IsleHorse/HISP
1
0
Fork 0
mirror of https://github.com/islehorse/HISP.git synced 2025-04-07 13:45:42 +12:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rewrite alot of how game & master site are handled (note in current state its impossible to make an account.)

Browse source
This commit is contained in:
SilicaAndPina 2021-05-19 00:43:27 +12:00
parent 1ad0783f8f
commit c12399dc0e
23 changed files with 548 additions and 888 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Horse Isle Server/HorseIsleServer/Server/Database.cs
View file

@ -22,7 +22,7 @@ namespace HISP.Server
using (MySqlConnection db = new MySqlConnection(ConnectionString))
{
db.Open();
string UserTable = "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))";
string UserTable = "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16), PassHash TEXT(128), Salt TEXT(128), Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))";
string ExtTable = "CREATE TABLE IF NOT EXISTS UserExt(Id INT, X INT, Y INT, LastLogin INT, Money INT, QuestPoints INT, BankBalance DOUBLE, BankInterest DOUBLE, ProfilePage Text(1028),IpAddress TEXT(1028),PrivateNotes Text(1028), CharId INT, ChatViolations INT,Subscriber TEXT(3), SubscribedUntil INT, Experience INT, Tiredness INT, Hunger INT, Thirst INT, FreeMinutes INT)";
string MailTable = "CREATE TABLE IF NOT EXISTS Mailbox(RandomId INT, IdTo INT, IdFrom INT, Subject TEXT(128), Message Text(1028), TimeSent INT, BeenRead TEXT(3))";
string BuddyTable = "CREATE TABLE IF NOT EXISTS BuddyList(Id INT, IdFriend INT)";

194
WebInterface/game-site/admin/administrate.php
View file

@ -1,194 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<?php
if($_SESSION["logged_in"] == false)
{
header("Location: /admin"); # Fuck off.
exit();
}
if(isset($_POST["TYPE"]))
{
if($_POST["TYPE"] == "CHANGEPERMS")
{
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT id FROM Users WHERE username=?");
$stmt->bind_param("s", $_POST["USERNAME"]);
$stmt->execute();
$result = $stmt->get_result();
$user_id = intval($result->fetch_row()[0]);
if(isset($_POST["ADMIN"]))
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
if(isset($_POST["MOD"]))
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
echo("<BR><B>Permissions updated successfully.</B></BR>");
echo("<A HREF=administrate.php>Go back</A>");
exit();
}
}
?>
<BR><B>HISP - Admin Portal</B><BR>
<BR>Player Operations</BR>
<BR> <FORM METHOD=POST ACTION=/admin/administrate.php>
Username:
<INPUT TYPE=HIDDEN NAME=TYPE VALUE=CHANGEPERMS>
<INPUT TYPE=TEXT SIZE=30 NAME=USERNAME></INPUT><BR>
<INPUT TYPE=CHECKBOX NAME=ADMIN VALUE="ADMIN"> Administrator</INPUT>
<INPUT TYPE=CHECKBOX NAME=MOD VALUE="MOD"> Moderator</INPUT>
<!-- <INPUT TYPE=CHECKBOX NAME=DELETE VALUE="DELETE"> Delete Account</INPUT><BR> !-->
<INPUT TYPE=SUBMIT VALUE="Apply"</INPUT>
</FORM>
</BR>
<BR>
<A HREF=/ADMIN>Logout from admin portal</A><BR>
</BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

140
WebInterface/game-site/admin/index.php
View file

@ -1,140 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
$_SESSION["logged_in"] = false;
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<BR> This page requires a password, please enter it below:</BR>
<BR> <FORM METHOD=POST ACTION=/admin/login.php>
<INPUT TYPE=PASSWORD SIZE=30 NAME=PASS></INPUT>
<INPUT TYPE=SUBMIT VALUE=LOGIN>
</FORM>
</BR>
<BR><B>No idea? check config.php of game-site/</B></BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

153
WebInterface/game-site/admin/login.php
View file

@ -1,153 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<?php
if(isset($_POST["PASS"]))
{
sleep(3); // Stop bruteforce
if($_POST["PASS"] == $admin_portal_password)
{
$_SESSION["logged_in"] = true;
header("Location: administrate.php");
}
else
{
echo("<BR> The password you entered was NOT correct. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
}
else
{
echo("<BR> You didnt enter a password. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
?>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

11
WebInterface/game-site/config.php
View file

@ -7,8 +7,11 @@ $dbuser = 'root';
$dbpass = 'test123';
$dbhost = '127.0.0.1';
# CHANGE THESE CREDENTIALS,
# ANYONE CAN BECOME AN ADMIN ON YOUR SERVER
# IF THEY HAVE THIS PASSWORD!!!
$admin_portal_password = "test123";
# Used for master-site to communicate with game-sites,
# Should be set to the same value on all game sites and the master site.
# NOTE: if someone knows this secret they can create accounts with ADMIN privledges!
$hmac_secret = "!!NOTSET!!";
# Password for /web/admin
$admin_portal_password = "!!NOTSET!!";
?>

131
WebInterface/game-site/index.php
View file

@ -1,109 +1,4 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<?php include("web/header.php"); ?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
@ -113,26 +8,4 @@ If you have an account on this server (PINTO.HORSEISLE.COM) please login in at u
<BR><BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<?php include("web/footer.php"); ?>

40
WebInterface/game-site/setupaccount.php Normal file
View file

@ -0,0 +1,40 @@
<?php
include('config.php');
if($hmac_secret === "!!NOTSET!!") # Defaults bad.
{
header("HTTP/1.1 403 Forbidden");
echo("Please set HMAC_SECRET in CONFIG.PHP! for security reasons joining the server is refused.<br>Change it from the default and then try again!");
exit();
}
if(isset($_POST["ID"], $_POST["USERNAME"], $_POST["USERNAME"], $_POST["PASSHASH"], $_POST["PASSSALT"], $_POST["SEX"], $_POST["MODERATOR"], $_POST["ADMIN"], $_POST["CODE"]))
{
$id = $_POST["ID"];
$username = $_POST["USERNAME"];
$passhash = $_POST["PASSHASH"];
$passsalt = $_POST["PASSSALT"];
$sex = $_POST["SEX"];
$moderator = $_POST["MODERATOR"];
$admin = $_POST["ADMIN"];
$code = $_POST["CODE"];
#Verify Input
$hmac = hash_hmac('sha256', (string)$id.$username.$passhash.$passsalt.$sex.$moderator.$admin, $hmac_secret."HOIL4321"));
if (hash_equals($code, $hmac))
{
# Create Account.
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("issssss", $id, $username, $passhash, $passsalt, $sex, $admin, $moderator);
$stmt->execute();
echo("OK");
}
else
{
header("HTTP/1.1 403 Forbidden");
echo("Invalid HMAC! Please ensure that all game-site's have the same HMAC as the master-site!
}
}
?>

100
WebInterface/game-site/web/admin/administrate.php Normal file
View file

@ -0,0 +1,100 @@
<?php
include("../config.php");
include("common.php");
session_start(['cookie_lifetime' => 86400]);
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<?php
if($_SESSION["logged_in"] == false)
{
header("Location: /admin"); # Fuck off.
exit();
}
if(isset($_POST["TYPE"]))
{
if($_POST["TYPE"] == "CHANGEPERMS")
{
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT id FROM Users WHERE username=?");
$stmt->bind_param("s", $_POST["USERNAME"]);
$stmt->execute();
$result = $stmt->get_result();
$user_id = intval($result->fetch_row()[0]);
if(isset($_POST["RESETPASS1"], $_POST["RESETPASS2"]))
{
$pass1 = $_POST["RESETPASS1"];
$pass2 = $_POST["RESETPASS2"];
if($pass1 == $pass2)
{
if($pass1 !== "" || $pass1 !== null)
{
$password_hash = hash_salt($pass1,$salt);
$stmt = $connect->prepare("UPDATE Users SET Password=? WHERE Id=?");
$stmt->bind_param("s",$password_hash, "i", $user_id);
$stmt->execute();
}
}
}
if(isset($_POST["ADMIN"]))
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
if(isset($_POST["MOD"]))
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
echo("<BR><B>Permissions updated successfully.</B></BR>");
echo("<A HREF=administrate.php>Go back</A>");
include("../footer.php");
exit();
}
}
?>
<BR><B>HISP - Admin Portal</B><BR>
<BR>Player Operations</BR>
<BR> <FORM METHOD=POST ACTION=/admin/administrate.php>
Username:
<INPUT TYPE=HIDDEN NAME=TYPE VALUE=CHANGEPERMS>
<INPUT TYPE=TEXT SIZE=30 NAME=USERNAME></INPUT><BR>
<INPUT TYPE=CHECKBOX NAME=ADMIN VALUE="ADMIN"> Administrator</INPUT>
<INPUT TYPE=CHECKBOX NAME=MOD VALUE="MOD"> Moderator</INPUT>
<BR>
<P>Reset Password</P>
<INPUT TYPE=TEXT NAME=RESETPASS1 VALUE="" PASSWORD></INPUT>
<P>Reset Password(confirm)</P>
<INPUT TYPE=TEXT NAME=RESETPASS2 VALUE="" PASSWORD></INPUT>
<!-- <INPUT TYPE=CHECKBOX NAME=DELETE VALUE="DELETE"> Delete Account</INPUT><BR> !-->
<INPUT TYPE=SUBMIT VALUE="Apply"</INPUT>
</FORM>
</BR>
<BR>
<A HREF=/ADMIN>Logout from admin portal</A><BR>
</BR>
<?php include("../footer.php"); ?>

15
WebInterface/game-site/web/admin/common.php Normal file
View file

@ -0,0 +1,15 @@
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
?>

24
WebInterface/game-site/web/admin/index.php Normal file
View file

@ -0,0 +1,24 @@
<?php
include("../../config.php");
session_start(['cookie_lifetime' => 86400]);
$_SESSION["logged_in"] = false;
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<BR> This page requires a password, please enter it below:</BR>
<BR> <FORM METHOD=POST ACTION=/admin/login.php>
<INPUT TYPE=PASSWORD SIZE=30 NAME=PASS></INPUT>
<INPUT TYPE=SUBMIT VALUE=LOGIN>
</FORM>
</BR>
<BR><B>No idea? check config.php of game-site/</B></BR>
<?php
include("../footer.php");
?>

40
WebInterface/game-site/web/admin/login.php Normal file
View file

@ -0,0 +1,40 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<?php
if(isset($_POST["PASS"]))
{
sleep(3); // Stop bruteforce
if($_POST["PASS"] == $admin_portal_password)
{
if($admin_portal_password == "!!NOTSET!!")
{
echo("Refusing to login as password is default password.");
exit;
}
$_SESSION["logged_in"] = true;
header("Location: administrate.php");
}
else
{
echo("<BR> The password you entered was NOT correct. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
}
else
{
echo("<BR> You didnt enter a password. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
?>
<?php include("../footer.php"); ?>

15
WebInterface/game-site/web/common.php Normal file
View file

@ -0,0 +1,15 @@
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
?>

23
WebInterface/game-site/web/footer.php Normal file
View file

@ -0,0 +1,23 @@
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

103
WebInterface/game-site/web/header.php Normal file
View file

@ -0,0 +1,103 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>PINTO.HORSEISLE.COM</A><BR>Logged in as: SilicaAndPina<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF=//hi1.horseisle.com/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF=//hi1.horseisle.com/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>

128
WebInterface/game-site/web/paypalpayment.php
View file

@ -1,106 +1,4 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>PINTO.HORSEISLE.COM</A><BR>Logged in as: SilicaAndPina<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF=//hi1.horseisle.com/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF=//hi1.horseisle.com/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<?php include("header.php"); ?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD></CENTER>
<FONT FACE=arial>
@ -116,26 +14,4 @@ Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited s
<B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to
block chat, or limit time online for this account if you want to.<BR>
</TD></TR></TABLE>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<?php include("footer.php"); ?>

201
WebInterface/master-site/account.php
View file

@ -1,134 +1,73 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="http://horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "http://horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "http://hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.adminforumpost {
padding: 5px 20px;
border: 2px dotted #6E3278;
background-color: #BFE9C9;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
<?php
include("servers.php");
include("common.php");
session_start();
if(isset($_POST["USER"], $_POST["PASS"]))
{
$username = $_POST["USER"];
$password = $_POST["PASS"];
if(!user_exists($username))
goto auth_failed;
$id = get_userid($username);
if(check_password($id, $password))
{
$_SESSION['LOGGED_IN'] = "YES";
$_SESSION['PLAYER_ID'] = $id;
$_SESSION['USERNAME'] = $username;
}
else
{
auth_failed:
include("web/header.php");
echo('<TABLE CELLPADDING=10 WIDTH=100%><TR><TD><HR><B>Username or Password is not valid. Please try again. <BR>Note: Upon too many attempts the account will be temporarily blocked from your IP.</B><BR><BR>If you have not logged on yet, make sure you have clicked the activation link in the email that was sent to you.<BR><BR>click <A HREF=/web/forgotpass.php>HERE</A> to Have your password emailed to you.<HR></TD></TR></TABLE>');
include('web/footer.php');
exit();
}
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
if(isset($_SESSION["LOGGED_IN"]))
{
if($_SESSION["LOGGED_IN"] !== "YES")
{
goto error;
}
else
{
goto pass;
}
error:
include("web/header.php");
echo("
<B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE>");
$_SESSION['LOGGED_IN'] = "NO";
include("web/footer.php");
exit();
pass:
}
else
{
goto error;
}
include("web/header.php");
?>
<?php #<TR><TD><IMG SRC=/web/servericons/pinto.gif></TD><TD><B><FONT COLOR=GREEN>You were on this server last time:</FONT><BR>SERVER: PINTO.HORSEISLE.COM</B><BR><BR></TD><TD><B>Not Subscribed</B><BR>Quest Points: 75pts<BR>Times Online: 3<BR>Last On: 0.84 days ago<BR></TD><TD><B>17<BR>players<BR>online<BR>now</B></TD><TD><B><A HREF=?CONNECT=pinto>[LOG IN]</A></B></TD></TR><TR><TD COLSPAN=5><HR>?>
<?php #<TABLE WIDTH=80% BGCOLOR=FFAABB BORDER=0 CELLPADDING=4 CELLSPACING=0><TR><TD class=newslist><B>[June 23, 2020 Latest Horse Isle News] Horse Isle 1 Compromise:</B><BR>Unfortunately, some troublemakers made a mess of HI1.<BR>We have reverted to a backup from 4am PST and taken some precautions. So, anything you "did" this morning was reverted.<br>We have also given all subs +12hrs to cover the down time.<br><br>Because passwords for accounts were likely compromised, we setup a system to verify and unlock for players' protection. When you try to login you will be prompted to reset your password. We can automatically unlock most players' accounts, but some will require manual support via email. Just follow the directions and please be patient with us.<br><br>Sorry about the trouble. HI1 was never designed to survive so long into this new mean digital world. ;)<br><br>P.S. The XSS alert was a simple javascript alert, just meaningless and harmless.<br><br>Thanks!<BR></TD></TR></TABLE> ?><BR><B>We have a <A HREF=//master.horseisle.com/beginnerguide/>Beginner Guide</A> online to help new players learn how to play.</B><BR><BR><B><FONT SIZE=+1>Horse Isle Server List</FONT></B><BR>Each server is completely independent and has identical game content. Money/horses/subscriptions are all tied to a particular server.
Normally you will only play on one server. <B>Playing on any server uses up playtime on all servers</B>, so you do not gain any free time. Reasons for playing on more than one include joining a friend, or in case your normal server is down.
Multiple servers are required since there is a max capacity of around 150 players online per server.<BR><B>Please note, a profile on any individual server will be permanently deleted after 183 days (6 months) of not logging into the game on that specific server or your subscription expiring, whichever is later.</b><TABLE CELLPADDING=5 CELLSPACING=0 BORDER=0 BGCOLOR=FFFFFF><TR><TD COLSPAN=5></TD></TR><TR><TD COLSPAN=2><B>GAME SERVERS</B> (all identical please only join 1 or 2)</TD><TD><B>PROFILE</B> (not current)</TD><TD><B>ONLINE</B></TD><TD><B>LOGIN</B></TD></TR></TD></TR><TR><TD COLSPAN=5><HR></TD></TR><?php
for($i = 0; $i < count($server_list); $i++)
{
$server = $server_list[$i];
$icon = $server['icon'];
$url = $server['site'];
$desc = $server['desc'];
echo('<TR><TD><IMG SRC=/web/servericons/'.$icon.'></TD><TD><B>SERVER: '.strtoupper($url).'</B><BR>'.$desc.'</BR></TD><TD>no existing profile</TD><TD><B>0<BR>players<BR>online<BR>now</B></TD><TD><B><A HREF=joinserver.php?SERVER='.$url.'>[JOIN]</A></B></TD></TR><TR><TD COLSPAN=5><HR></TD></TR>');
}
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<B>Username or Password is not valid or your account has timed out. Please Log in again.</B><BR><BR></TD></TR></TABLE><TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=//master.horseisle.com/beginnerguide/>New Player Guide</A> ]<BR>
[ <A HREF=/web/rules.php>Rules</A> ]
[ <A HREF=/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=/web/contactus.php>Contact Us</A> ]
[ <A HREF=/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
?>
</TABLE><BR>Account Settings: <A HREF=/web/accountchange.php>CHANGE MY PASSWORD</A><BR>Refer other players and earn Game Credit!: <A HREF=/web/referral.php>REFERRAL PROGRAM</A><BR>
<?php
include("web/footer.php");
?>

60
WebInterface/master-site/common.php
View file

@ -12,4 +12,64 @@ function hash_salt(string $input, string $salt)
return hash('sha512',$xor_hash,false);
}
function user_exists(string $username)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Username=?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function get_userid(string $username)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Id FROM Users WHERE Username=?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$id = intval($result->fetch_row()[0]);
return $id;
}
function check_password(int $userId, string $password)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?");
$stmt->bind_param("i", $userId);
$stmt->execute();
$result = $stmt->get_result();
$passhash = $result->fetch_row()[0];
$stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?");
$stmt->bind_param("i", $userId);
$stmt->execute();
$result = $stmt->get_result();
$passsalt = $result->fetch_row()[0];
$passsalt = hex2bin($passsalt);
$acturalhash = hash_salt($password, $passsalt);
if($acturalhash === $passhash)
return true;
else
return false;
}
function populate_db()
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS OnlineUsers(playerId INT, Admin TEXT(3), Moderator TEXT(3), Subscribed TEXT(3))");
}
?>

0
WebInterface/master-site/crosserver.php Normal file
View file

5
WebInterface/master-site/dbconfig.php
View file

@ -1,8 +1,9 @@
<?php
$dbname = 'beta';
$dbname = 'master';
$dbuser = 'root';
$dbpass = 'test123';
$dbhost = '127.0.0.1';
#should be same as all game-site's
$hmac_secret = '!!NOTSET!!';
?>

2
WebInterface/master-site/index.php
View file

@ -1,5 +1,7 @@
<?php
include('dbconfig.php');
include('common.php');
populate_db();
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers");

10
WebInterface/master-site/servers.php Normal file
View file

@ -0,0 +1,10 @@
<?php
$server_list = [
['icon' => 'beta.gif', 'database' => 'beta', 'site' => 'beta.islehorse.com', 'desc' => ' '],
['icon' => 'black.gif', 'database' => 'example', 'site' => 'example.islehorse.com', 'desc' => 'Example HISP Server!'],
];
// black: 1/3 interest rate, final new server as of July 2012 for those who want to start classic horseisle anew!
// white: Subscriber only server.<br>You must subscribe to this server to play.<BR>If subscription runs out, you will no longer be able to play on it.
?>

30
WebInterface/master-site/web/header.php
View file

@ -1,3 +1,7 @@
<?php
if(session_status() !== PHP_SESSION_ACTIVE)
session_start();
?>
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
@ -96,10 +100,32 @@ color: #440000;
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<?php
if(isset($_SESSION["LOGGED_IN"]))
{
if($_SESSION['LOGGED_IN'] === "YES")
{
$username = "invalid";
if(isset($_SESSION['USERNAME']))
$username = $_SESSION['USERNAME'];
echo('<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B>Logged in as: '.$username.'</B><BR><BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF=/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF=/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF=/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF=/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF=/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>');
}
else
{
goto not_loggedin;
}
}
else
{
not_loggedin:
echo('<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>');
}
?>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>

9
WebInterface/master-site/web/newuser.php
View file

@ -108,6 +108,7 @@ if(isset( $_POST['user'],$_POST['pass1'],$_POST['pass2'],$_POST['sex'],$_POST['e
array_push($problems, "Email does not appear valid, you will not be able sign in without getting the login mail.");
populate_db();
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$result = mysqli_query($connect, "SELECT MAX(Id) FROM Users");
@ -120,12 +121,8 @@ if(isset( $_POST['user'],$_POST['pass1'],$_POST['pass2'],$_POST['sex'],$_POST['e
$password_hash = hash_salt($password,$salt);
$hex_salt = bin2hex($salt);
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Username=?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
if($count !== 0)
if(user_exists($username))
array_push($problems, "Username taken. Please try a different account name.");