View difference between Paste ID: <a href="/331nJKQp">331nJKQp</a> and <a href="/post/view"></a>

View difference between Paste ID: 331nJKQp and

SHOW: | | - or go back to the newest paste.


<?php

if (!isset($_SESSION['v1']) || !isset($_SESSION['v2']) || !is_numeric($_SESSION['v1']) || !ctype_alnum($_SESSION['v2']) || !defined('IN_CP')) {
  session_destroy();
  die('Hack attempt.');
}

// op 1 = warehouse -> bank
// op 2 = bank -> warehouse

$is_gm=false;
$op=0;
if (isset($_REQUEST['op'])) $op=$_REQUEST['op'];
if ($op>0 && ALLOW_BANK==false) die('Hack attempt.');

$r=mssql_query('select * from '.DB_GAM.'.dbo.cabal_character_table where CharacterIdx between '.$_SESSION['v1'].' * 8 and '.$_SESSION['v1'].' * 8 + 5 and login>0');
if (mssql_num_rows($r)>0) $is_online=true;
$r=mssql_query('select * from '.DB_GAM.'.dbo.cabal_character_table where CharacterIdx between '.$_SESSION['v1'].' * 8 and '.$_SESSION['v1'].' * 8 + 5 and nation=3');
if (mssql_num_rows($r)>0) $is_gm=true;  

$r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_getwarehousealz '".$_SESSION['v1']."'");
$row = mssql_fetch_row($r);
$walz=$row[1];
$r=mssql_query("exec ".DB_CSH.".dbo.getbankalz '".$_SESSION['v1']."'");
$row = mssql_fetch_row($r);
$balz=$row[1];

$q="select * from ".DB_ACC.".dbo.cabal_auth_table where UserNum='".$_SESSION['v1']."'and AuthKey='".$_SESSION['v2']."'";
$r=mssql_query($q);
$row = mssql_fetch_row($r);

if ($op>0) {

  $transferalz=$_REQUEST['alz'];
  if ($transferalz < 0)
     die('Hack attempt.')

  switch($op) {
    case '1':      
      if ($transferalz>$walz) {
        error_box('Alz transfer failed','You do not have enough Alz in your warehouse.');
        exit;
      }
      $newwalz=$walz-$transferalz;
      $newbalz=$balz+$transferalz;
      $r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_setwarehousealz '".$_SESSION['v1']."','".$newwalz."',0");
      $r=mssql_query("exec ".DB_CSH.".dbo.setbankalz '".$_SESSION['v1']."','".$newbalz."'");
      error_box('Alz transfer successful','Alz was successfully transferred to your bank.');
      break;
    case '2':
      if ($transferalz>$balz) {
        error_box('Alz transfer failed','You do not have enough Alz in your bank.');
        exit;
      }
      $newwalz=$walz+$transferalz;
      $newbalz=$balz-$transferalz;
      $r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_setwarehousealz '".$_SESSION['v1']."','".$newwalz."',0");
      $r=mssql_query("exec ".DB_CSH.".dbo.setbankalz '".$_SESSION['v1']."','".$newbalz."'");
      error_box('Alz transfer successful','Alz was successfully transferred to your warehouse.');
      break;  	    	  
  }	
} else {
  box_top($balz,$is_gm);
  echo '<table width="554" cellspacing="0" cellpadding="2" style="border:#333333 1px solid" border="0">';
  echo '<tr><td colspan="2" align="center" style="background-color:#333333" class="white"><strong>Account details</strong></td></tr>';
  echo '<tr><td width="120" style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Account name</strong></td><td style=";border-bottom:#333333 1px dashed">'.$row[1].'</td></tr>';
  echo '<tr><td style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Joined</strong></td><td style=";border-bottom:#333333 1px dashed">'.$row[12].'</td></tr>';
  echo '<tr><td style="padding-left:8px" class="cloud2"><strong>Total Play Time</strong></td><td>'.round($row[7]/60,2).' hours</td></tr>';
  echo '</table><br />';
  
  echo '<table width="554" cellspacing="0" cellpadding="2" style="border:#333333 1px solid" border="0">';
  echo '<tr><td colspan="3" align="center" style="background-color:#333333" class="white"><strong>Alz</strong></td></tr>';
  echo '<tr>';
    echo '<td width="120" style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Warehouse Alz</strong></td>';
    echo '<td style="border-bottom:#333333 1px dashed">'.$walz.'</td>';
    if (!$is_online && ALLOW_BANK==true) {
      echo '<form method="post" action="'.PAGE_INDEX.'?action=despoit&op=1"><td style="border-bottom:#333333 1px dashed"><input type="text" size="8" name="alz" class="editbox">&nbsp;<input type="submit" name="deposit" value="Deposit" class="button"></td></form>';
    } else {
      echo '<td style="border-bottom:#333333 1px dashed">&nbsp;</td>';
    }
  echo '</tr>';
  echo '<tr>';
    echo '<td style="padding-left:8px; border-bottom:#333333 1px dashed"  class="cloud2"><strong>Bank Alz</strong></td>';
    echo '<td width="120" style="border-bottom:#333333 1px dashed">'.$balz.'</td>';
    if (!$is_online && ALLOW_BANK==true) {
      echo '<form method="post" action="'.PAGE_INDEX.'?action=despoit&op=2"><td style="border-bottom:#333333 1px dashed"><input type="text" size="8" name="alz" class="editbox">&nbsp;<input type="submit" name="withdraw" value="Withdraw" class="button"></td></form>';
    } else {
      echo '<td style="border-bottom:#333333 1px dashed">&nbsp;</td>';
    }  
  echo '</tr>';
  if (ALLOW_BANK==false) {
      echo '<tr><td align="center" class="mini" colspan="3">Bank transfer disabled.</td></tr>';
  } else {
      echo '<tr><td align="center" class="mini" colspan="3">You can only transfer Alz when not online.</td></tr>';
  }
  echo '</table>';
  box_bottom();  
}

function error_box($title,$msg) {
  echo '<TABLE height="100%" width="100%">';
  echo '<TBODY><TR><TD vAlign=center align=middle>';
    echo '<TABLE cellSpacing=0 cellPadding=0 border=0><TBODY>';
    echo '<TR><TD width=35><IMG height=40 src="images/Item_Game_Box_s_01.gif" width=35></TD>';
    echo '<TD class=white style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 5px" vAlign=top align=middle background="images/Item_Game_Box_s_02.gif"><STRONG>'.$title.'</STRONG></TD>';
    echo '<TD width=35><IMG height=40 src="images/Item_Game_Box_s_03.gif" width=35></TD></TR>';
    echo '<TR>';
    echo '<TD background="images/Item_Game_Box_s_04.gif">&nbsp;</TD>';
    echo '<TD class=orange style="PADDING-BOTTOM: 20px; PADDING-TOP: 20px" align=middle width=200 background="images/Item_Game_Box_s_05.gif" height=50><STRONG><SPAN style="WIDTH: 280px">'.$msg.'</SPAN></STRONG></TD>';
    echo '<TD background="images/Item_Game_Box_s_06.gif">&nbsp;</TD>';
    echo '</TR>';
    echo '<TR>';
    echo '<TD background="images/Item_Game_Box_s_04.gif">&nbsp;</TD>';
    echo '<TD class=orange style="PADDING-BOTTOM: 20px; PADDING-TOP: 20px" align=middle background="images/Item_Game_Box_s_05.gif" height=20>';
    echo '<IMG style="CURSOR: pointer" onclick="javscript:location.href=\'./index.php?action=account&v1='.$_SESSION['v1'].'&v2='.$_SESSION['v2'].'\'" alt="Close" src="images/Btn_Close.gif" border=0>';
    echo '</TD>';
    echo '<TD background="images/Item_Game_Box_s_06.gif">&nbsp;</TD>';
    echo '</TR>';
    echo '<TR>';
    echo '<TD><IMG src="images/Item_Game_Box_s_07.gif" width=35></TD>';
    echo '<TD background="images/Item_Game_Box_s_08.gif">&nbsp;</TD>';
    echo '<TD><IMG src="images/Item_Game_Box_s_09.gif" width=35></TD>';
    echo '</TR></TBODY>';
    echo '</TABLE>';
  echo '</TD></TR></TBODY>';
  echo '</TABLE>';			
}
?>

1	-
1	+	<?php
2
3		if (!isset($_SESSION['v1']) \|\| !isset($_SESSION['v2']) \|\| !is_numeric($_SESSION['v1']) \|\| !ctype_alnum($_SESSION['v2']) \|\| !defined('IN_CP')) {
4		session_destroy();
5		die('Hack attempt.');
6		}
7
8		// op 1 = warehouse -> bank
9		// op 2 = bank -> warehouse
10
11		$is_gm=false;
12		$op=0;
13		if (isset($_REQUEST['op'])) $op=$_REQUEST['op'];
14		if ($op>0 && ALLOW_BANK==false) die('Hack attempt.');
15
16		$r=mssql_query('select * from '.DB_GAM.'.dbo.cabal_character_table where CharacterIdx between '.$_SESSION['v1'].' * 8 and '.$_SESSION['v1'].' * 8 + 5 and login>0');
17		if (mssql_num_rows($r)>0) $is_online=true;
18		$r=mssql_query('select * from '.DB_GAM.'.dbo.cabal_character_table where CharacterIdx between '.$_SESSION['v1'].' * 8 and '.$_SESSION['v1'].' * 8 + 5 and nation=3');
19		if (mssql_num_rows($r)>0) $is_gm=true;
20
21		$r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_getwarehousealz '".$_SESSION['v1']."'");
22		$row = mssql_fetch_row($r);
23		$walz=$row[1];
24		$r=mssql_query("exec ".DB_CSH.".dbo.getbankalz '".$_SESSION['v1']."'");
25		$row = mssql_fetch_row($r);
26		$balz=$row[1];
27
28		$q="select * from ".DB_ACC.".dbo.cabal_auth_table where UserNum='".$_SESSION['v1']."'and AuthKey='".$_SESSION['v2']."'";
29		$r=mssql_query($q);
30		$row = mssql_fetch_row($r);
31
32		if ($op>0) {
33
34		$transferalz=$_REQUEST['alz'];
35		if ($transferalz < 0)
36		die('Hack attempt.')
37
38		switch($op) {
39		case '1':
40		if ($transferalz>$walz) {
41		error_box('Alz transfer failed','You do not have enough Alz in your warehouse.');
42		exit;
43		}
44		$newwalz=$walz-$transferalz;
45		$newbalz=$balz+$transferalz;
46		$r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_setwarehousealz '".$_SESSION['v1']."','".$newwalz."',0");
47		$r=mssql_query("exec ".DB_CSH.".dbo.setbankalz '".$_SESSION['v1']."','".$newbalz."'");
48		error_box('Alz transfer successful','Alz was successfully transferred to your bank.');
49		break;
50		case '2':
51		if ($transferalz>$balz) {
52		error_box('Alz transfer failed','You do not have enough Alz in your bank.');
53		exit;
54		}
55		$newwalz=$walz+$transferalz;
56		$newbalz=$balz-$transferalz;
57		$r=mssql_query("exec ".DB_GAM.".dbo.cabal_tool_setwarehousealz '".$_SESSION['v1']."','".$newwalz."',0");
58		$r=mssql_query("exec ".DB_CSH.".dbo.setbankalz '".$_SESSION['v1']."','".$newbalz."'");
59		error_box('Alz transfer successful','Alz was successfully transferred to your warehouse.');
60		break;
61		}
62		} else {
63		box_top($balz,$is_gm);
64		echo '<table width="554" cellspacing="0" cellpadding="2" style="border:#333333 1px solid" border="0">';
65		echo '<tr><td colspan="2" align="center" style="background-color:#333333" class="white"><strong>Account details</strong></td></tr>';
66		echo '<tr><td width="120" style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Account name</strong></td><td style=";border-bottom:#333333 1px dashed">'.$row[1].'</td></tr>';
67		echo '<tr><td style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Joined</strong></td><td style=";border-bottom:#333333 1px dashed">'.$row[12].'</td></tr>';
68		echo '<tr><td style="padding-left:8px" class="cloud2"><strong>Total Play Time</strong></td><td>'.round($row[7]/60,2).' hours</td></tr>';
69		echo '</table><br />';
70
71		echo '<table width="554" cellspacing="0" cellpadding="2" style="border:#333333 1px solid" border="0">';
72		echo '<tr><td colspan="3" align="center" style="background-color:#333333" class="white"><strong>Alz</strong></td></tr>';
73		echo '<tr>';
74		echo '<td width="120" style="padding-left:8px;border-bottom:#333333 1px dashed" class="cloud2"><strong>Warehouse Alz</strong></td>';
75		echo '<td style="border-bottom:#333333 1px dashed">'.$walz.'</td>';
76		if (!$is_online && ALLOW_BANK==true) {
77		echo '<form method="post" action="'.PAGE_INDEX.'?action=despoit&op=1"><td style="border-bottom:#333333 1px dashed"><input type="text" size="8" name="alz" class="editbox"> <input type="submit" name="deposit" value="Deposit" class="button"></td></form>';
78		} else {
79		echo '<td style="border-bottom:#333333 1px dashed"> </td>';
80		}
81		echo '</tr>';
82		echo '<tr>';
83		echo '<td style="padding-left:8px; border-bottom:#333333 1px dashed" class="cloud2"><strong>Bank Alz</strong></td>';
84		echo '<td width="120" style="border-bottom:#333333 1px dashed">'.$balz.'</td>';
85		if (!$is_online && ALLOW_BANK==true) {
86		echo '<form method="post" action="'.PAGE_INDEX.'?action=despoit&op=2"><td style="border-bottom:#333333 1px dashed"><input type="text" size="8" name="alz" class="editbox"> <input type="submit" name="withdraw" value="Withdraw" class="button"></td></form>';
87		} else {
88		echo '<td style="border-bottom:#333333 1px dashed"> </td>';
89		}
90		echo '</tr>';
91		if (ALLOW_BANK==false) {
92		echo '<tr><td align="center" class="mini" colspan="3">Bank transfer disabled.</td></tr>';
93		} else {
94		echo '<tr><td align="center" class="mini" colspan="3">You can only transfer Alz when not online.</td></tr>';
95		}
96		echo '</table>';
97		box_bottom();
98		}
99
100		function error_box($title,$msg) {
101		echo '<TABLE height="100%" width="100%">';
102		echo '<TBODY><TR><TD vAlign=center align=middle>';
103		echo '<TABLE cellSpacing=0 cellPadding=0 border=0><TBODY>';
104		echo '<TR><TD width=35><IMG height=40 src="images/Item_Game_Box_s_01.gif" width=35></TD>';
105		echo '<TD class=white style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 5px" vAlign=top align=middle background="images/Item_Game_Box_s_02.gif"><STRONG>'.$title.'</STRONG></TD>';
106		echo '<TD width=35><IMG height=40 src="images/Item_Game_Box_s_03.gif" width=35></TD></TR>';
107		echo '<TR>';
108		echo '<TD background="images/Item_Game_Box_s_04.gif"> </TD>';
109		echo '<TD class=orange style="PADDING-BOTTOM: 20px; PADDING-TOP: 20px" align=middle width=200 background="images/Item_Game_Box_s_05.gif" height=50><STRONG><SPAN style="WIDTH: 280px">'.$msg.'</SPAN></STRONG></TD>';
110		echo '<TD background="images/Item_Game_Box_s_06.gif"> </TD>';
111		echo '</TR>';
112		echo '<TR>';
113		echo '<TD background="images/Item_Game_Box_s_04.gif"> </TD>';
114		echo '<TD class=orange style="PADDING-BOTTOM: 20px; PADDING-TOP: 20px" align=middle background="images/Item_Game_Box_s_05.gif" height=20>';
115		echo '<IMG style="CURSOR: pointer" onclick="javscript:location.href=\'./index.php?action=account&v1='.$_SESSION['v1'].'&v2='.$_SESSION['v2'].'\'" alt="Close" src="images/Btn_Close.gif" border=0>';
116		echo '</TD>';
117		echo '<TD background="images/Item_Game_Box_s_06.gif"> </TD>';
118		echo '</TR>';
119		echo '<TR>';
120		echo '<TD><IMG src="images/Item_Game_Box_s_07.gif" width=35></TD>';
121		echo '<TD background="images/Item_Game_Box_s_08.gif"> </TD>';
122		echo '<TD><IMG src="images/Item_Game_Box_s_09.gif" width=35></TD>';
123		echo '</TR></TBODY>';
124		echo '</TABLE>';
125		echo '</TD></TR></TBODY>';
126		echo '</TABLE>';
127		}
128		?>