Konu Yazar
ExtremE
Mancıklıpır
- Haz
- 436
- 10
Buyrun :
Alıntı..
PHP:
<?php
// Restat - Not really commented it much atm - I'll finish commenting later.
require('./anti_inject.php');
require('./kill_user.php');
parth1tr();
parth1('100%', 2, 'center');
echo 'Character Restat;
parth2();
parth2tr();
//ini_set('error_reporting', '1');
//ini_set('display_errors', '1');
if (isset($_SESSION['sesuser'])) {
if ($_GET['Confirmed'] == 1) {
$user = trim($_POST['Character']);
$stat = trim($_POST['stat']);
$user = test($user);
$stat = test($stat);
$connect = odbc_connect($dbname, $dbuser, $dbpass);
$query = "SELECT COUNT(*) FROM RESTAT_LOG WHERE DATEDIFF(hh,[Date],GETDATE()) < 24 AND AccountID = '" . $_SESSION['sesuser'] . "'";
$results = odbc_exec($connect, $query);
while (odbc_fetch_row($results)) {
$logcheck = odbc_result($results, 1);
}
if ($logcheck > 0) {
part1('100%', 1, 1, 'center');
echo '</br>You may only use this feature once every 24hours.';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
die();
}
$getuser = "SELECT strCharID FROM CURRENTUSER where strAccountID = '" . $_SESSION['sesuser'] . "'";
$getusere = odbc_exec($connect, $getuser);
$characterID = odbc_result($getusere, 1);
if (strlen(trim($characterID)) > 0) {
$killed = 1;
KillUserAndWait(trim($characterID), $connect);
}
if (strlen($user) == 0) {
part1('100%', 1, 1, 'center');
echo '</br>You\'r Character was invalid!';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
die();
}
if (strlen($stat) == 0) {
part1('100%', 1, 1, 'center');
echo '</br>You havn\'t selected a basic stat point!';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
die();
}
// Anti SQL Inject shit - I'm not sure if it's even possible to manipulate the values of a combo
// However - I'd personally rather not risk it.
// Get the current stats n race ;o
$query = "SELECT Strong, Cha, Dex, Intel, Sta, Points, Race, Gold, strItem FROM USERDATA WHERE strUserID ='" . $user . "'";
$results = odbc_exec($connect, $query);
while (odbc_fetch_row($results)) {
$str = odbc_result($results, 1);
$mp = odbc_result($results, 2);
$dex = odbc_result($results, 3);
$int = odbc_result($results, 4);
$hp = odbc_result($results, 5);
$rem = odbc_result($results, 6);
$race = odbc_result($results, 7);
$cash = odbc_result($results, 8);
$items = odbc_result($results, 9);
}
if ($cash < 500000000) {
part1('100%', 1, 1, 'center');
echo '</br>You havn\'t got enough money!';
echo '</br>You must have 500 Million GP in your inventory.';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
die();
}
// lame slow method by Goat® (K)
// for ($itempos = 0; $itempos < 104; $itempos++) { if ($items[$itempos] != 0) { $notnull = 1; } }
if (!preg_match('/^\x00{103}/',$items)) {
part1('100%', 1, 1, 'center');
echo '</br>You\'r Character isn\'t naked!';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
die();
}
// Calculate the new stats based on race
// Also sum up the old stats to obtain a total value
$total = $str + $mp + $dex + $int + $hp + $rem;
if (($race == 1) || ($race == 2) || ($race == 11)) {
$stats = array(65, 65, 60, 50, 50);
} elseif (($race == 3) || ($race == 13)) {
$stats = array(50, 50, 70, 70, 50);
} elseif ($race == 4) {
$stats = array(50, 60, 60, 70, 50);
} elseif ($race == 12) {
$stats = array(60, 60, 70, 50, 50);
}
$newstr = $stats[0];
$newmp = $stats[4];
$newdex = $stats[2];
$newint = $stats[3];
$newhp = $stats[1];
$newcash = $cash - 500000000;
$total = $total - $newstr - $newmp - $newdex - $newint - $newhp;
// Add the basic stat points..
if ($total > 255) {
$toallocate = $total - 255;
if ($stat == "str") {
$newstr = $newstr + $toallocate;
} elseif ($stat == "dex") {
$newdex = $newdex + $toallocate;
} elseif ($stat == "int") {
$newint = $newint + $toallocate;
} elseif ($stat == "mp") {
$newmp = $newmp + $toallocate;
} elseif ($stat == "hp") {
$newhp = $newhp + $toallocate;
}
}
// Update SQL
if ($total > 255) { $total = $total - $toallocate; }
if (($newint > 0) && ($newdex > 0) && ($newstr > 0) && ($newmp > 0) && ($newhp > 0) && ($total > 0)) {
$query = "INSERT INTO RESTAT_LOG([Date], AccountID, CharID, Strong, Cha, Dex, Intel, Sta, Points, OldGold, NewGold) VALUES (GETDATE(), '" . $_SESSION['sesuser'] . "', '$user', $newstr, $newmp, $newdex, $newint, $newhp, $total, $cash, $newcash)";
$results = odbc_exec($connect, $query);
$query = "UPDATE USERDATA SET Strong = $newstr, Cha = $newmp, Dex = $newdex, Intel = $newint, Sta = $newhp, Points = $total, Gold = $newcash WHERE strUserId = '$user'";
$results = odbc_exec($connect, $query);
part1('100 % ', 1, 1, 'center');
echo 'Success!</br>';
echo '</br>New Strength:' . $newstr . '</br>New Magic Power:' . $newmp . '</br>New Dexterity:' . $newdex . '</br>New Intelligence:' . $newint . '</br>New Health:' . $newhp . '</br>Unused:' . $total . '</br></br>New Cash:' . $newcash;
if ($killed == 1) {
echo '</br></br> This character was disconnected during the restat process.';
}
part2();
} else {
// Error code #000002 - I just made up numbers so we know what occured.
die("Error Code: #000002");
}
} else {
$connect = odbc_connect($dbname, $dbuser, $dbpass);
$query = "SELECT strCharID1, strCharID2, strCharID3 FROM Account_Char WHERE strAccountID ='" . $_SESSION['sesuser'] . "' ";
$results = odbc_exec($connect, $query);
while (odbc_fetch_row($results)) {
$char1 = odbc_result($results, 1);
$char2 = odbc_result($results, 2);
$char3 = odbc_result($results, 3);
}
if ((empty($char1)) && (empty($char2)) && (empty($char3))) {
part2();
part1('100%', 1, 1, 'center');
echo '</br>You don\'t have a character to restat';
echo '</br></br><a href="./index.php">Back</a></br>';
part2();
} else {
part1tr();
part1('25%', 1, 1, 'center');
echo 'Please select a character to restat:</br>';
echo 'You will also have to re-select your basic stat point!</br></br></br>';
echo '<center></br>
<FORM method=post name=restat action=index.php?act=Restat&Confirmed=1 style="margin:0px; padding:0px">
<select name="Character">';
foreach (array($char1, $char2, $char3) as $char) {
if ($char != "") {
$chars = 0;
$query = "SELECT Level FROM USERDATA WHERE strUserID = '" . $char . "'";
$results = odbc_exec($connect, $query);
while (odbc_fetch_row($results)) {
$lvl = odbc_result($results, 1);
}
if ($lvl == '') {
// Error code #000001 - Also made up .. 6 digits looks more professional (H)
die('error code: #000001');
}
if ($lvl >= 70) {
$chars++;
echo '<OPTION>' . $char . '</option>';
}
}
}
echo '</select></br></br>
<input type="radio" name="stat" value="str"> Strength
<input type="radio" name="stat" value="dex"> Dexterity
<input type="radio" name="stat" value="mp"> Magic Power
<input type="radio" name="stat" value="int"> Intelligence
<input type="radio" name="stat" value="hp"> Health
</center></br></br>';
if ($chars == 0) {
part2tr();
part1tr();
part1('100 % ', 1, 1, 'center');
echo 'You don\'t have a character above level 70!';
part2();
part2tr();
die();
} else {
echo'<li>You may only use this feature <b>once</b> every 24 hours</li>
<li>You must be <b>logged out</b> of the selected character to proceed</li>
<li>You must be naked on the selected character</li>
<li>You must have 500 Million coins in the Inventory of the Character you wish to be Transfered
</br></br>
<input class="input" type="submit" value="Confirm">
</form>';
part2();
part2tr();
}
}
}
} else {
part1('100%', 1, 1, 'center');
echo 'You must login first!';
part2();
}
?>Alıntı..
Son düzenleme: