Esempio n. 1
0
<?php

require_once 'engine/init.php';
include 'layout/overall/header.php';
if ($config['log_ip']) {
    znote_visitor_insert_detailed_data(4);
}
if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
    $name = $_GET['name'];
    $user_id = user_character_exist($name);
    if ($user_id !== false) {
        if ($config['TFSVersion'] == 'TFS_10') {
            $profile_data = user_character_data($user_id, 'name', 'level', 'vocation', 'lastlogin', 'sex');
            $profile_data['online'] = user_is_online_10($user_id);
            if ($config['Ach'] == true) {
                $achievementPoints = mysql_select_single("SELECT SUM(`value`) AS `sum` FROM `player_storage` WHERE `key` LIKE '30___' AND `player_id`='{$user_id}'");
            }
        } else {
            $profile_data = user_character_data($user_id, 'name', 'level', 'vocation', 'lastlogin', 'online', 'sex');
        }
        $profile_znote_data = user_znote_character_data($user_id, 'created', 'hide_char', 'comment');
        $guild_exist = false;
        if (get_character_guild_rank($user_id) > 0) {
            $guild_exist = true;
            $guild = get_player_guild_data($user_id);
            $guild_name = get_guild_name($guild['guild_id']);
        }
        ?>
		
		<!-- PROFILE MARKUP HERE-->
			<h1><font class="profile_font" name="profile_font_header">Profile: <?php 
Esempio n. 2
0
 $order = mysql_select_single("SELECT `id`, `account_id` FROM `znote_shop_orders` WHERE `type`='4' AND `account_id` = '{$accountId}' LIMIT 1;");
 if ($order === false) {
     $errors[] = 'Did not find any name change tickets, buy them in our <a href="shop.php">shop!</a>';
 }
 // Check if player and account matches
 if ($session_user_id != $accountId || $session_user_id != $order['account_id']) {
     $errors[] = 'Failed to sync your account. :|';
 }
 $newname = validate_name($newname);
 if ($newname === false) {
     $errors[] = 'Your name can not contain more than 2 words.';
 } else {
     if (empty($newname)) {
         $errors[] = 'Please enter a name!';
     } else {
         if (user_character_exist($newname) !== false) {
             $errors[] = 'Sorry, that character name already exist.';
         } else {
             if (!preg_match("/^[a-zA-Z_ ]+\$/", $newname)) {
                 $errors[] = 'Your name may only contain a-z, A-Z and spaces.';
             } else {
                 if (strlen($newname) < $config['minL'] || strlen($newname) > $config['maxL']) {
                     $errors[] = 'Your character name must be between ' . $config['minL'] . ' - ' . $config['maxL'] . ' characters long.';
                 } else {
                     if (!ctype_upper($newname[0])) {
                         $errors[] = 'The first letter of a name has to be a capital letter!';
                     }
                 }
             }
         }
     }
Esempio n. 3
0
 // Give points to character
 if (empty($_POST['points_char']) === false && empty($_POST['points_value']) === false) {
     $char = sanitize($_POST['points_char']);
     $points = (int) $_POST['points_value'];
     data_dump($_POST, false, "post data");
     $account = mysql_select_single("SELECT `account_id` FROM `players` WHERE `name`='{$char}' LIMIT 1;");
     data_dump($account, false, "fetching account id from players table");
     $znote_account = mysql_select_single("SELECT `id`, `points` FROM `znote_accounts` WHERE `account_id`='" . $account['account_id'] . "';");
     data_dump($znote_account, false, "Fetching existing points from znote_accounts");
     data_dump(array('Old:' => $znote_account['points'], 'New:' => $points, 'Total:' => $znote_account['points'] + $points), false, "Points calculation:");
     $points += $znote_account['points'];
     mysql_update("UPDATE `znote_accounts` SET `points`='{$points}' WHERE `account_id`='" . $account['account_id'] . "';");
 }
 // Set character position
 if (empty($_POST['position_name']) === false && empty($_POST['position_type']) === false) {
     if (user_character_exist($_POST['position_name'])) {
         if (array_key_exists($_POST['position_type'], $config['ingame_positions'])) {
             if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') {
                 set_ingame_position($_POST['position_name'], $_POST['position_type']);
             } else {
                 if ($config['TFSVersion'] == 'TFS_03') {
                     set_ingame_position03($_POST['position_name'], $_POST['position_type']);
                 }
             }
             $pos = 'Undefined';
             foreach ($config['ingame_positions'] as $key => $value) {
                 if ($key == $_POST['position_type']) {
                     $pos = $value;
                 }
             }
             $errors[] = 'Character ' . $_POST['position_name'] . ' recieved the ingame position: ' . $pos . '.';
Esempio n. 4
0
function set_rule_violation($charname, $typeid, $actionid, $reasonid, $time, $comment)
{
    $charid = user_character_id($charname);
    $typeid = (int) $typeid;
    $actionid = (int) $actionid;
    $reasonid = (int) $reasonid;
    $time = (int) ($time + time());
    $data = user_character_data($charid, 'account_id', 'lastip');
    $accountid = $data['account_id'];
    $charip = $data['lastip'];
    $comment = sanitize($comment);
    // ...
    $bannedby = config('website_char');
    if (user_character_exist($bannedby)) {
        $bannedby = user_character_id($bannedby);
        if (Config('TFSVersion') === 'TFS_02') {
            mysql_insert("INSERT INTO `bans` (`type` ,`ip` ,`mask` ,`player` ,`account` ,`time` ,`reason_id` ,`action_id` ,`comment` ,`banned_by`) VALUES ('{$typeid}', '{$charip}', '4294967295', '{$charid}', '{$accountid}', '{$time}', '{$reasonid}', '{$actionid}', '{$comment}', '{$bannedby}');");
        } elseif (Config('TFSVersion') === 'TFS_03') {
            $now = time();
            switch ($typeid) {
                case 1:
                    // IP ban
                    mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charip}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
                    break;
                case 2:
                    // namelock
                    mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
                    break;
                case 3:
                    // acc ban
                    mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$accountid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
                    break;
                case 4:
                    // notation
                    mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
                    break;
                case 5:
                    // deletion
                    mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
                    break;
            }
        } elseif (Config('TFSVersion') === 'TFS_10') {
            $now = time();
            switch ($typeid) {
                case 1:
                    // IP ban
                    mysql_insert("INSERT INTO `ip_bans` (`ip`, `reason`, `banned_at`, `expires_at`, `banned_by`) VALUES ('{$charip}', '{$comment}', '{$now}', '{$time}', '{$bannedby}');");
                    break;
                case 2:
                    // namelock
                    mysql_insert("INSERT INTO `player_namelocks` (`player_id`, `reason`, `namelocked_at`, `namelocked_by`) VALUES ('{$charid}', 'comment', '{$now}', '{$bannedby}');");
                    break;
                case 3:
                    // acc ban
                    mysql_insert("INSERT INTO `account_bans` (`account_id`, `reason`, `banned_at`, `expires_at`, `banned_by`) VALUES ('{$accountid}', '{$comment}', '{$now}', '{$time}', '{$bannedby}');");
                    break;
                case 4:
                    // notation
                    data_dump(false, array('status' => false), "Function deprecated. Ban option does not exist in TFS 1.0.");
                    die;
                    break;
                case 5:
                    // deletion
                    data_dump(false, array('status' => false), "Function deprecated. Ban option does not exist in TFS 1.0.");
                    die;
                    break;
            }
        }
        return true;
    } else {
        return false;
    }
}
Esempio n. 5
0
 foreach ($_POST as $key => $value) {
     if (empty($value) && in_array($key, $required_fields) === true) {
         $errors[] = 'You need to fill in all fields.';
         break 1;
     }
 }
 // check errors (= user exist, pass long enough
 if (empty($errors) === true) {
     if (!Token::isValid($_POST['token'])) {
         $errors[] = 'Token is invalid.';
     }
     $_POST['name'] = validate_name($_POST['name']);
     if ($_POST['name'] === false) {
         $errors[] = 'Your name can not contain more than 2 words.';
     } else {
         if (user_character_exist($_POST['name']) !== false) {
             $errors[] = 'Sorry, that character name already exist.';
         }
         if (!preg_match("/^[a-zA-Z_ ]+\$/", $_POST['name'])) {
             $errors[] = 'Your name may only contain a-z, A-Z and spaces.';
         }
         if (strlen($_POST['name']) < $config['minL'] || strlen($_POST['name']) > $config['maxL']) {
             $errors[] = 'Your character name must be between 4 - 20 characters long.';
         }
         // name restriction
         $resname = explode(" ", $_POST['name']);
         foreach ($resname as $res) {
             if (in_array(strtolower($res), $config['invalidNameTags'])) {
                 $errors[] = 'Your username contains a restricted word.';
             } else {
                 if (strlen($res) == 1) {
Esempio n. 6
0
         }
         if ($chardata['online'] == 0) {
             if ($config['TFSVersion'] !== 'TFS_10') {
                 update_player_guild_position($p_cid, $p_rid);
             } else {
                 update_player_guild_position_10($p_cid, $p_rid);
             }
             header('Location: guilds.php?name=' . $_GET['name']);
             exit;
         } else {
             echo '<font color="red" size="4">Character not offline.</font>';
         }
     }
 }
 if (!empty($_POST['invite'])) {
     if (user_character_exist($_POST['invite'])) {
         // Make sure they are not in another guild
         if ($config['TFSVersion'] != 'TFS_10') {
             $charname = sanitize($_POST['invite']);
             $playerdata = mysql_select_single("SELECT `id`, `rank_id` FROM `players` WHERE `name`='{$charname}' LIMIT 1;");
             $charid = $playerdata['id'];
             $membership = $playerdata['rank_id'] > 0 ? true : false;
         } else {
             $charid = user_character_id($_POST['invite']);
             $membership = mysql_select_single("SELECT `rank_id` FROM `guild_membership` WHERE `player_id`='{$charid}' LIMIT 1;");
         }
         if (!$membership) {
             //
             $status = false;
             if ($inv_data !== false) {
                 foreach ($inv_data as $inv) {
Esempio n. 7
0
		<font color="red" size="7">Player must be offline!</font>
		<?php 
    }
}
// Stage 1: Fetch name
if (isset($_GET['name'])) {
    $name = getValue($_GET['name']);
} else {
    $name = false;
}
//if (isset($_POST['name'])) $name = getValue($_POST['name']);
// Stage 2: Fetch user id and skills
$skills = false;
$pid = 0;
if ($name !== false) {
    if (user_character_exist($name)) {
        $pid = user_character_id($name);
        if ($config['TFSVersion'] != 'TFS_10') {
            $skills = mysql_select_multi("SELECT `value` FROM `player_skills` WHERE `player_id`='{$pid}' LIMIT 7;");
            $player = mysql_select_single("SELECT `maglevel`, `level`, `vocation` FROM `players` WHERE `id`='{$pid}' LIMIT 1;");
            $skills[] = array('value' => $player['maglevel']);
            $skills[] = array('value' => $player['level']);
            $skills[] = array('value' => $player['vocation']);
        } else {
            $player = mysql_select_single("SELECT `skill_fist`, `skill_club`, `skill_sword`, `skill_axe`, `skill_dist`, `skill_shielding`, `skill_fishing`, `maglevel`, `level`, `vocation` FROM `players` WHERE `id`='{$pid}' LIMIT 1;");
            $skills = array(0 => array('value' => $player['skill_fist']), 1 => array('value' => $player['skill_club']), 2 => array('value' => $player['skill_sword']), 3 => array('value' => $player['skill_axe']), 4 => array('value' => $player['skill_dist']), 5 => array('value' => $player['skill_shielding']), 6 => array('value' => $player['skill_fishing']), 7 => array('value' => $player['maglevel']), 8 => array('value' => $player['level']), 9 => array('value' => $player['vocation']));
        }
        //data_dump($skills, false, "Player skills");
    } else {
        $name = false;
    }
Esempio n. 8
0
 /**
  * Create player.
  *
  * @param  none
  * @access public
  * @return bool $status
  **/
 public function create()
 {
     // If player already have an id, the player already exist.
     if (is_null($this->_playerdata['id']) && is_string($this->_playerdata['name'])) {
         // Confirm player does not exist
         $name = format_character_name($this->_playerdata['name']);
         $name = validate_name($name);
         $name = sanitize($name);
         $exist = mysql_select_single("SELECT `id` FROM `players` WHERE `name`='{$name}' LIMIT 1;");
         if ($exist !== false) {
             $this->errors[] = "A player with the name [{$name}] already exist.";
             return false;
         }
         $config = fullConfig();
         if (user_character_exist($_POST['name']) !== false) {
             $errors[] = 'Sorry, that character name already exist.';
         }
         if (!preg_match("/^[a-zA-Z_ ]+\$/", $_POST['name'])) {
             $errors[] = 'Your name may only contain a-z, A-Z and spaces.';
         }
         if (strlen($_POST['name']) < $config['minL'] || strlen($_POST['name']) > $config['maxL']) {
             $errors[] = 'Your character name must be between ' . $config['minL'] . ' - ' . $config['maxL'] . ' characters long.';
         }
         // name restriction
         $resname = explode(" ", $_POST['name']);
         foreach ($resname as $res) {
             if (in_array(strtolower($res), $config['invalidNameTags'])) {
                 $errors[] = 'Your username contains a restricted word.';
             } else {
                 if (strlen($res) == 1) {
                     $errors[] = 'Too short words in your name.';
                 }
             }
         }
         // Validate vocation id
         if (!in_array((int) $_POST['selected_vocation'], $config['available_vocations'])) {
             $errors[] = 'Permission Denied. Wrong vocation.';
         }
         // Validate town id
         if (!in_array((int) $_POST['selected_town'], $config['available_towns'])) {
             $errors[] = 'Permission Denied. Wrong town.';
         }
         // Validate gender id
         if (!in_array((int) $_POST['selected_gender'], array(0, 1))) {
             $errors[] = 'Permission Denied. Wrong gender.';
         }
         if (vocation_id_to_name($_POST['selected_vocation']) === false) {
             $errors[] = 'Failed to recognize that vocation, does it exist?';
         }
         if (town_id_to_name($_POST['selected_town']) === false) {
             $errors[] = 'Failed to recognize that town, does it exist?';
         }
         if (gender_exist($_POST['selected_gender']) === false) {
             $errors[] = 'Failed to recognize that gender, does it exist?';
         }
         // Char count
         $char_count = user_character_list_count($session_user_id);
         if ($char_count >= $config['max_characters']) {
             $errors[] = 'Your account is not allowed to have more than ' . $config['max_characters'] . ' characters.';
         }
         if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {
             $errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
         }
         echo "create player";
         // Make sure all neccesary values are set
         //Register
         $character_data = array('name' => format_character_name($_POST['name']), 'account_id' => $session_user_id, 'vocation' => $_POST['selected_vocation'], 'town_id' => $_POST['selected_town'], 'sex' => $_POST['selected_gender'], 'lastip' => ip2long(getIP()), 'created' => time());
         array_walk($character_data, 'array_sanitize');
         $cnf = fullConfig();
         if ($character_data['sex'] == 1) {
             $outfit_type = $cnf['maleOutfitId'];
         } else {
             $outfit_type = $cnf['femaleOutfitId'];
         }
         // Create the player
     } else {
         echo "Player already exist.";
         return false;
     }
 }