else
{ {
include("header.php"); include("header.php");
echo("Not enough money."); echo("Not enough money.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
} }
else if(strpos($itm, "Full Year Horse Isle Membership") === 0){ else if(strpos($itm, "Full Year Horse Isle Membership") === 0){
$amount = 40; // NO CHEATING! $amount = 40; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE; $cost = $amount*$EXHANGE_RATE;
if($money >= $cost) if($money >= $cost)
{ {
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost); setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
setUserSubbed($dbname, $targetUser, true); setUserSubbed($dbname, $targetUser, true);
setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 31622400); setUserSubbedUntil($dbname, $targetUser, $subbedUntil + 31622400);
header("Location: ".$_GET["ret"]); header("Location: ".$_GET["ret"]);
} }
else else
{ {
include("header.php"); include("header.php");
echo("Not enough money."); echo("Not enough money.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
} }
else if(strpos($itm, "100k Horse Isle Money") === 0){ // Why thou? else if(strpos($itm, "100k Horse Isle Money") === 0){ // Why thou?
$amount = 1; // NO CHEATING! $amount = 1; // NO CHEATING!
$quantity = intval($_GET["qnt"]); $quantity = intval($_GET["qnt"]);
$cost = ($amount*$EXHANGE_RATE)*$quantity; $cost = ($amount*$EXHANGE_RATE)*$quantity;
if($money >= $cost) if($money >= $cost)
{ {
$amountGained = (100000 * $quantity); $amountGained = (100000 * $quantity);
if($quantity == 5) if($quantity == 5)
$amountGained = 550000; $amountGained = 550000;
if($quantity == 10) if($quantity == 10)
$amountGained = 1100000; $amountGained = 1100000;
if($quantity == 10) if($quantity == 10)
$amountGained = 1100000; $amountGained = 1100000;
if($quantity == 20) if($quantity == 20)
$amountGained = 2300000; $amountGained = 2300000;
if($quantity == 50) if($quantity == 50)
$amountGained = 5750000; $amountGained = 5750000;
if($quantity == 100) if($quantity == 100)
$amountGained = 12000000; $amountGained = 12000000;
if($quantity == 250) if($quantity == 250)
$amountGained = 31250000; $amountGained = 31250000;
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost); setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
$money-=$cost; $money-=$cost;
setUserMoney($dbname, $targetUser, $moneyTarget+=$amountGained); setUserMoney($dbname, $targetUser, $moneyTarget+=$amountGained);
header("Location: ".$_GET["ret"]); header("Location: ".$_GET["ret"]);
} }
else else
{ {
include("header.php"); include("header.php");
echo("Not enough money."); echo("Not enough money.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
} }
else if(strpos($itm, "Pawneer Order") === 0){ else if(strpos($itm, "Pawneer Order") === 0){
$amount = 8; // NO CHEATING! $amount = 8; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE; $cost = $amount*$EXHANGE_RATE;
if($money >= $cost) if($money >= $cost)
{ {
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost); setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 1); addItemToPuchaseQueue($dbname, $targetUser, 559, 1);
header("Location: ".$_GET["ret"]); header("Location: ".$_GET["ret"]);
} }
else else
{ {
include("header.php"); include("header.php");
echo("Not enough money."); echo("Not enough money.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
} }
else if(strpos($itm, "Five Pawneer Order") === 0){ else if(strpos($itm, "Five Pawneer Order") === 0){
$amount = 30; // NO CHEATING! $amount = 30; // NO CHEATING!
$cost = $amount*$EXHANGE_RATE; $cost = $amount*$EXHANGE_RATE;
if($money >= $cost) if($money >= $cost)
{ {
setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost); setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
addItemToPuchaseQueue($dbname, $targetUser, 559, 5); addItemToPuchaseQueue($dbname, $targetUser, 559, 5);
header("Location: ".$_GET["ret"]); header("Location: ".$_GET["ret"]);
} }
else else
{ {
include("header.php"); include("header.php");
echo("Not enough money."); echo("Not enough money.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
} }
exit(); exit();
} }
} }
$quantity = 1; $quantity = 1;
if(!isset($_POST['item_name'], $_POST['amount'], $_POST['item_number'], $_POST['custom'], $_POST['return'])) if(!isset($_POST['item_name'], $_POST['amount'], $_POST['item_number'], $_POST['custom'], $_POST['return']))
{ {
include("header.php"); include("header.php");
echo("Some data was invalid"); echo("Some data was invalid");
include("footer.php"); include("footer.php");
exit(); exit();
} }
if(isset($_POST['quantity'])) if(isset($_POST['quantity']))
$quantity = intval($_POST['quantity']); $quantity = intval($_POST['quantity']);
$hasIntl = function_exists('numfmt_create'); $hasIntl = function_exists('numfmt_create');
if($hasIntl) if($hasIntl)
$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL ); $fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
$toUser = $_POST['custom']; $toUser = $_POST['custom'];
$toUsername = ""; $toUsername = "";
if(!getUserExistInExt($dbname, $toUser)) if(!getUserExistInExt($dbname, $toUser))
{ {
include("header.php"); include("header.php");
echo("Cannot buy for a user who does not exist on this server."); echo("Cannot buy for a user who does not exist on this server.");
include("footer.php"); include("footer.php");
exit(); exit();
} }
else{ else{
$toUsername = get_username($toUser); $toUsername = get_username($toUser);
} }
include("header.php"); include("header.php");
?> ?>
<h1>HISP - PayPal Emulator</h1> <h1>HISP - PayPal Emulator</h1>
<b>Purchase Information:</b> <b>Purchase Information:</b>
<table> <table>
<tr> <tr>
<th>Item</th> <th>Item</th>
<th>Quantity</th> <th>Quantity</th>
<th>Item number</th> <th>Item number</th>
<th>Price (USD)</th> <th>Price (USD)</th>
<th>Price (HorseIsle)</th> <th>Price (HorseIsle)</th>
</tr> </tr>
<tr> <tr>
<td><?php echo(htmlspecialchars($_POST['item_name'])) ?></td> <td><?php echo(htmlspecialchars($_POST['item_name'])) ?></td>
<td><?php echo(htmlspecialchars((string)$quantity)); ?></td> <td><?php echo(htmlspecialchars((string)$quantity)); ?></td>
<td><?php echo(htmlspecialchars($_POST['item_number'])) ?></td> <td><?php echo(htmlspecialchars($_POST['item_number'])) ?></td>
<td><?php <td><?php
if($hasIntl) if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars($_POST['amount']*$quantity))); $cost = numfmt_format($fmt, intval(htmlspecialchars($_POST['amount']*$quantity)));
else else
$cost = $_POST['amount']*$quantity; $cost = $_POST['amount']*$quantity;
echo('$'.$cost); echo('$'.$cost);
?></td> ?></td>
<td><?php <td><?php
if($hasIntl) if($hasIntl)
$cost = numfmt_format($fmt, intval(htmlspecialchars((($_POST['amount']) * $EXHANGE_RATE)*$quantity))); $cost = numfmt_format($fmt, intval(htmlspecialchars((($_POST['amount']) * $EXHANGE_RATE)*$quantity)));
else else
$cost = (($_POST['amount']) * $EXHANGE_RATE)*$quantity; $cost = (($_POST['amount']) * $EXHANGE_RATE)*$quantity;
echo('$'.$cost); echo('$'.$cost);
?></td> ?></td>
</tr> </tr>
</table> </table>
<h3><b>NOTE: $1USD = $<?php echo($EXHANGE_RATE)?> HorseIsle Money! (you have $<?php echo($money) ?>)</b></h3><br><b>This purchase is for User: <?php echo(htmlspecialchars($toUser)." (".$toUsername.")"); ?></b></br>Do you want to purchase?</br><br><a href="?go=1&itm=<?php echo(urlencode(htmlspecialchars($_POST['item_name']))); ?>&qnt=<?php echo(urlencode(htmlspecialchars($quantity)));?>&to=<?php echo(urlencode(htmlspecialchars($_POST['custom']))); ?>&ret=<?php echo(urlencode(htmlspecialchars($_POST['return']))); ?>&sign=<?php <h3><b>NOTE: $1USD = $<?php echo($EXHANGE_RATE)?> HorseIsle Money! (you have $<?php echo($money) ?>)</b></h3><br><b>This purchase is for User: <?php echo(htmlspecialchars($toUser)." (".$toUsername.")"); ?></b></br>Do you want to purchase?</br><br><a href="?go=1&itm=<?php echo(urlencode(htmlspecialchars($_POST['item_name']))); ?>&qnt=<?php echo(urlencode(htmlspecialchars($quantity)));?>&to=<?php echo(urlencode(htmlspecialchars($_POST['custom']))); ?>&ret=<?php echo(urlencode(htmlspecialchars($_POST['return']))); ?>&sign=<?php
$msg = htmlspecialchars($_POST['item_name']).htmlspecialchars($quantity).htmlspecialchars($_POST['custom']).htmlspecialchars($_POST['return']).$_SESSION['USERNAME'].$_SESSION['PLAYER_ID']; $msg = htmlspecialchars($_POST['item_name']).htmlspecialchars($quantity).htmlspecialchars($_POST['custom']).htmlspecialchars($_POST['return']).$_SESSION['USERNAME'].$_SESSION['PLAYER_ID'];
echo(urlencode(GenHmacMessage($msg, "PPEMU"))); echo(urlencode(GenHmacMessage($msg, "PPEMU")));
?>">Yes</a> | <a href="/account.php">No</a> ?>">Yes</a> | <a href="/account.php">No</a>
<?php <?php
include("footer.php"); include("footer.php");
?> ?>

148
game-site/web/reasonstosubscribe.php
View File

@ -1,75 +1,75 @@
<?php <?php
session_start(); session_start();
include("config.php"); include("config.php");
include("header.php"); include("header.php");
?> ?>
<BR> <BR>
<CENTER><TABLE CELLPADDING=5><TR><TD> <CENTER><TABLE CELLPADDING=5><TR><TD>
<div style="TEXT-ALIGN:center"> <div style="TEXT-ALIGN:center">
<font size="4"><span style="COLOR:#990000; FONT-WEIGHT:bold"> Subscription Benefits</span></font><br/> <font size="4"><span style="COLOR:#990000; FONT-WEIGHT:bold"> Subscription Benefits</span></font><br/>
</div> </div>
<br/> <br/>
<font size="2" style="FONT-WEIGHT:bold"><span style="FONT-WEIGHT:bold; COLOR:#990000"> #1:</span> <font size="2" style="FONT-WEIGHT:bold"><span style="FONT-WEIGHT:bold; COLOR:#990000"> #1:</span>
Support:</font><br/> Support:</font><br/>
Support continued Horse Isle development employing many talented artists.<br/> Support continued Horse Isle development employing many talented artists.<br/>
<br/> <br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000"> <span style="FONT-WEIGHT:bold; COLOR:#990000">
#2:</span><span style="FONT-WEIGHT:bold"> Access:</span><br/> #2:</span><span style="FONT-WEIGHT:bold"> Access:</span><br/>
Unlimited play time.&nbsp; Also, priority access to the server if it is nearing Unlimited play time.&nbsp; Also, priority access to the server if it is nearing
capacity.<br/> capacity.<br/>
<br/> <br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000"> <span style="FONT-WEIGHT:bold; COLOR:#990000">
#3:</span><span style="FONT-WEIGHT:bold"> Ranch ownership:</span><br/> #3:</span><span style="FONT-WEIGHT:bold"> Ranch ownership:</span><br/>
Once you can afford a ranch, it grants many optional benefits:<br/> Once you can afford a ranch, it grants many optional benefits:<br/>
<ul> <ul>
<li> <li>
&nbsp; Carry more items with sheds (up to 80 total) &nbsp; Carry more items with sheds (up to 80 total)
</li> </li>
<li> <li>
&nbsp; Own more horses several for each barn on your ranch &nbsp; Own more horses several for each barn on your ranch
</li> </li>
<li> <li>
&nbsp; Being able to sell horses while offline &nbsp; Being able to sell horses while offline
</li> </li>
<li> <li>
&nbsp; Easier feeding/watering/training of horses with silo,well,training &nbsp; Easier feeding/watering/training of horses with silo,well,training
pen pen
</li> </li>
<li> <li>
&nbsp; Free wagon transport with a wagon&nbsp; &nbsp; Free wagon transport with a wagon&nbsp;
</li> </li>
<li> <li>
&nbsp; Earn money while on/offline with windmills &nbsp; Earn money while on/offline with windmills
</li> </li>
</ul> </ul>
<br style="FONT-WEIGHT:bold; COLOR:#990000"/> <br style="FONT-WEIGHT:bold; COLOR:#990000"/>
<span style="FONT-WEIGHT:bold; COLOR:#990000"> <span style="FONT-WEIGHT:bold; COLOR:#990000">
#4:</span><span style="FONT-WEIGHT:bold"> Game Identification:</span><br/> #4:</span><span style="FONT-WEIGHT:bold"> Game Identification:</span><br/>
A Horse Isle Subscriber is identified in-game with a Star next to the player's name A Horse Isle Subscriber is identified in-game with a Star next to the player's name
in the player lists. A fancier star identifies longer term subscribers.<br/> in the player lists. A fancier star identifies longer term subscribers.<br/>
<br/> <br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000"> <span style="FONT-WEIGHT:bold; COLOR:#990000">
#5:</span><span style="FONT-WEIGHT:bold"> Train Horses Twice as often:</span><br/> #5:</span><span style="FONT-WEIGHT:bold"> Train Horses Twice as often:</span><br/>
A Horse Isle Subscriber can train horses again in 1/2 the time.<br/> A Horse Isle Subscriber can train horses again in 1/2 the time.<br/>
<br/> <br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#6:</span><span style="FONT-WEIGHT:bold"> <span style="FONT-WEIGHT:bold; COLOR:#990000">#6:</span><span style="FONT-WEIGHT:bold">
Parental Controls:</span><br/> Parental Controls:</span><br/>
The ability to set the number of hours a child can play per day, or even The ability to set the number of hours a child can play per day, or even
disabling the ability to send and receive chat.<br/> disabling the ability to send and receive chat.<br/>
<br/> <br/>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#7:</span><span style="FONT-WEIGHT:bold"> <span style="FONT-WEIGHT:bold; COLOR:#990000">#7:</span><span style="FONT-WEIGHT:bold">
Double Global Chats:</span><br/> Double Global Chats:</span><br/>
Subscribers earn one global chat per minute rather than every other minute.<br/> Subscribers earn one global chat per minute rather than every other minute.<br/>
<BR> <BR>
<span style="FONT-WEIGHT:bold; COLOR:#990000">#8:</span><span style="FONT-WEIGHT:bold"> <span style="FONT-WEIGHT:bold; COLOR:#990000">#8:</span><span style="FONT-WEIGHT:bold">
Art Room Access:</span><br/> Art Room Access:</span><br/>
Subscribers are allowed to draw in the group art rooms.<br/> Subscribers are allowed to draw in the group art rooms.<br/>
<BR> <BR>
<CENTER>[ <A HREF=/account.php>Return to Account Information</A> ] <CENTER>[ <A HREF=/account.php>Return to Account Information</A> ]
</TD></TR></TABLE> </TD></TR></TABLE>
<?php <?php
include("footer.php"); include("footer.php");
?> ?>

22
game-site/web/spendhorsebucks.php
View File

@ -1,12 +1,12 @@
<?php <?php
session_start(); session_start();
include("config.php"); include("config.php");
include("header.php"); include("header.php");
if(!is_logged_in()){ if(!is_logged_in()){
echo('Account information not found. please login again.'); echo('Account information not found. please login again.');
exit(); exit();
} }
?> ?>
<B><FONT SIZE=+1>Horse Isle Horse Bucks Redemption</FONT></B><BR>You Currently have 0 Horse Bucks from Referrals/Prizes.<BR>You do not have at least 5 Horse Bucks to make an exchange.<BR><A HREF=/account.php>ACCOUNT PAGE</A><?php <B><FONT SIZE=+1>Horse Isle Horse Bucks Redemption</FONT></B><BR>You Currently have 0 Horse Bucks from Referrals/Prizes.<BR>You do not have at least 5 Horse Bucks to make an exchange.<BR><A HREF=/account.php>ACCOUNT PAGE</A><?php
include("footer.php"); include("footer.php");
?> ?>

40
game-site/web/whylimited.php
View File

@ -1,21 +1,21 @@
<?php <?php
session_start(); session_start();
include("config.php"); include("config.php");
include("header.php"); include("header.php");
?> ?>
<BR> <BR>
<CENTER><TABLE CELLPADDING=5><TR><TD> <CENTER><TABLE CELLPADDING=5><TR><TD>
<font size="4" style="COLOR:#990000"><span style="FONT-WEIGHT:bold">Why is play time limited?</span></font><br/> <font size="4" style="COLOR:#990000"><span style="FONT-WEIGHT:bold">Why is play time limited?</span></font><br/>
<br/> <br/>
The servers have to work very hard for each player logged in. We have high-end dedicated servers, The servers have to work very hard for each player logged in. We have high-end dedicated servers,
but they can only run 150-200 players online at once. Dedicated servers are expensive. but they can only run 150-200 players online at once. Dedicated servers are expensive.
For these reasons, free players have a limited amount of playtime per day, and are even For these reasons, free players have a limited amount of playtime per day, and are even
denied access when the server is nearing capacity. Subscribers have unlimited access, as they are sharing the costs of running the server. denied access when the server is nearing capacity. Subscribers have unlimited access, as they are sharing the costs of running the server.
<BR> <BR>
<BR><CENTER> <B><A HREF=/account.php>RETURN TO ACCOUNT</A> <BR><CENTER> <B><A HREF=/account.php>RETURN TO ACCOUNT</A>
</TD></TR></TABLE> </TD></TR></TABLE>
<?php <?php
include("footer.php"); include("footer.php");
?> ?>