Jump to content

Recommended Posts

Posted

Since i've been making new epilogue server, i made a lot of scripts, so im posting some here :)

 

this one will teleport given character to some location (in radius 30)

 

 

Protections: simple antibot protection (bots usually cant use javascript), protection against sql injection etc

What does it do: simple login to your account, picture of characters of that account (and you choose one char), teleport to given location

 

 

So

 

First, make file called index.php, inside this file insert this

<script type="text/javascript">
function login_teleport(){
user=document.getElementById("user");
password=document.getElementById("password");
if(user.value==""){
alert("Empty username");
}else if(password.value==""){
alert("Empty password");
}else{
document.getElementById("login").submit();
}
}
</script>
<h1>Emergency teleport</h1>
<form id="login" action="login.php" method="POST">
Username : <input type="text" id="user" name="user" /><br />
Password : <input type="password" id="password" name="password" /><br />
<input type="button" value="login" onclick="javascript:login_teleport();" />
</form>

 

 

then create file called login.php, inside it insert

<?php
session_start();

if(!empty($_POST["user"])){
include('config.php');

$query=sprintf("SELECT login,password FROM accounts WHERE login='%s' LIMIT 1",mysql_real_escape_string($_POST["user"]));
$row=mysql_fetch_array(mysql_query($query));

echo $row["login"];
if($row["login"] != null){
$password=$_POST["password"];
$password_crypted=base64_encode(pack("H*",sha1(utf8_encode($password))));

if($row["password"]==$password_crypted){
$_SESSION["user"]=$row["login"];
	print '
	<script type="text/javascript">
	document.location="teleport.php";
	</script>
	';

}
else{
print '
<script type="text/javascript">
alert("Wrong password");
document.location="index.php";
</script>
';

}

}else{

print '
<script type="text/javascript">
alert("Wrong username");
document.location="index.php";
</script>
';

}
}

?>

 

then file teleport.php

<?php
session_start();

if($_SESSION["user"]!=null){

include('config.php');



if(!empty($_POST["char"])){

$loc_x=$loc_x-$radius+rand(0,$radius*2);
$loc_y=$loc_y-$radius+rand(0,$radius*2);
$query=sprintf("UPDATE `characters` SET `x` = '%d',`y` = '%d',`z` = '%d' WHERE `charId` =%d;", $loc_x, $loc_y, $loc_z, mysql_real_escape_string($_POST["char"]));
if(mysql_query($query)){
print "<h2>Successfully teleported</h2>";
}else{
print '<h2>' . mysql_errno() . ':' . mysql_error();
}
print "<br /><hr /><br />";


}
$query=mysql_query("SELECT charId,char_name FROM characters WHERE account_name = '" . $_SESSION["user"] . "'");

print 'This will teleport you to Town of Giran : center';
print '<br /><br />';
print "Please select your character";

print '<form action="teleport.php" method="POST">';
print '<select name="char">';
while($row=mysql_fetch_array($query)){
	print('<option value="' . $row["charId"] . '">' . $row["char_name"] .'</option>');
}
print '</select>';
print '<input type="submit" value="Teleport" />';
print '</form>';
print '<br /><br /><br />';
print '<a href="logout.php">Logout</a>';
}
else{
header("Location: index.php");
}

?>

 

then logout.php

<?php
session_start();
session_destroy();
header("Location: index.php");
?>

 

and finally config.php

<?php
mysql_connect("localhost","root","password") or die(mysql_error());
mysql_select_db("l2jdb") or die(mysql_error());


$loc_x="83369";
$loc_y="148606";
$loc_z="-3404";

$radius="30";

?>

(in place of localhost put your mysql host, root is username, password is password and l2jdb is mysql database)

 

$loc_x,$loc_y,$loc_z are coordinates (in game try /loc, it will show you your current location)

 

Beware: Choose only large area (teleport is random, so like 20 persons wont be on the same position) (radius 30, change it if you want)

 

 

 

 

if you want only php function, there it is

function teleport($loc_x,$loc_y,$loc_z,$radius,$charId){
$loc_x=$loc_x-$radius+rand(0,$radius*2);
	$loc_y=$loc_y-$radius+rand(0,$radius*2);
	$query=sprintf("UPDATE `characters` SET `x` = '%d',`y` = '%d',`z` = '%d' WHERE `charId` =%d;", $loc_x, $loc_y, $loc_z, mysql_real_escape_string($charId));
	if(mysql_query($query)){
print "<h2>Successfully teleported</h2>";
}else{
print '<h2>' . mysql_errno() . ':' . mysql_error();
}
}

 

usage

 

<?php
teleport("location x","location y","location z", "radius", "character ID selected from database");
?>

 

 

 

 

 

and finally : direct download to whole script :) (on private ftp, so this has hide)

This is the hidden content, please

 

 

 

Credits : DarkKnight / DarkKnightCZ

Posted

ExTrEmEDwarf: what hole? if you change input on login, wont work (every protection against it in login.php (mysql_real_escape_string, sprintf) ) , if you change input inside it, the same thing (m_r_e_s, sprintf), but i you know some hole in it, post it, i will repair it :)

  • 1 month later...
Posted

i am sorry if i making a stupid question but this wont allow players to exploit the feature? for example teleporting themselves in giran while giran is in siege which normally shouldn't or teleporting from place to place without using gk and this way dont spend adena? (at low rate servers that matters). can be modified to have restrictions?

  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...