while (list($key, $buff) = each($session['bufflist'])) {
        if ($buff['used']) {
            $session['bufflist'][$key]['used'] = 0;
            $session['bufflist'][$key]['rounds']--;
            if ($session['bufflist'][$key]['rounds'] <= 0) {
                if ($buff['wearoff']) {
                    $msg = $buff['wearoff'];
                    $msg = str_replace("{badguy}", $badguy['creaturename'], $msg);
                    output("`){$msg}`n");
                }
                unset($session['bufflist'][$key]);
            }
        }
    }
}
$badguy = createarray($session['user']['badguy']);
if (date("m-d") == "04-01") {
    if (!strpos($badguy['creaturename'], "bork bork")) {
        $badguy['creaturename'] = $badguy['creaturename'] . " bork bork";
    }
}
$adjustment = $session['user']['level'] / $badguy['creaturelevel'];
if ($badguy['pvp']) {
    $adjustment = 1;
}
if ($HTTP_GET_VARS[op] == "fight") {
    if ($HTTP_GET_VARS['skill'] == "godmode") {
        $session['bufflist']['godmode'] = array("name" => "`&GOD MODE", "rounds" => 1, "wearoff" => "You feel mortal again.", "atkmod" => 25, "defmod" => 25, "invulnerable" => 1, "startmsg" => "`n`&You feel godlike`n`n", "activate" => "roundstart");
    }
    if ($HTTP_GET_VARS['skill'] == "MP") {
        if ($session['user']['magicuses'] >= $HTTP_GET_VARS['l']) {
			$session['bufflist'][$key]['used'] = 0;
			$session['bufflist'][$key]['rounds']--;
			if ($session['bufflist'][$key]['rounds'] <= 0) {
				if ($buff['wearoff']) {
					$msg = $buff['wearoff'];
					$msg = str_replace("{badguy}", $badguy['creaturename'], $msg);
					output("`)$msg`n");
				}
				unset($session['bufflist'][$key]);
			}
		}
	}
}


$badguy = createarray($session[user][badguy]);

if (date("m-d")=="04-01"){
	if (!strpos($badguy[creaturename],"bork bork")){
		$badguy[creaturename]=$badguy[creaturename]." bork bork";
	}
}

$adjustment = ($session[user][level]/$badguy[creaturelevel]);
if ($badguy[pvp]) $adjustment=1;

if ($HTTP_GET_VARS[op]=="fight"){
	if ($HTTP_GET_VARS[skill]=="godmode"){
		$session[bufflist]['godmode']=array(
			"name"=>"`&GOD MODE",
			"rounds"=>1,
if ($session['loggedin']) {
    $sql = "SELECT * FROM accounts WHERE acctid = '" . $session['user']['acctid'] . "'";
    $result = db_query($sql);
    if (db_num_rows($result) == 1) {
        $session['user'] = db_fetch_assoc($result);
        $session['output'] = $session['user']['output'];
        $session['user']['dragonpoints'] = unserialize($session['user']['dragonpoints']);
        $session['user']['prefs'] = unserialize($session['user']['prefs']);
        if (!is_array($session['user']['dragonpoints'])) {
            $session['user']['dragonpoints'] = array();
        }
        if (is_array(unserialize($session['user']['allowednavs']))) {
            $session['allowednavs'] = unserialize($session['user']['allowednavs']);
        } else {
            //depreciated, left only for legacy support.
            $session['allowednavs'] = createarray($session['user']['allowednavs']);
        }
        if (!$session['user']['loggedin'] || 0 && date("U") - strtotime($session['user']['laston']) > getsetting("LOGINTIMEOUT", 900)) {
            $session = array();
            redirect("index.php?op=timeout", "Account not logged in but session thinks they are.");
        }
    } else {
        $session = array();
        $session['message'] = "`4Error, your login was incorrect`0";
        redirect("index.php", "Account Disappeared!");
    }
    db_free_result($result);
    if ($session['allowednavs'][$REQUEST_URI] && !$allownonnav[$SCRIPT_NAME]) {
        $session['allowednavs'] = array();
    } else {
        if (!$allownonnav[$SCRIPT_NAME]) {
$allowanonymous=array("index.php"=>true,"login.php"=>true,"create.php"=>true,"about.php"=>true,"list.php"=>true,"petition.php"=>true,"connector.php"=>true,"logdnet.php"=>true,"referral.php"=>true,"news.php"=>true,"motd.php"=>true,"topwebvote.php"=>true);
$allownonnav = array("badnav.php"=>true,"motd.php"=>true,"petition.php"=>true,"mail.php"=>true,"topwebvote.php"=>true);
if ($session[loggedin]){
	$sql = "SELECT * FROM accounts WHERE acctid = '".$session[user][acctid]."'";
	$result = db_query($sql);
	if (db_num_rows($result)==1){
		$session[user]=db_fetch_assoc($result);
		$session[output]=$session[user][output];
		$session[user][dragonpoints]=unserialize($session[user][dragonpoints]);
		$session[user][prefs]=unserialize($session[user][prefs]);
		if (!is_array($session[user][dragonpoints])) $session[user][dragonpoints]=array();
		if (is_array(unserialize($session[user][allowednavs]))){
			$session[allowednavs]=unserialize($session[user][allowednavs]);
		}else{
			//depreciated, left only for legacy support.
			$session[allowednavs]=createarray($session[user][allowednavs]);
		}
		if (!$session[user][loggedin] || (0 && (date("U") - strtotime($session[user][laston])) > getsetting("LOGINTIMEOUT",900)) ){
			$session=array();
			redirect("index.php?op=timeout","Account not logged in but session thinks they are.");
		}
	}else{
		$session=array();
		$session[message]="`4Error, your login was incorrect`0";
		redirect("index.php","Account Disappeared!");
	}
	db_free_result($result);
	if ($session[allowednavs][$REQUEST_URI] && !$allownonnav[$SCRIPT_NAME]){
		$session[allowednavs]=array();
	}else{
		if (!$allownonnav[$SCRIPT_NAME]){