<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
// Extra headers for TD..
$extra_headers = "<STYLE TYPE=\"text/css\" > " . " TH.red { background-color: red } " . " TH.orange { background-color: orange } " . " TH.white { background-color: white; color: black} " . "</STYLE>";
print_header($extra_headers);
print_title("Alliances", "An alliance is a coorperation between 2 or more users. Create your own alliance and increase it's size by let other users join in on your alliance.");
$cmd = input_check("create", 0, "show", "aid", 0, "partjoin", "!frmid", "aid", "uid", 0, "requestjoin", "!frmid", "rid", 0);
if ($cmd == "create") {
create_alliance();
}
if ($cmd == "show") {
show_alliance(user_ourself(), $aid);
}
if ($cmd == "partjoin") {
partjoin_alliance($aid, $uid);
show_alliance(user_ourself(), $aid);
}
if ($cmd == "requestjoin") {
request_join_alliance($rid);
}
create_submenu(array("Show Alliances" => "alliance.php?cmd=" . encrypt_get_vars("show"), "Create New Alliance" => "alliance.php?cmd=" . encrypt_get_vars("create")));
print_footer();
exit;
// ============================================================================
// Show_Alliance()
//
// Description:
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
// Extra headers for TD..
$extra_headers = "<STYLE TYPE=\"text/css\" > " . " TH.red { background-color: red } " . " TH.orange { background-color: orange } " . " TH.white { background-color: white; color: black} " . "</STYLE>";
print_header($extra_headers);
print_title("User information");
$cmd = input_check("show", "uid", 0, "showdetail", "uid", 0, "relation", "!frmid", "!uid", "!wid", 0);
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
show_users($uid);
}
if ($cmd == "showdetail") {
if ($uid == "") {
$uid = user_ourself();
}
user_showinfo($uid, USER_SHOWINFO_NORMAL);
}
if ($cmd == "relation") {
set_relation(user_ourself(), $uid, $wid);
show_users(user_ourself());
}
print_footer();
exit;
// ============================================================================================
//
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Move vessel", "Move your vessels around the place in this screen. Select a vessel you want to move. Vessels that are part of traderoutes or of convoys are not shown.");
$cmd = input_check("showuid", "uid", 0, "showvid", "!vid", 0, "goauto", "!vid", "!did", 0, "gopreset", "!vid", "!pid", 0, "gomanual", "!vid", "!ne_distance", "!ne_angle", 0);
// Shows all ships from user $uid or ourself
if ($cmd == "showuid") {
if ($uid == "") {
$uid = user_ourself();
}
vessel_select_vessel_by_user($uid, $_SERVER['PHP_SELF'], "Select one of your vessels to move:", NO_SHOW_TRADEROUTES);
}
// Shows vessel $vid and let the user select a destination
if ($cmd == "showvid") {
select_destination($vid);
}
// Sets vessel $vid off to destination id $did (either 0 means hold, S001 means sector ID 1, or 001 means planet id 1)
if ($cmd == "goauto") {
if ($did == "0") {
$ok = "Vessel stopped at current location..\n";
} else {
$ok = "Vessel flight in process..\n";
}
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$errors['NOEXPLORE'] = "You must use a exploration vessel when flying to an unknown planet...\n";
$data['vid'] = $vid;
$data['did'] = $did;
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Science office", "In the science office you can decide on what area your scientist will focus on. It will also give you the opportunity to increase or decrease your tax ratio. The higher this ratio the more credits you will receive each tick. The downside however is that people will get less happy and your scientists will invent at a slower level.");
$cmd = input_check("show", "uid", 0, "setrate", "!frmid", "uid", "ne_building_rate", "ne_vessel_rate", "ne_invention_rate", "ne_explore_rate", "ne_science_ratio", 0);
if ($cmd == "setrate") {
if ($uid == "") {
$uid = user_ourself();
}
$user = user_get_user($uid);
if ($ne_science_ratio == "") {
$ne_science_ratio = $user['science_ratio'];
}
if ($ne_building_rate == "") {
$ne_building_rate = $user['science_building'];
}
if ($ne_vessel_rate == "") {
$ne_vessel_rate = $user['science_vessel'];
}
if ($ne_invention_rate == "") {
$ne_invention_rate = $user['science_invention'];
}
if ($ne_explore_rate == "") {
$ne_explore_rate = $user['science_explore'];
}
if ($ne_building_rate + $ne_vessel_rate + $ne_invention_rate + $ne_explore_rate != 100) {
print_line("<font color=red><center><strong>Warning:</strong><br>Your percentage settings must be equal to 100%!<br>New rating is not set!</center></font>");
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Sector view", "Here you will find all discovered sectors and planets on one single page. It will also let you claim sectors if appropriate.");
$cmd = input_check("show", "sid", "uid", 0, "claim", "!frmid", "!sid", "!ne_name", 0);
if ($uid == "") {
$uid = user_ourself();
}
if ($cmd == "show") {
if ($sid == "") {
sector_show_all_sectors($uid);
} else {
sector_show_sector($sid, $uid);
}
}
if ($cmd == "claim") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$errors['NAME'] = "The sector name already exists.\n";
$data['sector_id'] = $sid;
$data['name'] = convert_crlf_to_px_tag($ne_name);
comm_send_to_server("SECTOR", $data, $ok, $errors);
}
print_footer();
exit;
// ============================================================================================
//
}
// Disconnect
$mysqli->close();
}
// read in form values
$name = get_value_post("name");
$email = get_value_post("email");
$year = get_value_post("year");
$month = get_value_post("month");
$day = get_value_post("day");
$sex = get_value_post("sex");
$terms = get_value_post("terms");
// check if the form has been submitted -- any of the input values is set
$submitted = isset($_POST['name']);
if ($submitted) {
// check for errors
$errors = input_check($name, $email, $year, $month, $day, $sex, $terms);
if (count($errors) > 0) {
display_form($name, $email, $year, $month, $day, $sex, $terms, $errors);
} else {
confirm($name, $email, $year, $month, $day, $sex);
save_to_mysql($name, $email, $year, $month, $day, $sex);
}
} else {
// display form for the first time
display_form();
}
?>
</body>
</html>
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Planet stuff");
$cmd = input_check("show", "sid", "uid", 0);
if ($cmd == "show") {
if ($sid == "") {
if ($uid == "") {
$uid = user_ourself();
}
conview_show_all_sectors($uid);
} else {
conview_show_sector($sid);
}
}
print_footer();
exit;
// ============================================================================================
//
//
// Description:
//
//
// Parameters:
//
//
// Returns:
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Scoring board");
$cmd = input_check("show", "!tbl", "ofs", "uid", 0);
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
show_score($tbl, $ofs, $uid);
score_showuser($uid);
}
print_footer();
exit;
// ============================================================================================
//
//
// Description:
//
//
// Parameters:
//
//
// Returns:
//
//
function show_score($table, $offset, $user_id)
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Buildings & Inventions", "All buildings, vessels and inventions currently known in the game are shown on this page. Only the details of the items you already discovered are available.");
$cmd = input_check("show", "uid", 0, "showvid", "vid", 0, "showbid", "bid", 0, "showiid", "iid", 0);
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
print_disoveries($uid);
}
if ($cmd == "showbid") {
building_show_details($bid, 0, 0, "");
}
if ($cmd == "showvid") {
vessel_show_type_details($vid, 0, 0, "");
}
if ($cmd == "showiid") {
invention_show_details($iid, 0, 0, "");
}
print_footer();
exit;
// ============================================================================================
//
//
// Description:
//
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Message Office", "In the office you can read and send message from your empirium, your alliance and even intercept galaxy messages. The higher your exploration level is, the more messages you can intercept from inside the galaxy. Always beware that messages from and to other people can be intercepted so beware on what you write.");
$cmd = input_check("post", "!frmid", "target", "src_uid", "ne_msg", "ne_subject", "ne_priority", "ne_level", "aid", "dst_uid", 0, "delete", "!frmid", "!mid", "!bid", "uid", 0, "creategalaxy", "gid", 0, "createuser", "!frmid", "uid", 0, "createalliance", "aid", 0, "show", "msgbox", "uid", 0);
if ($cmd == "delete") {
$data['mid'] = $mid;
comm_send_to_server("MESSAGEDEL", $data, "", "");
if ($uid == "") {
$uid = user_ourself();
}
message_show_all($uid, $bid);
}
if ($cmd == "post") {
$ok = "Message send succesfully.";
$errors['PARAMS'] = "No decent params given.";
$errors['SUBJECT'] = "Please enter a subject.";
$errors['LEVEL'] = "Please enter a minimum level between 0 and 99999";
$errors['MSG'] = "Cannot send an empty message.";
$data['target'] = $target;
$data['src_uid'] = $src_uid;
$data['dst_uid'] = $dst_uid;
$data['prio'] = $ne_priority;
$data['level'] = $ne_level;
$data['msg'] = convert_crlf_to_px_tags($ne_msg);
$data['subject'] = $ne_subject;
comm_send_to_server("MESSAGECREATE", $data, $ok, $errors);
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Anomaly view");
$cmd = input_check("show", "aid", "uid", 0, "claim", "!frmid", "!aid", "uid", "!ne_name", 0, "description", "!aid", 0, "description2", "!frmid", "!aid", "!ne_description", 0);
// Change description (post to server)
if ($cmd == "description") {
edit_description($aid);
}
if ($cmd == "description2") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$data['anomaly_id'] = $aid;
$data['description'] = convert_crlf_to_px_tags($ne_description);
comm_send_to_server("ANOMALYDESC", $data, $ok, $errors);
show_anomaly($aid);
}
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
if ($aid == "") {
show_all_user_anomalies($uid);
} else {
show_anomaly($aid);
}
}
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Trade routes");
$cmd = input_check("show", "uid", 0, "delete", "uid", 0, "create", "uid", 0, "delete2", "!frmid", "!tid", 0, "create2", "!frmid", "!vid", "!src_pid", "!dst_pid", 0);
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
trade_show_routes($uid);
} elseif ($cmd == "create") {
if ($uid == "") {
$uid = user_ourself();
}
trade_create_route($uid);
} elseif ($cmd == "delete") {
if ($uid == "") {
$uid = user_ourself();
}
trade_delete_route($uid);
}
// Execute delete
if ($cmd == "delete2") {
$error = "";
$ok = "";
$data['aid'] = $tid;
comm_send_to_server("TRADEDELETE", $data, $error, $ok);
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
// Extra headers for TD..
$extra_headers = "<STYLE TYPE=\"text/css\" > " . " TD.t { color : white} " . " TD.f { color : red} " . "</STYLE>";
print_header($extra_headers);
print_title("Manufacturing");
$cmd = input_check("manufacture", "!frmid", "iid", "aid", 0, "show", "aid", 0);
if ($cmd == "show") {
// Show homeworld when nothing is set...
if ($aid == "") {
show_inventions(user_get_home_planet(user_ourself()));
} else {
show_inventions($aid);
}
}
if ($cmd == "manufacture") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$errors['CREDITS'] = "You don't have enough cash to construct the item...\n";
$errors['ORE'] = "You don't have enough ores to construct the item...\n";
$errors['MAX'] = "You cannot build anymore items of this type on the planet...\n";
$errors['DEPS'] = "You cannot build this item before you have build all dependencies...\n";
$data['anomaly_id'] = $aid;
$data['item_id'] = $iid;
if (comm_send_to_server("MANUFACTURE", $data, $ok, $errors) == 1) {
$invention = item_get_item($data['item_id']);
echo "<br><br><br><br>";
private function input_check($params)
{
$r = true;
$val = '';
$match = '![\\;\'\\"\\/\\%<>=#\\(\\)\\*]+!';
if (is_array($params)) {
foreach ($params as $k => $v) {
if (is_array($v)) {
input_check($v);
continue;
}
$val = $k . $v;
if (preg_match($match, $val)) {
$r = false;
}
}
} else {
if (preg_match($match, $val)) {
$r = false;
}
$val = $params;
}
if (strstr($val, 'union') || strstr($val, '0x') || strstr($val, 'load_file') || strstr($val, 'uotfile') || strstr($val, 'database') || strstr($val, 'benchmark') || strstr($val, 'script') || strstr($val, 'eval') || strstr($val, 'http') || strstr($val, 'ftp') || strstr($val, 'document') || strstr($val, 'hex')) {
$r = false;
}
if ($r === false) {
error('The are not allowed signs in the data.' . var_export($params));
}
return $r;
}
// args binding
// strongly inspired by luofei ( http://weibo.com/luofei614 )
$method = new ReflectionMethod($o, $a);
$params = $method->getParameters();
$args = array();
foreach ($params as $param) {
$name = $param->getName();
if ($param->isDefaultValueAvailable()) {
// get default value
$dval = $param->getDefaultValue();
$reg = '/\\:(.+?)\\|(.*)$/is';
// is filter
if (preg_match($reg, $dval, $out)) {
$fliter_func = t($out[1]);
$info = t($out[2]);
$ret = input_check(v($name), $fliter_func, $info);
$args[$name] = $ret;
} else {
// not filter so set as default value
if (isset($_REQUEST[$name])) {
$args[$name] = v($name);
if (is_string($args[$name])) {
$args[$name] = t($args[$name]);
}
} else {
$args[$name] = $dval;
}
}
}
}
$method->invokeArgs($o, $args);
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Surface");
$cmd = input_check("show", "aid", 0);
if ($cmd == "show") {
if ($aid == "") {
$aid = user_get_home_planet(user_ourself());
}
show_surface($aid);
}
create_submenu(array("View Planet Info" => "anomaly.php?cmd=" . encrypt_get_vars("show") . "&aid=" . encrypt_get_vars($aid), "View Surface Info" => "surface.php?cmd=" . encrypt_get_vars("show") . "&aid=" . encrypt_get_vars($aid)));
print_footer();
exit;
// ============================================================================================
//
//
// Description:
//
//
// Parameters:
//
//
// Returns:
//
//
function show_surface($planet_id)
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Vessel view", "You can select and view all your created vessels.");
$cmd = input_check("showuid", "uid", 0, "showvid", "!vid", 0, "showaid", "!aid", 0, "load_p2v", "!vid", "!aid", "!iid", 0, "load_v2p", "!vid", "!aid", "!iid", 0, "cargo", "!vid", "!aid", "!sl", "!pc", "!sp", 0);
if ($cmd == "showuid") {
if ($uid == "") {
$uid = user_ourself();
}
vessel_select_vessel_by_user($uid, $_SERVER['PHP_SELF'], "Select one of your vessels to view:", SHOW_TRADEROUTES);
}
if ($cmd == "showvid") {
vessel_show_details($vid);
}
if ($cmd == "showaid") {
vessel_show_vessels_orbiting_planet($aid);
}
if ($cmd == "load_p2v") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$data['vid'] = $vid;
$data['aid'] = $aid;
$data['iid'] = $iid;
comm_send_to_server("CARGO1", $data, $ok, $errors);
vessel_show_details($vid);
}
if ($cmd == "load_v2p") {
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("Vessel Flight presets", "Flight presets are automated distance/angle coordinates which you can use in your vessel movements. Secret hiding places or alliance locations can be stored safely.");
$cmd = input_check("show", "uid", 0, "delete", "uid", "!pid", 0, "create", "uid", "!ne_name", "!ne_distance", "!ne_angle", 0);
if ($cmd == "delete") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$data['action'] = "delete";
$data['pid'] = $pid;
$data['distance'] = 0;
$data['angle'] = 0;
$data['name'] = 0;
$data['uid'] = 0;
comm_send_to_server("PRESET", $data, $ok, $errors);
}
if ($cmd == "create") {
$distance = substr($ne_distance, 0, 5);
$angle = substr($ne_angle, 0, 6);
if (!preg_match("/^\\d+\$/", $distance)) {
print_line("<li><font color=red>You should enter a distance in the format ######.</font>\n");
} elseif (!preg_match("/^\\d{1,6}\$/", $angle)) {
print_line("<li><font color=red>You should enter an angle in the format ######.</font>\n");
} else {
if ($distance < $_GALAXY['galaxy_core']) {
print_line("<li><font color=red>You cannot fly that far into the galaxy core. Try a higher distance (minimum is " . $_GALAXY['galaxy_core'] . ").</font>\n");
} elseif ($distance > $_GALAXY['galaxy_size']) {
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
// Extra headers for TD..
$extra_headers = "<STYLE TYPE=\"text/css\" > " . " TD.t { color : white} " . " TD.f { color : red} " . "</STYLE>";
print_header($extra_headers);
print_title("Construction");
$cmd = input_check("build", "!frmid", "bid", "aid", 0, "show", "aid", 0);
if ($cmd == "show") {
// Show homeworld when nothing is set...
if ($aid == "") {
show_constructions(user_get_home_planet(user_ourself()));
} else {
show_constructions($aid);
}
}
if ($cmd == "build") {
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$errors['CREDITS'] = "You don't have enough cash to construct the building...\n";
$errors['ORE'] = "You don't have enough ores to construct the building...\n";
$errors['POWER'] = "You need more (advanced) powerplants to construct the building...\n";
$errors['MAX'] = "You cannot build anymore buildings of this type on the planet...\n";
$errors['DEPS'] = "You cannot build this building before you have build all dependencies...\n";
$errors['QUEUE'] = "Maximum number of constructions per planet reached. Wait until other buildings are finished...\n";
$errors['SCIENCE'] = "You cannot build the construction since you haven't invented it yet...\n";
$data['building_id'] = $bid;
$data['anomaly_id'] = $aid;
}
$gc->token = $_POST["token"];
break;
}
switch ($gc->mode) {
case "prev":
break;
case "next":
if(input_check($gc)){
fdb_kill_token($gc, $_POST["token"]);
$gc->token = fdb_create_token($gc);
$gc->form_mode = "next";
}
break;
case "entry":
if(!fdb_is_token($gc, $_POST["token"])){
<?php
// Include Files
include "includes.inc.php";
// Session Identification
session_identification();
print_header();
print_title("User preferences", "You can modify your Perihelion preferences on this page");
$cmd = input_check("show", "uid", 0, "post", "!frmid", "uid", 0);
if ($cmd == "show") {
if ($uid == "") {
$uid = user_ourself();
}
SmartyValidate::clear();
prefs_smarty_show($uid);
}
if ($cmd == "post") {
if (!prefs_smarty_validate($uid)) {
prefs_smarty_show($uid);
}
}
print_footer();
exit;
function prefs_smarty_show($user_id)
{
assert(is_numeric($user_id));
global $_RUN;
global $_USER;
$template = new Smarty();
help_set_template_vars($template, "PREFERENCES");
$template->debugging = true;
}
$arr_company_info = $_SESSION["arr_company_info"];
$thanks_message = "<br><br><img src='form_comp.jpg'><br><br>";
}
//if(!fdb_is_token($gc, $_POST["token"])){
//
// $gc->form_mode = "message";
//
// $gc->message = "既に送信済または有効期限切れです。";
//
//}else{
$input_error = input_check($_POST);
if (strlen($input_error) == 0) {
$info = get_info($_POST);
$_SESSION["rank_no"] = $info["rank_no"];
$_SESSION["tesuryou"] = $info["tesuryou"];
if (db_entry($_POST)) {
$form_mode = "message";
$message_mode = "send_ok";
$message = "お客様の情報が送信されました。\n";
$message.= "\n";
$message.= "後日、お客様の地域に熟知した各不動産会社よりご連絡を差し上げますので、\n";
$message.= "少々お待ちください。\n";
$message.= "\n";
<?php
// Include Files
include "../includes.inc.php";
// Session Identification
session_identification("admin");
print_header();
print_title("Admin Page", "Here you can control a lot of stuff for Perihelion");
$cmd = input_check("choose", 0, "pxserver", 0, "pxserver2", 0, "manualwww", 0, "manualwww2", 0);
if ($cmd == "pxserver") {
print_subtitle("Enter your admin commands directly into the px_server.");
if (!isset($_REQUEST['px_cmd'])) {
$_REQUEST['px_cmd'] = "";
}
if (!isset($_REQUEST['px_k'])) {
$_REQUEST['px_k'] = array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "");
}
if (!isset($_REQUEST['px_v'])) {
$_REQUEST['px_v'] = array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "");
}
show_px_table($_REQUEST['px_cmd'], $_REQUEST['px_k'], $_REQUEST['px_v']);
}
if ($cmd == "pxserver2") {
print_subtitle("Enter your admin commands directly into the px_server.");
show_px_table($_REQUEST['px_cmd'], $_REQUEST['px_k'], $_REQUEST['px_v']);
echo "<hr>\n";
px_execute($_REQUEST['px_cmd'], $_REQUEST['px_k'], $_REQUEST['px_v']);
}
if ($cmd == "manualwww") {
print_subtitle("Jump to encrypted page.");
if (!isset($_REQUEST['ww_cmd'])) {
