From 363e18ae8c3db33a08f19a81c7dfcae6fc4e7f0d Mon Sep 17 00:00:00 2001
From: SilicaAndPina <earsyum@gmail.com>
Date: Sun, 27 Jun 2021 18:41:29 +1200
Subject: [PATCH] Add ItemPurchaseQueue

---
 .../HorseIsleServer/Game/Items/Item.cs        |   5 +
 .../HorseIsleServer/Player/User.cs            |   2 +-
 .../HorseIsleServer/Server/Database.cs        |  58 ++++-
 .../HorseIsleServer/Server/GameServer.cs      |  13 +-
 WebInterface/game-site/account.php            |  34 ++-
 WebInterface/game-site/web/crosserver.php     |  62 +++++
 WebInterface/game-site/web/paypalgateway.php  |   1 +
 WebInterface/game-site/web/ppemu.php          | 221 ++++++++++++++++++
 WebInterface/master-site/crosserver.php       |  62 +++++
 9 files changed, 445 insertions(+), 13 deletions(-)
 create mode 100644 WebInterface/game-site/web/paypalgateway.php
 create mode 100644 WebInterface/game-site/web/ppemu.php

diff --git a/Horse Isle Server/HorseIsleServer/Game/Items/Item.cs b/Horse Isle Server/HorseIsleServer/Game/Items/Item.cs
index b6b576c..a2a6a48 100755
--- a/Horse Isle Server/HorseIsleServer/Game/Items/Item.cs	
+++ b/Horse Isle Server/HorseIsleServer/Game/Items/Item.cs	
@@ -90,6 +90,11 @@ namespace HISP.Game.Items
             }
         }
 
+        public struct ItemPurchaseQueueItem
+        {
+            public int ItemId;
+            public int ItemCount;
+        }
         public static void UseItem(User user, ItemInstance item)
         {
             if (user.Inventory.HasItem(item.RandomId))
diff --git a/Horse Isle Server/HorseIsleServer/Player/User.cs b/Horse Isle Server/HorseIsleServer/Player/User.cs
index dc7c97e..06b1a02 100755
--- a/Horse Isle Server/HorseIsleServer/Player/User.cs	
+++ b/Horse Isle Server/HorseIsleServer/Player/User.cs	
@@ -230,7 +230,7 @@ namespace HISP.Player
                 if (value)
                     Database.RemoveOnlineUser(this.Id);
                 else
-                    Database.AddOnlineUser(this.Id, this.Administrator, this.Moderator, this.Subscribed);
+                    Database.AddOnlineUser(this.Id, this.Administrator, this.Moderator, this.Subscribed, this.NewPlayer);
 
                 stealth = value;
             }
diff --git a/Horse Isle Server/HorseIsleServer/Server/Database.cs b/Horse Isle Server/HorseIsleServer/Server/Database.cs
index 3de2797..12c81c2 100755
--- a/Horse Isle Server/HorseIsleServer/Server/Database.cs	
+++ b/Horse Isle Server/HorseIsleServer/Server/Database.cs	
@@ -33,7 +33,7 @@ namespace HISP.Server
                 string ShopInventory = "CREATE TABLE IF NOT EXISTS ShopInventory(ShopID INT, RandomID INT, ItemID INT)";
                 string DroppedItems = "CREATE TABLE IF NOT EXISTS DroppedItems(X INT, Y INT, RandomID INT, ItemID INT, DespawnTimer INT, Data INT)";
                 string TrackedQuest = "CREATE TABLE IF NOT EXISTS TrackedQuest(playerId INT, questId INT, timesCompleted INT)";
-                string OnlineUsers = "CREATE TABLE IF NOT EXISTS OnlineUsers(playerId INT, Admin TEXT(3), Moderator TEXT(3), Subscribed TEXT(3))";
+                string OnlineUsers = "CREATE TABLE IF NOT EXISTS OnlineUsers(playerId INT, Admin TEXT(3), Moderator TEXT(3), Subscribed TEXT(3), New TEXT(3))";
                 string CompetitionGear = "CREATE TABLE IF NOT EXISTS CompetitionGear(playerId INT, headItem INT, bodyItem INT, legItem INT, feetItem INT)";
                 string Awards = "CREATE TABLE IF NOT EXISTS Awards(playerId INT, awardId INT)";
                 string Jewelry = "CREATE TABLE IF NOT EXISTS Jewelry(playerId INT, slot1 INT, slot2 INT, slot3 INT, slot4 INT)";
@@ -57,8 +57,21 @@ namespace HISP.Server
                 string AuctionTable = "CREATE TABLE IF NOT EXISTS Auctions(roomId INT, randomId INT, horseRandomId INT, ownerId INT, timeRemaining INT, highestBid INT, highestBidder INT, Done TEXT(3))";
                 string SolvedRealTimeRiddle = "CREATE TABLE IF NOT EXISTS SolvedRealTimeRiddles(playerId INT, riddleId INT)";
                 string MutedPlayers = "CREATE TABLE IF NOT EXISTS MutedPlayers(playerId INT, mutePlayerId INT)";
+                string ItemQueue = "CREATE TABLE IF NOT EXISTS ItemPurchaseQueue(playerId INT, itemId INT, count INT)";
                 string DeleteOnlineUsers = "DELETE FROM OnlineUsers";
 
+                try
+                {
+                    MySqlCommand sqlCommand = db.CreateCommand();
+                    sqlCommand.CommandText = ItemQueue;
+                    sqlCommand.ExecuteNonQuery();
+                    sqlCommand.Dispose();
+                }
+                catch (Exception e)
+                {
+                    Logger.WarnPrint(e.Message);
+                };
+
                 try
                 {
                     MySqlCommand sqlCommand = db.CreateCommand();
@@ -611,6 +624,44 @@ namespace HISP.Server
             }
         }
 
+        public static void ClearItemPurchaseQueue(int playerId)
+        {
+            using (MySqlConnection db = new MySqlConnection(ConnectionString))
+            {
+                db.Open();
+                MySqlCommand sqlCommand = db.CreateCommand();
+                sqlCommand.CommandText = "DELETE FROM ItemPurchaseQueue WHERE playerId=@playerId";
+                sqlCommand.Parameters.AddWithValue("@playerId", playerId);
+                sqlCommand.Prepare();
+                sqlCommand.ExecuteNonQuery();
+                sqlCommand.Dispose();
+            }
+        }
+
+        public static Item.ItemPurchaseQueueItem[] GetItemPurchaseQueue(int playerId)
+        {
+            List<Item.ItemPurchaseQueueItem> queueItems = new List<Item.ItemPurchaseQueueItem>();
+
+            using (MySqlConnection db = new MySqlConnection(ConnectionString))
+            {
+                db.Open();
+                MySqlCommand sqlCommand = db.CreateCommand();
+                sqlCommand.CommandText = "SELECT * FROM ItemPurchaseQueue WHERE playerId=@playerId";
+                sqlCommand.Parameters.AddWithValue("@playerId", playerId);
+                sqlCommand.Prepare();
+                MySqlDataReader reader = sqlCommand.ExecuteReader();
+                while (reader.Read())
+                {
+                    Item.ItemPurchaseQueueItem itm = new Item.ItemPurchaseQueueItem();
+                    itm.ItemId = reader.GetInt32(0);
+                    itm.ItemCount = reader.GetInt32(1);
+                    queueItems.Add(itm);
+                }
+                sqlCommand.Dispose();
+            }
+            return queueItems.ToArray();
+        }
+
         public static void CreateDressupRoomPeice(int roomId, int peiceId, bool active, int x, int y)
         {
             using (MySqlConnection db = new MySqlConnection(ConnectionString))
@@ -3966,18 +4017,19 @@ namespace HISP.Server
                 sqlCommand.Dispose();
             }
         }
-        public static void AddOnlineUser(int playerId, bool Admin, bool Moderator, bool Subscribed)
+        public static void AddOnlineUser(int playerId, bool Admin, bool Moderator, bool Subscribed, bool New)
         {
             using (MySqlConnection db = new MySqlConnection(ConnectionString))
             {
                 db.Open();
                 MySqlCommand sqlCommand = db.CreateCommand();
 
-                sqlCommand.CommandText = "INSERT INTO OnlineUsers VALUES(@playerId, @admin, @moderator, @subscribed)";
+                sqlCommand.CommandText = "INSERT INTO OnlineUsers VALUES(@playerId, @admin, @moderator, @new)";
                 sqlCommand.Parameters.AddWithValue("@playerId", playerId);
                 sqlCommand.Parameters.AddWithValue("@admin", Admin ? "YES" : "NO");
                 sqlCommand.Parameters.AddWithValue("@moderator", Moderator ? "YES" : "NO");
                 sqlCommand.Parameters.AddWithValue("@subscribed", Subscribed ? "YES" : "NO");
+                sqlCommand.Parameters.AddWithValue("@new", New ? "YES" : "NO");
                 sqlCommand.Prepare();
                 sqlCommand.ExecuteNonQuery();
                 sqlCommand.Dispose();
diff --git a/Horse Isle Server/HorseIsleServer/Server/GameServer.cs b/Horse Isle Server/HorseIsleServer/Server/GameServer.cs
index 998fda2..10e2cb3 100755
--- a/Horse Isle Server/HorseIsleServer/Server/GameServer.cs	
+++ b/Horse Isle Server/HorseIsleServer/Server/GameServer.cs	
@@ -3542,7 +3542,7 @@ namespace HISP.Server
                 Logger.ErrorPrint(sender.RemoteIp + " Requested user information when not logged in.");
                 return;
             }
-            Database.AddOnlineUser(sender.LoggedinUser.Id, sender.LoggedinUser.Administrator, sender.LoggedinUser.Moderator, sender.LoggedinUser.Subscribed);
+            Database.AddOnlineUser(sender.LoggedinUser.Id, sender.LoggedinUser.Administrator, sender.LoggedinUser.Moderator, sender.LoggedinUser.Subscribed, sender.LoggedinUser.NewPlayer);
             
             Logger.DebugPrint(sender.LoggedinUser.Username + " Requested user information.");
 
@@ -3605,6 +3605,17 @@ namespace HISP.Server
                 if (RiddleEvent.Active)
                     RiddleEvent.ShowStartMessage(sender);
             
+            // Give Queued Itmes
+            Item.ItemPurchaseQueueItem[] queueItems = Database.GetItemPurchaseQueue(sender.LoggedinUser.Id);
+            foreach (Item.ItemPurchaseQueueItem queueItem in queueItems)
+            {
+                for(int i = 0; i < queueItems.Length; i++)
+                {
+                    sender.LoggedinUser.Inventory.AddIgnoringFull(new ItemInstance(queueItem.ItemId));
+                }
+            }
+            Database.ClearItemPurchaseQueue(sender.LoggedinUser.Id);
+
             // Send Queued Messages
             string[] queuedMessages = Database.GetMessageQueue(sender.LoggedinUser.Id);
             foreach(string queuedMessage in queuedMessages)
diff --git a/WebInterface/game-site/account.php b/WebInterface/game-site/account.php
index fe66d03..52d8b3e 100755
--- a/WebInterface/game-site/account.php
+++ b/WebInterface/game-site/account.php
@@ -181,10 +181,10 @@ h+=60;//h += 96;
 	$lastOn = 0.00;
 	$current_time = time();
 	$difference = $current_time - $loginDate;
-	$lastOn = $difference/60;
+	$lastOn = $difference/3600;
     
 	
-	echo('It has been: '.$lastOn.' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points  (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>');
+	echo('It has been: '.number_format((float)$lastOn, 2, '.', '').' hours since you were last online. You have logged in '.$totalLoginsStr.' times.<BR>You have <B><FONT COLOR=005500>$'.$moneyStr.'</FONT></B> in Horse Isle money on hand and <B><FONT COLOR=005500>$'.$bankmoneyStr.'</FONT></B> in the bank.<BR>You have earned <B>'.(string)$questPoints.'</B> of <B>63005</B> total quest points  (<B>'.(string)floor(($questPoints / 63005) * 100.0).'%</B> Complete)<BR>');
 	if(!$subbed)
 	{
 		echo('You have <B>'.(string)$playtime.'</B> minutes of playtime available. As a non-subscriber you get 1 additional minute every 8 minutes. <I>(subject to change based on load)</I> (<A HREF=/web/whylimited.php>why limited?</A>) <BR>');
@@ -196,11 +196,29 @@ h+=60;//h += 96;
 
 <CENTER><TABLE WIDTH=500><TR><TD class=forumlist>
 
-<FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><FONT COLOR=GREEN>ACTIVE</FONT></FONT><BR>(∞ days remain in your subscription)</FONT> (<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>)
+<FONT SIZE=+1><?php echo(strtoupper(htmlspecialchars($_SESSION['USERNAME']))); ?>'S <?php echo(strtoupper($server_id)); ?> SUBSCRIPTION STATUS:<BR></FONT><FONT SIZE=+2><?php 
+	if($subbed)
+	{ 
+		echo('<FONT COLOR=GREEN>ACTIVE</FONT>');
+		$current_time = time();
+		$difference = $subTime - $current_time;
+		$daysRemain = floor($difference/86400);
+		$daysStr = (string)$daysRemain;
+		
+		if($all_users_subbed)
+			$daysStr = "∞";
+		
+		echo('</FONT><BR>('.$daysStr.' days remain in your subscription)</FONT> ');
+	}
+	else 
+	{
+		echo("NOT SUBSCRIBED</FONT><BR>(You have not yet subscribed)</FONT> "); 
+	} 
+?>(<A HREF=web/reasonstosubscribe.php>Subscription Benefits</A>)
 </TD></TR><TR><TD class=forumlist>
 <TABLE WIDTH=100%>
 <TR><TD><B>BUY 1 Month Membership <FONT COLOR=GREEN>$5.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 31 days membership time to the account that you are currently logged in with.) Non-refundable.</FONT></I></TD><TD>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<form action="<?php echo($pp_uri); ?>" method="post">
 <input type="hidden" name="cmd" value="_xclick">
 <input type="hidden" name="business" value="paypal@horseisle.com">
 <input type="hidden" name="undefined_quantity" value="1">
@@ -226,7 +244,7 @@ h+=60;//h += 96;
 <TR><TD class=forumlist>
 <TABLE WIDTH=100%><TR>
 <TD><B>BUY Full Year Membership <FONT COLOR=GREEN>$40.00</FONT>usd</B> <I><FONT SIZE=-1>(adds 366 days membership time to the account you are logged in with. saves $20.00 off monthly subscription) Non-refundable.</FONT></I></TD><TD>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<form action="<?php echo($pp_uri); ?>" method="post">
 <input type="hidden" name="cmd" value="_xclick">
 <input type="hidden" name="business" value="paypal@horseisle.com">
 <input type="hidden" name="undefined_quantity" value="1">
@@ -281,7 +299,7 @@ h+=60;//h += 96;
 
 
 <TABLE WIDTH=100%><TR>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<form action="<?php echo($pp_uri); ?>" method="post">
 <TD><B>BUY $100,000 Horse Isle Currency per <FONT COLOR=GREEN>$1.00</FONT>usd</B><BR>
 Select: <SELECT NAME=quantity>
 <!-<OPTION VALUE=1>$10,000 Horse Isle for $1.00 USD->
@@ -319,7 +337,7 @@ Select: <SELECT NAME=quantity>
 <TABLE WIDTH=100%>
 <TR><TD>
 <B>BUY Pawneer Order <FONT COLOR=GREEN>$8.00</FONT>usd</B> <I><FONT SIZE=-1>(allows you to order a custom breed/color/gender horse on server from Pawneer. This is not required, you can trade other players to get the breed you desire also.) Non-refundable.</FONT></I></TD><TD>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<form action="<?php echo($pp_uri); ?>" method="post">
 <input type="hidden" name="cmd" value="_xclick">
 <input type="hidden" name="business" value="paypal@horseisle.com">
 <input type="hidden" name="undefined_quantity" value="1">
@@ -344,7 +362,7 @@ Select: <SELECT NAME=quantity>
 <TABLE WIDTH=100%>
 <TR><TD>
 <B>BUY 5 Pawneer Orders <FONT COLOR=GREEN>$30.00</FONT>usd</B> <I><FONT SIZE=-1>(save $10.00 - allows you to order 5 custom horses from Pawneer) Non-refundable.</FONT></I></TD><TD>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<form action="<?php echo($pp_uri); ?>" method="post">
 <input type="hidden" name="cmd" value="_xclick">
 <input type="hidden" name="business" value="paypal@horseisle.com">
 <input type="hidden" name="undefined_quantity" value="1">
diff --git a/WebInterface/game-site/web/crosserver.php b/WebInterface/game-site/web/crosserver.php
index 980fb5c..444a7e8 100644
--- a/WebInterface/game-site/web/crosserver.php
+++ b/WebInterface/game-site/web/crosserver.php
@@ -44,6 +44,42 @@ function getUserMoney($database, $id)
 	
 }
 
+function setUserMoney($database, $id, $money)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?");
+	$stmt->bind_param("ii", $money, $id);
+	$stmt->execute();
+}
+
+function setUserSubbed($database, $id, $subbed)
+{
+	$subedV = "";
+	if($subbed)
+		$subedV = "YES";
+	else
+		$subbedV = "NO";
+	
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?");
+	$stmt->bind_param("si", $subedV, $id);
+	$stmt->execute();
+}
+
+function setUserSubbedUntil($database, $id, $subbedUntil)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?");
+	$stmt->bind_param("ii", $subbedUntil, $id);
+	$stmt->execute();
+}
+
 function getUserBankMoney($database, $id)
 {
 	include('config.php');
@@ -129,6 +165,19 @@ function getUserSubTimeRemaining($database, $id)
 	
 }
 
+
+function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)");
+	$stmt->bind_param("iii", $playerId, $itemId, $itemCount);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	
+}
+
 function getUserSubbed($database, $id)
 {
 	include('config.php');
@@ -143,6 +192,19 @@ function getUserSubbed($database, $id)
 	
 }
 
+function isUserOnline($database, $id)
+{
+	include('config.php');
+	
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?");
+	$stmt->bind_param("i", $userid);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	$count = intval($result->fetch_row()[0]);
+	return $count>0;	
+}
 
 function  getNoModPlayersOnlineInServer($database)
 {
diff --git a/WebInterface/game-site/web/paypalgateway.php b/WebInterface/game-site/web/paypalgateway.php
new file mode 100644
index 0000000..b0646c4
--- /dev/null
+++ b/WebInterface/game-site/web/paypalgateway.php
@@ -0,0 +1 @@
+PAYPAL [Jun26 21:22:15pm]: ----------------------------------------<BR>PAYPAL [Jun26 21:22:15pm]: PayPal Gateway Running<BR>PAYPAL [Jun26 21:22:15pm]: Did not receive proper data from PayPal!!<BR>
\ No newline at end of file
diff --git a/WebInterface/game-site/web/ppemu.php b/WebInterface/game-site/web/ppemu.php
new file mode 100644
index 0000000..9b95e7b
--- /dev/null
+++ b/WebInterface/game-site/web/ppemu.php
@@ -0,0 +1,221 @@
+<?php
+
+session_start();
+include("config.php");
+include("crosserver.php");
+include("common.php");
+
+if(!is_logged_in()){
+	include("header.php");
+	echo("Login First.");
+	include("footer.php");
+	exit();
+}
+
+$money = getUserMoney($dbname, $_SESSION['PLAYER_ID']);
+$subbed = getUserSubbed($dbname, $_SESSION['PLAYER_ID']);
+$subbedUntil = getUserSubTimeRemaining($dbname, $_SESSION['PLAYER_ID']);
+
+if(!$subbed)
+	$subbedUntil = time();
+
+if(isset($_GET["go"], $_GET["qnt"], $_GET["itm"], $_GET["ret"]))
+{
+	if($_GET["go"] == 1)
+	{
+		
+			if(isUserOnline($dbname, $_SESSION['PLAYER_ID']))
+			{
+				include("header.php");
+				echo("Please log off the server first!");
+				include("footer.php");
+			}		
+
+			$itm = $_GET["itm"];
+			
+			if(strpos($itm, "One Month Horse Isle Membership") === 0){
+				$amount = 5; // NO CHEATING!
+				$cost = $amount*$EXHANGE_RATE;
+				if($money >= $cost)
+				{
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
+					setUserSubbed($dbname, $_SESSION['PLAYER_ID'], true);
+					setUserSubbedUntil($dbname, $_SESSION['PLAYER_ID'], $subbedUntil + 2678400);
+					
+					header("Location: ".$_GET["ret"]);
+				}
+				else
+				{
+					include("header.php");
+					echo("Not enough money.");
+					include("footer.php");
+					exit();
+				}
+
+			}
+			else if(strpos($itm, "Full Year Horse Isle Membership") === 0){
+				$amount = 40; // NO CHEATING!
+				$cost = $amount*$EXHANGE_RATE;
+				if($money >= $cost)
+				{
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
+					setUserSubbed($dbname, $_SESSION['PLAYER_ID'], true);
+					setUserSubbedUntil($dbname, $_SESSION['PLAYER_ID'], $subbedUntil + 31622400);
+					
+					header("Location: ".$_GET["ret"]);
+					
+				}
+				else
+				{
+					include("header.php");
+					echo("Not enough money.");
+					include("footer.php");
+					exit();
+				}
+
+			
+			}
+			else if(strpos($itm, "100k Horse Isle Money") === 0){ // Why thou?
+				$amount = 1; // NO CHEATING!
+				$quantity = intval($_GET["qnt"]);
+				$cost = ($amount*$EXHANGE_RATE)*$quantity;
+				if($money >= $cost)
+				{
+					$amountGained = (100000 * $quantity);
+					if($quantity == 5)
+						$amountGained = 550000;
+					if($quantity == 10)
+						$amountGained = 1100000;
+					if($quantity == 10)
+						$amountGained = 1100000;
+					if($quantity == 20)
+						$amountGained = 2300000;
+					if($quantity == 50)
+						$amountGained = 5750000;
+					if($quantity == 100)
+						$amountGained = 12000000;
+					if($quantity == 250)
+						$amountGained = 31250000;
+
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
+					$money-=$cost;
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money+=$amountGained);					
+					header("Location: ".$_GET["ret"]);
+					
+				}
+				else
+				{
+					include("header.php");
+					echo("Not enough money.");
+					include("footer.php");
+					exit();
+				}
+
+			
+			}
+			else if(strpos($itm, "Pawneer Order") === 0){
+				$amount = 8; // NO CHEATING!
+				$cost = $amount*$EXHANGE_RATE;
+				if($money >= $cost)
+				{
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
+					addItemToPuchaseQueue($dbname, $_SESSION['PLAYER_ID'], 559, 1);
+					
+					header("Location: ".$_GET["ret"]);
+					
+				}
+				else
+				{
+					include("header.php");
+					echo("Not enough money.");
+					include("footer.php");
+					exit();
+				}
+
+			
+			}
+			else if(strpos($itm, "Five Pawneer Order") === 0){
+				$amount = 30; // NO CHEATING!
+				$cost = $amount*$EXHANGE_RATE;
+				if($money >= $cost)
+				{
+					setUserMoney($dbname, $_SESSION['PLAYER_ID'], $money-$cost);
+					addItemToPuchaseQueue($dbname, $_SESSION['PLAYER_ID'], 559, 5);
+					
+					header("Location: ".$_GET["ret"]);
+					
+				}
+				else
+				{
+					include("header.php");
+					echo("Not enough money.");
+					include("footer.php");
+					exit();
+				}
+
+			
+			}
+
+		exit();
+	}
+}
+
+$quantity = 1;
+if(!isset($_POST['item_name'], $_POST['amount'],  $_POST['item_number'], $_POST['return']))
+{
+	
+	include("header.php");
+	echo("Some data was invalid");
+	include("footer.php");
+	exit();
+}
+if(isset($_POST['quantity']))
+	$quantity = intval($_POST['quantity']);
+
+
+$hasIntl = function_exists('numfmt_create');
+
+if($hasIntl)
+	$fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL );
+
+
+include("header.php");
+?>
+<h1>HISP - PayPal Emulator</h1>
+<b>Purchase Information:</b>
+<table>
+  <tr>
+    <th>Item</th>
+    <th>Quantity</th>
+    <th>Item number</th>
+    <th>Price (USD)</th>
+    <th>Price (HorseIsle)</th>
+  </tr>
+  <tr>
+    <td><?php echo(htmlspecialchars($_POST['item_name'])) ?></td>
+    <td><?php echo(htmlspecialchars((string)$quantity)); ?></td>
+    <td><?php echo(htmlspecialchars($_POST['item_number'])) ?></td>
+	<td><?php
+			if($hasIntl)					
+				$cost = numfmt_format($fmt, intval(htmlspecialchars($_POST['amount']*$quantity)));
+			else
+				$cost = $_POST['amount']*$quantity;
+
+
+			echo('$'.$cost);
+		?></td>
+	<td><?php 
+			if($hasIntl)					
+				$cost = numfmt_format($fmt, intval(htmlspecialchars((($_POST['amount']) * $EXHANGE_RATE)*$quantity)));
+			else
+				$cost = (($_POST['amount']) * $EXHANGE_RATE)*$quantity;
+
+
+			echo('$'.$cost);
+		?></td>
+  </tr>
+</table>
+<h3><b>NOTE: $1USD = $<?php echo($EXHANGE_RATE)?> HorseIsle Money! (you have $<?php echo($money) ?>)</b></h3><br>Do you want to purchase?</br><br><a href="?go=1&itm=<?php echo(urlencode(htmlspecialchars($_POST['item_name']))); ?>&qnt=<?php echo(urlencode(htmlspecialchars($quantity)));?>&ret=<?php echo(urlencode(htmlspecialchars($_POST['return']))); ?>">Yes</a> | <a href="/account.php">No</a> 
+<?php
+include("footer.php");
+?>
\ No newline at end of file
diff --git a/WebInterface/master-site/crosserver.php b/WebInterface/master-site/crosserver.php
index 980fb5c..444a7e8 100644
--- a/WebInterface/master-site/crosserver.php
+++ b/WebInterface/master-site/crosserver.php
@@ -44,6 +44,42 @@ function getUserMoney($database, $id)
 	
 }
 
+function setUserMoney($database, $id, $money)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET Money=? WHERE Id=?");
+	$stmt->bind_param("ii", $money, $id);
+	$stmt->execute();
+}
+
+function setUserSubbed($database, $id, $subbed)
+{
+	$subedV = "";
+	if($subbed)
+		$subedV = "YES";
+	else
+		$subbedV = "NO";
+	
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET Subscriber=? WHERE Id=?");
+	$stmt->bind_param("si", $subedV, $id);
+	$stmt->execute();
+}
+
+function setUserSubbedUntil($database, $id, $subbedUntil)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("UPDATE UserExt SET SubscribedUntil=? WHERE Id=?");
+	$stmt->bind_param("ii", $subbedUntil, $id);
+	$stmt->execute();
+}
+
 function getUserBankMoney($database, $id)
 {
 	include('config.php');
@@ -129,6 +165,19 @@ function getUserSubTimeRemaining($database, $id)
 	
 }
 
+
+function addItemToPuchaseQueue($database, $playerId, $itemId, $itemCount)
+{
+	include('config.php');
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("INSERT INTO ItemPurchaseQueue VALUES(?,?,?)");
+	$stmt->bind_param("iii", $playerId, $itemId, $itemCount);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	
+}
+
 function getUserSubbed($database, $id)
 {
 	include('config.php');
@@ -143,6 +192,19 @@ function getUserSubbed($database, $id)
 	
 }
 
+function isUserOnline($database, $id)
+{
+	include('config.php');
+	
+	$dbname = $database;
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("SELECT COUNT(1) FROM OnlineUsers WHERE playerId=?");
+	$stmt->bind_param("i", $userid);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	$count = intval($result->fetch_row()[0]);
+	return $count>0;	
+}
 
 function  getNoModPlayersOnlineInServer($database)
 {