Afs-cms

[Avarian]

Seriously? damn what we can do now?
its rly possbile ? OMG

It's a minor issue, it's been fixed and the release will be soon.

Would be great if you could make it possible to upload guild image from internett link instead of having me uploading them too

afs-cms surely is more complicated than nicaw

I'll work on adding it

 

[enriel]

I get this error,

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\Program\xampp\htdocs\Layouts\dragonflames\PHP Files\df_footer.inc.php on line 137

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\Program\xampp\htdocs\Layouts\dragonflames\PHP Files\df_footer.inc.php on line 136

How to fix it?

 

[Mr Evil]

Avarian is the security issue fixed?..
i tested with oceanic and he was able to post news and shit..

 

[enriel]

I get this error,

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\Program\xampp\htdocs\Layouts\dragonflames\PHP Files\df_footer.inc.php on line 137

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\Program\xampp\htdocs\Layouts\dragonflames\PHP Files\df_footer.inc.php on line 136

How to fix it?

 

[Znote]

How can i protect my self?


It is possebile to use htmlspecialchars() so the < and > tags dont load as html.

Here is the code

<?PHP

/*    
    Author: Avarian
    Product Name: AFS-CMS
    Purpose: A Content Management System specifically made for the forgotten server.
    Copyright (C) 2007-2008  [Avarian]

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

session_start();
include ('Includes/config_includes.php');
include ('Includes/function_includes.php');
include ('Includes/header_includes.php');

switch($_GET['act']){

 ####ONLINE LIST#####
case "online":

echo '<title>'.$worldname.' - Players Online</title>';
echo '<h1>Players Online:</h1>';
    $i = 1;

'.$vocations.';
$online_query = mysql_query("SELECT * FROM `players` WHERE `online` = 1 ORDER BY `name` ASC") or die(mysql_error());
if(mysql_num_rows($online_query) != 0){
echo '<table border="1" cellpadding="2" style="border-collapse: collapse" bordercolor="#000000" width="100%" cellspacing="0">';
echo '<tr><td width="40%" bgcolor="#000000"><b>Players:</b></td><td width="40%" bgcolor="#000000"><b>Vocation:</b></td><td width="20%" bgcolor="#000000"><b>Level:</b></td></tr>';
while($sql_online = mysql_fetch_array($online_query)){
$number++;
if($layout == grayshades) {
echo '<td bgcolor="#444444">'.$number.' - <a href="info.php?act=players&char='.$sql_online['name'].'">'.$sql_online['name'].'</a></td><td bgcolor="#444444">'.$vocations[$sql_online['vocation']].'</td><td bgcolor="#444444">'.$sql_online['level'].'</td></tr>'; }
elseif($layout == blackdraft) {
echo '<td bgcolor="#444444">'.$number.' - <a href="info.php?act=players&char='.$sql_online['name'].'">'.$sql_online['name'].'</a></td><td bgcolor="#444444">'.$vocations[$sql_online['vocation']].'</td><td bgcolor="#444444">'.$sql_online['level'].'</td></tr>'; }
elseif($layout == thegathering) {
echo '<td bgcolor="#110F01">'.$number.' - <a href="info.php?act=players&char='.$sql_online['name'].'">'.$sql_online['name'].'</a></td><td bgcolor="#110F01">'.$vocations[$sql_online['vocation']].'</td><td bgcolor="#110F01">'.$sql_online['level'].'</td></tr>'; }
elseif($layout == dragonflames) {
echo '<td bgcolor="#110F01">'.$number.' - <a href="info.php?act=players&char='.$sql_online['name'].'">'.$sql_online['name'].'</a></td><td bgcolor="#110F01">'.$vocations[$sql_online['vocation']].'</td><td bgcolor="#110F01">'.$sql_online['level'].'</td></tr>'; }
}
}
else
{
echo '<p>There are no players online on '.$worldname.'.</p>';
}
echo '</table>';
break; 
	
	#####HIGHSCORES#####
	case "highscores":
echo '<title>'.$worldname.' - Highscores</title>';

$cfg['rank'] = 25;
if(isset($_GET['skill'])){
 $skill = $_GET['skill'];
} else {
 $skill = "Level";
}
if(!isset($_GET['pg'])) {
 $pg = 1;
} else {
 $pg = $_GET['pg'];
}
if($pg > 11){
 $inicio = 11;
}else{
 $inicio = $pg - 1;
}
$ini = $inicio * $cfg['rank'];
$prox = $cfg['rank'] * $pg + 1;
$prox_ = $cfg['rank'] * $pg + $cfg['rank'];
if($pg == 2){
 $ante = "1-".$cfg['rank'];
}elseif($pg > 2){
 $aa = $pg - 1;
 $b = $pg - 2;
 $a = $cfg['rank'] * $b;
 $ante = $a+'1'."-".$cfg['rank']*$aa;
}
if($pg == 1 or $pg == ""){
 $asd = " ";
}else{
 $asd = " | ";
}
?>
<style type="text/css">
<!--
.style1 {color: #FFFFFF}
-->
</style>
<div align="center"><h1>Highscores - Top 300</h1></div>
<table width="100%" border="0" cellspacing="1" cellpadding="2">
  <tr>
    <td width="87%" valign="top"><table width="100%" border="0" cellpadding="2" cellspacing="1" bgcolor="#000000">
      <tr>
        <td width="10%"><div align="center"><span class="style1">Rank</span></div></td>
        <td width="50%"><span class="style1">Name</span></td>
        <td width="15%"><div align="center"><span class="style1"><?=$skill?></span></div></td>
        <? if($skill == "Level"){?><td width="25%"><div align="center"><span class="style1">Experience</span></div></td><? } ?>
      </tr>
<?  switch($skill){
  case "Fist":
   $id = 0;
   break;
  case "Club":
   $id = 1;
   break;
  case "Sword":
   $id = 2;
   break;
  case "Axe":
   $id = 3;
   break;
  case "Distance":
   $id = 4;
   break;
  case "Shield":
   $id = 5;
   break;
  case "Fish":
   $id = 6;
   break;
 }
 if($skill == "Level") {
  $total = mysql_query("SELECT * FROM players WHERE group_id < '".$hs_group_id."' ORDER BY level");
  $tr = mysql_num_rows($total);
  $tp = $tr / $cfg['rank'];
  $tp = ceil($tp);
  $ant = $pg-1;
  $pro = $pg+1;
  $verifica = mysql_query("SELECT name,level,experience FROM players WHERE group_id < '".$hs_group_id."' ORDER BY experience DESC LIMIT ".$ini.",".$cfg['rank']."");
  if($pg == 1 or $pg == 0){
   $i = 1;
  }elseif($pg > 1){
   $i = $ini+1;
  }
  while($dados = mysql_fetch_array($verifica)) {
  	
			$id=$i+1;
			if($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }

   echo ' 
           <td><center>'.$i.'</center></td>
           <td><a href="info.php?act=players&char='.$dados['name'].'">'.$dados['name'].'</a></td>
           <td><center>'.$dados['level'].'</center></td>
    			 <td><center>'.$dados['experience'].'</center></td>
          </tr>';
    $i++;
  }
  if($tr > $cfg['rank']){
   echo '<tr bgcolor="black">
        <td colspan=4><div align="right">';
   if($pg > 1){
    $anterior = '<a href="?act=highscores&skill='.$skill.'&pg='.$ant.'">Rank '.$ante.'</a>';
   }
   if($pg != 11){
    if($pg < $tp){
     $proxima = '<a href="?act=highscores&skill='.$skill.'&pg='.$pro.'">Rank '.$prox.'-'.$prox_.'</a>';
     $tt = true;
    }
   }
   echo $anterior;
   if($tt == true) echo $asd;
   echo $proxima;
   echo '</div></td><tr>';
  }    
 }
 elseif($skill == "Magic") {
  $total = mysql_query("SELECT * FROM players WHERE group_id < '".$hs_group_id."' ORDER BY maglevel");
  $tr = mysql_num_rows($total);
  $tp = $tr / $cfg['rank'];
  $tp = ceil($tp);
  $ant = $pg-1;
  $pro = $pg+1;
  $verifica = mysql_query("SELECT name,maglevel FROM players WHERE group_id < '".$hs_group_id."' ORDER BY maglevel DESC LIMIT ".$ini.",".$cfg['rank']."");
  if($pg == 1 or $pg == 0){
   $i = 1;
  }elseif($pg > 1){
   $i = $ini+1;
  }
  while($dados = mysql_fetch_array($verifica)) {
			$id=$i+1;
			if($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
   echo ' 
           <td><center>'.$i.'</center></td>
           <td><a href="info.php?act=players&char='.$dados['name'].'">'.$dados['name'].'</a></td>
           <td><center>'.$dados['maglevel'].'</center></td>
          </tr>';
    $i++;
  }
  if($tr > $cfg['rank']){
   echo '<tr bgcolor="black">
        <td colspan=3><div align="right">';
   if($pg > 1){
    $anterior = '<a href="?act=highscores&skill='.$skill.'&pg='.$ant.'">Rank '.$ante.'</a>';
   }
   if($pg != 11){
    if($pg < $tp){
     $proxima = '<a href="?act=highscores&skill='.$skill.'&pg='.$pro.'">Rank '.$prox.'-'.$prox_.'</a>';
     $tt = true;
    }
   }
   echo $anterior;
   if($tt == true) echo $asd;
   echo $proxima;
   echo '</div></td><tr>';
  } 
 }
 else {
  $total = mysql_query("SELECT name,value FROM players, player_skills WHERE group_id < '".$hs_group_id."' AND players.id = player_skills.player_id AND player_skills.skillid = ".$id." ORDER BY value DESC");
  $tr = mysql_num_rows($total);
  $tp = $tr / $cfg['rank'];
  $tp = ceil($tp);
  $ant = $pg-1;
  $pro = $pg+1;
  $verifica = mysql_query("SELECT name,value FROM players, player_skills WHERE group_id < '".$hs_group_id."' AND players.id = player_skills.player_id AND player_skills.skillid = ".$id." ORDER BY value DESC LIMIT ".$ini.",".$cfg['rank']."");
  if($pg == 1 or $pg == 0){
   $i = 1;
  }elseif($pg > 1){
   $i = $ini+1;
  }
  while($dados = mysql_fetch_array($verifica))  {
			$id=$i+1;
			if($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
    echo '
           <td><center>'.$i.'</center></td>
           <td><a href="info.php?act=players&char='.$dados['name'].'">'.$dados['name'].'</a></td>
           <td><center>'.$dados['value'].'</center></td>
          </tr>';
    $i++;
  }
  if($tr > $cfg['rank']){
   echo '<tr bgcolor="black">
        <td colspan=3><div align="right">';
   if($pg > 1){
    $anterior = '<a href="?act=highscores&skill='.$skill.'&pg='.$ant.'">Rank '.$ante.'</a>';
   }
   if($pg != 11){
    if($pg < $tp){
     $proxima = '<a href="?act=highscores&skill='.$skill.'&pg='.$pro.'">Rank '.$prox.'-'.$prox_.'</a>';
     $tt = true;
    }
   }
   echo $anterior;
   if($tt == true) echo $asd;
   echo $proxima;
   echo '</div></td><tr>';
  } 
 } 
 
?>
    </table>
<div align="right">
</div>
<?PHP
if($layout == grayshades) {
      echo '<table width="100%" border="0" cellpadding="2" cellspacing="1" bgcolor="303030">'; }
elseif($layout == blackdraft) {
      echo '<table width="100%" border="0" cellpadding="2" cellspacing="1" bgcolor="303030">'; }
elseif($layout == thegathering) {
      echo '<table width="100%" border="0" cellpadding="2" cellspacing="1" bgcolor="110F09">'; }
elseif($layout == dragonflames) {
      echo '<table width="100%" border="0" cellpadding="2" cellspacing="1" bgcolor="110F09">'; }
      echo '</table></td>';

if($layout == thegathering) {
      echo '<td width="13%" valign="top"><table width="130" border="0" align="right" cellpadding="2" cellspacing="1" bgcolor="000000">'; }
elseif($layout == dragonflames) {
      echo '<td width="13%" valign="top"><table width="130" border="0" align="right" cellpadding="2" cellspacing="1" bgcolor="000000">'; }
elseif($layout == grayshades) {
      echo '<td width="13%" valign="top"><table width="130" border="0" align="right" cellpadding="2" cellspacing="1" bgcolor="303030">'; }
elseif($layout == blackdraft) {
      echo '<td width="13%" valign="top"><table width="130" border="0" align="right" cellpadding="2" cellspacing="1" bgcolor="303030">'; }
      echo '<tr>';

        echo '<div align="center"><a href="?act=highscores&skill=Level">Level</a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Magic">Magic Level </a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Fist">Fist Fighting </a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Club">Club Fighting </a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Sword">Sword Fighting </a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Axe">Axe Fighting </a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Distance">Distance Fighting</a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Shield">Shielding</a></div></td>';
      echo '</tr>';
      echo '<tr>';
        echo '<div align="center"><a href="?act=highscores&skill=Fish">Fishing</a></div></td>';
      echo '</tr>';
    echo '</table></td>';
  echo '</tr>';
echo '</table>';
?>

<?PHP
mysql_close();
	
	break;
	#####PLAYER SEARCH#####
	case "players":
echo '<title>'.$worldname.' - Players Search</title>';
	
	echo '<h1>Player Search:</h1>'; 

$char = trim($_REQUEST['char']);
if (!$char) {
	echo '<p>You have not requested any player name.</p>';
include ('Includes/footer_includes.php');
	die;
}
if (strlen($char) < 2) {
echo '<p>Not enough letters. Please enter atleast two.</p>';
include ('Includes/footer_includes.php');
die;
}

	$char = mysql_real_escape_string($char);

$player_query = mysql_query("SELECT * FROM `players` WHERE (`name` = '".$char."') ");

if(mysql_num_rows($player_query)==0) {
	$check_player_query = mysql_query("SELECT * FROM `players` WHERE `name` like '%".$char."%' LIMIT 0, ".$search_result_limit."");
	if(mysql_num_rows($check_player_query) != 0)
	{
		
		$i = 0;
		echo '<table cellspacing=0 cellpadding="5" border="0"><tr><td width="150px">Name</td><td width="50px"><center>Level</center></td><td width="100px">Vocation</td><center><td width="50px">Status:</td><center></tr>';
						while($check_player_sql = mysql_fetch_array($check_player_query))
						{
						
		'.$vocations.';
			$id=$i+1;
			if($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
						echo '<td><a href="info.php?act=players&char='.$check_player_sql['name'].'">'.$check_player_sql['name'].'</a></td><td><center>'.$check_player_sql['level'].'</center></td><td>'.$vocations[$check_player_sql['vocation']].'</td>';
			
		if($check_player_sql['online'] > 0) {
		echo '<td><center><font color="green"><b>Online</b></font></center></td>'; }
		else {
		echo '<td><center><font color="red"><b>Offline</b></font></center></td>';}
						echo '<tr>';
						$i++;
							
						}
		echo '</table>';
	}
	else
	{
	echo '<p>Player '.htmlspecialchars($char).' does not exist.</p>';
	}
	} else {

		$player_sql = mysql_fetch_array($player_query);
		$acc_logged_query = mysql_query("SELECT * FROM `accounts` WHERE (`id` = '".$player_sql['account_id']."') ") or die(mysql_error());
		$acc_logged_sql = mysql_fetch_array($acc_logged_query);

		$account_ban = $player_sql['account_id'];
		$ban_query = mysql_query("SELECT * FROM `bans` WHERE (`account` = '$account_ban') ") or die(mysql_error());
		$ban_sql = mysql_fetch_array($ban_query); 

		if ($player_sql['lastlogin'] != 0) $lastlog = date('M d Y, H:i:s',$player_sql['lastlogin']);
		else $lastlog = 'never logged in';

		if($player_sql['town_id'] == $town[1]['id'])
		$town = $town[1]['name'];
		elseif($player_sql['town_id'] == $town[2]['id'])
		$town = $town[2]['name'];
		elseif($player_sql['town_id'] == $town[3]['id'])
		$town = $town[3]['name'];
		elseif($player_sql['town_id'] == $town[4]['id'])
		$town = $town[4]['name'];
		elseif($player_sql['town_id'] == $town[5]['id'])
		$town = $town[5]['name'];
		elseif($player_sql['town_id'] == $town[6]['id'])
		$town = $town[6]['name'];
		elseif($player_sql['town_id'] == $town[7]['id'])
		$town = $town[7]['name'];
		elseif($player_sql['town_id'] == $town[8]['id'])
		$town = $town[8]['name'];
		elseif($player_sql['town_id'] == $town[9]['id'])
		$town = $town[9]['name'];
		elseif($player_sql['town_id'] == $rook['id'])
		$town = $rook['name'];
		

		$rankid = $player_sql['rank_id'];
		$query20 = mysql_query("SELECT * FROM `guild_ranks` WHERE (`id` = '$rankid') ") or die(mysql_error());
		$query_result20 = mysql_fetch_row($query20);
		$guildscheck = $query_result20[1];
		$query123 = mysql_query("SELECT * FROM `guilds` WHERE (`id` = '$guildscheck') ") or die(mysql_error());
		$query_result123 = mysql_fetch_row($query123);

		$space = $query_result123[1];

		$comment = stripslashes($player_sql['comment']);

		echo '<h2>Character information:</h2>';
		echo '<table width=400px><tr><tr><td width=100px>Name: </td><td width=300px>'.$player_sql['name'].'<br /></td></tr>';
		$sexs = array("Female", "Male");
		echo '<tr><td width=100px>Sex:</td><td width=300px>'.$sexs[$player_sql['sex']].'<br /></td></tr>';
		echo '<tr><td width=100px>Level:</td><td width=300px>'.$player_sql['level'].'<br /></td></tr>';
		'.$vocations.';
		echo '<tr><td width=100px>Vocation:</td><td width=300px>'.$vocations[$player_sql['vocation']].'<br /></td></tr>';
		echo '<tr><td width=100px>Residence:</td><td width=300px>'.$town.'<br /></td></tr>';

		if (empty($space)) {
		echo '<tr><td width=100px>Guild: </td><td width=300px>None';
		echo '<br /></td></tr>';
		}
		else
		{
		echo '<tr><td width=100px>Guild: </td><td width=300px>'.$query_result20[2].' of the <a href="guilds.php?act=view&guild='.$query_result123[1].'">'.$query_result123[1].'</a>';
		echo '<br /></td></tr>';
		}
		echo '<tr><td width=100px>Lastlogin:</td><td width=300px>'.$lastlog.'<br /></td></tr>';

		if($acc_logged_sql['premdays'] > 0 ) 
		echo '<tr><td width=100px>Account Type:</td><td width=300px>Premium Account<br /></td></tr>';
		else
		echo '<tr><td width=100px>Account Type:</td><td width=300px>Free Account<br /></td></tr>';
		
		if($comment == "") {
		echo '<tr><td width=100px>Comment:</td><td width=300px>None<br /></td></tr>';
		}
		else
		{
		echo '<tr><td width=100px>Comment:</td><td width=300px>'.htmlspecialchars($comment).'<br /></td></tr>';
		}

		if($player_sql['online'] > 0 ) {
		echo '<tr><td width=100px>Status:</td><td width=300px><font color="green"> Online</font><br /></td></tr>'; }
		else {
		echo '<tr><td width=100px>Status:</td><td width=300px><font color="red"> Offline</font><br /></td></tr>'; }
		
		echo '</table>';
		echo ('<br /><h2>Account information:</h2>');
		echo "<table width=400px>";
		if($acc_logged_sql['hidemail'] == 0)
		echo '<tr><td width=100px>Email:</td><td width=300px> <a href="mailto:'.$acc_logged_sql['email'].'">'.$acc_logged_sql['email'].'</a></td></tr>';
		if($acc_logged_sql['hide'] == 0){
			echo '<tr><td width=100px>Realname:</td><td width=300px> '.$acc_logged_sql['rlname'].'</td></tr>';
			echo '<tr><td width=100px>Location:</td><td width=300px> '.$acc_logged_sql['location'].'</td></tr>';
		}

$positionss = array("None", "$group_id1", "$group_id2", "$group_id3", "$group_id4", "$group_id5", "$group_id6", "$group_id7", "$group_id8", "$group_id9");
if($player_sql['group_id'] > 1)
{
echo '<tr><td width=100px>Position:</td><td width=300px><font color="Red">'.$positionss[$player_sql['group_id']].'</font></td></tr>';
} else {
echo '<tr><td width=100px>Position:</td><td width=300px>'.$positionss[$player_sql['group_id']].'</td></tr>';
}
 if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 0 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 1 )
{
        echo '<tr><td width=100px><font color="Red">Banished</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 2 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 3 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 4 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 5 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 6 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 7 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 8 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid name.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 9 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of offensive statement.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 10 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of spamming.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 11 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of advertisement not related to game.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 12 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of real money advertisement.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 13 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of non-english public statement.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 14 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of off-topic public statement.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 15 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of inciting rule violation.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 16 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of bug abuse.</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 17 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of game weakness abuse.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 
        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 18 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of macro use.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 19 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of using unofficial sotware to play.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 20 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of hacking.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 21 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of multi-clienting.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 22 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of account trading.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 23 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of account sharing.</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 24 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of threatening gamemaster.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 25 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of pretending to have official position.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 26 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of pretending to have influence on gamemaster.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 27 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of false report to gamemaster.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 28 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of excessive unjustified player killing.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 29 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of destructive behaviour.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 30 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red"> Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of spoiling action.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';
} 

        if(mysql_num_rows($ban_query) != 0 and $ban_sql[reason_id] == 31 )
{
        echo '<tr><td width=100px><font color="Red">Banished:</font></td><td width=300px><font color="Red">Until '.$bantime = date('M d Y, H:i:s',$ban_sql['time']).' because of invalid payment.</font></td></tr>';
	echo '<tr><td width=100px><font color="Red">Comment:</font></td><td width=300px><font color="Red"> '.$ban_sql[comment].'</font></td></tr>';
        echo '</table>';        
} 
        else
        echo '</table>'; 

$char = trim($_REQUEST['char']);
$player_query = mysql_query("SELECT * FROM `players` WHERE (`name` = '".$char."') ");
$query = mysql_query("SELECT * FROM `players` WHERE (`name` = '".$char."') ") or die(mysql_error());      
$sql = mysql_fetch_array($query);

   $death_query = mysql_query("SELECT * FROM `player_deaths` WHERE (`player_id` = '".$sql['id']."') ORDER BY `time` DESC LIMIT 10") or die(mysql_error());

if(mysql_num_rows($death_query) != 0){
                                	
echo '<br /><h2>Character Deaths:</h2>';

              
echo '<table cellspacing=0 cellpadding="5" border="0">';
while($death_sql = mysql_fetch_array($death_query)){
$number++;
$dead = $death_sql['player_id'];
$player_query = mysql_query("SELECT * FROM `players` WHERE (`name` = '".$char."') ");
$player_sql_result = mysql_fetch_array($player_query);
$player_id = $player_sql_result['id'];
if(empty($player_sql_result['name'])) {
$killedplayer = "ID: ".$dead." - SQL error";
}
else
{
$killedplayer = "<a href=\"info.php?act=players&char=".$player_sql_result['name']."\">".$player_sql_result['name']."</a>";
}
if($layout == grayshades) {
echo ($number % 2) ? "<tr>" : "<tr>"; }
elseif($layout == blackdraft) {
echo ($number % 2) ? "<tr>" : "<tr>"; }
elseif($layout == thegathering) {
echo ($number % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
elseif($layout == dragonflames) {
echo ($number % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
if($death_sql['is_player'] != 1) {
if($death_sql['killed_by'] == -1) {
$death_sql['killed_by'] = "NPC";
}
echo "<td>" .date('M d Y, H:i:s',$death_sql['time']). " Died at level ".$death_sql['level']." by a  ".$death_sql['killed_by'].".</td></tr>";
}
else
{
echo "<td>" .date('M d Y, H:i:s',$death_sql['time']). " Died at level ".$death_sql['level']." by <a href=\"info.php?act=players&char=".$death_sql['killed_by']."\"> ".$death_sql['killed_by']."</a>.</td></tr>";
}
}
}
else
{
}

echo '</table>';  




if($acc_logged_sql['hidechars'] == 0)
{
	echo ' <br /><h2>Characters:</h2>
		<table border="0" cellSpacing="0" cellPadding="2" width="220">

        <tr>
            <td width="200">Name:</td><td width="20"><center>Level:</center></td>
        </tr>';

	$acc_query = mysql_query("SELECT * FROM `players` WHERE (`account_id` = '".$player_sql['account_id']."') ") or die(mysql_error());
		$i=1;
	while($acc_sql = mysql_fetch_array($acc_query)){
		if($acc_sql['hide'] == 0)
		{
			$id=$i+1;
			if($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
		echo '<td width="200px">'.$i.'. <a href="info.php?act=players&char='.$acc_sql['name'].'">'.$acc_sql['name'].'</a></td>';
		echo '<td width="20px"><center>'.$acc_sql['level'].'</center></td>';
      echo '</tr>';
      $i++;
    }
    else {
    }
    }
echo '</table>';
	}	
	else { }

}
	break;

	case "deaths":
	
echo '<title>'.$worldname.' - Latest Deaths</title>';

echo '<h1>Latest Deaths:</h1>'; 
	$i = 1;
			
$death_query = mysql_query("SELECT * FROM `player_deaths` ORDER BY `time` DESC LIMIT $death_limit") or die(mysql_error());
if(mysql_num_rows($death_query) != 0){
echo '<table cellspacing=0 cellpadding="5" border="0">';
echo '<tr><td><b>Player:</b></td><td><b>Death:</b></td></tr>';
while($death_sql = mysql_fetch_array($death_query)){
$number++;
$dead = $death_sql['player_id'];
$player_query = mysql_query("SELECT * FROM players WHERE id = '$dead'") or die(mysql_error());
$player_sql_result = mysql_fetch_array($player_query);
if(empty($player_sql_result['name'])) {
$killedplayer = "ID: ".$dead." - SQL error";
}
else
{
$killedplayer = "<a href=\"info.php?act=players&char=".$player_sql_result['name']."\">".$player_sql_result['name']."</a>";
}

if($layout == thegathering) {
echo ($number % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
elseif($layout == grayshades) {
echo ($number % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
elseif($layout == blackdraft) {
echo ($number % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
elseif($layout == dragonflames) {
echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }

if($death_sql['is_player'] != 1) {
if($death_sql['killed_by'] == -1) {
$death_sql['killed_by'] = "NPC";
}
echo "<td>".$number.". ".$killedplayer." </td><td> was killed at level ".$death_sql['level']." by a ".$death_sql['killed_by']." (" .date('M d Y, H:i:s',$death_sql['time']). ").</td></tr>";
}
else
{
echo "<td>".$number.". ".$killedplayer." </td><td> was killed at level ".$death_sql['level']." by  <a href=\"info.php?act=players&char=".$death_sql['killed_by']."\"> ".$death_sql['killed_by']."</a> (" .date('M d Y, H:i:s',$death_sql['time']). ").</td></tr>";
}
}
}
else
{
echo '<p>There have been no deaths on '.$worldname.'.</p>';
}
echo '</table>';

break;

case "house":
echo '<title>'.$worldname.' - House List</title>';

	echo '<h1>House list:</h1>'; 
?>

<table width="100%" cellSpacing="0" border="0">
	<tr>
		<td><b>Name</b></td>
		<td><b>Size</b></td>
		<td><b>Rent</b></td>
		<td><b>Town</b></td>
		<td><b>Status</b></td>
	</tr>
	<?PHP
	

	$file = simplexml_load_string(file_get_contents($house_dir));
	$i = 0;
	$town1name = $town[1]['name'];
	$town2name = $town[2]['name'];
	$town3name = $town[3]['name'];
	$town4name = $town[4]['name'];
	$town5name = $town[5]['name'];
	$town6name = $town[6]['name'];
	$town7name = $town[7]['name'];
	$town8name = $town[8]['name'];
	$town9name = $town[9]['name'];

	foreach($file->house as $house_dir_file){
		if($house_dir_file['townid'] == 1) 
		$town = $town1name; 
		elseif($house_dir_file['townid'] == 2) 
		$town = $town2name; 
		elseif($house_dir_file['townid'] == 3) 
		$town = $town3name; 
		elseif($house_dir_file['townid'] == 4) 
		$town = $town4name; 
		elseif($house_dir_file['townid'] == 5) 
		$town = $town5name; 
		elseif($house_dir_file['townid'] == 6) 
		$town = $town6name;  
		elseif($house_dir_file['townid'] == 7) 
		$town = $town7name;  
		elseif($house_dir_file['townid'] == 8) 
		$town = $town8name;  
		else 
		$town = $town9name; 

		$house_dir_query = mysql_query("SELECT * FROM `houses` WHERE (`id` = '".$house_dir_file['houseid']."') ") or die(mysql_error());
		$house_dir_sql = mysql_fetch_array($house_dir_query);

		$player_query = mysql_query("SELECT * FROM `players` WHERE (`id` = '".$house_dir_sql['owner']."') ") or die(mysql_error());
		$player_sql = mysql_fetch_array($player_query);

		if($house_dir_sql['id'] == $house_dir_file['houseid']){
			if(!(empty($house_dir_sql['owner']))) {
				if($house_dir_sql['owner'] == $player_sql['id']){
					$status = 'Rented by <a href="info.php?act=players&char='.$player_sql['name'].'">'.$player_sql['name'].'</a>';
				}
			}
			else{
				$status = 'Available';
			}
		}

			$id=$i+1;
			if($layout == thegathering) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == dragonflames) {
			echo ($i % 2) ? "<tr bgcolor=\"#110F01\">" : "<tr bgcolor=\"110F09\">"; }
			elseif($layout == grayshades) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
			elseif($layout == blackdraft) {
			echo ($i % 2) ? "<tr bgcolor=\"#444444\">" : "<tr bgcolor=\"#4C4B4B\">"; }
		echo '<td>'.$house_dir_file['name'].'</td><td>'.$house_dir_file['size'].' sqm</td><td>'.$house_dir_file['rent'].' gold</td><td>'.$town.'</td><td>'.$status.'</td></tr>';
			$status = "";
			++$i;
		
	}
	echo "</table>";
	break;
	case "rules":

echo '<title>'.$worldname.' - Rules</title>';

echo '<h1>Rules:</h1>';

foreach(file("rules.txt") as $line)
{
echo "$line";
echo '<br />';
}
?>

<?PHP
break;
	case "rule_enforcers":
echo '<title>'.$worldname.' - Rule Enforcers</title>';
	
echo '<h1>'.$worldname.' Rule Enforcers:</h1>'; 

if($show_group2 == YES){
$group2_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 2");
if(mysql_num_rows($group2_query) != 0){
echo '<h2>'.$group_id2.'s on '.$worldname.':</h2><ul>';
while($group2_sql = mysql_fetch_array($group2_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group2_sql['name'].'">'.$group2_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group3 == YES){
$group3_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 3");
if(mysql_num_rows($group3_query) != 0){
echo '<h2>'.$group_id3.'s on '.$worldname.':</h2><ul>';
while($group3_sql = mysql_fetch_array($group3_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group3_sql['name'].'">'.$group3_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group4 == YES){
$group4_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 4");
if(mysql_num_rows($group4_query) != 0){
echo '<h2>'.$group_id4.'s on '.$worldname.':</h2><ul>';
while($group4_sql = mysql_fetch_array($group4_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group4_sql['name'].'">'.$group4_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group5 == YES){
$group5_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 5");
if(mysql_num_rows($group5_query) != 0){
echo '<h2>'.$group_id5.'s on '.$worldname.':</h2><ul>';
while($group5_sql = mysql_fetch_array($group5_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group5_sql['name'].'">'.$group5_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group6 == YES){
$group6_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 6");
if(mysql_num_rows($group6_query) != 0){
echo '<h2>'.$group_id6.'s on '.$worldname.':</h2><ul>';
while($group6_sql = mysql_fetch_array($group6_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group6_sql['name'].'">'.$group6_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group7 == YES){
$group7_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 7");
if(mysql_num_rows($group7_query) != 0){
echo '<h2>'.$group_id7.'s on '.$worldname.':</h2><ul>';
while($group7_sql = mysql_fetch_array($group7_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group7_sql['name'].'">'.$group7_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group8 == YES){
$group8_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 8");
if(mysql_num_rows($group8_query) != 0){
echo '<h2>'.$group_id8.'s on '.$worldname.':</h2><ul>';
while($group8_sql = mysql_fetch_array($group8_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group8_sql['name'].'">'.$group8_sql['name'].'</a></li>';
}
echo '</ul>';
}
}

if($show_group9 == YES){
$group9_query = mysql_query("SELECT * FROM `players` WHERE `group_id` = 9");
if(mysql_num_rows($group9_query) != 0){
echo '<h2>'.$group_id9.'s on '.$worldname.':</h2><ul>';
while($group9_sql = mysql_fetch_array($group9_query))
{ 
echo '<li><a href="info.php?act=players&char='.$group9_sql['name'].'">'.$group9_sql['name'].'</a></li>';
}
echo '</ul>';
}
}


?>

  <p><font color="red">There are no other rule enforcers than these. <br />
  	If anyone claims to be one please report it to any of the above.</font></p>
<?PHP

break;
case "tutorial":
echo '<title>'.$worldname.' - Login Tutorial</title>';

echo '<h1>Login Tutorial:</h1>'; 
	
foreach(file("login_tutorial.txt") as $line)
{
echo "<li>".$line."</li>";
}
?>
<?PHP
break;
case "commands":
echo '<title>'.$worldname.' - Player Commands</title>';

echo '<h1>Player Commands:</h1>'; 
	
foreach(file("player_commands.txt") as $line)
{
echo "<li>".$line."</li>";
}
?>

<?PHP
break;
case "spells":
echo '<title>'.$worldname.' - Spells List</title>';

echo '<h1>Spell Types</h1>'; 
?>
<ul>
	<li><a href="info.php?act=instant_spells">Instant Spells</a></li>
	<li><a href="info.php?act=conjure_spells">Conjure/Rune Spells</a></li>
</ul>

<?PHP
break;
case "instant_spells":
echo '<title>'.$worldname.' - Spells List - Instant Spells</title>';
?>
<h2>Spell Types</h2>
<ul>
	<li><a href="info.php?act=instant_spells">Instant Spells</a></li>
	<li><a href="info.php?act=conjure_spells">Conjure/Rune Spells</a></li>
</ul>
<?PHP

echo '<h1>Instant Spells</h1>'; 

if($layout == blackdraft) {
echo '<table width="394" bordercolor="444444" border="1">';}
else {
echo '<table width="500" bordercolor="444444" border="1">'; }
?>
  <tr> 
    <th><b>Spell name:</b></th> 
    <th><b>Words:</b></th> 
    <th><b>Mana:</b></th> 
    <th><b>Level:</b></th>  
    <th><b>Premium:</b></th>
  </tr> 
<?
$xml = simplexml_load_file($servpath.'\data\spells\spells.xml');
foreach($xml->instant as $spell) {
echo "<tr>";
echo "<td><center>".$spell['name']."</center></td>";
echo "<td><center>".$spell['words']."</center></td>";
if(isset($spell['mana'])) { echo "<td><center>".$spell['mana']."</center></td>"; } else { echo "<td><center>N/A</center></td>"; }
if(isset($spell['lvl'])) { echo "<td><center>".$spell['lvl']."</center></td>"; } else { echo "<td><center>N/A</center></td>"; }
if($spell['prem']==true) { echo "<td><center>Yes</center></td>"; } else { echo "<td><center>No</center></td>"; }
echo "</tr>";
}
?>
</table>

<?PHP
break;
case "conjure_spells":
echo '<title>'.$worldname.' - Spells List - Conjure/Rune Spells</title>';
?>
<h2>Spell Types</h2>
<ul>
	<li><a href="info.php?act=instant_spells">Instant Spells</a></li>
	<li><a href="info.php?act=conjure_spells">Conjure/Rune Spells</a></li>
</ul>
<?PHP

echo '<h1>Conjure/Rune Spells</h1>'; 

if($layout == blackdraft) {
echo '<table width="394" bordercolor="444444" border="1">';}
else {
echo '<table width="500" bordercolor="444444" border="1">';}
?>
  <tr> 
    <th><b>Spell name:</b></th> 
    <th><b>Words:</b></th> 
    <th><b>Mana:</b></th> 
    <th><b>Level:</b></th>  
    <th><b>Premium:</b></th>
  </tr> 
<?PHP
$xml = simplexml_load_file($servpath.'\data\spells\spells.xml');
foreach($xml->conjure as $spell) {
echo "<tr>";
echo "<td><center>".$spell['name']."</center></td>";
echo "<td><center>".$spell['words']."</center></td>";
if(isset($spell['mana'])) { echo "<td><center>".$spell['mana']."</center></td>"; } else { echo "<td><center>N/A</center></td>"; }
if(isset($spell['lvl'])) { echo "<td><center>".$spell['lvl']."</center></td>"; } else { echo "<td><center>N/A</center></td>"; }
if($spell['prem']==true) { echo "<td><center>Yes</center></td>"; } else { echo "<td><center>No</center></td>"; }
echo "</tr>";
}
?>
</table>

<?PHP
break;
case "monsters":
echo '<title>'.$worldname.' - Monsters List</title>';

echo '<h1>Monster:</h1>';

$folder = opendir($monster_dir);
echo '<table><tr>';

while($filename = readdir($folder))
{
if($layout == blackdraft) {
	$i == 0;
    	if($i == 4) {
	echo '</tr><tr>';
	$i = 0;
	}
	}
else {
    	$i == 0;
    	if($i == 6) {
    	echo '</tr><tr>';
    	$i = 0;
 	}
  	}

    if($filename == "." || $filename == "..") continue;
    $temp = explode(".", $filename);

    if($temp[1] == "xml")
    {
        $name = $temp[0];
        
        if (!in_array($name, $dont_show))
        {
        	$i++;
        		print('<td><center><img src="' .$monster_imgs. '' .$name. '.gif"><br />');
            print('<a href="info.php?act=creature&cnm=' .$name. '">' .$name. '</a></center></td>');
            
        }
    }
}
echo '</tr></table>';
break;

case "creature":

echo '<h1>'.$_GET['cnm'].'</h1>'; 

$monster_name = $_GET['cnm'];
$name = "";
$exp = 0;
$hp = 0;
$looktype = 0;
$manacost = 0;

$file = $monster_dir.$monster_name.".xml";
$f = @fopen($file, "r");
if($f) {
$contents = fread($f, filesize($file));
fclose($f);
$tags = explode("<", $contents);
foreach($tags as $tag) {
if(substr($tag, 0, 7) == "monster") {
$temp = stristr($tag, " name=\"");
$temp2 = explode("\"", $temp);
$name = $temp2[1];
}
if(substr($tag, 0, 7) == "monster") {
$temp = stristr($tag, " experience=\"");
$temp2 = explode("\"", $temp);
$exp = $temp2[1];
}
if(substr($tag, 0, 7) == "monster") {
$temp = stristr($tag, " manacost=\"");
$temp2 = explode("\"", $temp);
$manacost = $temp2[1];
}
  if($manacost == 0)
		$manacost = 'Not summonable';
		
if(substr($tag, 0, 6) == "health") {
$temp = stristr($tag, " max=\"");
$temp2 = explode("\"", $temp);
$hp = $temp2[1];
}
if(substr($tag, 0, 4) == "look") {
$temp = stristr($tag, " type=\"");
$temp2 = explode("\"", $temp);
$looktype = $temp2[1];
}
if(substr($tag, 0, 7) == "defense") {
$temp = stristr($tag, " immunity=\"");
$temp2 = explode("\"", $temp);
$immunities[] = $temp2[1];
}
if(substr($tag, 0, 6) == "summon") {
$temp = stristr($tag, " name=\"");
$temp2 = explode("\"", $temp);
$summons[] = $temp2[1];
}
 

}

$temp = stristr($contents, "<attacks>");
$attacks = explode("</attacks>", $temp);
$attack = explode("<attack", $attacks[0]);
$melee = false;
$distance = false;
$fire_spell = false;
$energy_spell = false;
$poison_spell = false;
$explosion_rune = false;
$sudden_death_rune = false;
$bersek_spell = false;
$self_healing = false;
$summons[] = "";
$immunities[] = "";
foreach($attack as $temp) {
if(stristr($temp, "type=\"melee\"")) {$melee = true; continue;}
if(stristr($temp, "type=\"distance\"")) {$distance = true; continue;}
if((stristr($temp, "type=\"instant\"") || stristr($temp, "type=\"rune\"")) && (   stristr($temp, "name=\"great fireball\"") || stristr($temp, "name=\"exevo gran mas vis\"")  )) {$fire_spell = true; continue;}
if((stristr($temp, "type=\"instant\"") || stristr($temp, "type=\"rune\"")) && (   stristr($temp, "name=\"exevo gran vis lux\"")  )) {$energy_spell = true; continue;}
if((stristr($temp, "type=\"instant\"") || stristr($temp, "type=\"rune\"")) && (   stristr($temp, "name=\"exura")  )) {$self_healing = true; continue;}
if($tmp = stristr($temp, "name=\"")) {
   $temp2 = explode("\"", $tmp);
   $special_attacks = $special_attacks . $temp2[1] . ", ";
   continue;
}
if($tmp = stristr($temp, "type=\"")) {
   $temp2 = explode("\"", $tmp);
   $special_attacks = $special_attacks . $temp2[1] . ", ";
   continue;
}

}

print("<img src=\"$monster_imgs$monster_name.gif\">\n<br />\n<b>Experience:</b> $exp\n<br />\n<b>Health:</b> $hp\n<br />\n<b>Manacost:</b> $manacost\n<br />\n<b>Immunities:</b><br />");
foreach($immunities as $temp) {
if(!$temp) continue;
print("$temp, ");
}
print("<br /><b>Summons:</b><br />");
foreach($summons as $temp) {
if(!$temp) continue;
print("$temp, ");
}
  
$temp = stristr($contents, "<loot>");
$lootnode = explode("</loot>", $temp);
$loot = explode("<item", $lootnode[0]);
$ids[] = "";

foreach($loot as $item) {
if($idpos = stristr($item, "id=\"")) {
  $temp = explode("\"", $idpos);
  $id = $temp[1];
  $ids[] = $id;
}
}

$f2 = @fopen($fileitems, "r");
if($f2) {
$itemnames[] = "";
$items_contents = fread($f2, filesize($fileitems));
fclose($f2);
$items = explode("<item ", $items_contents);
foreach($ids as $item) {
$found = false;
foreach($items as $item_node) {
if(stristr($item_node, "id=\"$item\"")) {
$temp = stristr($item_node, "name=\"");
$temp2 = explode("\"", $temp);
$itemnames[] = $temp2[1];
$found = true;
break;
}
}
if(!$found) {
$itemnames[] = $item;
}
}
/*print("<br /><b>Loot:</b><ul>");*/
foreach($itemnames as $item) {
if(!$item) continue;
print("<li>$item<br />");
}
print("</ul>");
}
}
break;
}
include ('Includes/footer_includes.php');
?>

Hope some one use it, i try to find more bugs later.<_<

Avarian it would be great if you could recomand ppl to use this script temporarly unt'll u release your next release of afs-cms
or atleast vertify that this script is secure to use temporarly

EDIT 1:
ohh and btw, if there is a script, etc info.php, and the size of the document is 50kb, does that mean im uploading 50kb of text? or something to the one who enters my page? x)

EDIT 2:
How can I change this:

To this:


??? The ots-list online list gives more information, and it works way much better. On my server its like 1% chance that you can actually see how many players its online, but it works perfectly from this ots-list online check.

 

[ragal]

make in config.lua

statusTimeout = 250

Than the script will be work fine
or u can make the picture in your site

<img src="http://Ots-List.org/demon/4609">

Aboove IP:Znote.servegame.net

 

[Znote]

make in config.lua

statusTimeout = 250

Than the script will be work fine

Nop ain't working...

or u can make the picture in your site

<img src="http://Ots-List.org/demon/4609">

Aboove IP:Znote.servegame.net

In what file? xampp/htdocs/???.php?

Tried htdocs/config/aac_cms_cfg.php and the homepage crashed...

 

[Ronaldino]

Avarian it would be great if you could recomand ppl to use this script temporarly unt'll u release your next release of afs-cms
or atleast vertify that this script is secure to use temporarly

EDIT 1:
ohh and btw, if there is a script, etc info.php, and the size of the document is 50kb, does that mean im uploading 50kb of text? or something to the one who enters my page? x)

EDIT 2:
How can I change this:
ss

To this:
ss

??? The ots-list online list gives more information, and it works way much better. On my server its like 1% chance that you can actually see how many players its online, but it works perfectly from this ots-list online check.

Well enter to folder with Php-Files, and there you have 2 files, header and footer. Open xx_header.php and find there something about "online", in any line paste that

echo '<img src="http://Ots-List.org/demon/4609">';

.

 

[ragal]

Layouts/grayshades/PHP Files/gs_footer.inc.php

 

[Znote]

Well enter to folder with Php-Files, and there you have 2 files, header and footer. Open xx_header.php and find there something about "online", in any line paste that

echo '<img src="http://Ots-List.org/demon/4609">';

.

Thanks!
'

Layouts/grayshades/PHP Files/gs_footer.inc.php

Thanks!

Works great now ^^

 

[Ronaldino]

Hey Avarian, I find a bug in guilds rangs... If I want promote/degrade player it doesnt work correctly... check it.

 

[Oceanic]

Avarian is the security issue fixed?..
i tested with oceanic and he was able to post news and shit..

I dont think he updated the version with my script. But when he do it is secured.

 

[Avarian]

Updated to v0.2.5, security fixes included so please update. Report any errors you find.

 

[Aziltu]

Is the acount creator fixed for IE7?

 

[Znote]

any easy way to update from 0.2.4 to 0.2.5?

I tryed to do this update this in the tutorials, but it just popped up "you already updated your database to v0.2.4!"

 

[Ronaldino]

Well, first bug - on death list

<a href="info.php?act=players&char=Pallus Palex">Pallus Palex</a>

instead of player name, news;

<object width="425" height="350"> <param name="movie" value="http://www.youtube.com/v/xxx"> </param> <embed src="http://www.youtube.com/v/xxx" type="application/x-shockwave-flash" width="425" height="350"> </embed> </object>

doesnt support html code.

More bugs later, need to get some sleep .

#edit

Next bug plx?

Powergamers;

Top 25 Powergamers
#
Character
Old / New Experience
Difference

1
htmlspecialchars(Xiaqq)
htmlspecialchars(4036816) -> htmlspecialchars(4289896)
+htmlspecialchars(253080)

2
htmlspecialchars(Gokhtaar)
htmlspecialchars(12246496) -> htmlspecialchars(12486730)
+htmlspecialchars(240234)

3
htmlspecialchars(Dashio)
htmlspecialchars(109406) -> htmlspecialchars(342396)
+htmlspecialchars(232990)

4
htmlspecialchars(Conflictus)
htmlspecialchars(470348) -> htmlspecialchars(627911)
+htmlspecialchars(157563)

5
htmlspecialchars(Zornin)
htmlspecialchars(606641) -> htmlspecialchars(754802)
+htmlspecialchars(148161)

6
htmlspecialchars(Reksio)
htmlspecialchars(44121950) -> htmlspecialchars(44186815)
+htmlspecialchars(64865)

7
htmlspecialchars(Personality)
htmlspecialchars(8450) -> htmlspecialchars(30216)
+htmlspecialchars(21766)

8
htmlspecialchars(Scorpion)
htmlspecialchars(23250) -> htmlspecialchars(41320)
+htmlspecialchars(18070)

9
htmlspecialchars(Pallus Palex)
htmlspecialchars(11403) -> htmlspecialchars(26086)
+htmlspecialchars(14683)

10
htmlspecialchars(Teddy)
htmlspecialchars(168102) -> htmlspecialchars(177302)
+htmlspecialchars(9200)

11
htmlspecialchars(Matios)
htmlspecialchars(46183) -> htmlspecialchars(55123)
+htmlspecialchars(8940)

12
htmlspecialchars(Darkoss)
htmlspecialchars(1321747) -> htmlspecialchars(1329237)
+htmlspecialchars(7490)

13
htmlspecialchars(Falyr)
htmlspecialchars(4483172) -> htmlspecialchars(4489772)
+htmlspecialchars(6600)

14
htmlspecialchars(Sworder)
htmlspecialchars(276220) -> htmlspecialchars(279810)
+htmlspecialchars(3590)

15
htmlspecialchars(Damii)
htmlspecialchars(3289941) -> htmlspecialchars(3291621)
+htmlspecialchars(1680)

16
htmlspecialchars(Zuzui)
htmlspecialchars(322647) -> htmlspecialchars(295198)
+htmlspecialchars(-27449)

17
htmlspecialchars(Tariq)
htmlspecialchars(2533312) -> htmlspecialchars(2343090)
+htmlspecialchars(-190222)

18
htmlspecialchars(Arcemon)
htmlspecialchars(11403067) -> htmlspecialchars(10994620)

 

[Oceanic]

Look like some one have to work on smoe stuff tonight

 

[Avarian]

Is the acount creator fixed for IE7?

I've tested in IE and it worked fine, not sure if it was 6 or 7, let me know of any errors you find.

any easy way to update from 0.2.4 to 0.2.5?

I tryed to do this update this in the tutorials, but it just popped up "you already updated your database to v0.2.4!"

Download AFS-CMS v0.2.5, then visit the SQL-Updater. The SQL-Updater is updated in each new release, not automatically over the web.

Well, first bug - on death list instead of player name, news; doesnt support html code.

More bugs later, need to get some sleep .

#edit

Next bug plx?

Powergamers;

Thanks i'll take care of powergamers error, don't know what the other two things are that your reporting though.

Look like some one have to work on smoe stuff tonight

I figured there would be a few errors, I was pretty tired when I made the final push to update everything so I didn't get a chance to test.

 

[Aziltu]

I've tested in IE and it worked fine, not sure if it was 6 or 7, let me know of any errors you find.

I use IE7

Only when i use Mozilla Firefox It says:
Congratulations

Successfully created character Test.
Please click here to go back home."

When i try Internet Explorer 7 it doesn't say the page will be blank. But the Character is made. This is the page that i mean thats stay blank: http://127.0.0.1/account.php?page=chargo

 

[Avarian]

Updated to v0.2.6, bug fixes so please update.

I use IE7

Only when i use Mozilla Firefox It says:
Congratulations

Successfully created character Test.
Please click here to go back home."

When i try Internet Explorer 7 it doesn't say the page will be blank. But the Character is made. This is the page that i mean thats stay blank: http://127.0.0.1/account.php?page=chargo

I'll test it and try and get a fix.