Ive goten this from someone... or i may have made it... dont know... for got... all i know is that it well take a long time to load all the data...
USE AT YOUR OWN RISK! DO NOT IM/PM/EMAIL ME ASKING FOR HELP.
Config.php
sql_check.php
Online.php
USE AT YOUR OWN RISK! DO NOT IM/PM/EMAIL ME ASKING FOR HELP.
Config.php
PHP:
<?php
// MSSQL
$dbhost = ''
$dbuser = ''
$dbpasswd = ''
?>
PHP:
<?php
// Anti-SQL Injection
function check_inject()
{
$badchars = array(";","'","*","/"," \ ","DROP", "SELECT", "UPDATE", "DELETE", "drop", "select", "update", "delete", "WHERE", "where", "-1", "-2", "-3","-4", "-5", "-6", "-7", "-8", "-9",);
foreach($_POST as $value)
{
$value = clean_variable($value);
if(in_array($value, $badchars))
{
die("SQL Injection Detected - Make sure only to use letters and numbers!\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
}
else
{
$check = preg_split("//", $value, -1, PREG_SPLIT_OFFSET_CAPTURE);
foreach($check as $char)
{
if(in_array($char, $badchars))
{
die("SQL Injection Detected - Make sure only to use letters and numbers!\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
}
}
}
}
}
function clean_variable($var)
{
$newvar = preg_replace('/[^a-zA-Z0-9\_\-]/', '', $var);
return $newvar;
}
?>
PHP:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sv" lang="sv">
<head>
<title>KalOnline Private Server - Register</title>
<style type="text/css" media="screen">@import "css.css";</style>
</head>
<body>
<div id="adminbody">
<h1></h1>
<h2>Server Stats</h2><b>Users Online:</b><br />(<small><font color='green'>Knight</font> <font color='red'>Archer</font> <font color='blue'>Mage</font>)</small><br /><br />
<?php
error_reporting('E_ALL');
//require 'config.php';
include_once('sql_check.php');
check_inject();
////$msconnect=mssql_connect("$dbhost","$dbuser","$dbpasswd");
$msconnect=mssql_connect("localhost");
$msconnect=mssql_connect("localhost");
$msdb=mssql_select_db("kal_auth",$msconnect);
$uid = mssql_result(mssql_query("SELECT Max(UID) from Login"),0,0);
mssql_close() or die('failed closing mssql');
$uid++;
$count = 0;
for($i = 3; $i < $uid; $i++) {
if($i !== 27){
//$msconnect=mssql_connect("$dbhost","$dbuser","$dbpasswd");
$msconnect=mssql_connect("localhost");
$msdb=mssql_select_db("kal_auth",$msconnect);
$on = mssql_result(mssql_query("SELECT [Type] FROM Log where [Player1] = '".$i."' order by [Date] desc"),0,0);
mssql_close() or die('failed closing mssql');
if(!$on) {
//$msconnect=mssql_connect("$dbhost","$dbuser","$dbpasswd");
$msconnect=mssql_connect("localhost");
$msdb=mssql_select_db("kal_db",$msconnect);
$pid = mssql_result(mssql_query("SELECT [Name] FROM Player where [UID] = '".$i."' order by [Class]"),0,0);
$class = mssql_result(mssql_query("SELECT [Class] FROM Player where [UID] = '".$i."'"),0,0);
if($class == '0') { $color = 'green'; } elseif($class == '1') { $color = 'blue'; } else { $color = 'red'; }
echo '<font color ='.$color.'>'.$pid.'</font><br>';
mssql_close() or die('failed closing mssql');
$count++;
}
}
}
echo '<br />'.$count.' Total<br /><br /><b>Last Login:</b><br />';
$today = time();
echo $today.'<br>';
for($i = 3; $i < $uid; $i++) {
if($i !== 27){
//$msconnect=mssql_connect("$dbhost","$dbuser","$dbpasswd");
$msconnect=mssql_connect("localhost");
$msdb=mssql_select_db("kal_auth",$msconnect);
$on = mssql_result(mssql_query("SELECT [Date] FROM Log where [Player1] = '".$i."' order by [Date] desc"),0,0);
$lastlog = strtotime($on);
$timediff = $today - $lastlog;
$days = ceil($timediff / (60*60*24));
mssql_close() or die('failed closing mssql');
//$msconnect=mssql_connect("$dbhost","$dbuser","$dbpasswd");
$msconnect=mssql_connect("localhost");
$msdb=mssql_select_db("kal_db",$msconnect);
$pid = mssql_result(mssql_query("SELECT [Name] FROM Player where [UID] = '".$i."'"),0,0);
$class = mssql_result(mssql_query("SELECT [Class] FROM Player where [UID] = '".$i."'"),0,0);
// $pid2 = mssql_result(mssql_query("SELECT [pid] FROM player where [uid] = '".$i."'"),0,0);
// $geons = mssql_result(mssql_query("SELECT [num] FROM item where [index] = '31' and [PID] = '".$pid2."'"),0,0);
//$geons = number_format($geons);
if($class == '0') { $x = 'K'; } elseif($class == '1') { $x = 'M'; } else { $x = 'A'; }
if($days == 1) { echo '<div class="name">'.$x.$i.' '.$pid.'</div>'.$on.'<br>'; }
elseif ($days == 2) { echo '<div class="name2">'.$x.$i.' '.$pid.'</div>'.$on.'<br>'; }
elseif ($days == 3) { echo '<div class="name3">'.$x.$i.' '.$pid.'</div>'.$on.'<br>'; }
elseif ($days >= 4) { echo '<div class="name4">'.$x.$i.' '.$pid.'</div>'.$on.'<br>'; }
mssql_close() or die('failed closing mssql');
}
}
?>
</div>