if ($cookie[1] == $hero['pw']) { header('Location: profile.php'); } } if (isset($_POST['name'], $_POST['pw'], $_POST['race'], $_POST['prof'])) { $conn = mysqli_connect("ucfsh.ucfilespace.uc.edu", "piattjd", "curtis1", "piattjd"); $name = mysqli_real_escape_string($conn, $_POST['name']); $pw = sha1(mysqli_real_escape_string($conn, $_POST['pw'])); $race = mysqli_real_escape_string($conn, $_POST['race']); $prof = mysqli_real_escape_string($conn, $_POST['prof']); if (!is_null(mysqli_fetch_assoc(mysqli_query($conn, "SELECT * FROM Hero WHERE name = '{$name}'")))) { echo "<div class='alert'>Hero name already exists!</div>"; } else { mysqli_query($conn, "INSERT INTO Hero (name, pw, race, prof, gold, battleplan, tutorial) VALUES ('{$name}', '{$pw}', '{$race}', '{$prof}', '250', 'notnexttoenemy|7||nexttoenemy|7', '')"); $hero = mysqli_fetch_assoc(mysqli_query($conn, "SELECT * FROM Hero WHERE name = '{$name}' AND pw = '{$pw}'")); calculateHPMPInit($hero['id']); switch ($prof) { case "Barbarian": giveItem($hero['id'], 1, 16, 1, 15, 2, 0, 0); giveItem($hero['id'], 1, 3, 1, 0, 0, 0, 0); giveItem($hero['id'], 1, 4, 1, 0, 0, 0, 0); giveItem($hero['id'], 1, 5, 1, 0, 0, 0, 0); break; case "Mage": giveItem($hero['id'], 1, 7, 1, 0, 0, 0, 0); giveItem($hero['id'], 2, 9, 1, 0, 0, 0, 0); giveItem($hero['id'], 1, 6, 1, 0, 0, 0, 0); break; case "Archer": giveItem($hero['id'], 1, 15, 1, 17, 1, 0, 0); giveItem($hero['id'], 1, 4, 1, 0, 0, 0, 0);
} $hero = mysqli_fetch_assoc(mysqli_query($conn, "SELECT * FROM Hero LEFT JOIN Guilds ON Hero.guild = Guilds.guildid WHERE Hero.id = '{$id}'")); echo "<div class='parchment center'><h1>{$hero['name']} the {$hero['race']} {$hero['prof']}"; if ($hero['guild'] != 0) { echo " of <a href='guild.php?id={$hero['guild']}'>{$hero['guildname']}</a>"; } echo "</div>"; if (isset($_POST['attribute'])) { $aID = mysqli_real_escape_string($conn, $_POST['attribute']); $cost = $hero[$aID] * 100; if ($hero['gold'] < $cost) { echo "<div class='alert'>Not enough gold!</div>"; } else { mysqli_query($conn, "UPDATE Hero SET `{$aID}` = ( `{$aID}` + 1 ) WHERE id = '{$cookie['0']}'") or die(mysqli_error($conn)); mysqli_query($conn, "UPDATE Hero SET gold = gold - {$cost} WHERE id = '{$cookie['0']}'") or die(mysqli_error($conn)); calculateHPMPInit($cookie[0]); $hero['gold'] -= $cost; $hero[$aID]++; } } if ($id != $cookie[0]) { echo "<div class='parchment center'><h3><a href='sendmessage.php?to={$id}' target='_blank'>Send a message</a></h3></div>"; } echo "<div class='parchment left'>"; if ($id == $cookie[0]) { echo "<h3>Available gold: {$hero['gold']}</h3><hr>"; } echo "<h3>Attributes:</h3>"; echo "<table><tr><th>Attribute</th><th>Level</th>"; if ($id == $cookie[0]) { echo "<th>Training Cost</th></tr>";