include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id']) && $CONFIG_set_slot) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (is_online()) { redir("index.php", "main_div", $lang['NEED_TO_LOGOUT_F']); } if (!empty($GET_opt)) { if ($GET_opt == 1) { if (!isset($GET_newslot) || $GET_newslot == $GET_slot) { alert($lang['SLOT_NOT_SELECTED']); } if (notnumber($GET_char_id) || notnumber($GET_newslot) || notnumber($GET_slot)) { alert($lang['SLOT_CHANGE_FAILED']); } if ($GET_newslot < 0 || $GET_newslot > 11 || $GET_slot < 0 || $GET_slot > 11) { alert($lang['SLOT_WRONG_NUMBER']); } $query = sprintf(CHECK_SLOT, $GET_newslot, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "slot.php"); if ($line = $result->fetch_row()) { $query = sprintf(CHANGE_SLOT, $GET_slot, $line[0], $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "slot.php"); } $query = sprintf(CHANGE_SLOT, $GET_newslot, $GET_char_id, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "slot.php"); } }
} for ($i = 4001; $i < 4050; $i++) { if ($i != 4014 && $i != 4022 && $i != 4036 && $i != 4044 && $i != 4048) { echo "<option value=\"{$i}\">{$jobs[$i]}</option>"; } } for ($i = 4054; $i < 4213; $i++) { if ($i != 4080 && $i != 4081 && $i != 4082 && $i != 4083 && $i != 4084 && $i != 4085 && $i != 4086 && $i != 4087 && $i != 4109 && $i != 4110 && $i != 4111 && $i != 4112 && !empty($jobs[$i])) { echo "<option value=\"{$i}\">{$jobs[$i]}</option>"; } } echo "\n\t\t\t\t\t</select>\n\t\t\t\t</form>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\n\t\t\t<div id=\"ladder_div\" style=\"color:#000000\">\n\t\t\t"; $begin = 1; $GET_opt = 0; } if (notnumber($GET_opt)) { alert($lang['INCORRECT_CHARACTER']); } $query = sprintf(LADDER_ALL); $string = "All"; if ($GET_opt > 0) { switch ($GET_opt) { case 7: $query = sprintf(LADDER_LKPA, $GET_opt, 13); break; case 14: $query = sprintf(LADDER_LKPA, $GET_opt, 21); break; case 4008: $query = sprintf(LADDER_LKPA, $GET_opt, 4014); break;
</td> </tr> </table> <div id="ladder_div" style="color:#000000"> '; $begin = 1; $_GET['opt'] = 0; $_GET['ser'] = 0; $_GET['ord'] = 0; } DEFINE('PK_LADDER_GUILD', "\n\t\tSELECT\n\t\t\t`char`.`name`, `char`.`class`, `char`.`base_level`, `char`.`job_level`, `char`.`playtime`, `char`.`max_hp`, `char`.`max_sp`, `char`.`str`, `char`.`int`, `char`.`vit`, `char`.`dex`, `char`.`agi`, `char`.`luk`, `char`.`bg_gold`, `char`.`bg_silver`, `char`.`bg_bronze`,\n\t\t\t`login`.`sex`,\n\t\t\t`guild`.`name` AS `gname`, `guild`.`guild_id`, `guild`.`emblem_data`,\n\t\t\t`char_bg`.*\n\t\tFROM\n\t\t\t`char` JOIN `char_bg` ON `char_bg`.`char_id` = `char`.`char_id` JOIN `login` ON `login`.`account_id` = `char`.`account_id` LEFT JOIN `guild` ON `guild`.`guild_id` = `char`.`guild_id`\n\t\tWHERE\n\t\t\t`char_bg`.`char_id` > '0' AND `login`.`level` < '1' AND `login`.`state` = '0' AND `guild`.`name` LIKE '%%%s%%'\n\t\tORDER BY\n\t\t\t`char_bg`.`points` DESC\n\t\tLIMIT 0, 20\n\t"); DEFINE('PK_LADDER_NAME', "\n\t\tSELECT\n\t\t\t`char`.`name`, `char`.`class`, `char`.`base_level`, `char`.`job_level`, `char`.`playtime`, `char`.`max_hp`, `char`.`max_sp`, `char`.`str`, `char`.`int`, `char`.`vit`, `char`.`dex`, `char`.`agi`, `char`.`luk`, `char`.`bg_gold`, `char`.`bg_silver`, `char`.`bg_bronze`,\n\t\t\t`login`.`sex`,\n\t\t\t`guild`.`name` AS `gname`, `guild`.`guild_id`, `guild`.`emblem_data`,\n\t\t\t`char_bg`.*\n\t\tFROM\n\t\t\t`char` JOIN `char_bg` ON `char_bg`.`char_id` = `char`.`char_id` JOIN `login` ON `login`.`account_id` = `char`.`account_id` LEFT JOIN `guild` ON `guild`.`guild_id` = `char`.`guild_id`\n\t\tWHERE\n\t\t\t`char_bg`.`char_id` > '0' AND `login`.`level` < '1' AND `login`.`state` = '0' AND `char`.`name` LIKE '%%%s%%'\n\t\tORDER BY\n\t\t\t`char_bg`.`points` DESC\n\t\tLIMIT 0, 20\n\t"); DEFINE('PK_LADDER_ALL', "\n\t\tSELECT\n\t\t\t`char`.`name`, `char`.`class`, `char`.`base_level`, `char`.`job_level`, `char`.`playtime`, `char`.`max_hp`, `char`.`max_sp`, `char`.`str`, `char`.`int`, `char`.`vit`, `char`.`dex`, `char`.`agi`, `char`.`luk`, `char`.`bg_gold`, `char`.`bg_silver`, `char`.`bg_bronze`,\n\t\t\t`login`.`sex`,\n\t\t\t`guild`.`name` AS `gname`, `guild`.`guild_id`, `guild`.`emblem_data`,\n\t\t\t`char_bg`.*\n\t\tFROM\n\t\t\t`char` JOIN `char_bg` ON `char_bg`.`char_id` = `char`.`char_id` JOIN `login` ON `login`.`account_id` = `char`.`account_id` LEFT JOIN `guild` ON `guild`.`guild_id` = `char`.`guild_id`\n\t\tWHERE\n\t\t\t`char_bg`.`char_id` > '0' AND `login`.`level` < '1' AND `login`.`state` = '0'\n\t\tORDER BY\n\t\t\t%s %s\n\t\tLIMIT 0, 20\n\t"); DEFINE('PK_LADDER_JOB', "\n\t\tSELECT\n\t\t\t`char`.`name`, `char`.`class`, `char`.`base_level`, `char`.`job_level`, `char`.`playtime`, `char`.`max_hp`, `char`.`max_sp`, `char`.`str`, `char`.`int`, `char`.`vit`, `char`.`dex`, `char`.`agi`, `char`.`luk`, `char`.`bg_gold`, `char`.`bg_silver`, `char`.`bg_bronze`,\n\t\t\t`login`.`sex`,\n\t\t\t`guild`.`name` AS `gname`, `guild`.`guild_id`, `guild`.`emblem_data`,\n\t\t\t`char_bg`.*\n\t\tFROM\n\t\t\t`char` JOIN `char_bg` ON `char_bg`.`char_id` = `char`.`char_id` JOIN `login` ON `login`.`account_id` = `char`.`account_id` LEFT JOIN `guild` ON `guild`.`guild_id` = `char`.`guild_id`\n\t\tWHERE\n\t\t\t`char_bg`.`char_id` > '0' AND `login`.`level` < '1' AND `login`.`state` = '0' AND `char`.`class` = '%d'\n\t\tORDER BY\n\t\t\t%s %s\n\t\tLIMIT 0, 20\n\t"); DEFINE('PK_LADDER_LKPA', "\n\t\tSELECT\n\t\t\t`char`.`name`, `char`.`class`, `char`.`base_level`, `char`.`job_level`, `char`.`playtime`, `char`.`max_hp`, `char`.`max_sp`, `char`.`str`, `char`.`int`, `char`.`vit`, `char`.`dex`, `char`.`agi`, `char`.`luk`, `char`.`bg_gold`, `char`.`bg_silver`, `char`.`bg_bronze`,\n\t\t\t`login`.`sex`,\n\t\t\t`guild`.`name` AS `gname`, `guild`.`guild_id`, `guild`.`emblem_data`,\n\t\t\t`char_bg`.*\n\t\tFROM\n\t\t\t`char` JOIN `char_bg` ON `char_bg`.`char_id` = `char`.`char_id` JOIN `login` ON `login`.`account_id` = `char`.`account_id` LEFT JOIN `guild` ON `guild`.`guild_id` = `char`.`guild_id`\n\t\tWHERE\n\t\t\t`char_bg`.`char_id` > '0' AND `login`.`level` < '1' AND `login`.`state` = '0' AND (`char`.`class` = '%d' OR `char`.`class` = '%d')\n\t\tORDER BY\n\t\t\t%s %s\n\t\tLIMIT 0, 20\n\t"); if (notnumber($_GET['opt'])) { alert("Wrong simbol."); } if ($_GET['opt'] == 0) { $query = sprintf(PK_LADDER_ALL, $SortType[$_GET['ser']], $SortOrder[$_GET['ord']]); $string = "All"; } elseif ($_GET['opt'] == 100) { $name = $mysql->escapestr($_GET['buscar']); $query = sprintf(PK_LADDER_NAME, $name); $string = "All"; } elseif ($_GET['opt'] == 101) { $name = $mysql->escapestr($_GET['buscar']); $query = sprintf(PK_LADDER_GUILD, $name); $string = "All"; } elseif ($_GET['opt'] > 0) { switch ($_GET['opt']) {
To contact any of the authors about special permissions send an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'adminquery.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) { die("Not Authorized"); } if (isset($GET_frm_name) && isset($GET_id)) { if (notnumber($GET_id) || inject($GET_login) || inject($GET_password) || inject($GET_email)) { alert($lang['INCORRECT_CHARACTER']); } $query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_id)); $result = execute_query($query, 'adminaccedit.php'); if ($line = $result->fetch_row()) { if ($GET_sex != 'M' && $GET_sex != 'F') { $GET_sex = $line[2]; } if ($GET_level > 99 || $GET_level < 0) { $GET_level = $line[4]; } if ($_SESSION[$CONFIG_name . 'level'] <= $line[4] || $GET_level >= $_SESSION[$CONFIG_name . 'level'] && $_SESSION[$CONFIG_name . 'level'] != 99) { $GET_level = $line[4]; } $query = sprintf(ACCEDIT_UPDATE, $GET_login, $GET_password, $GET_sex, $GET_email, $GET_level, trim($GET_id));
if ($_SESSION[$CONFIG_name . 'level'] <= $line[4] || $line[4] >= $_SESSION[$CONFIG_name . 'level'] && $_SESSION[$CONFIG_name . 'level'] != 99) { $ban = $line[6]; $GET_block = $line[7]; } $query = sprintf(ACCBAN_UPDATE, $ban, $GET_block, trim($GET_id)); $result = execute_query($query, 'adminaccban.php'); alert("Account Updated"); } } opentable("Account BAN/BLOCK"); if (isset($GET_back)) { $back = base64_decode($GET_back); echo "<span title=\"Back\" style=\"cursor:pointer\" onMouseOver=\"this.style.color='#FF3300'\" onMouseOut=\"this.style.color='#000000'\" onClick=\"return LINK_ajax('adminaccounts.php?{$back}','accounts_div');\"><-back</span>"; } if (isset($GET_id)) { if (notnumber($GET_id)) { alert($lang['INCORRECT_CHARACTER']); } $query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_id)); $result = execute_query($query, 'adminaccban.php'); if ($line = $result->fetch_row()) { echo "\n\t\t<form id=\"accban\" onSubmit=\"return GET_ajax('adminaccban.php','accounts_div','accban');\">\n\t\t\t<table width=\"500\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td align=\"right\">Account_id:</td><td align=\"left\">{$line['0']}<input type=\"hidden\" name=\"id\" value=\"{$line['0']}\"></td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td align=\"right\">Login:</td><td align=\"left\">{$line['1']}</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td align=\"right\">Last Login:</td><td align=\"left\">{$line['9']}</td>\n\t\t\t\t</tr><tr>\n\n\t\t\t\t\t<td align=\"right\">Ban untill:</td><td align=\"left\"><select name=\"bday\">\n\t\t"; if ($line[6] > 0) { $today = getdate($line[6]); } else { $today = getdate(); } for ($i = 1; $i < 32; $i++) { if ($today['mday'] == $i) { echo "<option selected value={$i}>{$i}"; } else {
$query = sprintf(ACCOUNTS_SEARCH_EMAIL, trim($GET_termo)); break; case 4: $query = sprintf(ACCOUNTS_SEARCH_IP, trim($GET_termo)); break; default: $query = sprintf(ACCOUNTS_SEARCH_USERID, trim($GET_termo)); break; } $pages = 0; $back = "frm_name=" . $GET_frm_name . "&tipo=" . $GET_tipo . "&termo=" . $GET_termo; } else { if (!isset($GET_page)) { $GET_page = 0; } else { if (notnumber($GET_page)) { alert($lang['INCORRECT_CHARACTER']); } } $query = sprintf(TOTALACCOUNTS); $result = execute_query($query, 'adminaccounts.php'); $result->fetch_row(); $pages = (int) ($result->row(0) / 100); $inicio = $GET_page * 100; $query = sprintf(ACCOUNTS_BROWSE, $inicio); $back = "page=" . $GET_page; } $back = base64_encode($back); $result = execute_query($query, 'adminaccounts.php'); echo "\r\n<table width=\"550\">\r\n\t<tr>\r\n\t\t<td align=\"right\" class=\"head\">ID</td>\r\n\t\t<td align=\"left\" class=\"head\">Login</td>\r\n\t\t<td align=\"center\" class=\"head\">Sex</td>\r\n\t\t<td align=\"left\" class=\"head\">Email</td>\r\n\t\t<td align=\"center\" class=\"head\">Level</td>\r\n\t\t<td align=\"left\" class=\"head\">IP</td>\r\n\t\t<td align=\"center\" class=\"head\">BAN</td>\r\n\t</tr>\r\n\t"; while ($line = $result->fetch_row()) {
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id']) && $CONFIG_money_transfer) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (is_online()) { redir("motd.php", "main_div", $lang['NEED_TO_LOGOUT_F']); } if (!empty($GET_opt)) { if ($GET_opt == 3) { if (notnumber($GET_GID1) || notnumber($GET_GID2) || notnumber($GET_zeny)) { alert($lang['MONEY_INCORRECT_NUMBER']); } if ($GET_GID1 == $GET_GID2 || $GET_zeny < 0) { redir("motd.php", "main_div", $lang['MONEY_CHEAT_DETECTED']); } $query = sprintf(CHECK_ZENY, $GET_GID1, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "money.php"); $line = $result->fetch_row(); $zeny1 = $line[0]; $query = sprintf(CHECK_ZENY, $GET_GID2, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "money.php"); $line = $result->fetch_row(); $zeny2 = $line[0]; $cost = (int) ($GET_zeny * $CONFIG_money_cost / 10000); $less = $zeny1 - ($GET_zeny + $cost);
function thepass($string) { global $lang; $string = trim($string); $numero = 0; for ($i = 0; isset($string[$i]); $i++) { if (!notnumber($string[$i])) { $numero++; } } if ($numero < 2) { return TRUE; } if ($numero == strlen($string)) { return TRUE; } if (strlen($string) - $numero < 2) { return TRUE; } $handle = fopen("./db/passdict.txt", "rt") or die(htmlformat($lang['TXT_ERROR'])); while ($line = fgets($handle, 1024)) { if ($line[0] == '/' && $line[1] == '/' || $line[0] == "" || $line[0] == "\n" || $line[0] == "\r") { continue; } if (strcmp(trim($string), trim($line)) === 0) { fclose($handle); return TRUE; } } fclose($handle); return FALSE; }
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'adminquery.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) { die("Not Authorized"); } $items = readitems(); echo "\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\r\n<html>\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\r\n\t\t<title>\r\n\t\t\tCeres Control Panel - Charactere Details\r\n\t\t</title>\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"./ceres.css\">\r\n\t</head>\r\n\r\n<BODY>\r\n"; opentable("Char Detail"); if (isset($GET_id) && !notnumber($GET_id)) { $jobs = $_SESSION[$CONFIG_name . 'jobs']; $query = sprintf(CHARINFO_CHAR, trim($GET_id)); $answere = execute_query($query, 'admincharinfo.php'); echo "\r\n\t\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" width=\"400\">\r\n\t"; if ($result = $answere->fetch_row()) { $acc_id = $result[1]; $class = $result[4]; echo "\r\n\t\t\t<tr>\r\n\t\t\t\t<td align=\"right\" class=\"head\">Name: </td><td align=\"left\">{$result['3']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">Job: </td><td align=\"left\">\r\n\t\t\t"; if (isset($jobs[$result[4]])) { echo $jobs[$result[4]]; } else { echo "unknown"; } echo "\r\n\t\t\t</tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td align=\"right\" class=\"head\">Level: </td><td align=\"left\">{$result['5']}/{$result['6']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">Zeny: </td><td align=\"left\">{$result['9']}</td>\r\n\t\t\t<tr>\r\n\t\t\t\t<td align=\"right\" class=\"head\">STR: </td><td align=\"left\">{$result['10']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">AGI: </td><td align=\"left\">{$result['11']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">VIT: </td><td align=\"left\">{$result['12']}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td align=\"right\" class=\"head\">INT: </td><td align=\"left\">{$result['13']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">DEX: </td><td align=\"left\">{$result['14']}</td>\r\n\t\t\t\t<td align=\"right\" class=\"head\">LUK: </td><td align=\"left\">{$result['15']}</td>\r\n\t\t\t</tr>\r\n\t\t\t</table>\r\n\t\t"; }
$account_id = $_SESSION[$CONFIG['Name'] . 'account_id']; $cash_points = 0; if ($result = $mysql->fetchrow($mysql->query("SELECT `cash_points` FROM `login` WHERE `account_id` = '{$account_id}'", $CONFIG['DBMain']))) { $cash_points = $result[0]; } if (isset($_POST['opt']) && $_POST['opt'] == 1) { if (strlen($_POST['reference']) < 1 || strlen($_POST['reference']) > 40 || inject($_POST['reference'])) { redir("donate.php", "main_div", "Error en el Numero de Referencia (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar."); } if (strlen($_POST['place']) < 1 || strlen($_POST['place']) > 40 || inject($_POST['place'])) { redir("donate.php", "main_div", "Error en el Lugar de Deposito (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar."); } if (!isset($_POST['amount']) || notnumber($_POST['amount']) || $_POST['amount'] <= 0) { redir("donate.php", "main_div", "Valor incorrecto de Monto<br>Click aqui para volver a intentar."); } if (!isset($_POST['moneda']) || notnumber($_POST['moneda']) || $_POST['moneda'] < 0 || $_POST['moneda'] > 2) { redir("donate.php", "main_div", "Valor incorrecto de Moneda<br>Click aqui para volver a intentar."); } // Reportando $mysql->query("\r\n\t\t\tINSERT INTO `cp_donatives`\r\n\t\t\t\t(`reference`, `amount`, `coin`, `place`, `status`, `account_id`, `date`, `nombre`, `email`)\r\n\t\t\tVALUES\r\n\t\t\t\t('" . $_POST['reference'] . "', '" . $_POST['amount'] . "', '" . $_POST['moneda'] . "', '" . $_POST['place'] . "', '0', '{$account_id}', NOW(), '" . $_SESSION[$CONFIG['Name'] . 'nombre'] . "', '" . $_SESSION[$CONFIG['Name'] . 'email'] . "')\r\n\t\t", $CONFIG['DBLogs']); redir("donate.php", "main_div", "Tu donativo ha sido reportado, cuando el Staff lo confirme, sera trasladado a tu Fondo de Cuenta.<br>Click aqui para ver los donativos."); } opentable("Reporte de Donativos de Miembro"); ?> <table width="550"> <tr> <td align="left"> Bienvenido a la Sección de Reporte de Donaciones al servidor Evangelis Ragnarok. Aquí podrás controlar el estado de donaciones, así como reportar nuevas.<br> Las donaciones tienen el fin principal de cubrir los gastos del servidor e invertir en infraestructura para mejorar nuestros servicios. Pero para motivar a los usuarios a cooperar con este servicio gratuito, se les dá la opcioón de conseguir <b>Puntos Sagrados</b> en el juego que podrán usar para comprar artículos en cualquiera de los <b>Premium Dealer</b> que encontrarás en el juego, en todas las ciudades.<br>