Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

PHP ADVEXT user panel

Celestine
 Share

Recommended Posts

Celestine Challenger

Celestine

Posted
Posted (edited)

Hello, this is the functional ADVEXT user panel for all chronicles, from interlude to h5 L2off of course, I made small changes to it so that it also works with Vanganth and the Eressea extender (MyExt64)

The information of the panel is here: http://www.depmax64.com/forum/index.php?threads/account-panel.1882/ It costs 165 Dollars

You can download it here: Download

To configure it is very simple, you just have to edit the conf.php file that is in the root folder.

Its functions are:

 

Changing password

Password recovery

Ip binding

Account logs

Inventory viewer

Changing character name, or color name/title

Function "I'm stucked", which gives ability to teleport to nearest town.

Edited by Celestine
Nightw0lf Mentor

Nightw0lf

Posted
Posted (edited)

yeah it has some <<small issues>>

if you for example try to pass any other malicious shit other than that 

public function secure($check_string)
	{
	    $ret_string = $check_string;
	    $ret_string = htmlspecialchars ($ret_string);
	    $ret_string = strip_tags ($ret_string);
	    $ret_string = trim ($ret_string);
	    $ret_string = str_replace ('\\l', '', $ret_string);
	    $ret_string = str_replace (' ', '', $ret_string);
	    $ret_string  = str_replace("'", "", $ret_string );
	    $ret_string  = str_replace("\"", "",$ret_string );
	    $ret_string  = str_replace("--", "",$ret_string );
	    $ret_string  = str_replace("^", "",$ret_string );
	    $ret_string  = str_replace("&", "",$ret_string );
	    $ret_string  = str_replace("(", "",$ret_string );
	    $ret_string  = str_replace(")", "",$ret_string );
	    $ret_string  = str_replace("=", "",$ret_string );
	    $ret_string  = str_replace("+", "",$ret_string );
	    $ret_string  = str_replace("%00", "",$ret_string );
	    $ret_string  = str_replace(";", "",$ret_string );
	    $ret_string  = str_replace(":", "",$ret_string );
	    $ret_string  = str_replace("|", "",$ret_string );
	    $ret_string  = str_replace("<", "",$ret_string );
	    $ret_string  = str_replace(">", "",$ret_string );
	    $ret_string  = str_replace("~", "",$ret_string );
	    $ret_string  = str_replace("`", "",$ret_string );
	    $ret_string  = str_replace("%20and%20", "",$ret_string );
	    $ret_string = stripslashes ($ret_string);
	    return $ret_string;
	}

in general:

1) I had to change all classes and functions  to the date

2) lost sessions

3) captcha deprecated functions cause errors (i think its not even working) replace with google recaptcha

4) vendor components like smarty not working on latest PHP 7.4+ (even if you update them)

5) there are code violations in almost everything (at some point i was wondering how it even works)

6) Important: cached functions (specially on interlude need critical fixes)

7) this can run on special host they provide (NO SSL) and PHP 5.6 MAX

😎 if you try to run the panel with SSL it will refuse

9) if you know how to make a new template DO it codes are missing

10) statistics not working and are big jokes on terms of code

11) statistics functions ASC/DESC not working

12) there is no trace of error catching system

13) if your server restart people can see your database password user name and ip and everything

14) there are some cheat functions that not checking for certain conditions for example if char is online

15) almost all code is dated back to 2010 when mysql_connect function removed

16) images missing the existing ones are extracted by name not by id (thats an easy part)

17) you will have random logouts cause user session is not working correctly at some parts of the website

18) clown custom functions like "main" and "mail" are hazard is like naming a function function

19) all this are the tip of the iceberg

20) PHPMailer was so old i was going high school i think...

 

so after a month i managed to rebuild it and keep only the template structure and fix/test the cached functions in the end thats what left worth....

this is the biggest joke on l2 the price is half it was 3 years ago it was 300+

the guy who coded this probably used internet tutorials and still to this date hates PHP

i was selling it with extra responsive template even on phones, payment functions Paypal G2APay and more but it was too much time consuming to sell it cause of the installation since nobody know how to do it even with guides eventually instead of selling it i gave up cause nobody wanted so expensive l2off shit

 

http://prntscr.com/139jbzo

http://prntscr.com/139jgwy

http://prntscr.com/139jiog

http://prntscr.com/139jktn

http://prntscr.com/139jlu8

 

PS the share is an account panel NOT a website

PS Congratulations if you end up make it working 🙂

PS The security is not only 1 badly written function is not even checking for XSS attacks, or utfmb4 (imagine some Chinese character (简 化 字) having sexy time with your database)

but as i said what i mention is the tip of the iceberg..

Edited by Nightw0lf
Celestine Challenger

Celestine

Posted
  • Author
Posted

Thanks for posting the issues of this User Panel @Nightw0lf i had an friend who managed to fix/solve the issues of this he sent me and i shared it for those who need test fix it by them selves.

Nightw0lf Mentor

Nightw0lf

Posted
Posted

oh shit i found my tester 

<?php
/*************************************************************************************
 *
 * Author Nightwolf
 * Designer Dehnise
 * Created for Denart Designs that holds the ownership of this files.
 *
 * Purchased at https://shop.denart-designs.com/ get updates latest news and support.
 *
 * Copyright (C) 2019 DenArt-Designs <info@denart-designs.com>, Inc - All Rights Reserved
 * Unauthorized copying of this file, via any medium is strictly prohibited
 * This file is part of DenArt Panel.
 * Parts of the code can not be copied and/or distributed under any circumstances.
 *
 * For further questions contact us.
 * Email <info@denart-designs.com>
 * Skype <denart_grafistiki>
 *
 * Thank you for supporting us and helping to improve DenArt Designs.
 *
 *************************************************************************************/

error_reporting(E_ALL);
ini_set("display_errors", true);
setlocale(LC_TIME, 'en_US.UTF-8');
ini_set("max_execution_time", 10);
?>
<!doctype html>
<html lang="en">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<title>Test Web Host</title>
		<meta name="author" content="DenArt">
	</head>
<body>
<center>
<h1>SQL Server Connection Test</h1><br>
Detail: if you don't see any "Success" message then you cant use our panel because your web host does not support this kind of connections.<br>
You can try to switch the PHP Version and check again<br>
Recommended PHP Version 7.3.0+ <br>
Using PHP Version:<b><?php echo phpversion(); ?></b><br>
<hr/>
</center>
Curl: <?php echo function_exists('curl_version') ? "<font color='green'>PASS</font>" : "<font color='red'>FAIL</font>" ; ?><br>
Array_merge: <?php echo function_exists('array_merge') ? "<font color='green'>PASS</font>" : "<font color='orange'>FAIL</font>" ; ?> (G2A Function)<br>
openssl_pkey_get_public: <?php echo function_exists('openssl_pkey_get_public') ? "<font color='green'>PASS</font>" : "<font color='orange'>FAIL</font>" ; ?> (Paysera Function)<br>
Simplexml_load_string: <?php echo function_exists('simplexml_load_string') ? "<font color='green'>PASS</font>" : "<font color='red'>FAIL</font>" ; ?><br>
<?php
// EDIT THIS
$host = "CPU\SQLEXPRESS"; // server IP Address
$user = "sa";
$pass = "sa";

// ONLY IF NEED EDIT THIS
$base = "lin2world";
$port = 1433;
$q = 'SELECT top 10 char_name FROM user_data';

// DO NOT EDIT ABOVE

$charset = 'utf8';
$options = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
];
// if you get error message excecution time exceed remove 2 and 4
$methods = array(1, 2, 3, 4, 5);
foreach ($methods as $method)
{
	$message = null;
	if ($method == 1)
	{
		echo "------------------------<br>";
		echo "Testing mssql_connect()...<br>";
		try
		{
			if (function_exists('mssql_connect'))
			{
				$con = mssql_connect($host, $user, $pass);
				if ($con)
				{
					echo "mssql_connect() successfully connected!<br>";
					$db_selected = mssql_select_db($base, $con);
					if (!$db_selected)
						echo ('Can\'t use db : ' . mssql_get_last_message());
					$result = mssql_query($q);
					if (!$result)
						echo ('Invalid query: ' . mssql_get_last_message());
					$Count = mssql_num_rows($result);
					print "Showing $Count rows:\n\n";
					while ($Row = mssql_fetch_assoc($result))
					{
						echo "<pre>" . $Row['char_name'] . "</pre><br>";
					}
					mssql_close($con);
				}
				else
				{
					echo "mssql_connect() failed to connect!<br>";
				}
			}
			else
			{
				echo "mssql_connect() function is not available.<br />";
			}
		}
		catch (Exception $e)
		{
			echo "mssql_connect() Failed to connect! ".$e->getMessage()."<br>";
		}
	}
	
	if ($method == 2)
	{
		echo "------------------------<br>";
		echo "Testing odbc_connect()...<br>";
		try
		{
			if (function_exists('odbc_connect'))
			{
				$con = odbc_connect("DRIVER={SQL Server};SERVER=".$host.";Port=1433;Database=".$base, $user, $pass);
				if($con)
				{
					echo "odbc_connect() successfully connected!<br>";
					$result = odbc_exec($q,$con);
				}
				else
					echo "odbc_connect() failed to connect!<br>";
			}
			else
			{
				echo "odbc_connect() function is not available.<br />";
			}
		}
		catch (Exception $e)
		{
			echo "odbc_connect() Failed to connect! ".$e->getMessage()."<br>";
		}
	}
	if ($method == 3)
	{
		echo "------------------------<br>";
		echo "Testing PDO(all available drivers)...<br>";
		$dsn = null;
		try
		{
			foreach (PDO::getAvailableDrivers() as $driver)
			{
				if ($driver == "odbc")
				{
					$driver = "odbc:Driver={SQL Server}";
				}
				$driver .= ":";
				$dsn = $driver."Server=$host,$port;Database=$base";
				if ($driver == "sqlsrv:")
				{
					$con = new PDO($dsn, $user, $pass, $options);
					if ($con)
					{
						echo "PDO $driver successfully connected!<br>";
						$stmt = $con->prepare($q);
						$stmt->execute();
						echo "Results of char_name:<br>";
						while ($row = $stmt->fetch())
						{
							echo "<pre>".$row['char_name']."</pre>";
						}
						unset($con); unset($stmt);
					}
				}
				else if ($driver == "odbc:")
				{
					$con = new PDO($dsn, $user, $pass, $options);
					if ($con)
					{
						echo "PDO $driver successfully connected!<br>";
						$stmt = $con->prepare($q);
						$stmt->execute();
						echo "Results of char_name:<br>";
						while ($row = $stmt->fetch())
						{
							echo $row['char_name']."<br>";
						}
						unset($con); unset($stmt);
					}
				}
				else if ($driver == "dblib:")
				{
					$con = new PDO($dsn, $user, $pass, $options);
					if ($con)
					{
						echo "PDO $driver successfully connected!<br>";
						$stmt = $con->prepare($q);
						$stmt->execute();
						echo "Results of char_name:<br>";
						while ($row = $stmt->fetch())
						{
							echo $row['char_name']."<br>";
						}
						unset($con); unset($stmt);
					}
				}
				else 
					echo $driver." Failed or will not be checked<br>";
			}
			
		}
		catch (\PDOException $e)
		{
			echo $e->getMessage(). ' '.(int)$e->getCode();
		}
	}
	if ($method == 4)
	{
		echo "------------------------<br>";
		echo "Testing mysqli_connect()...<br>";
		try
		{
			if (function_exists('mysqli_connect'))
			{
				$con = mysqli_connect("p:".$host.":1433", $user, $pass, $base);
				if ($con)
				{
					echo "mysqli_connect() successfully connected!" . PHP_EOL;
					echo "Host information: " . mysqli_get_host_info($con) . PHP_EOL;
				}
				else
				{
					echo "mysqli_connect() failed to connect!" . PHP_EOL;
					echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
					echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
				}

				mysqli_close($con);
			}
			else
			{
				echo "mysqli_connect() function is not available.<br />";
			}
		}
		catch (Exception $e)
		{
			echo "mysqli_connect() Failed to connect! ".$e->getMessage()."<br>";
		}
	}
	if ($method == 5)
	{
		echo "------------------------<br>";
		echo "Testing sqlsrv_connect()...<br>";
		try
		{
			if (function_exists('sqlsrv_connect'))
			{
				$con = sqlsrv_connect($host, array("Database" =>$base, "UID" => $user, "PWD" => $pass));
				if ($con)
				{
					echo "sqlsrv_connect() successfully connected!<br>";
					if(($result = sqlsrv_query($con, $q)) !== false)
					{
						echo "Results of char_name:<br>";
						while($obj = sqlsrv_fetch_object($result))
						{
							echo "<pre>".$obj->char_name."</pre>";
						}
					}
				}
				else
				{
					print_r(sqlsrv_errors(), true);
					echo "sqlsrv_connect() failed to connect!<br>";
				}
				//sqlsrv_close($con);
			}
			else
			{
				echo "sqlsrv_connect() function is not available.<br />";
			}
		}
		catch (Exception $e)
		{
			echo "qlsrv_connect() Failed to connect! ".$e->getMessage()."<br>";
		}
	}
}

echo phpinfo();

 

this will show you if the HOST you are on will make the panel finally work

since this tester is for my panel with payment functions ignore the PASS/FAIL messages

focus on the connection

 

PS : OVH is not a host for this panel

  • 4 months later...
Bearus Enthusiast

Bearus

Posted
Posted (edited)

Thanks for this amazing !!!

ive edited the config.php looks okay,

 

Can this panel work without connecting it to the server instead making a database on the webhosting?

Edited by Bearus
Victory Collaborator

Victory

Posted
Posted
On 10/21/2021 at 2:50 PM, MK Arigato said:

Can this panel work without connecting it to the server instead making a database on the webhosting?


Hello, @MK Arigato !

It's better to connect it with your database otherwise it will loose the main functions you were looking for. 
You want to make a data transfers and to stream the database records for the chosen user directly on the panel right.. ?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • LeoBiagiolli
      L2Tool Java 17, Extract Textures

      By LeoBiagiolli · Posted

      Wooowww!! Thank you so much bruv!! Really useful!! Thank you for smart solution, work and sharing!!
    • Out of Time
      Geodata for Gracia Final project.

      By Out of Time · Posted

      Generate your own. There are tools. 
    • ZOUMHS
      [C4][L2OFF]Lineage II Eternal Sin

      By ZOUMHS · Posted

      Server Athena x45 C4 is running online since 11 January 2026 without wipe.
    • L2-LORENA
      L2Spirit x3 Interlude 🔥🔥🔥 OFFICIAL GRAND OPENING – 12 JUN

      By L2-LORENA · Posted

      L2SPIRIT OF LORENA x3 INTERLUDE Discord: Discord SPIRIT OF LORENA < WEBSITE: L2 Spirit of Lorena x3 Interlude WEBSITE: L2-LORENA Network x30 x1200 x5000 PvP GRAND OPENING – 12 JUNE 2026 19:00 UTC+2 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ LONG TERM PROJECT NO WIPE CLASSIC INTERLUDE OLD SCHOOL COMMUNITY REAL PROGRESSION ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ WHY L2SPIRIT OF LORENA? Are you tired of servers that die after a few weeks? L2Spirit of LORENA was created for players who miss the true Interlude feeling: Clan Wars Castle Sieges Epic Bosses Party Farming Real Economy Long Term Progression No shortcuts. No instant endgame. No seasonal wipes. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ SERVER INFORMATION 🛡 Chronicle: Interlude Type: Classic Low Rate Server: Long Term International Community ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ RATES EXP/SP x3 Adena x3 Drop x3 Spoil x3 Raid Boss x3 Seal Stones x3 Quest x3 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ DYNAMIC EXP SYSTEM 1-20 = x3.0 20-40 = x2.7 40-52 = x2.4 52-61 = x2.1 61-70 = x1.8 70-76 = x1.5 76-77 = x1.2 77-78 = x1.1 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FEATURES Auto Learn Skills Auto Farm Available 2 Windows Maximum Retail Olympiad Epic Bosses Daily Events Stable Dedicated Server Active Administration ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ WHAT MAKES US DIFFERENT? No Wipe Policy Stable Economy Competitive Olympiad Clan Focused Gameplay Retail Feeling Friendly Community ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ THE JOURNEY MATTERS Every level. Every raid. Every item. Every victory. This is the Interlude experience you remember. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ SERVER STATUS TOP L2JBRASIL:Top L2JBrasil de Servidores de Lineage2 - ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ OPENING DAY 12 June 2026 19:00 UTC+2 Prepare your clan. Prepare for war. The adventure begins. SEE YOU IN SPIRIT OF LORENA!
    • api
      PlayerPort: Lineage2 Web Engine

      By api · Posted

      PlayerPort: The Ultimate In-Game Web Engine for Lineage 2 Hello. For those who don't know me, I specialize in Lineage 2 interface and client/server development. PlayerPort is my ongoing project - an attempt to build a truly universal, modular, multi-server in-game web engine. The goal is to stop "pushing" players out of the game to forums, websites, or external messengers. Instead, I want to keep them engaged by providing a seamless, high-quality experience directly within the game client. What is PlayerPort? It is a client-side module that acts as a hybrid UI. It integrates a lightweight web engine directly into the Lineage 2 client, bridging the gap between the native engine (UnrealScript/XML) and a modern web layer (HTML/JS/CSS). The Architecture: JS (Layer 0): Handles structural skeletons, widgets, and basic styling. Flash (Layer 1): Manages graphical wrappers, physics/animations, and transitions. PortNatives (C++ API): A low-level engine for math, logging, Windows interaction, WebSockets, and heavy lifting. This "sandwich" architecture allows for smooth, interactive, and high-performance UI components that don't suffer from the limitations of the legacy webkit. Key Features & Modules PortUI Framework: My own lightweight UI framework based on standard Lineage 2 methodology. No heavy external libraries - just vanilla JS with GPU-accelerated rendering. It allows for complex transitions, particles, parallax, and procedural animations without bloating the system. Advanced Report System: Fully integrated ticket management. Players can submit reports directly from the game, including attachments. It supports simple copy-paste or screenshot capture. PortNatives optimizes images (even 4K/8K) in milliseconds, reducing file size by up to 50x without losing quality, ensuring near-instant loading. Radio Module: A streamlined radio service with a vast selection of stations. Features include a mini-player (PIP), high-quality streams with jitter-fix, and a smart system that pre-checks connection status to avoid timeouts. PortStream (Streaming): Full integration for streaming platforms. You can display custom streamer lists or popular feeds directly in-game. Features include status monitoring, live preview tiles, PiP (Picture-in-Picture) playback, and native volume control (up to 200%). Communication Hub: Inter-server forums and messaging that allow collaborating projects to share news, welcome messages, and support systems without leaving the game. Admin & Analytics: Real-time dashboards tracking server population, player behavior, trade analysis, and anti-RMT/botting tools. The system builds connection chains between characters to assist administrators. Why does this matter? The current ecosystem is fragmented. By centralizing everything - support tickets, social interaction, radio, and streaming - within the client, we improve the "Quality of Life" for players and reduce administrative overhead. Performance: All network activity is handled by an external process, isolating it from the l2.exe core. We utilize "lazy" updates (periodic POSTs) and "active" subscriptions, ensuring minimal impact on game performance. Compatibility: Works on everything from ancient clients (like Grand Crusade p110) to the latest Essence/Live versions. Availability: I am looking for enthusiasts and server projects interested in adopting this. Integrating the system is fast and simple. The core service is free. Future Outlook I am currently focusing on PortCanvas, a proxy layer that will allow developers to replace native UI windows with custom web-based components. This will effectively turn Lineage 2 into a shell for fully custom web applications, accessible to anyone with basic web development skills - no complex compilers or proprietary editors required. If you are interested in implementing this on your project, or if you have questions, feel free to reach out.     Gallery https://imgur.com/a/Dqrl4L9         Contact: https://t.me/TELEGABOY See you in the next update. 🐀

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..