IsleHorse/HISP
1
0
Fork 0
mirror of https://github.com/islehorse/HISP.git synced 2025-06-03 20:37:07 +12:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rewrite alot of how game & master site are handled (note in current state its impossible to make an account.)

Browse source
This commit is contained in:
SilicaAndPina 2021-05-19 00:43:27 +12:00
parent 1ad0783f8f
commit c12399dc0e
23 changed files with 548 additions and 888 deletions
Download patch file Download diff file Expand all files Collapse all files

194
WebInterface/game-site/admin/administrate.php
View file

@ -1,194 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<?php
if($_SESSION["logged_in"] == false)
{
header("Location: /admin"); # Fuck off.
exit();
}
if(isset($_POST["TYPE"]))
{
if($_POST["TYPE"] == "CHANGEPERMS")
{
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT id FROM Users WHERE username=?");
$stmt->bind_param("s", $_POST["USERNAME"]);
$stmt->execute();
$result = $stmt->get_result();
$user_id = intval($result->fetch_row()[0]);
if(isset($_POST["ADMIN"]))
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
if(isset($_POST["MOD"]))
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
echo("<BR><B>Permissions updated successfully.</B></BR>");
echo("<A HREF=administrate.php>Go back</A>");
exit();
}
}
?>
<BR><B>HISP - Admin Portal</B><BR>
<BR>Player Operations</BR>
<BR> <FORM METHOD=POST ACTION=/admin/administrate.php>
Username:
<INPUT TYPE=HIDDEN NAME=TYPE VALUE=CHANGEPERMS>
<INPUT TYPE=TEXT SIZE=30 NAME=USERNAME></INPUT><BR>
<INPUT TYPE=CHECKBOX NAME=ADMIN VALUE="ADMIN"> Administrator</INPUT>
<INPUT TYPE=CHECKBOX NAME=MOD VALUE="MOD"> Moderator</INPUT>
<!-- <INPUT TYPE=CHECKBOX NAME=DELETE VALUE="DELETE"> Delete Account</INPUT><BR> !-->
<INPUT TYPE=SUBMIT VALUE="Apply"</INPUT>
</FORM>
</BR>
<BR>
<A HREF=/ADMIN>Logout from admin portal</A><BR>
</BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

140
WebInterface/game-site/admin/index.php
View file

@ -1,140 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
$_SESSION["logged_in"] = false;
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<BR> This page requires a password, please enter it below:</BR>
<BR> <FORM METHOD=POST ACTION=/admin/login.php>
<INPUT TYPE=PASSWORD SIZE=30 NAME=PASS></INPUT>
<INPUT TYPE=SUBMIT VALUE=LOGIN>
</FORM>
</BR>
<BR><B>No idea? check config.php of game-site/</B></BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

153
WebInterface/game-site/admin/login.php
View file

@ -1,153 +0,0 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
?>
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<?php
if(isset($_POST["PASS"]))
{
sleep(3); // Stop bruteforce
if($_POST["PASS"] == $admin_portal_password)
{
$_SESSION["logged_in"] = true;
header("Location: administrate.php");
}
else
{
echo("<BR> The password you entered was NOT correct. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
}
else
{
echo("<BR> You didnt enter a password. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
?>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

11
WebInterface/game-site/config.php
View file

@ -7,8 +7,11 @@ $dbuser = 'root';
$dbpass = 'test123';
$dbhost = '127.0.0.1';
# CHANGE THESE CREDENTIALS,
# ANYONE CAN BECOME AN ADMIN ON YOUR SERVER
# IF THEY HAVE THIS PASSWORD!!!
$admin_portal_password = "test123";
# Used for master-site to communicate with game-sites,
# Should be set to the same value on all game sites and the master site.
# NOTE: if someone knows this secret they can create accounts with ADMIN privledges!
$hmac_secret = "!!NOTSET!!";
# Password for /web/admin
$admin_portal_password = "!!NOTSET!!";
?>

131
WebInterface/game-site/index.php
View file

@ -1,109 +1,4 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE CELLPADDING=0 CELLSPACING=2 BORDER=0><FORM METHOD=POST ACTION=/account.php>
<TR><TD><B>USER:</B></TD><TD><INPUT TYPE=TEXT SIZE=14 NAME=USER></TD></TR>
<TR><TD><B>PASS:</B></TD><TD><INPUT TYPE=PASSWORD SIZE=14 NAME=PASS></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE=LOGIN> (<A HREF=//master.horseisle.com/web/forgotpass.php>Forgot?</A>)</TD></TR></FORM></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<?php include("web/header.php"); ?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
@ -113,26 +8,4 @@ If you have an account on this server (PINTO.HORSEISLE.COM) please login in at u
<BR><BR>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<?php include("web/footer.php"); ?>

40
WebInterface/game-site/setupaccount.php Normal file
View file

@ -0,0 +1,40 @@
<?php
include('config.php');
if($hmac_secret === "!!NOTSET!!") # Defaults bad.
{
header("HTTP/1.1 403 Forbidden");
echo("Please set HMAC_SECRET in CONFIG.PHP! for security reasons joining the server is refused.<br>Change it from the default and then try again!");
exit();
}
if(isset($_POST["ID"], $_POST["USERNAME"], $_POST["USERNAME"], $_POST["PASSHASH"], $_POST["PASSSALT"], $_POST["SEX"], $_POST["MODERATOR"], $_POST["ADMIN"], $_POST["CODE"]))
{
$id = $_POST["ID"];
$username = $_POST["USERNAME"];
$passhash = $_POST["PASSHASH"];
$passsalt = $_POST["PASSSALT"];
$sex = $_POST["SEX"];
$moderator = $_POST["MODERATOR"];
$admin = $_POST["ADMIN"];
$code = $_POST["CODE"];
#Verify Input
$hmac = hash_hmac('sha256', (string)$id.$username.$passhash.$passsalt.$sex.$moderator.$admin, $hmac_secret."HOIL4321"));
if (hash_equals($code, $hmac))
{
# Create Account.
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("issssss", $id, $username, $passhash, $passsalt, $sex, $admin, $moderator);
$stmt->execute();
echo("OK");
}
else
{
header("HTTP/1.1 403 Forbidden");
echo("Invalid HMAC! Please ensure that all game-site's have the same HMAC as the master-site!
}
}
?>

100
WebInterface/game-site/web/admin/administrate.php Normal file
View file

@ -0,0 +1,100 @@
<?php
include("../config.php");
include("common.php");
session_start(['cookie_lifetime' => 86400]);
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<?php
if($_SESSION["logged_in"] == false)
{
header("Location: /admin"); # Fuck off.
exit();
}
if(isset($_POST["TYPE"]))
{
if($_POST["TYPE"] == "CHANGEPERMS")
{
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT id FROM Users WHERE username=?");
$stmt->bind_param("s", $_POST["USERNAME"]);
$stmt->execute();
$result = $stmt->get_result();
$user_id = intval($result->fetch_row()[0]);
if(isset($_POST["RESETPASS1"], $_POST["RESETPASS2"]))
{
$pass1 = $_POST["RESETPASS1"];
$pass2 = $_POST["RESETPASS2"];
if($pass1 == $pass2)
{
if($pass1 !== "" || $pass1 !== null)
{
$password_hash = hash_salt($pass1,$salt);
$stmt = $connect->prepare("UPDATE Users SET Password=? WHERE Id=?");
$stmt->bind_param("s",$password_hash, "i", $user_id);
$stmt->execute();
}
}
}
if(isset($_POST["ADMIN"]))
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Admin=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
if(isset($_POST["MOD"]))
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"YES\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
else
{
$stmt = $connect->prepare("UPDATE Users SET Moderator=\"NO\" WHERE Id=?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
}
echo("<BR><B>Permissions updated successfully.</B></BR>");
echo("<A HREF=administrate.php>Go back</A>");
include("../footer.php");
exit();
}
}
?>
<BR><B>HISP - Admin Portal</B><BR>
<BR>Player Operations</BR>
<BR> <FORM METHOD=POST ACTION=/admin/administrate.php>
Username:
<INPUT TYPE=HIDDEN NAME=TYPE VALUE=CHANGEPERMS>
<INPUT TYPE=TEXT SIZE=30 NAME=USERNAME></INPUT><BR>
<INPUT TYPE=CHECKBOX NAME=ADMIN VALUE="ADMIN"> Administrator</INPUT>
<INPUT TYPE=CHECKBOX NAME=MOD VALUE="MOD"> Moderator</INPUT>
<BR>
<P>Reset Password</P>
<INPUT TYPE=TEXT NAME=RESETPASS1 VALUE="" PASSWORD></INPUT>
<P>Reset Password(confirm)</P>
<INPUT TYPE=TEXT NAME=RESETPASS2 VALUE="" PASSWORD></INPUT>
<!-- <INPUT TYPE=CHECKBOX NAME=DELETE VALUE="DELETE"> Delete Account</INPUT><BR> !-->
<INPUT TYPE=SUBMIT VALUE="Apply"</INPUT>
</FORM>
</BR>
<BR>
<A HREF=/ADMIN>Logout from admin portal</A><BR>
</BR>
<?php include("../footer.php"); ?>

15
WebInterface/game-site/web/admin/common.php Normal file
View file

@ -0,0 +1,15 @@
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
?>

24
WebInterface/game-site/web/admin/index.php Normal file
View file

@ -0,0 +1,24 @@
<?php
include("../../config.php");
session_start(['cookie_lifetime' => 86400]);
$_SESSION["logged_in"] = false;
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<BR> This page requires a password, please enter it below:</BR>
<BR> <FORM METHOD=POST ACTION=/admin/login.php>
<INPUT TYPE=PASSWORD SIZE=30 NAME=PASS></INPUT>
<INPUT TYPE=SUBMIT VALUE=LOGIN>
</FORM>
</BR>
<BR><B>No idea? check config.php of game-site/</B></BR>
<?php
include("../footer.php");
?>

40
WebInterface/game-site/web/admin/login.php Normal file
View file

@ -0,0 +1,40 @@
<?php
include("../config.php");
session_start(['cookie_lifetime' => 86400]);
include("../header.php");
?>
<CENTER>
<FONT FACE=Verdana,arial SIZE=-1>
<BR><B>HISP - Super Admin Login</B><BR>
<?php
if(isset($_POST["PASS"]))
{
sleep(3); // Stop bruteforce
if($_POST["PASS"] == $admin_portal_password)
{
if($admin_portal_password == "!!NOTSET!!")
{
echo("Refusing to login as password is default password.");
exit;
}
$_SESSION["logged_in"] = true;
header("Location: administrate.php");
}
else
{
echo("<BR> The password you entered was NOT correct. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
}
else
{
echo("<BR> You didnt enter a password. </BR>");
echo("<A HREF=\"/admin\">Try Again...</A>");
}
?>
<?php include("../footer.php"); ?>

15
WebInterface/game-site/web/common.php Normal file
View file

@ -0,0 +1,15 @@
<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
?>

23
WebInterface/game-site/web/footer.php Normal file
View file

@ -0,0 +1,23 @@
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>

103
WebInterface/game-site/web/header.php Normal file
View file

@ -0,0 +1,103 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>PINTO.HORSEISLE.COM</A><BR>Logged in as: SilicaAndPina<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF=//hi1.horseisle.com/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF=//hi1.horseisle.com/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>

128
WebInterface/game-site/web/paypalpayment.php
View file

@ -1,106 +1,4 @@
<HEAD>
<TITLE>HORSE ISLE - Online Multiplayer Horse Game</TITLE>
<META NAME="keywords" CONTENT="Horse Game Online MMORPG Multiplayer Horses RPG Girls Girly Isle World Island Virtual Horseisle Sim Virtual">
<META NAME="description" CONTENT="A multiplayer online horse world where players can capture, train, care for and compete their horses against other players. A very unique virtual sim horse game.">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link rel="meta" href="//horseisle.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
<meta http-equiv="pics-Label" content='(pics-1.1 "//www.icra.org/pics/vocabularyv03/" l gen true for "//horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "//hi1.horseisle.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
<style type="text/css">
hr {
height: 1;
color: #000000;
background-color: #000000;
border: 0;
}
a {
font: bold 14px arial;
color: #6E3278;
}
TH {
background-color: #EDE5B4;
padding: 1px 6px;
border: 2px dotted #6E3278;
font: small-caps 900 14px arial;
color: #000000;
}
TR.a0 {
background-color: #EDE5B4;
}
TR.a1 {
background-color: #D4CCA1;
}
TD {
font: 14px arial;
color: #000000;
}
TD.forum {
font: 12px arial;
color: #000000;
}
TD.forumlist {
padding: 1px 6px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: center;
font: bold 14px arial;
color: #000000;
}
TD.forumpost {
padding: 5px 10px;
border: 2px dotted #6E3278;
background-color: #EDE5B4;
text-align: left;
}
TD.newslist {
padding: 4px 4px;
border: 2px dotted #6E3278;
background-color: #FFDDEE;
text-align: left;
font: 14px arial;
color: #000000;
}
FORUMSUBJECT {
font: bold 14px arial;
color: #004400;
}
FORUMUSER {
font: 12px arial;
color: #000044;
}
FORUMDATE {
font: 12px arial;
color: #444444;
}
FORUMTEXT {
font: 14px arial;
color: #440000;
}
</style>
</HEAD>
<BODY BGCOLOR=E0D8AA>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR WIDTH=100%>
<TD WIDTH=512 ROWSPAN=3><A HREF=/><IMG SRC=/web/hoilgui1.gif ALT="Welcome to Horse Isle" BORDER=0></A></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui2.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui3.gif></TD>
</TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui4.gif align=right>
<B>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=10><TR><TD><B><A HREF=/account.php>PINTO.HORSEISLE.COM</A><BR>Logged in as: SilicaAndPina<BR><A HREF=/?LOGOUT=1><img src=/web/but-logout.gif border=0></A><BR><A HREF=//hi1.horseisle.com/><img src=/web/but-mainpage.gif border=0></A></TD><TD><BR><A HREF=//hi1.horseisle.com/account.php><img src=/web/but-serverlist.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/news.php><img src=/web/but-news.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/forums.php><img src=/web/but-forums.gif border=0></A><BR><A HREF=//hi1.horseisle.com/web/helpcenter.php><img src=/web/but-helpcenter.gif border=0></A></TD></TR></TABLE>
</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui5.gif></TD></TR>
<TR>
<TD WIDTH=100% BACKGROUND=/web/hoilgui6.gif>&nbsp;</TD>
<TD WIDTH=29><IMG SRC=/web/hoilgui7.gif></TD></TR>
</TABLE>
<CENTER>
<?php include("header.php"); ?>
<BR>
<CENTER><TABLE CELLPADDING=5><TR><TD></CENTER>
<FONT FACE=arial>
@ -116,26 +14,4 @@ Click back to your <A HREF="/account.php">ACCOUNT</A> page to see any credited s
<B>PARENTS:</B> please email support@horseisle.com from the paypal email or signup email to
block chat, or limit time online for this account if you want to.<BR>
</TD></TR></TABLE>
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD><IMG SRC=/web/hoilgui10.gif></TD>
<TD WIDTH=100% BACKGROUND=/web/hoilgui11.gif></TD>
<TD><IMG SRC=/web/hoilgui12.gif></TD>
</TR></TABLE>
<CENTER><B>
[ <A HREF=http://hi1.horseisle.com/web/rules.php>Rules</A> ]
[ <A HREF=http://hi1.horseisle.com/web/termsandconditions.php>Terms and Conditions</A> ]
[ <A HREF=http://hi1.horseisle.com/web/privacypolicy.php>Privacy Policy</A> ]</B><BR>
[ <A HREF=http://hi1.horseisle.com/web/expectedbehavior.php>Expected Behavior</A> ]
[ <A HREF=http://hi1.horseisle.com/web/contactus.php>Contact Us</A> ]
[ <A HREF=http://hi1.horseisle.com/web/credits.php>Credits</A> ]<BR>
<FONT FACE=Verdana,Arial SIZE=-2>Copyright &copy; 2020 Horse Isle</FONT>
<!-- Google Analytics -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1805076-1";
urchinTracker();
</script>
<?php include("footer.php"); ?>