..

1. <?
2. ob_start('ob_gzhandler');
3.  
4. if($_SERVER['REMOTE_ADDR'] !== '31.185.125.145')
5. error_reporting(0);
6.  
7. $time = microtime(true);
8. if(!isset($_GET['subtopic']) || !($subtopic = $_GET['subtopic'])) {
9. $subtopic = 'latestnews';
10. }
11.  
12. foreach(array(
13. 'home' => array('latestnews' => 'Latest News'/*, 'archive' => 'News Archive'*/),
14.  
15. 'account' => array('accountmanagement' => 'Account Management', 'createaccount' => 'Create Account', 'downloads' => 'Downloads', 'lostaccount' => 'Lost Account?'),
16.  
17. 'community' => array('characters' => 'Characters', 'whoisonline' => 'Who is online?', 'highscores' => 'Highscores', 'houses' => 'Houses', 'guilds' => 'Guilds', 'guildwars' => 'Guild Wars', 'deaths' => 'Latest Deaths', 'frags' => 'Top Fraggers', 'addonmakers' => 'Addonmakers', 'questmakers' => 'Top Questmakers'/*, 'elo' => 'Elo Ranking'*/, 'achievements' => 'Achievements'),
18.  
19. 'library' => array('achievements' => 'Achievements', 'serverinfo' => 'Serverinfo', 'items' => 'Items', 'mounts' => 'Mounts', 'tasks' => 'Tasks', 'topcountries' => 'Top Countries', 'killstatistics' => 'Kill Statistics'/*, 'zombie' => 'Zombie Highscores'*/, 'bans' => 'Ban List', 'topguilds' => 'Top Guilds', 'polls' => 'Polls', 'pg' => 'Powergamers', 'experiencetable' => 'Experience Table'),
20.  
21. 'forum' => array('forum' => 'Forum Board','ticket' => 'Ticket Board'),
22.  
23. 'shop' => array('buycoins' => 'Buy Coins', 'shop' => 'Donation Gifts', 'egypt' => 'Vodafone', 'shophistory' => 'Shop History', 'pay' => 'PayPal', 'bitcoin' => 'Bitcoin', 'paygol' => 'PayGol', 'payg' => 'PayG', 'paygol_f' => 'PayGol Success', 'paygol_c' => 'PayGol Failure', 'paygol_lt' => 'PayGol', 'paygol_lt_f' => 'PayGol Success', 'paygol_lt_c' => 'PayGol Failure'/*, 'polls' => 'Polls'*/),
24.  
25. 'help' => array('ticketroom' => 'Ticket Room','faq' => 'FAQ', 'rules' => 'Server Rules', 'staff' => 'Staff'),
26.  
27. 'admin' => array('adminpanel' => 'Admin Panel', 'shopadmin' => 'Shop Admin', 'changes' => 'Changes', 'codes' => 'Code Generator')
28.  
29.  
30. ) as $k => $v) {
31. foreach($v as $a => $b) {
32. if($a === $subtopic) {
33. $topic = array($k, $b);
34. unset($k, $v, $a, $b);
35. break;
36. }
37. }
38. }
39.  
40. if(!isset($topic)) {
41. header('Location: /news');
42. exit;
43. }
44.  
45. session_start();
46. $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : NULL;
47.  
48. $SQL = NULL; $qn=0; $qtime=0; $qstr = '';
49.  
50. require 'config.php';
51.  
52. function connect() {
53. global $host, $dbname, $user, $pass;
54. try {
55. $GLOBALS['SQL'] = new PDO('mysql:host='.$host.';dbname='.$dbname, $user, $pass, array(PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING, PDO::MYSQL_ATTR_COMPRESS => true, PDO::ATTR_PERSISTENT => true));
56. }
57. catch(PDOException $e) {
58. die($e->getMessage());
59. }
60. }
61.  
62. function query($q) {
63. global $SQL;
64. if($SQL === NULL)
65. connect();
66. ++$GLOBALS['qn'];
67.  
68. $t = microtime(true);
69. $res = $q[0] === 'S' ? $SQL->query($q) : $SQL->exec($q);
70. $t = microtime(true) - $t;
71. $GLOBALS['qtime'] += $t;
72. return $res;
73. }
74.  
75. function quote($s) {
76. global $SQL;
77. if($SQL === NULL)
78. connect();
79. return $SQL->quote($s);
80. }
81.  
82. function lastInsertId() {
83. global $SQL;
84. if($SQL === NULL)
85. connect();
86. return $SQL->lastInsertId();
87. }
88.  
89. function redir($s) {
90. header('Location: '.$s);
91. exit;
92. }
93.  
94. function check_account_name($s) {
95. $l = strlen($s);
96. return $l >= 1 && $l <= 30 && strspn($s, 'QWERTYUIOPASDFGHJKLZXCVBNM0123456789') === $l;
97. }
98.  
99. function check_password($s) {
100. $l = strlen($s);
101. return $l >= 1 && $l <= 30 && strspn($s, 'qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789_') === $l;
102. }
103.  
104. function check_name($s) {
105. $l = strlen($s);
106. return $l >= 3 && $l <= 25 && strspn($s, 'qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM \'') === $l;
107. }
108.  
109. function timestr($t) {
110. define('YEAR', 365 * 86400);
111. define('MONTH', 30 * 86400);
112. define('WEEK', 7 * 86400);
113. define('DAY', 86400);
114. define('HOUR', 3600);
115. define('MINUTE', 60);
116.  
117. if($t >= time())
118. $t = $t - time();
119. else
120. $t = time() - $t;
121.  
122. if($t >= YEAR) {
123. $t = (int)($t / YEAR);
124. $s = 'year';
125. }
126. elseif($t >= MONTH) {
127. $t = (int)($t / MONTH);
128. $s = 'month';
129. }
130. elseif($t >= WEEK) {
131. $t = (int)($t / WEEK);
132. $s = 'week';
133. }
134. elseif($t >= DAY) {
135. $t = (int)($t / DAY);
136. $s = 'day';
137. }
138. elseif($t >= HOUR) {
139. $t = (int)($t / HOUR);
140. $s = 'hour';
141. }
142. elseif($t >= MINUTE) {
143. $t = (int)($t / MINUTE);
144. $s = 'minute';
145. }
146. else
147. $s = 'second';
148.  
149. return $t .' '.$s.($t === 1 ? '' : 's');
150. }
151.  
152. if($subtopic === 'accountmanagement' && isset($_GET['page']) && $_GET['page'] === 'logout')
153. session_unset();
154. elseif($subtopic === 'createaccount' && isset($_POST['step']) && $_POST['step'] === 'docreate') {
155. include('pages/createaccount2.inc');
156. }
157.  
158. $logged = false; $gid = 0;
159. if(isset($_SESSION['account'])) {
160. $acc = $_SESSION['account'];
161. $pw = $_SESSION['password'];
162. $first = false;
163. }
164. elseif(isset($_POST['account_login']) && isset($_POST['password_login'])) {
165. $acc = strtoupper($_POST['account_login']);
166. $pw = $_POST['password_login'];
167. $first = true;
168. }
169. if(isset($acc)) {
170. if( !$first || (check_account_name($acc) && check_password($pw)) ) {
171.  
172. if($first) {
173. if($sha1)
174. $a = query("SELECT id FROM accounts WHERE name = '$acc' AND password=SHA1(CONCAT(salt, ".quote($pw)."))");
175. else
176. $a = query("SELECT id FROM accounts WHERE name = '$acc' AND password=".quote($pw));
177. }
178. else {
179. if($sha1)
180. $a = query("SELECT id,name,password,premdays,email,`key`,premium_points,page_access,page_lastday,last_post,created,vote FROM accounts WHERE id = $acc AND password=SHA1(CONCAT(salt, ".quote($pw)."))");
181. else
182. $a = query("SELECT id,name,password,premdays,email,`key`,premium_points,page_access,page_lastday,last_post,created,vote FROM accounts WHERE id = $acc AND password=".quote($pw));
183. }
184. if($a = $a->fetch()) {
185. if($first) {
186. query('UPDATE accounts SET page_lastday='.time().' WHERE id='.$a['id']);
187. $_SESSION['account'] = $a['id'];
188. $_SESSION['password'] = $pw;
189. redir($_POST['redirect'] ?: '/account');
190. }
191. $logged = true;
192. $gid = (int)$a['page_access'];
193. if(!isset($_SESSION['country']))
194. $_SESSION['country'] = strtolower(query('SELECT cc FROM geoip WHERE end>='.ip2long($_SERVER['REMOTE_ADDR']).' LIMIT 1')->fetchColumn());
195.  
196.  
197. if(0 /*$gid === 3 && !in_array($_SESSION['country'], Array('eg','at'))*/) {
198. exit;
199. }
200. }
201. }
202. if(!$logged) {
203. if($first)
204. $lfail = true;
205. else
206. session_unset();
207. }
208. }
209.  
210. $stat = explode('|', file_get_contents('cache/status.tmp'));
211.  
212. function active($opt) {
213. if($GLOBALS['subtopic'] === $opt)
214. echo ' class="active"';
215. }
216. function menu($opt) {
217. if($GLOBALS['topic'][0] === $opt)
218. echo 'active';
219. } ?>
220. <!DOCTYPE html>
221. <div id="countdown_timer">
222. <? require 'pages/countdown.inc'; ?>
223. </div>
224. <html xmlns="http://www.w3.org/1999/xhtml">
225. <head>
226. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
227. <title><? echo $topic[1]; ?> - <?=$sname?></title>
228. <link rel="stylesheet" href="<? echo $layout_name; ?>/style.css?<?=filemtime('style.css')?>" type="text/css" />
229. <script type="text/javascript" src="<? echo $layout_name; ?>/menu.js?<?=filemtime('menu.js')?>"></script>
230. <script src="http://code.jquery.com/jquery-1.11.1.min.js" type="text/javascript"></script>
231. <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script>
232. <script src="snow.js"></script>
233. <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
234. <script type="text/javascript">
235. var imagesURL = '<? echo $layout_name; ?>';
236. $(document).ready(function(){
237. $('.ticket_close').click(function(){
238. $.ajax({
239. url:'/pages/ticket_close.php',
240. type:'post',
241. data:'tid='+$(this).attr('data-tid')+'&gid='+$(this).attr('data-gid')+'&action='+$(this).attr('data-action'),
242. success: function(data){
243. $('.ticket_top_msg > .errfield').html("");
244. if(data[0] == 'err#req'){
245. $('.ticket_top_msg > .errfield').html('<div class="well errmsg">Authorization error occured!</div>');
246. } else if (data[0] == 'fail') {
247. $('.ticket_top_msg > .errfield').html('<div class="well errmsg">Could not mark ticket as '+(data[1] == 'mark' ? 'solved!':'pending!')+'</div>');
248. } else if (data[0] == 'success') {
249. $('.ticket_top_msg > .errfield').html('<div class="well errmsg">Ticket has been marked as '+(data[1] == 'mark' ? 'solved!':'pending!')+'</div>');
250. }
251. }
252. });
253. });
254. $('#ticketForm').submit(function(event){
255. $.ajax({
256. url:'/pages/ticket_process.php',
257. type:'post',
258. data:$('#ticketForm').serialize(),
259. success: function(data){
260. $('.newTicket_err').html("");
261. if(data[0] == 'err#sess'){
262. $('.newTicket_err').prepend('<div class="well errmsg">You have to be <a href="/?subtopic=accountmanagement">logged in</a> first.</div>');
263. } else if(data[0] == 'err#missing') {
264. $('.newTicket_err').prepend('<div class="well errmsg">missing info: author_id | title</div>');
265. } else if(data[0] == 'err#ticketInsert') {
266. $('.newTicket_err').prepend('<div class="well errmsg">Could not create ticket! Please contact admin.</div>');
267. } else if(data[0] == 'err#query') {
268. $('.newTicket_err').prepend('<div class="well errmsg">Something went wrong. Please contact admin.</div>');
269. } else if (data[0] == 'err#lasttime') {
270. $('.newTicket_err').prepend('<div class="well errmsg">You can only create a ticket every 12h</div>');
271. } else if(data[0] == 'success') {
272. $('.newTicket_err').prepend('<div class="well succmsg">Your ticket has been created!</div>');
273. $('#ticketForm textarea, #ticketForm input[name="title"]').val("");
274. $('.pending_tickets').append('\
275. <tr>\
276. <td>'+data[2]+'</td>\
277. <td colspan="1">\
278. <span class="pending">\
279. PENDING</span>\
280. </td>\
281. <td><a href="/?subtopic=ticketroom&tid='+data[3]+'">'+data[1]+'</a></td>\
282. <td><?=date("Y-m-d h:m:s", time())?></td>\
283. </tr>');
284. }
285. }
286. });
287. event.preventDefault();
288. });
289. $('#ticketResponse').submit(function(event){
290. $.ajax({
291. url:'/pages/ticket_resp.php',
292. type:'post',
293. dataType:'json',
294. data:$('#ticketResponse').serialize(),
295. success:function(data){
296. $('.ticket_response > .errfield').html("");
297.  
298. if(data[0] == 'success'){
299. $('.ticket_response > .errfield').html("");
300. $('.ticket_msg_c').append('\
301. <div class="message_c">\
302. <div>\
303. <span class="message" style="float:right;background:green;">\
304. <div class="message_plain">\
305. '+data[1]+'\
306. </div>\
307. <div class="message_time">\
308. <span><?=date("Y-m-d h:m:s", time())?></span>\
309. </div>\
310. </span>\
311. </div>\
312. </div>');
313.  
314. // reset input value
315. $('input[name="resp_msg"]').val("");
316. $('.ticket_msg_c').scrollTop($('.ticket_msg_c')[0].scrollHeight);
317. } else if (data[0] == 'fail') {
318. $('.ticket_response > .errfield').prepend('<div class="well errmsg">Something went wrong. Please contact admin.</div>');
319. } else if (data[0] == 'err#sess') {
320. $('.ticket_response > .errfield').prepend('<div class="well errmsg">You have to be <a href="/?subtopic=accountmanagement">logged in</a>!.</div>');
321. } else if (data[0] == 'err#missingField') {
322. $('.ticket_response > .errfield').prepend('<div class="well errmsg">Some data is missing!</div>');
323. } else if (data[0] == 'err#alreadySolved') {
324. $('.ticket_response > .errfield').prepend('<div class="well errmsg">!! This ticket has been closed by administrators !!</div>');
325. }
326.  
327. }
328. });
329. event.preventDefault();
330. event.stopPropagation();
331. });
332.  
333. });
334. </script>
335. </head>
336. </script>
337. <? echo $layout_header; ?>
338. </head>
339.  
340. <body onload="menuInit();">
341. <div id="page">
342. <!-- HOLD ALL ON CENTER -->
343. <div id="header"></div>
344. <div id="menu">
345. <div style="margin-bottom: -2px;"><img src="<? echo $layout_name; ?>/images/menu-start.png" alt="Start Menu" /></div>
346. <div id="news">
347. <div onclick="menuSwitch(1, 'news')">
348. <div class="maydela">
349. <div style="float: left; width: 157px; height: 34px;"><img src="<? echo $layout_name; ?>/" alt="" /></div>
350. <div id="news_Icon" style="background-image: url('<? echo $layout_name; ?>/images/minus.gif'); background-position: bottom right; background-repeat: no-repeat; float: left; width: 23px; height: 34px;"></div>
351. </div>
352. </div>
353. <div id="news_Submenu">
354. <div class="links">
355. <ul>
356. <li><a href="/?subtopic=latestnews">Latest News</a></li>
357. <li><a href="/?subtopic=topcountries">Top Countries</a></li>
358. </ul>
359. </div>
360. </div>
361. </div>
362.  
363. <div id="account">
364. <div onclick="menuSwitch(2, 'account')">
365. <div class="maydelaa">
366. <div style="float: left; width: 157px; height: 34px;"><img src="<? echo $layout_name; ?>/" alt="" /></div>
367. <div id="account_Icon" style="background-image: url('<? echo $layout_name; ?>/images/plus.gif'); background-position: bottom right; background-repeat: no-repeat; float: left; width: 23px; height: 34px;"></div>
368. </div>
369. </div>
370. <div id="account_Submenu">
371. <div class="links">
372. <ul>
373. <?PHP
374. if($gid >= 3)
375. echo '<li><a href="/?subtopic=adminpanel">Admin Panel</a></li>';
376. if($gid > 0)
377. echo '<li><a href="/?subtopic=namelock">Namelocks</a></li>';
378. if($logged)
379. {
380. echo '<li><a href="/?subtopic=accountmanagement">My Account</a></li>
381. <li><a href="/?subtopic=ticket">Create Ticket</a></li>
382. <li><a href="/?subtopic=accountmanagement&page=logout">Logout</a></li>';
383. }
384. else
385. {
386. echo '<li><a href="/?subtopic=accountmanagement">Login</a></li>';
387. }
388. ?>
389. <li><a href="/?subtopic=createaccount">Create Account</a></li>
390. <li><a href="/?subtopic=lostaccount">Lost Account Interface</a></li>
391. <li><a href="/?subtopic=rules">Server Rules</a></li>
392. </ul>
393. </div>
394. </div>
395. </div>
396.  
397. <div id="community">
398. <div onclick="menuSwitch(3, 'community')">
399. <div class="maydelaaa">
400. <div style="float: left; width: 157px; height: 34px;"><img src="<? echo $layout_name; ?>/" alt="" /></div>
401. <div id="community_Icon" style="background-image: url('<? echo $layout_name; ?>/images/plus.gif'); background-position: bottom right; background-repeat: no-repeat; float: left; width: 23px; height: 34px;"></div>
402. </div>
403. </div>
404. <div id="community_Submenu">
405. <div class="links">
406. <ul>
407. <li><a href="/?subtopic=characters">Search Player</a></li>
408. <li><a href="/?subtopic=guilds">Guilds</a></li>
409. <li><a href="/?subtopic=highscores"><b><font size="1" color="yellow"><blink>Top Level</blink></font></b></a></li>
410. <li><a href="/?subtopic=killstatistics">Last Deaths</a></li>
411. <li><a href="/?subtopic=frags"><b><font size="1" color="red"><blink>Top Fraggers</blink></font></b></a></li>
412. <li><a href="/wars"><b><font size="1" color="green"><blink>Guild War</blink></font></b></a></li>
413. <li><a href="/?subtopic=topguilds">Top Guilds</a></li>
414. <li><a href="/?subtopic=houses">Houses</a></li>
415. <li><a href="/?subtopic=downloads">Download</a></li>
416. <li><a href="/?subtopic=forum">Forum</a></li>
417. <li><a href="/achievements">Achievements</a></li>
418. <li><a href="/?subtopic=staff">Game Masters</a></li>
419. </ul>
420. </div>
421. </div>
422. </div>
423.  
424. <div id="library">
425. <div onclick="menuSwitch(4, 'library')">
426. <div class="maydelaaaa">
427. <div style="float: left; width: 157px; height: 34px;"><img src="<? echo $layout_name; ?>/" alt="" /></div>
428. <div id="library_Icon" style="background-image: url('<? echo $layout_name; ?>/images/plus.gif'); background-position: bottom right; background-repeat: no-repeat; float: left; width: 23px; height: 34px;"></div>
429. </div>
430. </div>
431. <div id="library_Submenu">
432. <div class="links">
433. <ul>
434. <!--li><a href="/?subtopic=creatures">Monsters</a></li>
435. <li><a href="/?subtopic=spells">Spells</a></li-->
436. <li><a href="/?subtopic=whoisonline">Who is online?</a></li>
437. <li><a href="/?subtopic=serverinfo">Server Info</a></li>
438. <li><a href="/?subtopic=downloads">Downloads</a></li>
439. </ul>
440. </div>
441. </div>
442. </div>
443.  
444. <div id="shops">
445. <div onclick="menuSwitch(5, 'shops')">
446. <div class="maydelaaaaa">
447. <div style="float: left; width: 157px; height: 34px;"><img src="<?=$layout_name?>/" alt="" /></div>
448. <div id="shops_Icon" style="background-image: url('<?=$layout_name?>/images/plus.gif'); background-position: bottom right; background-repeat: no-repeat; float: left; width: 23px; height: 34px;"></div>
449. </div>
450. </div>
451. <div id="shops_Submenu">
452. <div class="links">
453. <ul>
454. <li><a href="/?subtopic=buycoins"><b><font size="1" color="red"><blink>Buy Premium Points</blink></font></b></a></li>
455. <li><a href="/?subtopic=shop">Shop Offer</a></li>';
456. <? if($logged) { ?>
457. <li><a href="/?subtopic=shophistory">Shop History</a></li>
458. <? } ?>
459. </ul>
460. </div>
461. </div>
462. </div>
463.  
464. <div style="margin-top: -2px;"><img src="<? echo $layout_name; ?>/images/menu-end.png" alt="End Menu" /></div>
465. </div>
466.  
467. <div id="cnt-box">
468. <div id="top"></div>
469. <div id="mid">
470. <div id="margins">
471. <? if(in_array($subtopic, array('paygol','paygol_f','paygol_c')))
472. include('pages/paygol/pay.php');
473. elseif(in_array($subtopic, array('paygol_lt','paygol_lt_f','paygol_lt_c')))
474. include('pages/paygol/pay_lt.php');
475. else
476. include('pages/'.$subtopic.'.inc'); ?>
477. </div>
478. </div>
479. <div id="bot"></div>
480. <div id="copyrights" style="color: #efe;">
481. <p>&copy; <?=date('Y')?> by <? echo $sname; ?>. All Rights Reserved.</p>
482. <p>Served by <?=$_SERVER['SERVER_ADDR']?> with <?=$qn?> queries in <?=round(microtime(true) - $time, 4)?>s.</p>
483. </div>
484. </div>
485. <div id="status">
486. <img src="<? echo $layout_name; ?>/images/statess.png" alt="Premium Banner" style="border: 0px;" />
487. <div id="maydala">
488. <hr noshade="noshade" size="1" />
489. <?PHP
490. if($stat[0] == 1)
491. echo '
492. <h3>Server Status: <img style="vertical-align:middle;" src="/online.png"></h3>
493. <h3><font color="red">Players Online: '.$stat[1].' / '.$stat[2].'<br /></font></h3>
494. <font color="yellow">Monsters: '.$stat[4].'<br />Uptime: '.$stat[5].'<br /></font>
495. <font color="yellow">IP:</font> '.$_SERVER['HTTP_HOST'].'<br />
496. <font color="yellow">PORT:</h3> 7171';
497. else
498. echo '<font color="red"><b>Server Offline</b></font>';
499. ?>
500. <hr noshade="noshade" size="1" />
501. <a href="https://discord.gg/ARGVmpb"><img src="<? echo $layout_name; ?>/img/discord.png" alt="Premium Banner" style="border: 0px;" /></a>
502. </div>
503.  
504. <!-- END -->
505. </div>
506. </body>
507. </html>