}
$userid = $_SESSION['userid'];
require "header.php";
$h = new headers();
$h->startheaders();
include "mysql.php";
global $c;
$is = mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$userid}", $c) or die(mysql_error());
$ir = mysql_fetch_array($is);
check_level();
$fm = money_formatter($ir['money']);
$cm = money_formatter($ir['crystals'], '');
$lv = date('F j, Y, g:i a', $ir['laston']);
$h->userdata($ir, $lv, $fm, $cm);
$h->menuarea();
$game_url = determine_game_urlbase();
print <<<EOF
<h3>Donations</h3>
<b>[<a href='willpotion.php'>Buy Will Potions</a>]</b><br />
If you become a donator to {GAME_NAME}, you will receive (each time you donate):<br />
<b>1st Offer:</b><ul>
<li>\$5,000 game money</li>
<li>50 crystals</li>
<li>50 IQ, the hardest stat to get in the game!</li>
<li>30 days Donator Status: Red name + cross next to your name</li>
<li><b>NEW!</b> Friend and Black Lists</li>
<li><b>NEW!</b> 17% Energy every 5 mins instead of 8%</li></ul><br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type=hidden name=cmd value=_xclick>
<input type="hidden" name="business" value="{PAYPAL}">
<input type="hidden" name="item_name" value="{GAME_NAME} Donation for ({$userid}) (Pack 1)">
<?php
/*
MCCodes FREE
mailban.php Rev 1.1.0
Copyright (C) 2005-2012 Dabomstew
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
if (!isset($_GET['userid']) || !is_numeric($_GET['userid'])) {
exit;
}
require "global_func.php";
$location = 'http://' . determine_game_urlbase() . '/new_staff.php?action=mailform&XID=' . $_GET['userid'];
header('Location: ' . $location);
exit;
} else {
$mem = mysql_fetch_assoc($uq);
$login_failed = false;
// Pass Salt generation: autofix
if (empty($mem['pass_salt'])) {
if (md5($raw_password) != $mem['userpass']) {
$login_failed = true;
}
$salt = generate_pass_salt();
$enc_psw = encode_password($mem['userpass'], $salt, true);
$e_salt = mysql_real_escape_string($salt, $c);
// in case of changed salt function
$e_encpsw = mysql_real_escape_string($enc_psw, $c);
// ditto for password encoder
mysql_query("UPDATE `users`\n \t\t SET `pass_salt` = '{$e_salt}', `userpass` = '{$e_encpsw}'\n \t\t WHERE `userid` = {$mem['userid']}", $c);
} else {
$login_failed = !verify_user_password($raw_password, $mem['pass_salt'], $mem['userpass']);
}
if ($login_failed) {
die("<h3>{GAME_NAME} Error</h3>\n\t\tInvalid username or password!<br />\n\t\t<a href='login.php'>> Back</a>");
}
if ($mem['userid'] == 1 && file_exists('./installer.php')) {
die("<h3>{GAME_NAME} Error</h3>\n The installer still exists! You need to delete installer.php immediately.<br />\n <a href='login.php'>> Back</a>");
}
session_regenerate_id();
$_SESSION['loggedin'] = 1;
$_SESSION['userid'] = $mem['userid'];
$loggedin_url = 'http://' . determine_game_urlbase() . '/loggedin.php';
header("Location: {$loggedin_url}");
exit;
}
